Win19041 R5-3500X BugCheck

It run into a bugcheck.

```
Microsoft (R) Windows Debugger Version 10.0.22621.755 AMD64
Copyright (c) Microsoft Corporation. All rights reserved.


Loading Dump File [C:\Windows\Minidump\012323-13015-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available

Symbol search path is: srv*
Executable search path is: 
Windows 10 Kernel Version 19041 MP (6 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS
Machine Name:
Kernel base = 0xfffff804`10400000 PsLoadedModuleList = 0xfffff804`1102a310
Debug session time: Mon Jan 23 00:23:18.773 2023 (UTC + 8:00)
System Uptime: 0 days 0:22:39.505
Loading Kernel Symbols
..

Press ctrl-c (cdb, kd, ntsd) or ctrl-break (windbg) to abort symbol loads that take too long.
Run !sym noisy before .reload to track down problems loading symbols.

.............................................................
................................................................
................................................................
.......
Loading User Symbols
Loading unloaded module list
.....
For analysis of this file, run !analyze -v
3: kd> !analyze -v
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

KERNEL_SECURITY_CHECK_FAILURE (139)
A kernel component has corrupted a critical data structure.  The corruption
could potentially allow a malicious user to gain control of this machine.
Arguments:
Arg1: 0000000000000004, The thread's stack pointer was outside the legal stack
	extents for the thread.
Arg2: ffffd200a22f7510, Address of the trap frame for the exception that caused the BugCheck
Arg3: ffffd200a22f7468, Address of the exception record for the exception that caused the BugCheck
Arg4: 0000000000000000, Reserved

Debugging Details:
------------------

*** WARNING: Unable to verify timestamp for SimpleSvmHook.sys

KEY_VALUES_STRING: 1

    Key  : Analysis.CPU.mSec
    Value: 1718

    Key  : Analysis.DebugAnalysisManager
    Value: Create

    Key  : Analysis.Elapsed.mSec
    Value: 4457

    Key  : Analysis.Init.CPU.mSec
    Value: 1015

    Key  : Analysis.Init.Elapsed.mSec
    Value: 52591

    Key  : Analysis.Memory.CommitPeak.Mb
    Value: 89

    Key  : FailFast.Name
    Value: INCORRECT_STACK

    Key  : FailFast.Type
    Value: 4


FILE_IN_CAB:  012323-13015-01.dmp

DUMP_FILE_ATTRIBUTES: 0x8
  Kernel Generated Triage Dump

BUGCHECK_CODE:  139

BUGCHECK_P1: 4

BUGCHECK_P2: ffffd200a22f7510

BUGCHECK_P3: ffffd200a22f7468

BUGCHECK_P4: 0

TRAP_FRAME:  48bc75de3b490005 -- (.trap 0x48bc75de3b490005)
Unable to read trap frame at 48bc75de`3b490005

EXCEPTION_RECORD:  ffffd200a22f7468 -- (.exr 0xffffd200a22f7468)
ExceptionAddress: fffff8041084ea79 (nt!RtlpGetStackLimitsEx+0x00000000001c9dd9)
   ExceptionCode: c0000409 (Security check failure or stack buffer overrun)
  ExceptionFlags: 00000001
NumberParameters: 1
   Parameter[0]: 0000000000000004
Subcode: 0x4 FAST_FAIL_INCORRECT_STACK 

BLACKBOXBSD: 1 (!blackboxbsd)


BLACKBOXNTFS: 1 (!blackboxntfs)


BLACKBOXWINLOGON: 1

CUSTOMER_CRASH_COUNT:  1

PROCESS_NAME:  crossfire.exe

ERROR_CODE: (NTSTATUS) 0xc0000409 - The system detected an overrun of a stack-based buffer in this application. This overrun could potentially allow a malicious user to gain control of this application.

EXCEPTION_CODE_STR:  c0000409

EXCEPTION_PARAMETER1:  0000000000000004

EXCEPTION_STR:  0xc0000409

STACK_TEXT:  
ffffd200`a22f71e8 fffff804`10805e69     : 00000000`00000139 00000000`00000004 ffffd200`a22f7510 ffffd200`a22f7468 : nt!KeBugCheckEx
ffffd200`a22f71f0 fffff804`10806290     : 89481024`6c894808 20ec8348`57182474 33002b8d`c90d8d48 8b48ff98`3fe2e8db : nt!KiBugCheckDispatch+0x69
ffffd200`a22f7330 fffff804`10804623     : 840f07e8`83c38b00 7401e883`0000008e e8835674`01e88372 1e7401e8`833a7401 : nt!KiFastFailDispatch+0xd0
ffffd200`a22f7510 fffff804`1084ea79     : ffffd200`a22f7920 ffffbc0e`8c5f7bd8 ffffd200`a22f7710 00000000`00000000 : nt!KiRaiseSecurityCheckFailure+0x323
ffffd200`a22f76a0 fffff804`10684e71     : ffffd200`a22f7920 00000000`00000000 00000000`00000000 00000000`00000003 : nt!RtlpGetStackLimitsEx+0x1c9dd9
ffffd200`a22f76d0 fffff804`10683ce6     : ffffbc0e`8c5f7bd8 ffffd200`a22f7e20 ffffbc0e`8c5f7bd8 ffffbc0e`8ee5bec0 : nt!RtlDispatchException+0xe1
ffffd200`a22f78f0 fffff804`107f4d32     : 6857baff`fffc77e8 6c4ee8cf`8b486165 48bc75de`3b490005 246c8b48`30245c8b : nt!KiDispatchException+0x186
ffffd200`a22f7fb0 fffff804`107f4d00     : fffff804`10805fa5 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KxExceptionDispatchOnExceptionStack+0x12
ffffbc0e`8c5f7a98 fffff804`10805fa5     : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiExceptionDispatchOnExceptionStackContinue
ffffbc0e`8c5f7aa0 fffff804`10801ce0     : 00000000`02bf0000 00000000`00000001 00000007`fb279000 fffff804`206018f2 : nt!KiExceptionDispatch+0x125
ffffbc0e`8c5f7c80 fffff804`20606488     : ffffbc0e`8903ca50 fffff804`206033af fffff804`10db2030 fffff804`206067fc : nt!KiGeneralProtectionFault+0x320
ffffbc0e`8c5f7e10 ffffbc0e`8903ca50     : fffff804`206033af fffff804`10db2030 fffff804`206067fc 40000001`00000000 : SimpleSvmHook+0x6488
ffffbc0e`8c5f7e18 fffff804`206033af     : fffff804`10db2030 fffff804`206067fc 40000001`00000000 00000001`00870f10 : 0xffffbc0e`8903ca50
ffffbc0e`8c5f7e20 fffff804`10db202f     : fffff804`206067fc 40000001`00000000 00000001`00870f10 fffff804`20609060 : SimpleSvmHook+0x33af
ffffbc0e`8c5f7e28 fffff804`206067fc     : 40000001`00000000 00000001`00870f10 fffff804`20609060 00000001`00000015 : nt!ExFreePool+0x1f
ffffbc0e`8c5f7e30 40000001`00000000     : 00000001`00870f10 fffff804`20609060 00000001`00000015 00000000`0000020c : SimpleSvmHook+0x67fc
ffffbc0e`8c5f7e38 00000001`00870f10     : fffff804`20609060 00000001`00000015 00000000`0000020c fffff804`20606641 : 0x40000001`00000000
ffffbc0e`8c5f7e40 fffff804`20609060     : 00000001`00000015 00000000`0000020c fffff804`20606641 ffffbc0e`8c5f2000 : 0x00000001`00870f10
ffffbc0e`8c5f7e48 00000001`00000015     : 00000000`0000020c fffff804`20606641 ffffbc0e`8c5f2000 ffffbc0e`8c5f7eb0 : SimpleSvmHook+0x9060
ffffbc0e`8c5f7e50 00000000`0000020c     : fffff804`20606641 ffffbc0e`8c5f2000 ffffbc0e`8c5f7eb0 00000000`00000000 : 0x00000001`00000015
ffffbc0e`8c5f7e58 fffff804`20606641     : ffffbc0e`8c5f2000 ffffbc0e`8c5f7eb0 00000000`00000000 00000000`00000000 : 0x20c
ffffbc0e`8c5f7e60 ffffbc0e`8c5f2000     : ffffbc0e`8c5f7eb0 00000000`00000000 00000000`00000000 00000000`00000000 : SimpleSvmHook+0x6641
ffffbc0e`8c5f7e68 ffffbc0e`8c5f7eb0     : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0xffffbc0e`8c5f2000
ffffbc0e`8c5f7e70 00000000`00000000     : 00000000`00000000 00000000`00000000 00000000`00000000 00000001`00000000 : 0xffffbc0e`8c5f7eb0


SYMBOL_NAME:  SimpleSvmHook+6488

MODULE_NAME: SimpleSvmHook

IMAGE_NAME:  SimpleSvmHook.sys

STACK_COMMAND:  .cxr; .ecxr ; kb

BUCKET_ID_FUNC_OFFSET:  6488

FAILURE_BUCKET_ID:  0x139_MISSING_GSFRAME_SimpleSvmHook!unknown_function

OSPLATFORM_TYPE:  x64

OSNAME:  Windows 10

FAILURE_ID_HASH:  {fc016bc3-df79-ffa1-17aa-7b22dbcf9962}

Followup:     MachineOwner
---------

```

It seems that it crashed at [VmmMain.cpp][Line:250]

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Win19041 R5-3500X BugCheck #10

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Win19041 R5-3500X BugCheck #10

Description

Metadata

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Issue actions