Despejo BSOD - EXCEPTION_DOUBLE_FAULT - no Windows Server 2008 64 bits

Question

Despejo BSOD - EXCEPTION_DOUBLE_FAULT - no Windows Server 2008 64 bits

#1 resposta do (2 votos)

1

O meu servidor windows 2008 (edição datacenter) 64bit, criou recentemente uma série de BSOD em diferentes aplicações. A mensagem de erro é, em geral, EXCEPTION_DOUBLE_FAULT .

Alguém pode ajudar com a análise do arquivo de despejo abaixo?

2: kd> !analyze -v
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

UNEXPECTED_KERNEL_MODE_TRAP (7f)
This means a trap occurred in kernel mode, and it's a trap of a kind
that the kernel isn't allowed to have/catch (bound trap) or that
is always instant death (double fault).  The first number in the
bugcheck params is the number of the trap (8 = double fault, etc)
Consult an Intel x86 family manual to learn more about what these
traps are. Here is a *portion* of those codes:
If kv shows a taskGate
        use .tss on the part before the colon, then kv.
Else if kv shows a trapframe
        use .trap on that value
Else
        .trap on the appropriate frame will show where the trap was taken
        (on x86, this will be the ebp that goes with the procedure KiTrap)
Endif
kb will then show the corrected stack.
Arguments:
Arg1: 0000000000000008, EXCEPTION_DOUBLE_FAULT
Arg2: 0000000080050033
Arg3: 00000000000006f8
Arg4: fffff800018b1678

Debugging Details:
------------------


BUGCHECK_STR:  0x7f_8

CUSTOMER_CRASH_COUNT:  1

DEFAULT_BUCKET_ID:  DRIVER_FAULT_SERVER_MINIDUMP

PROCESS_NAME:  CustomerService.

CURRENT_IRQL:  1

EXCEPTION_RECORD:  fffffa6004e45568 -- (.exr 0xfffffa6004e45568)
ExceptionAddress: fffff800018a0150 (nt!RtlVirtualUnwind+0x0000000000000250)
   ExceptionCode: 10000004
  ExceptionFlags: 00000000
NumberParameters: 2
   Parameter[0]: 0000000000000000
   Parameter[1]: 00000000000000d8

TRAP_FRAME:  fffffa6004e45610 -- (.trap 0xfffffa6004e45610)
NOTE: The trap frame does not contain all registers.
Some register values may be zeroed or incorrect.
rax=0000000000000050 rbx=0000000000000000 rcx=0000000000000004
rdx=00000000000000d8 rsi=0000000000000000 rdi=0000000000000000
rip=fffff800018a0150 rsp=fffffa6004e457a0 rbp=fffffa6004e459e0
 r8=0000000000000006  r9=fffff8000181e000 r10=ffffffffffffff88
r11=fffff80001a1c000 r12=0000000000000000 r13=0000000000000000
r14=0000000000000000 r15=0000000000000000
iopl=0         nv up ei pl zr na po nc
nt!RtlVirtualUnwind+0x250:
fffff800'018a0150 488b02          mov     rax,qword ptr [rdx] ds:00000000'000000d8=????????????????
Resetting default scope

LAST_CONTROL_TRANSFER:  from fffff800018781ee to fffff80001878450

STACK_TEXT:  
fffffa60'01768a68 fffff800'018781ee : 00000000'0000007f 00000000'00000008 00000000'80050033 00000000'000006f8 : nt!KeBugCheckEx
fffffa60'01768a70 fffff800'01876a38 : 00000000'00000000 00000000'00000000 00000000'00000000 00000000'00000000 : nt!KiBugCheckDispatch+0x6e
fffffa60'01768bb0 fffff800'018b1678 : 00000000'00000000 00000000'00000000 00000000'00000000 00000000'00000000 : nt!KiDoubleFaultAbort+0xb8
fffffa60'04e44e30 fffff800'018782a9 : fffffa60'04e45568 00000000'00000001 fffffa60'04e45610 00000000'0000023b : nt!KiDispatchException+0x34
fffffa60'04e45430 fffff800'018770a5 : 00000000'00000000 00000000'00000000 00000000'00000000 00000000'00000001 : nt!KiExceptionDispatch+0xa9
fffffa60'04e45610 fffff800'018a0150 : fffffa60'04e46638 fffffa60'04e46010 fffff800'01965190 fffff800'0181e000 : nt!KiPageFault+0x1e5
fffffa60'04e457a0 fffff800'018a3f78 : fffffa60'00000001 00000000'00000000 00000000'00000000 ffffffff'ffffff88 : nt!RtlVirtualUnwind+0x250
fffffa60'04e45810 fffff800'018b1706 : fffffa60'04e46638 fffffa60'04e46010 fffffa60'00000000 00000000'00000000 : nt!RtlDispatchException+0x118
fffffa60'04e45f00 00000000'00000000 : 00000000'00000000 00000000'00000000 00000000'00000000 00000000'00000000 : nt!KiDispatchException+0xc2

STACK_COMMAND:  kb
FOLLOWUP_IP: 
nt!KiDoubleFaultAbort+b8
fffff800'01876a38 90              nop
SYMBOL_STACK_INDEX:  2
SYMBOL_NAME:  nt!KiDoubleFaultAbort+b8
FOLLOWUP_NAME:  MachineOwner
MODULE_NAME: nt
IMAGE_NAME:  ntkrnlmp.exe
DEBUG_FLR_IMAGE_TIMESTAMP:  4a7801eb
FAILURE_BUCKET_ID:  X64_0x7f_8_nt!KiDoubleFaultAbort+b8
BUCKET_ID:  X64_0x7f_8_nt!KiDoubleFaultAbort+b8
Followup: MachineOwner
---------

windows-server-2008 bsod

por Ben Pilbrow 24.03.2010 / 15:34

1 resposta

Tags windows-server-2008 bsod

Arrumando antigos logs de apache gerenciados pelo vlogger É seguro atualizar o php através do Testing Repository (CentOS)?

score 2 · Answer 1

O problema é que enquanto o kernel está processando uma exceção, encontra um segundo. Nesse caso, ele está processando uma falha de página enquanto encontra um segundo. Muito provavelmente isso é um estouro de pilha.

Carregue o arquivo dmp no windbg e execute os seguintes comandos:

.trap  fffffa6004e45610
k 100

Isso produzirá um rastreamento de pilha do encadeamento ofensivo. Por favor, poste a pilha aqui.