none
ntkrnlmp.exe触发蓝屏,求助 RRS feed

  • 问题

  • kd> !analyze -v
    *******************************************************************************
    *                                                                             *
    *                        Bugcheck Analysis                                    *
    *                                                                             *
    *******************************************************************************

    IRQL_NOT_LESS_OR_EQUAL (a)
    An attempt was made to access a pageable (or completely invalid) address at an
    interrupt request level (IRQL) that is too high.  This is usually
    caused by drivers using improper addresses.
    If a kernel debugger is available get the stack backtrace.
    Arguments:
    Arg1: 0000000000000001, memory referenced
    Arg2: 0000000000000002, IRQL
    Arg3: 0000000000000000, bitfield :
    bit 0 : value 0 = read operation, 1 = write operation
    bit 3 : value 0 = not an execute operation, 1 = execute operation (only on chips which support this level of status)
    Arg4: fffff800018e6a55, address which referenced memory

    Debugging Details:
    ------------------


    READ_ADDRESS: GetPointerFromAddress: unable to read from fffff80001b09100
    0000000000000001

    CURRENT_IRQL:  2

    FAULTING_IP:
    nt!IopCompleteRequest+ae5
    fffff800`018e6a55 488b09          mov     rcx,qword ptr [rcx]

    CUSTOMER_CRASH_COUNT:  1

    DEFAULT_BUCKET_ID:  DRIVER_FAULT_SERVER_MINIDUMP

    BUGCHECK_STR:  0xA

    PROCESS_NAME:  svchost.exe

    IRP_ADDRESS:  ffffffffffffff89

    TRAP_FRAME:  fffff8800480d390 -- (.trap 0xfffff8800480d390)
    NOTE: The trap frame does not contain all registers.
    Some register values may be zeroed or incorrect.
    rax=fffff8000171f138 rbx=0000000000000000 rcx=0000000000000001
    rdx=0000000000000001 rsi=0000000000000000 rdi=0000000000000000
    rip=fffff800018e6a55 rsp=fffff8800480d520 rbp=fffff8800480d670
    r8=fffffa80034dc560  r9=0000000000000080 r10=0000000000000002
    r11=fffffa800331da20 r12=0000000000000000 r13=0000000000000000
    r14=0000000000000000 r15=0000000000000000
    iopl=0         nv up ei pl nz ac po cy
    nt!IopCompleteRequest+0xae5:
    fffff800`018e6a55 488b09          mov     rcx,qword ptr [rcx] ds:0060:00000000`00000001=????????????????
    Resetting default scope

    LAST_CONTROL_TRANSFER:  from fffff800018d1169 to fffff800018d1bc0

    STACK_TEXT: 
    fffff880`0480d248 fffff800`018d1169 : 00000000`0000000a 00000000`00000001 00000000`00000002 00000000`00000000 : nt!KeBugCheckEx
    fffff880`0480d250 fffff800`018cfde0 : 00000000`00000000 fffff8a0`00001980 00000000`00000200 fffffa80`029bf550 : nt!KiBugCheckDispatch+0x69
    fffff880`0480d390 fffff800`018e6a55 : 00000000`00000001 fffffa80`0378eb50 fffffa80`20206f49 00000000`00000000 : nt!KiPageFault+0x260
    fffff880`0480d520 fffff800`018c45f7 : 00000000`00000001 00000000`00000011 fffffa80`02138100 00000000`00000000 : nt!IopCompleteRequest+0xae5
    fffff880`0480d5f0 fffff800`018c48a7 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiDeliverApc+0x1c7
    fffff880`0480d670 fffff800`01b9d9bc : 00000000`011ffa14 00000000`00000000 fffff880`0480db60 00000000`00000000 : nt!KiApcInterrupt+0xd7
    fffff880`0480d800 fffff800`01ba2823 : fffff880`00000000 fffff880`0480da20 fffffa80`00000002 00000000`011ffa60 : nt!CmQueryValueKey+0xcc
    fffff880`0480d8e0 fffff800`018d0e53 : fffffa80`030f6600 00000000`011ff9e8 fffffa80`00000002 00000000`011ffa60 : nt!NtQueryValueKey+0x381
    fffff880`0480da70 00000000`77b7142a : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x13
    00000000`011ff9c8 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x77b7142a


    STACK_COMMAND:  kb

    FOLLOWUP_IP:
    nt!KiPageFault+260
    fffff800`018cfde0 440f20c0        mov     rax,cr8

    SYMBOL_STACK_INDEX:  2

    SYMBOL_NAME:  nt!KiPageFault+260

    FOLLOWUP_NAME:  MachineOwner

    MODULE_NAME: nt

    IMAGE_NAME:  ntkrnlmp.exe

    DEBUG_FLR_IMAGE_TIMESTAMP:  531590fb

    FAILURE_BUCKET_ID:  X64_0xA_nt!KiPageFault+260

    BUCKET_ID:  X64_0xA_nt!KiPageFault+260

    Followup: MachineOwner
    ---------
    2015年3月2日 2:24

全部回复

  • 补充下windi\Logs\CBS\CBS.log文件中的内容

    2015-03-02 09:37:09, Info                  CBS    Starting TrustedInstaller initialization.
    2015-03-02 09:37:09, Info                  CBS    Loaded Servicing Stack v6.1.7601.17592 with Core: C:\Windows\winsxs

    \amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\cbscore.dll
    2015-03-02 09:37:10, Info                  CSI    00000001@2015/3/2:01:37:10.296 WcpInitialize (wcp.dll version 0.0.0.6)

    called (stack @0x7feeef9f0ad @0x7feef3e9849 @0x7feef3b34e3 @0xff4ae97c @0xff4ad799 @0xff4adb2f)
    2015-03-02 09:37:10, Info                  CBS    Could not load SrClient DLL from path: SrClient.dll.  Continuing without

    system restore points.
    2015-03-02 09:37:10, Info                  CSI    00000002@2015/3/2:01:37:10.453 WcpInitialize (wcp.dll version 0.0.0.6)

    called (stack @0x7feeef9f0ad @0x7feef436816 @0x7feef402aac @0x7feef3b35b9 @0xff4ae97c @0xff4ad799)
    2015-03-02 09:37:10, Info                  CSI    00000003@2015/3/2:01:37:10.515 WcpInitialize (wcp.dll version 0.0.0.6)

    called (stack @0x7feeef9f0ad @0x7feef4d8738 @0x7feef4d8866 @0xff4ae474 @0xff4ad7de @0xff4adb2f)
    2015-03-02 09:37:10, Info                  CBS    Ending TrustedInstaller initialization.
    2015-03-02 09:37:10, Info                  CBS    Starting the TrustedInstaller main loop.
    2015-03-02 09:37:10, Info                  CBS    TrustedInstaller service starts successfully.
    2015-03-02 09:37:10, Info                  CBS    SQM: Initializing online with Windows opt-in: False
    2015-03-02 09:37:10, Info                  CBS    SQM: Cleaning up report files older than 10 days.
    2015-03-02 09:37:10, Info                  CBS    SQM: Requesting upload of all unsent reports.
    2015-03-02 09:37:10, Info                  CBS    SQM: Failed to start upload with file pattern: C:\Windows\servicing\sqm

    \*_std.sqm, flags: 0x2 [HRESULT = 0x80004005 - E_FAIL]

    2015年3月2日 2:45