resolve access violation exception (0xC0000005) crashing IIS app pool
- by Joseph
IIS 7.5, server 2008 r2, classic asp and asp .net 2.0, 3.5 website same server, same app pool. The past 4 weeks thousands of these errors 'C0000005' are occurring. I know from IIS debug diag tool that 'C0000005' is an access violation error. Below is the top line from my debug diag report.
In w3wp__PID__6656__Date__01_08_2011__Time_01_42_46AM__281__First Chance Access Violation.dmp the assembly instruction at asp!CActiveScriptEngine::GetApplication+27 in \\?\C:\Windows\System32\inetsrv\asp.dll from Microsoft Corporation has caused an access violation exception (0xC0000005) when trying to read from memory location 0x00000000 on thread 29
Thread 29 - System ID 6736
Entry point 0x00000000
Create time 1/8/2011 12:46:26 AM
Time spent in user mode 0 Days 00:00:00.140
Time spent in kernel mode 0 Days 00:00:00.078
Function Source
asp!CActiveScriptEngine::GetApplication+27
vbscript!COleScript::GetDebugApplicationCoreNoRef+2b
vbscript!COleScript::FDebuggerEnabled+30
vbscript!COleScript::SetScriptSite+cd
asp!CActiveScriptEngine::Init+125
asp!CScriptManager::GetEngine+252
asp!AllocAndLoadEngines+28f
asp!ExecuteGlobal+17a
asp!Execute+b5
asp!CHitObj::ViperAsyncCallback+3fc
asp!CViperAsyncRequest::OnCall+6a
comsvcs!CSTAActivityWork::STAActivityWorkHelper+32
ole32!EnterForCallback+f4
ole32!SwitchForCallback+1a8
ole32!PerformCallback+a3
ole32!CObjectContext::InternalContextCallback+15b
ole32!CObjectContext::DoCallback+1c
comsvcs!CSTAActivityWork::DoWork+12f
comsvcs!CSTAThread::DoWork+18
comsvcs!CSTAThread::ProcessQueueWork+37
comsvcs!CSTAThread::WorkerLoop+135
msvcrt!_endthreadex+44
msvcrt!_endthreadex+ce
kernel32!BaseThreadInitThunk+e
ntdll!__RtlUserThreadStart+70
ntdll!_RtlUserThreadStart+1b
BELOW is the faulting module.
ASP report
Executing ASP requests 0 Request(s)
ASP templates cached 0 Template(s)
ASP template cache size 0.00 Bytes
Loaded ASP applications 1 Application(s)
ASP.DLL Version 7.5.7600.16620
ASP application report
ASP application metabase key
Physical Path
Virtual Root
Session Count 0 Session(s)
Request Count 0 Request(s)
Session Timeout 0 minutes(s)
Path to Global.asa
Server side script debugging enabled False
Client side script debugging enabled False
Out of process COM servers allowed False
Session state turned on False
Write buffering turned on False
Application restart enabled False
Parent paths enabled False
ASP Script error messages will be sent to browser False
ASP!CACTIVESCRIPTENGINE::GETAPPLICATION+27In w3wp__PID__6656__Date__01_08_2011__Time_01_42_46AM__281__First Chance Access Violation.dmp the assembly instruction at asp!CActiveScriptEngine::GetApplication+27 in \\?\C:\Windows\System32\inetsrv\asp.dll from Microsoft Corporation has caused an access violation exception (0xC0000005) when trying to read from memory location 0x00000000 on thread 29
recent events: server was being brute forced by hackers all of Dec and probably earlier, they weren't able to gain access but did get a virus on and blasted out spam. insatlled AVG and about the 17 or 22 latest patches. after that the app pool started crashing and the server has crashed a couple times since then. I am in no mans land as I am a developer and not a sys admin but I have to assume many roles. So I'm reaching out for help.
Sometimes I will see hundreds of these 'C0000005' scriptengine errors in the event log in a matter of seconds and other times just a few times an hour. I googled this line 'ASP!CACTIVESCRIPTENGINE::GETAPPLICATION' and got nothing. Its like the function don't exist or something. I have spent many hours google-ing to no avail and am now turning to the experts on the forums.
Thank you for your help
