Last active
May 19, 2024 19:37
-
-
Save fantasticmao/fc0f31574f952991e52aa4775486212e to your computer and use it in GitHub Desktop.
Windows 10 蓝屏 WinDbg 分析
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
BugCheckCode | Count | Reference | |
---|---|---|---|
KERNEL_DATA_INPAGE_ERROR | 4 | https://learn.microsoft.com/zh-cn/windows-hardware/drivers/debugger/bug-check-0x7a--kernel-data-inpage-error | |
INTERNAL_POWER_ERROR | 1 | https://learn.microsoft.com/zh-cn/windows-hardware/drivers/debugger/bug-check-0xa0--internal-power-error | |
SYSTEM_SERVICE_EXCEPTION | 2 | https://learn.microsoft.com/zh-cn/windows-hardware/drivers/debugger/bug-check-0x3b--system-service-exception | |
CRITICAL_PROCESS_DIED | 2 | https://learn.microsoft.com/zh-cn/windows-hardware/drivers/debugger/bug-check-0xef--critical-process-died | |
DRIVER_VERIFIER_DETECTED_VIOLATION | 1 | https://learn.microsoft.com/zh-cn/windows-hardware/drivers/debugger/bug-check-0xc4--driver-verifier-detected-violation |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
************* Preparing the environment for Debugger Extensions Gallery repositories ************** | |
ExtensionRepository : Implicit | |
UseExperimentalFeatureForNugetShare : true | |
AllowNugetExeUpdate : true | |
NonInteractiveNuget : true | |
AllowNugetMSCredentialProviderInstall : true | |
AllowParallelInitializationOfLocalRepositories : true | |
EnableRedirectToV8JsProvider : false | |
-- Configuring repositories | |
----> Repository : LocalInstalled, Enabled: true | |
----> Repository : UserExtensions, Enabled: true | |
>>>>>>>>>>>>> Preparing the environment for Debugger Extensions Gallery repositories completed, duration 0.016 seconds | |
************* Waiting for Debugger Extensions Gallery to Initialize ************** | |
>>>>>>>>>>>>> Waiting for Debugger Extensions Gallery to Initialize completed, duration 0.234 seconds | |
----> Repository : UserExtensions, Enabled: true, Packages count: 0 | |
----> Repository : LocalInstalled, Enabled: true, Packages count: 41 | |
Microsoft (R) Windows Debugger Version 10.0.27553.1004 AMD64 | |
Copyright (c) Microsoft Corporation. All rights reserved. | |
Loading Dump File [C:\Users\maomao\Downloads\101523-16593-01.dmp] | |
Mini Kernel Dump File: Only registers and stack trace are available | |
************* Path validation summary ************** | |
Response Time (ms) Location | |
Deferred srv* | |
Symbol search path is: srv* | |
Executable search path is: | |
Windows 10 Kernel Version 19041 MP (16 procs) Free x64 | |
Product: WinNt, suite: TerminalServer SingleUserTS | |
Kernel base = 0xfffff804`2b000000 PsLoadedModuleList = 0xfffff804`2bc2a360 | |
Debug session time: Sun Oct 15 21:36:44.216 2023 (UTC + 8:00) | |
System Uptime: 3 days 18:49:35.563 | |
Loading Kernel Symbols | |
.. | |
Press ctrl-c (cdb, kd, ntsd) or ctrl-break (windbg) to abort symbol loads that take too long. | |
Run !sym noisy before .reload to track down problems loading symbols. | |
............................................................. | |
................................................................ | |
................................................................ | |
....................... | |
Loading User Symbols | |
PEB is paged out (Peb.Ldr = 00000000`00c50018). Type ".hh dbgerr001" for details | |
Loading unloaded module list | |
.............................. | |
For analysis of this file, run !analyze -v | |
nt!KeBugCheckEx: | |
fffff804`2b3fd640 48894c2408 mov qword ptr [rsp+8],rcx ss:0018:ffffef89`8a1df420=000000000000007a | |
13: kd> !analyze -v | |
******************************************************************************* | |
* * | |
* Bugcheck Analysis * | |
* * | |
******************************************************************************* | |
KERNEL_DATA_INPAGE_ERROR (7a) | |
The requested page of kernel data could not be read in. Typically caused by | |
a bad block in the paging file or disk controller error. Also see | |
KERNEL_STACK_INPAGE_ERROR. | |
If the error status is 0xC000000E, 0xC000009C, 0xC000009D or 0xC0000185, | |
it means the disk subsystem has experienced a failure. | |
If the error status is 0xC000009A, then it means the request failed because | |
a filesystem failed to make forward progress. | |
Arguments: | |
Arg1: ffffa901cb7e60f0, lock type that was held (value 1,2,3, or PTE address) | |
Arg2: ffffffffc0000185, error status (normally i/o status code) | |
Arg3: 000000049a41a860, current process (virtual address for lock type 3, or PTE) | |
Arg4: ffffbde3e775ea7c, virtual address that could not be in-paged (or PTE contents if arg1 is a PTE address) | |
Debugging Details: | |
------------------ | |
KEY_VALUES_STRING: 1 | |
Key : Analysis.CPU.mSec | |
Value: 1530 | |
Key : Analysis.Elapsed.mSec | |
Value: 10197 | |
Key : Analysis.IO.Other.Mb | |
Value: 2 | |
Key : Analysis.IO.Read.Mb | |
Value: 0 | |
Key : Analysis.IO.Write.Mb | |
Value: 8 | |
Key : Analysis.Init.CPU.mSec | |
Value: 562 | |
Key : Analysis.Init.Elapsed.mSec | |
Value: 14768 | |
Key : Analysis.Memory.CommitPeak.Mb | |
Value: 94 | |
Key : Bugcheck.Code.LegacyAPI | |
Value: 0x7a | |
Key : Bugcheck.Code.TargetModel | |
Value: 0x7a | |
Key : Dump.Attributes.AsUlong | |
Value: 8 | |
Key : Dump.Attributes.KernelGeneratedTriageDump | |
Value: 1 | |
Key : Failure.Bucket | |
Value: 0x7a_c0000185_DUMP_STORPORTDUMP_STORNVME_win32kfull!xxxSysCommand | |
Key : Failure.Hash | |
Value: {cf051631-6699-7545-1a6d-26352adf133a} | |
BUGCHECK_CODE: 7a | |
BUGCHECK_P1: ffffa901cb7e60f0 | |
BUGCHECK_P2: ffffffffc0000185 | |
BUGCHECK_P3: 49a41a860 | |
BUGCHECK_P4: ffffbde3e775ea7c | |
FILE_IN_CAB: 101523-16593-01.dmp | |
DUMP_FILE_ATTRIBUTES: 0x8 | |
Kernel Generated Triage Dump | |
ERROR_CODE: (NTSTATUS) 0xc0000185 - I/O I/O | |
DISK_HARDWARE_ERROR: There was error with disk hardware | |
BLACKBOXBSD: 1 (!blackboxbsd) | |
BLACKBOXDISK: 1 | |
DISKSEC_ORG_ID: | |
DISKSEC_MODEL: | |
DISKSEC_MANUFACTURING_ID: | |
DISKSEC_ISSUE_DESC_STR: | |
DISKSEC_TOTAL_SIZE: 0 | |
DISKSEC_REASON: 0 | |
DISKSEC_PUBLIC_TOTAL_SECTION_SIZE: 0 | |
DISKSEC_PUBLIC_OFFSET: 0 | |
DISKSEC_PUBLIC_DATA_SIZE: 0 | |
DISKSEC_PRIVATE_TOTAL_SECTION_SIZE: 0 | |
DISKSEC_PRIVATE_OFFSET: 0 | |
DISKSEC_PRIVATE_DATA_SIZE: 0 | |
BLACKBOXNTFS: 1 (!blackboxntfs) | |
BLACKBOXPNP: 1 (!blackboxpnp) | |
BLACKBOXWINLOGON: 1 | |
CUSTOMER_CRASH_COUNT: 1 | |
PROCESS_NAME: explorer.exe | |
TRAP_FRAME: ffffef898a1df7c0 -- (.trap 0xffffef898a1df7c0) | |
NOTE: The trap frame does not contain all registers. | |
Some register values may be zeroed or incorrect. | |
rax=000000000000f090 rbx=0000000000000000 rcx=ffffbd95c0839d20 | |
rdx=000000000000f100 rsi=0000000000000000 rdi=0000000000000000 | |
rip=ffffbde3e775ea7c rsp=ffffef898a1df958 rbp=ffffef898a1dfa19 | |
r8=0000000000000000 r9=0000000000000000 r10=0000000000000400 | |
r11=ffffef898a1dfce0 r12=0000000000000000 r13=0000000000000000 | |
r14=0000000000000000 r15=0000000000000000 | |
iopl=0 nv up ei pl zr na po nc | |
win32kfull!xxxMNStartMenuState: | |
ffffbde3`e775ea7c 48895c2408 mov qword ptr [rsp+8],rbx ss:0018:ffffef89`8a1df960=0000000000000fff | |
Resetting default scope | |
STACK_TEXT: | |
ffffef89`8a1df418 fffff804`2b2957c9 : 00000000`0000007a ffffa901`cb7e60f0 ffffffff`c0000185 00000004`9a41a860 : nt!KeBugCheckEx | |
ffffef89`8a1df420 fffff804`2b294c45 : ffffef89`00008000 ffffef89`8a1df500 ffffef89`8a1df5b0 fffff804`00000000 : nt!MiWaitForInPageComplete+0x7d9 | |
ffffef89`8a1df510 fffff804`2b230798 : 00000000`c0033333 00000000`00000000 ffffbde3`e775ea7c 00000000`00000000 : nt!MiIssueHardFault+0x3c5 | |
ffffef89`8a1df620 fffff804`2b40d1d8 : 00000000`00000000 00000000`00000000 00000000`00000001 00000000`00000000 : nt!MmAccessFault+0x468 | |
ffffef89`8a1df7c0 ffffbde3`e775ea7c : ffffbde3`e766bcaa 00000000`00000fff ffffef89`8a1dfd90 00000000`8a1dfa70 : nt!KiPageFault+0x358 | |
ffffef89`8a1df958 ffffbde3`e766bcaa : 00000000`00000fff ffffef89`8a1dfd90 00000000`8a1dfa70 fffff804`2b31d8e0 : win32kfull!xxxMNStartMenuState | |
ffffef89`8a1df960 ffffbde3`e756dd89 : ffffef89`8a1dfc50 00000000`00000000 00000000`00000000 00000000`00000000 : win32kfull!xxxSysCommand+0x756 | |
ffffef89`8a1dfa80 ffffbde3`e756d346 : 00000000`00000000 ffff8003`00000000 00000000`00000002 00000000`00000003 : win32kfull!xxxRealDefWindowProc+0x931 | |
ffffef89`8a1dfc50 ffffbde3`e76377bc : 00000000`00000112 ffffbd95`c0839d20 00000000`0000029e 00000000`00000000 : win32kfull!xxxWrapRealDefWindowProc+0x66 | |
ffffef89`8a1dfcc0 ffffbde3`e762ee6d : 00000000`00000001 00000000`0001014c 00000000`0af8f1a8 00000000`00000112 : win32kfull!NtUserfnDWORD+0x2c | |
ffffef89`8a1dfd00 ffffbde3`e6cd6eb5 : ffff8003`8e3575c0 ffffef89`8a1dfec0 00000000`0af8f1a8 00000000`00000002 : win32kfull!NtUserMessageCall+0x11d | |
ffffef89`8a1dfd80 fffff804`2b410ef5 : 00000000`00000008 ffffbde3`e7570816 00000000`00000001 00000000`00000000 : win32k!NtUserMessageCall+0x3d | |
ffffef89`8a1dfdd0 00007ffd`4a281124 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x25 | |
00000000`0af8f188 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x00007ffd`4a281124 | |
SYMBOL_NAME: win32kfull!xxxSysCommand+756 | |
MODULE_NAME: win32kfull | |
IMAGE_NAME: win32kfull.sys | |
IMAGE_VERSION: 10.0.19041.3570 | |
STACK_COMMAND: .cxr; .ecxr ; kb | |
BUCKET_ID_FUNC_OFFSET: 756 | |
FAILURE_BUCKET_ID: 0x7a_c0000185_DUMP_STORPORTDUMP_STORNVME_win32kfull!xxxSysCommand | |
OSPLATFORM_TYPE: x64 | |
OSNAME: Windows 10 | |
FAILURE_ID_HASH: {cf051631-6699-7545-1a6d-26352adf133a} | |
Followup: MachineOwner | |
--------- | |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
************* Preparing the environment for Debugger Extensions Gallery repositories ************** | |
ExtensionRepository : Implicit | |
UseExperimentalFeatureForNugetShare : true | |
AllowNugetExeUpdate : true | |
NonInteractiveNuget : true | |
AllowNugetMSCredentialProviderInstall : true | |
AllowParallelInitializationOfLocalRepositories : true | |
EnableRedirectToV8JsProvider : false | |
-- Configuring repositories | |
----> Repository : LocalInstalled, Enabled: true | |
----> Repository : UserExtensions, Enabled: true | |
>>>>>>>>>>>>> Preparing the environment for Debugger Extensions Gallery repositories completed, duration 0.000 seconds | |
************* Waiting for Debugger Extensions Gallery to Initialize ************** | |
>>>>>>>>>>>>> Waiting for Debugger Extensions Gallery to Initialize completed, duration 0.015 seconds | |
----> Repository : UserExtensions, Enabled: true, Packages count: 0 | |
----> Repository : LocalInstalled, Enabled: true, Packages count: 41 | |
Microsoft (R) Windows Debugger Version 10.0.27553.1004 AMD64 | |
Copyright (c) Microsoft Corporation. All rights reserved. | |
Loading Dump File [C:\Users\maomao\Downloads\102323-11343-01.dmp] | |
Mini Kernel Dump File: Only registers and stack trace are available | |
************* Path validation summary ************** | |
Response Time (ms) Location | |
Deferred srv* | |
Symbol search path is: srv* | |
Executable search path is: | |
Windows 10 Kernel Version 19041 MP (16 procs) Free x64 | |
Product: WinNt, suite: TerminalServer SingleUserTS | |
Kernel base = 0xfffff800`38c00000 PsLoadedModuleList = 0xfffff800`3982a360 | |
Debug session time: Mon Oct 23 22:48:33.428 2023 (UTC + 8:00) | |
System Uptime: 0 days 0:24:38.079 | |
Loading Kernel Symbols | |
............................................................... | |
................................................................ | |
...... | |
Loading User Symbols | |
Loading unloaded module list | |
... | |
For analysis of this file, run !analyze -v | |
nt!KeBugCheckEx: | |
fffff800`38ffd640 48894c2408 mov qword ptr [rsp+8],rcx ss:0018:ffffb581`3c04f7e0=00000000000000a0 | |
3: kd> !analyze -v | |
******************************************************************************* | |
* * | |
* Bugcheck Analysis * | |
* * | |
******************************************************************************* | |
INTERNAL_POWER_ERROR (a0) | |
