通过

Windows Server2019 标准版 10.0.17763.1 ,服务器随机蓝屏重启 CRITICAL_PROCESS_DIED (ef),有请人分析Dump日志,检查出来是svchost.exe未成功加载导致的系统崩溃。能进一步分析为啥svchost.exe未成功加载吗?

匿名
2024-05-11T09:24:55+00:00

Microsoft (R) Windows Debugger Version 10.0.19041.1 AMD64 Copyright (c) Microsoft Corporation. All rights reserved.

Loading Dump File [D:\BaiduNetdiskDownload\AOS14\MEMORY.DMP]
Kernel Bitmap Dump File: Full address space is available

************* Path validation summary **************
Response                         Time (ms)     Location
Deferred                                       SRV*C:\websymbols*http://msdl.microsoft.com/download/symbols
Symbol search path is: SRV*C:\websymbols*http://msdl.microsoft.com/download/symbols
Executable search path is: 
Windows 10 Kernel Version 17763 MP (48 procs) Free x64
Product: Server, suite: TerminalServer SingleUserTS
Built by: 17763.1.amd64fre.rs5_release.180914-1434
Machine Name:
Kernel base = 0xfffff802`3c4b4000 PsLoadedModuleList = 0xfffff802`3c8d39b0
Debug session time: Thu Apr 18 11:52:24.427 2024 (UTC + 8:00)
System Uptime: 0 days 0:26:13.398
Loading Kernel Symbols
...............................................................
................................................................
...........................
Loading User Symbols
................................................................
...
Loading unloaded module list
......
For analysis of this file, run !analyze -v
11: kd> !analyze -v
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

CRITICAL_PROCESS_DIED (ef)
        A critical system process died
Arguments:
Arg1: ffffdd89e1276540, Process object or thread object
Arg2: 0000000000000000, If this is 0, a process died. If this is 1, a thread died.
Arg3: 0000000000000000
Arg4: 0000000000000000

Debugging Details:
------------------

KEY_VALUES_STRING: 1

    Key  : Analysis.CPU.Sec
    Value: 1

    Key  : Analysis.DebugAnalysisProvider.CPP
    Value: Create: 8007007e on VOSTRO_3710

    Key  : Analysis.DebugData
    Value: CreateObject

    Key  : Analysis.DebugModel
    Value: CreateObject

    Key  : Analysis.Elapsed.Sec
    Value: 53

    Key  : Analysis.Memory.CommitPeak.Mb
    Value: 153

    Key  : Analysis.System
    Value: CreateObject

BUGCHECK_CODE:  ef

BUGCHECK_P1: ffffdd89e1276540

BUGCHECK_P2: 0

BUGCHECK_P3: 0

BUGCHECK_P4: 0

PROCESS_NAME:  svchost.exe

CRITICAL_PROCESS:  svchost.exe

ERROR_CODE: (NTSTATUS) 0x2 - STATUS_WAIT_2

BLACKBOXBSD: 1 (!blackboxbsd)

CONTEXT:  00007ff96daf8691 -- (.cxr 0x7ff96daf8691)
Unable to get program counter
rax=480000021e850f0f rbx=8341d23300000086 rcx=894800000098838b
rdx=850f00007d830845 rsi=0327840ff8b54148 rdi=483cfe24068a0000
rip=0ffda817418d0000 rsp=000003e6830f02fd rbp=3e80d68b48ff3345
 r8=0a8a00000341840f  r9=0f583cc52241c18a r10=4cc18a0000052884
r11=0f403cf02401428d r12=f2f9800000022484 r13=418d000a18ba840f
r14=000282860f013c3e r15=0565840ff3f98000
iopl=2         nv dn di ng nz na pe cy
cs=1ad9  ss=1065  ds=000a  es=8b44  fs=0870  gs=8b4c             efl=00006583
1ad9:0000 ??              ???
Resetting default scope

