none
Bluescreen RRS feed

  • Вопрос

  • Получил на терминальном сервере синий экран, но как-то из дебага не очень понятно...

    https://1drv.ms/f/s!Auxfv9a3RZ-i8hx1qBXZrSLMhuzd - minidump

    *******************************************************************************
    *                                                                             *
    *                        Bugcheck Analysis                                    *
    *                                                                             *
    *******************************************************************************

    BAD_POOL_CALLER (c2)
    The current thread is making a bad pool request.  Typically this is at a bad IRQL level or double freeing the same allocation, etc.
    Arguments:
    Arg1: 0000000000000007, Attempt to free pool which was already freed
    Arg2: 0000000000001200, Pool tag value from the pool header
    Arg3: 0000000004070004, Contents of the first 4 bytes of the pool header
    Arg4: ffffe00112737ae0, Address of the block of pool being deallocated

    Debugging Details:
    ------------------

    GetUlongPtrFromAddress: unable to read from fffff8006d56d298
    GetUlongPtrFromAddress: unable to read from fffff8006d56d520
    GetUlongPtrFromAddress: unable to read from fffff8006d56d298
    GetUlongPtrFromAddress: unable to read from fffff8006d56d520

    DUMP_CLASS: 1

    DUMP_QUALIFIER: 400

    BUILD_VERSION_STRING:  6.3.9600.17736 (winblue_r9.150322-1500)

    SYSTEM_MANUFACTURER:  VMware, Inc.

    VIRTUAL_MACHINE:  VMware

    SYSTEM_PRODUCT_NAME:  VMware Virtual Platform

    SYSTEM_VERSION:  None

    BIOS_VENDOR:  Phoenix Technologies LTD

    BIOS_VERSION:  6.00

    BIOS_DATE:  09/21/2015

    BASEBOARD_MANUFACTURER:  Intel Corporation

    BASEBOARD_PRODUCT:  440BX Desktop Reference Platform

    BASEBOARD_VERSION:  None

    DUMP_TYPE:  2

    BUGCHECK_P1: 7

    BUGCHECK_P2: 1200

    BUGCHECK_P3: 4070004

    BUGCHECK_P4: ffffe00112737ae0

    POOL_ADDRESS: GetUlongPtrFromAddress: unable to read from fffff8006d56d298
    GetUlongPtrFromAddress: unable to read from fffff8006d56d520
     ffffe00112737ae0 Nonpaged pool

    FREED_POOL_TAG:  Vpb

    BUGCHECK_STR:  0xc2_7_Vpb

    CPU_COUNT: 4

    CPU_MHZ: c1c

    CPU_VENDOR:  GenuineIntel

    CPU_FAMILY: 6

    CPU_MODEL: 2d

    CPU_STEPPING: 2

    CPU_MICROCODE: 6,2d,2,0 (F,M,S,R)  SIG: 427'00000000 (cache) 427'00000000 (init)

    CUSTOMER_CRASH_COUNT:  1

    DEFAULT_BUCKET_ID:  WIN8_DRIVER_FAULT_SERVER

    PROCESS_NAME:  explorer.exe

    CURRENT_IRQL:  0

    ANALYSIS_SESSION_HOST:  DESKTOP-R4QUQ0N

    ANALYSIS_SESSION_TIME:  06-05-2017 14:07:08.0320

    ANALYSIS_VERSION: 10.0.15063.400 x86fre

    LAST_CONTROL_TRANSFER:  from fffff8006d4aeff2 to fffff8006d35aca0

    STACK_TEXT: 
    ffffd000`28ef32b8 fffff800`6d4aeff2 : 00000000`000000c2 00000000`00000007 00000000`00001200 00000000`04070004 : nt!KeBugCheckEx
    ffffd000`28ef32c0 fffff800`6d3992d1 : ffffe001`148ada70 ffffe001`1639b990 00000000`c000009a ffffd000`00000007 : nt!ExAllocatePoolWithTag+0x1102
    ffffd000`28ef33b0 fffff800`6d62d2cf : 00000000`00000045 ffffd000`28ef36e1 00000000`c000009a ffffe001`1639b990 : nt! ?? ::FNODOBFM::`string'+0x2e111
    ffffd000`28ef33e0 fffff800`6d6b3dc4 : 00000000`00000000 00000000`00000000 00000000`00000000 ffffe001`122961f0 : nt!IopParseDevice+0xbbf
    ffffd000`28ef3600 fffff800`6d6416b3 : 00000000`00000000 ffffd000`28ef37a8 00000000`00000040 ffffe001`0ed23680 : nt!ObpLookupObjectName+0x784
    ffffd000`28ef3730 fffff800`6d658abd : ffffd000`00000001 00000000`0e2bd150 00000000`00000000 00000000`0e2bd120 : nt!ObOpenObjectByName+0x1e3
    ffffd000`28ef3860 fffff800`6d3664b3 : ffffe001`16f3d880 00000000`0e2bf240 ffffe001`16f3d880 00000000`0e2becc0 : nt!NtQueryAttributesFile+0x141
    ffffd000`28ef3b00 00007ffe`8f60159a : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x13
    00000000`0e2bd0e8 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x00007ffe`8f60159a


    STACK_COMMAND:  kb

    THREAD_SHA1_HASH_MOD_FUNC:  33700f3bbda6529dee972626b7838b276e5e8c2c

    THREAD_SHA1_HASH_MOD_FUNC_OFFSET:  5d4f07938cf8a1d87be355c9243920ff54b12327

    THREAD_SHA1_HASH_MOD:  cb5f414824c2521bcc505eaa03e92fa10922dad8

    FOLLOWUP_IP:
    nt!ExAllocatePoolWithTag+1102
    fffff800`6d4aeff2 cc              int     3

    FAULT_INSTR_CODE:  e0ba0fcc

    SYMBOL_STACK_INDEX:  1

    SYMBOL_NAME:  nt!ExAllocatePoolWithTag+1102

    FOLLOWUP_NAME:  MachineOwner

    MODULE_NAME: nt

    IMAGE_NAME:  ntkrnlmp.exe

    DEBUG_FLR_IMAGE_TIMESTAMP:  550f41a6

    IMAGE_VERSION:  6.3.9600.17736

    BUCKET_ID_FUNC_OFFSET:  1102

    FAILURE_BUCKET_ID:  0xc2_7_Vpb__nt!ExAllocatePoolWithTag

    BUCKET_ID:  0xc2_7_Vpb__nt!ExAllocatePoolWithTag

    PRIMARY_PROBLEM_CLASS:  0xc2_7_Vpb__nt!ExAllocatePoolWithTag

    TARGET_TIME:  2017-06-01T06:35:19.000Z

    OSBUILD:  9600

    OSSERVICEPACK:  17736

    SERVICEPACK_NUMBER: 0

    OS_REVISION: 0

    SUITE_MASK:  144

    PRODUCT_TYPE:  3

    OSPLATFORM_TYPE:  x64

    OSNAME:  Windows 8.1

    OSEDITION:  Windows 8.1 Server TerminalServer DataCenter

    OS_LOCALE: 

    USER_LCID:  0

    OSBUILD_TIMESTAMP:  2015-03-23 01:26:46

    BUILDDATESTAMP_STR:  150322-1500

    BUILDLAB_STR:  winblue_r9

    BUILDOSVER_STR:  6.3.9600.17736

    ANALYSIS_SESSION_ELAPSED_TIME:  733

    ANALYSIS_SOURCE:  KM

    FAILURE_ID_HASH_STRING:  km:0xc2_7_vpb__nt!exallocatepoolwithtag

    FAILURE_ID_HASH:  {5f4753df-222a-ea6f-7f90-fe29037bcbc2}

    Followup:     MachineOwner
    ---------


    MCSE: Security. Мой сайтик - http://www.lysanev.ru

    5 июня 2017 г. 11:35

Ответы

Все ответы