Created
February 20, 2017 13:17
-
-
Save vozersky/f8c395fb8ac66603ad2df2b5c07f4c98 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Microsoft (R) Windows Debugger Version 6.3.9600.17336 AMD64 | |
Copyright (c) Microsoft Corporation. All rights reserved. | |
Loading Dump File [C:\Users\user\Desktop\021117-11406-01.dmp] | |
Mini Kernel Dump File: Only registers and stack trace are available | |
************* Symbol Path validation summary ************** | |
Response Time (ms) Location | |
Deferred srv*c:\symbols*https://msdl.microsoft.com/download/symbols | |
Symbol search path is: srv*c:\symbols*https://msdl.microsoft.com/download/symbols | |
Executable search path is: | |
Windows 8 Kernel Version 14393 MP (8 procs) Free x64 | |
Product: WinNt, suite: TerminalServer SingleUserTS | |
Built by: 14393.693.amd64fre.rs1_release.161220-1747 | |
Machine Name: | |
Kernel base = 0xfffff802`21283000 PsLoadedModuleList = 0xfffff802`21588060 | |
Debug session time: Sat Feb 11 11:52:59.084 2017 (UTC + 3:00) | |
System Uptime: 0 days 9:35:17.947 | |
Loading Kernel Symbols | |
. | |
Press ctrl-c (cdb, kd, ntsd) or ctrl-break (windbg) to abort symbol loads that take too long. | |
Run !sym noisy before .reload to track down problems loading symbols. | |
.............................................................. | |
................................................................ | |
................................................................ | |
.......... | |
Loading User Symbols | |
Loading unloaded module list | |
............ | |
******************************************************************************* | |
* * | |
* Bugcheck Analysis * | |
* * | |
******************************************************************************* | |
Use !analyze -v to get detailed debugging information. | |
BugCheck 3B, {c0000005, fffff804c3d7d7f7, ffffa680de48b090, 0} | |
*** WARNING: Unable to verify timestamp for klwtp.sys | |
*** ERROR: Module load completed but symbols could not be loaded for klwtp.sys | |
Probably caused by : NETIO.SYS ( NETIO!StreamDataBlockEndOfStream+7 ) | |
Followup: MachineOwner | |
--------- | |
1: kd> !analyze -v | |
******************************************************************************* | |
* * | |
* Bugcheck Analysis * | |
* * | |
******************************************************************************* | |
SYSTEM_SERVICE_EXCEPTION (3b) | |
An exception happened while executing a system service routine. | |
Arguments: | |
Arg1: 00000000c0000005, Exception code that caused the bugcheck | |
Arg2: fffff804c3d7d7f7, Address of the instruction which caused the bugcheck | |
Arg3: ffffa680de48b090, Address of the context record for the exception that caused the bugcheck | |
Arg4: 0000000000000000, zero. | |
Debugging Details: | |
------------------ | |
EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - <Unable to get error code text> | |
FAULTING_IP: | |
NETIO!StreamDataBlockEndOfStream+7 | |
fffff804`c3d7d7f7 ff4154 inc dword ptr [rcx+54h] | |
CONTEXT: ffffa680de48b090 -- (.cxr 0xffffa680de48b090;r) | |
rax=0000000000001001 rbx=0000000000000000 rcx=0000000000000000 | |
rdx=ffffe205daaae8c0 rsi=ffffa680de48bec0 rdi=ffffa680de48bbf0 | |
rip=fffff804c3d7d7f7 rsp=ffffa680de48baa0 rbp=ffffa680de48bc31 | |
r8=ffffa680de48ba50 r9=0000000000000000 r10=fffff804c3d91ae0 | |
r11=ffffa680de48bae8 r12=0000000000000001 r13=ffffe205decdc301 | |
r14=ffffa680de48c340 r15=0000000000000004 | |
iopl=0 nv up ei ng nz na po nc | |
cs=0010 ss=0018 ds=002b es=002b fs=0053 gs=002b efl=00010286 | |
NETIO!StreamDataBlockEndOfStream+0x7: | |
fffff804`c3d7d7f7 ff4154 inc dword ptr [rcx+54h] ds:002b:00000000`00000054=???????? | |
Last set context: | |
rax=0000000000001001 rbx=0000000000000000 rcx=0000000000000000 | |
rdx=ffffe205daaae8c0 rsi=ffffa680de48bec0 rdi=ffffa680de48bbf0 | |
rip=fffff804c3d7d7f7 rsp=ffffa680de48baa0 rbp=ffffa680de48bc31 | |
r8=ffffa680de48ba50 r9=0000000000000000 r10=fffff804c3d91ae0 | |
r11=ffffa680de48bae8 r12=0000000000000001 r13=ffffe205decdc301 | |
r14=ffffa680de48c340 r15=0000000000000004 | |
iopl=0 nv up ei ng nz na po nc | |
cs=0010 ss=0018 ds=002b es=002b fs=0053 gs=002b efl=00010286 | |
NETIO!StreamDataBlockEndOfStream+0x7: | |
fffff804`c3d7d7f7 ff4154 inc dword ptr [rcx+54h] ds:002b:00000000`00000054=???????? | |
Resetting default scope | |
CUSTOMER_CRASH_COUNT: 1 | |
DEFAULT_BUCKET_ID: WIN8_DRIVER_FAULT | |
BUGCHECK_STR: 0x3B | |
PROCESS_NAME: avp.exe | |
CURRENT_IRQL: 0 | |
ANALYSIS_VERSION: 6.3.9600.17336 (debuggers(dbg).150226-1500) amd64fre | |
LAST_CONTROL_TRANSFER: from fffff804c3d5ed7c to fffff804c3d7d7f7 | |
STACK_TEXT: | |
ffffa680`de48baa0 fffff804`c3d5ed7c : ffffe205`dd34e2f0 ffffe205`dd34e2f0 00000000`00000000 ffffa680`de48bec0 : NETIO!StreamDataBlockEndOfStream+0x7 | |
ffffa680`de48baf0 fffff804`c3d3e3f6 : ffffe205`dd34e2f0 00000000`00000000 00000000`00000000 ffffe205`dd34e2f0 : NETIO! ?? ::FNODOBFM::`string'+0x731c | |
ffffa680`de48bb40 fffff804`c3d3d8b7 : ffffe205`d9980014 fffff804`c4641890 ffffe205`00000001 ffffe205`decdc310 : NETIO!StreamProcessCallout+0x68a | |
ffffa680`de48bc80 fffff804`c3d3d02e : ffffa680`de480014 ffffe205`decdc310 ffffe205`df0f6950 ffffa680`de48c340 : NETIO!ProcessCallout+0x6b7 | |
ffffa680`de48be00 fffff804`c3d3b1c3 : cc9f430e`484f99aa ffffa680`de48c040 00000000`00000000 00000000`0000002f : NETIO!ArbitrateAndEnforce+0x4ee | |
ffffa680`de48bf40 fffff804`c3d7bc65 : ffffe205`daae7380 fffff804`c3d40a95 8f15a42d`00000005 252571ce`00000040 : NETIO!KfdClassify+0x303 | |
ffffa680`de48c2f0 fffff804`c3d7b708 : 00000000`00000000 ffffa680`de48c491 00000000`00000000 00000000`00000000 : NETIO!StreamInternalClassify+0x109 | |
ffffa680`de48c410 fffff804`c3d78e25 : 00000000`00000014 ffffe205`df0f67a0 00000000`00000000 ffffe205`e318bb90 : NETIO!StreamInject+0x214 | |
ffffa680`de48c4e0 fffff804`c309683d : ffffe205`df0f67a0 00000000`00000180 00000000`00000000 fffff802`00000005 : NETIO!FwppStreamInject+0x135 | |
ffffa680`de48c570 fffff804`c467a0be : ffffe205`e0e3e780 ffffa680`de48c641 ffffe205`df414d18 00000000`00000000 : fwpkclnt!FwpsStreamInjectAsync0+0xfd | |
ffffa680`de48c5d0 ffffe205`e0e3e780 : ffffa680`de48c641 ffffe205`df414d18 00000000`00000000 00000000`00000180 : klwtp+0xa0be | |
ffffa680`de48c5d8 ffffa680`de48c641 : ffffe205`df414d18 00000000`00000000 00000000`00000180 00000000`00000014 : 0xffffe205`e0e3e780 | |
ffffa680`de48c5e0 ffffe205`df414d18 : 00000000`00000000 00000000`00000180 00000000`00000014 001f0003`00000005 : 0xffffa680`de48c641 | |
ffffa680`de48c5e8 00000000`00000000 : 00000000`00000180 00000000`00000014 001f0003`00000005 ffffe205`e318bb90 : 0xffffe205`df414d18 | |
FOLLOWUP_IP: | |
NETIO!StreamDataBlockEndOfStream+7 | |
fffff804`c3d7d7f7 ff4154 inc dword ptr [rcx+54h] | |
SYMBOL_STACK_INDEX: 0 | |
SYMBOL_NAME: NETIO!StreamDataBlockEndOfStream+7 | |
FOLLOWUP_NAME: MachineOwner | |
MODULE_NAME: NETIO | |
IMAGE_NAME: NETIO.SYS | |
DEBUG_FLR_IMAGE_TIMESTAMP: 57899b40 | |
IMAGE_VERSION: 10.0.14393.0 | |
STACK_COMMAND: .cxr 0xffffa680de48b090 ; kb | |
BUCKET_ID_FUNC_OFFSET: 7 | |
FAILURE_BUCKET_ID: 0x3B_NETIO!StreamDataBlockEndOfStream | |
BUCKET_ID: 0x3B_NETIO!StreamDataBlockEndOfStream | |
ANALYSIS_SOURCE: KM | |
FAILURE_ID_HASH_STRING: km:0x3b_netio!streamdatablockendofstream | |
FAILURE_ID_HASH: {2448eb81-e02a-68db-ec2c-67a93487a5c0} | |
Followup: MachineOwner | |
--------- | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment