none
新年快乐!win10蓝屏代码,全部都有,请求大神分析,并非伸手党,翻译了也百度了,各种说的不一样,只好求官方大神了,麻烦您了 RRS feed

 > 

  • 问题

  • Question
    登录进行投票
    0
    登录进行投票

    Microsoft (R) Windows Debugger Version 10.0.17763.132 AMD64
    Copyright (c) Microsoft Corporation. All rights reserved.


    Loading Dump File [C:\Windows\Minidump\123018-6234-01.dmp]
    Mini Kernel Dump File: Only registers and stack trace are available

    Symbol search path is: srv*
    Executable search path is: 
    Windows 10 Kernel Version 17134 MP (8 procs) Free x64
    Product: WinNt, suite: TerminalServer SingleUserTS
    Machine Name:
    Kernel base = 0xfffff802`03a1e000 PsLoadedModuleList = 0xfffff802`03dcc150
    Debug session time: Sun Dec 30 10:03:21.757 2018 (UTC + 8:00)
    System Uptime: 1 days 0:00:39.051
    Loading Kernel Symbols
    .

    Press ctrl-c (cdb, kd, ntsd) or ctrl-break (windbg) to abort symbol loads that take too long.
    Run !sym noisy before .reload to track down problems loading symbols.

    ..............................................................
    ................................................................
    ................................................................
    ....
    Loading User Symbols
    Loading unloaded module list
    ...................................
    *******************************************************************************
    *                                                                             *
    *                        Bugcheck Analysis                                    *
    *                                                                             *
    *******************************************************************************

    Use !analyze -v to get detailed debugging information.

    BugCheck D1, {ffffc58262e4b134, f, 8, ffffc58262e4b134}

    Probably caused by : ntkrnlmp.exe ( nt!KiPageFault+425 )

    Followup:     MachineOwner
    ---------

    7: kd> !analyze -v
    *******************************************************************************
    *                                                                             *
    *                        Bugcheck Analysis                                    *
    *                                                                             *
    *******************************************************************************

    DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1)
    An attempt was made to access a pageable (or completely invalid) address at an
    interrupt request level (IRQL) that is too high.  This is usually
    caused by drivers using improper addresses.
    If kernel debugger is available get stack backtrace.
    Arguments:
    Arg1: ffffc58262e4b134, memory referenced
    Arg2: 000000000000000f, IRQL
    Arg3: 0000000000000008, value 0 = read operation, 1 = write operation
    Arg4: ffffc58262e4b134, address which referenced memory

    Debugging Details:
    ------------------


    KEY_VALUES_STRING: 1


    STACKHASH_ANALYSIS: 1

    TIMELINE_ANALYSIS: 1


    DUMP_CLASS: 1

    DUMP_QUALIFIER: 400

    BUILD_VERSION_STRING:  10.0.17134.472 (WinBuild.160101.0800)

    DUMP_FILE_ATTRIBUTES: 0x8
      Kernel Generated Triage Dump

    DUMP_TYPE:  2

    BUGCHECK_P1: ffffc58262e4b134

    BUGCHECK_P2: f

    BUGCHECK_P3: 8

    BUGCHECK_P4: ffffc58262e4b134

    READ_ADDRESS: fffff80203e6b388: Unable to get MiVisibleState
    Unable to get NonPagedPoolStart
    Unable to get NonPagedPoolEnd
    Unable to get PagedPoolStart
    Unable to get PagedPoolEnd
     ffffc58262e4b134 

    CURRENT_IRQL:  f

    FAULTING_IP: 
    +0
    ffffc582`62e4b134 ??              ???

