-
-
Save vozersky/8b2e5013f154496192671bda65d1ba2a to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Microsoft (R) Windows Debugger Version 6.3.9600.17336 AMD64 | |
Copyright (c) Microsoft Corporation. All rights reserved. | |
Loading Dump File [D:\Downloads\Dumps\021117-34968-01.dmp] | |
Mini Kernel Dump File: Only registers and stack trace are available | |
************* Symbol Path validation summary ************** | |
Response Time (ms) Location | |
Deferred srv*c:\symbols*https://msdl.microsoft.com/download/symbols | |
Symbol search path is: srv*c:\symbols*https://msdl.microsoft.com/download/symbols | |
Executable search path is: | |
Windows 8 Kernel Version 14393 MP (4 procs) Free x64 | |
Product: WinNt, suite: TerminalServer SingleUserTS | |
Built by: 14393.693.amd64fre.rs1_release.161220-1747 | |
Machine Name: | |
Kernel base = 0xfffff801`2a877000 PsLoadedModuleList = 0xfffff801`2ab7c060 | |
Debug session time: Sat Feb 11 05:16:43.158 2017 (UTC + 3:00) | |
System Uptime: 0 days 11:01:22.925 | |
Loading Kernel Symbols | |
............................................................... | |
................................................................ | |
................................................................ | |
.................... | |
Loading User Symbols | |
Loading unloaded module list | |
................................... | |
******************************************************************************* | |
* * | |
* Bugcheck Analysis * | |
* * | |
******************************************************************************* | |
Use !analyze -v to get detailed debugging information. | |
BugCheck 3B, {c0000005, fffff8036116e01a, ffffc380873230b0, 0} | |
*** WARNING: Unable to verify timestamp for klwtp.sys | |
*** ERROR: Module load completed but symbols could not be loaded for klwtp.sys | |
Probably caused by : NETIO.SYS ( NETIO!StreamProcessCallout+2ae ) | |
Followup: MachineOwner | |
--------- | |
0: kd> !analyze -v | |
******************************************************************************* | |
* * | |
* Bugcheck Analysis * | |
* * | |
******************************************************************************* | |
SYSTEM_SERVICE_EXCEPTION (3b) | |
An exception happened while executing a system service routine. | |
Arguments: | |
Arg1: 00000000c0000005, Exception code that caused the bugcheck | |
Arg2: fffff8036116e01a, Address of the instruction which caused the bugcheck | |
Arg3: ffffc380873230b0, Address of the context record for the exception that caused the bugcheck | |
Arg4: 0000000000000000, zero. | |
Debugging Details: | |
------------------ | |
EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - <Unable to get error code text> | |
FAULTING_IP: | |
NETIO!StreamProcessCallout+2ae | |
fffff803`6116e01a 837f5003 cmp dword ptr [rdi+50h],3 | |
CONTEXT: ffffc380873230b0 -- (.cxr 0xffffc380873230b0;r) | |
rax=fffff803611c1000 rbx=ffffad845fe8ebe0 rcx=fffff803611c1ae0 | |
rdx=ffffad845f3bea70 rsi=0000000000000000 rdi=0000000000000000 | |
rip=fffff8036116e01a rsp=ffffc38087323ac0 rbp=ffffc38087323bb1 | |
r8=fffff803611c1ae0 r9=ffffad846a1a4550 r10=fffff803611c1ae0 | |
r11=000000000001ae2a r12=0000000000000001 r13=ffffad8462fa8901 | |
r14=ffffc380873242c0 r15=0000000000000000 | |
iopl=0 nv up ei pl zr na po nc | |
cs=0010 ss=0018 ds=002b es=002b fs=0053 gs=002b efl=00010246 | |
NETIO!StreamProcessCallout+0x2ae: | |
