API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Jan 17th, 2020
122
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 10.41 KB | None | 0 0
raw download clone embed print report
  1.  
  2. Microsoft (R) Windows Debugger Version 10.0.19528.1000 AMD64
  3. Copyright (c) Microsoft Corporation. All rights reserved.
  4.  
  5.  
  6. Loading Dump File [C:\Windows\MEMORY.DMP]
  7. Kernel Bitmap Dump File: Full address space is available
  8.  
  9. Symbol search path is: srv*
  10. Executable search path is:
  11. Windows 10 Kernel Version 18362 MP (4 procs) Free x64
  12. Product: WinNt, suite: TerminalServer SingleUserTS
  13. 18362.1.amd64fre.19h1_release.190318-1202
  14. Machine Name:
  15. Kernel base = 0xfffff801`44600000 PsLoadedModuleList = 0xfffff801`44a48150
  16. Debug session time: Fri Jan 17 23:55:11.684 2020 (UTC + 1:00)
  17. System Uptime: 0 days 0:03:54.379
  18. Loading Kernel Symbols
  19. ...............................................................
  20. ................................................................
  21. ....................................................
  22. Loading User Symbols
  23. PEB is paged out (Peb.Ldr = 00000092`d2ee5018). Type ".hh dbgerr001" for details
  24. Loading unloaded module list
  25. ...........
  26. For analysis of this file, run !analyze -v
  27. nt!KeBugCheckEx:
  28. fffff801`447c14e0 48894c2408 mov qword ptr [rsp+8],rcx ss:fffff801`486e4d10=000000000000007f
  29. 0: kd> !analyze -v
  30. *******************************************************************************
  31. * *
  32. * Bugcheck Analysis *
  33. * *
  34. *******************************************************************************
  35.  
  36. UNEXPECTED_KERNEL_MODE_TRAP (7f)
  37. This means a trap occurred in kernel mode, and it's a trap of a kind
  38. that the kernel isn't allowed to have/catch (bound trap) or that
  39. is always instant death (double fault). The first number in the
  40. bugcheck params is the number of the trap (8 = double fault, etc)
  41. Consult an Intel x86 family manual to learn more about what these
  42. traps are. Here is a *portion* of those codes:
  43. If kv shows a taskGate
  44. use .tss on the part before the colon, then kv.
  45. Else if kv shows a trapframe
  46. use .trap on that value
  47. Else
  48. .trap on the appropriate frame will show where the trap was taken
  49. (on x86, this will be the ebp that goes with the procedure KiTrap)
  50. Endif
  51. kb will then show the corrected stack.
  52. Arguments:
  53. Arg1: 0000000000000008, EXCEPTION_DOUBLE_FAULT
  54. Arg2: fffff801486e4e50
  55. Arg3: fffffa028f750ff0
  56. Arg4: fffff801448d302b
  57.  
  58. Debugging Details:
  59. ------------------
  60.  
  61.  
  62. KEY_VALUES_STRING: 1
  63.  
  64. Key : Analysis.CPU.Sec
  65. Value: 3
  66.  
  67. Key : Analysis.DebugAnalysisProvider.CPP
  68. Value: Create: 8007007e on DESKTOP-BFIN3BM
  69.  
  70. Key : Analysis.DebugData
  71. Value: CreateObject
  72.  
  73. Key : Analysis.DebugModel
  74. Value: CreateObject
  75.  
  76. Key : Analysis.Elapsed.Sec
  77. Value: 19
  78.  
  79. Key : Analysis.Memory.CommitPeak.Mb
  80. Value: 79
  81.  
  82. Key : Analysis.System
  83. Value: CreateObject
  84.  
  85.  
  86. ADDITIONAL_XML: 1
  87.  
  88. BUGCHECK_CODE: 7f
  89.  
  90. BUGCHECK_P1: 8
  91.  
  92. BUGCHECK_P2: fffff801486e4e50
  93.  
  94. BUGCHECK_P3: fffffa028f750ff0
  95.  
  96. BUGCHECK_P4: fffff801448d302b
  97.  
  98. TRAP_FRAME: fffff801486e4e50 -- (.trap 0xfffff801486e4e50)
  99. NOTE: The trap frame does not contain all registers.
  100. Some register values may be zeroed or incorrect.
  101. rax=fffffa028f751018 rbx=0000000000000000 rcx=fffffa028f750000
  102. rdx=0000000000000000 rsi=0000000000000000 rdi=0000000000000000
  103. rip=fffff801448d302b rsp=fffffa028f750ff0 rbp=fffffa028f7510b9
  104. r8=000000000000000e r9=0000000000000000 r10=fffffa028f750000
  105. r11=fffffa028f750000 r12=0000000000000000 r13=0000000000000000
  106. r14=0000000000000000 r15=0000000000000000
  107. iopl=0 nv up ei ng nz na po nc
  108. nt!MiGenerateAccessViolation+0x1f:
  109. fffff801`448d302b e800f8d6ff call nt!MiDeterminePoolType (fffff801`44642830)
  110. Resetting default scope
  111.  