The power policy manager experienced a fatal error. | |
Arguments: | |
Arg1: 00000000000000f0, The system failed to complete(suspend) a power transition in a timely manner. | |
Arg2: 0000000000000000, The system power state in transition. | |
Arg3: 0000000000000009, The sleep checkpoint most recently reached. | |
Arg4: ffff8f07298ec040, A pointer to the thread currently processing the request. | |
Debugging Details: | |
------------------ | |
KEY_VALUES_STRING: 1 | |
Key : Analysis.CPU.mSec | |
Value: 1343 | |
Key : Analysis.Elapsed.mSec | |
Value: 6831 | |
Key : Analysis.IO.Other.Mb | |
Value: 1 | |
Key : Analysis.IO.Read.Mb | |
Value: 0 | |
Key : Analysis.IO.Write.Mb | |
Value: 4 | |
Key : Analysis.Init.CPU.mSec | |
Value: 358 | |
Key : Analysis.Init.Elapsed.mSec | |
Value: 21594 | |
Key : Analysis.Memory.CommitPeak.Mb | |
Value: 86 | |
Key : Bugcheck.Code.LegacyAPI | |
Value: 0xa0 | |
Key : Bugcheck.Code.TargetModel | |
Value: 0xa0 | |
Key : Dump.Attributes.AsUlong | |
Value: 8 | |
Key : Dump.Attributes.KernelGeneratedTriageDump | |
Value: 1 | |
Key : Failure.Bucket | |
Value: 0xa0_f0_nt!KiSwapContext | |
Key : Failure.Hash | |
Value: {168f8d2f-e77e-7dcf-020c-035a9129b0ab} | |
BUGCHECK_CODE: a0 | |
BUGCHECK_P1: f0 | |
BUGCHECK_P2: 0 | |
BUGCHECK_P3: 9 | |
BUGCHECK_P4: ffff8f07298ec040 | |
FILE_IN_CAB: 102323-11343-01.dmp | |
DUMP_FILE_ATTRIBUTES: 0x8 | |
Kernel Generated Triage Dump | |
FAULTING_THREAD: ffff8f07298ec040 | |
BLACKBOXNTFS: 1 (!blackboxntfs) | |
BLACKBOXPNP: 1 (!blackboxpnp) | |
CUSTOMER_CRASH_COUNT: 1 | |
PROCESS_NAME: System | |
STACK_TEXT: | |
ffffb581`3c264390 fffff800`38e1bca0 : ffffa581`00000000 00000000`00000000 ffffb581`00000000 00000000`00000002 : nt!KiSwapContext+0x76 | |
ffffb581`3c2644d0 fffff800`38e1b1cf : 3ffbfffd`00000008 00000000`00000001 ffffb581`3c264690 ffffb581`00000000 : nt!KiSwapThread+0x500 | |
ffffb581`3c264580 fffff800`38e1aa73 : ffff8f07`00000000 fffff800`00000000 ffffb581`3c264800 ffff8f07`298ec180 : nt!KiCommitThreadWait+0x14f | |
ffffb581`3c264620 fffff800`3ba738b8 : ffffb581`3c264c38 00000000`00000000 ffff8f07`32383d00 00000000`00004000 : nt!KeWaitForSingleObject+0x233 | |
ffffb581`3c264710 fffff800`3ba5ce2f : ffff8f07`ffffffff ffff8f07`32383d68 ffffb581`3c264860 ffffffff`fa0a1f00 : Ntfs!NtfsWaitOnIo+0x84 | |
ffffb581`3c264760 fffff800`3ba6a5f8 : 00000000`00000028 ffff8f07`32383fc0 ffff8f07`317dc1a0 00000000`00000000 : Ntfs!NtfsNonCachedIo+0x9bf | |
ffffb581`3c2649f0 fffff800`3ba6ed02 : ffff8f07`32383d68 ffff8f07`34c19770 ffff8f07`3166ad30 00000000`00003000 : Ntfs!NtfsNonCachedUsaWrite+0x10c | |
ffffb581`3c264ab0 fffff800`3ba6b123 : ffff8f07`32383d68 ffff8f07`34c19770 ffffb581`3c266248 00000000`00000000 : Ntfs!NtfsCommonWrite+0x3772 | |
ffffb581`3c264d00 fffff800`38e10665 : ffff8f07`327e38a0 ffff8f07`34c19770 ffff8f07`34c19770 ffff8f07`31652d60 : Ntfs!NtfsFsdWrite+0x1d3 | |
ffffb581`3c264dd0 fffff800`3580710f : 00000000`00000005 00000000`00000000 00000000`00000508 fffff800`395b8074 : nt!IofCallDriver+0x55 | |
ffffb581`3c264e10 fffff800`35804a43 : ffffb581`3c264ea0 00000001`337f0b6b 00000000`0000000f 00000000`00000000 : FLTMGR!FltpLegacyProcessingAfterPreCallbacksCompleted+0x28f | |
ffffb581`3c264e80 fffff800`38e10665 : ffff8f07`34c19770 fffff800`38e106a7 00000000`0000000f ffffcb86`46a75200 : FLTMGR!FltpDispatch+0xa3 | |
ffffb581`3c264ee0 fffff800`38eea533 : ffff8f07`316d1a30 ffff8f07`34c19770 ffff8f07`315ed7a0 ffffb581`3c2651b0 : nt!IofCallDriver+0x55 | |
ffffb581`3c264f20 fffff800`38ee8c6e : ffffcb86`4593cd20 00000000`0000000c ffffb581`3c265170 fffff800`3bb5c2d1 : nt!IoSynchronousPageWriteEx+0x13b | |
ffffb581`3c264f60 fffff800`3ba65f88 : ffffcb86`46a752c8 fffff800`3ba65f2f 00000000`00000000 00000000`00000000 : nt!IoSynchronousPageWrite+0x1e | |
ffffb581`3c264fb0 fffff800`3ba65195 : 00000001`337f0b6b 00000000`00003000 00000000`00000000 00000000`00000000 : Ntfs!LfsFlushHeadOfTheLog+0x4c | |
ffffb581`3c264ff0 fffff800`3ba649a5 : ffffcb86`4593cd20 00000001`337f0b6b ffff8f07`317ebd00 ffffb581`3c265301 : Ntfs!LfsFlushLfcb+0x7d5 | |
ffffb581`3c265210 fffff800`38e72228 : ffffb581`3c265320 ffffcb86`4593cd20 00000000`00000000 00000000`00000001 : Ntfs!LfsFlushLfcbCallout+0x25 | |
ffffb581`3c265240 fffff800`38e7219d : fffff800`3ba64980 ffffb581`3c265320 00000000`00000000 00000000`00000010 : nt!KeExpandKernelStackAndCalloutInternal+0x78 | |
ffffb581`3c2652b0 fffff800`3ba647e0 : 00000000`00000001 00000000`00000000 ffffcb86`4593cd20 00000000`0000000c : nt!KeExpandKernelStackAndCalloutEx+0x1d | |
ffffb581`3c2652f0 fffff800`3bb6d8d2 : 00000001`00000000 00000000`00000000 00000000`00000000 ffffcb86`46cec1b8 : Ntfs!LfsFlushLfcbOnNewStack+0x58 | |
ffffb581`3c265350 fffff800`3bb6d72d : 00000001`337f0b6b ffffb581`3c2656c0 00000000`00001000 00000001`337f0b6b : Ntfs!LfsFlushToLsnPriv+0x14a | |
ffffb581`3c2653f0 fffff800`3ba6ee22 : ffffcb86`4698b9e0 00000001`337f0b6b ffff8f07`317ebd78 00000000`00001000 : Ntfs!LfsFlushToLsnWithoutDiskCacheFlush+0xa9 | |
ffffb581`3c265440 fffff800`3ba6b123 : ffff8f07`317ebd78 ffff8f07`31755290 ffffb581`3c266248 00000000`00000000 : Ntfs!NtfsCommonWrite+0x3892 | |
ffffb581`3c265690 fffff800`38e10665 : ffff8f07`327cbab0 ffff8f07`31755290 ffff8f07`31755290 ffff8f07`31652d60 : Ntfs!NtfsFsdWrite+0x1d3 | |
ffffb581`3c265760 fffff800`3580710f : 00000000`00000005 00000000`00000000 00000000`00000508 fffff800`395b8074 : nt!IofCallDriver+0x55 | |
ffffb581`3c2657a0 fffff800`35804a43 : ffffb581`3c265830 ffffb581`3c265aa0 00000000`0000000f ffffb581`00000000 : FLTMGR!FltpLegacyProcessingAfterPreCallbacksCompleted+0x28f | |
ffffb581`3c265810 fffff800`38e10665 : ffff8f07`31755290 fffff800`38e106a7 00000000`0000000f 00000000`00000000 : FLTMGR!FltpDispatch+0xa3 | |
ffffb581`3c265870 fffff800`38eea533 : ffffb581`3c265aa0 ffff8f07`31755290 ffff8f07`2b2a0bd0 ffffb581`3c265930 : nt!IofCallDriver+0x55 | |
ffffb581`3c2658b0 fffff800`38f3b518 : 00000000`00000000 ffffb581`3c265950 ffff8f07`2b2a0bd0 fffff800`38e59045 : nt!IoSynchronousPageWriteEx+0x13b | |
ffffb581`3c2658f0 fffff800`38e3dd72 : 00000000`00000011 ffffcb86`45adb010 00000000`00000000 00000000`00000000 : nt!MiIssueSynchronousFlush+0x70 | |
ffffb581`3c265970 fffff800`38efed45 : ffffb581`3c265cb0 ffffb581`3c265f18 ffff8f07`2b2a0bd0 00000000`00000000 : nt!MiFlushSectionInternal+0x862 | |
ffffb581`3c265c40 fffff800`38e5895d : 00000000`00000000 ffff8f07`298ec040 00000000`00001000 00000000`00000000 : nt!MmFlushSection+0x155 | |
ffffb581`3c265cf0 fffff800`38efe80f : ffff8f07`2b2a0398 00000000`00000000 ffff8f07`00000000 00000000`00000000 : nt!CcFlushCachePriv+0x6cd | |
ffffb581`3c265e40 fffff800`3bb5d7c5 : 00000000`00000005 00000000`00000000 00000000`00000000 ffffcb86`46cec170 : nt!CcCoherencyFlushAndPurgeCache+0x6f | |
ffffb581`3c265e90 fffff800`3bb5d4db : ffffcb86`46cec170 00000000`00000000 ffffcb86`46cec000 ffff8f07`31713d78 : Ntfs!NtfsCoherencyFlushAndPurgeCache+0x55 | |
ffffb581`3c265ed0 fffff800`3bb5d8a5 : ffffcb86`46cec170 ffffcb86`46cec170 ffffcb86`46cec170 ffffcb86`46cec010 : Ntfs!NtfsFlushUserStream+0xdf | |
ffffb581`3c265f60 fffff800`3bb62356 : ffffcb86`46cec170 ffffcb86`46cec170 00000000`00000000 fffff800`38e16e94 : Ntfs!NtfsPerformOptimisticFlush+0xa1 | |
ffffb581`3c265fb0 fffff800`3bb62ea9 : ffff8f07`31713d78 ffff8f07`34c41a20 ffff8f07`31713d01 ffffb581`3c2661e0 : Ntfs!NtfsCommonFlushBuffers+0x1c2 | |
ffffb581`3c2660d0 fffff800`38e72228 : ffffb581`3c2661e0 ffff8f07`31713d78 00000000`00000000 ffff8f07`34c41a20 : Ntfs!NtfsCommonFlushBuffersCallout+0x19 | |
ffffb581`3c266100 fffff800`38e7219d : fffff800`3bb62e90 ffffb581`3c2661e0 00000000`00000000 ffff8f07`317dc1a0 : nt!KeExpandKernelStackAndCalloutInternal+0x78 | |
ffffb581`3c266170 fffff800`3bba454b : 00000000`00000000 ffff8f07`323fb0e0 ffffb581`3c268000 00000000`00000310 : nt!KeExpandKernelStackAndCalloutEx+0x1d | |
ffffb581`3c2661b0 fffff800`3bba4475 : 00000000`00000000 ffff8f07`2c8fe880 ffffb581`3c266248 00000000`00000000 : Ntfs!NtfsCommonFlushBuffersOnNewStack+0x67 | |
ffffb581`3c266220 fffff800`38e10665 : ffff8f07`327cbab0 ffff8f07`34c41a20 ffff8f07`31713d78 ffffb581`3c266248 : Ntfs!NtfsFsdFlushBuffers+0xe5 | |
ffffb581`3c266290 fffff800`3580710f : 00000000`00000005 00000000`00000000 00000000`00000000 fffff800`398ed601 : nt!IofCallDriver+0x55 | |
ffffb581`3c2662d0 fffff800`35804a43 : ffffb581`3c266360 ffff8f07`31652d60 00000000`00000001 ffff8f07`314cea40 : FLTMGR!FltpLegacyProcessingAfterPreCallbacksCompleted+0x28f | |
ffffb581`3c266340 fffff800`38e10665 : 00000000`00000002 fffff800`398ed600 ffffb581`00000000 00000000`00000020 : FLTMGR!FltpDispatch+0xa3 | |
ffffb581`3c2663a0 fffff800`3920142c : 00000000`00000000 ffff8f07`323fb0e0 ffff8f07`323fb0e0 ffffb581`00000000 : nt!IofCallDriver+0x55 | |
ffffb581`3c2663e0 fffff800`392dc4e9 : ffff8f07`00000000 ffffb581`3c2665d0 00000000`00000000 ffff8f07`323fb0e0 : nt!IopSynchronousServiceTail+0x34c | |
ffffb581`3c266480 fffff800`392dc2d6 : ffff8f07`298ec040 ffffffff`8000040c ffff8f07`31652d60 ffffffff`00000000 : nt!NtFlushBuffersFileEx+0x1f9 | |
ffffb581`3c266510 fffff800`39010ef5 : 00000000`00000000 ffffb581`3c266a00 00000000`00000000 ffffffff`ffffffff : nt!NtFlushBuffersFile+0x16 | |
ffffb581`3c266550 fffff800`39002220 : fffff800`39388d12 00000000`00000000 ffffb581`3c2668c8 ffffb581`3c2668d8 : nt!KiSystemServiceCopyEnd+0x25 | |
ffffb581`3c2666e8 fffff800`39388d12 : 00000000`00000000 ffffb581`3c2668c8 ffffb581`3c2668d8 00000000`000000c0 : nt!KiServiceLinkage | |
ffffb581`3c2666f0 fffff800`39388ac3 : 00000000`0000000f 00000000`00000007 fffff800`398ed630 ffffb581`3c266a00 : nt!RtlpGetSetBootStatusData+0x1b2 | |
ffffb581`3c266790 fffff800`3937dc3d : ffffb581`3c266a9c ffffb581`3c266a9c ffffffff`8000040c fffff800`39015490 : nt!RtlGetSetBootStatusData+0xd3 | |
ffffb581`3c2668c0 fffff800`3924dffc : ffffb581`3c2673d0 00000000`00000000 00000000`00000000 ffffcb86`4910a101 : nt!PopBootStatSet+0x1b5 | |
ffffb581`3c266950 fffff800`3924b432 : 00000000`00000020 fffff800`38e1fe0e ffff8f07`298ec040 ffffcb86`4584c940 : nt!PopPowerInformationInternal+0x348 | |
ffffb581`3c266a40 fffff800`39010ef5 : ffff8f07`29698180 ffff8f07`298ec040 ffffcb86`49160110 00000000`00000444 : nt!NtPowerInformation+0x632 | |
ffffb581`3c267190 fffff800`39002220 : fffff800`3939662b ffff8f07`32432a50 00000000`00040086 ffffb581`3c267300 : nt!KiSystemServiceCopyEnd+0x25 | |
ffffb581`3c267398 fffff800`3939662b : ffff8f07`32432a50 00000000`00040086 ffffb581`3c267300 ffff8f07`32432770 : nt!KiServiceLinkage | |
ffffb581`3c2673a0 fffff800`393965dd : ffff8f07`298ec690 fffff800`38e1fe0e ffff8f07`298ec040 fffff800`394e4d50 : nt!RtlpSystemBootStatusRequest+0x3f | |
ffffb581`3c267400 fffff800`38ff780d : fffff800`398250f0 fffff800`00000000 ffff8f07`00000000 ffffb581`3c267678 : nt!RtlSetSystemBootStatus+0x2d | |
ffffb581`3c267450 fffff800`39374ffc : 00000000`00000000 ffffb581`3c2676e8 00000000`00000001 fffff800`38f5807c : nt!PopBsdHandleRequest+0x25 | |
ffffb581`3c267480 fffff800`395974b3 : 00000000`00000000 fffff800`38f3bcfc ffffb581`3c267600 ffffb581`3c2675a0 : nt!PopRecordSleepCheckpoint+0x24 | |
ffffb581`3c2674b0 fffff800`39374ccf : ffffb581`3c267600 ffffb581`3c2674f8 ffffb581`3c2674f8 00000000`0000000d : nt!PopCheckpointSystemSleep+0x2f | |
ffffb581`3c2674f0 fffff800`39595318 : ffffb581`3c267600 00000000`00000000 fffff9bc`0085c388 00000000`00000000 : nt!PopNotifyCallbacksPreSleep+0x43 | |
ffffb581`3c267520 fffff800`3959cf8c : 00000000`00000000 00000000`00000006 00000000`00000005 fffff800`00000000 : nt!PopTransitionSystemPowerStateEx+0x224 | |
ffffb581`3c2675e0 fffff800`39010ef5 : ffffb581`3c2677d8 fffff9bc`0085c088 00000000`00000000 fffff800`39389dc5 : nt!NtSetSystemPowerState+0x4c | |
ffffb581`3c2677c0 fffff800`39002220 : fffff800`3943d9c3 00000000`00000014 ffffffff`ffffff00 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x25 | |
ffffb581`3c267958 fffff800`3943d9c3 : 00000000`00000014 ffffffff`ffffff00 00000000`00000000 fffff800`398238a0 : nt!KiServiceLinkage | |
ffffb581`3c267960 fffff800`39373f39 : 00000000`00000000 ffff8f07`2969ea20 00000000`00000000 00000000`00000000 : nt!PopIssueActionRequest+0xc996b | |
ffffb581`3c267a00 fffff800`38f502d4 : 00000000`00000001 00000000`00000000 ffffffff`ffffffff fffff800`39823900 : nt!PopPolicyWorkerAction+0x79 | |
ffffb581`3c267a70 fffff800`38e50545 : ffff8f07`00000001 ffff8f07`298ec040 fffff800`38f50240 ffff8f07`00000000 : nt!PopPolicyWorkerThread+0x94 | |
ffffb581`3c267ab0 fffff800`38f0e6f5 : ffff8f07`298ec040 00000000`00000080 ffff8f07`29698180 00000000`00000000 : nt!ExpWorkerThread+0x105 | |
ffffb581`3c267b50 fffff800`39006278 : ffffa581`6dbc0180 ffff8f07`298ec040 fffff800`38f0e6a0 00000000`00000000 : nt!PspSystemThreadStartup+0x55 | |
ffffb581`3c267ba0 00000000`00000000 : ffffb581`3c268000 ffffb581`3c261000 00000000`00000000 00000000`00000000 : nt!KiStartSystemThread+0x28 | |
SYMBOL_NAME: nt!KiSwapContext+76 | |
MODULE_NAME: nt | |
IMAGE_NAME: ntkrnlmp.exe | |
IMAGE_VERSION: 10.0.19041.3570 | |
STACK_COMMAND: .process /r /p 0xffff8f0729698180; .thread 0xffff8f07298ec040 ; kb | |
BUCKET_ID_FUNC_OFFSET: 76 | |
FAILURE_BUCKET_ID: 0xa0_f0_nt!KiSwapContext | |
OSPLATFORM_TYPE: x64 | |
OSNAME: Windows 10 | |
FAILURE_ID_HASH: {168f8d2f-e77e-7dcf-020c-035a9129b0ab} | |
Followup: MachineOwner | |
--------- | |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
************* Preparing the environment for Debugger Extensions Gallery repositories ************** | |
ExtensionRepository : Implicit | |
UseExperimentalFeatureForNugetShare : true | |
AllowNugetExeUpdate : true | |
NonInteractiveNuget : true | |
AllowNugetMSCredentialProviderInstall : true | |
AllowParallelInitializationOfLocalRepositories : true | |
EnableRedirectToV8JsProvider : false | |
-- Configuring repositories | |
----> Repository : LocalInstalled, Enabled: true | |
----> Repository : UserExtensions, Enabled: true | |
>>>>>>>>>>>>> Preparing the environment for Debugger Extensions Gallery repositories completed, duration 0.000 seconds | |
************* Waiting for Debugger Extensions Gallery to Initialize ************** | |
>>>>>>>>>>>>> Waiting for Debugger Extensions Gallery to Initialize completed, duration 0.015 seconds | |
----> Repository : UserExtensions, Enabled: true, Packages count: 0 | |
----> Repository : LocalInstalled, Enabled: true, Packages count: 41 | |
Microsoft (R) Windows Debugger Version 10.0.27553.1004 AMD64 | |
Copyright (c) Microsoft Corporation. All rights reserved. | |
Loading Dump File [C:\Users\maomao\OneDrive\文档\2023-11-18.dmp] | |
Mini Kernel Dump File: Only registers and stack trace are available | |
************* Path validation summary ************** | |
Response Time (ms) Location | |
Deferred srv* | |
Symbol search path is: srv* | |
Executable search path is: | |
Windows 10 Kernel Version 19041 MP (16 procs) Free x64 | |
Product: WinNt, suite: TerminalServer SingleUserTS | |
Kernel base = 0xfffff800`20c00000 PsLoadedModuleList = 0xfffff800`2182a360 | |
Debug session time: Sat Nov 18 22:38:02.060 2023 (UTC + 8:00) | |
System Uptime: 4 days 22:50:22.501 | |
Loading Kernel Symbols | |
............................................................... | |
................................................................ | |
............................................................. | |
Loading User Symbols | |
PEB address is NULL ! | |
Loading unloaded module list | |
.................. | |
For analysis of this file, run !analyze -v | |
nt!KeBugCheckEx: | |
fffff800`20ffd640 48894c2408 mov qword ptr [rsp+8],rcx ss:0018:ffffbd86`2494db90=000000000000003b | |
15: kd> !analyze -v | |
******************************************************************************* | |
* * | |
* Bugcheck Analysis * | |
* * | |
******************************************************************************* | |
SYSTEM_SERVICE_EXCEPTION (3b) | |
An exception happened while executing a system service routine. | |
Arguments: | |
Arg1: 00000000c0000006, Exception code that caused the BugCheck | |
Arg2: fffff800212b6b91, Address of the instruction which caused the BugCheck | |
Arg3: ffffbd862494e490, Address of the context record for the exception that caused the BugCheck | |
Arg4: 0000000000000000, zero. | |
Debugging Details: | |
------------------ | |
************************************************************************* | |
*** *** | |
*** *** | |
*** Either you specified an unqualified symbol, or your debugger *** | |
*** doesn't have full symbol information. Unqualified symbol *** | |
*** resolution is turned off by default. Please either specify a *** | |
*** fully qualified symbol module!symbolname, or enable resolution *** | |
*** of unqualified symbols by typing ".symopt- 100". Note that *** | |
*** enabling unqualified symbol resolution with network symbol *** | |
*** server shares in the symbol path may cause the debugger to *** | |
*** appear to hang for long periods of time when an incorrect *** | |
*** symbol name is typed or the network symbol server is down. *** | |
*** *** | |
*** For some commands to work properly, your symbol path *** | |
*** must point to .pdb files that have full type information. *** | |
*** *** | |
*** Certain .pdb files (such as the public OS symbols) do not *** | |
*** contain the required information. Contact the group that *** | |
*** provided you with these symbols if you need this command to *** | |
*** work. *** | |
*** *** | |
*** Type referenced: ExceptionRecord *** | |
*** *** | |
************************************************************************* | |
************************************************************************* | |
*** *** | |
*** *** | |
*** Either you specified an unqualified symbol, or your debugger *** | |
*** doesn't have full symbol information. Unqualified symbol *** | |
*** resolution is turned off by default. Please either specify a *** | |
*** fully qualified symbol module!symbolname, or enable resolution *** | |
*** of unqualified symbols by typing ".symopt- 100". Note that *** | |
*** enabling unqualified symbol resolution with network symbol *** | |
*** server shares in the symbol path may cause the debugger to *** | |
*** appear to hang for long periods of time when an incorrect *** | |
*** symbol name is typed or the network symbol server is down. *** | |
*** *** | |
*** For some commands to work properly, your symbol path *** | |
*** must point to .pdb files that have full type information. *** | |
*** *** | |
*** Certain .pdb files (such as the public OS symbols) do not *** | |
*** contain the required information. Contact the group that *** | |
*** provided you with these symbols if you need this command to *** | |
*** work. *** | |
*** *** | |
*** Type referenced: ContextRecord *** | |
*** *** | |
************************************************************************* | |
************************************************************************* | |
*** *** | |
*** *** | |
*** Either you specified an unqualified symbol, or your debugger *** | |
*** doesn't have full symbol information. Unqualified symbol *** | |
*** resolution is turned off by default. Please either specify a *** | |
*** fully qualified symbol module!symbolname, or enable resolution *** | |
*** of unqualified symbols by typing ".symopt- 100". Note that *** | |
*** enabling unqualified symbol resolution with network symbol *** | |
*** server shares in the symbol path may cause the debugger to *** | |
*** appear to hang for long periods of time when an incorrect *** | |
*** symbol name is typed or the network symbol server is down. *** | |
*** *** | |
*** For some commands to work properly, your symbol path *** | |
*** must point to .pdb files that have full type information. *** | |
*** *** | |
*** Certain .pdb files (such as the public OS symbols) do not *** | |
*** contain the required information. Contact the group that *** | |
*** provided you with these symbols if you need this command to *** | |
*** work. *** | |
*** *** | |
*** Type referenced: ExceptionRecord *** | |
*** *** | |
************************************************************************* | |
************************************************************************* | |
*** *** | |
*** *** | |
*** Either you specified an unqualified symbol, or your debugger *** | |
*** doesn't have full symbol information. Unqualified symbol *** | |
*** resolution is turned off by default. Please either specify a *** | |
*** fully qualified symbol module!symbolname, or enable resolution *** | |
*** of unqualified symbols by typing ".symopt- 100". Note that *** | |
*** enabling unqualified symbol resolution with network symbol *** | |
*** server shares in the symbol path may cause the debugger to *** | |
*** appear to hang for long periods of time when an incorrect *** | |
*** symbol name is typed or the network symbol server is down. *** | |
*** *** | |
*** For some commands to work properly, your symbol path *** | |
*** must point to .pdb files that have full type information. *** | |
*** *** | |
*** Certain .pdb files (such as the public OS symbols) do not *** | |
*** contain the required information. Contact the group that *** | |
*** provided you with these symbols if you need this command to *** | |
*** work. *** | |
*** *** | |
*** Type referenced: ContextRecord *** | |
*** *** | |
************************************************************************* | |
KEY_VALUES_STRING: 1 | |
Key : Analysis.CPU.mSec | |
Value: 2827 | |
Key : Analysis.Elapsed.mSec | |
Value: 3655 | |
Key : Analysis.IO.Other.Mb | |
Value: 0 | |
Key : Analysis.IO.Read.Mb | |
Value: 0 | |
Key : Analysis.IO.Write.Mb | |
Value: 0 | |
Key : Analysis.Init.CPU.mSec | |
Value: 405 | |
Key : Analysis.Init.Elapsed.mSec | |
Value: 3552 | |
Key : Analysis.Memory.CommitPeak.Mb | |
Value: 93 | |
Key : Bugcheck.Code.LegacyAPI | |
Value: 0x3b | |
Key : Bugcheck.Code.TargetModel | |
Value: 0x3b | |
Key : Dump.Attributes.AsUlong | |
Value: 8 | |
Key : Dump.Attributes.KernelGeneratedTriageDump | |
Value: 1 | |
Key : Failure.Bucket | |
Value: 0x3B_C0000006_nt!HvpGetCellPaged | |
Key : Failure.Hash | |
Value: {68f3db38-ae8e-4bae-c37a-85819946495f} | |
BUGCHECK_CODE: 3b | |
BUGCHECK_P1: c0000006 | |
BUGCHECK_P2: fffff800212b6b91 | |
BUGCHECK_P3: ffffbd862494e490 | |
BUGCHECK_P4: 0 | |
FILE_IN_CAB: 2023-11-18.dmp | |
DUMP_FILE_ATTRIBUTES: 0x8 | |
Kernel Generated Triage Dump | |
CONTEXT: ffffbd862494e490 -- (.cxr 0xffffbd862494e490) | |
rax=0000000000000000 rbx=0000000000000000 rcx=0000000000000007 | |
rdx=000000000000001c rsi=ffffbd862494f210 rdi=ffffbd862494ef10 | |
rip=fffff800212b6b91 rsp=ffffbd862494ee90 rbp=ffffbd862494efc9 | |
r8=ffffa906b02cf5c0 r9=0000021293944870 r10=0000000000000870 | |
r11=0000000003a03870 r12=00000000486e3443 r13=ffffbd862494f170 | |
r14=00000000000001ad r15=0000021293968024 | |
iopl=0 nv up ei pl nz na pe nc | |
cs=0010 ss=0018 ds=002b es=002b fs=0053 gs=002b efl=00050202 | |
nt!HvpGetCellPaged+0xc1: | |
fffff800`212b6b91 418b01 mov eax,dword ptr [r9] ds:002b:00000212`93944870=???????? | |
Resetting default scope | |
BLACKBOXBSD: 1 (!blackboxbsd) | |
BLACKBOXNTFS: 1 (!blackboxntfs) | |
BLACKBOXPNP: 1 (!blackboxpnp) | |
BLACKBOXWINLOGON: 1 | |
CUSTOMER_CRASH_COUNT: 18 | |
PROCESS_NAME: Registry | |
STACK_TEXT: | |
ffffbd86`2494ee90 fffff800`212463ef : 00000000`00000000 00000000`c0000034 ffffbd86`2494f170 ffffbd86`2494f210 : nt!HvpGetCellPaged+0xc1 | |
ffffbd86`2494eed0 fffff800`21215f60 : 00000001`ffffffff 00000000`ede15816 00000000`000001ad 00000000`ede15816 : nt!CmpDoCompareKeyName+0x3f | |
ffffbd86`2494ef10 fffff800`2120afc9 : ffff958e`ad3b9170 00000000`00000004 ffffbd86`2494f110 ffffbd86`2494f190 : nt!CmpWalkOneLevel+0x700 | |
ffffbd86`2494f010 fffff800`2120a4e3 : ffffa906`0000001c ffffbd86`2494f360 ffffbd86`2494f318 ffffa906`b137eab0 : nt!CmpDoParseKey+0x849 | |
ffffbd86`2494f2b0 fffff800`21206647 : fffff800`2120a201 ffff958e`00000000 ffffa906`b137eab0 00000000`00000001 : nt!CmpParseKey+0x2c3 | |
ffffbd86`2494f450 fffff800`211fd5fa : ffffa906`b137ea01 ffffbd86`2494f6b8 00000000`00000040 ffffa906`9cb804e0 : nt!ObpLookupObjectName+0x1117 | |
ffffbd86`2494f620 fffff800`211fd3dc : 00000000`00000000 00000000`00000000 00000000`00000000 ffffa906`9cb804e0 : nt!ObOpenObjectByNameEx+0x1fa | |
ffffbd86`2494f750 fffff800`211fcd21 : 00000000`0a70cd50 ffffbd86`2494fac0 00000000`00000001 fffff800`20e204de : nt!ObOpenObjectByName+0x5c | |
ffffbd86`2494f7a0 fffff800`211fca4f : 00000000`0000000f ffffa906`b54fa3e0 00000000`0989b970 00000000`1b4da840 : nt!CmOpenKey+0x2c1 | |
ffffbd86`2494fa00 fffff800`21010ef5 : ffffa906`b02cf5c0 ffffa906`af3a66e0 ffffbd86`00000000 ffffa906`00000000 : nt!NtOpenKeyEx+0xf | |
ffffbd86`2494fa40 00007ff9`1e18f3f4 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x25 | |
00000000`0a70cc08 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x00007ff9`1e18f3f4 | |
SYMBOL_NAME: nt!HvpGetCellPaged+c1 | |
MODULE_NAME: nt | |
IMAGE_NAME: ntkrnlmp.exe | |
IMAGE_VERSION: 10.0.19041.3570 | |
STACK_COMMAND: .cxr 0xffffbd862494e490 ; kb | |
BUCKET_ID_FUNC_OFFSET: c1 | |
FAILURE_BUCKET_ID: 0x3B_C0000006_nt!HvpGetCellPaged | |
OSPLATFORM_TYPE: x64 | |
OSNAME: Windows 10 | |
FAILURE_ID_HASH: {68f3db38-ae8e-4bae-c37a-85819946495f} | |
Followup: MachineOwner | |
--------- | |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
************* Preparing the environment for Debugger Extensions Gallery repositories ************** | |
ExtensionRepository : Implicit | |
UseExperimentalFeatureForNugetShare : true | |
AllowNugetExeUpdate : true | |
NonInteractiveNuget : true | |
AllowNugetMSCredentialProviderInstall : true | |
AllowParallelInitializationOfLocalRepositories : true | |
EnableRedirectToV8JsProvider : false | |
-- Configuring repositories | |
----> Repository : LocalInstalled, Enabled: true | |
----> Repository : UserExtensions, Enabled: true | |
>>>>>>>>>>>>> Preparing the environment for Debugger Extensions Gallery repositories completed, duration 0.000 seconds | |
************* Waiting for Debugger Extensions Gallery to Initialize ************** | |
>>>>>>>>>>>>> Waiting for Debugger Extensions Gallery to Initialize completed, duration 0.031 seconds | |
----> Repository : UserExtensions, Enabled: true, Packages count: 0 | |
----> Repository : LocalInstalled, Enabled: true, Packages count: 41 | |
Microsoft (R) Windows Debugger Version 10.0.27553.1004 AMD64 | |
Copyright (c) Microsoft Corporation. All rights reserved. | |
Loading Dump File [C:\Users\maomao\OneDrive\文档\2024-04-14.dmp] | |
Mini Kernel Dump File: Only registers and stack trace are available | |
************* Path validation summary ************** | |
Response Time (ms) Location | |
Deferred srv* | |
Symbol search path is: srv* | |
Executable search path is: | |
Windows 10 Kernel Version 19041 MP (16 procs) Free x64 | |
Product: WinNt, suite: TerminalServer SingleUserTS | |
Kernel base = 0xfffff802`2e200000 PsLoadedModuleList = 0xfffff802`2ee2a790 | |
Debug session time: Sun Apr 14 22:22:16.455 2024 (UTC + 8:00) | |
System Uptime: 0 days 22:20:48.108 | |
Loading Kernel Symbols | |
............................................................... | |
................................................................ | |
................................................................ | |
....... | |
Loading User Symbols | |
PEB address is NULL ! | |
Loading unloaded module list | |
...................... | |
For analysis of this file, run !analyze -v | |
nt!KeBugCheckEx: | |
fffff802`2e5fda40 48894c2408 mov qword ptr [rsp+8],rcx ss:0018:ffffe90d`1c255b80=000000000000003b | |
12: kd> !analyze -v | |
******************************************************************************* | |
* * | |
* Bugcheck Analysis * | |
* * | |
******************************************************************************* | |
SYSTEM_SERVICE_EXCEPTION (3b) | |
An exception happened while executing a system service routine. | |
Arguments: | |
Arg1: 00000000c0000006, Exception code that caused the BugCheck | |
Arg2: fffff8022e8b2701, Address of the instruction which caused the BugCheck | |
Arg3: ffffe90d1c256480, Address of the context record for the exception that caused the BugCheck | |
Arg4: 0000000000000000, zero. | |
Debugging Details: | |
------------------ | |
************************************************************************* | |
*** *** | |
*** *** | |
*** Either you specified an unqualified symbol, or your debugger *** | |
*** doesn't have full symbol information. Unqualified symbol *** | |
*** resolution is turned off by default. Please either specify a *** | |
*** fully qualified symbol module!symbolname, or enable resolution *** | |
*** of unqualified symbols by typing ".symopt- 100". Note that *** | |
*** enabling unqualified symbol resolution with network symbol *** | |
*** server shares in the symbol path may cause the debugger to *** | |
*** appear to hang for long periods of time when an incorrect *** | |
*** symbol name is typed or the network symbol server is down. *** | |
*** *** | |
*** For some commands to work properly, your symbol path *** | |
*** must point to .pdb files that have full type information. *** | |
*** *** | |
*** Certain .pdb files (such as the public OS symbols) do not *** | |
*** contain the required information. Contact the group that *** | |
*** provided you with these symbols if you need this command to *** | |
*** work. *** | |
*** *** | |
*** Type referenced: ExceptionRecord *** | |
*** *** | |
************************************************************************* | |
************************************************************************* | |
*** *** | |
*** *** | |
*** Either you specified an unqualified symbol, or your debugger *** | |
*** doesn't have full symbol information. Unqualified symbol *** | |
*** resolution is turned off by default. Please either specify a *** | |
*** fully qualified symbol module!symbolname, or enable resolution *** | |
*** of unqualified symbols by typing ".symopt- 100". Note that *** | |
*** enabling unqualified symbol resolution with network symbol *** | |
*** server shares in the symbol path may cause the debugger to *** | |
*** appear to hang for long periods of time when an incorrect *** | |
*** symbol name is typed or the network symbol server is down. *** | |
*** *** | |
*** For some commands to work properly, your symbol path *** | |
*** must point to .pdb files that have full type information. *** | |
*** *** | |
*** Certain .pdb files (such as the public OS symbols) do not *** | |
*** contain the required information. Contact the group that *** | |
*** provided you with these symbols if you need this command to *** | |
*** work. *** | |
*** *** | |
*** Type referenced: ContextRecord *** | |
*** *** | |
************************************************************************* | |
************************************************************************* | |
*** *** | |
*** *** | |
*** Either you specified an unqualified symbol, or your debugger *** | |
*** doesn't have full symbol information. Unqualified symbol *** | |
*** resolution is turned off by default. Please either specify a *** | |
*** fully qualified symbol module!symbolname, or enable resolution *** | |
*** of unqualified symbols by typing ".symopt- 100". Note that *** | |
*** enabling unqualified symbol resolution with network symbol *** | |
*** server shares in the symbol path may cause the debugger to *** | |
*** appear to hang for long periods of time when an incorrect *** | |
*** symbol name is typed or the network symbol server is down. *** | |
*** *** | |
*** For some commands to work properly, your symbol path *** | |
*** must point to .pdb files that have full type information. *** | |
*** *** | |
*** Certain .pdb files (such as the public OS symbols) do not *** | |
*** contain the required information. Contact the group that *** | |
*** provided you with these symbols if you need this command to *** | |
*** work. *** | |
*** *** | |
*** Type referenced: ExceptionRecord *** | |
*** *** | |
************************************************************************* | |
************************************************************************* | |
*** *** | |
*** *** | |
*** Either you specified an unqualified symbol, or your debugger *** | |
*** doesn't have full symbol information. Unqualified symbol *** | |
*** resolution is turned off by default. Please either specify a *** | |
*** fully qualified symbol module!symbolname, or enable resolution *** | |
*** of unqualified symbols by typing ".symopt- 100". Note that *** | |
*** enabling unqualified symbol resolution with network symbol *** | |
*** server shares in the symbol path may cause the debugger to *** | |
*** appear to hang for long periods of time when an incorrect *** | |
*** symbol name is typed or the network symbol server is down. *** | |
*** *** | |
*** For some commands to work properly, your symbol path *** | |
*** must point to .pdb files that have full type information. *** | |
*** *** | |
*** Certain .pdb files (such as the public OS symbols) do not *** | |
*** contain the required information. Contact the group that *** | |
*** provided you with these symbols if you need this command to *** | |
*** work. *** | |
*** *** | |
*** Type referenced: ContextRecord *** | |
*** *** | |
************************************************************************* | |
KEY_VALUES_STRING: 1 | |
Key : Analysis.CPU.mSec | |
Value: 2077 | |
Key : Analysis.Elapsed.mSec | |
Value: 4505 | |
Key : Analysis.IO.Other.Mb | |
Value: 0 | |
Key : Analysis.IO.Read.Mb | |
Value: 0 | |
Key : Analysis.IO.Write.Mb | |
Value: 0 | |
Key : Analysis.Init.CPU.mSec | |
Value: 327 | |
Key : Analysis.Init.Elapsed.mSec | |
Value: 3885 | |
Key : Analysis.Memory.CommitPeak.Mb | |
Value: 82 | |
Key : Bugcheck.Code.LegacyAPI | |
Value: 0x3b | |
Key : Bugcheck.Code.TargetModel | |
Value: 0x3b | |
Key : Dump.Attributes.AsUlong | |
Value: 8 | |
Key : Dump.Attributes.KernelGeneratedTriageDump | |
Value: 1 | |
Key : Failure.Bucket | |
Value: 0x3B_C0000006_nt!HvpGetCellPaged | |
Key : Failure.Hash | |
Value: {68f3db38-ae8e-4bae-c37a-85819946495f} | |
BUGCHECK_CODE: 3b | |
BUGCHECK_P1: c0000006 | |
BUGCHECK_P2: fffff8022e8b2701 | |
BUGCHECK_P3: ffffe90d1c256480 | |
BUGCHECK_P4: 0 | |
FILE_IN_CAB: 2024-04-14.dmp | |
DUMP_FILE_ATTRIBUTES: 0x8 | |
Kernel Generated Triage Dump | |
CONTEXT: ffffe90d1c256480 -- (.cxr 0xffffe90d1c256480) | |
rax=0000000000000000 rbx=0000000000000000 rcx=0000000000000007 | |
rdx=000000000000001c rsi=ffffe90d1c257220 rdi=ffffe90d1c256f00 | |
rip=fffff8022e8b2701 rsp=ffffe90d1c256e80 rbp=ffffe90d1c256fc1 | |
r8=ffffd9072e962640 r9=000001954303e3b8 r10=00000000000003b8 | |
r11=000000000290d3b8 r12=0000000000000000 r13=ffff9706c32dc000 | |
r14=000000007cce0a66 r15=00000195413aca6c | |
iopl=0 nv up ei pl nz na po nc | |
cs=0010 ss=0018 ds=002b es=002b fs=0053 gs=002b efl=00050206 | |
nt!HvpGetCellPaged+0xc1: | |
fffff802`2e8b2701 418b01 mov eax,dword ptr [r9] ds:002b:00000195`4303e3b8=???????? | |
Resetting default scope | |
BLACKBOXBSD: 1 (!blackboxbsd) | |
BLACKBOXNTFS: 1 (!blackboxntfs) | |
BLACKBOXPNP: 1 (!blackboxpnp) | |
BLACKBOXWINLOGON: 1 | |
CUSTOMER_CRASH_COUNT: 14 | |
PROCESS_NAME: Registry | |
STACK_TEXT: | |
ffffe90d`1c256e80 fffff802`2e81af7f : 00000000`00000000 ffffe90d`1c257220 ffff9706`c93752d0 00000000`00000000 : nt!HvpGetCellPaged+0xc1 | |
ffffe90d`1c256ec0 fffff802`2e824f7e : 00000001`ffffffff 00000000`9796f2de 00000000`00000000 ffff9706`00000000 : nt!CmpDoCompareKeyName+0x3f | |
ffffe90d`1c256f00 fffff802`2e838060 : ffff9706`c93752d0 ffffe90d`1c257170 ffffe90d`1c257110 ffffe90d`1c257190 : nt!CmpWalkOneLevel+0x61e | |
ffffe90d`1c257010 fffff802`2e8373c3 : 00000000`0000001c ffffe90d`1c257360 ffffe90d`1c257318 ffffd907`2dc0c010 : nt!CmpDoParseKey+0xa00 | |
ffffe90d`1c2572b0 fffff802`2e833527 : fffff802`2e837101 ffff9706`00000000 ffffd907`2dc0c010 00000000`6d4e6201 : nt!CmpParseKey+0x2c3 | |
