Advanced Debugging
About AdvDbg Consult Train Services Products Tools Community Contact  
欢迎光临 高端调试 登录 | 注册 | FAQ
 
  ACPI调试
Linux内核调试
Windows内核调试
 
  调试战役
调试原理
新工具观察
 
  Linux
Windows Vista
Windows
 
  Linux驱动
WDF
WDM
 
  PCI Express
PCI/PCI-X
USB
无线通信协议
 
  64位CPU
ARM
IA-32
  CPU Info Center
 
  ACPI标准
系统认证
Desktop
服务器
 
  Embedded Linux
嵌入式开发工具
VxWorks
WinCE
嵌入式Windows
 
  格蠹调试套件(GDK)
  格蠹学院
  小朱书店
  老雷的微博
  《软件调试》
  《格蠹汇编》
  《软件调试(第二版)》
沪ICP备11027180号-1

Windows内核调试

帖子发起人: celia   发起时间: 2014-12-16 22:17 下午   回复: 1

Print Search
帖子排序:    
   2014-12-16, 22:17 下午
xuyongli314159 离线,最后访问时间: 2014/12/16 14:01:56 celia

无等级
注册: 2014-12-16
发 贴: 1
张老师能不能帮忙看一下这个BSOD

附件: dump-with symbol.txt
Reply Quote
张老师好,我是做显卡驱动开发的Celia,这个BSOD卡了好些天了, 是一个win8.1上做出来的蓝屏,用win8.1自带的播放器可以比较容易做出来,您能帮忙指导一下要怎么分析这样的BSOD吗?万分感谢~~
dump 文件比较大,有300多M, 我传到百度云盘了,还传了一个微软的symbol,呵呵,下面是链接:
链接: http://pan.baidu.com/s/1i3mV9ch 密码: c7ar
担心附件不能正常显示,我贴一下目前windbg的内容在下面:

Microsoft (R) Windows Debugger Version 6.3.9600.16384 X86
Copyright (c) Microsoft Corporation. All rights reserved.

Opened \\.\com10
Waiting to reconnect...
Connected to Windows 8 9600 x64 target at (Fri Dec 12 12:29:25.269 2014 (UTC + 8:00)), ptr64 TRUE
Kernel Debugger connection established.

************* Symbol Path validation summary **************
Response                         Time (ms)     Location
OK                                             D:\Work\Project\Trunk\WDDM1.2\KMDOD\Sample\BIN\win8.1\x86

************* Symbol Path validation summary **************
Response                         Time (ms)     Location
OK                                             D:\Work\Project\Trunk\WDDM1.2\KMDOD\Sample\BIN\win8.1\x86
OK                                             D:\localsymbols\win8.1\x64
Symbol search path is: D:\Work\Project\Trunk\WDDM1.2\KMDOD\Sample\BIN\win8.1\x86;D:\localsymbols\win8.1\x64
Executable search path is: D:\Work\Project\Trunk\WDDM1.2\KMDOD\Sample\BIN\win8.1\x86
Windows 8 Kernel Version 9600 MP (4 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 9600.16384.amd64fre.winblue_rtm.130821-1623
Machine Name:
Kernel base = 0xfffff801`b1681000 PsLoadedModuleList = 0xfffff801`b19489b0
Debug session time: Tue Oct 26 23:52:36.709 2094 (UTC + 8:00)
System Uptime: 0 days 0:08:51.443

************* Symbol Path validation summary **************
Response                         Time (ms)     Location
OK                                             D:\Work\Project\Trunk\WDDM1.2\KMDOD\Sample\BIN\win8.1\x86
OK                                             D:\localsymbols\win8.1\x64
Break instruction exception - code 80000003 (first chance)

A fatal system error has occurred.
Debugger entered on first try; Bugcheck callbacks have not been invoked.

A fatal system error has occurred.

Connected to Windows 8 9600 x64 target at (Fri Dec 12 12:29:30.625 2014 (UTC + 8:00)), ptr64 TRUE
Loading Kernel Symbols
..........

Press ctrl-c (cdb, kd, ntsd) or ctrl-break (windbg) to abort symbol loads that take too long.
Run !sym noisy before .reload to track down problems loading symbols.

.....................................................
................................................................
....
Loading User Symbols
.....................

Press ctrl-c (cdb, kd, ntsd) or ctrl-break (windbg) to abort symbol loads that take too long.
Run !sym noisy before .reload to track down problems loading symbols.

...........................................
.............................................................
Loading unloaded module list
.........
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck D1, {8, 2, 0, fffff80001660379}

Probably caused by : dxgmms1.sys ( dxgmms1!VidSchiCheckConditionDeviceCommand+51 )

Followup: MachineOwner
---------

nt!DbgBreakPointWithStatus:
fffff801`b17d7c90 cc              int     3
1: kd> !analyze -v
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1)
An attempt was made to access a pageable (or completely invalid) address at an
interrupt request level (IRQL) that is too high.  This is usually
caused by drivers using improper addresses.
If kernel debugger is available get stack backtrace.
Arguments:
Arg1: 0000000000000008, memory referenced
Arg2: 0000000000000002, IRQL
Arg3: 0000000000000000, value 0 = read operation, 1 = write operation
Arg4: fffff80001660379, address which referenced memory

Debugging Details:
------------------


READ_ADDRESS:  0000000000000008 

CURRENT_IRQL:  2

FAULTING_IP: 
dxgmms1!VidSchiCheckConditionDeviceCommand+51
fffff800`01660379 4c3b5108        cmp     r10,qword ptr [rcx+8]

DEFAULT_BUCKET_ID:  WIN8_DRIVER_FAULT

BUGCHECK_STR:  AV

PROCESS_NAME:  WWAHost.exe

ANALYSIS_VERSION: 6.3.9600.16384 (debuggers(dbg).130821-1623) x86fre

TRAP_FRAME:  ffffd000282e5360 -- (.trap 0xffffd000282e5360)
NOTE: The trap frame does not contain all registers.
Some register values may be zeroed or incorrect.
rax=0000000000000001 rbx=0000000000000000 rcx=0000000000000000
rdx=ffffcf80032ecf70 rsi=0000000000000000 rdi=0000000000000000
rip=fffff80001660379 rsp=ffffd000282e54f0 rbp=ffffe0000012d000
 r8=0000000000000000  r9=ffffe0000012d000 r10=ffffcf8003036c00
r11=ffffe00000c905c0 r12=0000000000000000 r13=0000000000000000
r14=0000000000000000 r15=0000000000000000
iopl=0         nv up ei ng nz na pe nc
dxgmms1!VidSchiCheckConditionDeviceCommand+0x51:
fffff800`01660379 4c3b5108        cmp     r10,qword ptr [rcx+8] ds:00000000`00000008=????????????????
Resetting default scope

LAST_CONTROL_TRANSFER:  from fffff801b185a7c6 to fffff801b17d7c90

STACK_TEXT:  
ffffd000`282e4a68 fffff801`b185a7c6 : 00000000`00000000 00000000`00000000 ffffd000`282e4bd0 fffff801`b177f654 : nt!DbgBreakPointWithStatus
ffffd000`282e4a70 fffff801`b185a0d7 : 00000000`00000003 ffffd000`282e4bd0 fffff801`b17df070 00000000`000000d1 : nt!KiBugCheckDebugBreak+0x12
ffffd000`282e4ad0 fffff801`b17d11a4 : ffffcf80`03358cc0 fffff801`b174df1f 00000000`00000000 ffffd000`282e5320 : nt!KeBugCheck2+0x8ab
ffffd000`282e51e0 fffff801`b17dcbe9 : 00000000`0000000a 00000000`00000008 00000000`00000002 00000000`00000000 : nt!KeBugCheckEx+0x104
ffffd000`282e5220 fffff801`b17db43a : 00000000`00000000 ffffcf80`03358cc0 ffffd000`282e0000 ffffd000`282e5360 : nt!KiBugCheckDispatch+0x69
ffffd000`282e5360 fffff800`01660379 : 00000000`00000000 ffffe000`00000000 fffff800`0166029a ffffe000`00164000 : nt!KiPageFault+0x23a
ffffd000`282e54f0 fffff800`016602a2 : ffffcf80`03358cc0 ffffd000`282e55b0 ffffd000`282e55b0 ffffd000`282e55b9 : dxgmms1!VidSchiCheckConditionDeviceCommand+0x51
ffffd000`282e5520 fffff800`0168ac0b : ffffcf80`032ecf70 ffffd000`282e55b9 ffffcf80`01c84ff0 ffffe000`00164000 : dxgmms1!VidSchSubmitDeviceCommand+0x106
ffffd000`282e5570 fffff800`0168aae3 : ffffcf80`02f1efd0 00000000`00000001 ffffcf80`02f1efd0 00000000`00000018 : dxgmms1!VIDMM_GLOBAL::TerminateOneAllocation+0xfb
ffffd000`282e5620 fffff800`01537ece : ffffc000`080bd010 00000000`00000001 ffffc000`080bd078 ffffc000`086ad000 : dxgmms1!VIDMM_GLOBAL::TerminateAllocation+0x4b
ffffd000`282e5650 fffff800`015387a6 : ffffcf80`02f1efd0 ffffc000`07ecf400 ffffc000`00000001 ffffc000`00000000 : dxgkrnl!DXGDEVICE::TerminateAllocations+0x44e
ffffd000`282e56f0 fffff800`015390eb : ffffd000`282e5a68 ffffd000`282e5ec0 ffffc000`086ad000 ffffd000`282e5ec0 : dxgkrnl!DXGDEVICE::DestroyAllocationInternal+0x16a
ffffd000`282e5740 fffff800`01538c31 : ffffffff`ffffffff ffffffff`ffffffff ffffd000`282e5ec0 ffffc000`086ad000 : dxgkrnl!DxgkDestroyAllocationInternal+0x29b
ffffd000`282e5a10 fffff801`b17dc8b3 : ffffe000`013d9080 ffffe000`013d9080 000000f4`ee4db800 000000f4`f148a148 : dxgkrnl!DxgkDestroyAllocation+0x301
ffffd000`282e5e40 00007ffb`efc4141a : 00007ffb`ecd74f68 000008cf`00000000 00007ffb`ed342448 00000001`40000500 : nt!KiSystemServiceCopyEnd+0x13
000000f4`ee4db758 00007ffb`ecd74f68 : 000008cf`00000000 00007ffb`ed342448 00000001`40000500 000000f4`c73f1520 : GDI32!NtGdiDdDDIDestroyAllocation+0xa
000000f4`ee4db760 00007ffb`ecaa9284 : 00000000`00000000 00000000`00000000 000000f4`c73f1401 000000f4`f148a148 : d3d11!NDXGI::CDevice::DeallocateCB+0x6d
000000f4`ee4db7e0 00007ffb`ecaa9176 : 000000f4`c73f14e0 00000000`00000001 00000000`00000001 00000000`00000001 : d3d10warp!ResourceShape::FreeKmMemoryStatic+0x54
000000f4`ee4db830 00007ffb`ecaa8c5b : 000000f4`c73f14e0 000000f4`f1b5d4e0 00000000`00000000 000000f4`c738a4b0 : d3d10warp!ResourceShape::~ResourceShape+0xbe
000000f4`ee4db870 00007ffb`ecaa8efd : 000000f4`f148a710 000000f4`f148a710 000000f4`c738a4b0 000000f4`f1b5d4e0 : d3d10warp!UMResource::`scalar deleting destructor'+0xd3
000000f4`ee4db8b0 00007ffb`ecd76e17 : 000000f4`f1aebbb0 000000f4`c738a4b0 000000f4`f148a710 00000000`00000000 : d3d10warp!UMDevice::DestroyResource+0x141
000000f4`ee4db910 00007ffb`ecd76d20 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : d3d11!TCLSWrappers<CTexture2D>::CLSDestroy+0x6b
000000f4`ee4db940 00007ffb`ecd76a9c : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : d3d11!CLayeredObjectWithCLS<CTexture2D>::Release+0x28
000000f4`ee4db970 00007ffb`ecd76b0c : 000000f4`c738a2e0 00000500`00000020 00000000`00000320 00000000`00000046 : d3d11!ATL::AtlComPtrAssign+0x46
000000f4`ee4db9a0 00007ffb`ecd76c70 : 00000000`00000000 005c002e`00000000 0000e551`ba0ecc54 000000f4`c738a390 : d3d11!NDXGI::CDeviceChild<IDXGIResource1,IDXGISwapChainInternal>::FinalRelease+0x14
000000f4`ee4db9d0 00007ffb`ecd76a9c : 000000f4`c738a2b0 00000000`00000000 00000000`00000000 000000f4`c736f950 : d3d11!CLayeredObject<NDXGI::CResource>::Release+0x5c
000000f4`ee4dba00 00007ffb`ecda8a80 : 000000f4`c738a2b0 00000000`00000002 00000000`00000100 00000000`00000002 : d3d11!ATL::AtlComPtrAssign+0x46
000000f4`ee4dba30 00007ffb`ecda8a44 : 00000000`00000001 00007ffb`ecd000c6 00000000`00000002 00007ffb`eccffbd9 : d3d11!NOutermost::CDeviceChild::FinalRelease+0x20
000000f4`ee4dba60 00007ffb`ecda8a0c : 000000f4`c738a2b0 00007ffb`ecd9e57b 00000000`00000000 00000000`00000000 : d3d11!CDelegatingUseCountedObject<NOutermost::CDeviceChild>::~CDelegatingUseCountedObject<NOutermost::CDeviceChild>+0x18
000000f4`ee4dba90 00007ffb`ecda8996 : 000000f4`c738a2b0 00000000`00000002 00000000`00000000 00000000`00000057 : d3d11!CDelegatingUseCountedObject<NOutermost::CDeviceChild>::`scalar deleting destructor'+0x14
000000f4`ee4dbac0 00007ffb`ecd02c39 : 000000f4`c749a440 00000000`00000000 00000000`00000000 00000000`40000a80 : d3d11!CDelegatingUseCountedObject<NOutermost::CDeviceChild>::UCDestroy+0x1e
000000f4`ee4dbaf0 00007ffb`ecd02b72 : 000000f4`c738a2b0 00007ffb`ecd032cb 000000f4`f148a418 000000f4`c749a440 : dxgi!CDXGISwapChain::DestroyOwnedBuffer+0x39
000000f4`ee4dbb20 00007ffb`ecd081a2 : 000000f4`c749a440 000000f4`c749a440 000000f4`ee4dbd40 00000000`00000100 : dxgi!CDXGISwapChain::DestroyBackBuffers+0x62
000000f4`ee4dbb60 00007ffb`ecd0927d : 000000f4`c749a440 000000f4`c749a440 00000000`00000000 000000f4`c749a440 : dxgi!CDXGISwapChain::ScenarioResizeBuffers+0x5e
000000f4`ee4dbc20 00007ffb`cda695eb : 00000000`00000000 000000f4`f5929f98 000000f4`f58b8230 000000f4`c73f1380 : dxgi!CDXGISwapChain::ResizeBuffers+0x209
000000f4`ee4dbe10 00007ffb`cda47e50 : 000000f4`f1aa0801 000000f4`ee4dbef1 000000f4`f58b8230 00007ffb`d2a92700 : mfsvr!CSimpleVRStreamSink::RecreateOrResizeSwapchain+0x21733
000000f4`ee4dbe80 00007ffb`cda47c01 : 000000f4`c73f0a90 000000f4`ee4dc070 00000000`00000000 00000000`00000010 : mfsvr!CSimpleVRStreamSink::UpdateVideoInternal+0x218
000000f4`ee4dbf50 00007ffb`cda4811e : 00000000`00000000 000000f4`ee4dc070 000000f4`f57e9aa8 000000f4`f57e9ae0 : mfsvr!CSimpleVRStreamSink::UpdateVideo+0x61
000000f4`ee4dbf90 00007ffb`cdc17f00 : 000000f4`f5823750 000000f4`ee4dc020 000000f4`f58237c0 00007ffb`cdc06c0a : mfsvr!CSimpleVRSink::UpdateVideo+0x56
000000f4`ee4dbfe0 00007ffb`d313482b : 000000f4`f57e9aa8 000000f4`f1aa06d0 00000000`00000000 00000000`00000000 : MFMediaEngine!CMediaEngine::UpdateVideoStream+0xb8
000000f4`ee4dc050 00007ffb`d3130bfc : 000000f4`f1aa06d0 000000f4`ee4dc0e0 000000f4`f1aa06d0 000000f4`ebdaef68 : MSHTML!CVideoElement::UpdateVideoStream+0xb5
000000f4`ee4dc0c0 00007ffb`d334453d : 000000f4`f1aa06d0 000000f4`c759fcf8 000000f4`00021340 000000f4`00012c00 : MSHTML!CVideoElement::SetReplacedSize+0x140
000000f4`ee4dc150 00007ffb`d32de66e : 000000f4`f1aca820 000000f4`c759fcf8 000000f4`ee4dc1f0 00000000`00000000 : MSHTML!Tree::ReplacedBlock::SetReplacedSize+0x11d
000000f4`ee4dc1b0 00007ffb`d2c9d5df : 000000f4`f1a5c8d0 000000f4`c759fcf0 000000f4`c73f0a90 00000000`00000000 : MSHTML!Layout::ReplacedBox::UpdateDisplayNode+0x18f
000000f4`ee4dc260 00007ffb`d2c9d64a : 000000f4`f180e9a0 000000f4`c7396ff0 00000000`00000000 00000000`00000000 : MSHTML!Layout::FlowBoxBuilder::CollectPendingItemsAndUpdateDisplayNodes+0x1bf
000000f4`ee4dc450 00007ffb`d2ab0c1d : 000000f4`f180e9a0 000000f4`ee4dc860 000000f4`ee4dc850 000000f4`ee4dcf00 : MSHTML!Layout::FlowBoxBuilder::BuildLine+0xbaf
000000f4`ee4dc800 00007ffb`d2aa9819 : 000000f4`f180e9a0 000000f4`ee4dcf00 000000f4`f0a8c160 000000f4`f13e5d90 : MSHTML!Layout::FlowBoxBuilder::BuildBoxItem+0xbd
000000f4`ee4dc980 00007ffb`d2aaa4f0 : 000000f4`f1512290 000000f4`ee4dcc50 00000000`00000000 00000000`00000000 : MSHTML!Layout::LayoutBuilderDriver::BuildPageLayout+0x20b
000000f4`ee4dcb90 00007ffb`d2aa46ae : 000000f4`f14dbe00 000000f4`f14a9fd0 00000000`00000000 00000000`00000000 : MSHTML!Layout::PageCollection::FormatPage+0x1e0
000000f4`ee4dcd20 00007ffb`d2aa569d : 000000f4`f14dbe00 000000f4`ee4dcf00 000000f4`f1512290 000000f4`f17c8000 : MSHTML!Layout::PageCollection::LayoutPagesCore+0x242
000000f4`ee4dced0 00007ffb`d2aa426e : 000000f4`f14dbe00 000000f4`f1512290 000000f4`ee4dd050 000000f4`ee4dd080 : MSHTML!Layout::PageCollection::LayoutPages+0x16d
000000f4`ee4dcf50 00007ffb`d2aa49ea : 000000f4`f17c8040 000000f4`ee4dd100 000000f4`ee4dd1c0 000000f4`ebdae130 : MSHTML!CMarkupPageLayout::CalcPageLayoutSize+0x45a
000000f4`ee4dd0e0 00007ffb`d2c446aa : 000000f4`f17c8040 000000f4`00000000 000000f4`ee4dd1c0 000000f4`ebdae9c0 : MSHTML!CMarkupPageLayout::CalcTopLayoutSize+0xd6
000000f4`ee4dd1a0 00007ffb`d2a79e84 : 000000f4`ebdae9c0 000000f4`00000000 00000000`00000000 00000000`00000000 : MSHTML!CView::EnsureSize+0x205
000000f4`ee4dd200 00007ffb`d2c67cba : 000000f4`ebdae9c0 000000f4`00000100 00000000`00000000 000000f4`ee4dd4b8 : MSHTML!CView::EnsureView+0x593
000000f4`ee4dd420 00007ffb`d2bbe732 : 000000f4`c7585d50 00000000`00000000 000000f4`c7585d50 00000000`02000001 : MSHTML!CElement::EnsureRecalcNotify+0xfe
000000f4`ee4dd4b0 00007ffb`d2bbe636 : 00000000`0000002a 00007ffb`d2b199f9 000000f4`cbd7ce40 00007ffb`d254f19b : MSHTML!CElement::GetClientWidthLogical+0x92
000000f4`ee4dd540 00007ffb`d2bbe87b : 00000000`00000000 000000f4`ee4dd840 000000f4`ee31a660 000000f4`ee4dd750 : MSHTML!CElement::get_clientWidth+0x6e
000000f4`ee4dd5b0 00007ffb`d2bbe829 : 000000f4`ee31a660 00007ffb`02000001 000000f4`ee4dd660 00000000`00000000 : MSHTML!CElement::Var_get_clientWidth+0x2f
000000f4`ee4dd5e0 00007ffb`d24d9ea2 : 000000f4`f2790180 000000f4`02000001 000000f4`c8d2bcc0 00000000`00000001 : MSHTML!CFastDOM::CElement::Trampoline_Get_clientWidth+0x69
000000f4`ee4dd650 00007ffb`d24dc524 : 000000f4`ee31aa40 00000000`00008000 000000f4`ee4dd8b0 00007ffb`d24d9e01 : jscript9!amd64_CallFunction+0x82
000000f4`ee4dd6a0 00007ffb`d24dcb44 : 000000f4`f2790180 00000000`02000001 000000f4`c8d2bcc0 00007ffb`d24dc3d0 : jscript9!Js::JavascriptExternalFunction::ExternalFunctionThunk+0x154
000000f4`ee4dd740 00007ffb`d24e56ee : 000000f4`f2790180 000000f4`c8d2bcc0 000000f4`ee3202a0 000000f4`ee3202a0 : jscript9!Js::JavascriptOperators::CallGetter+0x144
000000f4`ee4dd7f0 00007ffb`d24e2d04 : 000000f4`ee4ddbb0 000000f4`f810aa80 000000f4`c6d4cbe0 000000f4`ee3202a0 : jscript9!Js::InterpreterStackFrame::Process+0x45eb
000000f4`ee4ddb80 000000f4`f0794053 : 000000f4`ee4ddde0 00000000`00000001 000000f4`ee4de300 000000f4`ee31aa40 : jscript9!Js::InterpreterStackFrame::InterpreterThunk<1>+0x37a
000000f4`ee4dddb0 000000f4`ee4ddde0 : 00000000`00000001 000000f4`ee4de300 000000f4`ee31aa40 000000f4`ee4dde08 : 0x000000f4`f0794053
000000f4`ee4dddb8 00000000`00000001 : 000000f4`ee4de300 000000f4`ee31aa40 000000f4`ee4dde08 00007ffb`d24d9ea2 : 0x000000f4`ee4ddde0
000000f4`ee4dddc0 000000f4`ee4de300 : 000000f4`ee31aa40 000000f4`ee4dde08 00007ffb`d24d9ea2 000000f4`f373e040 : 0x1
000000f4`ee4dddc8 000000f4`ee31aa40 : 000000f4`ee4dde08 00007ffb`d24d9ea2 000000f4`f373e040 00000000`10000001 : 0x000000f4`ee4de300
000000f4`ee4dddd0 000000f4`ee4dde08 : 00007ffb`d24d9ea2 000000f4`f373e040 00000000`10000001 000000f4`f284d7e0 : 0x000000f4`ee31aa40
000000f4`ee4dddd8 00007ffb`d24d9ea2 : 000000f4`f373e040 00000000`10000001 000000f4`f284d7e0 00000000`00000001 : 0x000000f4`ee4dde08
000000f4`ee4ddde0 00007ffb`d24e36af : 000000f4`ee31aa40 00000000`00000008 000000f4`f284d7e0 000000f4`00004f7e : jscript9!amd64_CallFunction+0x82
000000f4`ee4dde30 00007ffb`d24e2d04 : 000000f4`ee4de1f0 000000f4`c8d2e8c0 000000f4`cbf9d640 000000f4`ee3202a0 : jscript9!Js::InterpreterStackFrame::Process+0x21f9
000000f4`ee4de1c0 000000f4`f07958d3 : 000000f4`ee4de410 00000000`00000002 000000f4`ee4de580 000000f4`ee3202a0 : jscript9!Js::InterpreterStackFrame::InterpreterThunk<1>+0x37a
000000f4`ee4de3e0 000000f4`ee4de410 : 00000000`00000002 000000f4`ee4de580 000000f4`ee3202a0 000000f4`ee4de438 : 0x000000f4`f07958d3


STACK_COMMAND:  kb

FOLLOWUP_IP: 
dxgmms1!VidSchiCheckConditionDeviceCommand+51
fffff800`01660379 4c3b5108        cmp     r10,qword ptr [rcx+8]

SYMBOL_STACK_INDEX:  6

SYMBOL_NAME:  dxgmms1!VidSchiCheckConditionDeviceCommand+51

FOLLOWUP_NAME:  MachineOwner

MODULE_NAME: dxgmms1

IMAGE_NAME:  dxgmms1.sys

DEBUG_FLR_IMAGE_TIMESTAMP:  5215f7f4

IMAGE_VERSION:  6.3.9600.16384

BUCKET_ID_FUNC_OFFSET:  51

FAILURE_BUCKET_ID:  AV_VRF_dxgmms1!VidSchiCheckConditionDeviceCommand

BUCKET_ID:  AV_VRF_dxgmms1!VidSchiCheckConditionDeviceCommand

ANALYSIS_SOURCE:  KM

FAILURE_ID_HASH_STRING:  km:av_vrf_dxgmms1!vidschicheckconditiondevicecommand

FAILURE_ID_HASH:  {76d343c7-dedb-92c9-9260-77c925a0318e}

Followup: MachineOwner
---------

1: kd> uf dxgmms1!VidSchiCheckConditionDeviceCommand
dxgmms1!VidSchiCheckConditionDeviceCommand:
fffff800`01660328 4053            push    rbx
fffff800`0166032a 4883ec20        sub     rsp,20h
fffff800`0166032e 488b4150        mov     rax,qword ptr [rcx+50h]
fffff800`01660332 488bd9          mov     rbx,rcx
fffff800`01660335 8b89a8000000    mov     ecx,dword ptr [rcx+0A8h]
fffff800`0166033b 4c8b5068        mov     r10,qword ptr [rax+68h]
fffff800`0166033f 4533c0          xor     r8d,r8d
fffff800`01660342 4d8b4a20        mov     r9,qword ptr [r10+20h]
fffff800`01660346 85c9            test    ecx,ecx
fffff800`01660348 7435            je      dxgmms1!VidSchiCheckConditionDeviceCommand+0x57 (fffff800`0166037f)

dxgmms1!VidSchiCheckConditionDeviceCommand+0x22:
fffff800`0166034a ffc9            dec     ecx
fffff800`0166034c 754b            jne     dxgmms1!VidSchiCheckConditionDeviceCommand+0x71 (fffff800`01660399)

dxgmms1!VidSchiCheckConditionDeviceCommand+0x26:
fffff800`0166034e 488b83b0000000  mov     rax,qword ptr [rbx+0B0h]
fffff800`01660355 8b08            mov     ecx,dword ptr [rax]
fffff800`01660357 3b8bb8000000    cmp     ecx,dword ptr [rbx+0B8h]
fffff800`0166035d 753a            jne     dxgmms1!VidSchiCheckConditionDeviceCommand+0x71 (fffff800`01660399)

dxgmms1!VidSchiCheckConditionDeviceCommand+0x37:
fffff800`0166035f 488b93e0000000  mov     rdx,qword ptr [rbx+0E0h]
fffff800`01660366 4885d2          test    rdx,rdx
fffff800`01660369 7414            je      dxgmms1!VidSchiCheckConditionDeviceCommand+0x57 (fffff800`0166037f)

dxgmms1!VidSchiCheckConditionDeviceCommand+0x43:
fffff800`0166036b 8b83e8000000    mov     eax,dword ptr [rbx+0E8h]
fffff800`01660371 498b8cc1a8090000 mov     rcx,qword ptr [r9+rax*8+9A8h]
fffff800`01660379 4c3b5108        cmp     r10,qword ptr [rcx+8]
fffff800`0166037d 740f            je      dxgmms1!VidSchiCheckConditionDeviceCommand+0x66 (fffff800`0166038e)

dxgmms1!VidSchiCheckConditionDeviceCommand+0x57:
fffff800`0166037f 41b801000000    mov     r8d,1

dxgmms1!VidSchiCheckConditionDeviceCommand+0x5d:
fffff800`01660385 418bc0          mov     eax,r8d
fffff800`01660388 4883c420        add     rsp,20h
fffff800`0166038c 5b              pop     rbx
fffff800`0166038d c3              ret

dxgmms1!VidSchiCheckConditionDeviceCommand+0x66:
fffff800`0166038e 44384225        cmp     byte ptr [rdx+25h],r8b
fffff800`01660392 74eb            je      dxgmms1!VidSchiCheckConditionDeviceCommand+0x57 (fffff800`0166037f)

dxgmms1!VidSchiCheckConditionDeviceCommand+0x6c:
fffff800`01660394 e979c40000      jmp     dxgmms1!VidSchiCheckConditionDeviceCommand+0xc4ea (fffff800`0166c812)

dxgmms1!VidSchiCheckConditionDeviceCommand+0x71:
fffff800`01660399 488b4350        mov     rax,qword ptr [rbx+50h]
fffff800`0166039d 488b4868        mov     rcx,qword ptr [rax+68h]
fffff800`016603a1 8b81b0030000    mov     eax,dword ptr [rcx+3B0h]
fffff800`016603a7 85c0            test    eax,eax
fffff800`016603a9 75da            jne     dxgmms1!VidSchiCheckConditionDeviceCommand+0x5d (fffff800`01660385)

dxgmms1!VidSchiCheckConditionDeviceCommand+0x83:
fffff800`016603ab e9bbc40000      jmp     dxgmms1!VidSchiCheckConditionDeviceCommand+0xc543 (fffff800`0166c86b)

dxgmms1!VidSchiCheckConditionDeviceCommand+0xc4ea:
fffff800`0166c812 418b4134        mov     eax,dword ptr [r9+34h]
fffff800`0166c816 33d2            xor     edx,edx
fffff800`0166c818 33c9            xor     ecx,ecx
fffff800`0166c81a 41f77138        div     eax,dword ptr [r9+38h]
fffff800`0166c81e 448d4101        lea     r8d,[rcx+1]
fffff800`0166c822 448bc8          mov     r9d,eax
fffff800`0166c825 85c0            test    eax,eax
fffff800`0166c827 0f84583bffff    je      dxgmms1!VidSchiCheckConditionDeviceCommand+0x5d (fffff800`01660385)

dxgmms1!VidSchiCheckConditionDeviceCommand+0xc505:
fffff800`0166c82d 488b93e0000000  mov     rdx,qword ptr [rbx+0E0h]
fffff800`0166c834 488b4278        mov     rax,qword ptr [rdx+78h]
fffff800`0166c838 4c8b5010        mov     r10,qword ptr [rax+10h]
fffff800`0166c83c 458b5a04        mov     r11d,dword ptr [r10+4]

dxgmms1!VidSchiCheckConditionDeviceCommand+0xc518:
fffff800`0166c840 8bc1            mov     eax,ecx
fffff800`0166c842 4923c3          and     rax,r11
fffff800`0166c845 41837cc20800    cmp     dword ptr [r10+rax*8+8],0
fffff800`0166c84b 7516            jne     dxgmms1!VidSchiCheckConditionDeviceCommand+0xc53b (fffff800`0166c863)

dxgmms1!VidSchiCheckConditionDeviceCommand+0xc525:
fffff800`0166c84d 83ba8000000000  cmp     dword ptr [rdx+80h],0
fffff800`0166c854 750d            jne     dxgmms1!VidSchiCheckConditionDeviceCommand+0xc53b (fffff800`0166c863)

dxgmms1!VidSchiCheckConditionDeviceCommand+0xc52e:
fffff800`0166c856 4103c8          add     ecx,r8d
fffff800`0166c859 413bc9          cmp     ecx,r9d
fffff800`0166c85c 72e2            jb      dxgmms1!VidSchiCheckConditionDeviceCommand+0xc518 (fffff800`0166c840)

dxgmms1!VidSchiCheckConditionDeviceCommand+0xc536:
fffff800`0166c85e e9223bffff      jmp     dxgmms1!VidSchiCheckConditionDeviceCommand+0x5d (fffff800`01660385)

dxgmms1!VidSchiCheckConditionDeviceCommand+0xc53b:
fffff800`0166c863 4533c0          xor     r8d,r8d
fffff800`0166c866 e92e3bffff      jmp     dxgmms1!VidSchiCheckConditionDeviceCommand+0x71 (fffff800`01660399)

dxgmms1!VidSchiCheckConditionDeviceCommand+0xc543:
fffff800`0166c86b 488b4350        mov     rax,qword ptr [rbx+50h]
fffff800`0166c86f 488b4868        mov     rcx,qword ptr [rax+68h]
fffff800`0166c873 8b81ac030000    mov     eax,dword ptr [rcx+3ACh]
fffff800`0166c879 85c0            test    eax,eax
fffff800`0166c87b 0f85043bffff    jne     dxgmms1!VidSchiCheckConditionDeviceCommand+0x5d (fffff800`01660385)

dxgmms1!VidSchiCheckConditionDeviceCommand+0xc559:
fffff800`0166c881 837b3006        cmp     dword ptr [rbx+30h],6
fffff800`0166c885 7536            jne     dxgmms1!VidSchiCheckConditionDeviceCommand+0xc595 (fffff800`0166c8bd)

dxgmms1!VidSchiCheckConditionDeviceCommand+0xc55f:
fffff800`0166c887 3983d8000000    cmp     dword ptr [rbx+0D8h],eax
fffff800`0166c88d 752e            jne     dxgmms1!VidSchiCheckConditionDeviceCommand+0xc595 (fffff800`0166c8bd)

dxgmms1!VidSchiCheckConditionDeviceCommand+0xc567:
fffff800`0166c88f 488b83c8000000  mov     rax,qword ptr [rbx+0C8h]
fffff800`0166c896 488b4008        mov     rax,qword ptr [rax+8]
fffff800`0166c89a 4885c0          test    rax,rax
fffff800`0166c89d 741e            je      dxgmms1!VidSchiCheckConditionDeviceCommand+0xc595 (fffff800`0166c8bd)

dxgmms1!VidSchiCheckConditionDeviceCommand+0xc577:
fffff800`0166c89f 488b4078        mov     rax,qword ptr [rax+78h]
fffff800`0166c8a3 8b00            mov     eax,dword ptr [rax]
fffff800`0166c8a5 0fbae01d        bt      eax,1Dh
fffff800`0166c8a9 7308            jae     dxgmms1!VidSchiCheckConditionDeviceCommand+0xc58b (fffff800`0166c8b3)

dxgmms1!VidSchiCheckConditionDeviceCommand+0xc583:
fffff800`0166c8ab 85c0            test    eax,eax
fffff800`0166c8ad 0f88d23affff    js      dxgmms1!VidSchiCheckConditionDeviceCommand+0x5d (fffff800`01660385)

dxgmms1!VidSchiCheckConditionDeviceCommand+0xc58b:
fffff800`0166c8b3 0fbae013        bt      eax,13h
fffff800`0166c8b7 0f82c83affff    jb      dxgmms1!VidSchiCheckConditionDeviceCommand+0x5d (fffff800`01660385)

dxgmms1!VidSchiCheckConditionDeviceCommand+0xc595:
fffff800`0166c8bd ff15edab0000    call    qword ptr [dxgmms1!_imp_WdLogNewEntry5_WdCriticalError (fffff800`016774b0)]
fffff800`0166c8c3 488bd0          mov     rdx,rax
fffff800`0166c8c6 48c7401819010000 mov     qword ptr [rax+18h],119h
fffff800`0166c8ce 48c7402000000007 mov     qword ptr [rax+20h],7000000h
fffff800`0166c8d6 488b4350        mov     rax,qword ptr [rbx+50h]
fffff800`0166c8da 488b4868        mov     rcx,qword ptr [rax+68h]
fffff800`0166c8de 488b4120        mov     rax,qword ptr [rcx+20h]
fffff800`0166c8e2 48894228        mov     qword ptr [rdx+28h],rax
fffff800`0166c8e6 488b4350        mov     rax,qword ptr [rbx+50h]
fffff800`0166c8ea 488b4868        mov     rcx,qword ptr [rax+68h]
fffff800`0166c8ee 48895a38        mov     qword ptr [rdx+38h],rbx
fffff800`0166c8f2 48894a30        mov     qword ptr [rdx+30h],rcx
fffff800`0166c8f6 488bca          mov     rcx,rdx
fffff800`0166c8f9 ff15b9ab0000    call    qword ptr [dxgmms1!_imp_WdLogEvent5_WdCriticalError (fffff800`016774b8)]
fffff800`0166c8ff cc              int     3
fffff800`0166c900 ff15aaab0000    call    qword ptr [dxgmms1!_imp_WdLogNewEntry5_WdCriticalError (fffff800`016774b0)]
fffff800`0166c906 488bc8          mov     rcx,rax
fffff800`0166c909 48c7401813010000 mov     qword ptr [rax+18h],113h
fffff800`0166c911 48c7402004000000 mov     qword ptr [rax+20h],4
fffff800`0166c919 48895828        mov     qword ptr [rax+28h],rbx
fffff800`0166c91d 48c7403000000000 mov     qword ptr [rax+30h],0
fffff800`0166c925 48c7403800000000 mov     qword ptr [rax+38h],0
fffff800`0166c92d ff1585ab0000    call    qword ptr [dxgmms1!_imp_WdLogEvent5_WdCriticalError (fffff800`016774b8)]
fffff800`0166c933 90              nop
fffff800`0166c934 e9223cffff      jmp     dxgmms1!DXGFASTMUTEX::Release+0x1b (fffff800`0166055b)

dxgmms1!DXGFASTMUTEX::Release+0x1b:
fffff800`0166055b 837b0c00        cmp     dword ptr [rbx+0Ch],0
fffff800`0166055f 0f8ed4c30000    jle     dxgmms1!DXGFASTMUTEX::Release+0xc3f9 (fffff800`0166c939)

dxgmms1!DXGFASTMUTEX::Release+0x25:
fffff800`01660565 ff4b0c          dec     dword ptr [rbx+0Ch]
fffff800`01660568 7519            jne     dxgmms1!DXGFASTMUTEX::Release+0x43 (fffff800`01660583)

dxgmms1!DXGFASTMUTEX::Release+0x2a:
fffff800`0166056a 48c70300000000  mov     qword ptr [rbx],0
fffff800`01660571 f0ff4b08        lock dec dword ptr [rbx+8]
fffff800`01660575 751c            jne     dxgmms1!DXGFASTMUTEX::Release+0x53 (fffff800`01660593)

dxgmms1!DXGFASTMUTEX::Release+0x37:
fffff800`01660577 4883c420        add     rsp,20h
fffff800`0166057b 5b              pop     rbx
fffff800`0166057c 48ff254d6e0100  jmp     qword ptr [dxgmms1!_imp_KeLeaveCriticalRegion (fffff800`016773d0)]

dxgmms1!DXGFASTMUTEX::Release+0x43:
fffff800`01660583 f0ff4b08        lock dec dword ptr [rbx+8]
fffff800`01660587 4883c420        add     rsp,20h
fffff800`0166058b 5b              pop     rbx
fffff800`0166058c 48ff253d6e0100  jmp     qword ptr [dxgmms1!_imp_KeLeaveCriticalRegion (fffff800`016773d0)]

dxgmms1!DXGFASTMUTEX::Release+0x53:
fffff800`01660593 488d4b18        lea     rcx,[rbx+18h]
fffff800`01660597 4533c0          xor     r8d,r8d
fffff800`0166059a 33d2            xor     edx,edx
fffff800`0166059c ff15266e0100    call    qword ptr [dxgmms1!_imp_KeSetEvent (fffff800`016773c8)]
fffff800`016605a2 4883c420        add     rsp,20h
fffff800`016605a6 5b              pop     rbx
fffff800`016605a7 48ff25226e0100  jmp     qword ptr [dxgmms1!_imp_KeLeaveCriticalRegion (fffff800`016773d0)]

dxgmms1!DXGFASTMUTEX::Release+0xc3f9:
fffff800`0166c939 ff15b1ab0000    call    qword ptr [dxgmms1!_imp_WdLogNewEntry5_WdAssertion (fffff800`016774f0)]
fffff800`0166c93f 488bc8          mov     rcx,rax
fffff800`0166c942 48c7401823010000 mov     qword ptr [rax+18h],123h
fffff800`0166c94a ff15a8ab0000    call    qword ptr [dxgmms1!_imp_WdLogEvent5_WdAssertion (fffff800`016774f8)]
fffff800`0166c950 90              nop
fffff800`0166c951 e90f3cffff      jmp     dxgmms1!DXGFASTMUTEX::Release+0x25 (fffff800`01660565)

dxgmms1!_imp_KeLeaveCriticalRegion:
fffff800`016773d0 9c              pushfq
fffff800`016773d1 6d              ins     dword ptr [rdi],dx
fffff800`016773d2 cf              iretd


IP 地址: 已记录   报告
   2014-12-17, 19:46 下午
Raymond 离线,最后访问时间: 2020/7/3 3:40:25 格蠹老雷

发帖数前10位
注册: 2005-12-19
发 贴: 1,303
Re: 张老师能不能帮忙看一下这个BSOD
Reply Quote
在高IRQL(2)访问了空指针(0+8 = 8),可能是指针被意外写成了0,更可能是有溢出...
IP 地址: 已记录   报告
高端调试 » 软件调试 » Windows内核调试 » 张老师能不能帮忙看一下这个BSOD

 
Legal Notice Privacy Statement Corporate Governance Corporate Governance
(C)2004-2020 ADVDBG.ORG All Rights Reserved.