Ciao ragazzi,
chiedo aiuto per aiutarmi a risolvere questo giallo che accade sul pc della mia ragazza. Ecco i fatti.

Il portatile e' un Sony Vaio, acquistato un annetto fa, usato sempre bene, sul quale c'e' Windows Vista con SP1 in versione x86.

Tutto e' andato sempre correttamente, ma da qualche tempo (un mese??) a questa parte, ci siamo accorti che quando veniva installato un qualsiasi windows update, zack, un bel BSOD come questo, senza alcun motivo:

http://www.techerator.com/wp-content/uploads/hp-bsod-595x377.jpg

Il bello (?!) della faccenda, e' che facendo un po' di analisi del problema, mi sono accorto che le windows update non c'entrano nulla... ma il BSOD si verifica ogni qualvolta si tenti di creare un nuovo punto di ripristino (che avviene appunto quando si installa una wu in automatico) oppure un nuovo sofwtare, oppure anche banalmente acceda io alle imposazioni del system recovery.. quella schermata nella quale si modificano le unita' logiche sul quale attivarlo, che spazio riservarle, ecc...

da notare inoltre che:

- Il pc non ha virus
- Il pc funziona bene (l'ho messo sotto stress con i vari tool e non c'e' niente di marcio nell'hardware)
- il BSOD accade ANCHE in modalita' PROVVISORIA !!

Qualche consiglio?? :)

Segui le indicazioni di QUESTO (http://www.hwupgrade.it/forum/showthread.php?t=1955371) thread e posta qui il risultato del debug, potresti riuscire ad individuare più nello specifico la causa dei bsod ;)

è proprio quello che temevo e che volevo evitare...
ho gia' usato il debugging tool per lavoro per un problema di memory leack di un ws .net e so cosa vuole dire ;)
Mi sto scaricando i symbols per Vista che non li ho, vediamo cosa salta fuori..

La mia idea, che ci sia qualcosa di corrotto in system volume information non me la toglie nessuno, e che arando quel folder risolva i problemi..

in ogni caso, ho provato anche il sito
http://support.microsoft.com/gp/errormessage
ma non mi trova nessuna corrispondenza... :muro:

Ok, fortunatamente avevo al lavoro un mini dump del BSOD e cosi' ho installato i symbols per Vista ed ho fatto l'analisi.

A parte che ho provato varie versioni dei simboli, ma c'e' qualche pdb che ancora manca, anyway, ecco il risultato migliore...


1: kd> !analyze -v
Unable to load image CLFS.SYS, Win32 error 0n2
*** WARNING: Unable to verify timestamp for CLFS.SYS
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************

Unknown bugcheck code (c1f5)
Unknown bugcheck description
Arguments:
Arg1: 00000009
Arg2: 00000001
Arg3: 93555000
Arg4: 00000000

Debugging Details:
------------------

Unable to load image Ntfs.sys, Win32 error 0n2
*** WARNING: Unable to verify timestamp for Ntfs.sys
***** Kernel symbols are WRONG. Please fix symbols to do analysis.

*************************************************************************
*** ***
*** ***
*** Your debugger is not using the correct symbols ***
*** ***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!_KPRCB ***
*** ***
*************************************************************************
*************************************************************************
*** ***
*** ***
*** Your debugger is not using the correct symbols ***
*** ***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!KPRCB ***
*** ***
*************************************************************************
*************************************************************************
*** ***
*** ***
*** Your debugger is not using the correct symbols ***
*** ***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!_KPRCB ***
*** ***
*************************************************************************
*************************************************************************
*** ***
*** ***
*** Your debugger is not using the correct symbols ***
*** ***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!KPRCB ***
*** ***
*************************************************************************
*************************************************************************
*** ***
*** ***
*** Your debugger is not using the correct symbols ***
*** ***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!_KPRCB ***
*** ***
*************************************************************************
*************************************************************************
*** ***
*** ***
*** Your debugger is not using the correct symbols ***
*** ***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!_KPRCB ***
*** ***
*************************************************************************
*************************************************************************
*** ***
*** ***
*** Your debugger is not using the correct symbols ***
*** ***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!_KPRCB ***
*** ***
*************************************************************************
*************************************************************************
*** ***
*** ***
*** Your debugger is not using the correct symbols ***
*** ***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!_KPRCB ***
*** ***
*************************************************************************

ADDITIONAL_DEBUG_TEXT:
Use '!findthebuild' command to search for the target build information.
If the build information is available, run '!findthebuild -s ; .reload' to set symbol path and load symbols.

MODULE_NAME: CLFS

FAULTING_MODULE: 8220f000 nt

DEBUG_FLR_IMAGE_TIMESTAMP: 47918a61

CUSTOMER_CRASH_COUNT: 1

DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT

BUGCHECK_STR: 0xC1F5

CURRENT_IRQL: 0

LAST_CONTROL_TRANSFER: from 8068e0bc to 822dc0e3

STACK_TEXT:
WARNING: Stack unwind information not available. Following frames may be wrong.
8ff512e0 8068e0bc 0000c1f5 00000009 00000001 nt+0xcd0e3
8ff512fc 806b80b4 00000001 00000000 00000009 CLFS!CClfsLogFcbPhysical::UpdateOwnerSectors+0x24
8ff5140c 806baa1e 8f4fa488 03000003 00000001 CLFS!CClfsLogFcbPhysical::UpdateCachedOwnerPage+0x51e
8ff51468 80693990 8f4fa488 0f9f15a2 81429438 CLFS!CClfsLogFcbPhysical::RebuildOwnerPage+0x136
8ff51524 806ab928 00000000 865a30a4 0013019f CLFS!CClfsLogFcbPhysical::Initialize+0x764
8ff515d8 806aefaa 0f9f1692 85755bf8 814293c8 CLFS!CClfsRequest::Create+0x3c2
8ff51614 806bda7f 814293c8 85755bf8 0f9f16d2 CLFS!CClfsRequest::Dispatch+0xe2
8ff51654 806a34ea 85755bf8 814293c8 0f9f1616 CLFS!ClfsDispatchIoRequest+0x13b
8ff51690 822cafd3 85755bf8 814293c8 866bfb9c CLFS!CClfsDriver::LogIoDispatch+0x3c
8ff516a8 8242fce1 7aeb133d 865a312c 85755be0 nt+0xbbfd3
8ff51778 824553cf 85755bf8 00000000 865a3088 nt+0x220ce1
8ff51808 8242d0c6 00000000 8ff51860 00000242 nt+0x2463cf
8ff5186c 8242ebc3 8ff51a04 00000000 86c44a00 nt+0x21e0c6
8ff518e0 8243551d 8ff51a64 c0010000 8ff51a04 nt+0x21fbc3
8ff5193c 823edf9d 8ff51a64 c0010000 8ff51a04 nt+0x22651d
8ff51998 806be310 8ff51a64 c0010000 8ff51a04 nt+0x1def9d
8ff51aa4 8865f9bf 92bdd168 a7307550 c0000000 CLFS!ClfsCreateLogFile+0x824
8ff51c14 8865c81c 84872328 aafc0c18 ca1ee008 Ntfs!TxfStartRm+0x60e
8ff51ca8 8869c97c 864ec498 863c9b30 84872328 Ntfs!TxfInitializeVolume+0x688
8ff51cc4 8860f03e 84872328 00000000 07912669 Ntfs!NtfsCommonFileSystemControl+0x99
8ff51d44 82247445 00000000 00000000 86c44a28 Ntfs!NtfsFspDispatch+0x264
8ff51d7c 823e4b18 84872328 7aeb1985 00000000 nt+0x38445
8ff51dc0 8223da2e 82247348 80000000 00000000 nt+0x1d5b18
00000000 00000000 00000000 00000000 00000000 nt+0x2ea2e


STACK_COMMAND: kb

FOLLOWUP_IP:
CLFS!CClfsLogFcbPhysical::UpdateOwnerSectors+24
8068e0bc ?? ???

SYMBOL_STACK_INDEX: 1

SYMBOL_NAME: CLFS!CClfsLogFcbPhysical::UpdateOwnerSectors+24

FOLLOWUP_NAME: MachineOwner

IMAGE_NAME: CLFS.SYS

BUCKET_ID: WRONG_SYMBOLS

Followup: MachineOwner
---------


Non butta molto bene, sembra un problema di file system (appunto quello che pensavo) peccato manchino ancora dei pdb per aver ulteriori info..
Non riesco ad allegare il mini dump zippato perche' e' di 4kb in piu' la lunghezza concessa.. cmq ecco qui, fammi sapere cose ne pensi..
magari mando in email il dmp, magari hai piu' fortuna a trovare i symbols giusti.. io ne ho provati TRE ma in nessuno dei casi avevo tutti i pdb.
Ciao!

trovato qualcos'altro..

http://support.microsoft.com/?scid=kb%3Ben-us%3B946084&x=11&y=11

dove dice:

To work around this issue, use one of the following methods.

Method 1

If you have multiple disks installed, and the disk on which the $TxfLog file is corrupted does not contain Windows Vista, remove the offending disk from the computer.

Method 2

If you have only one disk installed, and if you have access to Windows XP or Windows 2000 installation media, restart the computer by using the Windows XP or Windows 2000 installation media. Next, format the offending disk, and then reinstall Windows Vista.

Note Microsoft is working on a fix to prevent this problem.

insomma non e' il massimo della vita... bisognerebbe passare all'SP2 IMMEDIATAMENTE nei pc dove l'sp1 funziona ancora...