问题:
OS: Windows server 2008 R2
次数:3次
现象:多用户模式使用,当管理员注销某个用户时发生蓝屏。
windbg分析dump如下:
10: kd> !analyze -v
*******************************************************************************
*
*
* Bugcheck Analysis
*
*
*
*******************************************************************************
SESSION_HAS_VALID_POOL_ON_EXIT (ab)
Caused by a session driver not freeing its pool allocations prior to a
session unload. This indicates a bug in win32k.sys, atmfd.dll,
rdpdd.dll or a video driver.
Arguments:
Arg1: 0000000000000004, session ID
Arg2: 0000000000001130, number of paged pool bytes that are leaking
Arg3: 0000000000000000, number of nonpaged pool bytes that are leaking
Arg4: 0000000000000002, total number of paged and nonpaged allocations that are leaking.
nonpaged allocations are in the upper half of this word,
paged allocations are in the lower half of this word.
Debugging Details:
------------------
PEB is paged out (Peb.Ldr = 000007ff`fffdf018). Type ".hh dbgerr001" for details
PEB is paged out (Peb.Ldr = 000007ff`fffdf018). Type ".hh dbgerr001" for details
CORRUPTING_POOL_TAG: Gh47
BUGCHECK_STR: 0xAB_Gh47
IMAGE_NAME: win32k.sys
DEBUG_FLR_IMAGE_TIMESTAMP: 53c5e08a
MODULE_NAME: win32k
FAULTING_MODULE: fffff960000c0000 win32k
DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT
PROCESS_NAME: csrss.exe
CURRENT_IRQL: 0
LAST_CONTROL_TRANSFER: from fffff8000246779f to fffff800020c1bc0
STACK_TEXT:
fffff880`0e8cd988 fffff800`0246779f : 00000000`000000ab 00000000`00000004 00000000`00001130 00000000`00000000 : nt!KeBugCheckEx
fffff880`0e8cd990 fffff800`02306927 : fffff880`07a6fb40 fffff880`07a6f000 fffff880`07a6f000 fffffa80`22166720 : nt!MiCheckSessionPoolAllocations+0x13f
fffff880`0e8cd9d0 fffff800`02402415 : fffff880`0e8cda68 fffffa80`22166720 ffffffff`ffffff89 fffff880`07a6f000 : nt!MiDereferenceSessionFinal+0x137
fffff880`0e8cda70 fffff800`02092e0c : fffff800`0224f940 00000000`00000001 00000000`00000000 fffffa80`1fe7b630 : nt! ?? ::NNGAKEGL::`string'+0x23fd5
fffff880`0e8cdaa0 fffff800`0239705a : fffff8a0`039968b0 00000000`00000000 00000000`00000000 fffffa80`22166720 : nt!MmCleanProcessAddressSpace+0x610
fffff880`0e8cdaf0 fffff800`02397431 : 00000000`00000000 fffff800`0235d701 00000000`00000000 fffffa80`1fdf2770 : nt!PspExitThread+0x56a
fffff880`0e8cdbf0 fffff800`020b28e6 : fffff800`0223ce80 00000000`00000080 fffffa80`22166720 00000000`00000200 : nt!PspTerminateThreadByPointer+0x4d
fffff880`0e8cdc40 00000000`00000000 : fffff880`0e8ce000 fffff880`0e8c8000 fffff880`0e8cd840 00000000`00000000 : nt!KiStartSystemThread+0x16
STACK_COMMAND: kb
FOLLOWUP_NAME: MachineOwner
FAILURE_BUCKET_ID: X64_CORRUPTING_POOLTAG_Gh47
BUCKET_ID: X64_CORRUPTING_POOLTAG_Gh47
Followup: MachineOwner
PS:我在技术论坛上搜过,也发现此问题已经有讨论,按照论坛方法---更新windows 补丁,更新过后,重启前注销用户时又蓝了。
请各位大牛帮帮我,谢谢!
