Windwos11がシャットダウンの最後に必ずブルースクリーンを表示するようになってしまい、その原因を突き止めることが目的。ブルースクリーンが表示する内容は下記のみで全く切り分けられない。
問題が発生したため、PC を再起動する必要があります。 自動的に再起動します。 この問題と可能な解決方法の詳細については、https://www.windows.com/stopcodeを参照してください。 サポート担当者に連絡する場合は、この情報を伝えてください: 停止コード: WDF_VIOLATION
MicrosoftのWEBサイトから「Windows SDK」のインストーラーをダウンロード、「Debugging Tools for Windows」のみを選択してインストールする。
WinDbgを起動して「File」→「Symbol File Path…」でシンボルパスを設定しておくと情報が多く手に入るかもしれないということで、とりあえず下記を設定しておく。
srv*C:\Users\user\symbols*https://msdl.microsoft.com/download/symbols
引き続きWinDbgで「File」→「Open Crash Dump…」でブルースクリーン発生時に保存されたMEMORY.DMPを開くと「esif_lf.sys」が原因と分かったので「Intel Dynamic Platform Thermal Framework」のドライバーを更新して不具合を解消した。
Microsoft (R) Windows Debugger Version 10.0.22621.755 AMD64
Copyright (c) Microsoft Corporation. All rights reserved.
Loading Dump File [C:\Users\user\Desktop\MEMORY.DMP]
Kernel Bitmap Dump File: Kernel address space is available, User address space may not be available.
Dump completed successfully, progress percentage: 100
WARNING: Whitespace at end of path element
Error: Empty Path.
WARNING: Whitespace at end of path element
Symbol search path is: SRV*C:\Users\user\symbols*https://msdl.microsoft.com/download/symbols
Executable search path is:
WARNING: Whitespace at end of path element
Windows 10 Kernel Version 22000 MP (4 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS Personal
Edition build lab: 22000.1.amd64fre.co_release.210604-1628
Machine Name:
Kernel base = 0xfffff801`7de00000 PsLoadedModuleList = 0xfffff801`7ea29980
Debug session time: Fri Jan 20 12:14:18.541 2023 (UTC + 9:00)
System Uptime: 0 days 0:03:49.661
Loading Kernel Symbols
...............................................................
................................................................
..............................................................
Loading User Symbols
Loading unloaded module list
...................
For analysis of this file, run !analyze -v
1: kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
WDF_VIOLATION (10d)
The Kernel-Mode Driver Framework was notified that Windows detected an error
in a framework-based driver. In general, the dump file will yield additional
information about the driver that caused this BugCheck.
Arguments:
Arg1: 000000000000000d, A power IRP was received for the device but the IRP was not
requested by the device (the power policy owner). Possibly there
are multiple power policy owners. Only one driver in the stack can
be the power policy owner. A KMDF driver can change power policy
ownership by calling the DDI WdfDeviceInitSetPowerPolicyOwnership.
Arg2: ffffe5838a695bd0, Device object pointer.
Arg3: ffffe5838d1ec010, Power IRP.
Arg4: ffffe58389f64db0, Reserved.
Debugging Details:
------------------
Unable to load image \SystemRoot\System32\drivers\esif_lf.sys, Win32 error 0n2
KEY_VALUES_STRING: 1
Key : Analysis.CPU.mSec
Value: 4327
Key : Analysis.DebugAnalysisManager
Value: Create
Key : Analysis.Elapsed.mSec
Value: 13842
Key : Analysis.Init.CPU.mSec
Value: 2030
Key : Analysis.Init.Elapsed.mSec
Value: 26253
Key : Analysis.Memory.CommitPeak.Mb
Value: 104
Key : WER.OS.Branch
Value: co_release
Key : WER.OS.Timestamp
Value: 2021-06-04T16:28:00Z
Key : WER.OS.Version
Value: 10.0.22000.1
FILE_IN_CAB: MEMORY.DMP
DUMP_FILE_ATTRIBUTES: 0x1000
BUGCHECK_CODE: 10d
BUGCHECK_P1: d
BUGCHECK_P2: ffffe5838a695bd0
BUGCHECK_P3: ffffe5838d1ec010
BUGCHECK_P4: ffffe58389f64db0
DEVICE_OBJECT: ffffe5838a695bd0
IRP_ADDRESS: ffffe5838d1ec010
DRIVER_OBJECT: ffffe5838a9c4e30
IMAGE_NAME: esif_lf.sys
MODULE_NAME: esif_lf
FAULTING_MODULE: fffff801967e0000 esif_lf
BLACKBOXBSD: 1 (!blackboxbsd)
BLACKBOXNTFS: 1 (!blackboxntfs)
BLACKBOXPNP: 1 (!blackboxpnp)
BLACKBOXWINLOGON: 1
PROCESS_NAME: System
STACK_TEXT:
fffff58e`a9d79568 fffff801`7fe8c6bc : 00000000`0000010d 00000000`0000000d ffffe583`8a695bd0 ffffe583`8d1ec010 : nt!KeBugCheckEx
fffff58e`a9d79570 fffff801`7fe5b534 : ffffe583`8a8dd770 fffff58e`a9d79690 00000000`00000000 fffff58e`a9d796a0 : Wdf01000!FxVerifierBugCheckWorker+0x24 [minkernel\wdf\framework\shared\object\fxverifierbugcheck.cpp @ 68]
fffff58e`a9d795b0 fffff801`7fe2c655 : ffffe583`8a8dd770 fffff58e`a9d79678 00000000`00000004 00000000`00000000 : Wdf01000!FxPkgFdo::DispatchDeviceSetPower+0x2ed68 [minkernel\wdf\framework\shared\irphandlers\pnp\fdopower.cpp @ 324]
fffff58e`a9d79600 fffff801`7fe2b459 : ffffe583`8a8dd770 00000000`00000000 ffffe583`00000000 00000000`00000202 : Wdf01000!FxPkgFdo::_DispatchSetPower+0x25 [minkernel\wdf\framework\shared\irphandlers\pnp\fdopower.cpp @ 120]
fffff58e`a9d79630 fffff801`7fe23d83 : ffffe583`8d1ec010 ffffe583`8d1ec010 ffffe583`8ccf4aa0 fffff58e`a9d79730 : Wdf01000!FxPkgPnp::Dispatch+0xd9 [minkernel\wdf\framework\shared\irphandlers\pnp\fxpkgpnp.cpp @ 771]
fffff58e`a9d796a0 fffff801`7e1a29a7 : 00000000`00000100 00000000`00000000 00000000`00000000 00000000`00000000 : Wdf01000!FxDevice::DispatchWithLock+0x153 [minkernel\wdf\framework\shared\core\fxdevice.cpp @ 1447]
fffff58e`a9d79710 fffff801`7e042a7d : 00000000`80000000 00000000`00000000 00000000`00000100 fffff801`a45a9e1b : nt!IopPoHandleIrp+0x3b
fffff58e`a9d79740 fffff801`7e1a5e69 : 00000000`00000001 fffff58e`a9d79801 fffff801`78f9a101 00000000`00000000 : nt!IofCallDriver+0x6d
fffff58e`a9d79780 fffff801`a45a9db8 : ffffe583`8cd0a316 00000000`00000000 ffffe583`8ccf4aa0 00000000`00000000 : nt!IoCallDriver+0x9
fffff58e`a9d797b0 fffff801`a45b2288 : ffffe583`8cd0a330 00000000`0000000e 00000000`00000000 00000000`00000000 : WUDFRd!RdPnpTracker::RdPnpForwardToLowerDevice+0x80 [minkernel\wdf\framework\umdf\redirector\driver\pnp.cpp @ 2050]
fffff58e`a9d79800 fffff801`a45b2123 : ffffffff`ffffffff 00000000`00000000 ffffe583`89410040 00000000`00000000 : WUDFRd!RdPnpTracker::RdPnpProcessor+0x318 [minkernel\wdf\framework\umdf\redirector\driver\pnp.cpp @ 1199]
fffff58e`a9d798b0 fffff801`a45b1f51 : ffffe583`87fb3d40 00000000`00000000 00000000`00000000 00000000`00000100 : WUDFRd!RdPnpTracker::RdPnpProcessor+0x1b3 [minkernel\wdf\framework\umdf\redirector\driver\pnp.cpp @ 1131]
fffff58e`a9d79960 fffff801`7e0afe6b : 00000000`891ac3d0 ffffe583`87fb3d40 ffffe583`89110300 fffff801`7eb33680 : WUDFRd!RdPnpTracker::RdPnpCallbackAtPassiveInSystemProcess+0x11 [minkernel\wdf\framework\umdf\redirector\driver\pnp.cpp @ 2167]
fffff58e`a9d79990 fffff801`7e08fb3f : ffffe583`872bfaa0 ffffe583`89410040 ffffe583`87fb3d40 884e158d`00000000 : nt!IopProcessWorkItem+0xfb
fffff58e`a9d79a00 fffff801`7e154295 : ffffe583`89410040 ffff8c00`954f5000 ffffe583`89410040 0043806f`bd9bbfff : nt!ExpWorkerThread+0x14f
fffff58e`a9d79bf0 fffff801`7e220e34 : ffff8c00`954e6180 ffffe583`89410040 fffff801`7e154240 f39ee8cb`8bd08b20 : nt!PspSystemThreadStartup+0x55
fffff58e`a9d79c40 00000000`00000000 : fffff58e`a9d7a000 fffff58e`a9d74000 00000000`00000000 00000000`00000000 : nt!KiStartSystemThread+0x34
STACK_COMMAND: .cxr; .ecxr ; kb
FAILURE_BUCKET_ID: 0x10D_d_IMAGE_esif_lf.sys
OS_VERSION: 10.0.22000.1
BUILDLAB_STR: co_release
OSPLATFORM_TYPE: x64
OSNAME: Windows 10
FAILURE_ID_HASH: {ceef9bfa-ef59-e1ba-c2b4-cd009412ae92}
Followup: MachineOwner
---------