Menene IRQL da yadda ake guje wa IRQL_NOT_LESS_OR

Mundobytes » Windows » Menene IRQL (Matakin Neman Katsewa) a cikin Windows kuma ta yaya yake da alaƙa da BSODs?

IRQL yana bayyana fifikon aiwatarwa kuma abin rufe fuska yana katsewa ta matakin, sama da DISPATCH yana ba da umarnin IRQL, ba fifikon zaren ba.
da BSOD 0xA/0xD1 yawanci ana haifar da shi ta hanyar samun dama ga ƙwaƙwalwar shafi ko mara inganci a babban IRQL da adiresoshin da ba daidai ba ko lambar shafi.
WinDbg da Mai Tabbatarwa Direba sune maɓalli: yi amfani da !bincike, !irql, ln, .trap, !pool, !adireshi da bincika sigogi 1, 3 da 4.
En direbobi, yana hana kurakuran shafi a babban IRQL, yana amfani da ƙwaƙwalwar da ba ta shafi shafi ba da makullai; don mai amfani, sabuntawa/keɓance direbobi masu matsala.

Idan kun taba ganin shudin allo mai dauke da sakonni kamar IRQL_NOT_LESS_OR_EQUAL o DRIVER_IRQL_BA KARYA_KO_DAI_DAI BA, Wataƙila kun ci karo da wani ra'ayi wanda ba a san shi ba a wajen duniyar direbobi: IRQL (Level Request Request). A ciki Windows, wannan matakin fifikon katsewa yana ɗaukar fifiko akan fifikon zaren lokacin da tsarin ke sama da wani madaidaici, kuma wannan yana da sakamako kai tsaye akan kwanciyar hankali.

A cikin layi na gaba za ku samu daya cikakken jagora kuma a cikin Mutanen Espanya daga Spain game da menene IRQL, yadda yake aiki, dalilin da ya sa yake haifar da allon shuɗi, yadda ake gano matsalar tare da WinDbg, da abin da za a yi ko kai mai amfani ne da ke fuskantar kuskure ko haɓaka direbobin kernel-mode. Mu sauka kan kasuwanci.

Menene IRQL (Matakin Neman Katsewa) a cikin Windows?

A cikin Windows, da IRQL yana bayyana fifikon hardware inda processor ke aiki a kowane lokaci. A cikin Model Direba na Windows (WDM), lambar da ke gudana a ƙaramin IRQL na iya katsewa ta hanyar lambar da ke gudana a IRQL mafi girma. A haƙiƙa, akan kwamfuta guda ɗaya, kowace CPU tana iya kasancewa a IRQL daban-daban, wanda ke dagula aiki tare.

Akwai ka'ida mai mahimmanci guda ɗaya: Lokacin da CPU ke gudana a IRQL sama da PASSIVE_LEVEL, ana iya tsara shi ta hanyar aiki a mafi girman IRQL.Wannan yana tsara zaman tare tsakanin lambar mai amfani, ayyukan kwaya, masu kiran da aka jinkirta (DPCs), da na'urar katse ayyukan yau da kullun na sabis (ISRs).

Labari mai dangantaka:

Kuskure 0x0000000a (Blue Screen of Mutuwa). 6 Magani

Matakai da fifiko: PASSIVE_LEVEL, APC_LEVEL, DISPATCH_LEVEL da DIRQL

Gabaɗaya, A kan x86, ana amfani da ƙimar IRQL tsakanin 0 da 31; akan x64, tsakanin 0 da 15Ma'anar da ta dace ita ce: IRQL 0 (PASSIVE_LEVEL) ita ce inda ake aiwatar da lambar mai amfani ta al'ada da yawancin ayyukan direbobi; APC da laifin shafi Yawancin lokaci ana tsara su zuwa IRQL 1 (APC_LEVEL); IRQL 2 (DISPATCH_LEVEL) ya ƙunshi tsarin tsara zaren da DPCs. Sama da DISPATCH_LEVEL matakan da aka tanada don katse na'urar (wanda aka sani da DIRQL) da sauran abubuwan amfani na ciki kamar HIGH_LEVEL.

A cikin yanayin yanayin direba, Yawancin ayyukan yau da kullun na yau da kullun suna gudana a DISPATCH_LEVEL: misali, DPC da StartIo. Wannan ƙirar tana tabbatar da cewa yayin da ɗayansu ke taɓa layukan cikin gida ko wasu albarkatu da aka raba, wani tsarin yau da kullun a matakin ɗaya ba ya ƙaddamar da shi akan wannan CPU, saboda ka'idar preemption kawai tana ba da damar katsewa a manyan matakan.

Tsakanin DISPATCH_LEVEL da bayanin martaba/maɗaukakin matakai akwai ɗaki don hardware katsewa na kowace na'ura (DIRQL)IRQL na na'ura yana bayyana fifikonta akan sauran na'urori. Direban WDM ya sami wannan IRQL a lokacin IRP_MJ_PNP tare da IRP_MN_START_DEVICE. Wannan na'urar IRQL ba ta duniya ba ce, ƙayyadaddun ƙima, sai dai ƙimar da ke da alaƙa da takamaiman layin katsewa.

IRQL vs. Zaren fifiko

Yana da kyau kada a rikitar da ra'ayoyi: fifikon zaren yana yanke hukunci lokacin da mai tsara tsarawa ya rigaya da kuma wanne zaren aiki; IRQL yana sarrafa irin nau'in ayyuka da za'a iya aiwatarwa da kuma waɗanne katsewa ake rufe su. Sama da DISPATCH_LEVEL, babu abin da zai canza zaren: IRQL ce ke sarrafa, ba fifikon zaren ba.

Valve Fremont: Leaked Specs da Maɓallin Maɓalli

IRQL da Paging: Abin da Bai Kamata Ka Yi ba

Wani sakamako nan da nan na haɓaka IRQL shine tsarin ba zai iya magance kurakuran shafi ba. Dokar zinare: lambar da ke gudana a ko sama da haka DISPATCH_LEVEL ba za ta iya haifar da kurakuran shafi ba. A aikace, wannan yana nufin waɗannan abubuwan yau da kullun da bayanan da suke taɓawa dole ne a zauna a cikin ƙwaƙwalwar ajiya mara shafi. Bugu da ƙari, wasu mataimakan kernel suna ƙuntata amfani da su bisa IRQL: misali, KeWaitForSingleObject DISPATCH_LEVEL kawai za a iya kiran ku idan ba kuna tarewa ba (lokacin sifili), kuma don lokutan da ba sifili ba, kuna buƙatar zama ƙasa da DISPATCH_LEVEL.

IrQL na zahiri da bayyane

Yawancin lokaci, tsarin da kansa yana kiran ayyukanku na yau da kullun a daidai IRQL ga abin da ya kamata su yi. Ayyukan aika ayyukan IRPs suna gudana a PASSIVE_LEVEL (suna iya toshewa ko kiran kowane mai taimako), StartIo da DPC suna gudana a DISPATCH_LEVEL don kare layin da aka raba, kuma ISRs suna gudana a DIRQL.

Idan kana buƙatar sarrafa shi a sarari, Kuna iya haɓakawa da rage IRQL tare da KeRaiseIrql y KeLowerIrqlAkwai gajeriyar hanya mai amfani sosai: KeRaiseIrqlToDpcLevel() yana dawo da IRQL na baya kuma ya bar ku a DISPATCH_LEVEL. Muhimmi: Kada ku taɓa rage IRQL ƙasa da ƙimar da yake a lokacin da tsarin ya kira ku; karya wannan aiki tare na iya buɗe tagogin tsere masu tsanani.

Kurakurai blue allon masu alaƙa da IRQL: IRQL_NOT_LESS_OR_EQUAL da DRIVER_IRQL_NOT_LESS_OR_EQUAL

irql

Binciken kwaro na gargajiya guda biyu masu alaƙa da waɗannan batutuwa sune IRQL_NOT_LESS_OR_EQUAL (0xA) y DRIVER_IRQL_NOT_LESS_OR_EQUAL (0xD1)Dukansu suna nuna ƙoƙarin samun damar adireshin shafi (ko mara inganci) a IRQL wanda ya yi tsayi da yawa. Wannan yawanci saboda direbobi suna amfani da adiresoshin da ba daidai ba, soke bayanan da ba daidai ba, ko aiwatar da lambar shafi a matakan da ba su dace ba.

A cikin takamaiman lamarin DRIVER_IRQL_NOT_LESS_OR_EQUAL (0x000000D1), sigogi suna da bayanai sosai: 1) adireshin ƙwaƙwalwar ajiyar da aka ambata; 2) IRQL a wancan lokacin; 3) nau'in samun dama (0 karanta, 1 rubuta, 2/8 aiwatarwa); 4) adireshin umarnin da ya yi nuni da ƙwaƙwalwar ajiya. Tare da debugger zaka iya amfani ln akan parameter 4 don jera alamar mafi kusa kuma ku san aikin da ke gudana.

