none
windows server 2008 r2 enterprise 蓝屏 debug 结果“Probably caused by : lsbackfilter64.sys RRS feed

  • 问题

  • windows server 2008 r2 enterprise服务器每次备份sql server数据库的时候,备份一半就蓝屏重启,分析windbg结果如下,请大虾帮忙分析是什么原因:


    Microsoft (R) Windows Debugger Version 6.11.0001.404 AMD64
    Copyright (c) Microsoft Corporation. All rights reserved.


    Loading Dump File [C:\Users\Administrator\Desktop\MEMORY.DMP]
    Kernel Summary Dump File: Only kernel address space is available

    Symbol search path is: SRV*c:\temp*http://msdl.microsoft.com/download/symbols
    Executable search path is: 
    Windows 7 Kernel Version 7601 (Service Pack 1) MP (8 procs) Free x64
    Product: Server, suite: Enterprise TerminalServer SingleUserTS
    Built by: 7601.17640.amd64fre.win7sp1_gdr.110622-1506
    Machine Name:
    Kernel base = 0xfffff800`0164c000 PsLoadedModuleList = 0xfffff800`01891670
    Debug session time: Sat Jan 14 21:15:38.651 2012 (GMT+8)
    System Uptime: 33 days 20:40:33.174
    Loading Kernel Symbols
    ...............................................................
    ................................................................
    ........
    Loading User Symbols
    PEB is paged out (Peb.Ldr = 000007ff`fffdf018).  Type ".hh dbgerr001" for details
    Loading unloaded module list
    ..................................................
    *******************************************************************************
    *                                                                             *
    *                        Bugcheck Analysis                                    *
    *                                                                             *
    *******************************************************************************

    Use !analyze -v to get detailed debugging information.

    BugCheck 50, {fffffa803d100000, 1, fffff880050830f5, 0}

    *** ERROR: Module load completed but symbols could not be loaded for lsbackfilter64.sys
    PEB is paged out (Peb.Ldr = 000007ff`fffdf018).  Type ".hh dbgerr001" for details
    PEB is paged out (Peb.Ldr = 000007ff`fffdf018).  Type ".hh dbgerr001" for details
    Probably caused by : lsbackfilter64.sys ( lsbackfilter64+210f5 )

    Followup: MachineOwner
    ---------

    4: kd> !analyze -v
    *******************************************************************************
    *                                                                             *
    *                        Bugcheck Analysis                                    *
    *                                                                             *
    *******************************************************************************

    PAGE_FAULT_IN_NONPAGED_AREA (50)
    Invalid system memory was referenced.  This cannot be protected by try-except,
    it must be protected by a Probe.  Typically the address is just plain bad or it
    is pointing at freed memory.
    Arguments:
    Arg1: fffffa803d100000, memory referenced.
    Arg2: 0000000000000001, value 0 = read operation, 1 = write operation.
    Arg3: fffff880050830f5, If non-zero, the instruction address which referenced the bad memory
    address.
    Arg4: 0000000000000000, (reserved)

    Debugging Details:
    ------------------

    PEB is paged out (Peb.Ldr = 000007ff`fffdf018).  Type ".hh dbgerr001" for details
    PEB is paged out (Peb.Ldr = 000007ff`fffdf018).  Type ".hh dbgerr001" for details

    WRITE_ADDRESS:  fffffa803d100000 Nonpaged pool

    FAULTING_IP: 
    lsbackfilter64+210f5
    fffff880`050830f5 418840ff        mov     byte ptr [r8-1],al

