*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
DRIVER_OVERRAN_STACK_BUFFER (f7)
A driver has overrun a stack-based buffer. This overrun could potentially
allow a malicious user to gain control of this machine.
DESCRIPTION
A driver overran a stack-based buffer (or local variable) in a way that would
have overwritten the function's return address and jumped back to an arbitrary
address when the function returned. This is the classic "buffer overrun"
hacking attack and the system has been brought down to prevent a malicious user
from gaining complete control of it.
Do a kb to get a stack backtrace -- the last routine on the stack before the
buffer overrun handlers and BugCheck call is the one that overran its local
variable(s).
Arguments:
Arg1: 00004d7ba27df410, Actual security check cookie from the stack
Arg2: 0000c1bc0f9e026b, Expected security check cookie
Arg3: ffff3e43f061fd94, Complement of the expected security check cookie
Arg4: 0000000000000000, zero
Debugging Details:
------------------
KEY_VALUES_STRING: 1
Key : Analysis.CPU.mSec
Value: 2062
Key : Analysis.DebugAnalysisManager
Value: Create
Key : Analysis.Elapsed.mSec
Value: 4217
Key : Analysis.Init.CPU.mSec
Value: 249
Key : Analysis.Init.Elapsed.mSec
Value: 974
Key : Analysis.Memory.CommitPeak.Mb
Value: 83
Key : Bugcheck.Code.DumpHeader
Value: 0xf7
Key : Bugcheck.Code.Register
Value: 0xf7
Key : WER.OS.Branch
Value: vb_release
Key : WER.OS.Timestamp
Value: 2019-12-06T14:06:00Z
Key : WER.OS.Version
Value: 10.0.19041.1
FILE_IN_CAB: 080922-10515-01.dmp
BUGCHECK_CODE: f7
BUGCHECK_P1: 4d7ba27df410
BUGCHECK_P2: c1bc0f9e026b
BUGCHECK_P3: ffff3e43f061fd94
BUGCHECK_P4: 0
SECURITY_COOKIE: Expected 0000c1bc0f9e026b found 00004d7ba27df410
BLACKBOXBSD: 1 (!blackboxbsd)
BLACKBOXNTFS: 1 (!blackboxntfs)
BLACKBOXPNP: 1 (!blackboxpnp)
BLACKBOXWINLOGON: 1
CUSTOMER_CRASH_COUNT: 1
PROCESS_NAME: WmiPrvSE.exe
STACK_TEXT:
ffffc401`8bfbc0f8 fffff800`0f8b14b5 : 00000000`000000f7 00004d7b`a27df410 0000c1bc`0f9e026b ffff3e43`f061fd94 : nt!KeBugCheckEx
ffffc401`8bfbc100 fffff800`0f7d372e : ffffc401`8bfbc710 fffff800`0f6e267f fffff800`0f4fe2d4 ffffc401`00000000 : nt!_report_gsfailure+0x25
ffffc401`8bfbc140 fffff800`0f7f44fa : ffffc401`8bfbc210 00000000`00000000 ffffc401`8bfbc748 ffffc401`8bfbc720 : nt!_GSHandlerCheckCommon+0x5a
ffffc401`8bfbc170 fffff800`0f801772 : fffff800`0f4fe2d4 ffffc401`8bfbc710 fffff800`0f7f44b8 fffff800`0fa2384f : nt!_GSHandlerCheck_SEH+0x42
ffffc401`8bfbc1a0 fffff800`0f6e2467 : ffffc401`8bfbc710 00000000`00000000 ffffc401`8bfbc920 fffff800`0fa2384f : nt!RtlpExecuteHandlerForException+0x12
ffffc401`8bfbc1d0 fffff800`0f6e1066 : ffffa18d`e2013e68 ffffc401`8bfbce20 ffffa18d`e2013e68 ffffa18d`e20142f0 : nt!RtlDispatchException+0x297