Dalilan gama gari don tunawa

Bayan takamaiman lambar, akwai alamu waɗanda ake maimaita su. Ƙaddamar da nuni mara inganci zuwa DISPATCH_LEVEL ko sama Wannan tabbataccen girke-girke ne na bala'i. Samun damar bayanan shafi a wancan matakin, ko aiwatar da lambar shafi (misali, aikin da aka yiwa alama a matsayin mai shafi), kuma yana haifar da duba kwaro.

Sauran al'amuran gama gari sun haɗa da kira aiki a wani direban da aka riga an sauke (mai nunin aiki mai ɗaurewa), ko kuma a kaikaice ana kiran shi ta hanyar mai nuna aiki mara inganci. Sau da yawa, idan na'urar ta sami damar gano module, za ku ga sunanta a kan blue allon kanta, kuma an adana shi a ciki. KiBugCheckDriver, m tare da dx KiBugCheckDriver daga WinDbg.

Bayani mai amfani: A yawancin D1/A, ainihin matsalar ba ita ce IRQL ba, amma maimakon adireshin ƙwaƙwalwar ajiya da aka ambata. Shi ya sa sigogi 1, 3, da 4 ke da mahimmanci don mayar da hankali kan ganewar asali.

Bincike tare da WinDbg: Umurnai masu amfani da karatun siga

Don yin aiki a kan waɗannan lokuta, WinDbg shine kayan aiki mai mahimmanci, kuma idan BSOD ya ambaci faraskrnl.exe Wannan bayanin yana ba da jagora da yawa akan ko laifin yana cikin tsarin kernel. Fara da !analyze -v don samun taƙaitaccen binciken kwaro, tari, kuma, idan kun yi sa'a, ƙirar tana da hannu. Idan juji ya haɗa da firam ɗin kamawa, .trap yana sanya ku cikin mahallin CPU da ya gaza.

da umarni tari kamar k, kb, kc, kd, kp, kP, kv Suna nuna muku matakai daban-daban na bayanan baya. Tare da ln akan siga 4 zaka iya tsallakewa zuwa ga umarnin da aka nusar da ƙwaƙwalwar ajiya kuma sami alamar kusa. Kuma idan kun yi zargin matakin fifiko yana gudana kafin katsewa, !irql yana nuna maka IRQL da aka ajiye don mai sarrafa manufa (misali DISPATCH_LEVEL).

Yadda ake sarrafa allon Android tare da SCRCPY akan Windows

Don nazarin alkiblar siga 1, !pool Zai gaya maka ko yana cikin tafkin mai shafi; !address y !pte shiga cikin taswirar ƙwaƙwalwar ajiya na wannan yanki. Kuna iya amfani da nunin ƙwaƙwalwar ajiya yana umarni don duba abubuwan da aka yi ƙoƙarin samun dama ga abun ciki. Daga karshe, u, ub, uu ba ka damar tarwatsa kewaye da adireshin parameter 4.

Kar a manta lm t n don lissafin abubuwan da aka ɗora y !memusage don yanayin ƙwaƙwalwar ajiya gabaɗaya. Idan KiBugCheckDriver yana da wani abu, dx KiBugCheckDriver Zai dawo da sunan tsarin Unicode: a cikin misali na yau da kullun, “Wdf01000.sys” an ga direban da ke da hannu yayin binciken kwaro.

Kayan aikin Tsari: Mai Tabbatarwa Direba, Mai Kallon Biki da Bincike

El Mai Tabbatarwa Direba Yana bincika halayen direbobi a ainihin lokacin kuma yana tilasta kurakurai lokacin da ya gano amfani da albarkatun da ba daidai ba (kamar tafkin), yana haɓaka keɓe don ware yankin matsala na lambar. An kaddamar da shi da verifier daga umurnin gaggawa kuma yana da kyau a zaɓi mafi ƙanƙanta saitin direbobi masu yuwuwa don guje wa ƙara sama da yawa.

