none
你好 我的2008R2 一直蓝屏 请帮我看一下到底什么原因

    问题

  • Kernel base = 0xfffff800`01a5b000 PsLoadedModuleList = 0xfffff800`01c9d730 Debug session time: Fri Jul 29 17:54:32.621 2016 (UTC + 8:00) System Uptime: 0 days 3:42:10.199 Loading Kernel Symbols . Press ctrl-c (cdb, kd, ntsd) or ctrl-break (windbg) to abort symbol loads that take too long. Run !sym noisy before .reload to track down problems loading symbols. .............................................................. ................................................................ .. Loading User Symbols Loading unloaded module list .......... ******************************************************************************* * * * Bugcheck Analysis * * * ******************************************************************************* Use !analyze -v to get detailed debugging information. BugCheck 50, {fffff900c00d7038, 0, fffff9600022b5eb, 0} Could not read faulting driver name Probably caused by : win32k.sys ( win32k!vRestartKillRFONTList+e7 ) Followup: MachineOwner --------- 9: kd> !analyze -v ******************************************************************************* * * * Bugcheck Analysis * * * ******************************************************************************* 蓝屏代码以及可能的原因: ================ PAGE_FAULT_IN_NONPAGED_AREA (50) Invalid system memory was referenced. This cannot be protected by try-except. Typically the address is just plain bad or it is pointing at freed memory. Arguments: Arg1: fffff900c00d7038, memory referenced. Arg2: 0000000000000000, value 0 = read operation, 1 = write operation. Arg3: fffff9600022b5eb, If non-zero, the instruction address which referenced the bad memory address. Arg4: 0000000000000000, (reserved) Debugging Details: ------------------ Could not read faulting driver name DUMP_CLASS: 1 DUMP_QUALIFIER: 400 BUILD_VERSION_STRING: 7601.23418.amd64fre.win7sp1_ldr.160408-2045 SYSTEM_MANUFACTURER: Dell Inc. SYSTEM_PRODUCT_NAME: PowerEdge R730 SYSTEM_SKU: SKU=NotProvided;ModelName=PowerEdge R730 BIOS_VENDOR: Dell Inc. BIOS_VERSION: 2.1.5 BIOS_DATE: 04/11/2016 BASEBOARD_MANUFACTURER: Dell Inc. BASEBOARD_PRODUCT: 0WCJNT BASEBOARD_VERSION: A01 DUMP_TYPE: 2 BUGCHECK_P1: fffff900c00d7038 BUGCHECK_P2: 0 BUGCHECK_P3: fffff9600022b5eb BUGCHECK_P4: 0 READ_ADDRESS: GetPointerFromAddress: unable to read from fffff80001d07100 Unable to get MmSystemRangeStart fffff900c00d7038 FAULTING_IP: win32k!vRestartKillRFONTList+e7 fffff960`0022b5eb 410fba633817 bt dword ptr [r11+38h],17h MM_INTERNAL_CODE: 0 CPU_COUNT: 28 CPU_MHZ: 8fc CPU_VENDOR: GenuineIntel CPU_FAMILY: 6 CPU_MODEL: 3f CPU_STEPPING: 2 CPU_MICROCODE: 6,3f,2,0 (F,M,S,R) SIG: 37'00000000 (cache) 37'00000000 (init) CUSTOMER_CRASH_COUNT: 1 DEFAULT_BUCKET_ID: WIN7_DRIVER_FAULT_SERVER BUGCHECK_STR: 0x50 PROCESS_NAME: csrss.exe CURRENT_IRQL: 0 ANALYSIS_SESSION_HOST: ROGER ANALYSIS_SESSION_TIME: 07-30-2016 09:35:44.0794 ANALYSIS_VERSION: 10.0.10586.567 amd64fre TRAP_FRAME: fffff8801394d700 -- (.trap 0xfffff8801394d700) NOTE: The trap frame does not contain all registers. Some register values may be zeroed or incorrect. rax=fffff900c0096ba0 rbx=0000000000000000 rcx=fffffab023f7a1a0 rdx=0000000000000000 rsi=0000000000000000 rdi=0000000000000000 rip=fffff9600022b5eb rsp=fffff8801394d890 rbp=fffff900c0d34ca0 r8=00000000ffffffff r9=0000000000002800 r10=0000000000000000 r11=fffff900c00d7000 r12=0000000000000000 r13=0000000000000000 r14=0000000000000000 r15=0000000000000000 iopl=0 nv up ei pl nz na pe nc win32k!vRestartKillRFONTList+0xe7: fffff960`0022b5eb 410fba633817 bt dword ptr [r11+38h],17h