ffffc401`8bfbc8f0 fffff800`0f7f9742 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiDispatchException+0x186
ffffc401`8bfbcfb0 fffff800`0f7f9710 : fffff800`0f80a9a5 00000001`ffffffff fffffff6`00000021 00000000`00000002 : nt!KxExceptionDispatchOnExceptionStack+0x12
ffffa18d`e2013d28 fffff800`0f80a9a5 : 00000001`ffffffff fffffff6`00000021 00000000`00000002 00000000`00000000 : nt!KiExceptionDispatchOnExceptionStackContinue
ffffa18d`e2013d30 fffff800`0f804ee9 : 00000000`00040246 fffff800`0f646e2e ffffb28f`0000000c 00000000`00000000 : nt!KiExceptionDispatch+0x125
ffffa18d`e2013f10 fffff800`0fa2384f : ffff8107`7fe25a00 00000000`00000000 ffffb28f`62de3080 00000000`00000000 : nt!KiInvalidOpcodeFault+0x329
ffffa18d`e20140a0 ffffec80`f9696858 : 00000000`00000000 ffffb28f`62de3080 00000000`00000000 ffffa18d`e2014b80 : nt!ExpGetProcessInformation+0xbdf
ffffa18d`e2014700 00000000`00000000 : ffffb28f`62de3080 00000000`00000000 ffffa18d`e2014b80 00000000`00000000 : 0xffffec80`f9696858
SYMBOL_NAME: nt!_report_gsfailure+25
MODULE_NAME: nt
IMAGE_NAME: ntkrnlmp.exe
IMAGE_VERSION: 10.0.19041.1865
STACK_COMMAND: .cxr; .ecxr ; kb
BUCKET_ID_FUNC_OFFSET: 25
FAILURE_BUCKET_ID: 0xF7_MISSING_GSFRAME_nt!_report_gsfailure
OS_VERSION: 10.0.19041.1
BUILDLAB_STR: vb_release
OSPLATFORM_TYPE: x64
OSNAME: Windows 10
FAILURE_ID_HASH: {82d2c1b5-b0cb-60a5-9a5d-78c8c4284f84}
Followup: MachineOwner
---------
PnpActivityId : {00000000-0000-0000-0000-000000000000}
PnpActivityTime : 133045450982595387
PnpEventInformation: 3
PnpEventInProgress : 0
PnpProblemCode : 24
PnpVetoType : 0
DeviceId : SW\{96E080C7-143C-11D1-B40F-00A0C9223196}\{3C0D501A-140B-11D1-B40F-00A0C9223196}
VetoString :
start end module name
fffff800`0cd80000 fffff800`0cda8000 mcupdate_AuthenticAMD (deferred)
fffff800`0cdb0000 fffff800`0cdb6000 hal (deferred)
fffff800`0cdc0000 fffff800`0cdcb000 kd (deferred)
fffff800`0cdd0000 fffff800`0cdf7000 tm (deferred)
fffff800`0ce00000 fffff800`0ce6a000 CLFS (deferred)
fffff800`0ce70000 fffff800`0ce8a000 PSHED (deferred)
fffff800`0ce90000 fffff800`0ce9b000 BOOTVID (deferred)
fffff800`0cea0000 fffff800`0cfb7000 clipsp (deferred)
fffff800`0cfc0000 fffff800`0d02d000 FLTMGR (deferred)
fffff800`0d030000 fffff800`0d059000 ksecdd (deferred)
fffff800`0d060000 fffff800`0d0c1000 msrpc (deferred)
fffff800`0d0d0000 fffff800`0d0de000 cmimcext (deferred)
fffff800`0d0e0000 fffff800`0d0f1000 werkernel (deferred)
fffff800`0d100000 fffff800`0d10c000 ntosext (deferred)
fffff800`0d110000 fffff800`0d123000 WDFLDR (deferred)
fffff800`0d130000 fffff800`0d13f000 SleepStudyHelper (deferred)
fffff800`0d140000 fffff800`0d151000 WppRecorder (deferred)
fffff800`0d160000 fffff800`0d17a000 SgrmAgent (deferred)
fffff800`0f400000 fffff800`10446000 nt (pdb symbols) C:\ProgramData\Dbg\sym\ntkrnlmp.pdb\FAC23FDF33278E927073EF9A1F1AF2A21\ntkrnlmp.pdb