ffffe90d`1c257450 fffff802`2e83baca : ffffd907`2dc0c001 ffffe90d`1c2576b8 ffffe90d`00000040 ffffd907`1bbd7da0 : nt!ObpLookupObjectName+0x1117 | |
ffffe90d`1c257620 fffff802`2e83b8ac : 00000000`00000000 00000000`00000000 00000000`00000000 ffffd907`1bbd7da0 : nt!ObOpenObjectByNameEx+0x1fa | |
ffffe90d`1c257750 fffff802`2e83b1f1 : 0000002e`df39cc48 ffffe90d`1c257ac0 00000000`00000001 fffff802`2e43d76e : nt!ObOpenObjectByName+0x5c | |
ffffe90d`1c2577a0 fffff802`2e83af1f : 10000000`00000041 0000002e`df39d3a8 00000000`01000006 00007ffa`260d5220 : nt!CmOpenKey+0x2c1 | |
ffffe90d`1c257a00 fffff802`2e6119c5 : 00000220`f78c8a00 00000000`00000002 ffffe90d`1c257ac0 ffffd907`327cea10 : nt!NtOpenKeyEx+0xf | |
ffffe90d`1c257a40 00007ffa`4ae6f3f4 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x25 | |
0000002e`df39cbe8 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x00007ffa`4ae6f3f4 | |
SYMBOL_NAME: nt!HvpGetCellPaged+c1 | |
MODULE_NAME: nt | |
IMAGE_NAME: ntkrnlmp.exe | |
IMAGE_VERSION: 10.0.19041.4291 | |
STACK_COMMAND: .cxr 0xffffe90d1c256480 ; kb | |
BUCKET_ID_FUNC_OFFSET: c1 | |
FAILURE_BUCKET_ID: 0x3B_C0000006_nt!HvpGetCellPaged | |
OSPLATFORM_TYPE: x64 | |
OSNAME: Windows 10 | |
FAILURE_ID_HASH: {68f3db38-ae8e-4bae-c37a-85819946495f} | |
Followup: MachineOwner | |
--------- | |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
************* Preparing the environment for Debugger Extensions Gallery repositories ************** | |
ExtensionRepository : Implicit | |
UseExperimentalFeatureForNugetShare : true | |
AllowNugetExeUpdate : true | |
NonInteractiveNuget : true | |
AllowNugetMSCredentialProviderInstall : true | |
AllowParallelInitializationOfLocalRepositories : true | |
EnableRedirectToV8JsProvider : false | |
-- Configuring repositories | |
----> Repository : LocalInstalled, Enabled: true | |
----> Repository : UserExtensions, Enabled: true | |
>>>>>>>>>>>>> Preparing the environment for Debugger Extensions Gallery repositories completed, duration 0.000 seconds | |
************* Waiting for Debugger Extensions Gallery to Initialize ************** | |
>>>>>>>>>>>>> Waiting for Debugger Extensions Gallery to Initialize completed, duration 0.016 seconds | |
----> Repository : UserExtensions, Enabled: true, Packages count: 0 | |
----> Repository : LocalInstalled, Enabled: true, Packages count: 41 | |
Microsoft (R) Windows Debugger Version 10.0.27553.1004 AMD64 | |
Copyright (c) Microsoft Corporation. All rights reserved. | |
Loading Dump File [C:\Users\maomao\OneDrive\文档\2024-04-21-1.dmp] | |
Mini Kernel Dump File: Only registers and stack trace are available | |
************* Path validation summary ************** | |
Response Time (ms) Location | |
Deferred srv* | |
Symbol search path is: srv* | |
Executable search path is: | |
Windows 10 Kernel Version 19041 MP (16 procs) Free x64 | |
Product: WinNt, suite: TerminalServer SingleUserTS | |
Kernel base = 0xfffff807`14000000 PsLoadedModuleList = 0xfffff807`14c2a790 | |
Debug session time: Sun Apr 21 16:35:10.624 2024 (UTC + 8:00) | |
System Uptime: 6 days 16:00:55.274 | |
Loading Kernel Symbols | |
............................................................... | |
................................................................ | |
................................................................ | |
..... | |
Loading User Symbols | |
PEB is paged out (Peb.Ldr = 000000c6`b82e4018). Type ".hh dbgerr001" for details | |
Loading unloaded module list | |
............ | |
For analysis of this file, run !analyze -v | |
nt!KeBugCheckEx: | |
fffff807`143fda40 48894c2408 mov qword ptr [rsp+8],rcx ss:0018:ffffc181`18186920=000000000000007a | |
0: kd> !analyze -v | |
******************************************************************************* | |
* * | |
* Bugcheck Analysis * | |
* * | |
******************************************************************************* | |
KERNEL_DATA_INPAGE_ERROR (7a) | |
The requested page of kernel data could not be read in. Typically caused by | |
a bad block in the paging file or disk controller error. Also see | |
KERNEL_STACK_INPAGE_ERROR. | |
If the error status is 0xC000000E, 0xC000009C, 0xC000009D or 0xC0000185, | |
it means the disk subsystem has experienced a failure. | |
If the error status is 0xC000009A, then it means the request failed because | |
a filesystem failed to make forward progress. | |
Arguments: | |
Arg1: ffffe08f566210b0, lock type that was held (value 1,2,3, or PTE address) | |
Arg2: ffffffffc0000185, error status (normally i/o status code) | |
Arg3: 00000008582ad860, current process (virtual address for lock type 3, or PTE) | |
Arg4: ffffca0cf58e6238, virtual address that could not be in-paged (or PTE contents if arg1 is a PTE address) | |
Debugging Details: | |
------------------ | |
KEY_VALUES_STRING: 1 | |
Key : Analysis.CPU.mSec | |
Value: 1499 | |
Key : Analysis.Elapsed.mSec | |
Value: 2324 | |
Key : Analysis.IO.Other.Mb | |
Value: 0 | |
Key : Analysis.IO.Read.Mb | |
Value: 0 | |
Key : Analysis.IO.Write.Mb | |
Value: 0 | |
Key : Analysis.Init.CPU.mSec | |
Value: 390 | |
Key : Analysis.Init.Elapsed.mSec | |
Value: 3644 | |
Key : Analysis.Memory.CommitPeak.Mb | |
Value: 102 | |
Key : Bugcheck.Code.LegacyAPI | |
Value: 0x7a | |
Key : Bugcheck.Code.TargetModel | |
Value: 0x7a | |
Key : Dump.Attributes.AsUlong | |
Value: 8 | |
Key : Dump.Attributes.KernelGeneratedTriageDump | |
Value: 1 | |
Key : Failure.Bucket | |
Value: 0x7a_c0000185_DUMP_STORPORTDUMP_STORNVME_win32kfull!EditionInitiateMouseEventProcessing | |
Key : Failure.Hash | |
Value: {3c916996-357d-dc6f-d3bd-651b97e4f923} | |
BUGCHECK_CODE: 7a | |
BUGCHECK_P1: ffffe08f566210b0 | |
BUGCHECK_P2: ffffffffc0000185 | |
BUGCHECK_P3: 8582ad860 | |
BUGCHECK_P4: ffffca0cf58e6238 | |
FILE_IN_CAB: 2024-04-21-1.dmp | |
DUMP_FILE_ATTRIBUTES: 0x8 | |
Kernel Generated Triage Dump | |
ERROR_CODE: (NTSTATUS) 0xc0000185 - I/O I/O | |
DISK_HARDWARE_ERROR: There was error with disk hardware | |
BLACKBOXBSD: 1 (!blackboxbsd) | |
BLACKBOXDISK: 1 | |
DISKSEC_ORG_ID: | |
DISKSEC_MODEL: | |
DISKSEC_MANUFACTURING_ID: | |
DISKSEC_ISSUE_DESC_STR: | |
DISKSEC_TOTAL_SIZE: 0 | |
DISKSEC_REASON: 0 | |
DISKSEC_PUBLIC_TOTAL_SECTION_SIZE: 0 | |
DISKSEC_PUBLIC_OFFSET: 0 | |
DISKSEC_PUBLIC_DATA_SIZE: 0 | |
DISKSEC_PRIVATE_TOTAL_SECTION_SIZE: 0 | |
DISKSEC_PRIVATE_OFFSET: 0 | |
DISKSEC_PRIVATE_DATA_SIZE: 0 | |
BLACKBOXNTFS: 1 (!blackboxntfs) | |
BLACKBOXPNP: 1 (!blackboxpnp) | |
BLACKBOXWINLOGON: 1 | |
PROCESS_NAME: csrss.exe | |
TRAP_FRAME: ffffc18118186cc0 -- (.trap 0xffffc18118186cc0) | |
NOTE: The trap frame does not contain all registers. | |
Some register values may be zeroed or incorrect. | |
rax=0000000000000001 rbx=0000000000000000 rcx=00000000000001b8 | |
rdx=000000000000007d rsi=0000000000000000 rdi=0000000000000000 | |
rip=ffffca0cf58e6238 rsp=ffffc18118186e58 rbp=ffffc18118186f51 | |
r8=ffffc18118186ee0 r9=0000000000000002 r10=7ffffffffffffffc | |
r11=ffffca8583e0c000 r12=0000000000000000 r13=0000000000000000 | |
r14=0000000000000000 r15=0000000000000000 | |
iopl=0 nv up ei pl nz na pe nc | |
win32kfull!UserBeep: | |
ffffca0c`f58e6238 48895c2408 mov qword ptr [rsp+8],rbx ss:0018:ffffc181`18186e60=0000000000000000 | |
Resetting default scope | |
STACK_TEXT: | |
ffffc181`18186918 fffff807`14265f29 : 00000000`0000007a ffffe08f`566210b0 ffffffff`c0000185 00000008`582ad860 : nt!KeBugCheckEx | |
ffffc181`18186920 fffff807`14266325 : ffffc181`00008000 ffffc181`18186a00 ffffc181`18186ab0 fffff807`00000000 : nt!MiWaitForInPageComplete+0x7d9 | |
ffffc181`18186a10 fffff807`1421c308 : 00000000`c0033333 00000000`00000000 ffffca0c`f58e6238 00000000`00000000 : nt!MiIssueHardFault+0x3c5 | |
ffffc181`18186b20 fffff807`1440db29 : 00000000`00000000 00000000`00000000 00000001`00000000 00000000`00000000 : nt!MmAccessFault+0x468 | |
ffffc181`18186cc0 ffffca0c`f58e6238 : ffffca0c`f58802bf 00000000`00000000 fffff807`1423cee3 ffffca85`836a5080 : nt!KiPageFault+0x369 | |
ffffc181`18186e58 ffffca0c`f58802bf : 00000000`00000000 fffff807`1423cee3 ffffca85`836a5080 ffffca23`c0675ad8 : win32kfull!UserBeep | |
ffffc181`18186e60 ffffca0c`f549790b : 00000000`00000001 ffffca0c`f5497a2c 00000000`00000000 00000000`00000000 : win32kfull!EditionInitiateMouseEventProcessing+0xa90af | |
ffffc181`18186e90 ffffca0c`f5507396 : 00000001`00000002 ffffc181`181871c0 00000000`00000000 0000053c`61bcae08 : win32kbase!ApiSetEditionInitiateMouseEventProcessing+0x6b | |
ffffc181`18186ed0 ffffca0c`f54972b1 : 00000396`00000bd4 ffffc181`18186ff0 00000396`00000bd4 ffffc181`181871c0 : win32kbase!CMouseProcessor::QueueMouseEvent+0x700ce | |
ffffc181`18186fb0 ffffca0c`f55b8a30 : 00000396`00000bd5 00000396`00000bd4 ffffca23`c06067e8 00000000`00000000 : win32kbase!CMouseProcessor::ProcessMouseInputData+0x185 | |
ffffc181`18187030 ffffca0c`f55a9c9a : ffffca23`c06067d0 ffffca0c`f55a9d80 ffffca85`7f92d0c8 ffffca23`c06062d0 : win32kbase!CMouseProcessor::ProcessInput+0x524 | |
ffffc181`18187270 ffffca0c`f55aa003 : ffffca23`c06062d0 0000053c`61bcae00 ffffca23`c06067d0 ffffca85`7f92d0c8 : win32kbase!CMouseSensor::FlushMouseReports+0x42 | |
ffffc181`181872b0 ffffca0c`f55a9f34 : ffffca23`c9fdd8c0 00000000`00000018 ffffca23`c0606200 ffffca23`c06062d0 : win32kbase!CMouseSensor::ProcessInputWithRateLimitingIfEnabled+0xb3 | |
ffffc181`18187300 ffffca0c`f559c1cb : ffffca0c`f56007c0 ffffc181`18187440 ffffca23`c06062d0 ffffca85`7f92d1c8 : win32kbase!CMouseSensor::ProcessInput+0x54 | |
ffffc181`18187340 ffffca0c`f54ad07e : 00000000`00000040 ffffca0c`f56007c0 00000000`00000001 3518d77e`410f0000 : win32kbase!CBaseInput::OnReadNotification+0x52b | |
ffffc181`18187480 ffffca0c`f54acd52 : ffffca85`836a5080 ffffca23`c0673060 00000000`00000006 ffff2cce`f5cb79f3 : win32kbase!CBaseInput::OnDispatcherObjectSignaled+0x31e | |
ffffc181`181875c0 ffffca0c`f54a0a3f : ffffca0c`f5648330 ffffca23`c0673060 ffffca0c`f5641a70 00000000`00000000 : win32kbase!CBaseInput::_OnDispatcherObjectSignaled+0x12 | |
ffffc181`181875f0 ffffca0c`f54a0790 : 00000000`00000006 ffffca0c`f5648330 00000000`00000006 ffffca23`00000000 : win32kbase!LegacyInputDispatcher::Dispatch+0x53 | |
ffffc181`18187620 ffffca0c`f57a7813 : ffffca23`c064c420 ffffca23`c064c420 00000000`00000004 00000000`00000001 : win32kbase!LegacyInputDispatcher::WaitAndDispatch+0x100 | |
ffffc181`18187750 ffffca0c`f57a73e4 : 00000000`00000004 00000000`00000004 00000000`0000000d ffffca0c`f5649b00 : win32kfull!xxxDesktopThreadWaiter+0x12b | |
ffffc181`181877d0 ffffca0c`f54124b4 : ffffca85`836a5080 ffffca85`836a5080 00000000`00000000 00000000`00000005 : win32kfull!xxxDesktopThread+0x544 | |
ffffc181`181878b0 ffffca0c`f56fa611 : ffffca85`836a5080 00000000`00000000 00000000`00000005 00000000`00000005 : win32kbase!xxxCreateSystemThreads+0xc4 | |
ffffc181`181879e0 ffffca0c`f5af474e : ffffca85`836a5080 ffffca85`836a5080 00000000`00000000 00000000`00000000 : win32kfull!NtUserCallNoParam+0x71 | |
ffffc181`18187a10 fffff807`144119c5 : ffffca85`00000005 00000000`00000005 00000283`848040f0 00000000`00000710 : win32k!NtUserCallNoParam+0x16 | |
ffffc181`18187a40 00007ffa`dc1a10e4 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x25 | |
000000c6`b89bfae8 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x00007ffa`dc1a10e4 | |
SYMBOL_NAME: win32kfull!EditionInitiateMouseEventProcessing+a90af | |
MODULE_NAME: win32kfull | |
IMAGE_NAME: win32kfull.sys | |
IMAGE_VERSION: 10.0.19041.4291 | |
STACK_COMMAND: .cxr; .ecxr ; kb | |
BUCKET_ID_FUNC_OFFSET: a90af | |
FAILURE_BUCKET_ID: 0x7a_c0000185_DUMP_STORPORTDUMP_STORNVME_win32kfull!EditionInitiateMouseEventProcessing | |
OSPLATFORM_TYPE: x64 | |
OSNAME: Windows 10 | |
FAILURE_ID_HASH: {3c916996-357d-dc6f-d3bd-651b97e4f923} | |
Followup: MachineOwner | |
--------- | |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
************* Preparing the environment for Debugger Extensions Gallery repositories ************** | |
ExtensionRepository : Implicit | |
UseExperimentalFeatureForNugetShare : true | |
AllowNugetExeUpdate : true | |
NonInteractiveNuget : true | |
AllowNugetMSCredentialProviderInstall : true | |
AllowParallelInitializationOfLocalRepositories : true | |
EnableRedirectToV8JsProvider : false | |
-- Configuring repositories | |
----> Repository : LocalInstalled, Enabled: true | |
----> Repository : UserExtensions, Enabled: true | |
>>>>>>>>>>>>> Preparing the environment for Debugger Extensions Gallery repositories completed, duration 0.000 seconds | |
************* Waiting for Debugger Extensions Gallery to Initialize ************** | |
>>>>>>>>>>>>> Waiting for Debugger Extensions Gallery to Initialize completed, duration 0.016 seconds | |
----> Repository : UserExtensions, Enabled: true, Packages count: 0 | |
----> Repository : LocalInstalled, Enabled: true, Packages count: 41 | |
Microsoft (R) Windows Debugger Version 10.0.27553.1004 AMD64 | |
Copyright (c) Microsoft Corporation. All rights reserved. | |
Loading Dump File [C:\Users\maomao\OneDrive\文档\2024-04-21-2.dmp] | |
Mini Kernel Dump File: Only registers and stack trace are available | |
************* Path validation summary ************** | |
Response Time (ms) Location | |
Deferred srv* | |
Symbol search path is: srv* | |
Executable search path is: | |
Windows 10 Kernel Version 19041 MP (16 procs) Free x64 | |
Product: WinNt, suite: TerminalServer SingleUserTS | |
Kernel base = 0xfffff807`0d200000 PsLoadedModuleList = 0xfffff807`0de2a790 | |
Debug session time: Sun Apr 21 23:56:38.479 2024 (UTC + 8:00) | |
System Uptime: 0 days 7:21:10.144 | |
Loading Kernel Symbols | |
............................................................... | |
................................................................ | |
................................................................ | |
........ | |
Loading User Symbols | |
PEB is paged out (Peb.Ldr = 000000e9`e0a88018). Type ".hh dbgerr001" for details | |
Loading unloaded module list | |
.............. | |
For analysis of this file, run !analyze -v | |
nt!KeBugCheckEx: | |
fffff807`0d5fda40 48894c2408 mov qword ptr [rsp+8],rcx ss:0018:ffff8f06`13c06660=000000000000007a | |
0: kd> !analyze -v | |
******************************************************************************* | |
* * | |
* Bugcheck Analysis * | |
* * | |
******************************************************************************* | |
KERNEL_DATA_INPAGE_ERROR (7a) | |
The requested page of kernel data could not be read in. Typically caused by | |
a bad block in the paging file or disk controller error. Also see | |
KERNEL_STACK_INPAGE_ERROR. | |
If the error status is 0xC000000E, 0xC000009C, 0xC000009D or 0xC0000185, | |
it means the disk subsystem has experienced a failure. | |
If the error status is 0xC000009A, then it means the request failed because | |
a filesystem failed to make forward progress. | |
Arguments: | |
Arg1: ffff82dec377b6e0, lock type that was held (value 1,2,3, or PTE address) | |
Arg2: ffffffffc0000185, error status (normally i/o status code) | |
Arg3: 0000000123c44880, current process (virtual address for lock type 3, or PTE) | |
Arg4: ffffbd86ef6dc2a8, virtual address that could not be in-paged (or PTE contents if arg1 is a PTE address) | |
Debugging Details: | |
------------------ | |
KEY_VALUES_STRING: 1 | |
Key : Analysis.CPU.mSec | |
Value: 1593 | |
Key : Analysis.Elapsed.mSec | |
Value: 1611 | |
Key : Analysis.IO.Other.Mb | |
Value: 0 | |
Key : Analysis.IO.Read.Mb | |
Value: 0 | |
Key : Analysis.IO.Write.Mb | |
Value: 0 | |
Key : Analysis.Init.CPU.mSec | |
Value: 390 | |
Key : Analysis.Init.Elapsed.mSec | |
Value: 9053 | |
Key : Analysis.Memory.CommitPeak.Mb | |
Value: 94 | |
Key : Bugcheck.Code.LegacyAPI | |
Value: 0x7a | |
Key : Bugcheck.Code.TargetModel | |
Value: 0x7a | |
Key : Dump.Attributes.AsUlong | |
Value: 8 | |
Key : Dump.Attributes.KernelGeneratedTriageDump | |
Value: 1 | |
Key : Failure.Bucket | |
Value: 0x7a_c0000185_DUMP_STORNVMEDUMP_STORPORT_WdFilter!unknown_function | |
Key : Failure.Hash | |
Value: {583a70be-e583-303f-b204-7f0ac69a89f4} | |
BUGCHECK_CODE: 7a | |
BUGCHECK_P1: ffff82dec377b6e0 | |
BUGCHECK_P2: ffffffffc0000185 | |
BUGCHECK_P3: 123c44880 | |
BUGCHECK_P4: ffffbd86ef6dc2a8 | |
FILE_IN_CAB: 2024-04-21-2.dmp | |
DUMP_FILE_ATTRIBUTES: 0x8 | |
Kernel Generated Triage Dump | |
ERROR_CODE: (NTSTATUS) 0xc0000185 - I/O I/O | |
DISK_HARDWARE_ERROR: There was error with disk hardware | |
BLACKBOXBSD: 1 (!blackboxbsd) | |
BLACKBOXDISK: 1 | |
DISKSEC_ORG_ID: | |
DISKSEC_MODEL: | |
DISKSEC_MANUFACTURING_ID: | |
DISKSEC_ISSUE_DESC_STR: | |
DISKSEC_TOTAL_SIZE: 0 | |
DISKSEC_REASON: 0 | |
DISKSEC_PUBLIC_TOTAL_SECTION_SIZE: 0 | |
DISKSEC_PUBLIC_OFFSET: 0 | |
DISKSEC_PUBLIC_DATA_SIZE: 0 | |
DISKSEC_PRIVATE_TOTAL_SECTION_SIZE: 0 | |
DISKSEC_PRIVATE_OFFSET: 0 | |
DISKSEC_PRIVATE_DATA_SIZE: 0 | |
BLACKBOXNTFS: 1 (!blackboxntfs) | |
BLACKBOXPNP: 1 (!blackboxpnp) | |
BLACKBOXWINLOGON: 1 | |
PROCESS_NAME: chrome.exe | |
TRAP_FRAME: ffff8f0613c06a00 -- (.trap 0xffff8f0613c06a00) | |
NOTE: The trap frame does not contain all registers. | |
Some register values may be zeroed or incorrect. | |
rax=ffffbd86ef6dc288 rbx=0000000000000000 rcx=ffffbd86ef6dc288 | |
rdx=ffffce0feb2cbbb8 rsi=0000000000000000 rdi=0000000000000000 | |
rip=fffff80709a12ba6 rsp=ffff8f0613c06b90 rbp=ffffce0fdd815b30 | |
r8=ffffce0fee604a80 r9=ffffbd86ed339e88 r10=ffffce0fdd815b30 | |
r11=0000000000000000 r12=0000000000000000 r13=0000000000000000 | |
r14=0000000000000000 r15=0000000000000000 | |
iopl=0 nv up ei ng nz na po nc | |
FLTMGR!SetContextIntoStreamList+0x246: | |
fffff807`09a12ba6 488b4020 mov rax,qword ptr [rax+20h] ds:ffffbd86`ef6dc2a8=???????????????? | |
Resetting default scope | |
STACK_TEXT: | |
ffff8f06`13c06658 fffff807`0d465f29 : 00000000`0000007a ffff82de`c377b6e0 ffffffff`c0000185 00000001`23c44880 : nt!KeBugCheckEx | |
ffff8f06`13c06660 fffff807`0d466325 : ffff8f06`00003000 ffff8f06`13c06700 ffff8f06`13c067f0 fffff807`00000000 : nt!MiWaitForInPageComplete+0x7d9 | |
ffff8f06`13c06750 fffff807`0d41c308 : 00000000`c0033333 00000000`00000000 ffffbd86`ef6dc2a8 00000000`00000000 : nt!MiIssueHardFault+0x3c5 | |
ffff8f06`13c06860 fffff807`0d60db29 : ffffce0f`dd816180 ffffce0f`dd816180 ffffce0f`e64d9a20 ffffce0f`e6b13d78 : nt!MmAccessFault+0x468 | |
ffff8f06`13c06a00 fffff807`09a12ba6 : ffffbd86`ed339e70 00000000`00000000 ffffce0f`00000000 00000000`00000000 : nt!KiPageFault+0x369 | |
ffff8f06`13c06b90 fffff807`09a123b8 : ffffce0f`eb2cbb60 ffffce0f`ee604a80 ffff8f06`00000001 ffffbd86`ed339ed0 : FLTMGR!SetContextIntoStreamList+0x246 | |
ffff8f06`13c06c30 fffff807`0fbf7e82 : ffff8f06`13c06d68 ffff8f06`13c07098 ffff8f06`13c06d20 ffffce0f`ee9904c0 : FLTMGR!FltSetStreamHandleContext+0x28 | |
ffff8f06`13c06c80 ffff8f06`13c06d68 : ffff8f06`13c07098 ffff8f06`13c06d20 ffffce0f`ee9904c0 ffff8f06`13c06d08 : WdFilter+0x47e82 | |
ffff8f06`13c06c88 ffff8f06`13c07098 : ffff8f06`13c06d20 ffffce0f`ee9904c0 ffff8f06`13c06d08 fffff807`0fbb2cdd : 0xffff8f06`13c06d68 | |
ffff8f06`13c06c90 ffff8f06`13c06d20 : ffffce0f`ee9904c0 ffff8f06`13c06d08 fffff807`0fbb2cdd ffffce0f`00000000 : 0xffff8f06`13c07098 | |
ffff8f06`13c06c98 ffffce0f`ee9904c0 : ffff8f06`13c06d08 fffff807`0fbb2cdd ffffce0f`00000000 ffffce0f`eb2cbba8 : 0xffff8f06`13c06d20 | |
ffff8f06`13c06ca0 ffff8f06`13c06d08 : fffff807`0fbb2cdd ffffce0f`00000000 ffffce0f`eb2cbba8 ffffbd86`ebaa11f0 : 0xffffce0f`ee9904c0 | |
ffff8f06`13c06ca8 fffff807`0fbb2cdd : ffffce0f`00000000 ffffce0f`eb2cbba8 ffffbd86`ebaa11f0 ffffce0f`ee990588 : 0xffff8f06`13c06d08 | |
ffff8f06`13c06cb0 ffffce0f`00000000 : ffffce0f`eb2cbba8 ffffbd86`ebaa11f0 ffffce0f`ee990588 fffff807`0fbd3000 : WdFilter+0x2cdd | |
ffff8f06`13c06cb8 ffffce0f`eb2cbba8 : ffffbd86`ebaa11f0 ffffce0f`ee990588 fffff807`0fbd3000 ffff8f06`13c07098 : 0xffffce0f`00000000 | |
ffff8f06`13c06cc0 ffffbd86`ebaa11f0 : ffffce0f`ee990588 fffff807`0fbd3000 ffff8f06`13c07098 ffff8f06`13c07000 : 0xffffce0f`eb2cbba8 | |
ffff8f06`13c06cc8 ffffce0f`ee990588 : fffff807`0fbd3000 ffff8f06`13c07098 ffff8f06`13c07000 fffff807`0fbf7a34 : 0xffffbd86`ebaa11f0 | |
ffff8f06`13c06cd0 fffff807`0fbd3000 : ffff8f06`13c07098 ffff8f06`13c07000 fffff807`0fbf7a34 ffff8f06`13c06e20 : 0xffffce0f`ee990588 | |
ffff8f06`13c06cd8 ffff8f06`13c07098 : ffff8f06`13c07000 fffff807`0fbf7a34 ffff8f06`13c06e20 fffff807`09a13e71 : WdFilter+0x23000 | |
ffff8f06`13c06ce0 ffff8f06`13c07000 : fffff807`0fbf7a34 ffff8f06`13c06e20 fffff807`09a13e71 ffffbd86`ed339ed0 : 0xffff8f06`13c07098 | |
ffff8f06`13c06ce8 fffff807`0fbf7a34 : ffff8f06`13c06e20 fffff807`09a13e71 ffffbd86`ed339ed0 00000000`00000000 : 0xffff8f06`13c07000 | |
ffff8f06`13c06cf0 ffff8f06`13c06e20 : fffff807`09a13e71 ffffbd86`ed339ed0 00000000`00000000 ffffbd86`ebaa1100 : WdFilter+0x47a34 | |
ffff8f06`13c06cf8 fffff807`09a13e71 : ffffbd86`ed339ed0 00000000`00000000 ffffbd86`ebaa1100 ffff8f06`13c06ff0 : 0xffff8f06`13c06e20 | |
ffff8f06`13c06d00 fffff807`0fbf5726 : ffffbd86`ebaa11f0 ffff8f06`13c07000 ffff8f06`13c07098 ffffbd86`ebaa1100 : FLTMGR!FltGetStreamContext+0xe1 | |
ffff8f06`13c06d50 ffffbd86`ebaa11f0 : ffff8f06`13c07000 ffff8f06`13c07098 ffffbd86`ebaa1100 ffffbd86`ed924d10 : WdFilter+0x45726 | |
ffff8f06`13c06d58 ffff8f06`13c07000 : ffff8f06`13c07098 ffffbd86`ebaa1100 ffffbd86`ed924d10 fffff807`0d43db00 : 0xffffbd86`ebaa11f0 | |
ffff8f06`13c06d60 ffff8f06`13c07098 : ffffbd86`ebaa1100 ffffbd86`ed924d10 fffff807`0d43db00 ffffce0f`e33c66d0 : 0xffff8f06`13c07000 | |
ffff8f06`13c06d68 ffffbd86`ebaa1100 : ffffbd86`ed924d10 fffff807`0d43db00 ffffce0f`e33c66d0 fffff807`0d43d25b : 0xffff8f06`13c07098 | |
ffff8f06`13c06d70 ffffbd86`ed924d10 : fffff807`0d43db00 ffffce0f`e33c66d0 fffff807`0d43d25b 00000000`00000000 : 0xffffbd86`ebaa1100 | |
ffff8f06`13c06d78 fffff807`0d43db00 : ffffce0f`e33c66d0 fffff807`0d43d25b 00000000`00000000 ffff8f06`13c06e71 : 0xffffbd86`ed924d10 | |
ffff8f06`13c06d80 fffff807`00000020 : 00000000`00000000 ffff8f06`13c06e71 ffff8f06`13c06f00 00000000`00000000 : nt!ExReleaseResourceLite+0xd0 | |
ffff8f06`13c06de0 00000000`00000000 : ffff8f06`13c06e71 ffff8f06`13c06f00 00000000`00000000 ffffbd86`f0d21d10 : 0xfffff807`00000020 | |
SYMBOL_NAME: WdFilter+47e82 | |
MODULE_NAME: WdFilter | |
IMAGE_NAME: WdFilter.sys | |
STACK_COMMAND: .cxr; .ecxr ; kb | |
BUCKET_ID_FUNC_OFFSET: 47e82 | |
FAILURE_BUCKET_ID: 0x7a_c0000185_DUMP_STORNVMEDUMP_STORPORT_WdFilter!unknown_function | |
OSPLATFORM_TYPE: x64 | |
OSNAME: Windows 10 | |
FAILURE_ID_HASH: {583a70be-e583-303f-b204-7f0ac69a89f4} | |
Followup: MachineOwner | |
--------- | |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
************* Preparing the environment for Debugger Extensions Gallery repositories ************** | |
ExtensionRepository : Implicit | |
UseExperimentalFeatureForNugetShare : true | |
AllowNugetExeUpdate : true | |
NonInteractiveNuget : true | |
AllowNugetMSCredentialProviderInstall : true | |
AllowParallelInitializationOfLocalRepositories : true | |
EnableRedirectToV8JsProvider : false | |
-- Configuring repositories | |
----> Repository : LocalInstalled, Enabled: true | |
----> Repository : UserExtensions, Enabled: true | |
>>>>>>>>>>>>> Preparing the environment for Debugger Extensions Gallery repositories completed, duration 0.000 seconds | |
************* Waiting for Debugger Extensions Gallery to Initialize ************** | |
>>>>>>>>>>>>> Waiting for Debugger Extensions Gallery to Initialize completed, duration 0.031 seconds | |
----> Repository : UserExtensions, Enabled: true, Packages count: 0 | |
----> Repository : LocalInstalled, Enabled: true, Packages count: 41 | |
Microsoft (R) Windows Debugger Version 10.0.27553.1004 AMD64 | |
Copyright (c) Microsoft Corporation. All rights reserved. | |
Loading Dump File [C:\Users\maomao\OneDrive\文档\2024-04-24.dmp] | |
Mini Kernel Dump File: Only registers and stack trace are available | |
************* Path validation summary ************** | |
Response Time (ms) Location | |
Deferred srv* | |
Symbol search path is: srv* | |
Executable search path is: | |