EXCEPTION_CODE_STR:  2

EXCEPTION_PARAMETER1:  00000000000003ff

EXCEPTION_PARAMETER2:  00007ff969c428ac

EXCEPTION_PARAMETER3:  00001f800010004f

EXCEPTION_PARAMETER4: 0

EXCEPTION_RECORD:  00000055f95acca0 -- (.exr 0x55f95acca0)
ExceptionAddress: 0000000000000400
   ExceptionCode: 00000002
  ExceptionFlags: 00000000
NumberParameters: 1023
   Parameter[0]: 00000000000003ff
   Parameter[1]: 00007ff969c428ac
   Parameter[2]: 00001f800010004f
   Parameter[3]: 0053002b002b0033
   Parameter[4]: 00000202002b002b
   Parameter[5]: 00007ff969c3cb20
   Parameter[6]: 0000000000000000
   Parameter[7]: 00000055f95ad220
   Parameter[8]: 0000000000000000
   Parameter[9]: 0000000000000000
   Parameter[10]: 00000055f95aceee
   Parameter[11]: 00007ff969c42842
   Parameter[12]: 00000055f95ad220
   Parameter[13]: 00000000000003ff
   Parameter[14]: 00000000c0000374

BAD_STACK_POINTER:  000003e6830f02fd

IP_IN_FREE_BLOCK: 0

UNALIGNED_STACK_POINTER:  000003e6830f02fd

STACK_TEXT:  
ffff8182`026e7278 fffff802`3ccc21dd : 00000000`000000ef ffffdd89`e1276540 00000000`00000000 00000000`00000000 : nt!KeBugCheckEx
ffff8182`026e7280 fffff802`3cb9c97b : 00000000`00000000 fffff802`3c584fc9 ffffdd89`e1276540 fffff802`3c584ef8 : nt!PspCatchCriticalBreak+0xfd
ffff8182`026e7320 fffff802`3ca7d7c8 : ffffdd89`00000000 00000000`00000000 ffffdd89`e1276540 ffffdd89`e1276818 : nt!PspTerminateAllThreads+0x1cb0ff
ffff8182`026e7390 fffff802`3ca7d599 : ffffffff`ffffffff ffff8182`026e74c0 ffffdd89`e1276540 ffff8182`026e7401 : nt!PspTerminateProcess+0xe0
ffff8182`026e73d0 fffff802`3c676285 : ffffdd89`00000504 ffffdd89`e12f4080 ffffdd89`e1276540 00000000`00000000 : nt!NtTerminateProcess+0xa9
ffff8182`026e7440 00007ff9`6db8eb14 : 00007ff9`6dbeb38f 00007ff9`6dc3ae48 00000055`f95adaa0 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x25
00000055`f95ac458 00007ff9`6dbeb38f : 00007ff9`6dc3ae48 00000055`f95adaa0 00000000`00000000 00000000`00000000 : ntdll!NtTerminateProcess+0x14
00000055`f95ac460 00007ff9`6db7f306 : 00000000`00000000 00000000`00000400 00000055`f95ac500 00007ff9`686c96da : ntdll!RtlReportFatalFailure$filt$0+0x3f
00000055`f95ac490 00007ff9`6db935af : 00000000`00000000 00000055`f95aca70 00000000`00000001 00000055`f95aca70 : ntdll!_C_specific_handler+0x96
00000055`f95ac500 00007ff9`6daf4aaf : 00000055`f95aca70 00000000`00000001 00000000`00000000 00000000`0010000b : ntdll!RtlpExecuteHandlerForException+0xf
00000055`f95ac530 00007ff9`6daf88a6 : 00000055`f95acca0 00007ff9`6daf8691 00000055`f95acca0 00000000`00000000 : ntdll!RtlDispatchException+0x40f
00000055`f95acc60 00007ff9`6dbeb349 : 00000001`00000000 00000000`c0000374 00000000`00000001 00007ff9`6dc527f0 : ntdll!RtlRaiseException+0x316
00000055`f95adaa0 00007ff9`6dbeb313 : 00000055`f95ada78 0000021b`1d28c480 00007ff9`68772098 00000055`f95ada98 : ntdll!RtlReportFatalFailure+0x9
00000055`f95adaf0 00007ff9`6dbf3b9e : 00000055`f95ae038 00007ff9`6dc527f0 00000000`00000008 0000021b`1d180000 : ntdll!RtlReportCriticalFailure+0x97
00000055`f95adbe0 00007ff9`6dbf3eaa : 00000000`00000008 0000021b`1d180000 0000021b`1d180000 00000055`f95adae8 : ntdll!RtlpHeapHandleError+0x12
00000055`f95adc10 00007ff9`6db8e109 : 0000021b`1d989c90 00000000`00000000 0000021b`1d98dad0 00000000`00000001 : ntdll!RtlpHpHeapHandleError+0x7a
00000055`f95adc40 00007ff9`6db9bb0e : 00000000`00070000 0000021b`1d98a0a0 0000021b`1d98d810 00007ff9`00000000 : ntdll!RtlpLogHeapFailure+0x45
00000055`f95adc70 00007ff9`68696971 : 0000021b`1d989c90 00000000`00000000 00000000`00000000 00000000`00000000 : ntdll!RtlFreeHeap+0x9d3ce
00000055`f95add10 00007ff9`686967c3 : 0000021b`1d989c80 00007ff9`00000000 0000021b`00000001 0000021b`80070776 : rpcss!CleanupInternalOxidInfo+0x45
00000055`f95add40 00007ff9`686b5001 : 0000021b`1d989c80 0000021b`1d989c80 00000000`00000000 00000000`00000000 : rpcss!PrivResolverInfoDeleter+0x3b
00000055`f95add70 00007ff9`686d3d69 : 0000ffff`ffffffff 00000055`f95ae3c8 fffffde4`e23b5ed0 0000021b`1dc4a838 : rpcss!ActivateFromProperties+0x541
00000055`f95adf90 00007ff9`686b5f79 : 00000000`00000000 00000055`f95ae130 00007ff9`6877a9b8 00000000`00000000 : rpcss!ActivationPropertiesIn::DelegateCreateInstance+0x99
00000055`f95ae030 00007ff9`686b8c90 : 00000055`f95ae410 0000021b`1d256f54 0000021b`1d256f54 0000021b`1dc4a130 : rpcss!ActivateFromPropertiesPreamble+0xab9
00000055`f95ae310 00007ff9`686baee4 : 0000021b`1d25d4c0 0000021b`1d280ed0 0000021b`1d280000 00000000`00000050 : rpcss!PerformScmStage+0x9a0
00000055`f95ae610 00007ff9`6da07863 : 0000021b`1dcbb130 0000021b`1d98e800 0000021b`1d98b0b0 00000055`f95aef60 : rpcss!SCMActivatorCreateInstance+0x134
00000055`f95ae910 00007ff9`6d9a45b1 : 00007ff9`68782d02 00000055`f95aed80 00000000`00000004 00000000`00000000 : RPCRT4!Invoke+0x73
00000055`f95ae990 00007ff9`6d9a764a : 00000055`00000014 00007ff9`6d9e55f2 00000055`f95af054 00007ff9`6db0d46d : RPCRT4!NdrStubCall2+0x671
00000055`f95aefd0 00007ff9`6d9e4ab8 : 00000000`00000136 46000000`00000001 00000000`00000000 00000000`00000000 : RPCRT4!NdrServerCall2+0x1a
00000055`f95af000 00007ff9`6d9c0580 : 00120001`00000001 0000021b`1d1c6640 00000055`f95af1e0 00000000`acce550b : RPCRT4!DispatchToStubInCNoAvrf+0x18
00000055`f95af050 00007ff9`6d9bff2b : 0000021b`1d1c6640 00000000`00000000 00007e2d`00000000 0000021b`1dcbb280 : RPCRT4!RPC_INTERFACE::DispatchToStubWorker+0x1a0
00000055`f95af120 00007ff9`6d9b22df : 00000055`f95af2c0 0000021b`1dcbb130 00000000`00000000 0000021b`1d98b610 : RPCRT4!RPC_INTERFACE::DispatchToStub+0xcb
00000055`f95af180 00007ff9`6d9b173a : 00000000`0018eea8 00000000`00000006 00000000`00000000 0000021b`1d9eb830 : RPCRT4!LRPC_SCALL::DispatchRequest+0x35f
00000055`f95af260 00007ff9`6d9b0d01 : 00000000`00000000 0000021b`00000000 00000000`00000000 00000000`00000000 : RPCRT4!LRPC_SCALL::HandleRequest+0x7fa
00000055`f95af360 00007ff9`6d9b0772 : 00000000`00000000 00000000`00000000 00000000`00000001 0000021b`1d1a75d0 : RPCRT4!LRPC_ADDRESS::HandleRequest+0x341
00000055`f95af400 00007ff9`6d9a7545 : 00000055`f95af5f9 0000021b`1dbb5fa0 0000021b`1d1a76d8 00000055`f95af7c8 : RPCRT4!LRPC_ADDRESS::ProcessIO+0x8a2
00000055`f95af540 00007ff9`6db0adc0 : 00000055`f95af5e0 00000000`00000000 00000055`f95af7c8 0000021b`1d19b830 : RPCRT4!LrpcIoComplete+0xc5
00000055`f95af5e0 00007ff9`6db0bc48 : 00000000`00000000 0000021b`1d19b800 00000000`00000000 00000000`00000000 : ntdll!TppAlpcpExecuteCallback+0x260
00000055`f95af660 00007ff9`6c267e94 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : ntdll!TppWorkerThread+0x3c8
00000055`f95af950 00007ff9`6db57ad1 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : KERNEL32!BaseThreadInitThunk+0x14
00000055`f95af980 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : ntdll!RtlUserThreadStart+0x21

SYMBOL_NAME:  ntdll!NtTerminateProcess+14

MODULE_NAME: ntdll

IMAGE_NAME:  ntdll.dll

STACK_COMMAND:  .thread ; .cxr ; kb

BUCKET_ID_FUNC_OFFSET:  14

FAILURE_BUCKET_ID:  0xEF_svchost.exe_BUGCHECK_CRITICAL_PROCESS_e12f4080_STACKPTR_ERROR_ntdll!NtTerminateProcess

OS_VERSION:  10.0.17763.1

BUILDLAB_STR:  rs5_release

OSPLATFORM_TYPE:  x64

OSNAME:  Windows 10

FAILURE_ID_HASH:  {947c76dd-e0b1-2c7e-fb0b-7d0e8ad4e807}

Followup:     MachineOwner
---------
Windows 商业版 | Windows Server | 性能 | 系统性能

锁定的问题。 此问题已从 Microsoft 支持社区迁移。 你可投票决定它是否有用,但不能添加评论或回复,也不能关注问题。 为了保护隐私,对于已迁移的问题,用户个人资料是匿名的。

0 个注释
接受的答案
  1. 匿名
    2024-05-13T01:52:30+00:00

    此响应已自动翻译。因此,可能存在语法错误或单数措辞。

    你好

    感谢您在 Microsoft 社区论坛中发帖。

    根据描述,我了解您的问题 与BSOD 0x000000EF有关。

    Bug Check 的值为 0x000000EF。此检查指示关键系统进程已终止。如果系统终止,关键进程将强制系统执行错误检查。当进程状态损坏或损坏时,将进行此检查。当发生损坏或损坏时,由于这些进程对 Windows 的运行至关重要,因此会进行系统错误检查,因为操作系统的完整性存在问题。 CRITICAL_PROCESS_DIED

    1. 如果您最近向系统添加了硬件,请尝试将其卸下或更换。您也可以与制造商联系,看看是否有任何可用的补丁。
    2. 如果最近添加了新的设备驱动程序或系统服务,请尝试删除或更新它们。尝试识别系统中导致出现新错误检查代码的更改。
    3. 请与制造商联系,查看是否有更新的系统 BIOS 或固件可用。
    4. 尝试运行系统制造商提供的硬件诊断程序。
    5. 确认安装的任何新硬件都与您已安装的 Windows 版本兼容。例如,您可以获取有关 Windows 10 规范所需硬件的信息。
    6. 运行病毒检测程序。病毒可以感染所有类型的 Windows 格式化硬盘驱动器。由此产生的磁盘损坏可能会生成系统错误检查代码。确保病毒检测程序检查主引导记录是否受到感染。
    7. 检查设备管理器,查看是否有任何驱动程序故障,请尝试更新相关驱动程序。

    祝你今天开心。

    真诚地

    莫莉

    0 个注释

0 个其他答案

排序依据: 非常有帮助
非常有帮助 最新 最早