关机途中蓝屏报错0x00000050

Consedunding

目前比较频繁的报错
我运行了C盘检查和Windows内存诊断，并没有发现问题
于是拿出windbg分析导出来dmp

14: kd> !analyze -v
Loading Kernel Symbols
..

Press ctrl-c (cdb, kd, ntsd) or ctrl-break (windbg) to abort symbol loads that take too long.
Run !sym noisy before .reload to track down problems loading symbols.

.............................................................
................................................................
................................................................
..............................
Loading User Symbols

Loading unloaded module list
..................

*
Bugcheck Analysis *
*
*******************************************************************************

PAGE_FAULT_IN_NONPAGED_AREA (50)
Invalid system memory was referenced. This cannot be protected by try-except.
Typically the address is just plain bad or it is pointing at freed memory.
Arguments:
Arg1: ffffa991f309e6c8, memory referenced.
Arg2: 0000000000000000, X64: bit 0 set if the fault was due to a not-present PTE.
bit 1 is set if the fault was due to a write, clear if a read.
bit 3 is set if the processor decided the fault was due to a corrupted PTE.
bit 4 is set if the fault was due to attempted execute of a no-execute PTE.
- ARM64: bit 1 is set if the fault was due to a write, clear if a read.
bit 3 is set if the fault was due to attempted execute of a no-execute PTE.
Arg3: fffff804e53b32e2, If non-zero, the instruction address which referenced the bad memory
address.
Arg4: 0000000000000002, (reserved)

Debugging Details:

KEY_VALUES_STRING: 1

Key  : AV.Type
Value: Read

Key  : Analysis.CPU.mSec
Value: 1062

Key  : Analysis.Elapsed.mSec
Value: 10807

Key  : Analysis.IO.Other.Mb
Value: 0

Key  : Analysis.IO.Read.Mb
Value: 12

Key  : Analysis.IO.Write.Mb
Value: 0

Key  : Analysis.Init.CPU.mSec
Value: 1015

Key  : Analysis.Init.Elapsed.mSec
Value: 75634

Key  : Analysis.Memory.CommitPeak.Mb
Value: 109

Key  : Analysis.Version.DbgEng
Value: 10.0.27871.1001

Key  : Analysis.Version.Description
Value: 10.2505.01.02 amd64fre

Key  : Analysis.Version.Ext
Value: 1.2505.1.2

Key  : Bugcheck.Code.LegacyAPI
Value: 0x50

Key  : Bugcheck.Code.TargetModel
Value: 0x50

Key  : Dump.Attributes.AsUlong
Value: 0x21808

Key  : Dump.Attributes.DiagDataWrittenToHeader
Value: 1

Key  : Dump.Attributes.ErrorCode
Value: 0x0

Key  : Dump.Attributes.KernelGeneratedTriageDump
Value: 1

Key  : Dump.Attributes.LastLine
Value: Dump completed successfully.

Key  : Dump.Attributes.ProgressPercentage
Value: 0

Key  : Failure.Bucket
Value: AV_R_(null)_nt!_guard_retpoline_indirect_cfg_rax

Key  : Failure.Exception.IP.Address
Value: 0xfffff804e53b32e2

Key  : Failure.Exception.IP.Module
Value: nt

Key  : Failure.Exception.IP.Offset
Value: 0xbb32e2

Key  : Failure.Hash
Value: {9f6e639e-8b6d-6aeb-2cca-c89fb021f99b}

Key  : Hypervisor.Enlightenments.ValueHex
Value: 0x7497cf94

Key  : Hypervisor.Flags.AnyHypervisorPresent
Value: 1

Key  : Hypervisor.Flags.ApicEnlightened
Value: 1

Key  : Hypervisor.Flags.ApicVirtualizationAvailable
Value: 0

Key  : Hypervisor.Flags.AsyncMemoryHint
Value: 0

Key  : Hypervisor.Flags.CoreSchedulerRequested
Value: 0

Key  : Hypervisor.Flags.CpuManager
Value: 1

Key  : Hypervisor.Flags.DeprecateAutoEoi
Value: 0

Key  : Hypervisor.Flags.DynamicCpuDisabled
Value: 1

Key  : Hypervisor.Flags.Epf
Value: 0

Key  : Hypervisor.Flags.ExtendedProcessorMasks
Value: 1

Key  : Hypervisor.Flags.HardwareMbecAvailable
Value: 1

Key  : Hypervisor.Flags.MaxBankNumber
Value: 0

Key  : Hypervisor.Flags.MemoryZeroingControl
Value: 0

Key  : Hypervisor.Flags.NoExtendedRangeFlush
Value: 0

Key  : Hypervisor.Flags.NoNonArchCoreSharing
Value: 1

Key  : Hypervisor.Flags.Phase0InitDone
Value: 1

Key  : Hypervisor.Flags.PowerSchedulerQos
Value: 0

Key  : Hypervisor.Flags.RootScheduler
Value: 0

Key  : Hypervisor.Flags.SynicAvailable
Value: 1

Key  : Hypervisor.Flags.UseQpcBias
Value: 0

Key  : Hypervisor.Flags.Value
Value: 38408431

Key  : Hypervisor.Flags.ValueHex
Value: 0x24a10ef

Key  : Hypervisor.Flags.VpAssistPage
Value: 1

Key  : Hypervisor.Flags.VsmAvailable
Value: 1

Key  : Hypervisor.RootFlags.AccessStats
Value: 1

Key  : Hypervisor.RootFlags.CrashdumpEnlightened
Value: 1

Key  : Hypervisor.RootFlags.CreateVirtualProcessor
Value: 1

Key  : Hypervisor.RootFlags.DisableHyperthreading
Value: 0

Key  : Hypervisor.RootFlags.HostTimelineSync
Value: 1

Key  : Hypervisor.RootFlags.HypervisorDebuggingEnabled
Value: 0

Key  : Hypervisor.RootFlags.IsHyperV
Value: 1

Key  : Hypervisor.RootFlags.LivedumpEnlightened
Value: 1

Key  : Hypervisor.RootFlags.MapDeviceInterrupt
Value: 1

Key  : Hypervisor.RootFlags.MceEnlightened
Value: 1

Key  : Hypervisor.RootFlags.Nested
Value: 0

Key  : Hypervisor.RootFlags.StartLogicalProcessor
Value: 1

Key  : Hypervisor.RootFlags.Value
Value: 1015

Key  : Hypervisor.RootFlags.ValueHex
Value: 0x3f7

BUGCHECK_CODE: 50

BUGCHECK_P1: ffffa991f309e6c8

BUGCHECK_P2: 0

BUGCHECK_P3: fffff804e53b32e2

BUGCHECK_P4: 2

FILE_IN_CAB: 080825-12187-01.dmp

TAG_NOT_DEFINED_202b: *** Unknown TAG in analysis list 202b

DUMP_FILE_ATTRIBUTES: 0x21808
Kernel Generated Triage Dump

FAULTING_THREAD: ffff910f4cdd3040

READ_ADDRESS: fffff804e57c44c0: Unable to get MiVisibleState
Unable to get NonPagedPoolStart
Unable to get NonPagedPoolEnd
Unable to get PagedPoolStart
Unable to get PagedPoolEnd
unable to get nt!MmSpecialPagesInUse
ffffa991f309e6c8

MM_INTERNAL_CODE: 2

BLACKBOXBSD: 1 (!blackboxbsd)

BLACKBOXNTFS: 1 (!blackboxntfs)

BLACKBOXPNP: 1 (!blackboxpnp)

BLACKBOXWINLOGON: 1

CUSTOMER_CRASH_COUNT: 1

PROCESS_NAME: System

STACK_TEXT:
ffffbb0c82f865a8 fffff804e4b41ce0 ffffbb0c82f865b0 fffff804e4ab0380 ffffbb0c82f866a0 fffff804e4eb35cb ffffbb0c82f86810 fffff804e53b32e2 ffffbb0c82f869a8 fffff804e50bdc27 ffffbb0c82f869b0 fffff804e51f3d8b ffffbb0c82f86ac0 fffff804e51f3925 ffffbb0c82f86c00 fffff804e51a5333 ffffbb0c82f86c40 fffff804e519fd78 ffffbb0c82f86db0 fffff804e4f9d3d7 ffffbb0c82f86e20 fffff804e5351d53 ffffbb0c82f86f20 fffff804e535d2e1 ffffbb0c82f86f60 fffff804e53411e0 ffffbb0c82f87080 fffff804e528e44e ffffbb0c82f87230 fffff804e528e050 ffffbb0c82f872e0 fffff804e4c951ee ffffbb0c82f87360 fffff804e4b386bc ffffbb0c82f87390 fffff804e4c95fca ffffbb0c82f87570 fffff804e4ea5534 ffffbb0c82f875c0 0000000000000000 : 0000000000000050 ffffa991f309e6c8 0000000000000000 ffffbb0c82f86810 : nt!KeBugCheckEx
: ffff80810d8a8180 ffff800000000000 ffffa991f309e6c8 0000007ffffffff8 : nt!MiSystemFault+0x7a0
: 0000000000000fff 0000000000000090 000000000002dd45 0000000000000090 : nt!MmAccessFault+0x630
: fffff804e50bdc27 0000000044777445 0000000000000078 0000000000000100 : nt!KiPageFault+0x38b
: 0000000044777445 0000000000000078 0000000000000100 fffff804e4a3cb12 : nt!_guard_retpoline_indirect_cfg_rax+0x22
: 0000000000000000 0000000000000000 ffffd00c8b254f60 0000000000000001 : nt!EtwpSendDataBlock+0x10f
: ffff80810c602380 ffff80810c602380 ffff910f233b9480 ffff910f229f0000 : nt!EtwpClearSessionAndUnreferenceEntry+0x39f
: ffff910f23de4740 ffffbb0c82f86d40 ffff910f229f0000 0000000000000017 : nt!EtwpDisableTraceProviders+0x59
: ffff910f23de4740 ffff910f23de4740 ffffbb0c82f86e40 0000000000000017 : nt!EtwpStopLoggerInstance+0x77
: 0000000000000017 ffffbb0c82f87000 ffffbb0c82f87000 ffff910f23de4740 : nt!EtwpStopTrace+0x1d8
: 0000000000000002 ffffbb0c82f87019 0000000000000002 ffffbb0c82f870a0 : nt!EtwShutdown+0x127
: ffffffffffffffff ffffbb0c82f87019 ffffffff80001d70 0000000000000000 : nt!PopGracefulShutdown+0x20b
: fffff804e481bf01 0000000000000000 ffffbb0c00000000 0000000000000000 : nt!PopTransitionSystemPowerStateEx+0x895
: 00000000c0000004 0000000000000005 ffff910f4cdd3180 ffff910f4cdd3040 : nt!PopTransitionSystemPowerState+0x4c
: 00000000ffffff00 ffff910f00000005 00000000c0000004 0000000000000000 : nt!PopIssueActionRequest+0x26a
: 0000000000000001 0000000000000000 00000000ffffffff ffff910f22723ae0 : nt!PopPolicyWorkerAction+0x80
: ffff910f00000000 ffff910f4cdd3040 ffffbb0c82f87490 ffff910f22723ae0 : nt!PopPolicyWorkerThread+0x7e
: ffff910f4cdd3040 ffff910f4cdd3040 fffff804e4b380d0 ffff910f22723ae0 : nt!ExpWorkerThread+0x5ec
: ffff80810d8a8180 ffff910f4cdd3040 fffff804e4c95f70 ffb7bd94ffb0b68c : nt!PspSystemThreadStartup+0x5a
: ffffbb0c82f88000 ffffbb0c82f81000 0000000000000000 0000000000000000 : nt!KiStartSystemThread+0x34

SYMBOL_NAME: nt!_guard_retpoline_indirect_cfg_rax+22

MODULE_NAME: nt

IMAGE_NAME: ntkrnlmp.exe

IMAGE_VERSION: 10.0.26100.4768

STACK_COMMAND: .process /r /p 0xffff910f2252a040; .thread 0xffff910f4cdd3040 ; kb

BUCKET_ID_FUNC_OFFSET: 22

FAILURE_BUCKET_ID: AV_R(null)nt!_guard_retpoline_indirect_cfg_rax

OSPLATFORM_TYPE: x64

OSNAME: Windows 10

FAILURE_ID_HASH: {9f6e639e-8b6d-6aeb-2cca-c89fb021f99b}

Followup: MachineOwner

我眼都花了
喂给DS，它是这么说的
I
I
I
关键诊断结果
故障点：
bash
SYMBOL_NAME: nt!guard_retpoline_indirect_cfg_rax+22
IMAGE_NAME: ntkrnlmp.exe (Windows内核)
FAILURE_BUCKET_ID: AV_R(null)nt!guard_retpoline_indirect_cfg_rax
错误发生在内核的 retpoline间接跳转保护机制中（Spectre漏洞缓解措施）
试图读取无效内存地址：ffffa991f309e6c8

调用栈分析：
bash
nt!PopGracefulShutdown -> nt!EtwShutdown -> nt!EtwpStopTrace
错误发生在系统关机流程中（PopGracefulShutdown）
涉及 ETW（事件跟踪）服务的关闭过程

根本原因：
系统在关机时尝试释放 ETW 相关资源
内存管理子系统检测到无效的内存访问（地址 ffffa991f309e6c8 不存在）
与内核安全机制（retpoline）或内存损坏相关
I
I
I
我用cmd修了一遍内核组件

把内核完整性关了

所以？结束了吗？我压根不知道
我只能最近再看看了

8天67t9

#1 Consedunding 我感觉问题会是你内存坏了

Consedunding

折腾死我了
游戏没打又半夜十一点了

Shiroyama.W

想起来上个月加内存时候品控问题进了一个坏条报的错了。

开机后固定1min左右蓝屏，每次报的错都不一样，光是我记录下来的就有四个，还有一些乱七八糟的没作记录（）

PAGE FAULT IN NONPAGED AREA

IRQL NOT LESS OR EQUAL

黑哭脸（没生成报错）

UNEXPECTED KERNEL MODE TRAP

给我和3C的人都整不会了。

Consedunding

内存都是新的，买回来就压测过了，虽然当时是15min
现在我给内存做了1h压测，没有任何报错，条子坏的可能性不大吧
考虑到这个报错是关机触发，测试结束后我也马上关机检验，没有触发

这个蓝屏很特别，它不是关机即蓝屏，你要是5s关机完毕，它可能在第4s给你弹出来，显示个2-3s就关机没了
我记得最清楚的就是屏幕上写了个Driver，其他没看清就黑屏了，不知道是啥驱动给我闹事

Consedunding

现在只能打打大型游戏负载一段时间
看看还有没有事吧
这里几乎全是我的知识盲区，我已经快要成为无能的丈夫了