求助,帮忙用 WinDbg 分析电脑蓝屏文件

2019-11-07 13:47:18 +08:00
 huyinjie
一打开 PDF 就蓝屏,大概率是 Sumatra 这个软件导致的。有没有好心人安装了非 UWP 版本的 Windbg 可以帮忙分析下 dmp 文件,UWP 版本的提示参数错误 0x80070057
文件放在了这边: https://send.firefox.com/download/0cdaab4cf954cb3e/#tKaDhY1vILfqGwgd7WcMeA
2183 次点击
所在节点    问与答
5 条回复
jasonyang9
2019-11-07 13:55:07 +08:00
cldflts.sys ,可能是 OneDrive
huyinjie
2019-11-07 13:59:12 +08:00
@jasonyang9 #1 感谢 可以帮忙导出下文档或者粘贴出来吗
jasonyang9
2019-11-07 14:09:53 +08:00
我是用 BlueScreenView 看的:

110719-9390-01.dmp 2019/11/7 12:48:10 SYSTEM_SERVICE_EXCEPTION 0x0000003b 00000000`c0000005 fffff802`75ebfbfe ffffa203`2b885800 00000000`00000000 cldflt.sys cldflt.sys+5fbfe x64 ntoskrnl.exe+1c1220 110719-9390-01.dmp 4 15 18362 1,203,396 2019/11/7 13:48:45



cldflt.sys cldflt.sys+5fbfe fffff802`75e60000 fffff802`75ed7000 0x00077000 0xb7d0f1f2 2067/9/22 21:32:34
ntoskrnl.exe ntoskrnl.exe+1d30e9 fffff802`6e400000 fffff802`6eeb6000 0x00ab6000 0xfc9570f2 2104/4/15 5:36:50
hal.dll fffff802`6e35d000 fffff802`6e400000 0x000a3000 0x1cd3fb4f
kd.dll fffff802`70800000 fffff802`7080b000 0x0000b000 0x5a75d524 2018/2/3 23:28:36
mcupdate_GenuineIntel.dll fffff802`70810000 fffff802`70a11000 0x00201000 0x258cab1a 1989/12/18 17:17:14
msrpc.sys fffff802`70a70000 fffff802`70ad0000 0x00060000 0x8e1a4f15 2045/7/19 22:54:13
ksecdd.sys fffff802`70a40000 fffff802`70a6a000 0x0002a000 0xa35f28f6 2056/11/8 23:23:34
werkernel.sys fffff802`70a20000 fffff802`70a31000 0x00011000 0x958e14b2 2049/7/6 0:49:54
CLFS.SYS fffff802`70b10000 fffff802`70b78000 0x00068000 0x07bc3c0b
tm.sys fffff802`70ae0000 fffff802`70b07000 0x00027000 0x9a74c3b7 2052/2/12 17:39:03
PSHED.dll fffff802`70b80000 fffff802`70b9a000 0x0001a000 0xb21f9dda 2064/9/12 11:41:14
BOOTVID.dll fffff802`70ba0000 fffff802`70bab000 0x0000b000 0x0f301604
FLTMGR.SYS fffff802`70d10000 fffff802`70d81000 0x00071000 0x801a5f11 2038/2/8 11:18:41
clipsp.sys fffff802`70c00000 fffff802`70d05000 0x00105000 0x5d8991ba 2019/9/24 11:47:06
cmimcext.sys fffff802`70bb0000 fffff802`70bbe000 0x0000e000 0xc7f022b4 2076/4/18 10:45:08
ntosext.sys fffff802`70bc0000 fffff802`70bcc000 0x0000c000 0xbac877d8 2069/4/21 0:14:16
CI.dll fffff802`70d90000 fffff802`70e6c000 0x000dc000 0xe1af0052 2089/12/25 17:48:02
cng.sys fffff802`70e70000 fffff802`70f2c000 0x000bc000 0x5444b5a1 2014/10/20 15:11:29
Wdf01000.sys fffff802`70f30000 fffff802`71005000 0x000d5000 0x116a658a
WDFLDR.SYS fffff802`70bd0000 fffff802`70be3000 0x00013000 0x3b396780 2001/6/27 12:56:32
WppRecorder.sys fffff802`71010000 fffff802`71020000 0x00010000 0x34a54231 1997/12/28 2:00:17
SleepStudyHelper.sys fffff802`70bf0000 fffff802`70bff000 0x0000f000 0xba6e2346 2069/2/11 11:49:26
acpiex.sys fffff802`71030000 fffff802`71055000 0x00025000 0x2b91edb2 1993/3/1 19:04:18
mssecflt.sys fffff802`71060000 fffff802`710a2000 0x00042000 0x9c3fcc09 2053/1/25 22:04:57
SgrmAgent.sys fffff802`710b0000 fffff802`710ca000 0x0001a000 0xf851a195 2102/1/8 1:49:09
lxss.sys fffff802`710d0000 fffff802`710da000 0x0000a000 0x86d5f4c6 2041/9/7 20:12:54
LXCORE.SYS fffff802`710e0000 fffff802`711f6000 0x00116000 0xdeb52477 2088/5/26 20:35:03
ACPI.sys fffff802`71200000 fffff802`712cc000 0x000cc000 0x90b929f2 2046/12/10 19:26:42
WMILIB.SYS fffff802`712d0000 fffff802`712dc000 0x0000c000 0x59021e3d 2017/4/28 0:37:17
intelpep.sys fffff802`712e0000 fffff802`7133b000 0x0005b000 0xa0b377f1 2055/6/9 9:10:09
WindowsTrustedRT.sys fffff802`71340000 fffff802`71357000 0x00017000 0xcb95ce3d 2078/3/27 15:41:49

后面还有
cjw1115
2019-11-07 16:57:36 +08:00
STACK_TEXT:
ffffa203`2b8861f0 fffff802`75ec0129 : ffffb783`0c4d1a88 ffffa203`2b886360 00000000`00000000 00000000`00000000 : cldflt!HsmiFltPostECPCREATE+0x1da
ffffa203`2b886280 fffff802`70d13c03 : ffffb783`0c4d1a88 ffffa203`2b886360 ffffb783`0c4d19a0 00000000`0000366b : cldflt!HsmFltPostQUERY_OPEN+0x29
ffffa203`2b886310 fffff802`70d1243c : 00000000`00000000 ffffb783`06e19d00 ffffb783`0fe4c4a8 00000000`00000000 : FLTMGR!FltpPerformPostCallbacks+0x3e3
ffffa203`2b8863e0 fffff802`6e489aac : ffffa203`2b886480 ffffa203`2b886d0c ffffb783`06dd88f0 ffffb783`107339f0 : FLTMGR!FltpPostFsFilterOperation+0x2c
ffffa203`2b886410 fffff802`6ec5010d : 00000000`00000000 ffffb783`06e19d60 ffffa203`2b886540 fffff802`719ddda0 : nt!FsFilterPerformCompletionCallbacks+0x4c
ffffa203`2b886440 fffff802`6ebead94 : 00000000`6d4e6f49 fffff802`6e76f06d ffffa203`00000003 00000000`00000000 : nt!FsRtlQueryOpen+0xd1
ffffa203`2b886710 fffff802`6e9e62ba : fffff802`00000004 fffff802`6e9e5944 ffffa203`2b886950 00000000`00000000 : nt!IopQueryInformation+0x139ad4
ffffa203`2b886770 fffff802`6e9ecfcf : ffffb783`06dd88f0 ffffb783`06dd8844 ffffb783`0ee1f560 00000000`00000000 : nt!IopParseDevice+0x8ea
ffffa203`2b8868e0 fffff802`6e9eb431 : ffffb783`0ee1f500 ffffa203`2b886b28 ffffb783`00000240 ffffb783`04cd40c0 : nt!ObpLookupObjectName+0x78f
ffffa203`2b886aa0 fffff802`6ec57ec3 : 00000000`00000001 00000000`00000000 ffffa203`2b887090 ffffa203`2b886ef8 : nt!ObOpenObjectByNameEx+0x201
ffffa203`2b886be0 fffff802`70d28063 : ffffa203`2b887000 ffffb783`1079e9a0 ffffb783`0af91a00 fffff802`70d176fb : nt!IoQueryInformationByName+0x263
ffffa203`2b886e90 fffff802`75e75c99 : ffffa203`2b887088 00000000`00000000 ffffa203`2b887088 fffff802`6e46b455 : FLTMGR!FltQueryInformationByName+0x153
ffffa203`2b886f40 fffff802`75e67924 : ffffa203`2b887088 00000000`00000000 00000000`00000000 00000000`00000000 : cldflt!FltQueryInformationByNameCallout+0x49
ffffa203`2b886f90 fffff802`75ebf77d : 00000000`00000000 ffffa203`2b888000 ffffa203`2b881000 ffffb783`1079e9a0 : cldflt!HsmExpandKernelStackAndCallout+0x44
ffffa203`2b886fd0 fffff802`75ec0019 : ffffb783`0e46a010 ffffb783`0beceb88 ffffb783`1079ec30 ffffa203`2b887219 : cldflt!HsmiFltPreECPCREATE+0x34d
ffffa203`2b887140 fffff802`70d14a5d : ffffb783`0becea00 ffffb783`00000000 ffffb783`00000000 00000000`00000000 : cldflt!HsmFltPreCREATE+0x9
ffffa203`2b887170 fffff802`70d145a0 : ffffa203`2b8872f0 ffffa203`2b887300 00000000`00000000 00000000`00000000 : FLTMGR!FltpPerformPreCallbacks+0x2fd
ffffa203`2b887280 fffff802`70d4cd13 : fffff802`70d39060 00000000`00000110 00000000`00000000 00000000`00000454 : FLTMGR!FltpPassThroughInternal+0x90
ffffa203`2b8872b0 fffff802`6e431f39 : 00000000`00000000 fffff802`6e9e5905 00000000`00000000 00000000`00000000 : FLTMGR!FltpCreate+0x2f3
ffffa203`2b887360 fffff802`6e430fe4 : 00000000`00000003 00000000`00000000 00000000`00000000 fffff802`6e4317a3 : nt!IofCallDriver+0x59
ffffa203`2b8873a0 fffff802`6e9e5ffb : ffffa203`2b887660 fffff802`6e9e5905 ffffa203`2b8875d0 ffffb783`10771010 : nt!IoCallDriverWithTracing+0x34
ffffa203`2b8873f0 fffff802`6e9ecfcf : ffffb783`06dd88f0 ffffb783`06dd8805 ffffb783`100749a0 00000000`00000001 : nt!IopParseDevice+0x62b
ffffa203`2b887560 fffff802`6e9eb431 : ffffb783`10074900 ffffa203`2b8877a8 00000000`00000040 ffffb783`04cd40c0 : nt!ObpLookupObjectName+0x78f
ffffa203`2b887720 fffff802`6ea30300 : 00000000`00000001 00000017`4fd0f558 00000000`00000001 00000000`00000000 : nt!ObOpenObjectByNameEx+0x201
ffffa203`2b887860 fffff802`6ea2fac9 : 00000017`4fd0f500 00000000`40100080 00000017`4fd0f558 00000017`4fd0f518 : nt!IopCreateFile+0x820
ffffa203`2b887900 fffff802`6e5d2b15 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!NtCreateFile+0x79
ffffa203`2b887990 00007ffa`264dcb64 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x25
00000017`4fd0f488 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x00007ffa`264dcb64


THREAD_SHA1_HASH_MOD_FUNC: 6c7518cce721fecd91a279b71d6c590012cfeb9e

THREAD_SHA1_HASH_MOD_FUNC_OFFSET: 1242459b356dfef42d12ef1a660e2600ed8d7605

THREAD_SHA1_HASH_MOD: 8fcdce0b961f3e096e6533bd1542fcd9959c4f1c

FOLLOWUP_IP:
cldflt!HsmiFltPostECPCREATE+1da
fffff802`75ebfbfe f60201 test byte ptr [rdx],1

FAULT_INSTR_CODE: 750102f6

SYMBOL_STACK_INDEX: 0

SYMBOL_NAME: cldflt!HsmiFltPostECPCREATE+1da

FOLLOWUP_NAME: MachineOwner

MODULE_NAME: cldflt

IMAGE_NAME: cldflt.sys

DEBUG_FLR_IMAGE_TIMESTAMP: 0

IMAGE_VERSION: 10.0.18362.1034

STACK_COMMAND: .cxr 0xffffa2032b885800 ; kb

BUCKET_ID_FUNC_OFFSET: 1da

FAILURE_BUCKET_ID: 0x3B_c0000005_cldflt!HsmiFltPostECPCREATE

BUCKET_ID: 0x3B_c0000005_cldflt!HsmiFltPostECPCREATE

PRIMARY_PROBLEM_CLASS: 0x3B_c0000005_cldflt!HsmiFltPostECPCREATE

TARGET_TIME: 2019-11-07T04:48:10.000Z

OSBUILD: 18362

OSSERVICEPACK: 418

SERVICEPACK_NUMBER: 0

OS_REVISION: 0

SUITE_MASK: 272

PRODUCT_TYPE: 1

OSPLATFORM_TYPE: x64

OSNAME: Windows 10

OSEDITION: Windows 10 WinNt TerminalServer SingleUserTS

OS_LOCALE:

USER_LCID: 0

OSBUILD_TIMESTAMP: unknown_date

BUILDDATESTAMP_STR: 190318-1202

BUILDLAB_STR: 19h1_release

BUILDOSVER_STR: 10.0.18362.1.amd64fre.19h1_release.190318-1202

ANALYSIS_SESSION_ELAPSED_TIME: 17102

ANALYSIS_SOURCE: KM

FAILURE_ID_HASH_STRING: km:0x3b_c0000005_cldflt!hsmifltpostecpcreate

FAILURE_ID_HASH: {a70c9fc4-24a8-3907-3d56-b0e3f463c98e}

Followup: MachineOwner
---------
huyinjie
2019-11-07 19:42:00 +08:00
感谢各位,这个问题在安装 KB4522741 后发生的,把 Onedrive 重启了一下目前还没有蓝屏

这是一个专为移动设备优化的页面(即为了让你能够在 Google 搜索结果里秒开这个页面),如果你希望参与 V2EX 社区的讨论,你可以继续到 V2EX 上打开本讨论主题的完整版本。

https://www.v2ex.com/t/617186

V2EX 是创意工作者们的社区,是一个分享自己正在做的有趣事物、交流想法,可以遇见新朋友甚至新机会的地方。

V2EX is a community of developers, designers and creative people.

© 2021 V2EX