Parar o erro 0x3B quando um aplicativo altera a ordem z de uma janela no Windows 7 SP1 e no Windows Server 2008 R2 SP1
link
Eu preciso de ajuda com minha saída do Windbg em nossa instalação do Win Server 2008 R2 Standard. É o nosso servidor de produção de missão crítica e trava a cada 2 meses ou mais. Já foi feito algumas vezes. Logs dizem que pode ser um driver, mas qual? quem caiu diz:
On Tue 6/2/2015 2:36:19 PM GMT your computer crashed
crash dump file: C:\Windows\Minidump0215-12854-01.dmp
This was probably caused by the following module: win32k.sys (win32k+0xC3B43)
Bugcheck code: 0x3B (0xC0000005, 0xFFFFF96000123B43, 0xFFFFF8800AF02EA0, 0x0)
Error: SYSTEM_SERVICE_EXCEPTION
file path: C:\Windows\system32\win32k.sys
product: Microsoft® Windows® Operating System
company: Microsoft Corporation
description: Multi-User Win32 Driver
Bug check description: This indicates that an exception happened while executing a routine that transitions from non-privileged code to privileged code.
This appears to be a typical software driver bug and is not likely to be caused by a hardware problem.
The crash took place in a standard Microsoft module. Your system configuration may be incorrect. Possibly this problem is caused by another driver on your system that cannot be identified at this time.
saída windbg:
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
SYSTEM_SERVICE_EXCEPTION (3b)
An exception happened while executing a system service routine.
Arguments:
Arg1: 00000000c0000005, Exception code that caused the bugcheck
Arg2: fffff96000123b43, Address of the instruction which caused the bugcheck
Arg3: fffff8800af02ea0, Address of the context record for the exception that caused the bugcheck
Arg4: 0000000000000000, zero.
Debugging Details:
------------------
EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x%08lx referenced memory at 0x%08lx. The memory could not be %s.
FAULTING_IP:
win32k!HMAllocObject+43
fffff960'00123b43 488bbd58010000 mov rdi,qword ptr [rbp+158h]
CONTEXT: fffff8800af02ea0 -- (.cxr 0xfffff8800af02ea0;r)
rax=0000000000000000 rbx=0000000000000020 rcx=fffff96000319200
rdx=0000000000000000 rsi=0000000000008802 rdi=0000000000000000
rip=fffff96000123b43 rsp=fffff8800af03880 rbp=0000000000000000
r8=0000000000000010 r9=0000000000000080 r10=0000000000000000
r11=fffffa801a87a420 r12=0000000000000000 r13=0000000000000000
r14=0000000000000080 r15=0000000000000010
iopl=0 nv up ei pl nz na pe nc
cs=0010 ss=0018 ds=002b es=002b fs=0053 gs=002b efl=00010202
win32k!HMAllocObject+0x43:
fffff960'00123b43 488bbd58010000 mov rdi,qword ptr [rbp+158h] ss:0018:00000000'00000158=????????????????
Last set context:
rax=0000000000000000 rbx=0000000000000020 rcx=fffff96000319200
rdx=0000000000000000 rsi=0000000000008802 rdi=0000000000000000
rip=fffff96000123b43 rsp=fffff8800af03880 rbp=0000000000000000
r8=0000000000000010 r9=0000000000000080 r10=0000000000000000
r11=fffffa801a87a420 r12=0000000000000000 r13=0000000000000000
r14=0000000000000080 r15=0000000000000010
iopl=0 nv up ei pl nz na pe nc
cs=0010 ss=0018 ds=002b es=002b fs=0053 gs=002b efl=00010202
win32k!HMAllocObject+0x43:
fffff960'00123b43 488bbd58010000 mov rdi,qword ptr [rbp+158h] ss:0018:00000000'00000158=????????????????
Resetting default scope
CUSTOMER_CRASH_COUNT: 1
DEFAULT_BUCKET_ID: WIN7_DRIVER_FAULT_SERVER
BUGCHECK_STR: 0x3B
PROCESS_NAME: conhost.exe
CURRENT_IRQL: 0
ANALYSIS_VERSION: 6.3.9600.16384 (debuggers(dbg).130821-1623) x86fre
LAST_CONTROL_TRANSFER: from 0000000000000000 to fffff96000123b43
STACK_TEXT:
fffff880'0af03880 00000000'00000000 : 00000000'00000000 00000000'00000000 00000000'00000000 00000000'00000000 : win32k!HMAllocObject+0x43
FOLLOWUP_IP:
win32k!HMAllocObject+43
fffff960'00123b43 488bbd58010000 mov rdi,qword ptr [rbp+158h]
SYMBOL_STACK_INDEX: 0
SYMBOL_NAME: win32k!HMAllocObject+43
FOLLOWUP_NAME: MachineOwner
MODULE_NAME: win32k
IMAGE_NAME: win32k.sys
DEBUG_FLR_IMAGE_TIMESTAMP: 54372ef1
IMAGE_VERSION: 6.1.7601.18635
STACK_COMMAND: .cxr 0xfffff8800af02ea0 ; kb
FAILURE_BUCKET_ID: X64_0x3B_win32k!HMAllocObject+43
BUCKET_ID: X64_0x3B_win32k!HMAllocObject+43
ANALYSIS_SOURCE: KM
FAILURE_ID_HASH_STRING: km:x64_0x3b_win32k!hmallocobject+43
FAILURE_ID_HASH: {9363ac24-db12-dd42-fe3b-b3a794764f0d}
Followup: MachineOwner
---------
Eu fiz o upload do arquivo de minidespejo aqui, caso alguém queira visualizá-lo: link
Eu também tenho o arquivo MEMORY.DMP no caso de alguém precisar de mais informações. Sempre que eu abri-lo em windbg parece o mesmo que o minidump, existe uma maneira de ver mais informações detalhadas sobre isso?
Parar o erro 0x3B quando um aplicativo altera a ordem z de uma janela no Windows 7 SP1 e no Windows Server 2008 R2 SP1
link
Tags bsod