Skip to content

Instantly share code, notes, and snippets.

@vozersky vozersky/ 013117-10312-01 Secret
Created Feb 1, 2017

Embed
What would you like to do?
----------
- *
- Bugcheck Analysis *
- *
----------
SYSTEM_SERVICE_EXCEPTION (3b)
An exception happened while executing a system service routine.
Arguments:
Arg1: 00000000c0000005, Exception code that caused the bugcheck
Arg2: fffff806d478f417, Address of the instruction which caused the bugcheck
Arg3: ffffae019648a090, Address of the context record for the exception that caused the bugcheck
Arg4: 0000000000000000, zero.
Debugging Details:
EXCEPTION_CODE: (NTSTATUS) 0xc0000005 -
FAULTING_IP:
NETIO!StreamDataPermitEndOfStream+7
fffff806`d478f417 c7415003000000 mov dword ptr [rcx+50h],3
CONTEXT: ffffae019648a090 -- (.cxr 0xffffae019648a090;r)
rax=0000000000002006 rbx=0000000000000000 rcx=0000000000000000
rdx=ffffda0e30c6d820 rsi=ffffae019648aec0 rdi=ffffae019648abf0
rip=fffff806d478f417 rsp=ffffae019648aaa0 rbp=ffffae019648ac31
r8=ffffae019648aa50 r9=0000000000000000 r10=fffff806d47e1ae0
r11=0000000000029b5f r12=0000000000000001 r13=ffffda0e37f74c01
r14=ffffae019648b340 r15=0000000000000004
iopl=0 nv up ei ng nz na po nc
cs=0010 ss=0018 ds=002b es=002b fs=0053 gs=002b efl=00010286
NETIO!StreamDataPermitEndOfStream+0x7:
fffff806`d478f417 c7415003000000 mov dword ptr [rcx+50h],3 ds:002b:00000000`00000050=????????
Last set context:
rax=0000000000002006 rbx=0000000000000000 rcx=0000000000000000
rdx=ffffda0e30c6d820 rsi=ffffae019648aec0 rdi=ffffae019648abf0
rip=fffff806d478f417 rsp=ffffae019648aaa0 rbp=ffffae019648ac31
r8=ffffae019648aa50 r9=0000000000000000 r10=fffff806d47e1ae0
r11=0000000000029b5f r12=0000000000000001 r13=ffffda0e37f74c01
r14=ffffae019648b340 r15=0000000000000004
iopl=0 nv up ei ng nz na po nc
cs=0010 ss=0018 ds=002b es=002b fs=0053 gs=002b efl=00010286
NETIO!StreamDataPermitEndOfStream+0x7:
fffff806`d478f417 c7415003000000 mov dword ptr [rcx+50h],3 ds:002b:00000000`00000050=????????
Resetting default scope
CUSTOMER_CRASH_COUNT: 1
DEFAULT_BUCKET_ID: WIN8_DRIVER_FAULT
BUGCHECK_STR: 0x3B
PROCESS_NAME: avp.exe
CURRENT_IRQL: 0
ANALYSIS_VERSION: 6.3.9600.17336 (debuggers(dbg).150226-1500) amd64fre
LAST_CONTROL_TRANSFER: from fffff806d478f3e0 to fffff806d478f417
STACK_TEXT:
ffffae01`9648aaa0 fffff806`d478f3e0 : ffffda0e`3792e010 ffffda0e`3792e010 00000000`00000000 ffffae01`9648aec0 : NETIO!StreamDataPermitEndOfStream+0x7
ffffae01`9648aaf0 fffff806`d478e3f6 : ffffda0e`3792e010 00000000`00000000 00000000`00000000 ffffda0e`3792e010 : NETIO!StreamCalloutProcessDisconnect+0x54
ffffae01`9648ab40 fffff806`d478d8b7 : ffffda0e`2fb60014 fffff806`d513b5d4 ffffda0e`00000002 ffffda0e`37f74cf0 : NETIO!StreamProcessCallout+0x68a
ffffae01`9648ac80 fffff806`d478d02e : 00000000`00000014 ffffda0e`37f74cf0 ffffda0e`39fcbd90 ffffae01`9648b340 : NETIO!ProcessCallout+0x6b7
ffffae01`9648ae00 fffff806`d478b1c3 : e125896c`8c57919d ffffae01`9648b040 00000000`00000000 00010101`011fffff : NETIO!ArbitrateAndEnforce+0x4ee
ffffae01`9648af40 fffff806`d47cbc65 : ffffda0e`30c64280 fffff806`d4790a95 65ce5304`00000005 7c827d25`00000020 : NETIO!KfdClassify+0x303
ffffae01`9648b2f0 fffff806`d47cb708 : 00000000`00000000 ffffae01`9648b491 00000000`00000000 00000000`00000000 : NETIO!StreamInternalClassify+0x109
ffffae01`9648b410 fffff806`d47c8e25 : 00000000`00000014 ffffda0e`39fcbbe0 00000000`00000000 ffffda0e`33a8db00 : NETIO!StreamInject+0x214
ffffae01`9648b4e0 fffff806`d3ec683d : ffffda0e`39fcbbe0 00000000`00000180 00000000`00000000 fffff803`00000005 : NETIO!FwppStreamInject+0x135
ffffae01`9648b570 fffff806`d513a0be : ffffda0e`38881010 ffffae01`9648b641 ffffda0e`395cc048 00000000`00000000 : fwpkclnt!FwpsStreamInjectAsync0+0xfd
ffffae01`9648b5d0 ffffda0e`38881010 : ffffae01`9648b641 ffffda0e`395cc048 00000000`00000000 00000000`00000180 : klwtp+0xa0be
ffffae01`9648b5d8 ffffae01`9648b641 : ffffda0e`395cc048 00000000`00000000 00000000`00000180 00000000`00000014 : 0xffffda0e`38881010`
ffffae019648b5e0 ffffda0e395cc048 : 0000000000000000 0000000000000180 0000000000000014 001f000300000005 : 0xffffae019648b641
ffffae01`9648b5e8 00000000`00000000 : 00000000`00000180 00000000`00000014 001f0003`00000005 ffffda0e`33a8db00 : 0xffffda0e`395cc048
FOLLOWUP_IP:
NETIO!StreamDataPermitEndOfStream+7
fffff806`d478f417 c7415003000000 mov dword ptr [rcx+50h],3
SYMBOL_STACK_INDEX: 0
SYMBOL_NAME: NETIO!StreamDataPermitEndOfStream+7
FOLLOWUP_NAME: MachineOwner
MODULE_NAME: NETIO
IMAGE_NAME: NETIO.SYS
DEBUG_FLR_IMAGE_TIMESTAMP: 57899b40
IMAGE_VERSION: 10.0.14393.0
STACK_COMMAND: .cxr 0xffffae019648a090 ; kb
BUCKET_ID_FUNC_OFFSET: 7
FAILURE_BUCKET_ID: 0x3B_NETIO!StreamDataPermitEndOfStream
BUCKET_ID: 0x3B_NETIO!StreamDataPermitEndOfStream
ANALYSIS_SOURCE: KM
FAILURE_ID_HASH_STRING: km:0x3b_netio!streamdatapermitendofstream
FAILURE_ID_HASH: {6c1c09e8-0d2e-25c2-c813-aa46ea2bd6f1}
Followup: MachineOwner
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.