Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- *******************************************************************************
- * *
- * Bugcheck Analysis *
- * *
- *******************************************************************************
- KMODE_EXCEPTION_NOT_HANDLED (1e)
- This is a very common bugcheck. Usually the exception address pinpoints
- the driver/function that caused the problem. Always note this address
- as well as the link date of the driver/image that contains this address.
- Arguments:
- Arg1: ffffffffc0000005, The exception code that was not handled
- Arg2: fffff801364ecf92, The address that the exception occurred at
- Arg3: 0000000000000000, Parameter 0 of the exception
- Arg4: ffffffffffffffff, Parameter 1 of the exception
- Debugging Details:
- ------------------
- TRIAGER: Could not open triage file : e:\dump_analysis\program\triage\modclass.ini, error 2
- OVERLAPPED_MODULE: Address regions for 'srv2' and 'dump_storpor' overlap
- EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - The instruction at "0x%08lx" referenced memory at "0x%08lx". The memory could not be "%s".
- FAULTING_IP:
- nt!KxWaitForLockOwnerShipWithIrql+12
- fffff801`364ecf92 48890a mov qword ptr [rdx],rcx
- EXCEPTION_PARAMETER1: 0000000000000000
- EXCEPTION_PARAMETER2: ffffffffffffffff
- READ_ADDRESS: unable to get nt!MmSpecialPoolStart
- unable to get nt!MmSpecialPoolEnd
- unable to get nt!MmPagedPoolEnd
- unable to get nt!MmNonPagedPoolStart
- unable to get nt!MmSizeOfNonPagedPoolInBytes
- ffffffffffffffff
- ERROR_CODE: (NTSTATUS) 0xc0000005 - The instruction at "0x%08lx" referenced memory at "0x%08lx". The memory could not be "%s".
- BUGCHECK_STR: 0x1e_c0000005
- DEFAULT_BUCKET_ID: WIN8_DRIVER_FAULT
- PROCESS_NAME: MSASCuiL.exe
- CURRENT_IRQL: 0
- TRAP_FRAME: 00007ffd05fd6f50 -- (.trap 0x7ffd05fd6f50)
- Unable to read trap frame at 00007ffd`05fd6f50
- LAST_CONTROL_TRANSFER: from fffff801365aaeed to fffff80136577880
- CONTEXT: 00b60f41c2200f44 -- (.cxr 0xb60f41c2200f44)
- Unable to read context, Win32 error 0n30
- STACK_TEXT:
- fffff880`926bbb28 fffff801`365aaeed : 00000000`0000001e ffffffff`c0000005 fffff801`364ecf92 00000000`00000000 : nt!KeBugCheckEx
- fffff880`926bbb30 fffff801`3658aa0e : 00000000`00000000 40220000`00000000 00007ffd`05fd6f50 00000000`00000000 : nt!KiDispatchException+0x11eded
- fffff880`926bc1e0 fffff801`36586510 : 00000000`00000000 40220000`00000000 00007ffd`05fd6f50 c0000022`00000000 : nt!KiExceptionDispatch+0xce
- fffff880`926bc3c0 fffff801`364ecf92 : 00000000`00000000 40240000`00000000 00000000`00000000 fffff801`368c52cc : nt!KiGeneralProtectionFault+0x3d0
- fffff880`926bc550 fffff801`364327b3 : ffffae02`48c20de0 00000000`00000001 00000000`00000000 ffffae02`48d87000 : nt!KxWaitForLockOwnerShipWithIrql+0x12
- fffff880`926bc580 fffff801`3689cb76 : 00000000`00000001 ffffae02`48d87002 ffffae02`48d87030 00000000`00000001 : nt!ExReleaseResourceLite+0xe3
- fffff880`926bc5e0 fffff807`a76de3bf : ffffae02`48ce0bd0 ffffae02`48ce0bd0 ffffdb0f`b477e910 00000000`ffffffff : nt!SeUnlockSubjectContext+0x16
- fffff880`926bc610 fffff807`a76dd087 : ffffae02`48ce0bd0 fffff807`a782e070 00000000`00000000 fffff807`a76db000 : NTFS!NtfsAccessCheck+0xf9f
- fffff880`926bc830 fffff807`a76dcd88 : 00000000`00000000 ffffae02`48ce0bd0 00000000`00000000 00000000`00000000 : NTFS!NtfsCheckExistingFile+0xc7
- fffff880`926bc8d0 fffff807`a76dc371 : fffff880`9326eab0 00000000`00000000 00000000`00000001 ffffdb0f`00000024 : NTFS!NtfsOpenExistingAttr+0xe8
- fffff880`926bc990 fffff807`a76d9d64 : fffff880`9326eab0 ffffae02`48ce0bd0 ffffdb0f`b477ed30 00000000`00000024 : NTFS!NtfsOpenAttributeInExistingFile+0x131
- fffff880`926bcb70 fffff807`a76eac5e : ffffae02`46428018 ffffdb0f`b477e910 ffffdb0f`b477ed30 00000000`00000000 : NTFS!NtfsOpenExistingPrefixFcb+0x1e4
- fffff880`926bcc50 fffff807`a76e71e7 : ffffae02`46428018 ffffae02`48ce0bd0 00000000`00000000 fffff880`926bce90 : NTFS!NtfsFindStartingNode+0x44e
- fffff880`926bcd10 fffff807`a76e55fd : ffffae02`46428018 ffffae02`48ce0bd0 fffff880`9326eab0 00000000`00000001 : NTFS!NtfsCommonCreate+0x457
- fffff880`926bcf50 fffff801`3657af27 : fffff880`9326ea30 00000000`00000034 00000000`00000002 00000000`00000000 : NTFS!NtfsCommonCreateCallout+0x1d
- fffff880`926bcf80 fffff801`3657aeed : 00000000`00000012 ffffae02`48209040 fffff880`926bd000 fffff801`364787bd : nt!KxSwitchKernelStackCallout+0x27
- fffff880`9326e830 fffff801`364787bd : ffffae02`00000012 00000000`00000012 ffffae02`4882a980 fffff801`3641be2f : nt!KiSwitchKernelStackContinue
- fffff880`9326e850 fffff801`3647856a : fffff807`a76e55e0 fffff880`9326ea30 00000000`00000004 00000000`00000005 : nt!KiExpandKernelStackAndCalloutOnStackSegment+0x11d
- fffff880`9326e8c0 fffff801`3647840f : fffff880`9326ed40 fffff880`9326ea30 00000000`00000001 00000000`00000000 : nt!KiExpandKernelStackAndCalloutSwitchStack+0xba
- fffff880`9326e910 fffff801`364783cd : 00000000`00000000 ffffae02`48ce0bd0 ffffae02`46428018 00000000`00000000 : nt!KeExpandKernelStackAndCalloutInternal+0x2f
- fffff880`9326e960 fffff807`a76e5817 : ffffae02`46428018 fffff880`9326eab0 00000000`00000000 ffffae02`48ce0bd0 : nt!KeExpandKernelStackAndCalloutEx+0x1d
- fffff880`9326e9a0 fffff801`3641c2d9 : ffffae02`44276030 ffffae02`48ce0bd0 ffffae02`48371300 00000000`00000000 : NTFS!NtfsFsdCreate+0x1d7
- fffff880`9326ec10 fffff807`a6818773 : ffffae02`48ce0bd0 ffffae02`48371360 ffffae02`48ce0f70 fffff807`a6837060 : nt!IofCallDriver+0x59
- fffff880`9326ec50 fffff807`a684b57f : fffff880`9326ed00 fffff880`9326ed40 ffffae02`45c71800 00000000`00000000 : FLTMGR!FltpLegacyProcessingAfterPreCallbacksCompleted+0x1a3
- fffff880`9326ecc0 fffff801`3641c2d9 : ffffae02`47a16001 00000000`000000a5 00000000`00000060 ffffae02`486c4208 : FLTMGR!FltpCreate+0x2cf
- fffff880`9326ed70 fffff801`3687a152 : 00000000`000000a5 fffff880`9326f000 ffffae02`48371360 fffff880`00000989 : nt!IofCallDriver+0x59
- fffff880`9326edb0 fffff801`369615a7 : 00000000`00000005 ffffae02`47a16010 ae024829`0c90ffcf ffffae02`48290cc0 : nt!IopParseDevice+0x822
- fffff880`9326ef70 fffff801`36899da7 : fffff801`369614e0 fffff880`9326f0e0 ffffae02`48290c90 00000000`0000000c : nt!IopParseFile+0xc7
- fffff880`9326efe0 fffff801`36891480 : ffffae02`48d87000 fffff880`9326f238 ffffae02`00000240 ffffae02`44370dc0 : nt!ObpLookupObjectName+0x5b7
- fffff880`9326f1a0 fffff801`3688e72f : 00000000`00000001 00000000`00000000 fffff880`9326f788 fffff880`9326f850 : nt!ObOpenObjectByNameEx+0x1e0
- fffff880`9326f2e0 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!IopCreateFile+0x82f
- FOLLOWUP_IP:
- nt!KxWaitForLockOwnerShipWithIrql+12
- fffff801`364ecf92 48890a mov qword ptr [rdx],rcx
- SYMBOL_STACK_INDEX: 4
- SYMBOL_NAME: nt!KxWaitForLockOwnerShipWithIrql+12
- FOLLOWUP_NAME: MachineOwner
- MODULE_NAME: nt
- IMAGE_NAME: ntkrnlmp.exe
- DEBUG_FLR_IMAGE_TIMESTAMP: 5a5fb447
- STACK_COMMAND: .cxr 0xb60f41c2200f44 ; kb
- FAILURE_BUCKET_ID: X64_0x1e_c0000005_nt!KxWaitForLockOwnerShipWithIrql+12
- BUCKET_ID: X64_0x1e_c0000005_nt!KxWaitForLockOwnerShipWithIrql+12
- Followup: MachineOwner
- ---------
Add Comment
Please, Sign In to add comment