659
win10 RS3 16215版本,test HLK,在HLK
让HLK测项跑起来之后,测试DF部分测项fail之后会出现蓝屏问题BSOD,通过windbg tool查看memory.dmp及minidump下的dmp文件,可以看到是ntkrnlmp.exe导致的蓝屏,不知道是不是OS本身的问题。
dump文件如下:
Loading Dump File [E:\RS3_test\062017-22593-01.dmp]Mini Kernel Dump File: Only registers and stack trace are available
************* Symbol Path validation summary **************
Response Time (ms) Location
Deferred SRV*C:\Symbols*https://msdl.microsoft.com/download/symbols
Symbol search path is: SRV*C:\Symbols*https://msdl.microsoft.com/download/symbols
Executable search path is:
Windows 10 Kernel Version 16215 MP (4 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 16215.1000.amd64fre.rs_prerelease.170603-1840
Machine Name:
Kernel base = 0xfffff801`d4489000 PsLoadedModuleList = 0xfffff801`d47e5b70
Debug session time: Tue Jun 20 21:38:05.524 2017 (UTC - 7:00)
System Uptime: 0 days 2:53:45.189
Loading Kernel Symbols
.
Press ctrl-c (cdb, kd, ntsd) or ctrl-break (windbg) to abort symbol loads that take too long.
Run !sym noisy before .reload to track down problems loading symbols.
..............................................................
..............................................................
..................................
Loading User Symbols
Loading unloaded module list
......................
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
Use !analyze -v to get detailed debugging information.
BugCheck A, {fffff801d4910c3c, 2, 8, fffff801d4910c3c}
Probably caused by : ntkrnlmp.exe ( nt!NtSetInformationThread+168c )
Followup: MachineOwner
---------
3: kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
IRQL_NOT_LESS_OR_EQUAL (a)
An attempt was made to access a pageable (or completely invalid) address at an
interrupt request level (IRQL) that is too high. This is usually
caused by drivers using improper addresses.
If a kernel debugger is available get the stack backtrace.
Arguments:
Arg1: fffff801d4910c3c, memory referenced
Arg2: 0000000000000002, IRQL
Arg3: 0000000000000008, bitfield :
bit 0 : value 0 = read operation, 1 = write operation
bit 3 : value 0 = not an execute operation, 1 = execute operation (only on chips which support this level of status)
Arg4: fffff801d4910c3c, address which referenced memory
Debugging Details:
------------------
SYSTEM_SKU: SKU
SYSTEM_VERSION: System Version
BIOS_DATE: 11/05/2015
BASEBOARD_PRODUCT: B150-PRO
BASEBOARD_VERSION: Rev X.0x
BUGCHECK_P1: fffff801d4910c3c
BUGCHECK_P2: 2
BUGCHECK_P3: 8
BUGCHECK_P4: fffff801d4910c3c
READ_ADDRESS: fffff801d487c378: Unable to get MiVisibleState
fffff801d4910c3c
CURRENT_IRQL: 2
FAULTING_IP:
nt!NtSetInformationThread+168c
fffff801`d4910c3c 4989be78070000 mov qword ptr [r14+778h],rdi
IP_IN_PAGED_CODE:
nt!NtSetInformationThread+168c
fffff801`d4910c3c 4989be78070000 mov qword ptr [r14+778h],rdi
CPU_COUNT: 4
CPU_MHZ: c78
CPU_VENDOR: GenuineIntel
CPU_FAMILY: 6
CPU_MODEL: 5e
CPU_STEPPING: 3
CUSTOMER_CRASH_COUNT: 1
DEFAULT_BUCKET_ID: VERIFIER_ENABLED_VISTA_MINIDUMP
BUGCHECK_STR: AV
PROCESS_NAME: svchost.exe
ANALYSIS_VERSION: 10.0.10240.9 x86fre
TRAP_FRAME: fffffd822cfc75c0 -- (.trap 0xfffffd822cfc75c0)
NOTE: The trap frame does not contain all registers.
Some register values may be zeroed or incorrect.
rax=0000000000000002 rbx=0000000000000000 rcx=0000000080000000
rdx=0000000080000000 rsi=0000000000000000 rdi=0000000000000000
rip=fffff801d4910c3c rsp=fffffd822cfc7750 rbp=fffffd822cfc7a80
r8=ffff9d0df2e63ca0 r9=0000000000000001 r10=fffff801d490f5b0
r11=0000000000141290 r12=0000000000000000 r13=0000000000000000
r14=0000000000000000 r15=0000000000000000
iopl=0 nv up ei pl zr na po nc
nt!NtSetInformationThread+0x168c:
fffff801`d4910c3c 4989be78070000 mov qword ptr [r14+778h],rdi ds:00000000`00000778=????????????????
Resetting default scope
LAST_CONTROL_TRANSFER: from fffff801d4618fe9 to fffff801d460d740
FAILED_INSTRUCTION_ADDRESS:
nt!NtSetInformationThread+168c
fffff801`d4910c3c 4989be78070000 mov qword ptr [r14+778h],rdi
STACK_TEXT:
fffffd82`2cfc7478 fffff801`d4618fe9 : 00000000`0000000a fffff801`d4910c3c 00000000`00000002 00000000`00000008 : nt!KeBugCheckEx
fffffd82`2cfc7480 fffff801`d461737d : ffff9d0d`f8969080 ffffc00c`5353a6c0 00000000`00000006 fffff801`d46173a0 : nt!KiBugCheckDispatch+0x69
fffffd82`2cfc75c0 fffff801`d4910c3c : ffff9d0d`f7c815c0 ffffaf00`00000400 ffff9d0d`f2e63ca0 ffff9d0d`f8969080 : nt!KiPageFault+0x23d
fffffd82`2cfc7750 fffff801`d4618b53 : 00000000`00000021 ffff9d0d`f7cc7700 ffff9d0d`f7cc7700 00000000`00000000 : nt!NtSetInformationThread+0x168c
fffffd82`2cfc7a00 00007ffa`ea9ff734 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x13
00000084`e8aff6c8 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x00007ffa`ea9ff734
STACK_COMMAND: kb
FOLLOWUP_IP:
nt!NtSetInformationThread+168c
fffff801`d4910c3c 4989be78070000 mov qword ptr [r14+778h],rdi
SYMBOL_STACK_INDEX: 3
SYMBOL_NAME: nt!NtSetInformationThread+168c
FOLLOWUP_NAME: MachineOwner
MODULE_NAME: nt
IMAGE_NAME: ntkrnlmp.exe
DEBUG_FLR_IMAGE_TIMESTAMP: 5933a904
IMAGE_VERSION: 10.0.16215.1000
BUCKET_ID_FUNC_OFFSET: 168c
FAILURE_BUCKET_ID: AV_VRF_CODE_AV_PAGED_IP_nt!NtSetInformationThread
BUCKET_ID: AV_VRF_CODE_AV_PAGED_IP_nt!NtSetInformationThread
PRIMARY_PROBLEM_CLASS: AV_VRF_CODE_AV_PAGED_IP_nt!NtSetInformationThread
ANALYSIS_SOURCE: KM
FAILURE_ID_HASH_STRING: km:av_vrf_code_av_paged_ip_nt!ntsetinformationthread
FAILURE_ID_HASH: {1a8d713a-fa5e-ce29-22cf-58c80383fa06}
Followup: MachineOwner
---------
3: kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
IRQL_NOT_LESS_OR_EQUAL (a)
An attempt was made to access a pageable (or completely invalid) address at an
interrupt request level (IRQL) that is too high. This is usually
caused by drivers using improper addresses.
If a kernel debugger is available get the stack backtrace.
