kd> !analyze -v ******************************************************************************* * * * Bugcheck Analysis * * * ******************************************************************************* KMODE_EXCEPTION_NOT_HANDLED (1e) This is a very common BugCheck. Usually the exception address pinpoints the driver/function that caused the problem. Always note this address as well as the link date of the driver/image that contains this address. Arguments: Arg1: ffffffff80000003, The exception code that was not handled Arg2: fffff8066f898cf9, The address that the exception occurred at Arg3: 0000000000000000, Parameter 0 of the exception Arg4: ffffad8aaca00160, Parameter 1 of the exception Debugging Details: ------------------ ************************************************************************* *** *** *** *** *** Either you specified an unqualified symbol, or your debugger *** *** doesn't have full symbol information. Unqualified symbol *** *** resolution is turned off by default. Please either specify a *** *** fully qualified symbol module!symbolname, or enable resolution *** *** of unqualified symbols by typing ".symopt- 100". Note that *** *** enabling unqualified symbol resolution with network symbol *** *** server shares in the symbol path may cause the debugger to *** *** appear to hang for long periods of time when an incorrect *** *** symbol name is typed or the network symbol server is down. *** *** *** *** For some commands to work properly, your symbol path *** *** must point to .pdb files that have full type information. *** *** *** *** Certain .pdb files (such as the public OS symbols) do not *** *** contain the required information. Contact the group that *** *** provided you with these symbols if you need this command to *** *** work. *** *** *** *** Type referenced: ExceptionRecord *** *** *** ************************************************************************* ************************************************************************* *** *** *** *** *** Either you specified an unqualified symbol, or your debugger *** *** doesn't have full symbol information. Unqualified symbol *** *** resolution is turned off by default. Please either specify a *** *** fully qualified symbol module!symbolname, or enable resolution *** *** of unqualified symbols by typing ".symopt- 100". Note that *** *** enabling unqualified symbol resolution with network symbol *** *** server shares in the symbol path may cause the debugger to *** *** appear to hang for long periods of time when an incorrect *** *** symbol name is typed or the network symbol server is down. *** *** *** *** For some commands to work properly, your symbol path *** *** must point to .pdb files that have full type information. *** *** *** *** Certain .pdb files (such as the public OS symbols) do not *** *** contain the required information. Contact the group that *** *** provided you with these symbols if you need this command to *** *** work. *** *** *** *** Type referenced: ContextRecord *** *** *** ************************************************************************* KEY_VALUES_STRING: 1 Key : Analysis.CPU.mSec Value: 4046 Key : Analysis.Elapsed.mSec Value: 6751 Key : Analysis.IO.Other.Mb Value: 12 Key : Analysis.IO.Read.Mb Value: 12 Key : Analysis.IO.Write.Mb Value: 36 Key : Analysis.Init.CPU.mSec Value: 1890 Key : Analysis.Init.Elapsed.mSec Value: 638216 Key : Analysis.Memory.CommitPeak.Mb Value: 93 Key : Bugcheck.Code.LegacyAPI Value: 0x1e Key : Dump.Attributes.AsUlong Value: c Key : Dump.Attributes.InsufficientDumpfileSize Value: 1 Key : Dump.Attributes.KernelGeneratedTriageDump Value: 1 Key : Dump.Attributes.RequiredDumpfileSize Value: 0x5c4aeb9d Key : Failure.Bucket Value: 0x1E_80000003_hprdbghv!unknown_function Key : Failure.Hash Value: {d8c9f97e-63d4-adf9-a231-4e35376ae483} Key : Hypervisor.Enlightenments.Value Value: 12576 Key : Hypervisor.Enlightenments.ValueHex Value: 3120 Key : Hypervisor.Flags.AnyHypervisorPresent Value: 1 Key : Hypervisor.Flags.ApicEnlightened Value: 0 Key : Hypervisor.Flags.ApicVirtualizationAvailable Value: 0 Key : Hypervisor.Flags.AsyncMemoryHint Value: 0 Key : Hypervisor.Flags.CoreSchedulerRequested Value: 0 Key : Hypervisor.Flags.CpuManager Value: 0 Key : Hypervisor.Flags.DeprecateAutoEoi Value: 1 Key : Hypervisor.Flags.DynamicCpuDisabled Value: 0 Key : Hypervisor.Flags.Epf Value: 0 Key : Hypervisor.Flags.ExtendedProcessorMasks Value: 0 Key : Hypervisor.Flags.HardwareMbecAvailable Value: 0 Key : Hypervisor.Flags.MaxBankNumber Value: 0 Key : Hypervisor.Flags.MemoryZeroingControl Value: 0 Key : Hypervisor.Flags.NoExtendedRangeFlush Value: 1 Key : Hypervisor.Flags.NoNonArchCoreSharing Value: 0 Key : Hypervisor.Flags.Phase0InitDone Value: 1 Key : Hypervisor.Flags.PowerSchedulerQos Value: 0 Key : Hypervisor.Flags.RootScheduler Value: 0 Key : Hypervisor.Flags.SynicAvailable Value: 1 Key : Hypervisor.Flags.UseQpcBias Value: 0 Key : Hypervisor.Flags.Value Value: 536632 Key : Hypervisor.Flags.ValueHex Value: 83038 Key : Hypervisor.Flags.VpAssistPage Value: 1 Key : Hypervisor.Flags.VsmAvailable Value: 0 Key : Hypervisor.RootFlags.AccessStats Value: 0 Key : Hypervisor.RootFlags.CrashdumpEnlightened Value: 0 Key : Hypervisor.RootFlags.CreateVirtualProcessor Value: 0 Key : Hypervisor.RootFlags.DisableHyperthreading Value: 0 Key : Hypervisor.RootFlags.HostTimelineSync Value: 0 Key : Hypervisor.RootFlags.HypervisorDebuggingEnabled Value: 0 Key : Hypervisor.RootFlags.IsHyperV Value: 0 Key : Hypervisor.RootFlags.LivedumpEnlightened Value: 0 Key : Hypervisor.RootFlags.MapDeviceInterrupt Value: 0 Key : Hypervisor.RootFlags.MceEnlightened Value: 0 Key : Hypervisor.RootFlags.Nested Value: 0 Key : Hypervisor.RootFlags.StartLogicalProcessor Value: 0 Key : Hypervisor.RootFlags.Value Value: 0 Key : Hypervisor.RootFlags.ValueHex Value: 0 BUGCHECK_CODE: 1e BUGCHECK_P1: ffffffff80000003 BUGCHECK_P2: fffff8066f898cf9 BUGCHECK_P3: 0 BUGCHECK_P4: ffffad8aaca00160 FILE_IN_CAB: 080923-8500-01.dmp DUMP_FILE_ATTRIBUTES: 0xc Insufficient Dumpfile Size Kernel Generated Triage Dump EXCEPTION_PARAMETER1: 0000000000000000 EXCEPTION_PARAMETER2: ffffad8aaca00160 BLACKBOXBSD: 1 (!blackboxbsd) BLACKBOXNTFS: 1 (!blackboxntfs) BLACKBOXWINLOGON: 1 CUSTOMER_CRASH_COUNT: 1 PROCESS_NAME: hyperdbg-cli.e STACK_TEXT: fffff806`6f0898e8 fffff806`68a5425b : 00000000`0000001e ffffffff`80000003 fffff806`6f898cf9 00000000`00000000 : nt!KeBugCheckEx fffff806`6f0898f0 fffff806`689fdd52 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiDispatchException+0x18aefb fffff806`6f089fb0 fffff806`689fdd20 : fffff806`68a10e65 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KxExceptionDispatchOnExceptionStack+0x12 ffff9c88`5140cad8 fffff806`68a10e65 : 00000000`00000000 00000000`00000000 00000000`00000000 ffffad8a`aca00100 : nt!KiExceptionDispatchOnExceptionStackContinue ffff9c88`5140cae0 fffff806`68a09ed0 : ffff9c88`5140cd19 00000000`00000fff fffff806`00000001 fffff806`779c2530 : nt!KiExceptionDispatch+0x125 ffff9c88`5140ccc0 fffff806`6f898cfa : ffff9c88`5140ce50 ffffad8a`acfc7000 ffffad8a`acfc7000 00000000`00000000 : nt!KiBreakpointTrap+0x310 ffff9c88`5140ce50 ffff9c88`5140ce50 : ffffad8a`acfc7000 ffffad8a`acfc7000 00000000`00000000 00000000`00000484 : hprdbghv+0x8cfa ffff9c88`5140ce58 ffffad8a`acfc7000 : ffffad8a`acfc7000 00000000`00000000 00000000`00000484 00000000`00000000 : 0xffff9c88`5140ce50 ffff9c88`5140ce60 ffffad8a`acfc7000 : 00000000`00000000 00000000`00000484 00000000`00000000 00000000`00000000 : 0xffffad8a`acfc7000 ffff9c88`5140ce68 00000000`00000000 : 00000000`00000484 00000000`00000000 00000000`00000000 fffff806`689a8303 : 0xffffad8a`acfc7000 SYMBOL_NAME: hprdbghv+8cf9 MODULE_NAME: hprdbghv IMAGE_NAME: hprdbghv.dll STACK_COMMAND: .cxr; .ecxr ; kb BUCKET_ID_FUNC_OFFSET: 8cf9 FAILURE_BUCKET_ID: 0x1E_80000003_hprdbghv!unknown_function OSPLATFORM_TYPE: x64 OSNAME: Windows 10 FAILURE_ID_HASH: {d8c9f97e-63d4-adf9-a231-4e35376ae483} Followup: MachineOwner ---------