0

Hi
been using the following code to close an external program.

ShellExecute(0, L"open", L"taskkill.exe",L" /f /im program.exe", 0, SW_HIDE);

However once in a while I get the dreaded windows blue screen, not sure what to make of the mini logs it produces. One suggestion on microsoft's site is that it could be a virus, I can rule that one out to start with.

I suppose my question/s is how do we interpret these logs, is this problem a result of the above or is this simply a windows configuration problem?.

Many thanks.

Microsoft (R) Windows Debugger Version 6.11.0001.404 X86
Copyright (c) Microsoft Corporation. All rights reserved.


Loading Dump File [C:\Windows\Minidump\Mini033111-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available

Symbol search path is: C:\Windows\symbols
Executable search path is: 
Unable to load image \SystemRoot\system32\ntkrnlpa.exe, Win32 error 0n2
*** WARNING: Unable to verify timestamp for ntkrnlpa.exe
*** ERROR: Module load completed but symbols could not be loaded for ntkrnlpa.exe
Windows Server 2008/Windows Vista Kernel Version 6002 (Service Pack 2) MP (3 procs) Free x86 compatible
Product: WinNt, suite: TerminalServer SingleUserTS Personal
Machine Name:
Kernel base = 0x8303e000 PsLoadedModuleList = 0x83155c70
Debug session time: Thu Mar 31 14:24:47.527 2011 (GMT+1)
System Uptime: 0 days 7:52:50.477
Unable to load image \SystemRoot\system32\ntkrnlpa.exe, Win32 error 0n2
*** WARNING: Unable to verify timestamp for ntkrnlpa.exe
*** ERROR: Module load completed but symbols could not be loaded for ntkrnlpa.exe
Loading Kernel Symbols
...............................................................
................................................................
................................
Loading User Symbols
Loading unloaded module list
...
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck 1000008E, {c0000005, 832564cb, debc4c0c, 0}

***** Kernel symbols are WRONG. Please fix symbols to do analysis.

*************************************************************************
***                                                                   ***
***                                                                   ***
***    Your debugger is not using the correct symbols                 ***
***                                                                   ***
***    In order for this command to work properly, your symbol path   ***
***    must point to .pdb files that have full type information.      ***
***                                                                   ***
***    Certain .pdb files (such as the public OS symbols) do not      ***
***    contain the required information.  Contact the group that      ***
***    provided you with these symbols if you need this command to    ***
***    work.                                                          ***
***                                                                   ***
***    Type referenced: nt!_KPRCB                                     ***
***                                                                   ***
*************************************************************************
*************************************************************************
***                                                                   ***
***                                                                   ***
***    Your debugger is not using the correct symbols                 ***
***                                                                   ***
***    In order for this command to work properly, your symbol path   ***
***    must point to .pdb files that have full type information.      ***
***                                                                   ***
***    Certain .pdb files (such as the public OS symbols) do not      ***
***    contain the required information.  Contact the group that      ***
***    provided you with these symbols if you need this command to    ***
***    work.                                                          ***
***                                                                   ***
***    Type referenced: nt!_KPRCB                                     ***
***                                                                   ***
*************************************************************************
*************************************************************************
***                                                                   ***
***                                                                   ***
***    Your debugger is not using the correct symbols                 ***
***                                                                   ***
***    In order for this command to work properly, your symbol path   ***
***    must point to .pdb files that have full type information.      ***
***                                                                   ***
***    Certain .pdb files (such as the public OS symbols) do not      ***
***    contain the required information.  Contact the group that      ***
***    provided you with these symbols if you need this command to    ***
***    work.                                                          ***
***                                                                   ***
***    Type referenced: nt!_KPRCB                                     ***
***                                                                   ***
*************************************************************************
Probably caused by : ntkrnlpa.exe ( nt+2184cb )

Followup: MachineOwner
---------

0: kd> !analyze -v
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

KERNEL_MODE_EXCEPTION_NOT_HANDLED_M (1000008e)
This is a very common bugcheck.  Usually the exception address pinpoints
the driver/function that caused the problem.  Always note this address
as well as the link date of the driver/image that contains this address.
Some common problems are exception code 0x80000003.  This means a hard
coded breakpoint or assertion was hit, but this system was booted
/NODEBUG.  This is not supposed to happen as developers should never have
hardcoded breakpoints in retail code, but ...
If this happens, make sure a debugger gets connected, and the
system is booted /DEBUG.  This will let us see why this breakpoint is
happening.
Arguments:
Arg1: c0000005, The exception code that was not handled
Arg2: 832564cb, The address that the exception occurred at
Arg3: debc4c0c, Trap Frame
Arg4: 00000000