Arguments:
Arg1: fffff801d4910c3c, memory referenced
Arg2: 0000000000000002, IRQL
Arg3: 0000000000000008, bitfield :
bit 0 : value 0 = read operation, 1 = write operation
bit 3 : value 0 = not an execute operation, 1 = execute operation (only on chips which support this level of status)
Arg4: fffff801d4910c3c, address which referenced memory
Debugging Details:
------------------
SYSTEM_SKU: SKU
SYSTEM_VERSION: System Version
BIOS_DATE: 11/05/2015
BASEBOARD_PRODUCT: B150-PRO
BASEBOARD_VERSION: Rev X.0x
BUGCHECK_P1: fffff801d4910c3c
BUGCHECK_P2: 2
BUGCHECK_P3: 8
BUGCHECK_P4: fffff801d4910c3c
READ_ADDRESS: fffff801d487c378: Unable to get MiVisibleState
fffff801d4910c3c
CURRENT_IRQL: 2
FAULTING_IP:
nt!NtSetInformationThread+168c
fffff801`d4910c3c 4989be78070000 mov qword ptr [r14+778h],rdi
IP_IN_PAGED_CODE:
nt!NtSetInformationThread+168c
fffff801`d4910c3c 4989be78070000 mov qword ptr [r14+778h],rdi
CPU_COUNT: 4
CPU_MHZ: c78
CPU_VENDOR: GenuineIntel
CPU_FAMILY: 6
CPU_MODEL: 5e
CPU_STEPPING: 3
CUSTOMER_CRASH_COUNT: 1
DEFAULT_BUCKET_ID: VERIFIER_ENABLED_VISTA_MINIDUMP
BUGCHECK_STR: AV
PROCESS_NAME: svchost.exe
ANALYSIS_VERSION: 10.0.10240.9 x86fre
TRAP_FRAME: fffffd822cfc75c0 -- (.trap 0xfffffd822cfc75c0)
NOTE: The trap frame does not contain all registers.
Some register values may be zeroed or incorrect.
rax=0000000000000002 rbx=0000000000000000 rcx=0000000080000000
rdx=0000000080000000 rsi=0000000000000000 rdi=0000000000000000
rip=fffff801d4910c3c rsp=fffffd822cfc7750 rbp=fffffd822cfc7a80
r8=ffff9d0df2e63ca0 r9=0000000000000001 r10=fffff801d490f5b0
r11=0000000000141290 r12=0000000000000000 r13=0000000000000000
r14=0000000000000000 r15=0000000000000000
iopl=0 nv up ei pl zr na po nc
nt!NtSetInformationThread+0x168c:
fffff801`d4910c3c 4989be78070000 mov qword ptr [r14+778h],rdi ds:00000000`00000778=????????????????
Resetting default scope
LAST_CONTROL_TRANSFER: from fffff801d4618fe9 to fffff801d460d740
FAILED_INSTRUCTION_ADDRESS:
nt!NtSetInformationThread+168c
fffff801`d4910c3c 4989be78070000 mov qword ptr [r14+778h],rdi
STACK_TEXT:
fffffd82`2cfc7478 fffff801`d4618fe9 : 00000000`0000000a fffff801`d4910c3c 00000000`00000002 00000000`00000008 : nt!KeBugCheckEx
fffffd82`2cfc7480 fffff801`d461737d : ffff9d0d`f8969080 ffffc00c`5353a6c0 00000000`00000006 fffff801`d46173a0 : nt!KiBugCheckDispatch+0x69
fffffd82`2cfc75c0 fffff801`d4910c3c : ffff9d0d`f7c815c0 ffffaf00`00000400 ffff9d0d`f2e63ca0 ffff9d0d`f8969080 : nt!KiPageFault+0x23d
fffffd82`2cfc7750 fffff801`d4618b53 : 00000000`00000021 ffff9d0d`f7cc7700 ffff9d0d`f7cc7700 00000000`00000000 : nt!NtSetInformationThread+0x168c
fffffd82`2cfc7a00 00007ffa`ea9ff734 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x13
00000084`e8aff6c8 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x00007ffa`ea9ff734
STACK_COMMAND: kb
FOLLOWUP_IP:
nt!NtSetInformationThread+168c
fffff801`d4910c3c 4989be78070000 mov qword ptr [r14+778h],rdi
SYMBOL_STACK_INDEX: 3
SYMBOL_NAME: nt!NtSetInformationThread+168c
FOLLOWUP_NAME: MachineOwner
MODULE_NAME: nt
IMAGE_NAME: ntkrnlmp.exe
DEBUG_FLR_IMAGE_TIMESTAMP: 5933a904
IMAGE_VERSION: 10.0.16215.1000
BUCKET_ID_FUNC_OFFSET: 168c
FAILURE_BUCKET_ID: AV_VRF_CODE_AV_PAGED_IP_nt!NtSetInformationThread
BUCKET_ID: AV_VRF_CODE_AV_PAGED_IP_nt!NtSetInformationThread
PRIMARY_PROBLEM_CLASS: AV_VRF_CODE_AV_PAGED_IP_nt!NtSetInformationThread
ANALYSIS_SOURCE: KM
FAILURE_ID_HASH_STRING: km:av_vrf_code_av_paged_ip_nt!ntsetinformationthread
FAILURE_ID_HASH: {1a8d713a-fa5e-ce29-22cf-58c80383fa06}
Followup: MachineOwner
---------
3: kd> !process
PROCESS ffff9d0df7c815c0
SessionId: 0 Cid: 04b8 Peb: 84e860b000 ParentCid: 02e0
DirBase: 29ee4000 ObjectTable: ffffc00c533f2140 HandleCount: <Data Not Accessible>
Image: svchost.exe
VadRoot ffff9d0df7c74290 Vads 116 Clone 0 Private 1949. Modified 81341. Locked 0.
DeviceMap ffffc00c5343c240
Token ffffc00c5353b060
ReadMemory error: Cannot get nt!KeMaximumIncrement value.
fffff78000000000: Unable to get shared data
ElapsedTime 00:00:00.000
UserTime 00:00:00.000
KernelTime 00:00:00.000
QuotaPoolUsage[PagedPool] 123680
QuotaPoolUsage[NonPagedPool] 32912
Working Set Sizes (now,min,max) (0, 0, 0) (0KB, 0KB, 0KB)
PeakWorkingSetSize 0
VirtualSize 2097264 Mb
PeakVirtualSize 2097273 Mb
PageFaultCount 0
MemoryPriority BACKGROUND
BasePriority 8
CommitCharge 2280
Job ffff9d0df7c8a060
*** Error in reading nt!_ETHREAD @ ffff9d0df7c82080
最后更新:2017-06-21 17:46:20
上一篇:
win10 Edge浏览器太难用
下一篇: 升级win10 15063后,更新提示:某些设置隐藏或由你的组织管理。这是咋回事?
- 你的设备已过期,并缺少重要的安全和质量更新,因此存在风险。让我们带你重回正轨,这样
- Microsoft store 无法联网,显示Microsoft Store需要联网,你似乎没有联网
- 设备以迁移 由于仅部分匹配或匹配不明确,因此无法迁移设备
- 由于在创建转储期间出错,创建转储文件失败。
- 发生临时 DNS 错误
- 应用商店,在我们这边发生问题,无法使你登陆,错误代码: 0xD000000D
- 照相机不可用,错误代码:0xA00F4244(0xC00DABE0)
- 应用商店打开异常提示“清单中指定了未知的布局”
- 自定义扫描Windows defender里面的设备性能和运行状况 黄色感叹号问题
- windows预口体验成员内口版本遇到问题需要重启
热门内容
- windows10 点开此电脑后,有两个显示硬盘盘符的目录是怎么回事?
- windows 10 专业版无法下载中文语言包
- KB4056892
- win10不能共享文件夹
- 在Surfacebook上用Windows to go 1703版本,更新后重启蓝屏,无法进入系统
- windows10 1709版本更新失败,错误0x8007001f
- microdoft visual c++ 2015 redistributable
- WIN10 Insider Preview 17025更新失败,错误代码0x80096004
- 计算机管理服务 出现一个内部错误(INVALID
- 关于控制面板中的安全和维护内提示Windows defender 防病毒已关闭的问题