fffff800`12600000 fffff800`126e7000 CI (deferred)
fffff800`126f0000 fffff800`127ab000 cng (deferred)
fffff800`127b0000 fffff800`12881000 Wdf01000 (deferred)
fffff800`12890000 fffff800`128b6000 acpiex (deferred)
fffff800`128c0000 fffff800`1298c000 ACPI (deferred)
fffff800`12990000 fffff800`1299c000 WMILIB (deferred)
fffff800`129a0000 fffff800`129ab000 msisadrv (deferred)
fffff800`129b0000 fffff800`129f4000 tpm (deferred)
fffff800`12a00000 fffff800`12a78000 pci (deferred)
fffff800`12aa0000 fffff800`12b0b000 intelpep (deferred)
fffff800`12b10000 fffff800`12b27000 WindowsTrustedRT (deferred)
fffff800`12b30000 fffff800`12b3b000 IntelTA (deferred)
fffff800`12b40000 fffff800`12b4b000 WindowsTrustedRTProxy (deferred)
fffff800`12b50000 fffff800`12b64000 pcw (deferred)
fffff800`12b70000 fffff800`12b85000 vdrvroot (deferred)
fffff800`12b90000 fffff800`12bbf000 pdc (deferred)
fffff800`12bc0000 fffff800`12bd9000 CEA (deferred)
fffff800`12be0000 fffff800`12c11000 partmgr (deferred)
fffff800`12c20000 fffff800`12cca000 spaceport (deferred)
fffff800`12cd0000 fffff800`12ce9000 volmgr (deferred)
fffff800`12cf0000 fffff800`12d53000 volmgrx (deferred)
fffff800`12d60000 fffff800`12d7e000 mountmgr (deferred)
fffff800`12d80000 fffff800`12db2000 storahci (deferred)
fffff800`12dc0000 fffff800`12e75000 storport (deferred)
fffff800`12e80000 fffff800`12ead000 stornvme (deferred)
fffff800`12eb0000 fffff800`12ecc000 EhStorClass (deferred)
fffff800`12ed0000 fffff800`12eea000 fileinfo (deferred)
fffff800`12ef0000 fffff800`12f30000 Wof (deferred)
fffff800`12f40000 fffff800`12fb2000 WdFilter (deferred)
fffff800`12fc0000 fffff800`13297000 Ntfs (deferred)
fffff800`132a0000 fffff800`132ad000 Fs_Rec (deferred)
fffff800`132b0000 fffff800`1341f000 ndis (deferred)
fffff800`13420000 fffff800`134b8000 NETIO (deferred)
fffff800`134c0000 fffff800`134f2000 ksecpkg (deferred)
fffff800`13500000 fffff800`13521000 amdpsp (deferred)
fffff800`13530000 fffff800`1381c000 tcpip (deferred)
fffff800`13820000 fffff800`1389f000 fwpkclnt (deferred)
fffff800`138a0000 fffff800`138d0000 wfplwfs (deferred)
fffff800`138e0000 fffff800`139a9000 fvevol (deferred)
fffff800`139b0000 fffff800`139bb000 volume (deferred)
fffff800`139c0000 fffff800`13a2d000 volsnap (deferred)
fffff800`13a30000 fffff800`13a80000 rdyboost (deferred)
fffff800`13a90000 fffff800`13ab6000 mup (deferred)
fffff800`13ac0000 fffff800`13ad2000 iorate (deferred)
fffff800`13b00000 fffff800`13b1f000 disk (deferred)
fffff800`13b20000 fffff800`13b8f000 CLASSPNP (deferred)
fffff800`1b400000 fffff800`1b7aa000 dxgkrnl (deferred)
fffff800`1b7b0000 fffff800`1b7c8000 watchdog (deferred)
fffff800`1b7d0000 fffff800`1b7e6000 BasicDisplay (deferred)
