我最近重新安装了win10系统,但是它总是出现蓝屏,有时是同一天两次。
我已经在C:\Windows\Minidump中调试了dmp文件,但是我仍然不知道是什么原因导致了蓝屏,请帮帮我!
结果如下:
Microsoft(R)Windows调试器版本10.0.17763.132 AMD64
版权所有(c)Microsoft Corporation。保留所有权利。
加载转储文件[C:\ Windows \ Minidump \ 040619-5484-01.dmp]
迷你内核转储文件:仅寄存器和堆栈跟踪可用
符号搜索路径为:srv *
可执行搜索路径为:
Windows 10内核版本17134 MP(12个进程)免费x64
产品:WinNt,套件:TerminalServer SingleUserTS
机器名称:
内核基数= 0xfffff801 5c609000 PsLoadedModuleList = 0xfffff801 5c9b7150
调试会话时间:2019年4月6日23:04:20.221(UTC + 8:00)
系统正常运行时间:0天3:37:51.036
加载内核符号
..
按ctrl-c(cdb,kd,ntsd)或ctrl-break(windbg)可中止花费太长时间的符号加载。
在.reload之前运行!sym嘈杂以跟踪加载符号的问题。
............................................... ..............
............................................... .................
...............................................
加载用户符号
加载已卸载的模块列表
..........
*
Bugcheck分析*
*
使用!analyze -v获取详细的调试信息。
BugCheck A,{0、2、0,fffff8015c6cb3ae}
可能是由ntkrnlmp.exe(nt!KiComputeCpuSetAffinity + 5a)引起的
后续行动:MachineOwner
0:kd>!分析-v
*
Bugcheck分析*
*
IRQL_NOT_LESS_OR_EQUAL(a)
试图访问位于
的可分页(或完全无效)的地址中断请求级别(IRQL)太高。通常是
由使用不正确地址的驱动程序引起。
如果有内核调试器可用,请获取堆栈回溯。
参数:
Arg1:0000000000000000,已引用内存
Arg2:0000000000000002,IRQL
Arg3:0000000000000000,位字段:
位0:值0 =读操作,1 =写操作
位3:值0 =不是执行操作,1 =执行操作(仅在支持这种状态级别的芯片上)
Arg4:fffff8015c6cb3ae,引用内存的地址
调试详细信息:
KEY_VALUES_STRING:1
STACKHASH_ANALYSIS:1
TIMELINE_ANALYSIS:1
DUMP_CLASS:1
DUMP_QUALIFIER:400
DUMP_FILE_ATTRIBUTES:0x8
内核生成的分类转储
DUMP_TYPE:2
BUGCHECK_P1:0
BUGCHECK_P2:2
BUGCHECK_P3:0
BUGCHECK_P4:fffff8015c6cb3ae
读取地址:fffff8015ca56388:无法获取MiVisibleState
无法获取NonPagedPoolStart
无法获取NonPagedPoolEnd
无法获取PagedPoolStart
无法获取PagedPoolEnd
0000000000000000
CURRENT_IRQL:2
FAULTING_IP:
nt!KiComputeCpuSetAffinity + 5a
fffff801`5c6cb3ae 4b8b14d0 mov rdx,qword ptr [r8 + r10 * 8]
CPU_COUNT:c
CPU_MHZ:e10
CPU_VENDOR:AuthenticAMD
CPU_FAMILY:17
CPU_MODEL:1
CPU_STEPPING:1
CUSTOMER_CRASH_COUNT:1
DEFAULT_BUCKET_ID:WIN8_DRIVER_FAULT
BUGCHECK_STR:AV
PROCESS_NAME:系统
ANALYSIS_SESSION_HOST:DESKTOP-G1UESVN
ANALYSIS_SESSION_TIME:04-07-2019 00:12:51.0294
ANALYSIS_VERSION:10.0.17763.132 amd64fre
TRAP_FRAME:fffff8015ea5d680-(.trap 0xfffff8015ea5d680)
注意:陷阱帧不包含所有寄存器。
某些寄存器值可能为零或不正确。
rax = 000000007fffffff rbx = 0000000000000000 rcx = ffffd3895a4fa700
rdx = ffffd38959325580 rsi = 0000000000000000 rdi = 0000000000000000
rip = fffff8015c6cb3ae rsp = fffff8015ea5d818 rbp = 0000000000000000
r8 = 0000000000000000 r9 = 0000000000000008 r10 = 0000000000000000
r11 = 0100010000010000 r12 = 0000000000000000 r13 = 0000000000000000
r14 = 0000000000000000 r15 = 0000000000000000
iopl = 0 nv up ei pl zr na po nc
nt!KiComputeCpuSetAffinity + 0x5a:
fffff801 5c6cb3ae 4b8b14d0 mov rdx,qword ptr [r8+r10*8] ds:00000000 00000000 = ????????????????