Idan baku ga kanku tare da WinDbg ba, yi amfani da matakan asali: Duba tsarin log in View Event don kurakurai da ke nuna takamaiman na'ura / direba; sabunta ko kashe direban da shuɗin allo ya ambata; tabbatar da dacewa da hardware tare da sigar Windows ɗin ku; kuma amfani da Windows Memory Diagnostic idan kun yi zargin RAM. Waɗannan ayyuka, kodayake suna da sauƙi, suna magance yawan lokuta.

Shari'ar rayuwa ta ainihi: Lokacin da BSODs suka yi kama da bazuwar

Mai amfani da Windows 10 Pro (AMD Ryzen 5 3400G CPU, GPU NVDIA GeForce GTX 1660 Ti da Gigabyte B450 AORUS PRO WIFI allon, 16 GB na RAM) yana fuskantar fuska "IRQL_LESS_OR_NOT_EQUAL". Na riga na sabunta mahimman direbobi (cibiyar sadarwa, zane-zane), shigar da duk sabuntawar Windows, da gudanar da kayan aikin ƙwaƙwalwar ajiya, duk ba tare da gano wata matsala ba.

A cikin yanayi kamar haka. Mataki na gaba shine bincika juji tare da WinDbg da kuma neman alamu: hanyoyin da suka shafi lokacin da ya faɗi (misali, explorer.exe), na'urorin dubawa na hoto (win32kfull.sys) da ayyuka kamar xxxProcessNotifyWinEvent bayyana a cikin tari. Ko da yake wannan tsarin Windows ne, mai jawo sau da yawa direban ɓangare na uku ne (zane-zane, shigarwa, mai rufi, katunan kamawa) wanda ke amfani da ƙwaƙwalwar ajiya a IRQL da bai dace ba kuma kuskuren ya taso a ciki. win32k.

Shawarwari mai amfani anan shine kashe software mai rufi na ɗan lokaci (kama, GPU OSD), ƙwararrun direbobin software na gefe (mice/allon madannai tare da macros), da nau'ikan beta na direbobi masu hoto, kuma ku rage shi. Yin amfani da Tabbatarwar Direba akan waɗanda ake zargi na iya taimakawa rage matsalar tare da tari mai haske.

Tsarin hanyar sadarwa gama gari: ndis.sys ba koyaushe ne mai laifi ba

Wani lamari na al'ada: screenshot tare da ndis.sys (Layer cibiyar sadarwa ta Windows). A kan kwamfuta ta gaske, tsarin zai fadi nan da nan da farawa. Mafita a aikace ita ce ta shiga Yanayin aminci ba tare da ayyukan cibiyar sadarwa ba, buɗe Manajan Na'ura kuma kashe adaftan karkashin “Network Adapters” don ware matsalar.

A cikin wannan tawagar akwai wani Realtek PCIe GBE Mai Kula da Iyali da Atheros AR5007G. Ta hanyar kashe duka biyun, an gano cewa ainihin dalilin shine athrx.sys (Atheros), kodayake blue allon da aka ambata ndis.sysJuji ya tabbatar da haka: tari ya wuce ndis!NdisFreeTimerObject amma module mai laifi ya kasance athrx.sysGyaran karshe shine cire na'urar kuma shigar da sabbin direbobi na hukuma Daga gidan yanar gizon masana'anta Atheros. Hali: Tsarin da aka ambata a cikin BSOD na iya zama wani ɓangare na tsarin da abin ya shafa, ba tushen ba.

Yadda ake shigar Arduino IDE akan Windows 11 mataki-mataki

Amsar tallafi na yau da kullun da matakai masu sauri don masu amfani

A cikin musayar tallafi na gaskiya, wani masani ya amsa: "Na yi hakuri da rashin jin daɗi. Yana iya zama direba, ƙwaƙwalwar ajiya, ko matsalar riga-kafi. Da fatan za a sabunta direbobin ku kuma, idan ya ci gaba, gudanar da binciken ƙwaƙwalwar ajiya."Wannan shawara ce ta asali amma ingantacciya; duk da haka, idan kurakurai suka ci gaba, yana da kyau a ci gaba da bincike mai tabbatarwa da juji.

Ga masu amfani da ba fasaha ba, ƙa'idar da ta dace zata kasance: 1) Duba abubuwan da suka faru na tsarin, 2) Sabunta direbobi masu mahimmanci (chipset/network/graphics), 3) Duba RAM tare da haɗakar kayan aiki, 4) gwaji taya mai tsabta ba tare da software na ɓangare na uku ba wanda ke saka ƙugiya cikin kernel/GUI, da 5) yi amfani da Verifier akan direbobi na ɓangare na uku idan babu abin da ya bayyana.

