icrosoft (R) Windows Debugger Version 6.11.0001.404 AMD64
Copyright (c) Microsoft Corporation. All rights reserved.
Loading Dump File [C:\Users\richc46\AppData\Local\Temp\Temp1_$_netstat_jcgriff2[1].zip\091610-18860-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available
Symbol search path is: SRV*c:\symbols*http://msdl.microsoft.com/download/symbols
Executable search path is:
Windows 7 Kernel Version 7600 MP (2 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS Personal
Built by: 7600.16617.amd64fre.win7_gdr.100618-1621
Machine Name:
Kernel base = 0xfffff800`02c4d000 PsLoadedModuleList = 0xfffff800`02e8ae50
Debug session time: Thu Sep 16 07:29:38.462 2010 (GMT-4)
System Uptime: 0 days 1:01:48.958
Loading Kernel Symbols
...............................................................
................................................................
................................................................
........
Loading User Symbols
Loading unloaded module list
.........
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
Use !analyze -v to get detailed debugging information.
BugCheck 7F, {8, 80050033, 6f8, fffff80002cc3e59}
Probably caused by : NETIO.SYS ( NETIO!CompareSecurityContexts+6a )
Followup: MachineOwner
---------
1: kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
UNEXPECTED_KERNEL_MODE_TRAP (7f)
This means a trap occurred in kernel mode, and it's a trap of a kind
that the kernel isn't allowed to have/catch (bound trap) or that
is always instant death (double fault). The first number in the
bugcheck params is the number of the trap (8 = double fault, etc)
Consult an Intel x86 family manual to learn more about what these
traps are. Here is a *portion* of those codes:
If kv shows a taskGate
use .tss on the part before the colon, then kv.
Else if kv shows a trapframe
use .trap on that value
Else
.trap on the appropriate frame will show where the trap was taken
(on x86, this will be the ebp that goes with the procedure KiTrap)
Endif
kb will then show the corrected stack.
Arguments:
Arg1: 0000000000000008, EXCEPTION_DOUBLE_FAULT
Arg2: 0000000080050033
Arg3: 00000000000006f8
Arg4: fffff80002cc3e59
Debugging Details:
------------------
BUGCHECK_STR: 0x7f_8
CUSTOMER_CRASH_COUNT: 1
DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT
PROCESS_NAME: System
CURRENT_IRQL: 2
LAST_CONTROL_TRANSFER: from fffff80002cbcca9 to fffff80002cbd740
STACK_TEXT:
fffff880`009eec68 fffff800`02cbcca9 : 00000000`0000007f 00000000`00000008 00000000`80050033 00000000`000006f8 : nt!KeBugCheckEx
fffff880`009eec70 fffff800`02cbb172 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiBugCheckDispatch+0x69
fffff880`009eedb0 fffff800`02cc3e59 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiDoubleFaultAbort+0xb2
fffff880`03715fc0 fffff800`02cc31e4 : ff9cffff`95ffff93 fffff880`037162e0 fffff880`037162e0 fdd3fefe`d0fefece : nt!SepNormalAccessCheck+0x29
fffff880`03716050 fffff800`02cc2c10 : fffff880`037162c0 00000000`00000000 fffff880`037162c0 fffff880`037162e0 : nt!SepAccessCheck+0x1d4
fffff880`03716180 fffff800`02c85f6a : fffffa80`0662e080 00000000`00000001 00000000`00000000 fffffa80`0425c068 : nt!SeAccessCheckWithHint+0x180
fffff880`03716260 fffff880`01f46c5a : 48192a46`17253f14 2234541f`2f4e1c2c 4369283c`6125385b 80364e77`3148712c : nt!SeAccessCheckFromState+0x102
fffff880`03716950 fffff880`01f4494f : ffffcdff`00000000 ffd3ffff`00000000 d9ffffd9`ffffd6ff fefedbfe`fedbfefe : NETIO!CompareSecurityContexts+0x6a
fffff880`037169c0 fffff880`01f469b5 : b6e1e1ad`dfdfa6e0 f3f3ceec`ecc2e5e5 fccffbfb`d3f8f8d4 bcfefec4`fdfdc8fc : NETIO!MatchValues+0xef
fffff880`03716a10 fffff880`01f46845 : fffffa80`04bfda80 fffffa80`0612e790 fffff880`03716c38 fffff880`03717370 : NETIO!FilterMatch+0x95
fffff880`03716a60 fffff880`01f47ccb : 00000000`00000000 00000000`00000000 fffff880`03717370 fffff880`03716c20 : NETIO!IndexListClassify+0x69
fffff880`03716ae0 fffff880`0203f417 : fffff880`03716fb8 fffff880`03716fb8 fffff880`03717cf0 fffffa80`03ac6d50 : NETIO!KfdClassify+0xa4e
fffff880`03716e50 fffff880`0203883e : fffff880`02147690 00000000`00000000 fffffa80`059ec460 00000000`00000000 : tcpip!WfpAleClassify+0x57
fffff880`03716e90 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : tcpip!WfpAlepAuthorizeSend+0x94e
STACK_COMMAND: kb
FOLLOWUP_IP:
NETIO!CompareSecurityContexts+6a
fffff880`01f46c5a 448b442470 mov r8d,dword ptr [rsp+70h]
SYMBOL_STACK_INDEX: 7
SYMBOL_NAME: NETIO!CompareSecurityContexts+6a
FOLLOWUP_NAME: MachineOwner
MODULE_NAME: NETIO
IMAGE_NAME: NETIO.SYS
DEBUG_FLR_IMAGE_TIMESTAMP: 4bbe946f
FAILURE_BUCKET_ID: X64_0x7f_8_NETIO!CompareSecurityContexts+6a
BUCKET_ID: X64_0x7f_8_NETIO!CompareSecurityContexts+6a
Followup: MachineOwner
---------