On Thu, 18 Jun 2009 15:45:54 +0300, Avi Kivity wrote > It doesn't inject NMIs here. > > Can you set up memory dumping on BSODs and run the !analyze command > in windbg? I've found another dump (minidump) witch has some other information (see below): -- 0: kd> !analyze -v ***************************************************************************** ** * * * Bugcheck Analysis * * * ***************************************************************************** ** DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1) An attempt was made to access a pageable (or completely invalid) address at an interrupt request level (IRQL) that is too high. This is usually caused by drivers using improper addresses. If kernel debugger is available get stack backtrace. Arguments: Arg1: 0000000000000000, memory referenced Arg2: 0000000000000002, IRQL Arg3: 0000000000000000, value 0 = read operation, 1 = write operation Arg4: fffffa8007db5797, address which referenced memory Debugging Details: ------------------ READ_ADDRESS: GetPointerFromAddress: unable to read from fffff80001a45080 0000000000000000 CURRENT_IRQL: 2 FAULTING_IP: +0 fffffa80`07db5797 ?? ??? CUSTOMER_CRASH_COUNT: 1 DEFAULT_BUCKET_ID: DRIVER_FAULT_SERVER_MINIDUMP BUGCHECK_STR: 0xD1 PROCESS_NAME: System TRAP_FRAME: fffff80003e7f610 -- (.trap 0xfffff80003e7f610) NOTE: The trap frame does not contain all registers. Some register values may be zeroed or incorrect. rax=0000000000000000 rbx=0000000000000000 rcx=0000000000000201 rdx=0000000000000000 rsi=0000000000000000 rdi=0000000000000000 rip=fffffa8007db5797 rsp=fffff80003e7f7a0 rbp=fffff80003e7f800 r8=000000000000082f r9=000000000000000d r10=0000000000000000 r11=fffff80001a45640 r12=0000000000000000 r13=0000000000000000 r14=0000000000000000 r15=0000000000000000 iopl=0 nv up ei ng nz na po nc fffffa80`07db5797 ?? ??? Resetting default scope LAST_CONTROL_TRANSFER: from fffff800018703ee to fffff80001870650 STACK_TEXT: fffff800`03e7f4c8 fffff800`018703ee : 00000000`0000000a 00000000`00000000 00000000`00000002 00000000`00000000 : nt!KeBugCheckEx fffff800`03e7f4d0 fffff800`0186f2cb : 00000000`00000000 fffffa80`04a7d000 fffffa80`07a28d00 fffffa80`07db418f : nt!KiBugCheckDispatch+0x6e fffff800`03e7f610 fffffa80`07db5797 : fffff800`03e7f7b0 fffff800`01d43cb1 00000000`00000000 fffffa60`00e5c12d : nt!KiPageFault+0x20b fffff800`03e7f7a0 fffff800`03e7f7b0 : fffff800`01d43cb1 00000000`00000000 fffffa60`00e5c12d fffffa80`0573bbb0 : 0xfffffa80`07db5797 fffff800`03e7f7a8 fffff800`01d43cb1 : 00000000`00000000 fffffa60`00e5c12d fffffa80`0573bbb0 fffffa60`005ec180 : 0xfffff800`03e7f7b0 fffff800`03e7f7b0 fffff800`01877005 : fffffa80`0768a510 fffffa60`005ec180 fffffa60`0085e110 fffffa80`050e6340 : hal!HalpRequestIpiSpecifyVector+0x81 fffff800`03e7f7e0 fffff800`01876773 : ffffffff`00000001 fffff800`01990680 00000000`00000000 00000000`00000002 : nt!KiDeferredReadyThread+0x405 fffff800`03e7f830 00000000`fffffa80 : 01868e03`0010e380 00000000`fffff800 00000000`00000000 00000000`00000000 : nt!KeSetEvent+0x1f3 fffff800`03e7f8a0 01868e03`0010e380 : 00000000`fffff800 00000000`00000000 00000000`00000000 00000000`00000000 : 0xfffffa80 fffff800`03e7f8a8 00000000`fffff800 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x1868e03`0010e380 fffff800`03e7f8b0 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0xfffff800 STACK_COMMAND: kb FOLLOWUP_IP: nt!KiPageFault+20b fffff800`0186f2cb 488d058e320000 lea rax,[nt! RtlInterlockedPopEntrySList (fffff800`01872560)] SYMBOL_STACK_INDEX: 2 SYMBOL_NAME: nt!KiPageFault+20b FOLLOWUP_NAME: MachineOwner MODULE_NAME: nt IMAGE_NAME: ntkrnlmp.exe DEBUG_FLR_IMAGE_TIMESTAMP: 49ac93e1 FAILURE_BUCKET_ID: X64_0xD1_nt!KiPageFault+20b BUCKET_ID: X64_0xD1_nt!KiPageFault+20b Followup: MachineOwner -- To unsubscribe from this list: send the line "unsubscribe kvm" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html