fffff800`1b7f0000 fffff800`1b801000 BasicRender (deferred)
fffff800`1b810000 fffff800`1b82c000 Npfs (deferred)
fffff800`1b830000 fffff800`1b841000 Msfs (deferred)
fffff800`1b850000 fffff800`1b86c000 CimFS (deferred)
fffff800`1b870000 fffff800`1b892000 tdx (deferred)
fffff800`1b8a0000 fffff800`1b8b0000 TDI (deferred)
fffff800`1b8c0000 fffff800`1b91c000 netbt (deferred)
fffff800`1b920000 fffff800`1b934000 afunix (deferred)
fffff800`1b940000 fffff800`1b9e5000 afd (deferred)
fffff800`1b9f0000 fffff800`1ba0a000 vwififlt (deferred)
fffff800`1ba10000 fffff800`1ba3b000 pacer (deferred)
fffff800`1ba40000 fffff800`1ba54000 ndiscap (deferred)
fffff800`1ba60000 fffff800`1ba74000 netbios (deferred)
fffff800`1ba80000 fffff800`1bb21000 Vid (deferred)
fffff800`1bb30000 fffff800`1bb51000 winhvr (deferred)
fffff800`1bb60000 fffff800`1bbdb000 rdbss (deferred)
fffff800`1bbe0000 fffff800`1bbf2000 nsiproxy (deferred)
fffff800`1bc00000 fffff800`1bc0e000 npsvctrig (deferred)
fffff800`1bc10000 fffff800`1bc20000 mssmbios (deferred)
fffff800`1bc30000 fffff800`1bc3a000 gpuenergydrv (deferred)
fffff800`1bc40000 fffff800`1bc6c000 dfsc (deferred)
fffff800`1bc90000 fffff800`1bcfc000 fastfat (deferred)
fffff800`1bd00000 fffff800`1bd17000 bam (deferred)
fffff800`1bd20000 fffff800`1bd6e000 ahcache (deferred)
fffff800`1bd70000 fffff800`1bd7f000 amdxe (deferred)
fffff800`1bd80000 fffff800`1bdaa000 amdfendr (deferred)
fffff800`1bdb0000 fffff800`1bdc2000 CompositeBus (deferred)
fffff800`1bdd0000 fffff800`1bddd000 kdnic (deferred)
fffff800`1bde0000 fffff800`1bdfc000 amdsafd (deferred)
fffff800`1be50000 fffff800`1be6e000 crashdmp (deferred)
fffff800`1bf30000 fffff800`1bf60000 cdrom (deferred)
fffff800`1bf70000 fffff800`1bf85000 filecrypt (deferred)
fffff800`1bf90000 fffff800`1bf9e000 tbs (deferred)
fffff800`1bfa0000 fffff800`1bfaa000 Null (deferred)
fffff800`1bfb0000 fffff800`1bfba000 Beep (deferred)
fffff800`1d000000 fffff800`1d015000 CAD (deferred)
fffff800`1d020000 fffff800`1d05c000 amdppm (deferred)
fffff800`1d060000 fffff800`1d79b000 RTKVHD64 (deferred)
fffff800`1d7a0000 fffff800`1d7c7000 bindflt (deferred)
fffff800`1d7d0000 fffff800`1d7e8000 lltdio (deferred)
fffff800`1d7f0000 fffff800`1d808000 mslldp (deferred)
fffff800`1d810000 fffff800`1d82b000 rspndr (deferred)
fffff800`1d830000 fffff800`1d84d000 wanarp (deferred)
fffff800`1d850000 fffff800`1d868000 ndisuio (deferred)
fffff800`1d870000 fffff800`1d92f000 nwifi (deferred)
fffff800`1d930000 fffff800`1d986000 msquic (deferred)
fffff800`1daa0000 fffff800`1db06000 portcls (deferred)
fffff800`1db10000 fffff800`1db31000 drmk (deferred)
fffff800`1db40000 fffff800`1dbb6000 ks (deferred)
fffff800`1dbc0000 fffff800`1dbcf000 ksthunk (deferred)
fffff800`1dbd0000 fffff800`1dbe5000 umbus (deferred)
fffff800`26c00000 fffff800`26d1c000 rt640x64 (deferred)
fffff800`26d20000 fffff800`26d74000 usbvideo (deferred)
fffff800`26d80000 fffff800`26d91000 kbdhid (deferred)
fffff800`26dd0000 fffff800`26dfd000 dump_stornvme (deferred)
fffff800`26e20000 fffff800`26e3d000 dump_dumpfve (deferred)
fffff800`26e40000 fffff800`26f21000 dxgmms2 (deferred)
fffff800`26f30000 fffff800`26f4b000 monitor (deferred)
fffff800`26f50000 fffff800`26f79000 luafv (deferred)
fffff800`26f80000 fffff800`26fb6000 wcifs (deferred)
fffff800`26fc0000 fffff800`27014000 WUDFRd (deferred)
fffff800`27030000 fffff800`296ce000 nvlddmkm (deferred)
fffff800`296d0000 fffff800`296f5000 HDAudBus (deferred)
fffff800`29700000 fffff800`29781000 cldflt (deferred)
fffff800`29790000 fffff800`297a4000 mmcss (deferred)
fffff800`297b0000 fffff800`297be000 WpdUpFltr (deferred)
fffff800`297c0000 fffff800`297da000 storqosflt (deferred)
fffff800`30800000 fffff800`3080e000 vwifibus (deferred)
fffff800`30810000 fffff800`30994000 BTHport (deferred)
fffff800`309a0000 fffff800`309af000 dump_dumpstorport (deferred)
fffff800`309b0000 fffff800`314f1000 rtwlane (deferred)
fffff800`31500000 fffff800`315f2000 wdiwifi (deferred)
fffff800`40000000 fffff800`40598000 amdacpbus (deferred)
fffff800`405a0000 fffff800`405c1000 i8042prt (deferred)
fffff800`405d0000 fffff800`405e4000 kbdclass (deferred)
fffff800`405f0000 fffff800`405ff000 CmBatt (deferred)
fffff800`40600000 fffff800`40610000 BATTC (deferred)
fffff800`40620000 fffff800`40634000 AcpiVpc (deferred)
fffff800`40640000 fffff800`4064c000 wmiacpi (deferred)
fffff800`40650000 fffff800`4065d000 amdgpio2 (deferred)
fffff800`40660000 fffff800`40692000 msgpioclx (deferred)
fffff800`406a0000 fffff800`406b2000 amdi2c (deferred)
fffff800`406c0000 fffff800`406da000 SpbCx (deferred)
fffff800`406e0000 fffff800`406ee000 UEFI (deferred)
fffff800`406f0000 fffff800`40700000 nvvad64v (deferred)
fffff800`40710000 fffff800`4071d000 NvModuleTracker (deferred)
fffff800`40720000 fffff800`40730000 nvvhci (deferred)
fffff800`40740000 fffff800`4074a000 amdfendrmgr (deferred)
fffff800`40750000 fffff800`4075d000 NdisVirtualBus (deferred)
fffff800`40760000 fffff800`4076c000 swenum (deferred)
fffff800`40770000 fffff800`4077e000 rdpbus (deferred)
fffff800`40780000 fffff800`40795000 hidi2c (deferred)
fffff800`407a0000 fffff800`407ab000 mshidkmdf (deferred)
fffff800`407b0000 fffff800`407ef000 HIDCLASS (deferred)
fffff800`407f0000 fffff800`40803000 HIDPARSE (deferred)
fffff800`40810000 fffff800`408b3000 UsbHub3 (deferred)
fffff800`408c0000 fffff800`408ce000 USBD (deferred)
fffff800`408d0000 fffff800`408e0000 mouhid (deferred)
fffff800`408f0000 fffff800`40903000 mouclass (deferred)
fffff800`40910000 fffff800`4091c000 MTConfig (deferred)
fffff800`40920000 fffff800`40940000 nvhda64v (deferred)
fffff800`40950000 fffff800`40984000 usbccgp (deferred)
fffff800`40990000 fffff800`409b6000 USBSTOR (deferred)
fffff800`409c0000 fffff800`40a90000 RtkBtfilter (deferred)
fffff800`40ab0000 fffff800`44eba000 amdkmdag (deferred)
fffff800`44ec0000 fffff800`44f5e000 USBXHCI (deferred)
fffff800`44f60000 fffff800`44fa4000 ucx01000 (deferred)
fffff800`44fb0000 fffff800`44fd1000 BTHUSB (deferred)
fffff800`44fe0000 fffff800`44ff2000 hidusb (deferred)
fffff800`7c800000 fffff800`7c846000 mrxsmb20 (deferred)
fffff800`7c850000 fffff800`7c85d000 AMDRyzenMasterDriver (deferred)
fffff800`7c860000 fffff800`7c8b6000 srvnet (deferred)
fffff800`7c8c0000 fffff800`7c8e7000 Ndu (deferred)
fffff800`7c8f0000 fffff800`7c942000 mrxsmb10 (deferred)
fffff800`7c950000 fffff800`7ca27000 peauth (deferred)
fffff800`7ca30000 fffff800`7ca45000 tcpipreg (deferred)
fffff800`7ca50000 fffff800`7cb17000 srv2 (deferred)
fffff800`7cb20000 fffff800`7cb33000 vwifimp (deferred)
fffff800`7cb40000 fffff800`7cb5c000 rassstp (deferred)
fffff800`7cb60000 fffff800`7cb7d000 NDProxy (deferred)
fffff800`7cb80000 fffff800`7cba7000 AgileVpn (deferred)
fffff800`7cbb0000 fffff800`7cbd1000 rasl2tp (deferred)
fffff800`7cbe0000 fffff800`7cc01000 raspptp (deferred)
fffff800`7cc10000 fffff800`7cc2c000 raspppoe (deferred)
fffff800`7cc30000 fffff800`7cc3f000 ndistapi (deferred)
fffff800`7cc40000 fffff800`7cc7a000 ndiswan (deferred)
fffff800`7cc80000 fffff800`7cc92000 condrv (deferred)
fffff800`7cca0000 fffff800`7ccbb000 WdNisDrv (deferred)
fffff800`7ccc0000 fffff800`7ccfd000 rfcomm (deferred)
fffff800`7cd00000 fffff800`7cd22000 BthEnum (deferred)
fffff800`7cd30000 fffff800`7cd56000 bthpan (deferred)
fffff800`7cd60000 fffff800`7cd81000 Microsoft_Bluetooth_Legacy_LEEnumerator (deferred)
fffff800`7d170000 fffff800`7d2f7000 HTTP (deferred)
fffff800`7d300000 fffff800`7d325000 bowser (deferred)
fffff800`7d330000 fffff800`7d34a000 mpsdrv (deferred)
fffff800`7d350000 fffff800`7d3e5000 mrxsmb (deferred)
fffffe95`7f600000 fffffe95`7f8d3000 win32kbase (deferred)
fffffe95`7f8e0000 fffffe95`7fc95000 win32kfull (deferred)
fffffe95`7fca0000 fffffe95`7fce9000 cdd (deferred)
fffffe95`80360000 fffffe95`803fa000 win32k # (pdb symbols) C:\ProgramData\Dbg\sym\win32k.pdb\48D900D36D061D26B056B74A830DF0DE1\win32k.pdb
Unloaded modules:
fffff800`7cd90000 fffff800`7cda1000 MSKSSRV.sys
fffff800`297e0000 fffff800`297f1000 MSKSSRV.sys
fffff800`1be80000 fffff800`1be90000 dump_storpor
fffff800`1bec0000 fffff800`1beee000 dump_stornvm
fffff800`1bf10000 fffff800`1bf2e000 dump_dumpfve
fffff800`40aa0000 fffff800`40aac000 WdmCompanion
fffff800`1bc70000 fffff800`1bc8c000 dam.sys
fffff800`12a80000 fffff800`12a91000 WdBoot.sys
fffff800`13ae0000 fffff800`13af1000 hwpolicy.sys