Windows 10 Kernel Version 19041 MP (16 procs) Free x64 | |
Product: WinNt, suite: TerminalServer SingleUserTS | |
Kernel base = 0xfffff807`3c200000 PsLoadedModuleList = 0xfffff807`3ce2a790 | |
Debug session time: Wed Apr 24 00:11:38.313 2024 (UTC + 8:00) | |
System Uptime: 2 days 0:12:50.971 | |
Loading Kernel Symbols | |
............................................................... | |
................................................................ | |
................................................................ | |
........ | |
Loading User Symbols | |
PEB is paged out (Peb.Ldr = 000000c9`359b6018). Type ".hh dbgerr001" for details | |
Loading unloaded module list | |
................... | |
For analysis of this file, run !analyze -v | |
nt!KeBugCheckEx: | |
fffff807`3c5fda40 48894c2408 mov qword ptr [rsp+8],rcx ss:0018:ffffdb0b`70c3a880=00000000000000ef | |
12: kd> !analyze -v | |
******************************************************************************* | |
* * | |
* Bugcheck Analysis * | |
* * | |
******************************************************************************* | |
CRITICAL_PROCESS_DIED (ef) | |
A critical system process died | |
Arguments: | |
Arg1: ffff9584aee30080, Process object or thread object | |
Arg2: 0000000000000000, If this is 0, a process died. If this is 1, a thread died. | |
Arg3: 0000000000000000, The process object that initiated the termination. | |
Arg4: 0000000000000000 | |
Debugging Details: | |
------------------ | |
KEY_VALUES_STRING: 1 | |
Key : Analysis.CPU.mSec | |
Value: 2343 | |
Key : Analysis.Elapsed.mSec | |
Value: 4856 | |
Key : Analysis.IO.Other.Mb | |
Value: 0 | |
Key : Analysis.IO.Read.Mb | |
Value: 0 | |
Key : Analysis.IO.Write.Mb | |
Value: 0 | |
Key : Analysis.Init.CPU.mSec | |
Value: 342 | |
Key : Analysis.Init.Elapsed.mSec | |
Value: 7249 | |
Key : Analysis.Memory.CommitPeak.Mb | |
Value: 85 | |
Key : Bugcheck.Code.LegacyAPI | |
Value: 0xef | |
Key : Bugcheck.Code.TargetModel | |
Value: 0xef | |
Key : CriticalProcessDied.ExceptionCode | |
Value: ab33f080 | |
Key : CriticalProcessDied.Process | |
Value: csrss.exe | |
Key : Dump.Attributes.AsUlong | |
Value: 8 | |
Key : Dump.Attributes.KernelGeneratedTriageDump | |
Value: 1 | |
Key : Failure.Bucket | |
Value: 0xEF_csrss.exe_BUGCHECK_CRITICAL_PROCESS_ab33f080_nt!PspCatchCriticalBreak | |
Key : Failure.Hash | |
Value: {e52e1a74-c4a7-6819-af1c-724789dc6f83} | |
BUGCHECK_CODE: ef | |
BUGCHECK_P1: ffff9584aee30080 | |
BUGCHECK_P2: 0 | |
BUGCHECK_P3: 0 | |
BUGCHECK_P4: 0 | |
FILE_IN_CAB: 2024-04-24.dmp | |
DUMP_FILE_ATTRIBUTES: 0x8 | |
Kernel Generated Triage Dump | |
PROCESS_NAME: csrss.exe | |
CRITICAL_PROCESS: csrss.exe | |
ERROR_CODE: (NTSTATUS) 0xab33f080 - <Unable to get error code text> | |
BLACKBOXBSD: 1 (!blackboxbsd) | |
BLACKBOXNTFS: 1 (!blackboxntfs) | |
BLACKBOXPNP: 1 (!blackboxpnp) | |
BLACKBOXWINLOGON: 1 | |
CUSTOMER_CRASH_COUNT: 24 | |
STACK_TEXT: | |
ffffdb0b`70c3a878 fffff807`3cb0dee2 : 00000000`000000ef ffff9584`aee30080 00000000`00000000 00000000`00000000 : nt!KeBugCheckEx | |
ffffdb0b`70c3a880 fffff807`3ca1ee69 : 00000000`00000000 fffff807`3c53d9fd 00000000`00000002 fffff807`3c50cc5b : nt!PspCatchCriticalBreak+0x10e | |
ffffdb0b`70c3a920 fffff807`3c8c7390 : ffff9584`00000000 00000000`00000000 ffff9584`aee30080 ffff9584`aee304b8 : nt!PspTerminateAllThreads+0x156edd | |
ffffdb0b`70c3a990 fffff807`3c8c718c : ffff9584`aee30080 00000000`00000000 00000000`00000000 ffff9584`a50f2080 : nt!PspTerminateProcess+0xe0 | |
ffffdb0b`70c3a9d0 fffff807`3c6119c5 : ffff9584`aee30080 ffff9584`ab33f080 ffffdb0b`70c3aac0 ffffffff`ee1e5d00 : nt!NtTerminateProcess+0x9c | |
ffffdb0b`70c3aa40 00007ffc`68dcd564 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x25 | |
000000c9`35a3da78 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x00007ffc`68dcd564 | |
SYMBOL_NAME: nt!PspCatchCriticalBreak+10e | |
MODULE_NAME: nt | |
IMAGE_NAME: ntkrnlmp.exe | |
IMAGE_VERSION: 10.0.19041.4291 | |
STACK_COMMAND: .cxr; .ecxr ; kb | |
BUCKET_ID_FUNC_OFFSET: 10e | |
FAILURE_BUCKET_ID: 0xEF_csrss.exe_BUGCHECK_CRITICAL_PROCESS_ab33f080_nt!PspCatchCriticalBreak | |
OSPLATFORM_TYPE: x64 | |
OSNAME: Windows 10 | |
FAILURE_ID_HASH: {e52e1a74-c4a7-6819-af1c-724789dc6f83} | |
Followup: MachineOwner | |
--------- | |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
************* Preparing the environment for Debugger Extensions Gallery repositories ************** | |
ExtensionRepository : Implicit | |
UseExperimentalFeatureForNugetShare : true | |
AllowNugetExeUpdate : true | |
NonInteractiveNuget : true | |
AllowNugetMSCredentialProviderInstall : true | |
AllowParallelInitializationOfLocalRepositories : true | |
EnableRedirectToV8JsProvider : false | |
-- Configuring repositories | |
----> Repository : LocalInstalled, Enabled: true | |
----> Repository : UserExtensions, Enabled: true | |
>>>>>>>>>>>>> Preparing the environment for Debugger Extensions Gallery repositories completed, duration 0.000 seconds | |
************* Waiting for Debugger Extensions Gallery to Initialize ************** | |
>>>>>>>>>>>>> Waiting for Debugger Extensions Gallery to Initialize completed, duration 0.125 seconds | |
----> Repository : UserExtensions, Enabled: true, Packages count: 0 | |
----> Repository : LocalInstalled, Enabled: true, Packages count: 41 | |
Microsoft (R) Windows Debugger Version 10.0.27553.1004 AMD64 | |
Copyright (c) Microsoft Corporation. All rights reserved. | |
Loading Dump File [C:\Users\maomao\OneDrive\文档\2024-04-29.dmp] | |
Mini Kernel Dump File: Only registers and stack trace are available | |
************* Path validation summary ************** | |
Response Time (ms) Location | |
Deferred srv* | |
Symbol search path is: srv* | |
Executable search path is: | |
Windows 10 Kernel Version 19041 MP (16 procs) Free x64 | |
Product: WinNt, suite: TerminalServer SingleUserTS | |
Kernel base = 0xfffff807`58800000 PsLoadedModuleList = 0xfffff807`5942a790 | |
Debug session time: Mon Apr 29 23:26:02.853 2024 (UTC + 8:00) | |
System Uptime: 0 days 1:46:55.271 | |
Loading Kernel Symbols | |
............................................................... | |
................................................................ | |
................................................................ | |
..... | |
Loading User Symbols | |
PEB is paged out (Peb.Ldr = 0000004b`62f4a018). Type ".hh dbgerr001" for details | |
Loading unloaded module list | |
................. | |
For analysis of this file, run !analyze -v | |
nt!KeBugCheckEx: | |
fffff807`58bfda40 48894c2408 mov qword ptr [rsp+8],rcx ss:0018:ffffec01`2c91f5e0=000000000000007a | |
15: kd> !analyze -v | |
******************************************************************************* | |
* * | |
* Bugcheck Analysis * | |
* * | |
******************************************************************************* | |
KERNEL_DATA_INPAGE_ERROR (7a) | |
The requested page of kernel data could not be read in. Typically caused by | |
a bad block in the paging file or disk controller error. Also see | |
KERNEL_STACK_INPAGE_ERROR. | |
If the error status is 0xC000000E, 0xC000009C, 0xC000009D or 0xC0000185, | |
it means the disk subsystem has experienced a failure. | |
If the error status is 0xC000009A, then it means the request failed because | |
a filesystem failed to make forward progress. | |
Arguments: | |
Arg1: ffff8009026402e0, lock type that was held (value 1,2,3, or PTE address) | |
Arg2: ffffffffc0000185, error status (normally i/o status code) | |
Arg3: 00000002ee056860, current process (virtual address for lock type 3, or PTE) | |
Arg4: fffff52769d2ce44, virtual address that could not be in-paged (or PTE contents if arg1 is a PTE address) | |
Debugging Details: | |
------------------ | |
KEY_VALUES_STRING: 1 | |
Key : Analysis.CPU.mSec | |
Value: 1515 | |
Key : Analysis.Elapsed.mSec | |
Value: 5980 | |
Key : Analysis.IO.Other.Mb | |
Value: 0 | |
Key : Analysis.IO.Read.Mb | |
Value: 0 | |
Key : Analysis.IO.Write.Mb | |
Value: 0 | |
Key : Analysis.Init.CPU.mSec | |
Value: 327 | |
Key : Analysis.Init.Elapsed.mSec | |
Value: 7517 | |
Key : Analysis.Memory.CommitPeak.Mb | |
Value: 100 | |
Key : Bugcheck.Code.LegacyAPI | |
Value: 0x7a | |
Key : Bugcheck.Code.TargetModel | |
Value: 0x7a | |
Key : Dump.Attributes.AsUlong | |
Value: 8 | |
Key : Dump.Attributes.KernelGeneratedTriageDump | |
Value: 1 | |
Key : Failure.Bucket | |
Value: 0x7a_c0000185_DUMP_STORPORTDUMP_STORNVME_win32kfull!WerSubmitReportWorker | |
Key : Failure.Hash | |
Value: {a58f40d9-0b67-5c9d-dfde-83cd8abfea72} | |
BUGCHECK_CODE: 7a | |
BUGCHECK_P1: ffff8009026402e0 | |
BUGCHECK_P2: ffffffffc0000185 | |
BUGCHECK_P3: 2ee056860 | |
BUGCHECK_P4: fffff52769d2ce44 | |
FILE_IN_CAB: 2024-04-29.dmp | |
DUMP_FILE_ATTRIBUTES: 0x8 | |
Kernel Generated Triage Dump | |
ERROR_CODE: (NTSTATUS) 0xc0000185 - I/O I/O | |
DISK_HARDWARE_ERROR: There was error with disk hardware | |
BLACKBOXBSD: 1 (!blackboxbsd) | |
BLACKBOXDISK: 1 | |
DISKSEC_ORG_ID: | |
DISKSEC_MODEL: | |
DISKSEC_MANUFACTURING_ID: | |
DISKSEC_ISSUE_DESC_STR: | |
DISKSEC_TOTAL_SIZE: 0 | |
DISKSEC_REASON: 0 | |
DISKSEC_PUBLIC_TOTAL_SECTION_SIZE: 0 | |
DISKSEC_PUBLIC_OFFSET: 0 | |
DISKSEC_PUBLIC_DATA_SIZE: 0 | |
DISKSEC_PRIVATE_TOTAL_SECTION_SIZE: 0 | |
DISKSEC_PRIVATE_OFFSET: 0 | |
DISKSEC_PRIVATE_DATA_SIZE: 0 | |
BLACKBOXNTFS: 1 (!blackboxntfs) | |
BLACKBOXPNP: 1 (!blackboxpnp) | |
BLACKBOXWINLOGON: 1 | |
CUSTOMER_CRASH_COUNT: 29 | |
PROCESS_NAME: csrss.exe | |
TRAP_FRAME: ffffec012c91f980 -- (.trap 0xffffec012c91f980) | |
NOTE: The trap frame does not contain all registers. | |
Some register values may be zeroed or incorrect. | |
rax=fffff52769d0d850 rbx=0000000000000000 rcx=00000000000028ac | |
rdx=000000000000201c rsi=0000000000000000 rdi=0000000000000000 | |
rip=fffff52769d2ce44 rsp=ffffec012c91fb18 rbp=0000000000000080 | |
r8=0000000000000400 r9=00140410008302ff r10=fffff52769d0d850 | |
r11=0000000000000000 r12=0000000000000000 r13=0000000000000000 | |
r14=0000000000000000 r15=0000000000000000 | |
iopl=0 nv up ei ng nz na pe nc | |
win32kfull!WerKernelSubmitReportForHungProcess: | |
fffff527`69d2ce44 48895c2408 mov qword ptr [rsp+8],rbx ss:0018:ffffec01`2c91fb20=0000000000000000 | |
Resetting default scope | |
STACK_TEXT: | |
ffffec01`2c91f5d8 fffff807`58a65f29 : 00000000`0000007a ffff8009`026402e0 ffffffff`c0000185 00000002`ee056860 : nt!KeBugCheckEx | |
ffffec01`2c91f5e0 fffff807`58a66325 : ffffec01`00008000 ffffec01`2c91f700 ffffec01`2c91f770 fffff807`00000000 : nt!MiWaitForInPageComplete+0x7d9 | |
ffffec01`2c91f6d0 fffff807`58a1c308 : 00000000`c0033333 00000000`00000000 fffff527`69d2ce44 00000000`00000000 : nt!MiIssueHardFault+0x3c5 | |
ffffec01`2c91f7e0 fffff807`58c0db29 : 00000000`0d03fda0 00000000`0cec9000 ffff9a0c`c8748080 00000000`00000000 : nt!MmAccessFault+0x468 | |
ffffec01`2c91f980 fffff527`69d2ce44 : fffff527`69d0d867 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiPageFault+0x369 | |
ffffec01`2c91fb18 fffff527`69d0d867 : 00000000`00000000 00000000`00000000 00000000`00000000 ffffc780`6208d440 : win32kfull!WerKernelSubmitReportForHungProcess | |
ffffec01`2c91fb20 fffff807`58b4ef55 : ffff9a0c`c7fab080 fffff527`69d0d850 ffff9a0c`c54764b0 00000000`00000000 : win32kfull!WerSubmitReportWorker+0x17 | |
ffffec01`2c91fb50 fffff807`58c06a48 : ffffc780`62082180 ffff9a0c`c7fab080 fffff807`58b4ef00 00000000`00000246 : nt!PspSystemThreadStartup+0x55 | |
ffffec01`2c91fba0 00000000`00000000 : ffffec01`2c920000 ffffec01`2c919000 00000000`00000000 00000000`00000000 : nt!KiStartSystemThread+0x28 | |
SYMBOL_NAME: win32kfull!WerSubmitReportWorker+17 | |
MODULE_NAME: win32kfull | |
IMAGE_NAME: win32kfull.sys | |
IMAGE_VERSION: 10.0.19041.4291 | |
STACK_COMMAND: .cxr; .ecxr ; kb | |
BUCKET_ID_FUNC_OFFSET: 17 | |
FAILURE_BUCKET_ID: 0x7a_c0000185_DUMP_STORPORTDUMP_STORNVME_win32kfull!WerSubmitReportWorker | |
OSPLATFORM_TYPE: x64 | |
OSNAME: Windows 10 | |
FAILURE_ID_HASH: {a58f40d9-0b67-5c9d-dfde-83cd8abfea72} | |
Followup: MachineOwner | |
--------- | |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
************* Preparing the environment for Debugger Extensions Gallery repositories ************** | |
ExtensionRepository : Implicit | |
UseExperimentalFeatureForNugetShare : true | |
AllowNugetExeUpdate : true | |
NonInteractiveNuget : true | |
AllowNugetMSCredentialProviderInstall : true | |
AllowParallelInitializationOfLocalRepositories : true | |
EnableRedirectToV8JsProvider : false | |
-- Configuring repositories | |
----> Repository : LocalInstalled, Enabled: true | |
----> Repository : UserExtensions, Enabled: true | |
>>>>>>>>>>>>> Preparing the environment for Debugger Extensions Gallery repositories completed, duration 0.063 seconds | |
************* Waiting for Debugger Extensions Gallery to Initialize ************** | |
>>>>>>>>>>>>> Waiting for Debugger Extensions Gallery to Initialize completed, duration 0.515 seconds | |
----> Repository : UserExtensions, Enabled: true, Packages count: 0 | |
----> Repository : LocalInstalled, Enabled: true, Packages count: 41 | |
Microsoft (R) Windows Debugger Version 10.0.27553.1004 AMD64 | |
Copyright (c) Microsoft Corporation. All rights reserved. | |
Loading Dump File [C:\Users\maomao\OneDrive\文档\2024-05-10.dmp] | |
Mini Kernel Dump File: Only registers and stack trace are available | |
************* Path validation summary ************** | |
Response Time (ms) Location | |
Deferred srv* | |
Symbol search path is: srv* | |
Executable search path is: | |
Windows 10 Kernel Version 19041 MP (16 procs) Free x64 | |
Product: WinNt, suite: TerminalServer SingleUserTS | |
Kernel base = 0xfffff802`20200000 PsLoadedModuleList = 0xfffff802`20e2a790 | |
Debug session time: Fri May 10 22:54:20.415 2024 (UTC + 8:00) | |
System Uptime: 5 days 7:57:54.064 | |
Loading Kernel Symbols | |
.. | |
Press ctrl-c (cdb, kd, ntsd) or ctrl-break (windbg) to abort symbol loads that take too long. | |
Run !sym noisy before .reload to track down problems loading symbols. | |
............................................................. | |
................................................................ | |
................................................................ | |
........ | |
Loading User Symbols | |
PEB is paged out (Peb.Ldr = 000000d3`3dca1018). Type ".hh dbgerr001" for details | |
Loading unloaded module list | |
...................... | |
For analysis of this file, run !analyze -v | |
nt!KeBugCheckEx: | |
fffff802`205fda40 48894c2408 mov qword ptr [rsp+8],rcx ss:0018:fffffe08`2c287880=00000000000000ef | |
12: kd> !analyze -v | |
******************************************************************************* | |
* * | |
* Bugcheck Analysis * | |
* * | |
******************************************************************************* | |
CRITICAL_PROCESS_DIED (ef) | |
A critical system process died | |
Arguments: | |
Arg1: ffffa80404bb5080, Process object or thread object | |
Arg2: 0000000000000000, If this is 0, a process died. If this is 1, a thread died. | |
Arg3: 0000000000000000, The process object that initiated the termination. | |
Arg4: 0000000000000000 | |
Debugging Details: | |
------------------ | |
KEY_VALUES_STRING: 1 | |
Key : Analysis.CPU.mSec | |
Value: 2952 | |
Key : Analysis.Elapsed.mSec | |
Value: 12081 | |
Key : Analysis.IO.Other.Mb | |
Value: 0 | |
Key : Analysis.IO.Read.Mb | |
Value: 0 | |
Key : Analysis.IO.Write.Mb | |
Value: 0 | |
Key : Analysis.Init.CPU.mSec | |
Value: 484 | |
Key : Analysis.Init.Elapsed.mSec | |
Value: 14893 | |
Key : Analysis.Memory.CommitPeak.Mb | |
Value: 93 | |
Key : Bugcheck.Code.LegacyAPI | |
Value: 0xef | |
Key : Bugcheck.Code.TargetModel | |
Value: 0xef | |
Key : CriticalProcessDied.ExceptionCode | |
Value: 5873080 | |
Key : CriticalProcessDied.Process | |
Value: csrss.exe | |
Key : Dump.Attributes.AsUlong | |
Value: 8 | |
Key : Dump.Attributes.KernelGeneratedTriageDump | |
Value: 1 | |
Key : Failure.Bucket | |
Value: 0xEF_csrss.exe_BUGCHECK_CRITICAL_PROCESS_5873080_nt!PspCatchCriticalBreak | |
Key : Failure.Hash | |
Value: {4e8f9687-9e2e-6360-f6b0-a154168e07df} | |
BUGCHECK_CODE: ef | |
BUGCHECK_P1: ffffa80404bb5080 | |
BUGCHECK_P2: 0 | |
BUGCHECK_P3: 0 | |
BUGCHECK_P4: 0 | |
FILE_IN_CAB: 2024-05-10.dmp | |
DUMP_FILE_ATTRIBUTES: 0x8 | |
Kernel Generated Triage Dump | |
PROCESS_NAME: csrss.exe | |
CRITICAL_PROCESS: csrss.exe | |
ERROR_CODE: (NTSTATUS) 0x5873080 - <Unable to get error code text> | |
BLACKBOXBSD: 1 (!blackboxbsd) | |
BLACKBOXNTFS: 1 (!blackboxntfs) | |
BLACKBOXPNP: 1 (!blackboxpnp) | |
BLACKBOXWINLOGON: 1 | |
CUSTOMER_CRASH_COUNT: 10 | |
STACK_TEXT: | |
fffffe08`2c287878 fffff802`20b0dee2 : 00000000`000000ef ffffa804`04bb5080 00000000`00000000 00000000`00000000 : nt!KeBugCheckEx | |
fffffe08`2c287880 fffff802`20a1ee69 : 00000000`00000000 fffff802`2053d9fd 00000000`00000002 fffff802`2050cc5b : nt!PspCatchCriticalBreak+0x10e | |
fffffe08`2c287920 fffff802`208c7390 : ffffa804`00000000 00000000`00000000 ffffa804`04bb5080 ffffa804`04bb54b8 : nt!PspTerminateAllThreads+0x156edd | |
fffffe08`2c287990 fffff802`208c718c : ffffa804`04bb5080 00000000`00000000 00000000`00000000 ffffa804`02ea0640 : nt!PspTerminateProcess+0xe0 | |
fffffe08`2c2879d0 fffff802`206119c5 : ffffa804`04bb5080 ffffa804`05873080 fffffe08`2c287ac0 ffffffff`ee1e5d00 : nt!NtTerminateProcess+0x9c | |
fffffe08`2c287a40 00007ff9`9e6ad564 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x25 | |
000000d3`3de7d4b8 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x00007ff9`9e6ad564 | |
SYMBOL_NAME: nt!PspCatchCriticalBreak+10e | |
MODULE_NAME: nt | |
IMAGE_NAME: ntkrnlmp.exe | |
IMAGE_VERSION: 10.0.19041.4291 | |
STACK_COMMAND: .cxr; .ecxr ; kb | |
BUCKET_ID_FUNC_OFFSET: 10e | |
FAILURE_BUCKET_ID: 0xEF_csrss.exe_BUGCHECK_CRITICAL_PROCESS_5873080_nt!PspCatchCriticalBreak | |
OSPLATFORM_TYPE: x64 | |
OSNAME: Windows 10 | |
FAILURE_ID_HASH: {4e8f9687-9e2e-6360-f6b0-a154168e07df} | |
Followup: MachineOwner | |
--------- | |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
************* Preparing the environment for Debugger Extensions Gallery repositories ************** | |
ExtensionRepository : Implicit | |
UseExperimentalFeatureForNugetShare : true | |
AllowNugetExeUpdate : true | |
NonInteractiveNuget : true | |
AllowNugetMSCredentialProviderInstall : true | |
AllowParallelInitializationOfLocalRepositories : true | |
EnableRedirectToV8JsProvider : false | |
-- Configuring repositories | |
----> Repository : LocalInstalled, Enabled: true | |
----> Repository : UserExtensions, Enabled: true | |
>>>>>>>>>>>>> Preparing the environment for Debugger Extensions Gallery repositories completed, duration 0.031 seconds | |
************* Waiting for Debugger Extensions Gallery to Initialize ************** | |
>>>>>>>>>>>>> Waiting for Debugger Extensions Gallery to Initialize completed, duration 0.218 seconds | |
----> Repository : UserExtensions, Enabled: true, Packages count: 0 | |
----> Repository : LocalInstalled, Enabled: true, Packages count: 41 | |
Microsoft (R) Windows Debugger Version 10.0.27553.1004 AMD64 | |
Copyright (c) Microsoft Corporation. All rights reserved. | |
Loading Dump File [C:\Users\maomao\OneDrive\文档\2024-05-20.dmp] | |
Mini Kernel Dump File: Only registers and stack trace are available | |
************* Path validation summary ************** | |
Response Time (ms) Location | |
Deferred srv* | |
Symbol search path is: srv* | |
Executable search path is: | |
Windows 10 Kernel Version 19041 MP (16 procs) Free x64 | |
Product: WinNt, suite: TerminalServer SingleUserTS | |
Kernel base = 0xfffff802`6500d000 PsLoadedModuleList = 0xfffff802`65c377c0 | |
Debug session time: Mon May 20 01:38:37.920 2024 (UTC + 8:00) | |
System Uptime: 0 days 0:09:18.587 | |
Loading Kernel Symbols | |
............................................................... | |
........................................ | |
Loading User Symbols | |
Loading unloaded module list | |
.. | |
For analysis of this file, run !analyze -v | |
nt!KeBugCheckEx: | |
fffff802`6540aaf0 48894c2408 mov qword ptr [rsp+8],rcx ss:0018:ffffb88e`1e4075d0=00000000000000c4 | |
0: kd> !analyze -v | |
******************************************************************************* | |
* * | |
* Bugcheck Analysis * | |
* * | |
******************************************************************************* | |
DRIVER_VERIFIER_DETECTED_VIOLATION (c4) | |
A device driver attempting to corrupt the system has been caught. This is | |
because the driver was specified in the registry as being suspect (by the | |
administrator) and the kernel has enabled substantial checking of this driver. | |
If the driver attempts to corrupt the system, BugChecks 0xC4, 0xC1 and 0xA will | |
be among the most commonly seen crashes. | |
Arguments: | |
Arg1: 0000000000002000, Code Integrity Issue: The caller specified an executable pool type. (Expected: NonPagedPoolNx) | |
Arg2: fffff806e93dd7c3, The address in the driver's code where the error was detected. | |
Arg3: 0000000000000000, Pool Type. | |
Arg4: 0000000073466243, Pool Tag (if provided). | |
Debugging Details: | |
------------------ | |
*** WARNING: Unable to verify timestamp for cbfs6.sys | |
KEY_VALUES_STRING: 1 | |
Key : Analysis.CPU.mSec | |
Value: 1577 | |
Key : Analysis.Elapsed.mSec | |
Value: 2069 | |
Key : Analysis.IO.Other.Mb | |
Value: 0 | |
Key : Analysis.IO.Read.Mb | |
Value: 0 | |
Key : Analysis.IO.Write.Mb | |
Value: 0 | |
Key : Analysis.Init.CPU.mSec | |
Value: 327 | |
Key : Analysis.Init.Elapsed.mSec | |
Value: 8690 | |
Key : Analysis.Memory.CommitPeak.Mb | |
Value: 79 | |
Key : Bugcheck.Code.LegacyAPI | |
Value: 0xc4 | |
Key : Bugcheck.Code.TargetModel | |
Value: 0xc4 | |
Key : Dump.Attributes.AsUlong | |
Value: 8 | |
Key : Dump.Attributes.KernelGeneratedTriageDump | |
Value: 1 | |
Key : Failure.Bucket | |
Value: 0xc4_2000_cbfs6!unknown_function | |
Key : Failure.Hash | |
Value: {c5d06e26-b049-b4c4-2de8-99f17009214a} | |
BUGCHECK_CODE: c4 | |
BUGCHECK_P1: 2000 | |
BUGCHECK_P2: fffff806e93dd7c3 | |
BUGCHECK_P3: 0 | |
BUGCHECK_P4: 73466243 | |
FILE_IN_CAB: 2024-05-20.dmp | |
DUMP_FILE_ATTRIBUTES: 0x8 | |
Kernel Generated Triage Dump | |
BLACKBOXNTFS: 1 (!blackboxntfs) | |
CUSTOMER_CRASH_COUNT: 20 | |
PROCESS_NAME: System | |
STACK_TEXT: | |
ffffb88e`1e4075c8 fffff802`659e0e34 : 00000000`000000c4 00000000`00002000 fffff806`e93dd7c3 00000000`00000000 : nt!KeBugCheckEx | |
ffffb88e`1e4075d0 fffff802`655b0025 : fffff802`65c1fcf0 00000000`00002000 fffff806`e93dd7c3 00000000`00000000 : nt!VerifierBugCheckIfAppropriate+0xe0 | |
ffffb88e`1e407610 fffff802`659d7df4 : 00000000`73466243 fffff802`65c1fcf0 fffff806`e93dd7c3 fffff806`00000003 : nt!VfReportIssueWithOptions+0x101 | |
ffffb88e`1e407660 fffff802`659f134a : 00000000`00000000 00000000`00000001 00000000`00000050 fffff806`e9390888 : nt!VfCheckPoolType+0x90 | |
ffffb88e`1e4076a0 fffff806`e93dd7c3 : 00000000`00000010 ffffe08f`e6d2be30 ffffe08f`e68f7000 00000000`00000000 : nt!VerifierExInitializeNPagedLookasideList+0x5a | |
ffffb88e`1e407720 00000000`00000010 : ffffe08f`e6d2be30 ffffe08f`e68f7000 00000000`00000000 00000000`00000050 : cbfs6+0x6d7c3 | |
ffffb88e`1e407728 ffffe08f`e6d2be30 : ffffe08f`e68f7000 00000000`00000000 00000000`00000050 00000000`73466243 : 0x10 | |
ffffb88e`1e407730 ffffe08f`e68f7000 : 00000000`00000000 00000000`00000050 00000000`73466243 fffff806`e9390010 : 0xffffe08f`e6d2be30 | |
ffffb88e`1e407738 00000000`00000000 : 00000000`00000050 00000000`73466243 fffff806`e9390010 ffffffff`fa0a1f00 : 0xffffe08f`e68f7000 | |
SYMBOL_NAME: cbfs6+6d7c3 | |
MODULE_NAME: cbfs6 | |
IMAGE_NAME: cbfs6.sys | |
STACK_COMMAND: .cxr; .ecxr ; kb | |
BUCKET_ID_FUNC_OFFSET: 6d7c3 | |
FAILURE_BUCKET_ID: 0xc4_2000_cbfs6!unknown_function | |
OSPLATFORM_TYPE: x64 | |
OSNAME: Windows 10 | |
FAILURE_ID_HASH: {c5d06e26-b049-b4c4-2de8-99f17009214a} | |
Followup: MachineOwner | |
--------- | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment