在 Windows 7 上,我每天在五台设备上同时出现 BSOD 0x8E。
Allways 异常代码 - 04 - STATUS_SINGLE_STEP 例如:
1: kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
KERNEL_MODE_EXCEPTION_NOT_HANDLED_M (1000008e)
This is a very common bugcheck. Usually the exception address pinpoints
the driver/function that caused the problem. Always note this address
as well as the link date of the driver/image that contains this address.
Some common problems are exception code 0x80000003. This means a hard
coded breakpoint or assertion was hit, but this system was booted
/NODEBUG. This is not supposed to happen as developers should never have
hardcoded breakpoints in retail code, but ...
If this happens, make sure a debugger gets connected, and the
system is booted /DEBUG. This will let us see why this breakpoint is
happening.
Arguments:
Arg1: 80000004, The exception code that was not handled
Arg2: ffdff2a5, The address that the exception occurred at
Arg3: a9c34d48, Trap Frame
Arg4: 00000000
Debugging Details:
------------------
DUMP_CLASS: 1
DUMP_QUALIFIER: 400
BUILD_VERSION_STRING: 7601.17514.x86fre.win7sp1_rtm.101119-1850
SYSTEM_MANUFACTURER: System manufacturer
SYSTEM_PRODUCT_NAME: System Product Name
SYSTEM_SKU: SKU
SYSTEM_VERSION: System Version
BIOS_VENDOR: American Megatrends Inc.
BIOS_VERSION: 1002
BIOS_DATE: 06/04/2013
BASEBOARD_MANUFACTURER: ASUSTeK COMPUTER INC.
BASEBOARD_PRODUCT: P8H61-I LX R2.0
BASEBOARD_VERSION: Rev X.0x
DUMP_TYPE: 2
BUGCHECK_P1: ffffffff80000004
BUGCHECK_P2: ffffffffffdff2a5
BUGCHECK_P3: ffffffffa9c34d48
BUGCHECK_P4: 0
EXCEPTION_CODE: (HRESULT) 0x80000004 (2147483652) - <Unable to get error code text>
FAULTING_IP:
+0
ffdff2a5 0000 add byte ptr [eax],al
TRAP_FRAME: a9c34d48 -- (.trap 0xffffffffa9c34d48)
ErrCode = 00000000
eax=00000000 ebx=846410c0 ecx=00000000 edx=00000000 esi=0c4cdb04 edi=00000000
eip=ffdff2a5 esp=a9c34dbc ebp=801ef000 iopl=0 ov dn di ng nz na pe nc
cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00004c86
ffdff2a5 0000 add byte ptr [eax],al ds:0023:00000000=??
Resetting default scope
CPU_COUNT: 2
CPU_MHZ: a8c
CPU_VENDOR: GenuineIntel
CPU_FAMILY: 6
CPU_MODEL: 3a
CPU_STEPPING: 9
CPU_MICROCODE: 6,3a,9,0 (F,M,S,R) SIG: 17'00000000 (cache) 17'00000000 (init)
CUSTOMER_CRASH_COUNT: 1
DEFAULT_BUCKET_ID: BAD_STACK_0x8E
BUGCHECK_STR: 0x8E
PROCESS_NAME: avp.exe
CURRENT_IRQL: 0
ANALYSIS_SESSION_HOST: NETMANNOTE
ANALYSIS_SESSION_TIME: 11-17-2017 12:11:18.0584
ANALYSIS_VERSION: 10.0.15063.468 x86fre
LAST_CONTROL_TRANSFER: from 00000000 to ffdff2a5
STACK_TEXT:
a9c34db8 00000000 0000027f 00000000 00000000 0xffdff2a5
STACK_COMMAND: .trap 0xffffffffa9c34d48 ; kb
SYMBOL_NAME: ANALYSIS_INCONCLUSIVE
FOLLOWUP_NAME: MachineOwner
MODULE_NAME: Unknown_Module
IMAGE_NAME: Unknown_Image
DEBUG_FLR_IMAGE_TIMESTAMP: 0
BUCKET_ID: BAD_STACK_0x8E
PRIMARY_PROBLEM_CLASS: BAD_STACK
FAILURE_BUCKET_ID: BAD_STACK_0x8E
TARGET_TIME: 2017-11-16T13:53:07.000Z
OSBUILD: 7601
OSSERVICEPACK: 1000
SERVICEPACK_NUMBER: 0
OS_REVISION: 0
SUITE_MASK: 336
PRODUCT_TYPE: 1
OSPLATFORM_TYPE: x86
OSNAME: Windows 7
OSEDITION: Windows 7 WinNt (Service Pack 1) TerminalServer EmbeddedNT SingleUserTS
OS_LOCALE:
USER_LCID: 0
OSBUILD_TIMESTAMP: 2010-11-20 11:42:49
BUILDDATESTAMP_STR: 101119-1850
BUILDLAB_STR: win7sp1_rtm
BUILDOSVER_STR: 6.1.7601.17514.x86fre.win7sp1_rtm.101119-1850
ANALYSIS_SESSION_ELAPSED_TIME: cc3
ANALYSIS_SOURCE: KM
FAILURE_ID_HASH_STRING: km:bad_stack_0x8e
FAILURE_ID_HASH: {993602b9-6aa7-fbab-86a8-bb6ad81a3997}
Followup: MachineOwner
服务名称可以不同:av.exe, scvhost.ext,.. 我知道这是由于驱动程序没有处理 STATUS_SINGLE_STEP 异常。知道如何找到错误的驱动程序吗?转储中没有堆栈和模块名称...
我尝试运行带有标准标志的 Mirosoft 驱动程序验证程序和所有没有 Microsoft 驱动程序的驱动程序,转储列表在上面。