Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Microsoft (R) Windows Debugger Version 10.0.19528.1000 AMD64
- Copyright (c) Microsoft Corporation. All rights reserved.
- Loading Dump File [C:\Windows\Minidump\042620-6859-01.dmp]
- Mini Kernel Dump File: Only registers and stack trace are available
- ************* Path validation summary **************
- Response Time (ms) Location
- Deferred srv*
- Symbol search path is: srv*
- Executable search path is:
- Windows 10 Kernel Version 19536 MP (6 procs) Free x64
- Product: WinNt, suite: TerminalServer SingleUserTS
- 19536.1000.amd64fre.rs_prerelease.191211-1446
- Machine Name:
- Kernel base = 0xfffff804`80000000 PsLoadedModuleList = 0xfffff804`80c2a5d0
- Debug session time: Sun Apr 26 22:41:47.426 2020 (UTC + 3:00)
- System Uptime: 0 days 1:24:41.150
- Loading Kernel Symbols
- ...............................................................
- ................................................................
- ................................................................
- ........
- Loading User Symbols
- Loading unloaded module list
- ...........
- For analysis of this file, run !analyze -v
- nt!KeBugCheckEx:
- fffff804`80413bb0 48894c2408 mov qword ptr [rsp+8],rcx ss:0018:ffffa083`7fe987a0=000000000000003b
- 5: kd> !analyze -v
- *******************************************************************************
- * *
- * Bugcheck Analysis *
- * *
- *******************************************************************************
- SYSTEM_SERVICE_EXCEPTION (3b)
- An exception happened while executing a system service routine.
- Arguments:
- Arg1: 00000000c0000005, Exception code that caused the bugcheck
- Arg2: ffff8152aa14070e, Address of the instruction which caused the bugcheck
- Arg3: ffffa0837fe990a0, Address of the context record for the exception that caused the bugcheck
- Arg4: 0000000000000000, zero.
- Debugging Details:
- ------------------
- KEY_VALUES_STRING: 1
- Key : Analysis.CPU.Sec
- Value: 6
- Key : Analysis.DebugAnalysisProvider.CPP
- Value: Create: 8007007e on DESKTOP-AJD
- Key : Analysis.DebugData
- Value: CreateObject
- Key : Analysis.DebugModel
- Value: CreateObject
- Key : Analysis.Elapsed.Sec
- Value: 41
- Key : Analysis.Memory.CommitPeak.Mb
- Value: 77
- Key : Analysis.System
- Value: CreateObject
- ADDITIONAL_XML: 1
- BUGCHECK_CODE: 3b
- BUGCHECK_P1: c0000005
- BUGCHECK_P2: ffff8152aa14070e
- BUGCHECK_P3: ffffa0837fe990a0
- BUGCHECK_P4: 0
- CONTEXT: ffffa0837fe990a0 -- (.cxr 0xffffa0837fe990a0)
- rax=0000000000000000 rbx=0000000000000000 rcx=ffff900a9e2d7080
- rdx=0000000000000001 rsi=0000000057010a0e rdi=0000000057010a0e
- rip=ffff8152aa14070e rsp=ffffa0837fe99aa0 rbp=ffffa0837fe99b80
- r8=0000000000000000 r9=0000000000000000 r10=fffff80480281f90
- r11=ffffa0837fe999d0 r12=ffffffffd7010a2e r13=ffffffffd7010a2e
- r14=ffffffffd7010a2e r15=0000000000040906
- iopl=0 nv up ei ng nz na po nc
- cs=0010 ss=0018 ds=002b es=002b fs=0053 gs=002b efl=00010286
- win32kfull!NtUserWindowFromDC+0x2e:
- ffff8152`aa14070e 488b18 mov rbx,qword ptr [rax] ds:002b:00000000`00000000=????????????????
- Resetting default scope
- BLACKBOXBSD: 1 (!blackboxbsd)
- BLACKBOXNTFS: 1 (!blackboxntfs)
- BLACKBOXPNP: 1 (!blackboxpnp)
- BLACKBOXWINLOGON: 1
- CUSTOMER_CRASH_COUNT: 1
- PROCESS_NAME: Illustrator.exe
- STACK_TEXT:
- ffffa083`7fe99aa0 ffff8152`aad58c91 : ffff900a`9e2d7080 00000057`932ff740 ffffa083`7fe99b18 00000000`00000000 : win32kfull!NtUserWindowFromDC+0x2e
- ffffa083`7fe99ad0 fffff804`80425578 : ffff900a`9e2d7080 000001fe`c1dcca68 ffffa083`7fe99b18 ffffffff`fff0bdc0 : win32k!NtUserWindowFromDC+0x15
- ffffa083`7fe99b00 00007ffb`223cb444 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x28
- 00000057`932ff6a8 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x00007ffb`223cb444
- SYMBOL_NAME: win32kfull!NtUserWindowFromDC+2e
- MODULE_NAME: win32kfull
- IMAGE_NAME: win32kfull.sys
- IMAGE_VERSION: 10.0.19536.1000
- STACK_COMMAND: .cxr 0xffffa0837fe990a0 ; kb
- BUCKET_ID_FUNC_OFFSET: 2e
- FAILURE_BUCKET_ID: 0x3B_c0000005_win32kfull!NtUserWindowFromDC
- OS_VERSION: 10.0.19536.1000
- BUILDLAB_STR: rs_prerelease
- OSPLATFORM_TYPE: x64
- OSNAME: Windows 10
- FAILURE_ID_HASH: {157d2784-e9b3-0bf4-8d92-f9b3ac1af99d}
- Followup: MachineOwner
- ---------
- 5: kd> lmvm win32kfull
- Browse full module list
- start end module name
- ffff8152`aa0d0000 ffff8152`aa476000 win32kfull (pdb symbols) C:\ProgramData\Dbg\sym\win32kfull.pdb\841BD9FB895BA8DA32A86E88857C4C1D1\win32kfull.pdb
- Loaded symbol image file: win32kfull.sys
- Mapped memory image file: C:\ProgramData\Dbg\sym\win32kfull.sys\B969154D3a6000\win32kfull.sys
- Image path: \SystemRoot\System32\win32kfull.sys
- Image name: win32kfull.sys
- Browse all global symbols functions data
- Image was built with /Brepro flag.
- Timestamp: B969154D (This is a reproducible build file hash, not a timestamp)
- CheckSum: 003A284D
- ImageSize: 003A6000
- File version: 10.0.19536.1000
- Product version: 10.0.19536.1000
- File flags: 0 (Mask 3F)
- File OS: 40004 NT Win32
- File type: 3.7 Driver
- File date: 00000000.00000000
- Translations: 0409.04b0
- Information from resource tables:
- CompanyName: Microsoft Corporation
- ProductName: Microsoft® Windows® Operating System
- InternalName: win32kfull.sys
- OriginalFilename: win32kfull.sys
- ProductVersion: 10.0.19536.1000
- FileVersion: 10.0.19536.1000 (WinBuild.160101.0800)
- FileDescription: Full/Desktop Win32k Kernel Driver
- LegalCopyright: © Microsoft Corporation. All rights reserved.
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement