Microsoft (R) Windows Debugger Version 6.3.9600.17298 AMD64 Copyright (c) Microsoft Corporation. All rights reserved. Loading Dump File [C:\Windows\MEMORY.DMP] Kernel Bitmap Dump File: Full address space is available ************* Symbol Path validation summary ************** Response Time (ms) Location Deferred srv*c:\symcache*http://msdl.microsoft.com/download/symbols Symbol search path is: srv*c:\symcache*http://msdl.microsoft.com/download/symbols Executable search path is: Windows 8 Kernel Version 9600 MP (2 procs) Free x64 Product: WinNt, suite: TerminalServer SingleUserTS Personal Built by: 9600.17328.amd64fre.winblue_r3.140827-1500 Machine Name: Kernel base = 0xfffff800`3668a000 PsLoadedModuleList = 0xfffff800`36960370 Debug session time: Wed Nov 12 03:49:22.876 2014 (UTC + 0:00) System Uptime: 0 days 0:23:13.623 Loading Kernel Symbols ............................................................... ................................................................ ................................................... Loading User Symbols ................................................................ ...................................... Loading unloaded module list .............................................................................. ******************************************************************************* * * * Bugcheck Analysis * * * ******************************************************************************* Use !analyze -v to get detailed debugging information. BugCheck 3B, {80000003, fffff8017f0c7ed4, ffffd00035a8c0f0, 0} *** ERROR: Symbol file could not be found. Defaulted to export symbols for VBoxDrv.sys - *** ERROR: Module load completed but symbols could not be loaded for aswSnx.sys Probably caused by : VBoxDrv.sys ( VBoxDrv!SUPR0GetKernelFeatures+1024 ) Followup: MachineOwner --------- 0: kd> !analyze -v ******************************************************************************* * * * Bugcheck Analysis * * * ******************************************************************************* SYSTEM_SERVICE_EXCEPTION (3b) An exception happened while executing a system service routine. Arguments: Arg1: 0000000080000003, Exception code that caused the bugcheck Arg2: fffff8017f0c7ed4, Address of the instruction which caused the bugcheck Arg3: ffffd00035a8c0f0, Address of the context record for the exception that caused the bugcheck Arg4: 0000000000000000, zero. Debugging Details: ------------------ EXCEPTION_CODE: (HRESULT) 0x80000003 (2147483651) - One or more arguments are invalid FAULTING_IP: VBoxDrv!SUPR0GetKernelFeatures+1024 fffff801`7f0c7ed4 cc int 3 CONTEXT: ffffd00035a8c0f0 -- (.cxr 0xffffd00035a8c0f0;r) rax=0000000000000001 rbx=ffffe001afeae710 rcx=ffffd00035a8caf0 rdx=0000000000000008 rsi=00000000ffffffff rdi=0000000000000000 rip=fffff8017f0c7ed4 rsp=ffffd00035a8cb20 rbp=0000000000001368 r8=0000000000000065 r9=0000000000000001 r10=0000000000000001 r11=ffffd00035a8ca68 r12=0000000000000be4 r13=ffffe001a857b418 r14=ffffd00035a8cdd0 r15=ffffc0013f9649b8 iopl=0 nv up ei ng nz na pe nc cs=0010 ss=0018 ds=002b es=002b fs=0053 gs=002b efl=00000282 VBoxDrv!SUPR0GetKernelFeatures+0x1024: fffff801`7f0c7ed4 cc int 3 Last set context: rax=0000000000000001 rbx=ffffe001afeae710 rcx=ffffd00035a8caf0 rdx=0000000000000008 rsi=00000000ffffffff rdi=0000000000000000 rip=fffff8017f0c7ed4 rsp=ffffd00035a8cb20 rbp=0000000000001368 r8=0000000000000065 r9=0000000000000001 r10=0000000000000001 r11=ffffd00035a8ca68 r12=0000000000000be4 r13=ffffe001a857b418 r14=ffffd00035a8cdd0 r15=ffffc0013f9649b8 iopl=0 nv up ei ng nz na pe nc cs=0010 ss=0018 ds=002b es=002b fs=0053 gs=002b efl=00000282 VBoxDrv!SUPR0GetKernelFeatures+0x1024: fffff801`7f0c7ed4 cc int 3 Resetting default scope DEFAULT_BUCKET_ID: WIN8_DRIVER_FAULT BUGCHECK_STR: 0x3B PROCESS_NAME: svchost.exe CURRENT_IRQL: 2 ANALYSIS_VERSION: 6.3.9600.17298 (debuggers(dbg).141024-1500) amd64fre LAST_CONTROL_TRANSFER: from fffff8017f0c9935 to fffff8017f0c7ed4 STACK_TEXT: ffffd000`35a8cb20 fffff801`7f0c9935 : ffffe001`afeae790 00000000`00001368 ffffe001`afeae710 ffffc001`4b6a4df0 : VBoxDrv!SUPR0GetKernelFeatures+0x1024 ffffd000`35a8cb50 fffff801`7f0c9eec : 00000000`00000000 ffffe001`afeae790 00000000`00000000 ffffc001`4482c720 : VBoxDrv!SUPR0GetKernelFeatures+0x2a85 ffffd000`35a8cb80 fffff800`36aafdfb : ffffc001`3f964980 00000000`00000000 ffffc001`4ab8a720 ffffe001`000007aa : VBoxDrv!SUPR0GetKernelFeatures+0x303c ffffd000`35a8cbc0 fffff800`36a41b14 : ffffc001`4ac54a00 00000000`00000000 ffffd000`35a8cd60 ffffd000`35a8cf90 : nt!ObpCallPreOperationCallbacks+0x16f ffffd000`35a8cc40 fffff800`36a5cf8c : ffffe001`af789080 00000000`00000000 00000000`00000000 ffffe001`001fffff : nt!ObpCreateHandle+0xa04 ffffd000`35a8ce70 fffff800`36a5cb4b : 00000000`00000000 00000000`00000001 00000000`00000000 00000000`00000000 : nt!PsOpenProcess+0x43c ffffd000`35a8d160 fffff801`7eae099c : 00000000`00000d00 ffffd000`35a8dc80 ffffd000`35a8d1d0 ffffe001`b006e110 : nt!NtOpenProcess+0x23 ffffd000`35a8d1a0 fffff801`7eba3200 : 00000000`00000000 ffffd000`001fffff 00000046`d61cf560 00000000`00000000 : aswSnx+0x2999c ffffd000`35a8d2b0 fffff801`7eaba798 : ffffe001`afddad40 00000000`00000000 00000000`00000001 00000000`00000000 : aswSnx+0xec200 ffffd000`35a8d930 fffff800`36a4e15f : 00000000`00000000 00000000`00000000 ffffe001`aea0c010 00000000`00000001 : aswSnx+0x3798 ffffd000`35a8d980 fffff800`36a4fa76 : 00000400`00000001 00000000`00000000 00000000`00000000 00000000`00000000 : nt!IopXxxControlFile+0xa4f ffffd000`35a8db20 fffff800`367e49b3 : ffffe001`af789080 00000046`d61cf8a8 ffffd000`35a8dba8 00000000`00000000 : nt!NtDeviceIoControlFile+0x56 ffffd000`35a8db90 00007fff`7d1316ea : 00007ffe`fd2600ff 00000046`d486bcc0 00007fff`73571621 00000000`0000000c : nt!KiSystemServiceCopyEnd+0x13 00000046`d61cf4b8 00007ffe`fd2600ff : 00000046`d486bcc0 00007fff`73571621 00000000`0000000c 00000000`00000004 : ntdll!NtDeviceIoControlFile+0xa 00000046`d61cf4c0 00000046`d486bcc0 : 00007fff`73571621 00000000`0000000c 00000000`00000004 00007ffe`fd26065c : 0x00007ffe`fd2600ff 00000046`d61cf4c8 00007fff`73571621 : 00000000`0000000c 00000000`00000004 00007ffe`fd26065c ffffffff`82ac8004 : 0x00000046`d486bcc0 00000046`d61cf4d0 00007fff`7a592dde : 00000000`000007d0 00000046`d48e0250 00000000`00000be4 00000000`00000000 : pcasvc!PcaEventTriagerExecute+0x89 00000046`d61cf530 00007fff`73574253 : 00000000`00000000 00000046`d61cf6a0 00000000`00000000 00000000`00000000 : KERNELBASE!OpenProcess+0x4e 00000046`d61cf5a0 00007fff`7357409e : 00000000`00000000 00000000`00000000 00000000`00000000 00000046`d488fdf0 : pcasvc!PcaChainManagerProcessStart+0x193 00000046`d61cf8b0 00007fff`73573e76 : 00000046`d488fdf0 00000000`00000000 00000000`00000000 00000000`00000000 : pcasvc!PcapProcessStartCallback+0x16 00000046`d61cf8f0 00007fff`7be916ad : 00000000`00000006 00000000`00001368 00000046`d630ffb0 00000000`00000000 : pcasvc!PcapJobTrackerThread+0xa2 00000046`d61cf930 00007fff`7d0f4409 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : KERNEL32!BaseThreadInitThunk+0xd 00000046`d61cf960 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : ntdll!RtlUserThreadStart+0x1d FOLLOWUP_IP: VBoxDrv!SUPR0GetKernelFeatures+1024 fffff801`7f0c7ed4 cc int 3 SYMBOL_STACK_INDEX: 0 SYMBOL_NAME: VBoxDrv!SUPR0GetKernelFeatures+1024 FOLLOWUP_NAME: MachineOwner MODULE_NAME: VBoxDrv IMAGE_NAME: VBoxDrv.sys DEBUG_FLR_IMAGE_TIMESTAMP: 54391470 STACK_COMMAND: .cxr 0xffffd00035a8c0f0 ; kb BUCKET_ID_FUNC_OFFSET: 1024 FAILURE_BUCKET_ID: 0x3B_VBoxDrv!SUPR0GetKernelFeatures BUCKET_ID: 0x3B_VBoxDrv!SUPR0GetKernelFeatures ANALYSIS_SOURCE: KM FAILURE_ID_HASH_STRING: km:0x3b_vboxdrv!supr0getkernelfeatures FAILURE_ID_HASH: {f0802ef1-a112-42bb-e16c-5e16864d095d} Followup: MachineOwner --------- 0: kd> lmvm VBoxDrv start end module name fffff801`7f0b9000 fffff801`7f19e000 VBoxDrv (export symbols) VBoxDrv.sys Loaded symbol image file: VBoxDrv.sys Image path: \SystemRoot\system32\DRIVERS\VBoxDrv.sys Image name: VBoxDrv.sys Timestamp: Sat Oct 11 12:28:48 2014 (54391470) CheckSum: 000EEA0A ImageSize: 000E5000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4