Debugging Details:
------------------

***** Kernel symbols are WRONG. Please fix symbols to do analysis.

*************************************************************************
***                                                                   ***
***                                                                   ***
***    Your debugger is not using the correct symbols                 ***
***                                                                   ***
***    In order for this command to work properly, your symbol path   ***
***    must point to .pdb files that have full type information.      ***
***                                                                   ***
***    Certain .pdb files (such as the public OS symbols) do not      ***
***    contain the required information.  Contact the group that      ***
***    provided you with these symbols if you need this command to    ***
***    work.                                                          ***
***                                                                   ***
***    Type referenced: nt!_KPRCB                                     ***
***                                                                   ***
*************************************************************************
*************************************************************************
***                                                                   ***
***                                                                   ***
***    Your debugger is not using the correct symbols                 ***
***                                                                   ***
***    In order for this command to work properly, your symbol path   ***
***    must point to .pdb files that have full type information.      ***
***                                                                   ***
***    Certain .pdb files (such as the public OS symbols) do not      ***
***    contain the required information.  Contact the group that      ***
***    provided you with these symbols if you need this command to    ***
***    work.                                                          ***
***                                                                   ***
***    Type referenced: nt!_KPRCB                                     ***
***                                                                   ***
*************************************************************************
*************************************************************************
***                                                                   ***
***                                                                   ***
***    Your debugger is not using the correct symbols                 ***
***                                                                   ***
***    In order for this command to work properly, your symbol path   ***
***    must point to .pdb files that have full type information.      ***
***                                                                   ***
***    Certain .pdb files (such as the public OS symbols) do not      ***
***    contain the required information.  Contact the group that      ***
***    provided you with these symbols if you need this command to    ***
***    work.                                                          ***
***                                                                   ***
***    Type referenced: nt!_KPRCB                                     ***
***                                                                   ***
*************************************************************************

ADDITIONAL_DEBUG_TEXT:  
Use '!findthebuild' command to search for the target build information.
If the build information is available, run '!findthebuild -s ; .reload' to set symbol path and load symbols.

MODULE_NAME: nt

FAULTING_MODULE: 8303e000 nt

DEBUG_FLR_IMAGE_TIMESTAMP:  4cb710d6

EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x%08lx referenced memory at 0x%08lx. The memory could not be %s.

FAULTING_IP: 
nt+2184cb
832564cb f00fb116        lock cmpxchg dword ptr [esi],edx

TRAP_FRAME:  debc4c0c -- (.trap 0xffffffffdebc4c0c)
ErrCode = 00000002
eax=00000000 ebx=00000000 ecx=00000250 edx=00000001 esi=00000250 edi=88bab288
eip=832564cb esp=debc4c80 ebp=00000076 iopl=0         nv up ei pl zr na pe nc
cs=0008  ss=0010  ds=0023  es=0023  fs=0030  gs=0000             efl=00010246
nt+0x2184cb:
832564cb f00fb116        lock cmpxchg dword ptr [esi],edx ds:0023:00000250=????????
Resetting default scope

CUSTOMER_CRASH_COUNT:  1

DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT

BUGCHECK_STR:  0x8E

CURRENT_IRQL:  0

LAST_CONTROL_TRANSFER:  from a6c55af2 to 832564cb

STACK_TEXT:  
WARNING: Stack unwind information not available. Following frames may be wrong.
debc4c7c a6c55af2 88bab288 00000001 8300f0b0 nt+0x2184cb
debc4c80 88bab288 00000001 8300f0b0 00000007 0xa6c55af2
debc4c84 00000000 8300f0b0 00000007 78457350 0x88bab288


STACK_COMMAND:  kb

FOLLOWUP_IP: 
nt+2184cb
832564cb f00fb116        lock cmpxchg dword ptr [esi],edx

SYMBOL_STACK_INDEX:  0

SYMBOL_NAME:  nt+2184cb

FOLLOWUP_NAME:  MachineOwner

IMAGE_NAME:  ntkrnlpa.exe

BUCKET_ID:  WRONG_SYMBOLS

Followup: MachineOwner
---------
4
Contributors
6
Replies
7
Views
5 Years
Discussion Span
Last Post by ziggystarman
Featured Replies
  • When you pull the rug out from under an executing program there is no guarentee that the operating system can kill the process cleanly. Using that taskkill.exe should be a last resort. Read More

-4

Why not system("taskkill") or whatever? You're a fucking horrible programmer.

3

From a recent post by Voidz

Hi DW, I'm extremely new to DaniWeb. I have been coding in C++ for about one month.

Thank you expert for your advice.

Votes + Comments
Agreed
0

Use the code he told u in the first post. Though i dont see why anyone should call you horrible.

System("taskkill /f /im program.exe");

What I wanna know is why are you trying to hide it??

0

What I wanna know is why are you trying to hide it??

I was just testing various ways of killing off programs, that one just happened to be the one I was using at the time the blue screen appeared & no particular reason other than that.

system ("taskkill /f /im program.exe");
Process::Start("taskkill.exe"," /f /im program.exe");
ShellExecute(0, L"open", L"taskkill.exe",L" /f /im program.exe", 0, SW_HIDE);

Is this relevant to the blue screen problem?

1

When you pull the rug out from under an executing program there is no guarentee that the operating system can kill the process cleanly. Using that taskkill.exe should be a last resort.

0

Using that taskkill.exe should be a last resort.

Thanks for pointing that out, I'll look at using a different method to kill off running executing programs, maybe that goes some way to explaining the Blue Screen problem.

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.