  112. PROCESS_NAME: conhost.exe
  113.  
  114. STACK_OVERFLOW: Stack Limit: fffffa028f751000. Use (kF) and (!stackusage) to investigate stack usage.
  115.  
  116. STACKUSAGE_FUNCTION: The function at address 0xfffff80151659430 was blamed for the stack overflow. It is using 8400 bytes of stack.
  117.  
  118. STACK_TEXT:
  119. fffffa02`8f750ff0 fffff801`447e35b2 : fffffa02`8f750000 fffffa02`8f7510b9 00000000`00000000 fffffa02`8f7511e0 : nt!MiGenerateAccessViolation+0x1f
  120. fffffa02`8f751020 fffff801`44672eef : fefefefe`fefefefe 00000000`00000000 00000000`00000000 fffffa02`8f750000 : nt!MiSystemFault+0x1d6842
  121. fffffa02`8f751120 fffff801`447cf520 : fefefefe`fefefefe fefefefe`fefefefe fffffa02`8f7528b0 fefefefe`fefefefe : nt!MmAccessFault+0x34f
  122. fffffa02`8f7512c0 fffff801`447c9f16 : 00000000`00000000 00000000`0010000b fffff801`446c505a fffffa02`8f752678 : nt!KiPageFault+0x360
  123. fffffa02`8f751458 fffff801`446c505a : fffffa02`8f752678 00000000`00000000 fefefefe`00000003 fefefefe`000004d0 : nt!_chkstk+0x36
  124. fffffa02`8f751470 fffff801`4479c59f : fffff801`449e7e70 fffffa02`00000001 fffffa02`8f7528b0 fffffa02`8f757000 : nt!RtlUnwindEx+0xfa
  125. fffffa02`8f7516a0 fffff801`447ca312 : fffffa02`8f7528b0 fffffa02`8f751c80 00000000`00000000 00000000`0010001f : nt!_C_specific_handler+0xef
  126. fffffa02`8f751710 fffff801`446c2fa5 : fffffa02`8f752678 00000000`00000000 fffffa02`8f751c80 00007fff`ffff0000 : nt!RtlpExecuteHandlerForException+0x12
  127. fffffa02`8f751740 fffff801`446c753e : fffffa02`8f752678 fffffa02`8f7523c0 fffffa02`8f752678 00000000`00000000 : nt!RtlDispatchException+0x4a5
  128. fffffa02`8f751e90 fffff801`447d341d : ffffab8b`8e288640 fffff801`44674ef6 ffffd269`349a4000 00007ff5`aca53000 : nt!KiDispatchException+0x16e
  129. fffffa02`8f752540 fffff801`447cf605 : ffffab8b`8e288580 00000000`000000ff 80000000`00000000 ffffe280`551deb10 : nt!KiExceptionDispatch+0x11d
  130. fffffa02`8f752720 fffff801`4471fadb : ffffd23f`fad65298 ffffab8b`8e288580 00000000`00000000 00000000`00000000 : nt!KiPageFault+0x445
  131. fffffa02`8f7528b0 fffff801`446aa1e5 : ffffd23f`fad65298 ffffffff`00000018 00000000`00000000 ffffffff`00000420 : nt!MiMakeProtoLeafValid+0xaf
  132. fffffa02`8f752940 fffff801`44c5780b : 00007ff5`aca53000 ffffab8b`8fd71b60 ffff8481`00000f00 00000000`00000000 : nt!MiSplitPrivatePage+0x365
  133. fffffa02`8f752a20 fffff801`44c5732c : ffffab8b`8fd71b88 00007ff5`aca52c00 00000000`00000440 00007ff5`aca52c00 : nt!MiCopyToCfgBitMap+0x48b
  134. fffffa02`8f752b00 fffff801`44c56718 : ffffd23f`ff3ac578 00000000`00000000 00007ffe`758c1000 fffff801`446a578f : nt!MiPopulateCfgBitMap+0xbc
  135. fffffa02`8f752bb0 fffff801`44c22670 : ffffab8b`8e288580 00000000`00000000 ffffab8b`8e288640 fffff801`4462c700 : nt!MiMarkPrivateOpenCfgBits+0x30
  136. fffffa02`8f752bf0 fffff801`44c22547 : ffffab8b`8fe26400 fffff801`44639c1d 00000000`00000000 fffff801`4468d2c6 : nt!MiMarkProcessCfgBits+0x44
  137. fffffa02`8f752c20 fffff801`44bd784f : 00000000`00000002 fffffa02`8f752d21 ffffab8b`8f5ddde0 fffffa02`00000000 : nt!MiCommitVadCfgBits+0x16f
  138. fffffa02`8f752ca0 fffff801`44c57d26 : fffffa02`8f752f98 00000000`00000000 fffffa02`00000006 fefefefe`00000001 : nt!MiReserveUserMemory+0x42f
  139. fffffa02`8f752d80 fffff801`44c50c66 : 00007ffe`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!MiAllocateVirtualMemory+0x316
  140. fffffa02`8f752f10 fffff801`447d2d18 : ffffffff`8000376c ffffab8b`8fe26080 00000000`00000000 fffffa02`8f7532d8 : nt!NtAllocateVirtualMemory+0x196
