WinDBG programı ile denetlediğimde aşağıdaki problemi buluyor. Böyle bir problemim yoktu son 4 gündür bu mavi ekran günde 1 kez karşıma çıkmaya başladı.
| KERNEL_SECURITY_CHECK_FAILURE (139) A kernel component has corrupted a critical data structure. The corruption could potentially allow a malicious user to gain control of this machine. Arguments: Arg1: 000000000000001e, Type of memory safety violation Arg2: ffff83080c812a90, Address of the trap frame for the exception that caused the bugcheck Arg3: ffff83080c8129e8, Address of the exception record for the exception that caused the bugcheck Arg4: 0000000000000000, Reserved Debugging Details: ------------------ KEY_VALUES_STRING: 1 Key : Analysis.CPU.mSec Value: 2499 Key : Analysis.DebugAnalysisProvider.CPP Value: Create: 8007007e on DESKTOP-T0IBRF9 Key : Analysis.DebugData Value: CreateObject Key : Analysis.DebugModel Value: CreateObject Key : Analysis.Elapsed.mSec Value: 2492 Key : Analysis.Memory.CommitPeak.Mb Value: 76 Key : Analysis.System Value: CreateObject Key : WER.OS.Branch Value: vb_release Key : WER.OS.Timestamp Value: 2019-12-06T14:06:00Z Key : WER.OS.Version Value: 10.0.19041.1 ADDITIONAL_XML: 1 OS_BUILD_LAYERS: 1 BUGCHECK_CODE: 139 BUGCHECK_P1: 1e BUGCHECK_P2: ffff83080c812a90 BUGCHECK_P3: ffff83080c8129e8 BUGCHECK_P4: 0 IMAGE_NAME: ntkrnlmp.exe MODULE_NAME: ntkrnlmp FAULTING_MODULE: fffff80476600000 nt TRAP_FRAME: ffff83080c812a90 -- (.trap 0xffff83080c812a90) NOTE: The trap frame does not contain all registers. Some register values may be zeroed or incorrect. rax=0000000000000000 rbx=0000000000000000 rcx=000000000000001e rdx=fffff804772fcc80 rsi=0000000000000000 rdi=0000000000000000 rip=fffff80476a57ecb rsp=ffff83080c812c20 rbp=fffff80471cdc180 r8=00000000000000ca r9=ffff83080c812fb0 r10=0000000000000000 r11=00000000000004ac r12=0000000000000000 r13=0000000000000000 r14=0000000000000000 r15=0000000000000000 iopl=0 nv up ei pl zr na po nc nt!KeQueryValuesThread+0x1bcf2b: fffff804`76a57ecb cd29 int 29h Resetting default scope EXCEPTION_RECORD: ffff83080c8129e8 -- (.exr 0xffff83080c8129e8) ExceptionAddress: fffff80476a57ecb (nt!KeQueryValuesThread+0x00000000001bcf2b) ExceptionCode: c0000409 (Security check failure or stack buffer overrun) ExceptionFlags: 00000001 NumberParameters: 1 Parameter[0]: 000000000000001e Subcode: 0x1e FAST_FAIL_INVALID_NEXT_THREAD BLACKBOXBSD: 1 (!blackboxbsd) BLACKBOXNTFS: 1 (!blackboxntfs) BLACKBOXWINLOGON: 1 PROCESS_NAME: steam.exe ERROR_CODE: (NTSTATUS) 0xc0000409 - Sistem, bu uygulamada y n tabanl bir arabelle in ta t n alg lad . Bu ta ma, k t niyetli bir kullan c n n bu uygulaman n denetimini ele ge irmesine olanak verebilir. EXCEPTION_CODE_STR: c0000409 EXCEPTION_PARAMETER1: 000000000000001e EXCEPTION_STR: 0xc0000409 STACK_TEXT: ffff8308`0c812768 fffff804`76a05e69 : 00000000`00000139 00000000`0000001e ffff8308`0c812a90 ffff8308`0c8129e8 : nt!KeBugCheckEx ffff8308`0c812770 fffff804`76a06290 : fffff804`7683fff0 fffff804`7683b310 ffff8308`0c812a80 00000000`00000006 : nt!KiBugCheckDispatch+0x69 ffff8308`0c8128b0 fffff804`76a04623 : 00000000`00000000 00000000`000000ff 00000000`00000001 00000000`00000280 : nt!KiFastFailDispatch+0xd0 ffff8308`0c812a90 fffff804`76a57ecb : ffffb88d`ca012300 02800090`00000090 00000000`00000000 00000000`00000000 : nt!KiRaiseSecurityCheckFailure+0x323 ffff8308`0c812c20 fffff804`76c92951 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KeQueryValuesThread+0x1bcf2b ffff8308`0c812ca0 fffff804`76c925e2 : ffffb88d`daf2e660 ffffb88d`daf2e8e0 ffffb88d`d84ea080 00000000`00000002 : nt!PsQueryStatisticsProcess+0x111 ffff8308`0c812d20 fffff804`76cd39d1 : 00000000`00000002 ffffb88d`daf2e080 00000000`ffffffff 00000000`00000000 : nt!ExpCopyProcessInfo+0x42 ffff8308`0c812da0 fffff804`76cd6f13 : ffffb259`2c964b20 00000000`00053a48 00000000`03850000 00000000`00000000 : nt!ExpGetProcessInformation+0x9f1 ffff8308`0c813400 fffff804`76cd65f7 : ffffb88d`d84ea080 00000000`00000000 00000000`00000000 00000000`0ac9fb44 : nt!ExpQuerySystemInformation+0x7d3 ffff8308`0c813ac0 fffff804`76a058b8 : 00000000`00000000 ffff8308`0c813b80 ffff8308`0c813b18 ffffffff`ff676980 : nt!NtQuerySystemInformation+0x37 ffff8308`0c813b00 00007fff`536ac484 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x28 00000000`0aa6e448 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x00007fff`536ac484 STACK_COMMAND: .thread ; .cxr ; kb FAILURE_BUCKET_ID: 0x139_1e_INVALID_NEXT_THREAD_IMAGE_ntkrnlmp.exe OS_VERSION: 10.0.19041.1 BUILDLAB_STR: vb_release OSPLATFORM_TYPE: x64 OSNAME: Windows 10 FAILURE_ID_HASH: {64929928-a824-2134-285e-71128496d311} Followup: MachineOwner |