    MM_INTERNAL_CODE:  0

    IMAGE_NAME:  lsbackfilter64.sys

    DEBUG_FLR_IMAGE_TIMESTAMP:  4d70ac30

    MODULE_NAME: lsbackfilter64

    FAULTING_MODULE: fffff88005062000 lsbackfilter64

    DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT

    BUGCHECK_STR:  0x50

    PROCESS_NAME:  sqlservr.exe

    CURRENT_IRQL:  0

    TRAP_FRAME:  fffff8800af795d0 -- (.trap 0xfffff8800af795d0)
    NOTE: The trap frame does not contain all registers.
    Some register values may be zeroed or incorrect.
    rax=00000000000000d0 rbx=0000000000000000 rcx=0000000000000830
    rdx=00000000486c10b3 rsi=0000000000000000 rdi=0000000000000000
    rip=fffff880050830f5 rsp=fffff8800af79768 rbp=00000000485f0000
     r8=fffffa803d100001  r9=0000000000000355 r10=00000000486c1c3f
    r11=0000000000000008 r12=0000000000000000 r13=0000000000000000
    r14=0000000000000000 r15=0000000000000000
    iopl=0         nv up ei ng nz na pe nc
    lsbackfilter64+0x210f5:
    fffff880`050830f5 418840ff        mov     byte ptr [r8-1],al ds:fffffa80`3d100000=??
    Resetting default scope

    LAST_CONTROL_TRANSFER:  from fffff800016749fc to fffff800016c8c40

    STACK_TEXT:  
    fffff880`0af79468 fffff800`016749fc : 00000000`00000050 fffffa80`3d100000 00000000`00000001 fffff880`0af795d0 : nt!KeBugCheckEx
    fffff880`0af79470 fffff800`016c6d6e : 00000000`00000001 fffffa80`3d100000 00000000`486a6000 00000000`000beb1f : nt! ?? ::FNODOBFM::`string'+0x4611f
    fffff880`0af795d0 fffff880`050830f5 : fffffa80`734c6010 fffffa80`3d0414e1 00000000`485f0000 00000000`485f0000 : nt!KiPageFault+0x16e
    fffff880`0af79768 fffff880`050834a6 : fffffa80`3d0414d8 fffffa80`3d0414e1 00000000`00100000 00000000`00000009 : lsbackfilter64+0x210f5
    fffff880`0af797a0 fffff880`05067c6e : 00000000`00100000 00000000`00000000 fffffa80`734b6000 00000000`00000011 : lsbackfilter64+0x214a6
    fffff880`0af79800 fffff880`0506b4df : 00000000`00100000 fffffa80`77b28170 fffffa80`33bdb5b0 00000000`00000000 : lsbackfilter64+0x5c6e
    fffff880`0af79890 fffff880`050657d4 : fffffa80`33bdb5b0 fffffa80`7131a060 fffffa80`7131a000 fffffa80`33bdb5b0 : lsbackfilter64+0x94df
    fffff880`0af799b0 fffff800`019d121b : 00000000`00000001 fffffa80`74f60070 00000000`00000000 fffffa80`33bdb5b0 : lsbackfilter64+0x37d4
    fffff880`0af79a40 fffff800`019dbc83 : fffffa80`33bdb7e8 fffffa80`7191f370 fffffa80`74f60070 fffff880`02146180 : nt!IopSynchronousServiceTail+0xfb
    fffff880`0af79ab0 fffff800`016c7ed3 : fffff880`0af79c01 00000000`000007c4 00000000`00000000 00000004`27374ca0 : nt!NtWriteFile+0x7e2
    fffff880`0af79bb0 00000000`779a139a : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x13
    00000000`1c00e648 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x779a139a


    STACK_COMMAND:  kb

    FOLLOWUP_IP: 
    lsbackfilter64+210f5
    fffff880`050830f5 418840ff        mov     byte ptr [r8-1],al

    SYMBOL_STACK_INDEX:  3

    SYMBOL_NAME:  lsbackfilter64+210f5

    FOLLOWUP_NAME:  MachineOwner

    FAILURE_BUCKET_ID:  X64_0x50_lsbackfilter64+210f5

    BUCKET_ID:  X64_0x50_lsbackfilter64+210f5

    Followup: MachineOwner
    ---------

    2012年6月29日 2:33

答案

全部回复