  141. fffffa02`8f7530b0 fffff801`447c5320 : fffff801`51657b76 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x28
  142. fffffa02`8f7532b8 fffff801`51657b76 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiServiceLinkage
  143. fffffa02`8f7532c0 fffff801`51659430 : ffffffff`8000376c 00000000`00002000 00007ffe`7575f7e0 00000000`00000000 : networktunnelx64+0x7b76
  144. fffffa02`8f753340 fffff801`51659a1e : ffffffff`8000376c ffffe280`57360db8 00000000`00000002 ffffab8b`8e288080 : networktunnelx64+0x9430
  145. fffffa02`8f755410 fffff801`5165b5ea : ffffffff`8000376c ffffe280`57360db8 00000000`00000010 00000000`00000082 : networktunnelx64+0x9a1e
  146. fffffa02`8f755440 fffff801`5165b6ad : ffffffff`8000376c fffff801`52228601 00000000`00002a90 ffffab8b`8e288080 : networktunnelx64+0xb5ea
  147. fffffa02`8f7554d0 fffff801`516512d6 : 00000000`00002a90 00000000`0000000a 00000000`00000000 00000000`00000001 : networktunnelx64+0xb6ad
  148. fffffa02`8f755510 fffff801`44bcd9d8 : 00000000`00002a88 00000000`00002a90 ffffab8b`8e6d6f01 ffffab8b`8e288080 : networktunnelx64+0x12d6
  149. fffffa02`8f755540 fffff801`44c5da9c : ffffffff`00000000 fffffa02`8f756330 fffffa02`8f755c01 ffffab8b`8e962b70 : nt!PspCallProcessNotifyRoutines+0x254
  150. fffffa02`8f755610 fffff801`44c2fba4 : ffffab8b`8fe29080 ffffab8b`8e288080 fffffa02`8f755dd0 fffffa02`8f755c90 : nt!PspInsertThread+0x5e8
  151. fffffa02`8f755700 fffff801`447d2d18 : 00000000`00000000 ffffab8b`872a87a0 ffffe280`52e09d40 00000001`8f7564e0 : nt!NtCreateUserProcess+0x964
  152. fffffa02`8f7563b0 fffff801`447c5320 : fffff801`5377ad4f 00000000`00000000 00000000`00002a88 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x28
  153. fffffa02`8f7565b8 fffff801`5377ad4f : 00000000`00000000 00000000`00002a88 00000000`00000000 fffffa02`8f756630 : nt!KiServiceLinkage
  154. fffffa02`8f7565c0 fffff801`5377a921 : 00000000`00000001 00000000`00000000 fffffa02`8f756b80 00007ffe`00000000 : condrv!CdpCreateProcess+0x14f
  155. fffffa02`8f756770 fffff801`53778ad7 : ffffab8b`8e28a080 00000000`00000730 ffffab8b`872f14e0 00000000`007039e0 : condrv!CdpLaunchServerProcess+0x171
  156. fffffa02`8f756870 fffff801`5377ae0d : 00000000`007039e0 fffff801`5377adb0 ffffab8b`8e964ab0 00000000`00000000 : condrv!CdpServerFastIoctl+0x167
  157. fffffa02`8f7568b0 fffff801`44be8efb : 00000000`00000088 fffffa02`8f756b00 ffffab8b`8e28a580 ffffab8b`8e964ab0 : condrv!CdpFastIoDeviceControl+0x5d
  158. fffffa02`8f756900 fffff801`44be87c6 : 00007ffe`7571bc00 00000000`00000000 00000000`00000001 00000000`00000000 : nt!IopXxxControlFile+0x71b
  159. fffffa02`8f756a20 fffff801`447d2d18 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`0012019f : nt!NtDeviceIoControlFile+0x56
  160. fffffa02`8f756a90 00007ffe`7575c1a4 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x28
  161. 00000000`001ee098 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x00007ffe`7575c1a4
  162.  
  163.  
  164. STACK_COMMAND: .trap 0xfffff801486e4e50 ; kb
  165.  
  166. SYMBOL_NAME: networktunnelx64+9430
  167.  
  168. IMAGE_NAME: networktunnelx64.sys
  169.  
  170. MODULE_NAME: networktunnelx64
  171.  
  172. BUCKET_ID_FUNC_OFFSET: 9430
  173.  
  174. FAILURE_BUCKET_ID: 0x7f_8_STACK_USAGE_networktunnelx64!unknown_function
  175.  
  176. OS_VERSION: 10.0.18362.1
  177.  
  178. BUILDLAB_STR: 19h1_release
  179.  
  180. OSPLATFORM_TYPE: x64
  181.  
  182. OSNAME: Windows 10
  183.  
  184. FAILURE_ID_HASH: {40c7ef30-43b9-8995-cd28-4273c4c8586d}
  185.  
  186. Followup: MachineOwner
  187. ---------
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!