BSOD do Servidor 2003 SP2 causado por fltmgr.sys

1
Estou correndo em um problema em que uma caixa do Server 2003 SP2 começou a falhar aproximadamente uma vez por hora, BSODing com a mensagem que fltmgr.sys é provavelmente a causa. Eu corri dumpchk.exe no arquivo memory.dmp, indicando a mesma coisa. Alguma idéia sobre causas básicas típicas?

O seguinte é o código de erro que estou vendo:

Error code 0000007e, parameter1 c0000005, parameter2 f723e087, parameter3 f78cea8c, parameter4 f78ce788.

Depois de executar o dumpchk no arquivo memory.dmp, recebo a seguinte nota:

Probably caused by : fltmgr.sys ( fltmgr!FltGetIrpName+63f )

O log completo está aqui:

Microsoft (R) Windows Debugger Version 6.12.0002.633 X86
Copyright (c) Microsoft Corporation. All rights reserved.


Loading Dump File [c:\windows\memory.dmp]
Kernel Complete Dump File: Full address space is available

Symbol search path is: *** Invalid ***
****************************************************************************
* Symbol loading may be unreliable without a symbol search path.           *
* Use .symfix to have the debugger choose a symbol path.                   *
* After setting your symbol path, use .reload to refresh symbol locations. *
****************************************************************************
Executable search path is: 
*********************************************************************
* Symbols can not be loaded because symbol path is not initialized. *
*                                                                   *
* The Symbol Path can be set by:                                    *
*   using the _NT_SYMBOL_PATH environment variable.                 *
*   using the -y <symbol_path> argument when starting the debugger. *
*   using .sympath and .sympath+                                    *
*********************************************************************
*** ERROR: Symbol file could not be found.  Defaulted to export symbols for ntkrnlpa.exe - 
Windows Server 2003 Kernel Version 3790 (Service Pack 2) UP Free x86 compatible
Product: Server, suite: TerminalServer SingleUserTS
Built by: 3790.srv03_sp2_gdr.101019-0340
Machine Name:
Kernel base = 0x80800000 PsLoadedModuleList = 0x8089ffa8
Debug session time: Wed Oct  5 08:48:04.803 2011 (UTC - 4:00)
System Uptime: 0 days 14:25:12.085
*********************************************************************
* Symbols can not be loaded because symbol path is not initialized. *
*                                                                   *
* The Symbol Path can be set by:                                    *
*   using the _NT_SYMBOL_PATH environment variable.                 *
*   using the -y <symbol_path> argument when starting the debugger. *
*   using .sympath and .sympath+                                    *
*********************************************************************
*** ERROR: Symbol file could not be found.  Defaulted to export symbols for ntkrnlpa.exe - 
Loading Kernel Symbols
...............................................................
.................................................
Loading User Symbols

Loading unloaded module list
...
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck 7E, {c0000005, f723e087, f78dea8c, f78de788}

***** Kernel symbols are WRONG. Please fix symbols to do analysis.

*** ERROR: Symbol file could not be found.  Defaulted to export symbols for fltmgr.sys - 
--omitted--
Probably caused by : fltmgr.sys ( fltmgr!FltGetIrpName+63f )

Followup: MachineOwner
---------

----- 32 bit Kernel Full Dump Analysis

DUMP_HEADER32:
MajorVersion        0000000f
MinorVersion        00000ece
KdSecondaryVersion  00000000
DirectoryTableBase  004e7000
PfnDataBase         81600000
PsLoadedModuleList  8089ffa8
PsActiveProcessHead 808a61c8
MachineImageType    0000014c
NumberProcessors    00000001
BugCheckCode        0000007e
BugCheckParameter1  c0000005
BugCheckParameter2  f723e087
BugCheckParameter3  f78dea8c
BugCheckParameter4  f78de788
PaeEnabled          00000001
KdDebuggerDataBlock 8088e3e0
SecondaryDataState  00000000
ProductType         00000003
SuiteMask           00000110

Physical Memory Description:
Number of runs: 3 (limited to 3)
          FileOffset  Start Address          Length
           00001000     0000000000001000     0009e000
           0009f000     0000000000100000     bfdf0000
           bfe8f000     00000000bff00000     00100000
Last Page: 00000000bff8e000     00000000bffff000

KiProcessorBlock at 8089f300
  1 KiProcessorBlock entries:
  ffdff120


Windows Server 2003 Kernel Version 3790 (Service Pack 2) UP Free x86 compatible
Product: Server, suite: TerminalServer SingleUserTS
Built by: 3790.srv03_sp2_gdr.101019-0340
Machine Name:*** ERROR: Module load completed but symbols could not be loaded for srv.sys

