我用winDbg解析以下代码
0: kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
KERNEL_SECURITY_CHECK_FAILURE (139)
A kernel component has corrupted a critical data structure. The corruption
could potentially allow a malicious user to gain control of this machine.
Arguments:
Arg1: 0000000000000000, A stack-based buffer has been overrun.
Arg2: 0000000000000000, Address of the trap frame for the exception that caused the bugcheck
Arg3: 0000000000000000, Address of the exception record for the exception that caused the bugcheck
Arg4: 0000000000000000, Reserved
Debugging Details:
------------------
KEY_VALUES_STRING: 1
Key : Analysis.CPU.mSec
Value: 2093
Key : Analysis.DebugAnalysisManager
Value: Create
Key : Analysis.Elapsed.mSec
Value: 10524
Key : Analysis.Init.CPU.mSec
Value: 452
Key : Analysis.Init.Elapsed.mSec
Value: 57598
Key : Analysis.Memory.CommitPeak.Mb
Value: 85
DUMP_FILE_ATTRIBUTES: 0x8
Kernel Generated Triage Dump
BUGCHECK_CODE: 139
BUGCHECK_P1: 0
BUGCHECK_P2: 0
BUGCHECK_P3: 0
BUGCHECK_P4: 0
TRAP_FRAME: 0000000000000000 -- (.trap 0x0)
EXCEPTION_RECORD: 0000000000000000 -- (.exr 0x0)
Cannot read Exception record @ 0000000000000000
BLACKBOXBSD: 1 (!blackboxbsd)
BLACKBOXNTFS: 1 (!blackboxntfs)
BLACKBOXPNP: 1 (!blackboxpnp)
BLACKBOXWINLOGON: 1
CUSTOMER_CRASH_COUNT: 1
PROCESS_NAME: LeagueClient.e
STACK_TEXT:
fffff801`326b7da8 fffff801`2ce06f7b : 00000000`00000139 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KeBugCheckEx
fffff801`326b7db0 fffff801`30dc27b3 : 00000000`00000000 00000000`00000000 ffffda87`00000002 fffff801`326b7e80 : nt!guard_icall_bugcheck+0x1b
fffff801`326b7de0 fffff801`30dbe5ee : ffffda87`c6625110 00000000`00000001 ffffda87`c6625130 fffff801`477167cd : Wdf01000!FxThreadedEventQueue::QueueWorkItem+0x4f [minkernel\wdf\framework\shared\irphandlers\pnp\eventqueue.cpp @ 408]
fffff801`326b7e10 fffff801`30e3bbfa : 00000000`00000000 ffffda87`c6625110 fffff801`326b7f58 fffff801`2cc25679 : Wdf01000!FxThreadedEventQueue::QueueToThread+0x1a [minkernel\wdf\framework\shared\inc\private\common\FxEventQueue.hpp @ 359]
fffff801`326b7e40 fffff801`30e39cde : 00000000`00000000 ffffda87`c6625000 ffffda87`cb66f8a0 ffffab81`c67d96f0 : Wdf01000!FxWakeInterruptMachine::ProcessEvent+0x16a [minkernel\wdf\framework\shared\irphandlers\pnp\wakeinterruptstatemachine.cpp @ 242]
fffff801`326b7ec0 fffff801`30dcff30 : 00000000`00000000 fffff801`2cd2e001 00000000`00000000 ffffda87`ba5da000 : Wdf01000!FxInterrupt::WakeInterruptIsr+0x1a [minkernel\wdf\framework\shared\irphandlers\pnp\interruptobject.cpp @ 313]
fffff801`326b7f00 fffff801`2cca7765 : ffffab81`c67d9640 00000000`00006501 fffff801`29fee180 fffff801`326b7fc0 : Wdf01000!FxInterrupt::_InterruptThunk+0x1c300 [minkernel\wdf\framework\shared\irphandlers\pnp\km\interruptobjectkm.cpp @ 346]
fffff801`326b7f40 fffff801`2cdfea8f : fffffc03`70637b40 ffffab81`c67d9640 112e0be8`26d694b3 fffff801`2cdfed0a : nt!KiCallInterruptServiceRoutine+0xa5
fffff801`326b7f90 fffff801`2cdfed57 : 00000000`0dd48690 ffffda87`caf19080 fffffc03`00000001 ffffda87`00000000 : nt!KiInterruptSubDispatch+0x11f
fffffc03`70637ac0 00007ff9`d81f01b5 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiInterruptDispatch+0x37
00000000`0014bfa0 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x00007ff9`d81f01b5
SYMBOL_NAME: nt!guard_icall_bugcheck+1b
MODULE_NAME: nt
IMAGE_NAME: ntkrnlmp.exe
IMAGE_VERSION: 10.0.19041.3448
STACK_COMMAND: .thread ; .cxr ; kb
BUCKET_ID_FUNC_OFFSET: 1b
FAILURE_BUCKET_ID: 0x139_0_LEGACY_GS_VIOLATION_nt!guard_icall_bugcheck
OSPLATFORM_TYPE: x64
OSNAME: Windows 10
FAILURE_ID_HASH: {9bee41a7-2ef9-07ca-7e59-7d5a0c6e2d05}
Followup: MachineOwner
---------
有谁知道是什么原因吗
0: kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
KERNEL_SECURITY_CHECK_FAILURE (139)
A kernel component has corrupted a critical data structure. The corruption
could potentially allow a malicious user to gain control of this machine.
Arguments:
Arg1: 0000000000000000, A stack-based buffer has been overrun.
Arg2: 0000000000000000, Address of the trap frame for the exception that caused the bugcheck
Arg3: 0000000000000000, Address of the exception record for the exception that caused the bugcheck
Arg4: 0000000000000000, Reserved
Debugging Details:
------------------
KEY_VALUES_STRING: 1
Key : Analysis.CPU.mSec
Value: 2093
Key : Analysis.DebugAnalysisManager
Value: Create
Key : Analysis.Elapsed.mSec
Value: 10524
Key : Analysis.Init.CPU.mSec
Value: 452
Key : Analysis.Init.Elapsed.mSec
Value: 57598
Key : Analysis.Memory.CommitPeak.Mb
Value: 85
DUMP_FILE_ATTRIBUTES: 0x8
Kernel Generated Triage Dump
BUGCHECK_CODE: 139
BUGCHECK_P1: 0
BUGCHECK_P2: 0
BUGCHECK_P3: 0
BUGCHECK_P4: 0
TRAP_FRAME: 0000000000000000 -- (.trap 0x0)
EXCEPTION_RECORD: 0000000000000000 -- (.exr 0x0)
Cannot read Exception record @ 0000000000000000
BLACKBOXBSD: 1 (!blackboxbsd)
BLACKBOXNTFS: 1 (!blackboxntfs)
BLACKBOXPNP: 1 (!blackboxpnp)
BLACKBOXWINLOGON: 1
CUSTOMER_CRASH_COUNT: 1
PROCESS_NAME: LeagueClient.e
STACK_TEXT:
fffff801`326b7da8 fffff801`2ce06f7b : 00000000`00000139 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KeBugCheckEx
fffff801`326b7db0 fffff801`30dc27b3 : 00000000`00000000 00000000`00000000 ffffda87`00000002 fffff801`326b7e80 : nt!guard_icall_bugcheck+0x1b
fffff801`326b7de0 fffff801`30dbe5ee : ffffda87`c6625110 00000000`00000001 ffffda87`c6625130 fffff801`477167cd : Wdf01000!FxThreadedEventQueue::QueueWorkItem+0x4f [minkernel\wdf\framework\shared\irphandlers\pnp\eventqueue.cpp @ 408]
fffff801`326b7e10 fffff801`30e3bbfa : 00000000`00000000 ffffda87`c6625110 fffff801`326b7f58 fffff801`2cc25679 : Wdf01000!FxThreadedEventQueue::QueueToThread+0x1a [minkernel\wdf\framework\shared\inc\private\common\FxEventQueue.hpp @ 359]
fffff801`326b7e40 fffff801`30e39cde : 00000000`00000000 ffffda87`c6625000 ffffda87`cb66f8a0 ffffab81`c67d96f0 : Wdf01000!FxWakeInterruptMachine::ProcessEvent+0x16a [minkernel\wdf\framework\shared\irphandlers\pnp\wakeinterruptstatemachine.cpp @ 242]
fffff801`326b7ec0 fffff801`30dcff30 : 00000000`00000000 fffff801`2cd2e001 00000000`00000000 ffffda87`ba5da000 : Wdf01000!FxInterrupt::WakeInterruptIsr+0x1a [minkernel\wdf\framework\shared\irphandlers\pnp\interruptobject.cpp @ 313]
fffff801`326b7f00 fffff801`2cca7765 : ffffab81`c67d9640 00000000`00006501 fffff801`29fee180 fffff801`326b7fc0 : Wdf01000!FxInterrupt::_InterruptThunk+0x1c300 [minkernel\wdf\framework\shared\irphandlers\pnp\km\interruptobjectkm.cpp @ 346]
fffff801`326b7f40 fffff801`2cdfea8f : fffffc03`70637b40 ffffab81`c67d9640 112e0be8`26d694b3 fffff801`2cdfed0a : nt!KiCallInterruptServiceRoutine+0xa5
fffff801`326b7f90 fffff801`2cdfed57 : 00000000`0dd48690 ffffda87`caf19080 fffffc03`00000001 ffffda87`00000000 : nt!KiInterruptSubDispatch+0x11f
fffffc03`70637ac0 00007ff9`d81f01b5 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiInterruptDispatch+0x37
00000000`0014bfa0 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x00007ff9`d81f01b5
SYMBOL_NAME: nt!guard_icall_bugcheck+1b
MODULE_NAME: nt
IMAGE_NAME: ntkrnlmp.exe
IMAGE_VERSION: 10.0.19041.3448
STACK_COMMAND: .thread ; .cxr ; kb
BUCKET_ID_FUNC_OFFSET: 1b
FAILURE_BUCKET_ID: 0x139_0_LEGACY_GS_VIOLATION_nt!guard_icall_bugcheck
OSPLATFORM_TYPE: x64
OSNAME: Windows 10
FAILURE_ID_HASH: {9bee41a7-2ef9-07ca-7e59-7d5a0c6e2d05}
Followup: MachineOwner
---------
有谁知道是什么原因吗
我的故障代码和你的一模一样
