Opened log file 'c:\debuglog.txt'
0: kd> .sympath srv*c:\symbols*
http://msdl.mircrosoft.com/downloads/symbols
Symbol search path is: srv*c:\symbols*
http://msdl.mircrosoft.com/downloads/symbols
0: kd> .reload;!analyze -v;r;kv;lmnt;.logclose;q
Loading Kernel Symbols
.............................................................................................................................................
Loading User Symbols
Loading unloaded module list
.......
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
DRIVER_OVERRAN_STACK_BUFFER (f7)
A driver has overrun a stack-based buffer. This overrun could potentially
allow a malicious user to gain control of this machine.
DESCRIPTION
A driver overran a stack-based buffer (or local variable) in a way that would
have overwritten the function's return address and jumped back to an arbitrary
address when the function returned. This is the classic "buffer overrun"
hacking attack and the system has been brought down to prevent a malicious user
from gaining complete control of it.
Do a kb to get a stack backtrace -- the last routine on the stack before the
buffer overrun handlers and bugcheck call is the one that overran its local
variable(s).
Arguments:
Arg1: 000001001afc6488, Actual security check cookie from the stack
Arg2: 00001af6b2750f78, Expected security check cookie
Arg3: ffffe5094d8af087, Complement of the expected security check cookie
Arg4: 0000000000000000, zero
Debugging Details:
------------------
DEFAULT_BUCKET_ID: GS_FALSE_POSITIVE_MISSING_GSFRAME
SECURITY_COOKIE: Expected 00001af6b2750f78 found 000001001afc6488
CUSTOMER_CRASH_COUNT: 2
BUGCHECK_STR: 0xF7
PROCESS_NAME: hl2.exe
CURRENT_IRQL: 0
EXCEPTION_RECORD: fffff9801afc6248 -- (.exr 0xfffff9801afc6248)
.exr 0xfffff9801afc6248
ExceptionAddress: fffff80001c0a0f7 (nt! ?? ::FNODOBFM::`string'+0x000000000000d6fc)
ExceptionCode: c0000005 (Access violation)
ExceptionFlags: 00000000
NumberParameters: 2
Parameter[0]: 0000000000000001
Parameter[1]: 0000000000000001
Attempt to write to address 0000000000000001
TRAP_FRAME: fffff9801afc62f0 -- (.trap 0xfffff9801afc62f0)
.trap 0xfffff9801afc62f0
NOTE: The trap frame does not contain all registers.
Some register values may be zeroed or incorrect.
rax=0000000000033010 rbx=fffffa80025da940 rcx=00000000fffff901
rdx=0000000000000070 rsi=fffffa800189ede0 rdi=0000000000000000
rip=fffff80001c0a0f7 rsp=fffff9801afc6488 rbp=fffff8800062f508
r8=0000067fe5039921 r9=0000000000000000 r10=fffffa8001805070
r11=fffff9801afc6500 r12=0000000000000000 r13=0000000000000000
r14=0000000000000000 r15=0000000000000000
iopl=0 nv up ei pl nz na po cy
nt! ?? ::FNODOBFM::`string'+0xd6fc:
fffff800`01c0a0f7 42891c06 mov dword ptr [rsi+r8],ebx ds:000000ff`e68d8701=????????
.trap
Resetting default scope
LAST_CONTROL_TRANSFER: from fffff80001cc59f5 to fffff80001c4dbd0
STACK_TEXT:
fffff980`1afc5398 fffff800`01cc59f5 : 00000000`000000f7 00000100`1afc6488 00001af6`b2750f78 ffffe509`4d8af087 : nt!KeBugCheckEx
fffff980`1afc53a0 fffff800`01cab683 : 3f800000`3f800000 3f800000`3f800000 00000000`fffffbb0 fffff800`01c94104 : nt!_report_gsfailure+0x25
fffff980`1afc53e0 fffff800`01c7398d : fffff880`0288fb70 fffff980`1afbd000 fffff800`01dd4804 fffff800`01c0a0f7 : nt!_GSHandlerCheck+0x13
fffff980`1afc5410 fffff800`01c8d123 : fffff800`00000001 fffff980`1afc6488 fffff980`1afc6248 00000000`00000000 : nt!RtlpExecuteHandlerForException+0xd
fffff980`1afc5440 fffff800`01c321d2 : fffff980`1afc6248 fffff980`1afc5c20 fffff980`00000000 fffff980`00000000 : nt!RtlDispatchException+0x228
fffff980`1afc5b10 fffff800`01c4da2e : fffff980`1afc6248 00000000`00000000 fffff980`1afc62f0 fffff980`1afc66e0 : nt!KiDispatchException+0xc2
fffff980`1afc6110 fffff800`01c4c825 : 00000000`00000001 fffff980`1afc66e0 00000000`f025cb00 fffff980`002c001a : nt!KiExceptionDispatch+0xae
fffff980`1afc62f0 fffff800`01c0a0f7 : 00000000`00000000 fffff880`0062f508 00000000`00000000 fffffa80`03437b10 : nt!KiPageFault+0x1e5
fffff980`1afc6488 fffff980`1afc6728 : fffff880`0062f508 00000000`00000001 fffff980`1afc6a58 00000000`00000000 : nt! ?? ::FNODOBFM::`string'+0xd6fc
fffff980`1afc65a8 fffff880`0062f508 : 00000000`00000001 fffff980`1afc6a58 00000000`00000000 00000000`00000005 : 0xfffff980`1afc6728
fffff980`1afc65b0 00000000`00000001 : fffff980`1afc6a58 00000000`00000000 00000000`00000005 fffff980`1afc6b30 : 0xfffff880`0062f508
fffff980`1afc65b8 fffff980`1afc6a58 : 00000000`00000000 00000000`00000005 fffff980`1afc6b30 fffff880`00033010 : 0x1
fffff980`1afc65c0 00000000`00000000 : 00000000`00000005 fffff980`1afc6b30 fffff880`00033010 fffff980`1afc6940 : 0xfffff980`1afc6a58
fffff980`1afc65c8 00000000`00000005 : fffff980`1afc6b30 fffff880`00033010 fffff980`1afc6940 fffff800`01e98556 : 0x0
fffff980`1afc65d0 fffff980`1afc6b30 : fffff880`00033010 fffff980`1afc6940 fffff800`01e98556 fffff880`00033010 : 0x5
fffff980`1afc65d8 fffff880`00033010 : fffff980`1afc6940 fffff800`01e98556 fffff880`00033010 fffff980`00076e28 : 0xfffff980`1afc6b30
fffff980`1afc65e0 fffff980`1afc6940 : fffff800`01e98556 fffff880`00033010 fffff980`00076e28 00000000`00000000 : 0xfffff880`00033010
fffff980`1afc65e8 fffff800`01e98556 : fffff880`00033010 fffff980`00076e28 00000000`00000000 fffffa80`03437b10 : 0xfffff980`1afc6940
fffff980`1afc65f0 fffff800`01e90cf1 : fffff800`01e980e0 fffff980`1afc6970 fffffa80`03437b10 00000000`00000001 : nt!CmpParseKey+0x476
fffff980`1afc68d0 fffff800`01e9d0f1 : 00000000`00000000 fffff980`1afc6a58 00000000`00000040 fffffa80`0189ede0 : nt!ObpLookupObjectName+0xa9f
fffff980`1afc69e0 fffff800`01ed805f : fffff880`00000008 fffffa80`0189ede0 00000000`00000001 00000000`00000000 : nt!ObOpenObjectByName+0x421
fffff980`1afc6ab0 fffff800`01ea1a18 : 00000000`0007e5a8 00000000`00000008 00000000`0007e650 00000000`00000000 : nt!CmOpenKey+0x25d
fffff980`1afc6be0 fffff800`01c4d673 : fffff980`1afc6ca0 00000000`0007e650 00000000`00000000 00000000`00000000 : nt!NtOpenKey+0x68
fffff980`1afc6c20 00000000`7775039a : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x13
00000000`0007bea8 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x7775039a
STACK_COMMAND: kb
FOLLOWUP_IP:
nt!_report_gsfailure+25
fffff800`01cc59f5 cc int 3
SYMBOL_STACK_INDEX: 1
SYMBOL_NAME: nt!_report_gsfailure+25
FOLLOWUP_NAME: MachineOwner
MODULE_NAME: nt
IMAGE_NAME: ntkrnlmp.exe
DEBUG_FLR_IMAGE_TIMESTAMP: 46830f41
FAILURE_BUCKET_ID: X64_0xF7_MISSING_GSFRAME_nt!_report_gsfailure+25
BUCKET_ID: X64_0xF7_MISSING_GSFRAME_nt!_report_gsfailure+25
Followup: MachineOwner
---------