Kernel base = 0x80800000 PsLoadedModuleList = 0x8089ffa8
Debug session time: Wed Oct  5 08:48:04.803 2011 (UTC - 4:00)
System Uptime: 0 days 14:25:12.085
start    end        module name
80800000 80a50000   nt        Tue Oct 19 10:00:49 2010 (4CBDA491)
80a50000 80a6f000   hal       Sat Feb 17 00:48:25 2007 (45D69729)
b83d4000 b83fe000   Fastfat   Sat Feb 17 01:27:55 2007 (45D6A06B)
b8476000 b84a1000   RDPWD     Sat Feb 17 00:44:38 2007 (45D69646)
b8549000 b8554000   TDTCP     Sat Feb 17 00:44:32 2007 (45D69640)
b8fe1000 b9045000   srv       Thu Feb 17 11:58:17 2011 (4D5D53A9)
b956d000 b95be000   HTTP      Fri Nov 06 07:51:22 2009 (4AF41BCA)
b9816000 b982d780   hgfs      Tue Aug 12 20:36:54 2008 (48A22CA6)
b9b16000 b9b20000   ndisuio   Sat Feb 17 00:58:25 2007 (45D69981)
b9cf6000 b9d1ac60   iwfsd     Wed Sep 29 01:43:59 2004 (415A4B9F)
b9e5b000 b9e62000   parvdm    Tue Mar 25 03:03:49 2003 (3E7FFF55)
b9e63000 b9e67860   lgtosync  Fri Sep 12 04:38:13 2003 (3F6185F5)
b9ed3000 b9ee8000   Cdfs      Sat Feb 17 01:27:08 2007 (45D6A03C)
b9f10000 b9f2e000   EraserUtilRebootDrv  Thu Jul 07 21:45:11 2011 (4E166127)
b9f2e000 b9f8c000   eeCtrl    Thu Jul 07 21:45:11 2011 (4E166127)
b9f8c000 b9f9d000   Fips      Sat Feb 17 01:26:33 2007 (45D6A019)
b9f9d000 ba013000   mrxsmb    Fri Feb 18 10:22:23 2011 (4D5E8EAF)
ba013000 ba043000   rdbss     Wed Feb 24 10:54:03 2010 (4B854B9B)
ba043000 ba0ad000   SPBBCDrv  Mon Dec 14 23:39:00 2009 (4B2712E4)
ba0ad000 ba0d7000   afd       Thu Feb 10 08:42:18 2011 (4D53EB3A)
ba0d7000 ba108000   netbt     Sat Feb 17 01:28:57 2007 (45D6A0A9)
ba108000 ba19c000   tcpip     Sat Aug 15 05:53:38 2009 (4A8685A2)
ba19c000 ba1b5000   ipsec     Sat Feb 17 01:29:28 2007 (45D6A0C8)
ba275000 ba288600   NAVENG    Fri Jul 29 08:10:02 2011 (4E32A31A)
ba289000 ba2ae000   SYMEVENT  Thu Apr 15 21:31:23 2010 (4BC7BDEB)
ba2ae000 ba42d300   NAVEX15   Fri Jul 29 08:07:28 2011 (4E32A280)
ba42e000 ba479000   SRTSP     Fri Mar 04 15:31:08 2011 (4D714C0C)
ba485000 ba487b00   dump_vmscsi  Wed Apr 11 13:55:32 2007 (461D2114)
ba4e1000 ba540000   update    Mon May 28 08:15:16 2007 (465AC7D4)
ba568000 ba59f000   rdpdr     Sat Feb 17 00:51:00 2007 (45D697C4)
ba59f000 ba5b1000   raspptp   Sat Feb 17 01:29:20 2007 (45D6A0C0)
ba5b1000 ba5ca000   ndiswan   Sat Feb 17 01:29:22 2007 (45D6A0C2)
ba5da000 ba5e4000   dump_diskdump  Sat Feb 17 01:07:44 2007 (45D69BB0)
ba66a000 ba67e000   rasl2tp   Sat Feb 17 01:29:02 2007 (45D6A0AE)
ba67e000 ba69a000   VIDEOPRT  Sat Feb 17 01:10:30 2007 (45D69C56)
ba69a000 ba6c1000   ks        Sat Feb 17 01:30:40 2007 (45D6A110)
ba6c1000 ba6d5000   redbook   Sat Feb 17 01:07:26 2007 (45D69B9E)
ba6d5000 ba6ea000   cdrom     Sat Feb 17 01:07:48 2007 (45D69BB4)
ba6ea000 ba6ff000   serial    Sat Feb 17 01:06:46 2007 (45D69B76)
ba6ff000 ba717000   parport   Sat Feb 17 01:06:42 2007 (45D69B72)
ba717000 ba72a000   i8042prt  Sat Feb 17 01:30:40 2007 (45D6A110)
baff0000 baff3700   CmBatt    Sat Feb 17 00:58:51 2007 (45D6999B)
bf800000 bf9d3000   win32k    Thu Mar 03 08:55:02 2011 (4D6F9DB6)
bf9d3000 bf9ea000   dxg       Sat Feb 17 01:14:39 2007 (45D69D4F)
bf9ea000 bf9fec80   vmx_fb    Sat Aug 16 07:23:10 2008 (48A6B89E)
bf9ff000 bfa4a000   ATMFD     Tue Feb 15 08:19:22 2011 (4D5A7D5A)
bff60000 bff7e000   RDPDD     Sat Feb 17 09:01:19 2007 (45D70AAF)
f7214000 f723a000   KSecDD    Mon Jun 15 13:45:11 2009 (4A3688A7)
f723a000 f725f000   fltmgr    Sat Feb 17 00:51:08 2007 (45D697CC)
f725f000 f7272000   CLASSPNP  Sat Feb 17 01:28:16 2007 (45D6A080)
f7272000 f7283000   symmpi    Mon Dec 13 16:03:14 2004 (41BE0392)
f7283000 f72a2000   SCSIPORT  Sat Feb 17 01:28:41 2007 (45D6A099)
f72a2000 f72bf000   atapi     Sat Feb 17 01:07:34 2007 (45D69BA6)
f72bf000 f72e9000   volsnap   Sat Feb 17 01:08:23 2007 (45D69BD7)
f72e9000 f7315000   dmio      Sat Feb 17 01:10:44 2007 (45D69C64)
f7315000 f733c000   ftdisk    Sat Feb 17 01:08:05 2007 (45D69BC5)
f733c000 f7352000   pci       Sat Feb 17 00:59:03 2007 (45D699A7)
f7352000 f7386000   ACPI      Sat Feb 17 00:58:47 2007 (45D69997)
f7487000 f7490000   WMILIB    Tue Mar 25 03:13:00 2003 (3E80017C)
f7497000 f74a6000   isapnp    Sat Feb 17 00:58:57 2007 (45D699A1)
f74a7000 f74b4000   PCIIDEX   Sat Feb 17 01:07:32 2007 (45D69BA4)
f74b7000 f74c7000   MountMgr  Sat Feb 17 01:05:35 2007 (45D69B2F)
f74c7000 f74d2000   PartMgr   Sat Feb 17 01:29:25 2007 (45D6A0C5)
f74d7000 f74e7000   disk      Sat Feb 17 01:07:51 2007 (45D69BB7)
f74e7000 f74f3000   Dfs       Sat Feb 17 00:51:17 2007 (45D697D5)
f74f7000 f7501000   crcdisk   Sat Feb 17 01:09:50 2007 (45D69C2E)
f7507000 f7517000   agp440    Sat Feb 17 00:58:53 2007 (45D6999D)
f7517000 f7522000   TDI       Sat Feb 17 01:01:19 2007 (45D69A2F)
f7527000 f7532000   ptilink   Sat Feb 17 01:06:38 2007 (45D69B6E)
f7537000 f7540000   raspti    Sat Feb 17 00:59:23 2007 (45D699BB)
f7547000 f7556000   termdd    Sat Feb 17 00:44:32 2007 (45D69640)
f7557000 f7561000   Dxapi     Tue Mar 25 03:06:01 2003 (3E7FFFD9)
f7577000 f7580000   mssmbios  Sat Feb 17 00:59:12 2007 (45D699B0)
f7587000 f7595000   NDProxy   Wed Nov 03 09:25:59 2010 (4CD162E7)
f75a7000 f75b1000   flpydisk  Tue Mar 25 03:04:32 2003 (3E7FFF80)
f75b7000 f75c0080   SRTSPX    Fri Mar 04 15:31:24 2011 (4D714C1C)
f75d7000 f75e3000   vga       Sat Feb 17 01:10:30 2007 (45D69C56)
f75e7000 f75f2000   Msfs      Sat Feb 17 00:50:33 2007 (45D697A9)
f75f7000 f7604000   Npfs      Sat Feb 17 00:50:36 2007 (45D697AC)
f7607000 f7615000   msgpc     Sat Feb 17 00:58:37 2007 (45D6998D)
f7617000 f7624000   netbios   Sat Feb 17 00:58:29 2007 (45D69985)
f7627000 f7634000   wanarp    Sat Feb 17 00:59:17 2007 (45D699B5)
f7637000 f7646000   intelppm  Sat Feb 17 00:48:30 2007 (45D6972E)
f7647000 f7652000   kbdclass  Sat Feb 17 01:05:39 2007 (45D69B33)
f7657000 f7661000   mouclass  Tue Mar 25 03:03:09 2003 (3E7FFF2D)
f7667000 f7671000   serenum   Sat Feb 17 01:06:44 2007 (45D69B74)
f7677000 f7682000   fdc       Sat Feb 17 01:07:16 2007 (45D69B94)
f7687000 f7694b00   vmx_svga  Sat Aug 16 07:22:07 2008 (48A6B85F)
f7697000 f76a0000   watchdog  Sat Feb 17 01:11:45 2007 (45D69CA1)
f76a7000 f76b0000   ndistapi  Sat Feb 17 00:59:19 2007 (45D699B7)
f76b7000 f76c6000   raspppoe  Sat Feb 17 00:59:23 2007 (45D699BB)
f76c8000 f7707000   NDIS      Sat Feb 17 01:28:49 2007 (45D6A0A1)
f7707000 f770f000   kdcom     Tue Mar 25 03:08:00 2003 (3E800050)
f770f000 f7717000   BOOTVID   Tue Mar 25 03:07:58 2003 (3E80004E)
f7717000 f771e000   intelide  Sat Feb 17 01:07:32 2007 (45D69BA4)
f771f000 f7726000   dmload    Tue Mar 25 03:08:08 2003 (3E800058)
f777f000 f7786000   dxgthk    Tue Mar 25 03:05:52 2003 (3E7FFFD0)
f7787000 f778e000   vmmemctl  Tue Aug 12 20:37:25 2008 (48A22CC5)
f77cf000 f77d6280   vmxnet    Mon Sep 08 21:17:10 2008 (48C5CE96)
f77d7000 f77df000   audstub   Tue Mar 25 03:09:12 2003 (3E800098)
f77ef000 f77f7000   Fs_Rec    Tue Mar 25 03:08:36 2003 (3E800074)
f77f7000 f77fe000   Null      Tue Mar 25 03:03:05 2003 (3E7FFF29)
f77ff000 f7806000   Beep      Tue Mar 25 03:03:04 2003 (3E7FFF28)
f7807000 f780f000   mnmdd     Tue Mar 25 03:07:53 2003 (3E800049)
f780f000 f7817000   RDPCDD    Tue Mar 25 03:03:05 2003 (3E7FFF29)
f7817000 f781f000   rasacd    Tue Mar 25 03:11:50 2003 (3E800136)
f7878000 f7897000   Mup       Tue Apr 12 15:05:46 2011 (4DA4A28A)
f7897000 f7899980   compbatt  Sat Feb 17 00:58:51 2007 (45D6999B)
f789b000 f789e900   BATTC     Sat Feb 17 00:58:46 2007 (45D69996)
f789f000 f78a1b00   vmscsi    Wed Apr 11 13:55:32 2007 (461D2114)
f79af000 f79b0280   vmmouse   Mon Aug 11 07:16:51 2008 (48A01FA3)
f79b1000 f79b2280   swenum    Sat Feb 17 01:05:56 2007 (45D69B44)
f7b4a000 f7bdf000   Ntfs      Sat Feb 17 01:27:23 2007 (45D6A04B)

