348
WIN10經常藍屏,用winDBG分析後都是應用程序引起的 memory
電腦經常會在瀏覽網頁,看視頻或者聽音樂的時候藍屏,通常都是PAGE_FAULT_IN_NONPAGED_AREA (50) 或者 MEMORY_MANAGEMENT (1a), 也重裝過係統,還是會出現,用winDBG分析過,發現經常是應用程序引起的,但是其他的看的不是特別懂,麻煩微軟的工程師幫我分析下,謝謝!
這是第一個:
******************************************************************************** *
* Bugcheck Analysis *
* *
*******************************************************************************
PAGE_FAULT_IN_NONPAGED_AREA (50)
Invalid system memory was referenced. This cannot be protected by try-except,
it must be protected by a Probe. Typically the address is just plain bad or it
is pointing at freed memory.
Arguments:
Arg1: ffff9f8da28c8478, memory referenced.
Arg2: 0000000000000000, value 0 = read operation, 1 = write operation.
Arg3: fffff8004a888a64, If non-zero, the instruction address which referenced the bad memory
address.
Arg4: 0000000000000002, (reserved)
Debugging Details:
------------------
Could not read faulting driver name
READ_ADDRESS: unable to get nt!MmSpecialPoolStart
unable to get nt!MmSpecialPoolEnd
unable to get nt!MmPagedPoolEnd
unable to get nt!MmNonPagedPoolStart
unable to get nt!MmSizeOfNonPagedPoolInBytes
ffff9f8da28c8478
FAULTING_IP:
nt!ExAllocatePoolWithTag+6c4
fffff800`4a888a64 4c8b4808 mov r9,qword ptr [rax+8]
MM_INTERNAL_CODE: 2
CUSTOMER_CRASH_COUNT: 1
DEFAULT_BUCKET_ID: CODE_CORRUPTION
BUGCHECK_STR: AV
PROCESS_NAME: svchost.exe
CURRENT_IRQL: 1
ANALYSIS_VERSION: 6.3.9600.17336 (debuggers(dbg).150226-1500) amd64fre
TRAP_FRAME: ffffe0003431e4d0 -- (.trap 0xffffe0003431e4d0)
NOTE: The trap frame does not contain all registers.
Some register values may be zeroed or incorrect.
rax=ffff9f8da28c8470 rbx=0000000000000000 rcx=ffffce85c3826040
rdx=0000000000000000 rsi=0000000000000000 rdi=0000000000000000
rip=fffff8004a888a64 rsp=ffffe0003431e660 rbp=ffffe0003431e6e9
r8=ffff9f8f9e5dcd80 r9=0000000000000000 r10=ffffce85c2642508
r11=0000000000000000 r12=0000000000000000 r13=0000000000000000
r14=0000000000000000 r15=0000000000000000
iopl=0 nv up ei ng nz na pe cy
nt!ExAllocatePoolWithTag+0x6c4:
fffff800`4a888a64 4c8b4808 mov r9,qword ptr [rax+8] ds:ffff9f8d`a28c8478=????????????????
Resetting default scope
LAST_CONTROL_TRANSFER: from fffff8004a7aaf32 to fffff8004a7753f0
STACK_TEXT:
ffffe000`3431e238 fffff800`4a7aaf32 : 00000000`00000050 ffff9f8d`a28c8478 00000000`00000000 ffffe000`3431e4d0 : nt!KeBugCheckEx
ffffe000`3431e240 fffff800`4a696246 : 00000000`00000000 ffff9f8d`a28c8478 ffffe000`3431e4d0 ffffce85`c38077c0 : nt!MiSystemFault+0x116e92
ffffe000`3431e2e0 fffff800`4a77ec72 : ffffce85`c5700d58 ffffce85`c3826140 00000000`00000000 ffffce85`c5700d40 : nt!MmAccessFault+0xae6
ffffe000`3431e4d0 fffff800`4a888a64 : ffffce85`c2642710 ffffe000`3431e6e9 00000000`00001000 fffff800`4a639448 : nt!KiPageFault+0x132
ffffe000`3431e660 fffff800`4a6ab46f : ffffce85`00000004 00000000`00000000 ffffce85`0000062c fffff800`00000000 : nt!ExAllocatePoolWithTag+0x6c4
ffffe000`3431e750 fffff800`4aac4e7f : ffff9f8f`00000000 ffff9f8f`a2a719d0 ffff9f8f`a0bf7a00 ffff9f8f`a21edf08 : nt!AuthzBasepDuplicateSecurityAttributes+0x6f
ffffe000`3431e7b0 fffff800`4ab66c49 : ffffe000`3431ea00 00000000`00000000 00000000`00000000 ffffe000`3431eac8 : nt!SepDuplicateToken+0x3ef
ffffe000`3431e890 fffff800`4ab66ad8 : ffffe000`3431eac8 ffffe000`3431eac8 0000001d`f867ddf0 ffffe000`3431eb80 : nt!SeCopyClientToken+0x5d
ffffe000`3431e920 fffff800`4aa9b324 : ffffe000`3431eac8 00000000`00000000 ffff9f8f`a2a719d0 ffff9f8f`a2a96e40 : nt!SepCreateClientSecurityEx+0x138
ffffe000`3431e990 fffff800`4aa98536 : 00000130`b74ce900 00000000`00000000 00000000`00000001 ffffe000`3431eac8 : nt!SeCreateClientSecurity+0x114
ffffe000`3431ea30 fffff800`4ab35265 : 00000130`b74ce900 ffffe000`3431eb80 00000130`b74ce8e0 00000000`00000000 : nt!AlpcpCreateSecurityContext+0x92
ffffe000`3431ea90 fffff800`4a780313 : ffffce85`c3826040 00000130`b74ce8d0 00000000`00000000 00000000`00000010 : nt!NtAlpcCreateSecurityContext+0x109
ffffe000`3431eb00 00007ffd`fe4c6324 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x13
0000001d`f867dda8 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x00007ffd`fe4c6324
STACK_COMMAND: kb
CHKIMG_EXTENSION: !chkimg -lo 50 -d !nt
fffff8004a696320 - nt!MmAccessFault+bc0
[ f6:f9 ]
fffff8004a7aaf57 - nt!MiValidFault+116107 (+0x114c37)
[ f6:f9 ]
2 errors : !nt (fffff8004a696320-fffff8004a7aaf57)
MODULE_NAME: memory_corruption
IMAGE_NAME: memory_corruption
FOLLOWUP_NAME: memory_corruption
DEBUG_FLR_IMAGE_TIMESTAMP: 0
MEMORY_CORRUPTOR: LARGE
FAILURE_BUCKET_ID: MEMORY_CORRUPTION_LARGE
BUCKET_ID: MEMORY_CORRUPTION_LARGE
ANALYSIS_SOURCE: KM
FAILURE_ID_HASH_STRING: km:memory_corruption_large
FAILURE_ID_HASH: {e29154ac-69a4-0eb8-172a-a860f73c0a3c}
Followup: memory_corruption
---------
第二個:
******************************************************************************** *
* Bugcheck Analysis *
* *
*******************************************************************************
MEMORY_MANAGEMENT (1a)
# Any other values for parameter 1 must be individually examined.
Arguments:
Arg1: 0000000000041792, A corrupt PTE has been detected. Parameter 2 contains the address of
the PTE. Parameters 3/4 contain the low/high parts of the PTE.
Arg2: fffffb0000009998
Arg3: 0000000100000000
Arg4: 0000000000000000
Debugging Details:
------------------
OVERLAPPED_MODULE: Address regions for 'mrxsmb10' and 'dump_storpor' overlap
MEMORY_CORRUPTOR: LARGE
BUGCHECK_STR: 0x1a_41792
CUSTOMER_CRASH_COUNT: 1
DEFAULT_BUCKET_ID: CODE_CORRUPTION
PROCESS_NAME: cloudmusic.exe
CURRENT_IRQL: 2
ANALYSIS_VERSION: 6.3.9600.17336 (debuggers(dbg).150226-1500) amd64fre
STACK_TEXT:
ffff9880`3a720218 fffff803`da024c2e : 00000000`0000001a 00000000`00041792 fffffb00`00009998 00000001`00000000 : nt!KeBugCheckEx
ffff9880`3a720220 fffff803`d9f0452d : ffff8386`e5d3a648 ffff8386`ddb76080 ffff8386`e5d3a648 ffff8386`e5d3a080 : nt!MiDeleteVirtualAddresses+0x11b96e
ffff9880`3a7204d0 fffff803`d9f718b1 : 00000000`013cffff 00000000`013cffff 00000000`012d0000 ffff8386`e63d3250 : nt!MiDeleteVad+0x3ad
ffff9880`3a720650 fffff803`da33bd5a : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`012d0000 : nt!MiFreeVadRange+0x4d
ffff9880`3a720690 fffff803`d9ffc313 : ffff8386`df157d80 00000000`00000001 00000000`00000000 00000000`00000000 : nt!NtFreeVirtualMemory+0x42a
ffff9880`3a7207e0 fffff803`d9ff45d0 : fffff803`da2bf70e ffff8386`ddb76080 00000000`00000001 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x13
ffff9880`3a720978 fffff803`da2bf70e : ffff8386`ddb76080 00000000`00000001 00000000`00000000 ffff8386`ddb76080 : nt!KiServiceLinkage
ffff9880`3a720980 fffff803`da3805b6 : 00000000`00000000 00000000`00000000 00000000`00f5d000 ffff9880`3a720b80 : nt!PspExitThread+0x3da
ffff9880`3a720a80 fffff803`da380188 : ffff8386`ddb76080 00000000`00000000 ffff8386`ddb76080 00000000`00000000 : nt!PspTerminateThreadByPointer+0x96
ffff9880`3a720ac0 fffff803`d9ffc313 : ffff8386`ddb76080 ffff9880`3a720b80 00000000`745f8230 ffff8386`e5be9bb0 : nt!NtTerminateThread+0x44
ffff9880`3a720b00 00000000`65c321cc : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x13
00000000`0110f268 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x65c321cc
STACK_COMMAND: kb
CHKIMG_EXTENSION: !chkimg -lo 50 -d !nt
fffff803da105383-fffff803da105385 3 bytes - nt!ExFreePoolWithTag+363
[ 40 fb f6:80 7d fb ]
fffff803da1056b6-fffff803da1056b7 2 bytes - nt!ExFreePoolWithTag+696 (+0x333)
[ 80 f6:00 fb ]
5 errors : !nt (fffff803da105383-fffff803da1056b7)
MODULE_NAME: memory_corruption
IMAGE_NAME: memory_corruption
FOLLOWUP_NAME: memory_corruption
DEBUG_FLR_IMAGE_TIMESTAMP: 0
FAILURE_BUCKET_ID: MEMORY_CORRUPTION_LARGE
BUCKET_ID: MEMORY_CORRUPTION_LARGE
ANALYSIS_SOURCE: KM
FAILURE_ID_HASH_STRING: km:memory_corruption_large
FAILURE_ID_HASH: {e29154ac-69a4-0eb8-172a-a860f73c0a3c}
Followup: memory_corruption
---------
最後更新:2017-06-30 10:46:31
上一篇:
我的固態硬盤在PE下可以看到,但是在windows下無法找到,怎麼辦?
下一篇: Win10升級1703版本,卡在71%不動
- 你的設備已過期,並缺少重要的安全和質量更新,因此存在風險。讓我們帶你重回正軌,這樣
- Microsoft store 無法聯網,顯示Microsoft Store需要聯網,你似乎沒有聯網
- 設備以遷移 由於僅部分匹配或匹配不明確,因此無法遷移設備
- 由於在創建轉儲期間出錯,創建轉儲文件失敗。
- 發生臨時 DNS 錯誤
- 應用商店,在我們這邊發生問題,無法使你登陸,錯誤代碼: 0xD000000D
- 照相機不可用,錯誤代碼:0xA00F4244(0xC00DABE0)
- 應用商店打開異常提示“清單中指定了未知的布局”
- 自定義掃描Windows defender裏麵的設備性能和運行狀況 黃色感歎號問題
- windows預口體驗成員內口版本遇到問題需要重啟
熱門內容
- windows10 點開此電腦後,有兩個顯示硬盤盤符的目錄是怎麼回事?
- windows 10 專業版無法下載中文語言包
- KB4056892
- win10不能共享文件夾
- 在Surfacebook上用Windows to go 1703版本,更新後重啟藍屏,無法進入係統
- windows10 1709版本更新失敗,錯誤0x8007001f
- microdoft visual c++ 2015 redistributable
- WIN10 Insider Preview 17025更新失敗,錯誤代碼0x80096004
- 計算機管理服務 出現一個內部錯誤(INVALID
- 關於控製麵板中的安全和維護內提示Windows defender 防病毒已關閉的問題