none
svchost.exe蓝屏是什么情况 貌似别人都不是这个东西蓝屏= = RRS feed

  • Pytanie

  • 1: kd> !analyze -v
    *******************************************************************************
    *                                                                             *
    *                        Bugcheck Analysis                                    *
    *                                                                             *
    *******************************************************************************

    SYSTEM_SERVICE_EXCEPTION (3b)
    An exception happened while executing a system service routine.
    Arguments:
    Arg1: 00000000c0000005, Exception code that caused the bugcheck
    Arg2: fffff80005186f37, Address of the instruction which caused the bugcheck
    Arg3: fffff8800b9e2e00, Address of the context record for the exception that caused the bugcheck
    Arg4: 0000000000000000, zero.

    Debugging Details:
    ------------------


    EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - 0x%08lx

    FAULTING_IP:
    nt!MiLogPageAccess+97
    fffff800`05186f37 488b4128        mov     rax,qword ptr [rcx+28h]

    CONTEXT:  fffff8800b9e2e00 -- (.cxr 0xfffff8800b9e2e00)
    rax=0000058000000000 rbx=fffffa8015075000 rcx=ffbffa8001c22760
    rdx=fffff68000067098 rsi=f5400000960d2025 rdi=fffff68000067098
    rip=fffff80005186f37 rsp=fffff8800b9e37e0 rbp=0000000000000000
     r8=0000000000000e00  r9=0000000000068e8b r10=fffff70001080488
    r11=fffff70001080000 r12=fffffa800a5b5ec8 r13=0000000000000754
    r14=fffff68000067000 r15=fffffa8000011820
    iopl=0         nv up ei ng nz na po cy
    cs=0010  ss=0018  ds=002b  es=002b  fs=0053  gs=002b             efl=00010287
    nt!MiLogPageAccess+0x97:
    fffff800`05186f37 488b4128        mov     rax,qword ptr [rcx+28h] ds:002b:ffbffa80`01c22788=????????????????
    Resetting default scope

    CUSTOMER_CRASH_COUNT:  1

    DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT

    BUGCHECK_STR:  0x3B

    PROCESS_NAME:  svchost.exe

    CURRENT_IRQL:  0

    LAST_CONTROL_TRANSFER:  from fffff800050f0aa7 to fffff80005186f37

    STACK_TEXT: 
    fffff880`0b9e37e0 fffff800`050f0aa7 : 00000003`00000000 fffffa80`01c22760 00000000`0ce13000 f5400000`960d2025 : nt!MiLogPageAccess+0x97
    fffff880`0b9e3830 fffff800`050b27d9 : fffffa80`00000000 00000000`0d77ffff 00000000`00000000 fffffa80`0e65bc30 : nt! ?? ::FNODOBFM::`string'+0x34dc7
    fffff880`0b9e39f0 fffff800`053990f1 : fffffa80`0b3ea240 00000000`00000000 fffffa80`0e65bc30 fffffa80`0e65bc30 : nt!MiRemoveMappedView+0xd9
    fffff880`0b9e3b10 fffff800`053994f3 : fffff880`00000000 00000000`0cd80000 fffffa80`00000001 00000000`a9f4d201 : nt!MiUnmapViewOfSection+0x1b1
    fffff880`0b9e3bd0 fffff800`0507ee53 : 00000000`00000000 00000000`03148000 fffffa80`0a5b5b30 00000000`03147fcc : nt!NtUnmapViewOfSection+0x5f
    fffff880`0b9e3c20 00000000`76d0155a : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x13
    00000000`08fbc0a8 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x76d0155a


    FOLLOWUP_IP:
    nt!MiLogPageAccess+97
    fffff800`05186f37 488b4128        mov     rax,qword ptr [rcx+28h]

    SYMBOL_STACK_INDEX:  0

    SYMBOL_NAME:  nt!MiLogPageAccess+97

    FOLLOWUP_NAME:  MachineOwner

    MODULE_NAME: nt

    DEBUG_FLR_IMAGE_TIMESTAMP:  53b9f073

    STACK_COMMAND:  .cxr 0xfffff8800b9e2e00 ; kb

    IMAGE_NAME:  memory_corruption

    FAILURE_BUCKET_ID:  X64_0x3B_nt!MiLogPageAccess+97

    BUCKET_ID:  X64_0x3B_nt!MiLogPageAccess+97

    Followup: MachineOwner
    ---------

    1: kd> !process
    GetPointerFromAddress: unable to read from fffff800052b7000
    PROCESS fffffa800a5b5b30
        SessionId: none  Cid: 17f0    Peb: 7fffffd3000  ParentCid: 02d0
        DirBase: 16b43a000  ObjectTable: fffff8a02760cdd0  HandleCount: <Data Not Accessible>
        Image: svchost.exe
        VadRoot fffffa800ba020e0 Vads 317 Clone 0 Private 18506. Modified 1202127. Locked 0.
        DeviceMap fffff8a000006090
        Token                             fffff8a02760c060
        ReadMemory error: Cannot get nt!KeMaximumIncrement value.
    fffff78000000000: Unable to get shared data
        ElapsedTime                       00:00:00.000
        UserTime                          00:00:00.000
        KernelTime                        00:00:00.000
        QuotaPoolUsage[PagedPool]         0
        QuotaPoolUsage[NonPagedPool]      0
        Working Set Sizes (now,min,max)  (8696, 50, 345) (34784KB, 200KB, 1380KB)
        PeakWorkingSetSize                27473
        VirtualSize                       243 Mb
        PeakVirtualSize                   270 Mb
        PageFaultCount                    65683082
        MemoryPriority                    BACKGROUND
        BasePriority                      8
        CommitCharge                      19520

            *** Error in reading nt!_ETHREAD @ fffffa800b84eb50

    środa, 12 listopada 2014 21:18

Odpowiedzi

Wszystkie odpowiedzi