Unloaded modules:
ba65a000 ba668000   imapi.sys
    Timestamp: unavailable (00000000)
    Checksum:  00000000
    ImageSize:  0000E000
ba1c4000 ba1d5000   vpc-8042.sys
    Timestamp: unavailable (00000000)
    Checksum:  00000000
    ImageSize:  00011000
f77df000 f77e7000   Sfloppy.SYS
    Timestamp: unavailable (00000000)
    Checksum:  00000000
    ImageSize:  00008000
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck 7E, {c0000005, f723e087, f78dea8c, f78de788}

***** Kernel symbols are WRONG. Please fix symbols to do analysis.
--omitted--
Probably caused by : fltmgr.sys ( fltmgr!FltGetIrpName+63f )

Followup: MachineOwner
---------

Finished dump check
    
por CodeMonkey1313 04.10.2011 / 21:26

2 respostas

1

Eu percebo que isso está atrasado há muito tempo, mas isolamos o problema para a cópia do Interwoven em execução na caixa. Interwoven expõe seu sistema de conteúdo como uma unidade no servidor. A unidade não é real, mas sim um serviço em execução no computador. Houve algum tipo de driver ou arquivo corrompido que causou um BSOD quando uma parte dessa "unidade" foi aberta. A solução (infelizmente) era levantar um novo servidor, instalar o Interwoven e migrar o repositório de conteúdo para o novo servidor, atualizando-o ao longo do caminho (estávamos no 6.5 e movemo-nos para o 6.7.2).

    
por 18.07.2013 / 19:02
0

Gostaria de verificar primeiro o disco rígido do seu sistema operacional.

    
por 04.10.2011 / 22:07