ds:fffff900`c00d7038=???????? Resetting default scope LAST_CONTROL_TRANSFER: from fffff80001b482ee to fffff80001aca400 STACK_TEXT: fffff880`1394d598 fffff800`01b482ee : 00000000`00000050 fffff900`c00d7038 00000000`00000000 fffff880`1394d700 : nt!KeBugCheckEx fffff880`1394d5a0 fffff800`01ac852e : 00000000`00000000 fffff900`c00d7038 00000000`6b6e7100 fffffab0`25b14b10 : nt! ?? ::FNODOBFM::`string'+0x3bc6f fffff880`1394d700 fffff960`0022b5eb : fffff800`01a5b000 fffff800`01c03557 00000000`00000000 fffff880`1394d960 : nt!KiPageFault+0x16e fffff880`1394d890 fffff960`0022b895 : fffff900`c0096c48 00000000`0000020a fffff900`c0d34ca0 00000000`00000000 : win32k!vRestartKillRFONTList+0xe7 fffff880`1394d8f0 fffff960`0023a4bd : fffff960`002df1ec 00000000`000007ff 00000000`00000001 00000000`00000000 : win32k!vRestartKillRFONTList+0x391 fffff880`1394d950 fffff960`00239bd4 : fffff880`121c0c00 00000000`00003dd4 00000000`00000000 00000000`4d504f47 : win32k!GdiMultiUserFontCleanup+0xad fffff880`1394d980 fffff960`000f2d95 : 00000000`00000000 fffff880`121c0000 fffff8a0`295125a0 fffff880`1394d9d8 : win32k!MultiUserNtGreCleanup+0x78 fffff880`1394d9c0 fffff800`01d1492c : 00000000`00000001 00000000`00000000 fffff880`121c0000 fffffab0`48849370 : win32k!Win32KDriverUnload+0xa5 fffff880`1394da10 fffff800`01e1b725 : fffff880`1394daa8 00000000`0000002a 00000000`00000000 fffff880`121c0000 : nt!MiDereferenceSessionFinal+0xfc fffff880`1394dab0 fffff800`01a9d244 : fffff800`01c5c940 fffff8a0`2ad4ec50 00000000`00000000 fffffab0`2596f060 : nt! ?? ::NNGAKEGL::`string'+0x28455 fffff880`1394dae0 fffff800`01d9f7a4 : fffff8a0`2ad4ec50 00000000`00000000 fffffab0`48849370 fffffab0`48849370 : nt!MmCleanProcessAddressSpace+0x628 fffff880`1394db30 fffff800`01d9fa51 : 00000000`00000000 fffff800`01d62b01 00000000`00000000 fffffab0`25ec0650 : nt!PspExitThread+0x944 fffff880`1394dbf0 fffff800`01abc6a6 : fffff880`02189180 00000000`00000080 fffffab0`48849370 00000000`00000246 : nt!PspTerminateThreadByPointer+0x4d fffff880`1394dc40 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KxStartSystemThread+0x16 STACK_COMMAND: kb THREAD_SHA1_HASH_MOD_FUNC: f2db32413f9534bf9483d1476c7012031d6c61df THREAD_SHA1_HASH_MOD_FUNC_OFFSET: 0e95462b5306c4851091745268ffc90f570809ab THREAD_SHA1_HASH_MOD: 0a82ca7386ce0fa1d74eaf1112473ef2427af391 FOLLOWUP_IP: win32k!vRestartKillRFONTList+e7 fffff960`0022b5eb 410fba633817 bt dword ptr [r11+38h],17h FAULT_INSTR_CODE: 63ba0f41 SYMBOL_STACK_INDEX: 3 SYMBOL_NAME: win32k!vRestartKillRFONTList+e7 FOLLOWUP_NAME: MachineOwner MODULE_NAME: win32k IMAGE_NAME: win32k.sys DEBUG_FLR_IMAGE_TIMESTAMP: 57601cb7 IMAGE_VERSION: 6.1.7601.23471 FAILURE_BUCKET_ID: X64_0x50_win32k!vRestartKillRFONTList+e7 BUCKET_ID: X64_0x50_win32k!vRestartKillRFONTList+e7 PRIMARY_PROBLEM_CLASS: X64_0x50_win32k!vRestartKillRFONTList+e7 TARGET_TIME: 2016-07-29T09:54:32.000Z OSBUILD: 7601 OSSERVICEPACK: 1000 SERVICEPACK_NUMBER: 0 OS_REVISION: 0 SUITE_MASK: 144 PRODUCT_TYPE: 3 OSPLATFORM_TYPE: x64 OSNAME: Windows 7 OSEDITION: Windows 7 Server (Service Pack 1) TerminalServer DataCenter OS_LOCALE: USER_LCID: 0 OSBUILD_TIMESTAMP: 2016-04-09 13:46:22 BUILDDATESTAMP_STR: 160408-2045 BUILDLAB_STR: win7sp1_ldr BUILDOSVER_STR: 6.1.7601.23418.amd64fre.win7sp1_ldr.160408-2045 ANALYSIS_SESSION_ELAPSED_TIME: 61e ANALYSIS_SOURCE: KM FAILURE_ID_HASH_STRING: km:x64_0x50_win32k!vrestartkillrfontlist+e7 FAILURE_ID_HASH: {2d566953-b14b-2c10-7af2-e2427825f8ca} Followup: MachineOwner --------- 通过下面的分析,我们可以看到win32k.sys试图访问的地址跟处理器返回的地址一致,都是fffff900`c00d7038,表明处理器没有问题(以前遇到过这种类似的报错,后来分析发现是cpu有问题,换了处理器,后来问题消失),但是检查该地址的信息,发现无法读取,这个也正是导致此次蓝屏的原因。 ======================================================================= 9: kd> .trap 0xfffff8801394d700 NOTE: The trap frame does not contain all registers. Some register values may be zeroed or incorrect. rax=fffff900c0096ba0 rbx=0000000000000000 rcx=fffffab023f7a1a0 rdx=0000000000000000 rsi=0000000000000000 rdi=0000000000000000 rip=fffff9600022b5eb rsp=fffff8801394d890 rbp=fffff900c0d34ca0 r8=00000000ffffffff r9=0000000000002800 r10=0000000000000000 r11=fffff900c00d7000 r12=0000000000000000 r13=0000000000000000 r14=0000000000000000 r15=0000000000000000 iopl=0 nv up ei pl nz na pe nc win32k!vRestartKillRFONTList+0xe7: fffff960`0022b5eb 410fba633817 bt dword ptr [r11+38h],17h ds:fffff900`c00d7038=???????? 9: kd> !pte fffff900`c00d7038 VA fffff900c00d7038 PXE at FFFFF6FB7DBEDF90 PPE at FFFFF6FB7DBF2018 PDE at FFFFF6FB7E403000 PTE at FFFFF6FC806006B8 Unable to get PXE FFFFF6FB7DBEDF90 9: kd> dd fffff900`c00d7038 fffff900`c00d7038 ???????? ???????? ???????? ???????? fffff900`c00d7048 ???????? ???????? ???????? ???????? fffff900`c00d7058 ???????? ???????? ???????? ???????? fffff900`c00d7068 ???????? ???????? ???????? ???????? fffff900`c00d7078 ???????? ???????? ???????? ???????? fffff900`c00d7088 ???????? ???????? ???????? ???????? fffff900`c00d7098 ???????? ???????? ???????? ???????? fffff900`c00d70a8 ???????? ???????? ???????? ???????? 9: kd> .bugcheck Bugcheck code 00000050 Arguments fffff900`c00d7038 00000000`00000000 fffff960`0022b5eb 00000000`00000000 Win32k驱动信息: =========== 9: kd> lmvm win32k Browse full module list start end module name fffff960`00000000 fffff960`00326000 win32k (pdb symbols) e:\symbols\win32k.pdb\B2E109F3901245C6B686B614B13893962\win32k.pdb Loaded symbol image file: win32k.sys Mapped memory image file: e:\symbols\win32k.sys\57601CB7326000\win32k.sys Image path: \SystemRoot\System32\win32k.sys Image name: win32k.sys Browse all global symbols functions data Timestamp: Tue Jun 14 23:03:19 2016 (57601CB7) CheckSum: 00315DA6 ImageSize: 00326000 File version: 6.1.7601.23471 Product version: 6.1.7601.23471 File flags: 0 (Mask 3F) File OS: 40004 NT Win32 File type: 3.7 Driver File date: 00000000.00000000 Translations: 0409.04b0 CompanyName: Microsoft Corporation ProductName: Microsoft? Windows? Operating System InternalName: win32k.sys OriginalFilename: win32k.sys ProductVersion: 6.1.7601.23471 FileVersion: 6.1.7601.23471 (win7sp1_ldr.160614-0600) FileDescription: Multi-User Win32 Driver LegalCopyright: ? Microsoft Corporation. All rights reserved. 系统信息: ====== 9: kd> vertarget Windows 7 Kernel Version 7601 (Service Pack 1) MP (40 procs) Free x64 Product: Server, suite: TerminalServer DataCenter Built by: 7601.23418.amd64fre.win7sp1_ldr.160408-2045 Machine Name: Kernel base = 0xfffff800`01a5b000 PsLoadedModuleList = 0xfffff800`01c9d730 Debug session time: Fri Jul 29 17:54:32.621 2016 (UTC + 8:00) System Uptime: 0 days 3:42:10.199
    2016年8月1日 8:15

答案

  • 您好!

    由于各种系统设置故障、软件故障、硬件故障、驱动程序故障、网络故障等均有可能引起Windows“蓝屏故障,所以您需要通过蓝屏错误信息提供的故障代码(Technical Information)、或通过Debugging Tools for Windows分析Windows蓝屏故障时自动保存的内存转储文件(Crash Dump File)判断引起蓝屏的大致原因,确定故障方向后,再针对具体的故障部分进行细致的排查解决。

    更多详细内容请参考以下文档:

    易宝典:Windows常见蓝屏故障分析(MVP 撰稿)

    http://support.microsoft.com/kb/972602/zh-cn

    下载 WDKWinDbg 和相关工具

    https://msdn.microsoft.com/zh-cn/windows/hardware/hh852365

    Best Regards,

    Alvin Wang


    Please remember to mark the replies as an answers if they help and unmark them if they provide no help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    2016年8月2日 6:15
    版主

全部回复