fffff803`6116e01a 837f5003 cmp dword ptr [rdi+50h],3 ds:002b:00000000`00000050=???????? | |
Last set context: | |
rax=fffff803611c1000 rbx=ffffad845fe8ebe0 rcx=fffff803611c1ae0 | |
rdx=ffffad845f3bea70 rsi=0000000000000000 rdi=0000000000000000 | |
rip=fffff8036116e01a rsp=ffffc38087323ac0 rbp=ffffc38087323bb1 | |
r8=fffff803611c1ae0 r9=ffffad846a1a4550 r10=fffff803611c1ae0 | |
r11=000000000001ae2a r12=0000000000000001 r13=ffffad8462fa8901 | |
r14=ffffc380873242c0 r15=0000000000000000 | |
iopl=0 nv up ei pl zr na po nc | |
cs=0010 ss=0018 ds=002b es=002b fs=0053 gs=002b efl=00010246 | |
NETIO!StreamProcessCallout+0x2ae: | |
fffff803`6116e01a 837f5003 cmp dword ptr [rdi+50h],3 ds:002b:00000000`00000050=???????? | |
Resetting default scope | |
CUSTOMER_CRASH_COUNT: 1 | |
DEFAULT_BUCKET_ID: WIN8_DRIVER_FAULT | |
BUGCHECK_STR: 0x3B | |
PROCESS_NAME: avp.exe | |
CURRENT_IRQL: 0 | |
ANALYSIS_VERSION: 6.3.9600.17336 (debuggers(dbg).150226-1500) amd64fre | |
LAST_CONTROL_TRANSFER: from fffff8036116d8b7 to fffff8036116e01a | |
STACK_TEXT: | |
ffffc380`87323ac0 fffff803`6116d8b7 : ffffad84`5f790014 fffff803`635bb5d4 ffffad84`00000002 ffffad84`62fa8900 : NETIO!StreamProcessCallout+0x2ae | |
ffffc380`87323c00 fffff803`6116d02e : 00000000`00000014 ffffad84`62fa8900 ffffad84`6af26b10 ffffc380`873242c0 : NETIO!ProcessCallout+0x6b7 | |
ffffc380`87323d80 fffff803`6116b1c3 : f4c523ee`c76f7f64 ffffc380`87323fc0 00000000`00000000 00010101`011fffff : NETIO!ArbitrateAndEnforce+0x4ee | |
ffffc380`87323ec0 fffff803`611abc65 : ffffad84`603fee40 fffff803`61170a95 00000000`00000005 00000000`00000002 : NETIO!KfdClassify+0x303 | |
ffffc380`87324270 fffff803`611ab708 : 00000000`00000000 ffffc380`87324411 00000000`00000000 00000000`00000000 : NETIO!StreamInternalClassify+0x109 | |
ffffc380`87324390 fffff803`611a8e25 : 00000000`00000014 ffffad84`6af26960 00000000`00000000 ffffad84`5f8eab50 : NETIO!StreamInject+0x214 | |
ffffc380`87324460 fffff803`6141683d : ffffad84`6af26960 00000000`00000168 00000000`00000000 fffff801`00000005 : NETIO!FwppStreamInject+0x135 | |
ffffc380`873244f0 fffff803`635ba0be : ffffad84`71365500 ffffc380`873245c1 ffffad84`5fb35ed8 00000000`00000000 : fwpkclnt!FwpsStreamInjectAsync0+0xfd | |
ffffc380`87324550 ffffad84`71365500 : ffffc380`873245c1 ffffad84`5fb35ed8 00000000`00000000 00000000`00000168 : klwtp+0xa0be | |
ffffc380`87324558 ffffc380`873245c1 : ffffad84`5fb35ed8 00000000`00000000 00000000`00000168 00000000`00000014 : 0xffffad84`71365500 | |
ffffc380`87324560 ffffad84`5fb35ed8 : 00000000`00000000 00000000`00000168 00000000`00000014 001f0003`00000005 : 0xffffc380`873245c1 | |
ffffc380`87324568 00000000`00000000 : 00000000`00000168 00000000`00000014 001f0003`00000005 ffffad84`5f8eab50 : 0xffffad84`5fb35ed8 | |
FOLLOWUP_IP: | |
NETIO!StreamProcessCallout+2ae | |
fffff803`6116e01a 837f5003 cmp dword ptr [rdi+50h],3 | |
SYMBOL_STACK_INDEX: 0 | |
SYMBOL_NAME: NETIO!StreamProcessCallout+2ae | |
FOLLOWUP_NAME: MachineOwner | |
MODULE_NAME: NETIO | |
IMAGE_NAME: NETIO.SYS | |
DEBUG_FLR_IMAGE_TIMESTAMP: 57899b40 | |
IMAGE_VERSION: 10.0.14393.0 | |
STACK_COMMAND: .cxr 0xffffc380873230b0 ; kb | |
BUCKET_ID_FUNC_OFFSET: 2ae | |
FAILURE_BUCKET_ID: 0x3B_NETIO!StreamProcessCallout | |
BUCKET_ID: 0x3B_NETIO!StreamProcessCallout | |
ANALYSIS_SOURCE: KM | |
FAILURE_ID_HASH_STRING: km:0x3b_netio!streamprocesscallout | |
FAILURE_ID_HASH: {12d5d042-1527-3ed4-7567-edbc67fa5418} | |
Followup: MachineOwner | |
--------- | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment