用户注销时蓝屏

• 问题

• 

  

  0

  登录进行投票

  问题：

  OS:  Windows server 2008 R2

  次数：3次

  现象：多用户模式使用，当管理员注销某个用户时发生蓝屏。

  windbg分析dump如下：

  10: kd> !analyze -v
  *******************************************************************************
  *                                                                             *
  *                        Bugcheck Analysis                                    *
  *                                                                             *
  *******************************************************************************
  
  SESSION_HAS_VALID_POOL_ON_EXIT (ab)
  Caused by a session driver not freeing its pool allocations prior to a
  session unload.  This indicates a bug in win32k.sys, atmfd.dll,
  rdpdd.dll or a video driver.
  Arguments:
  Arg1: 0000000000000004, session ID
  Arg2: 0000000000001130, number of paged pool bytes that are leaking
  Arg3: 0000000000000000, number of nonpaged pool bytes that are leaking
  Arg4: 0000000000000002, total number of paged and nonpaged allocations that are leaking.
      nonpaged allocations are in the upper half of this word,
      paged allocations are in the lower half of this word.
  
  Debugging Details:
  ------------------
  
  PEB is paged out (Peb.Ldr = 000007ff`fffdf018).  Type ".hh dbgerr001" for details
  PEB is paged out (Peb.Ldr = 000007ff`fffdf018).  Type ".hh dbgerr001" for details
  
  CORRUPTING_POOL_TAG:  Gh47
  
  BUGCHECK_STR:  0xAB_Gh47
  
  IMAGE_NAME:  win32k.sys
  
  DEBUG_FLR_IMAGE_TIMESTAMP:  53c5e08a
  
  MODULE_NAME: win32k
  
  FAULTING_MODULE: fffff960000c0000 win32k
  
  DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT
  
  PROCESS_NAME:  csrss.exe
  
  CURRENT_IRQL:  0
  
  LAST_CONTROL_TRANSFER:  from fffff8000246779f to fffff800020c1bc0
  
  STACK_TEXT:  
  fffff880`0e8cd988 fffff800`0246779f : 00000000`000000ab 00000000`00000004 00000000`00001130 00000000`00000000 : nt!KeBugCheckEx
  fffff880`0e8cd990 fffff800`02306927 : fffff880`07a6fb40 fffff880`07a6f000 fffff880`07a6f000 fffffa80`22166720 : nt!MiCheckSessionPoolAllocations+0x13f
  fffff880`0e8cd9d0 fffff800`02402415 : fffff880`0e8cda68 fffffa80`22166720 ffffffff`ffffff89 fffff880`07a6f000 : nt!MiDereferenceSessionFinal+0x137
  fffff880`0e8cda70 fffff800`02092e0c : fffff800`0224f940 00000000`00000001 00000000`00000000 fffffa80`1fe7b630 : nt! ?? ::NNGAKEGL::`string'+0x23fd5
  fffff880`0e8cdaa0 fffff800`0239705a : fffff8a0`039968b0 00000000`00000000 00000000`00000000 fffffa80`22166720 : nt!MmCleanProcessAddressSpace+0x610
  fffff880`0e8cdaf0 fffff800`02397431 : 00000000`00000000 fffff800`0235d701 00000000`00000000 fffffa80`1fdf2770 : nt!PspExitThread+0x56a
  fffff880`0e8cdbf0 fffff800`020b28e6 : fffff800`0223ce80 00000000`00000080 fffffa80`22166720 00000000`00000200 : nt!PspTerminateThreadByPointer+0x4d
  fffff880`0e8cdc40 00000000`00000000 : fffff880`0e8ce000 fffff880`0e8c8000 fffff880`0e8cd840 00000000`00000000 : nt!KiStartSystemThread+0x16
  
  
  STACK_COMMAND:  kb
  
  FOLLOWUP_NAME:  MachineOwner
  
  FAILURE_BUCKET_ID:  X64_CORRUPTING_POOLTAG_Gh47
  
  BUCKET_ID:  X64_CORRUPTING_POOLTAG_Gh47
  
  Followup: MachineOwner

  PS：我在技术论坛上搜过，也发现此问题已经有讨论，按照论坛方法---更新windows 补丁，更新过后，重启前注销用户时又蓝了。

  请各位大牛帮帮我，谢谢！

  2015年1月13日 6:56

  回复

  |

  引用