不用驱动一行代码让自己蓝屏

蓝屏的钙好喝的钙

从朋友那儿得到一行蓝屏代码.刨根问底原来是对方开发项目的时候自己蓝屏发现的.

ShellExecute(NULL, _T("open"), _T("C:\\Windows\\System32\\wininit.exe"), NULL, NULL, SW_SHOW);

大致的原因是重复初始化了.具体的原因我还在调试中.以下是转储分析,希望随着学习的深入能理解这个原因.

Windows 7 Kernel Version 7601 (Service Pack 1) MP (4 procs) Free x64Product: WinNt, suite: TerminalServer SingleUserTSBuilt by: 7601.18798.amd64fre.win7sp1_gdr.150316-1654Machine Name:Kernel base = 0xfffff800`04667000 PsLoadedModuleList = 0xfffff800`048ac890Debug session time: Mon Jun 22 15:53:14.589 2015 (UTC + 8:00)System Uptime: 0 days 7:50:23.432Loading Kernel Symbols.Press ctrl-c (cdb, kd, ntsd) or ctrl-break (windbg) to abort symbol loads that take too long.Run !sym noisy before .reload to track down problems loading symbols................................................................................................................................................................................................Loading User SymbolsLoading unloaded module list..............********************************************************************************                                                                             **                        Bugcheck Analysis                                    **                                                                             ********************************************************************************Use !analyze -v to get detailed debugging information.BugCheck F4, {3, fffffa801b0e82f0, fffffa801b0e85d0, fffff800049dd940}----- ETW minidump data unavailable-----Probably caused by : wininit.exeFollowup: MachineOwner---------3: kd> !analyze -v********************************************************************************                                                                             **                        Bugcheck Analysis                                    **                                                                             ********************************************************************************CRITICAL_OBJECT_TERMINATION (f4)A process or thread crucial to system operation has unexpectedly exited or beenterminated.Several processes and threads are necessary for the operation of thesystem; when they are terminated (for any reason), the system can nolonger function.Arguments:Arg1: 0000000000000003, ProcessArg2: fffffa801b0e82f0, Terminating objectArg3: fffffa801b0e85d0, Process image file nameArg4: fffff800049dd940, Explanatory message (ascii)Debugging Details:----------------------- ETW minidump data unavailable-----PROCESS_OBJECT: fffffa801b0e82f0IMAGE_NAME:  wininit.exeDEBUG_FLR_IMAGE_TIMESTAMP:  0MODULE_NAME: wininitFAULTING_MODULE: 0000000000000000 PROCESS_NAME:  wininit.exeEXCEPTION_CODE: (Win32) 0x5 (5) - <Unable to get error code text>BUGCHECK_STR:  0xF4_5CUSTOMER_CRASH_COUNT:  1DEFAULT_BUCKET_ID:  WIN7_DRIVER_FAULTCURRENT_IRQL:  0STACK_TEXT:  fffff880`0b0389c8 fffff800`04a6d342 : 00000000`000000f4 00000000`00000003 fffffa80`1b0e82f0 fffffa80`1b0e85d0 : nt!KeBugCheckExfffff880`0b0389d0 fffff800`04a235ab : 00000000`00000001 fffffa80`15108b50 fffffa80`1b0e82f0 fffff880`0b038ae0 : nt!PspCatchCriticalBreak+0x92fffff880`0b038a10 fffff800`049910cc : 00000000`00000001 00000000`00000001 fffffa80`1b0e82f0 0000007f`00000000 : nt! ?? ::NNGAKEGL::`string'+0x2a546fffff880`0b038a60 fffff800`046d8cd3 : 00000000`00000008 00000000`00000005 fffffa80`15108b50 00000000`00000000 : nt!NtTerminateProcess+0xf4fffff880`0b038ae0 00000000`7756de9a : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x1300000000`000adf78 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x7756de9aSTACK_COMMAND:  kbFOLLOWUP_NAME:  MachineOwnerFAILURE_BUCKET_ID:  X64_0xF4_5_IMAGE_wininit.exeBUCKET_ID:  X64_0xF4_5_IMAGE_wininit.exeFollowup: MachineOwner---------