Mafi kyawun ayyuka ga masu haɓaka direba

Idan kuna haɓaka kuma kun yi tuntuɓe akan D1/A, duba cewa Gudun na yau da kullun ba a yiwa alama alama azaman shafi ba Kar a kira ayyukan shafi yayin aiki a DISPATCH_LEVEL ko sama da haka. Wannan ya haɗa da nisantar bayanin bayanai a cikin sassan shafi da mutunta hani na IRQL don mataimakan kwaya da aka bayyana a cikin DDK.

Don daidaita bayanan da aka raba, Yi amfani da ƙa'idar "ko da yaushe samun damar bayanan da aka raba a babban IRQL iri ɗaya" kuma yi amfani da makullin murɗa idan ya dace. A kan multiprocessors, IRQL kadai baya bada garantin keɓe tsakanin CPUs daban-daban; maƙallan spine suna ɗaga IRQL (zuwa DISPATCH_LEVEL) kuma suna daidaita hanyar shiga tsakanin maƙallan. Idan kana buƙatar yin aiki a kan rajistar kayan aiki masu mahimmanci, KeSynchronizeExecution yana taimaka muku aiwatar da sassa masu mahimmanci a daidai DIRQL.

Lokacin da shirin yana buƙatar haɓaka IRQL, Amurka KeRaiseIrqlToDpcLevel don DISPATCH_LEVEL ko KeRaiseIrql a hankali, ajiye IRQL na baya da kuma mayar da shi daidai da KeLowerIrql. Tafi ƙasa da shigarwar IRQL, koda na ɗan lokaci ne kawai, Babban kuskure ne na aiki tare.

Dangantaka tare da katsewa da hardware

IRQL shine tsarin da Windows ke amfani dashi umarni yana katse abubuwan fifiko da wasu ayyuka na cikiA matakin gine-gine, yana da alaƙa da ra'ayoyi kamar su "Katsewa", "Mai kula da katsewa" ko "Katse matakin fifiko" kuma, akan dandamali na yau da kullun, tare da Mai Kula da Katsewar Shirin (PIC)A cikin wasu tsarin, ana bayyana kulawar fifiko ta hanyoyi kamar spl en Unix; ra'ayin gaba ɗaya ɗaya ne: wa zai iya katse wa.

Nasihu na Ci gaba na gyara kuskure

A cikin juji inda tarin ya nuna win32kfull!xxxProcessNotifyWinEvent tare da duba kwaro 0xA/0xD1, bincika mahallin tare da .process y .thread (idan akwai), duba matakai kamar explorer.exe en !process 0 1 kuma duba overlays da direbobin hulɗar GUI. Sau da yawa matsala Ƙwaƙwalwar ajiya ce ta ɓarna da wani ɓangare na uku wanda ya fito akan wannan hanya.

Kar a manta da duba IRQL da !irql, da bambanci: idan kana DISPATCH_LEVEL (2) kuma siga 3 yana nuna karanta/rubuta/ aiwatarwa a kan wani shafi mai fa'ida, kun riga kun san dalilin da yasa ya faɗi. Ketare wannan alamar da ln a cikin siga 4 don samun takamaiman aikin.

Fahimta Menene IRQL? da kuma yadda ya dace da aiwatar da kernel yana taimakawa raba hayaniya da sigina. Idan kai mai amfani ne, mai da hankali kan direbobi da hardware (tare da Tabbatarwa, abubuwan da suka faru, da gwaje-gwaje ta tsohuwa). Idan kun haɓaka, bi ƙa'idodin IRQL sosai, ƙwaƙwalwar ajiya mara shafi, da aiki tare tare da makullai. Tare da kayan aikin da suka dace (WinDbg, Mai tabbatarwa) da karatun a hankali na sigogi (1, 3, da 4), Waɗannan binciken kwaro ba abin asiri ba ne kuma sun zama matsalolin da za a iya magance su ta hanya.

Ishaku

Marubuci mai sha'awa game da duniyar bytes da fasaha gabaɗaya. Ina son raba ilimina ta hanyar rubutu, kuma abin da zan yi ke nan a cikin wannan shafi, in nuna muku duk abubuwan da suka fi ban sha'awa game da na'urori, software, hardware, yanayin fasaha, da ƙari. Burina shine in taimaka muku kewaya duniyar dijital ta hanya mai sauƙi da nishaɗi.