Molim pomoć oko analize BSD memory dump.
Pojavilo mi se na win 10, pa sam stavio win 7 X64 jer sam mislio da je do nekih drivera.
Ako mi netko može ovo laički rečeno pojasniti, hvala unaprijed.
Trenutno je gore win 7 x64, svi driveri su stavljeni za win 7, a ovdje se spominje vista ?
Loading User Symbols
PEB is paged out (Peb.Ldr = 000007ff`fffdf018). Type ".hh dbgerr001" for details
Loading unloaded module list
.....
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
Use !analyze -v to get detailed debugging information.
BugCheck 1A, {41284, fffff9800ca01001, 2e98, fffff780c0000000}
Probably caused by : memory_corruption ( nt!MiLocateWsle+1e2 )
Followup: MachineOwner
---------
2: kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
MEMORY_MANAGEMENT (1a)
# Any other values for parameter 1 must be individually examined.
Arguments:
Arg1: 0000000000041284, A PTE or the working set list is corrupt.
Arg2: fffff9800ca01001
Arg3: 0000000000002e98
Arg4: fffff780c0000000
Debugging Details:
------------------
BUGCHECK_STR: 0x1a_41284
DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT
PROCESS_NAME: chrome.exe
CURRENT_IRQL: 0
LAST_CONTROL_TRANSFER: from fffff80002a7e232 to fffff80002a96ba0
STACK_TEXT:
fffff880`06083208 fffff800`02a7e232 : 00000000`0000001a 00000000`00041284 fffff980`0ca01001 00000000`00002e98 : nt!KeBugCheckEx
fffff880`06083210 fffff800`02b487b9 : fffff6fc`c0065008 00000000`00003190 fffffa80`0035fd00 fffffa80`00484dd0 : nt!MiLocateWsle+0x1e2
fffff880`06083250 fffff800`02d0e125 : fffff980`0ca01000 fffff8a0`0aa97710 00000000`00000001 00000000`00000000 : nt!MmUnmapViewInSystemCache+0x2a9
fffff880`06083540 fffff800`02a5332b : 00000000`037c0000 fffffa80`06b78eb0 00000000`00000000 00000000`03800000 : nt!CcUnmapVacb+0x5d
fffff880`06083580 fffff800`02a3f6ca : fffffa80`00000001 00000000`03000000 fffffa80`0a670e00 fffffa80`06b7a950 : nt!CcUnmapVacbArray+0x1bb
fffff880`06083610 fffff800`02cf5a22 : 00000000`00000000 00000000`03800000 fffff880`060836e0 fffff880`06083770 : nt!CcGetVirtualAddress+0x38a
fffff880`060836a0 fffff880`010c4f08 : fffff880`00000000 00000000`00000005 fffffa80`0703b140 fffffa80`00100001 : nt!CcCopyRead+0x132
fffff880`06083760 fffff880`00fb5098 : fffffa80`0aa40ca0 fffffa80`0703b0d8 fffffa80`07a5f040 00000000`00000001 : Ntfs!NtfsCopyReadA+0x1a8
fffff880`06083940 fffff880`00fb88ba : fffff880`06083a10 fffff880`00fd6403 00000287`21204000 fffffa80`0aa40c00 : fltmgr!FltpPerformFastIoCall+0x88
fffff880`060839a0 fffff880`00fd6630 : fffffa80`0aa40ca0 00000000`00000000 fffff880`06083b08 00000000`00100000 : fltmgr!FltpPassThroughFastIo+0xda
fffff880`060839e0 fffff800`02cf6fd1 : fffffa80`0aa40ca0 fffff800`00000001 fffffa80`06b974b0 fffffa80`0aa40ca0 : fltmgr!FltpFastIoRead+0x1d0
fffff880`06083a80 fffff800`02aa4eb9 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!NtReadFile+0x441
fffff880`06083bb0 00000000`77be98ea : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceExit+0x2de
00000000`0092f538 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x77be98ea
STACK_COMMAND: kb
FOLLOWUP_IP:
nt!MiLocateWsle+1e2
fffff800`02a7e232 cc int 3
SYMBOL_STACK_INDEX: 1
SYMBOL_NAME: nt!MiLocateWsle+1e2
FOLLOWUP_NAME: MachineOwner
MODULE_NAME: nt
DEBUG_FLR_IMAGE_TIMESTAMP: 5c6e1cbd
IMAGE_NAME: memory_corruption
FAILURE_BUCKET_ID: X64_0x1a_41284_nt!MiLocateWsle+1e2
BUCKET_ID: X64_0x1a_41284_nt!MiLocateWsle+1e2
Followup: MachineOwner
---------
2: kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
MEMORY_MANAGEMENT (1a)
# Any other values for parameter 1 must be individually examined.
Arguments:
Arg1: 0000000000041284, A PTE or the working set list is corrupt.
Arg2: fffff9800ca01001
Arg3: 0000000000002e98
Arg4: fffff780c0000000
Debugging Details:
------------------
BUGCHECK_STR: 0x1a_41284
DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT
PROCESS_NAME: chrome.exe
CURRENT_IRQL: 0
LAST_CONTROL_TRANSFER: from fffff80002a7e232 to fffff80002a96ba0
STACK_TEXT:
fffff880`06083208 fffff800`02a7e232 : 00000000`0000001a 00000000`00041284 fffff980`0ca01001 00000000`00002e98 : nt!KeBugCheckEx
fffff880`06083210 fffff800`02b487b9 : fffff6fc`c0065008 00000000`00003190 fffffa80`0035fd00 fffffa80`00484dd0 : nt!MiLocateWsle+0x1e2
fffff880`06083250 fffff800`02d0e125 : fffff980`0ca01000 fffff8a0`0aa97710 00000000`00000001 00000000`00000000 : nt!MmUnmapViewInSystemCache+0x2a9
fffff880`06083540 fffff800`02a5332b : 00000000`037c0000 fffffa80`06b78eb0 00000000`00000000 00000000`03800000 : nt!CcUnmapVacb+0x5d
fffff880`06083580 fffff800`02a3f6ca : fffffa80`00000001 00000000`03000000 fffffa80`0a670e00 fffffa80`06b7a950 : nt!CcUnmapVacbArray+0x1bb
fffff880`06083610 fffff800`02cf5a22 : 00000000`00000000 00000000`03800000 fffff880`060836e0 fffff880`06083770 : nt!CcGetVirtualAddress+0x38a
fffff880`060836a0 fffff880`010c4f08 : fffff880`00000000 00000000`00000005 fffffa80`0703b140 fffffa80`00100001 : nt!CcCopyRead+0x132
fffff880`06083760 fffff880`00fb5098 : fffffa80`0aa40ca0 fffffa80`0703b0d8 fffffa80`07a5f040 00000000`00000001 : Ntfs!NtfsCopyReadA+0x1a8
fffff880`06083940 fffff880`00fb88ba : fffff880`06083a10 fffff880`00fd6403 00000287`21204000 fffffa80`0aa40c00 : fltmgr!FltpPerformFastIoCall+0x88
fffff880`060839a0 fffff880`00fd6630 : fffffa80`0aa40ca0 00000000`00000000 fffff880`06083b08 00000000`00100000 : fltmgr!FltpPassThroughFastIo+0xda
fffff880`060839e0 fffff800`02cf6fd1 : fffffa80`0aa40ca0 fffff800`00000001 fffffa80`06b974b0 fffffa80`0aa40ca0 : fltmgr!FltpFastIoRead+0x1d0
fffff880`06083a80 fffff800`02aa4eb9 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!NtReadFile+0x441
fffff880`06083bb0 00000000`77be98ea : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceExit+0x2de
00000000`0092f538 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x77be98ea
STACK_COMMAND: kb
FOLLOWUP_IP:
nt!MiLocateWsle+1e2
fffff800`02a7e232 cc int 3
SYMBOL_STACK_INDEX: 1
SYMBOL_NAME: nt!MiLocateWsle+1e2
FOLLOWUP_NAME: MachineOwner
MODULE_NAME: nt
DEBUG_FLR_IMAGE_TIMESTAMP: 5c6e1cbd
IMAGE_NAME: memory_corruption
FAILURE_BUCKET_ID: X64_0x1a_41284_nt!MiLocateWsle+1e2
BUCKET_ID: X64_0x1a_41284_nt!MiLocateWsle+1e2
Followup: MachineOwner
---------