重置默认范围
LAST_CONTROL_TRANSFER:从fffff8015c7c3c69到fffff8015c7b30a0
STACK_TEXT:
fffff801 5ea5d538 fffff801 5c7c3c69:00000000 0000000a 00000000 00000000 00000000 00000002 00000000 00000000:nt!KeBugCheckEx
fffff801 5ea5d540 fffff801 5c7c08e5:00000000 00001997 fffff806 f0403069 ffff259d 60dfbb4f 00000000 00000000:nt!KiBugCheckDispatch + 0x69
fffff801 5ea5d680 fffff801 5c6cb3ae:fffff801 5c6cb1ed ffffd389 5a4fa700 00000000 00000078 00000000 00300fff:nt!KiPageFault + 0x425
fffff801 5ea5d818 fffff801 5c6cb1ed:ffffd389 5a4fa700 00000000 00000078 00000000 00300fff fffffff6 0000000d:nt!KiComputeCpuSetAffinity + 0x5a
fffff801 5ea5d820 fffff801 5c6a6aff:ffffd389 5a4fa700 fffff801 5ea5d8f0 00000000 00000008 ffffd389 5b5cbe08:nt!KiComputeThreadAffinity + 0x5d
fffff801 5ea5d870 fffff801 5c6a5e73:fffff801 5b808180 00000000 00000002 00000000 00000000 0000001e 00000000:nt!KiDeferredReadyThread + 0xb6f
fffff801 5ea5d930 fffff801 5c648e96:00000000 00000000 ffffd389 5a4fa870 fffff801 5ea5db18 00000000 00000000:nt!KiReadyThread + 0x33
fffff801 5ea5d960 fffff801 5c647ca7:00000000 00000004 00000000 00000000 00000000 0035a4e9 00000000 00000019:nt!KiProcessExpiredTimerList + 0x286
fffff801 5ea5da50 fffff801 5c7b67da:00000000 00000000 fffff801 5b808180 00000000 001a6560 fffff801 5ca73400:nt!KiRetireDpcList + 0x4c7
fffff801 5ea5dc60 00000000 00000000:fffff801 5ea5e000 fffff801 5ea58000 00000000 00000000 00000000 00000000:nt!KiIdleLoop + 0x5a
THREAD_SHA1_HASH_MOD_FUNC:d34f3fd544718d4024e99be0f8d2f4a9443567b3
THREAD_SHA1_HASH_MOD_FUNC_OFFSET:e4b2ebc00547c7964d76d52e462b2f5391b0bda7
THREAD_SHA1_HASH_MOD:bc100a5647b828107ac4e18055e00abcbe1ec406
FOLLOWUP_IP:
nt!KiComputeCpuSetAffinity + 5a
fffff801`5c6cb3ae 4b8b14d0 mov rdx,qword ptr [r8 + r10 * 8]
FAULT_INSTR_CODE:d0148b4b
SYMBOL_STACK_INDEX:3
SYMBOL_NAME:nt!KiComputeCpuSetAffinity + 5a
FOLLOWUP_NAME:计算机所有者
MODULE_NAME:nt
IMAGE_NAME:ntkrnlmp.exe
DEBUG_FLR_IMAGE_TIMESTAMP:5c7f858f
IMAGE_VERSION:10.0.17134.648
STACK_COMMAND:.thread; .cxr; kb
BUCKET_ID_FUNC_OFFSET:5a
FAILURE_BUCKET_ID:AV_nt!KiComputeCpuSetAffinity
BUCKET_ID:AV_nt!KiComputeCpuSetAffinity
PRIMARY_PROBLEM_CLASS:AV_nt!KiComputeCpuSetAffinity
TARGET_TIME:2019-04-06T15:04:20.000Z
内置:17134
OSSERVICEPACK:648
SERVICEPACK_NUMBER:0
OS_REVISION:0
SUITE_MASK:272
PRODUCT_TYPE:1
OSPLATFORM_TYPE:x64
OSNAME:Windows 10
版本:Windows 10 WinNt TerminalServer SingleUserTS
OS_LOCALE:
USER_LCID:0
OSBUILD_TIMESTAMP:2019-03-06 16:32:15
ANALYSIS_SESSION_ELAPSED_TIME:d13
ANALYSIS_SOURCE:KM
FAILURE_ID_HASH_STRING:km:av_nt!kicomputecpusetaffinity
FAILURE_ID_HASH:{175ab970-b2ed-c135-719c-162bd92bd1a4}
后续行动:MachineOwner
0:kd>!处理
过程ffffd38954af1040
SessionId: none Cid: 0004 Peb: 00000000 ParentCid: 0000
DirBase: 001ad000 ObjectTable: ffff9b0bdf014040 HandleCount: <Data Not Accessible>
Image: System
VadRoot ffffd3895757a970 Vads 13 Clone 0 Private 26. Modified 93712. Locked 64.
DeviceMap ffff9b0bdf002130
Token ffff9b0bdf018040
ReadMemory error: Cannot get nt!KeMaximumIncrement value.
fffff78000000000:无法获取共享数据
ElapsedTime 00:00:00.000
UserTime 00:00:00.000
KernelTime 00:00:00.000
QuotaPoolUsage[PagedPool] 0
QuotaPoolUsage[NonPagedPool] 136
Working Set Sizes (now,min,max) (213, 50, 450) (852KB, 200KB, 1800KB)
PeakWorkingSetSize 1104
VirtualSize 4 Mb
PeakVirtualSize 13 Mb
PageFaultCount 3097
MemoryPriority BACKGROUND
BasePriority 8
CommitCharge 48
*** Error in reading nt!_ETHREAD @ ffffd38954ac0700