Open Tai7sy opened 5 years ago
BSOD randomly
debug Screenshot:
!analyze -v
******************************************************************************* * * * Bugcheck Analysis * * * ******************************************************************************* KERNEL_SECURITY_CHECK_FAILURE (139) A kernel component has corrupted a critical data structure. The corruption could potentially allow a malicious user to gain control of this machine. Arguments: Arg1: 0000000000000004, The thread's stack pointer was outside the legal stack extents for the thread. Arg2: ffffac0a81dbd110, Address of the trap frame for the exception that caused the bugcheck Arg3: ffffac0a81dbd068, Address of the exception record for the exception that caused the bugcheck Arg4: 0000000000000000, Reserved Debugging Details: ------------------ "C:\Windows\System32\KERNELBASE.dll" was not found in the image list. Debugger will attempt to load "C:\Windows\System32\KERNELBASE.dll" at given base 00000000`00000000. Please provide the full image name, including the extension (i.e. kernel32.dll) for more reliable results.Base address and size overrides can be given as .reload <image.ext>=<base>,<size>. KEY_VALUES_STRING: 1 PROCESSES_ANALYSIS: 1 SERVICE_ANALYSIS: 1 STACKHASH_ANALYSIS: 1 TIMELINE_ANALYSIS: 1 DUMP_CLASS: 1 DUMP_QUALIFIER: 0 BUILD_VERSION_STRING: 17763.1.amd64fre.rs5_release.180914-1434 DUMP_TYPE: 0 BUGCHECK_P1: 4 BUGCHECK_P2: ffffac0a81dbd110 BUGCHECK_P3: ffffac0a81dbd068 BUGCHECK_P4: 0 TRAP_FRAME: ffff18a01182070f -- (.trap 0xffff18a01182070f) Unable to read trap frame at ffff18a0`1182070f EXCEPTION_RECORD: ffffac0a81dbd068 -- (.exr 0xffffac0a81dbd068) ExceptionAddress: fffff80413a3b7df (nt!RtlpGetStackLimits+0x0000000000147c7f) ExceptionCode: c0000409 (Security check failure or stack buffer overrun) ExceptionFlags: 00000001 NumberParameters: 1 Parameter[0]: 0000000000000004 Subcode: 0x4 FAST_FAIL_INCORRECT_STACK CPU_COUNT: 4 CPU_MHZ: e10 CPU_VENDOR: GenuineIntel CPU_FAMILY: 6 CPU_MODEL: 9e CPU_STEPPING: 9 CPU_MICROCODE: 6,9e,9,0 (F,M,S,R) SIG: B4'00000000 (cache) B4'00000000 (init) BUGCHECK_STR: 0x139 PROCESS_NAME: debug_me.exe CURRENT_IRQL: 0 DEFAULT_BUCKET_ID: FAIL_FAST_INCORRECT_STACK WATSON_BKT_EVENT: BEX ERROR_CODE: (NTSTATUS) 0xc0000409 - <Unable to get error code text> EXCEPTION_CODE: (NTSTATUS) 0xc0000409 - <Unable to get error code text> EXCEPTION_CODE_STR: c0000409 EXCEPTION_PARAMETER1: 0000000000000004 ANALYSIS_SESSION_HOST: windywhli-PC1 ANALYSIS_SESSION_TIME: 11-19-2019 20:19:23.0224 ANALYSIS_VERSION: 10.0.18362.1 amd64fre BAD_STACK_POINTER: ffffac0a81dbc628 LAST_CONTROL_TRANSFER: from fffff80413aa2d72 to fffff804139cd390 STACK_TEXT: ffffac0a`81dbc628 fffff804`13aa2d72 : 00000000`00000004 00000000`00000003 ffffac0a`81dbc790 fffff804`1396d380 : nt!DbgBreakPointWithStatus ffffac0a`81dbc630 fffff804`13aa24f7 : 00000000`00000003 ffffac0a`81dbc790 fffff804`139d9660 00000000`00000139 : nt!KiBugCheckDebugBreak+0x12 ffffac0a`81dbc690 fffff804`139c5837 : 00000000`00000000 cccccccc`cccccccc 00000000`00000000 00001f80`00cc00cc : nt!KeBugCheck2+0x957 ffffac0a`81dbcdb0 fffff804`139d6e69 : 00000000`00000139 00000000`00000004 ffffac0a`81dbd110 ffffac0a`81dbd068 : nt!KeBugCheckEx+0x107 ffffac0a`81dbcdf0 fffff804`139d7210 : cccccccc`cccccccc cccccccc`cccccccc cccccccc`cccccccc cccccccc`cccccccc : nt!KiBugCheckDispatch+0x69 ffffac0a`81dbcf30 fffff804`139d5608 : cccccccc`cccccccc cccccccc`cccccccc cccccccc`cccccccc cccccccc`cccccccc : nt!KiFastFailDispatch+0xd0 ffffac0a`81dbd110 fffff804`13a3b7df : 00000000`00000000 ffffac0a`81dbd550 cccccccc`cccccccc cccccccc`cccccccc : nt!KiRaiseSecurityCheckFailure+0x308 ffffac0a`81dbd2a0 fffff804`13926e7b : cccccccc`cccccccc cccccccc`cccccccc cccccccc`00000003 cccccccc`cccccccc : nt!RtlpGetStackLimits+0x147c7f ffffac0a`81dbd2d0 fffff804`13834ac4 : ffffac0a`81dbdd08 ffffac0a`81dbda50 ffffac0a`81dbdd08 ffffac0a`81db6000 : nt!RtlDispatchException+0x6b ffffac0a`81dbd520 fffff804`139d6f42 : 00000000`00000000 fffff804`138ec094 ffff18a0`1182070f fffff804`14283af6 : nt!KiDispatchException+0x144 ffffac0a`81dbdbd0 fffff804`139d178e : ffffac0a`81dbddc0 fffff804`1aab3e85 00000000`00000000 00000020`00000000 : nt!KiExceptionDispatch+0xc2 ffffac0a`81dbddb0 fffff804`1aab34c1 : 00000000`00000000 00000000`00484ea3 cccccccc`cccccccc cccccccc`cccccccc : nt!KiInvalidOpcodeFault+0x30e ffffac0a`81dbdf40 fffff804`1aac3be5 : 00000000`0019fa90 00000000`004023fd 00000000`00010202 00000000`00000005 : win32dk!hvpp::vcpu_t::entry_host+0x161 [D:\MyProjects\VSProjects\hvpp\src\hvpp\hvpp\vcpu.cpp @ 849] ffffac0a`81dbdfb0 00000000`00402402 : 004020f3`00401714 00739670`004020f3 0019fa98`00401564 0040131f`0019fae0 : win32dk!hvpp::vcpu_t::entry_host_+0x58 [D:\MyProjects\VSProjects\hvpp\src\hvpp\hvpp\vcpu.asm @ 231] 00000000`0019fa90 004020f3`00401714 : 00739670`004020f3 0019fa98`00401564 0040131f`0019fae0 00000007`004020f3 : debug_me+0x2402 00000000`0019fa98 00739670`004020f3 : 0019fa98`00401564 0040131f`0019fae0 00000007`004020f3 4150083c`c0000000 : 0x004020f3`00401714 00000000`0019faa0 0019fa98`00401564 : 0040131f`0019fae0 00000007`004020f3 4150083c`c0000000 40180000`00000000 : 0x00739670`004020f3 00000000`0019faa8 0040131f`0019fae0 : 00000007`004020f3 4150083c`c0000000 40180000`00000000 4150083b`40000000 : 0x0019fa98`00401564 00000000`0019fab0 00000007`004020f3 : 4150083c`c0000000 40180000`00000000 4150083b`40000000 00000007`0073e308 : 0x0040131f`0019fae0 00000000`0019fab8 4150083c`c0000000 : 40180000`00000000 4150083b`40000000 00000007`0073e308 004020f3`00739670 : 0x00000007`004020f3 00000000`0019fac0 40180000`00000000 : 4150083b`40000000 00000007`0073e308 004020f3`00739670 0041c7f0`0019fb14 : 0x4150083c`c0000000 00000000`0019fac8 4150083b`40000000 : 00000007`0073e308 004020f3`00739670 0041c7f0`0019fb14 004b5710`02416dc8 : 0x40180000`00000000 00000000`0019fad0 00000007`0073e308 : 004020f3`00739670 0041c7f0`0019fb14 004b5710`02416dc8 004b5710`02416dc8 : 0x4150083b`40000000 00000000`0019fad8 004020f3`00739670 : 0041c7f0`0019fb14 004b5710`02416dc8 004b5710`02416dc8 004b5710`0040baa0 : 0x00000007`0073e308 00000000`0019fae0 0041c7f0`0019fb14 : 004b5710`02416dc8 004b5710`02416dc8 004b5710`0040baa0 fffffffe`ffffffff : 0x004020f3`00739670 00000000`0019fae8 004b5710`02416dc8 : 004b5710`02416dc8 004b5710`0040baa0 fffffffe`ffffffff 76a96c42`0019fb40 : 0x0041c7f0`0019fb14 00000000`0019faf0 004b5710`02416dc8 : 004b5710`0040baa0 fffffffe`ffffffff 76a96c42`0019fb40 000007d8`004012c3 : 0x004b5710`02416dc8 00000000`0019faf8 004b5710`0040baa0 : fffffffe`ffffffff 76a96c42`0019fb40 000007d8`004012c3 0019fb80`004120b9 : 0x004b5710`02416dc8 00000000`0019fb00 fffffffe`ffffffff : 76a96c42`0019fb40 000007d8`004012c3 0019fb80`004120b9 02416dc8`02416dc8 : 0x004b5710`0040baa0 00000000`0019fb08 76a96c42`0019fb40 : 000007d8`004012c3 0019fb80`004120b9 02416dc8`02416dc8 0040baa0`0019fc20 : 0xfffffffe`ffffffff 00000000`0019fb10 000007d8`004012c3 : 0019fb80`004120b9 02416dc8`02416dc8 0040baa0`0019fc20 02416dc8`0040baa0 : 0x76a96c42`0019fb40 00000000`0019fb18 0019fb80`004120b9 : 02416dc8`02416dc8 0040baa0`0019fc20 02416dc8`0040baa0 00000000`00000001 : 0x000007d8`004012c3 00000000`0019fb20 02416dc8`02416dc8 : 0040baa0`0019fc20 02416dc8`0040baa0 00000000`00000001 0047f1d2`0019fc14 : 0x0019fb80`004120b9 00000000`0019fb28 0040baa0`0019fc20 : 02416dc8`0040baa0 00000000`00000001 0047f1d2`0019fc14 004153f9`ffffffff : 0x02416dc8`02416dc8 00000000`0019fb30 02416dc8`0040baa0 : 00000000`00000001 0047f1d2`0019fc14 004153f9`ffffffff 0019fb80`000007d8 : 0x0040baa0`0019fc20 00000000`0019fb38 00000000`00000001 : 0047f1d2`0019fc14 004153f9`ffffffff 0019fb80`000007d8 004153ca`00000000 : 0x02416dc8`0040baa0 00000000`0019fb40 0047f1d2`0019fc14 : 004153f9`ffffffff 0019fb80`000007d8 004153ca`00000000 0019fb80`000007d8 : 0x1 00000000`0019fb48 004153f9`ffffffff : 0019fb80`000007d8 004153ca`00000000 0019fb80`000007d8 0040badb`00000000 : 0x0047f1d2`0019fc14 00000000`0019fb50 0019fb80`000007d8 : 004153ca`00000000 0019fb80`000007d8 0040badb`00000000 0019fb80`000007d8 : 0x004153f9`ffffffff 00000000`0019fb58 004153ca`00000000 : 0019fb80`000007d8 0040badb`00000000 0019fb80`000007d8 00000000`00000000 : 0x0019fb80`000007d8 00000000`0019fb60 0019fb80`000007d8 : 0040badb`00000000 0019fb80`000007d8 00000000`00000000 16010002`52010001 : 0x004153ca`00000000 00000000`0019fb68 0040badb`00000000 : 0019fb80`000007d8 00000000`00000000 16010002`52010001 00000000`00000000 : 0x0019fb80`000007d8 00000000`0019fb70 0019fb80`000007d8 : 00000000`00000000 16010002`52010001 00000000`00000000 00486218`00000000 : 0x0040badb`00000000 00000000`0019fb78 00000000`00000000 : 16010002`52010001 00000000`00000000 00486218`00000000 004b8118`0047de32 : 0x0019fb80`000007d8 THREAD_SHA1_HASH_MOD_FUNC: 9878726627229c0c7c7b6cf8cacb076f99901365 THREAD_SHA1_HASH_MOD_FUNC_OFFSET: 6b7b4724f584776c4f57d46af500ba565cf0d156 THREAD_SHA1_HASH_MOD: 6ae1ede5fed85cf92790998645c6060afa1c331a FOLLOWUP_IP: win32dk!hvpp::vcpu_t::entry_host+161 [D:\MyProjects\VSProjects\hvpp\src\hvpp\hvpp\vcpu.cpp @ 849] fffff804`1aab34c1 440f79a720800000 vmwrite r12,qword ptr [rdi+8020h] FAULT_INSTR_CODE: a7790f44 FAULTING_SOURCE_LINE: D:\MyProjects\VSProjects\hvpp\src\hvpp\hvpp\vcpu.cpp FAULTING_SOURCE_FILE: D:\MyProjects\VSProjects\hvpp\src\hvpp\hvpp\vcpu.cpp FAULTING_SOURCE_LINE_NUMBER: 849 SYMBOL_STACK_INDEX: c SYMBOL_NAME: win32dk!hvpp::vcpu_t::entry_host+161 FOLLOWUP_NAME: MachineOwner MODULE_NAME: win32dk IMAGE_NAME: win32dk.sys DEBUG_FLR_IMAGE_TIMESTAMP: 5dce5bd8 STACK_COMMAND: .thread ; .cxr ; kb BUCKET_ID_FUNC_OFFSET: 161 FAILURE_BUCKET_ID: 0x139_MISSING_GSFRAME_STACKPTR_ERROR_win32dk!hvpp::vcpu_t::entry_host BUCKET_ID: 0x139_MISSING_GSFRAME_STACKPTR_ERROR_win32dk!hvpp::vcpu_t::entry_host PRIMARY_PROBLEM_CLASS: 0x139_MISSING_GSFRAME_STACKPTR_ERROR_win32dk!hvpp::vcpu_t::entry_host TARGET_TIME: 2019-11-19T12:18:30.000Z OSBUILD: 17763 OSSERVICEPACK: 0 SERVICEPACK_NUMBER: 0 OS_REVISION: 0 SUITE_MASK: 272 PRODUCT_TYPE: 1 OSPLATFORM_TYPE: x64 OSNAME: Windows 10 OSEDITION: Windows 10 WinNt TerminalServer SingleUserTS OS_LOCALE: USER_LCID: 0 OSBUILD_TIMESTAMP: 2005-12-02 00:58:59 BUILDDATESTAMP_STR: 180914-1434 BUILDLAB_STR: rs5_release BUILDOSVER_STR: 10.0.17763.1.amd64fre.rs5_release.180914-1434 ANALYSIS_SESSION_ELAPSED_TIME: fbfd ANALYSIS_SOURCE: KM FAILURE_ID_HASH_STRING: km:0x139_missing_gsframe_stackptr_error_win32dk!hvpp::vcpu_t::entry_host FAILURE_ID_HASH: {46030f82-f280-8494-bba2-d63fa3a0fafa} Followup: MachineOwner ---------
BSOD randomly
debug Screenshot:
!analyze -v