none
Windows Server 블루스크린 덤프 문의 RRS feed

  • 질문

  • 현재 운영 중인 서버에서 블루스크린이 발생하여, 전문가님의 자문을 얻고자 합니다.

    풀덤프를 Windbg를 이용해서, 뽑은 자료입니다만,미천하다보니, 해석을 할수가 없습니다.

    혹 잘 아시는 전문가님의 간략하더라도 자문 부탁 드립니다. 감사합니다.


    ************* Symbol Path validation summary **************
    Response                         Time (ms)     Location
    Deferred                                       SRV*c:\websymbols*http://msdl.microsoft.com/download/symbols
    Symbol search path is: SRV*c:\websymbols*http://msdl.microsoft.com/download/symbols
    Executable search path is:
    Windows 8.1 Kernel Version 9600 MP (48 procs) Free x64
    Product: Server, suite: TerminalServer SingleUserTS
    Built by: 9600.17736.amd64fre.winblue_r9.150322-1500
    Machine Name:
    Kernel base = 0xfffff800`51a08000 PsLoadedModuleList = 0xfffff800`51ce1850
    Debug session time: Sun May 14 13:36:26.205 2017 (UTC + 9:00)
    System Uptime: 219 days 1:17:02.543
    Loading Kernel Symbols
    ...............................................................
    ................................................................
    .....................
    Loading User Symbols

    Loading unloaded module list
    ......
    *******************************************************************************
    *                                                                             *
    *                        Bugcheck Analysis                                    *
    *                                                                             *
    *******************************************************************************

    Use !analyze -v to get detailed debugging information.

    BugCheck A, {0, 2, 0, fffff80051aaeb2d}

    Probably caused by : ntkrnlmp.exe ( nt!KiExecuteAllDpcs+dd )

    Followup:     MachineOwner
    ---------

    36: kd> !analyze -v
    *******************************************************************************
    *                                                                             *
    *                        Bugcheck Analysis                                    *
    *                                                                             *
    *******************************************************************************

    IRQL_NOT_LESS_OR_EQUAL (a)
    An attempt was made to access a pageable (or completely invalid) address at an
    interrupt request level (IRQL) that is too high.  This is usually
    caused by drivers using improper addresses.
    If a kernel debugger is available get the stack backtrace.
    Arguments:
    Arg1: 0000000000000000, memory referenced
    Arg2: 0000000000000002, IRQL
    Arg3: 0000000000000000, bitfield :
     bit 0 : value 0 = read operation, 1 = write operation
     bit 3 : value 0 = not an execute operation, 1 = execute operation (only on chips which support this level of status)
    Arg4: fffff80051aaeb2d, address which referenced memory

    Debugging Details:
    ------------------


    DUMP_CLASS: 1

    DUMP_QUALIFIER: 401

    BUILD_VERSION_STRING:  9600.17736.amd64fre.winblue_r9.150322-1500

    SYSTEM_MANUFACTURER:  HP

    SYSTEM_PRODUCT_NAME:  ProLiant DL580 G7

    SYSTEM_SKU:  643086-B21     

    BIOS_VENDOR:  HP

    BIOS_VERSION:  P65

    BIOS_DATE:  10/01/2013

    DUMP_TYPE:  1

    BUGCHECK_P1: 0

    BUGCHECK_P2: 2

    BUGCHECK_P3: 0

    BUGCHECK_P4: fffff80051aaeb2d

    READ_ADDRESS:  0000000000000000

    CURRENT_IRQL:  2

    FAULTING_IP:
    nt!KiExecuteAllDpcs+dd
    fffff800`51aaeb2d 488b07          mov     rax,qword ptr [rdi]

    CPU_COUNT: 30

    CPU_MHZ: 749

    CPU_VENDOR:  GenuineIntel

    CPU_FAMILY: 6

    CPU_MODEL: 2f

    CPU_STEPPING: 2

    CPU_MICROCODE: 6,2f,2,0 (F,M,S,R)  SIG: 37'00000000 (cache) 37'00000000 (init)

    DEFAULT_BUCKET_ID:  WIN8_DRIVER_FAULT

    BUGCHECK_STR:  AV

    PROCESS_NAME:  System

    ANALYSIS_SESSION_HOST:  KON_FIRST

    ANALYSIS_SESSION_TIME:  05-16-2017 14:35:42.0632

    ANALYSIS_VERSION: 10.0.15063.137 x86fre

    TRAP_FRAME:  ffffd001e2ff9840 -- (.trap 0xffffd001e2ff9840)
    NOTE: The trap frame does not contain all registers.
    Some register values may be zeroed or incorrect.
    rax=0000000000000002 rbx=0000000000000000 rcx=ffffd001e2fd0f10
    rdx=ffffd001e2fdb5c0 rsi=0000000000000000 rdi=0000000000000000
    rip=fffff80051aaeb2d rsp=ffffd001e2ff99d0 rbp=ffffd001e2ff9ad0
     r8=00000000ffffffed  r9=000000000000002f r10=fffff800521a25b0
    r11=ffffd001e2ff9c50 r12=0000000000000000 r13=0000000000000000
    r14=0000000000000000 r15=0000000000000000
    iopl=0         nv up di pl nz na pe nc
    nt!KiExecuteAllDpcs+0xdd:
    fffff800`51aaeb2d 488b07          mov     rax,qword ptr [rdi] ds:00000000`00000000=????????????????
    Resetting default scope

    LAST_CONTROL_TRANSFER:  from fffff80051b647e9 to fffff80051b58ca0

    STACK_TEXT: 
    ffffd001`e2ff96f8 fffff800`51b647e9 : 00000000`0000000a 00000000`00000000 00000000`00000002 00000000`00000000 : nt!KeBugCheckEx
    ffffd001`e2ff9700 fffff800`51b6303a : 00000000`00000000 ffffd001`e2fd0f00 00000001`00000000 ffffe001`8f8fd000 : nt!KiBugCheckDispatch+0x69
    ffffd001`e2ff9840 fffff800`51aaeb2d : ffffd001`e2fd0f00 ffffd001`e2ff9c90 ffffd001`e2ff9c90 ffffd001`e2fd3668 : nt!KiPageFault+0x23a
    ffffd001`e2ff99d0 fffff800`51aadeb7 : 00000000`0000001a 00000000`001bc910 ffffe001`9ff101f0 ffffd001`00000002 : nt!KiExecuteAllDpcs+0xdd
    ffffd001`e2ff9b20 fffff800`51b5c7ea : ffffd001`e2fce180 ffffd001`e2fce180 ffffd001`e2fdb5c0 ffffe001`9ff12080 : nt!KiRetireDpcList+0xd7
    ffffd001`e2ff9da0 00000000`00000000 : ffffd001`e2ffa000 ffffd001`e2ff4000 00000000`00000000 00000000`00000000 : nt!KiIdleLoop+0x5a


    STACK_COMMAND:  kb

    THREAD_SHA1_HASH_MOD_FUNC:  08147b47469579b607a5d7d9344a6795c211d870

    THREAD_SHA1_HASH_MOD_FUNC_OFFSET:  d24a5d0011c37630f9bc87f50ba5ce107529964d

    THREAD_SHA1_HASH_MOD:  ee8fcf1fb60cb6e3e2f60ddbed2ec02b5748a693

    FOLLOWUP_IP:
    nt!KiExecuteAllDpcs+dd
    fffff800`51aaeb2d 488b07          mov     rax,qword ptr [rdi]

    FAULT_INSTR_CODE:  48078b48

    SYMBOL_STACK_INDEX:  3

    SYMBOL_NAME:  nt!KiExecuteAllDpcs+dd

    FOLLOWUP_NAME:  MachineOwner

    MODULE_NAME: nt

    IMAGE_NAME:  ntkrnlmp.exe

    DEBUG_FLR_IMAGE_TIMESTAMP:  550f41a6

    BUCKET_ID_FUNC_OFFSET:  dd

    FAILURE_BUCKET_ID:  AV_nt!KiExecuteAllDpcs

    BUCKET_ID:  AV_nt!KiExecuteAllDpcs

    PRIMARY_PROBLEM_CLASS:  AV_nt!KiExecuteAllDpcs

    TARGET_TIME:  2017-05-14T04:36:26.000Z

    OSBUILD:  9600

    OSSERVICEPACK:  0

    SERVICEPACK_NUMBER: 0

    OS_REVISION: 0

    SUITE_MASK:  272

    PRODUCT_TYPE:  3

    OSPLATFORM_TYPE:  x64

    OSNAME:  Windows 8.1

    OSEDITION:  Windows 8.1 Server TerminalServer SingleUserTS

    OS_LOCALE: 

    USER_LCID:  0

    OSBUILD_TIMESTAMP:  2015-03-23 07:26:46

    BUILDDATESTAMP_STR:  150322-1500

    BUILDLAB_STR:  winblue_r9

    BUILDOSVER_STR:  6.3.9600.17736.amd64fre.winblue_r9.150322-1500

    ANALYSIS_SESSION_ELAPSED_TIME:  ceb

    ANALYSIS_SOURCE:  KM

    FAILURE_ID_HASH_STRING:  km:av_nt!kiexecutealldpcs

    FAILURE_ID_HASH:  {b88a28a0-fcde-99e9-6174-619833d00ab9}

    Followup:     MachineOwner


    kon.jun

    2017년 5월 16일 화요일 오전 5:38