    CPU_COUNT: 8

    CPU_MHZ: fa8

    CPU_VENDOR:  GenuineIntel

    CPU_FAMILY: 6

    CPU_MODEL: 5e

    CPU_STEPPING: 3

    CUSTOMER_CRASH_COUNT:  1

    DEFAULT_BUCKET_ID:  WIN8_DRIVER_FAULT

    BUGCHECK_STR:  AV

    PROCESS_NAME:  taskhostw.exe

    ANALYSIS_SESSION_HOST:  PC-20170318NJMY

    ANALYSIS_SESSION_TIME:  12-30-2018 19:36:49.0889

    ANALYSIS_VERSION: 10.0.17763.132 amd64fre

    TRAP_FRAME:  ffff98001c055d90 -- (.trap 0xffff98001c055d90)
    NOTE: The trap frame does not contain all registers.
    Some register values may be zeroed or incorrect.
    rax=ffffc58262e4b134 rbx=0000000000000000 rcx=ffffc08b52616db0
    rdx=00000000000000fe rsi=0000000000000000 rdi=0000000000000000
    rip=ffffc58262e4b134 rsp=ffff98001c055f28 rbp=ffffc08b52616e30
     r8=0000000000000340  r9=0000000000000000 r10=00000000000000fe
    r11=ffff98001c055e98 r12=0000000000000000 r13=0000000000000000
    r14=0000000000000000 r15=0000000000000000
    iopl=0         nv up ei ng nz na pe nc
    ffffc582`62e4b134 ??              ???
    Resetting default scope

    EXCEPTION_RECORD:  ffffc58255f085c0 -- (.exr 0xffffc58255f085c0)
    Cannot read Exception record @ ffffc58255f085c0

    LAST_CONTROL_TRANSFER:  from fffff80203bd8c69 to fffff80203bc80a0

    FAILED_INSTRUCTION_ADDRESS: 
    +0
    ffffc582`62e4b134 ??              ???

    STACK_TEXT:  
    ffff9800`1c055c48 fffff802`03bd8c69 : 00000000`0000000a ffffc582`62e4b134 00000000`0000000f 00000000`00000008 : nt!KeBugCheckEx
    ffff9800`1c055c50 fffff802`03bd58e5 : ffff52ef`5787254d fffff802`03bcea25 00000000`00000000 ffffae0f`f6ebd440 : nt!KiBugCheckDispatch+0x69
    ffff9800`1c055d90 ffffc582`62e4b134 : fffff802`043a0251 00000000`00200282 fffff802`0437451b 0000b157`32524cc8 : nt!KiPageFault+0x425
    ffff9800`1c055f28 fffff802`043a0251 : 00000000`00200282 fffff802`0437451b 0000b157`32524cc8 00000000`0009fda0 : 0xffffc582`62e4b134
    ffff9800`1c055f30 fffff802`03b25a65 : ffffae0f`f6efbb00 00000000`00000000 00000000`76e94620 00000000`0009ef10 : hal!HalpPerfInterrupt+0x101
    ffff9800`1c055f70 fffff802`03bc995a : ffffc08b`52616e30 ffffae0f`f6efbb00 00000000`00000002 00000000`0000000c : nt!KiCallInterruptServiceRoutine+0xa5
    ffff9800`1c055fb0 fffff802`03bc9e47 : 00000000`000000ff 00000000`00000000 00000000`00000001 00000000`00000001 : nt!KiInterruptSubDispatchNoLockNoEtw+0xea
    ffffc08b`52616db0 fffff802`03b8a242 : ffffc582`55f085c0 00000000`00000000 00000000`00000007 00000000`00000000 : nt!KiInterruptDispatchNoLockNoEtw+0x37
    ffffc08b`52616f40 fffff802`03c638b6 : ffffc582`00000000 00000000`000000e4 00000000`0000048e ffffc08b`52617039 : nt!KeIpiGenericCall+0xd2
    ffffc08b`52616f90 fffff802`040d2396 : 00000000`00000000 00000000`00000000 ffffc08b`526171c0 ffffc08b`526171c0 : nt!KeStartProfile+0xca
    ffffc08b`526170a0 fffff802`03fcc141 : ffffae0f`f6eaf000 00000000`00000016 00000000`00000016 00000000`00000008 : nt!EtwpEnableKernelTrace+0x1061da
    ffffc08b`52617170 fffff802`0403ee54 : ffffc08b`526173d0 ffffc08b`526173d0 00000000`00000016 ffffae0f`f6eb00c0 : nt!EtwpUpdateGlobalGroupMasks+0x179
    ffffc08b`52617230 fffff802`041c8dde : 00000000`00000001 ffffc08b`52617a80 00000000`00000000 00000060`9fb7ece0 : nt!EtwpUpdateGroupMasks+0x18c
    ffffc08b`526172f0 fffff802`040b7c2f : ffffc08b`52617611 fffff802`03a77cf9 00000000`00000000 00000000`0000001f : nt!EtwSetPerformanceTraceInformation+0x2be
    ffffc08b`52617530 fffff802`03bd8743 : ffffae00`00000000 00000060`9fb7ee90 00000060`9fb7ee70 00000000`0000003c : nt!NtSetSystemInformation+0x15d1ff
    ffffc08b`52617a00 00007fff`3f6eddd4 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x13
    00000060`9fb7ec78 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x00007fff`3f6eddd4


    THREAD_SHA1_HASH_MOD_FUNC:  ce5bae6ed5ce9cf45a3c9b1969aff2f9e9e92bff

    THREAD_SHA1_HASH_MOD_FUNC_OFFSET:  daec98bea44d58c0a5a0e30a869ec431cb11d6ca

    THREAD_SHA1_HASH_MOD:  be75892da17442b2be9346e75d37d14eec239da0

    FOLLOWUP_IP: 
    nt!KiPageFault+425
    fffff802`03bd58e5 33c0            xor     eax,eax

    FAULT_INSTR_CODE:  ffb0c033

    SYMBOL_STACK_INDEX:  2

    SYMBOL_NAME:  nt!KiPageFault+425

    FOLLOWUP_NAME:  MachineOwner

    MODULE_NAME: nt

    IMAGE_NAME:  ntkrnlmp.exe

    DEBUG_FLR_IMAGE_TIMESTAMP:  5c135351

    IMAGE_VERSION:  10.0.17134.472

    STACK_COMMAND:  .thread ; .cxr ; kb

    BUCKET_ID_FUNC_OFFSET:  425

    FAILURE_BUCKET_ID:  AV_CODE_AV_BAD_IP_nt!KiPageFault

    BUCKET_ID:  AV_CODE_AV_BAD_IP_nt!KiPageFault

    PRIMARY_PROBLEM_CLASS:  AV_CODE_AV_BAD_IP_nt!KiPageFault

    TARGET_TIME:  2018-12-30T02:03:21.000Z

    OSBUILD:  17134

    OSSERVICEPACK:  472

    SERVICEPACK_NUMBER: 0

    OS_REVISION: 0

    SUITE_MASK:  272

    PRODUCT_TYPE:  1

    OSPLATFORM_TYPE:  x64

    OSNAME:  Windows 10

    OSEDITION:  Windows 10 WinNt TerminalServer SingleUserTS

    OS_LOCALE:  

    USER_LCID:  0

    OSBUILD_TIMESTAMP:  2018-12-14 14:53:05

    BUILDDATESTAMP_STR:  160101.0800

    BUILDLAB_STR:  WinBuild

    BUILDOSVER_STR:  10.0.17134.472

    ANALYSIS_SESSION_ELAPSED_TIME:  4ac

    ANALYSIS_SOURCE:  KM

    FAILURE_ID_HASH_STRING:  km:av_code_av_bad_ip_nt!kipagefault

    FAILURE_ID_HASH:  {73cd60cc-83fa-6b76-df08-1961c31d7403}

    Followup:     MachineOwner
    ---------
    2018年12月30日 11:41
    |

全部回复

  • Question
    登录进行投票
    0
    登录进行投票

    您好,

    感谢您在我们论坛提问。

    请安装最新补丁排除known issue. 

    我注意到这是个minidump,包含的信息较少,我们可以按照如下配置memory dump 并上传到OneDrive。

    Best regards,

    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    2018年12月31日 10:01
    |
    版主
  • Question
    登录进行投票
    0
    登录进行投票

    根据 0x000000D1 代码大致判断是驱动程序文件问题,引起 Windows 内核进程 NTKrnlmp.EXE 运行失败。但是分析结果没有提及具体引起错误的进程名称。

    是否安装有解码器,在播放视频时容易蓝屏?

    Alexis Zhang

    http://mvp.microsoft.com/zh-cn/mvp/Jie%20Zhang-4000545
    http://blogs.itecn.net/blogs/alexis

    推荐以 NNTP Bridge 桥接新闻组方式访问论坛。

    本帖是回复帖,原帖作者是楼上的 <phy777>;

    | BugCheck D1, {ffffc58262e4b134, f, 8, ffffc58262e4b134}
    | Probably caused by : ntkrnlmp.exe ( nt!KiPageFault+425 )|

    2018年12月31日 14:49
    |