J
JimrosGeruela
[COLOR=rgba(30, 30, 30, 1)]Microsoft (R) Windows Debugger Version 10.0.21306.1007 AMD64
Copyright (c) Microsoft Corporation. All rights reserved.
Loading Dump File [C:\Users\LilJi\Desktop\dump files\032421-9812-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available
************* Path validation summary **************
Response Time (ms) Location
Deferred srv*
Symbol search path is: srv*
Executable search path is:
Windows 10 Kernel Version 18362 MP (4 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS
Edition build lab: 18362.1.amd64fre.19h1_release.190318-1202
Machine Name:
Kernel base = 0xfffff806`25e00000 PsLoadedModuleList = 0xfffff806`26245e90
Debug session time: Wed Mar 24 14:19:29.031 2021 (UTC + 8:00)
System Uptime: 0 days 0:39:46.680
Loading Kernel Symbols
...............................................................
................................................................
............................................
Loading User Symbols
Loading unloaded module list
........
For analysis of this file, run [/COLOR][COLOR=rgba(0, 0, 255, 1)]!analyze -v
[/COLOR][COLOR=rgba(30, 30, 30, 1)]nt!KeBugCheckEx:
fffff806`25fc3ab0 48894c2408 mov qword ptr [rsp+8],rcx ss:0018:fffffd87`be4296d0=000000000000011d
1: kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
EVENT_TRACING_FATAL_ERROR (11d)
Event Tracing subsystem has encountered an unexpected fatal error. First parameter indicates
the type of failure.
Arguments:
Arg1: 0000000000000007, Trace buffer corruption.
Arg2: ffff8688b42c8000
Arg3: 0000000000001000
Arg4: 0000000000009000
Debugging Details:
------------------
*** WARNING: Unable to verify checksum for win32k.sys
KEY_VALUES_STRING: 1
Key : Analysis.CPU.mSec
Value: 6905
Key : Analysis.DebugAnalysisManager
Value: Create
Key : Analysis.Elapsed.mSec
Value: 15799
Key : Analysis.Init.CPU.mSec
Value: 1984
Key : Analysis.Init.Elapsed.mSec
Value: 10434
Key : Analysis.Memory.CommitPeak.Mb
Value: 78
Key : WER.OS.Branch
Value: 19h1_release
Key : WER.OS.Timestamp
Value: 2019-03-18T12:02:00Z
Key : WER.OS.Version
Value: 10.0.18362.1
BUGCHECK_CODE: 11d
BUGCHECK_P1: 7
BUGCHECK_P2: ffff8688b42c8000
BUGCHECK_P3: 1000
BUGCHECK_P4: 9000
BLACKBOXBSD: 1 ([/COLOR][COLOR=rgba(0, 0, 255, 1)]!blackboxbsd[/COLOR][COLOR=rgba(30, 30, 30, 1)])
BLACKBOXNTFS: 1 ([/COLOR][COLOR=rgba(0, 0, 255, 1)]!blackboxntfs[/COLOR][COLOR=rgba(30, 30, 30, 1)])
BLACKBOXPNP: 1 ([/COLOR][COLOR=rgba(0, 0, 255, 1)]!blackboxpnp[/COLOR][COLOR=rgba(30, 30, 30, 1)])
BLACKBOXWINLOGON: 1
CUSTOMER_CRASH_COUNT: 1
PROCESS_NAME: System
STACK_TEXT:
fffffd87`be4296c8 fffff806`25fe7448 : 00000000`0000011d 00000000`00000007 ffff8688`b42c8000 00000000`00001000 : nt!KeBugCheckEx
fffffd87`be4296d0 fffff806`25e12c32 : ffff8688`c2764202 00000000`00000000 ffff8688`b40ff000 00000000`00000000 : nt!EtwpDequeueFreeBuffer+0x1d4634
fffffd87`be429720 fffff806`25ec654f : ffff8688`c2010f60 ffff8688`b40ff000 00000000`00000fe8 ffffcc00`cd5a0180 : nt!EtwpSwitchBuffer+0x32
fffffd87`be429780 fffff806`25ec5ebb : 00000003`01010000 00000000`00000000 00000000`00000000 fffffd87`be429848 : nt!EtwpReserveTraceBuffer+0x1af
fffffd87`be429810 fffff806`25f12963 : 00000000`00000000 ffff8688`b2fde000 00000000`00000000 00000000`00000002 : nt!EtwpLogKernelEvent+0x1eb
fffffd87`be4298c0 fffff806`25ec689b : ffff8688`c2b4d5b0 00000000`00000002 00000000`00000080 ffff8688`b7db4010 : nt!EtwTraceTimedEvent+0xd3
fffffd87`be429940 fffff806`25ec5479 : 00000000`0000001e 00000000`00989680 00000000`000163a4 00000000`000000bc : nt!KiProcessExpiredTimerList+0x2eb
fffffd87`be429a30 fffff806`25fc75de : ffffffff`00000000 ffffcc00`cd5a0180 ffffcc00`cd5b1140 ffff8688`c2b80080 : nt!KiRetireDpcList+0x4e9
fffffd87`be429c60 00000000`00000000 : fffffd87`be42a000 fffffd87`be424000 00000000`00000000 00000000`00000000 : nt!KiIdleLoop+0x7e
SYMBOL_NAME: nt!EtwpDequeueFreeBuffer+1d4634
MODULE_NAME: [/COLOR][COLOR=rgba(0, 0, 255, 1)]nt
[/COLOR][COLOR=rgba(30, 30, 30, 1)]IMAGE_NAME: ntkrnlmp.exe
IMAGE_VERSION: 10.0.18362.1440
STACK_COMMAND: .thread ; .cxr ; kb
BUCKET_ID_FUNC_OFFSET: 1d4634
FAILURE_BUCKET_ID: 0x11D_nt!EtwpDequeueFreeBuffer
OS_VERSION: 10.0.18362.1
BUILDLAB_STR: 19h1_release
OSPLATFORM_TYPE: x64
OSNAME: Windows 10
FAILURE_ID_HASH: {0e9c61c7-de70-385f-fe47-c57c1696e765}
Followup: MachineOwner
---------
[/COLOR]
Continue reading...
Copyright (c) Microsoft Corporation. All rights reserved.
Loading Dump File [C:\Users\LilJi\Desktop\dump files\032421-9812-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available
************* Path validation summary **************
Response Time (ms) Location
Deferred srv*
Symbol search path is: srv*
Executable search path is:
Windows 10 Kernel Version 18362 MP (4 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS
Edition build lab: 18362.1.amd64fre.19h1_release.190318-1202
Machine Name:
Kernel base = 0xfffff806`25e00000 PsLoadedModuleList = 0xfffff806`26245e90
Debug session time: Wed Mar 24 14:19:29.031 2021 (UTC + 8:00)
System Uptime: 0 days 0:39:46.680
Loading Kernel Symbols
...............................................................
................................................................
............................................
Loading User Symbols
Loading unloaded module list
........
For analysis of this file, run [/COLOR][COLOR=rgba(0, 0, 255, 1)]!analyze -v
[/COLOR][COLOR=rgba(30, 30, 30, 1)]nt!KeBugCheckEx:
fffff806`25fc3ab0 48894c2408 mov qword ptr [rsp+8],rcx ss:0018:fffffd87`be4296d0=000000000000011d
1: kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
EVENT_TRACING_FATAL_ERROR (11d)
Event Tracing subsystem has encountered an unexpected fatal error. First parameter indicates
the type of failure.
Arguments:
Arg1: 0000000000000007, Trace buffer corruption.
Arg2: ffff8688b42c8000
Arg3: 0000000000001000
Arg4: 0000000000009000
Debugging Details:
------------------
*** WARNING: Unable to verify checksum for win32k.sys
KEY_VALUES_STRING: 1
Key : Analysis.CPU.mSec
Value: 6905
Key : Analysis.DebugAnalysisManager
Value: Create
Key : Analysis.Elapsed.mSec
Value: 15799
Key : Analysis.Init.CPU.mSec
Value: 1984
Key : Analysis.Init.Elapsed.mSec
Value: 10434
Key : Analysis.Memory.CommitPeak.Mb
Value: 78
Key : WER.OS.Branch
Value: 19h1_release
Key : WER.OS.Timestamp
Value: 2019-03-18T12:02:00Z
Key : WER.OS.Version
Value: 10.0.18362.1
BUGCHECK_CODE: 11d
BUGCHECK_P1: 7
BUGCHECK_P2: ffff8688b42c8000
BUGCHECK_P3: 1000
BUGCHECK_P4: 9000
BLACKBOXBSD: 1 ([/COLOR][COLOR=rgba(0, 0, 255, 1)]!blackboxbsd[/COLOR][COLOR=rgba(30, 30, 30, 1)])
BLACKBOXNTFS: 1 ([/COLOR][COLOR=rgba(0, 0, 255, 1)]!blackboxntfs[/COLOR][COLOR=rgba(30, 30, 30, 1)])
BLACKBOXPNP: 1 ([/COLOR][COLOR=rgba(0, 0, 255, 1)]!blackboxpnp[/COLOR][COLOR=rgba(30, 30, 30, 1)])
BLACKBOXWINLOGON: 1
CUSTOMER_CRASH_COUNT: 1
PROCESS_NAME: System
STACK_TEXT:
fffffd87`be4296c8 fffff806`25fe7448 : 00000000`0000011d 00000000`00000007 ffff8688`b42c8000 00000000`00001000 : nt!KeBugCheckEx
fffffd87`be4296d0 fffff806`25e12c32 : ffff8688`c2764202 00000000`00000000 ffff8688`b40ff000 00000000`00000000 : nt!EtwpDequeueFreeBuffer+0x1d4634
fffffd87`be429720 fffff806`25ec654f : ffff8688`c2010f60 ffff8688`b40ff000 00000000`00000fe8 ffffcc00`cd5a0180 : nt!EtwpSwitchBuffer+0x32
fffffd87`be429780 fffff806`25ec5ebb : 00000003`01010000 00000000`00000000 00000000`00000000 fffffd87`be429848 : nt!EtwpReserveTraceBuffer+0x1af
fffffd87`be429810 fffff806`25f12963 : 00000000`00000000 ffff8688`b2fde000 00000000`00000000 00000000`00000002 : nt!EtwpLogKernelEvent+0x1eb
fffffd87`be4298c0 fffff806`25ec689b : ffff8688`c2b4d5b0 00000000`00000002 00000000`00000080 ffff8688`b7db4010 : nt!EtwTraceTimedEvent+0xd3
fffffd87`be429940 fffff806`25ec5479 : 00000000`0000001e 00000000`00989680 00000000`000163a4 00000000`000000bc : nt!KiProcessExpiredTimerList+0x2eb
fffffd87`be429a30 fffff806`25fc75de : ffffffff`00000000 ffffcc00`cd5a0180 ffffcc00`cd5b1140 ffff8688`c2b80080 : nt!KiRetireDpcList+0x4e9
fffffd87`be429c60 00000000`00000000 : fffffd87`be42a000 fffffd87`be424000 00000000`00000000 00000000`00000000 : nt!KiIdleLoop+0x7e
SYMBOL_NAME: nt!EtwpDequeueFreeBuffer+1d4634
MODULE_NAME: [/COLOR][COLOR=rgba(0, 0, 255, 1)]nt
[/COLOR][COLOR=rgba(30, 30, 30, 1)]IMAGE_NAME: ntkrnlmp.exe
IMAGE_VERSION: 10.0.18362.1440
STACK_COMMAND: .thread ; .cxr ; kb
BUCKET_ID_FUNC_OFFSET: 1d4634
FAILURE_BUCKET_ID: 0x11D_nt!EtwpDequeueFreeBuffer
OS_VERSION: 10.0.18362.1
BUILDLAB_STR: 19h1_release
OSPLATFORM_TYPE: x64
OSNAME: Windows 10
FAILURE_ID_HASH: {0e9c61c7-de70-385f-fe47-c57c1696e765}
Followup: MachineOwner
---------
[/COLOR]
Continue reading...