Home
My Posts

Archive
Login
Signup

Recent Posts

Free subdomains

Want your own xyz.kpaste.net sub-domain for your community? Just type the address into your browser address bar (foo.xyz.kpaste.net is also supported).

Suggestions/Bugs?

Email us at . Try to include as much info as possible.

About

Pastebin is a tool for collaborative debugging or editing.

 

Crash in |SeImpersonateClientEx()| because invalid object ref
Posted by Anonymous on Mon 29th Apr 2024 15:17
raw | new post

Submit a correction or amendment below (click here to make a fresh posting)
After submitting an amendment, you'll be able to view the differences between the old and new posts easily.

Syntax highlighting: None Bash C C++ CSS Diff HTML mIRC Script Perl PHP Python Smarty XML ---------------------------- ABAP Actionscript ADA Apache Log AppleScript APT sources.list ASM ASP AutoIT Bash C C# C++ C++ (with QT) CSS Diff HTML INI (Config Files) Java Javascript Lua Make mIRC Script MySQL NSIS Perl PHP Python Q(uick)BASIC robots Ruby Ruby on Rails SDLBasic Smarty SQL TCL Text VB.NET Visual BASIC Visual Fox Pro Visual Prolog Windows Registry Files XML Xorg.conf

To highlight particular lines, prefix each line with {%HIGHLIGHT}
************* Preparing the environment for Debugger Extensions Gallery repositories ************** ExtensionRepository : Implicit UseExperimentalFeatureForNugetShare : true AllowNugetExeUpdate : true NonInteractiveNuget : true AllowNugetMSCredentialProviderInstall : true AllowParallelInitializationOfLocalRepositories : true EnableRedirectToV8JsProvider : false -- Configuring repositories ----> Repository : LocalInstalled, Enabled: true ----> Repository : UserExtensions, Enabled: true >>>>>>>>>>>>> Preparing the environment for Debugger Extensions Gallery repositories completed, duration 0.000 seconds ************* Waiting for Debugger Extensions Gallery to Initialize ************** >>>>>>>>>>>>> Waiting for Debugger Extensions Gallery to Initialize completed, duration 0.515 seconds ----> Repository : UserExtensions, Enabled: true, Packages count: 0 ----> Repository : LocalInstalled, Enabled: true, Packages count: 41 Microsoft (R) Windows Debugger Version 10.0.27553.1004 AMD64 Copyright (c) Microsoft Corporation. All rights reserved. Loading Dump File [C:\Windows\MEMORY.DMP] Kernel Bitmap Dump File: Kernel address space is available, User address space may not be available. ************* Path validation summary ************** Response Time (ms) Location Deferred srv* Symbol search path is: srv* Executable search path is: Windows 10 Kernel Version 19041 MP (8 procs) Free x64 Product: WinNt, suite: TerminalServer SingleUserTS Edition build lab: 19041.1.amd64fre.vb_release.191206-1406 Kernel base = 0xfffff804`5d200000 PsLoadedModuleList = 0xfffff804`5de2a2c0 Debug session time: Mon Apr 29 16:13:55.742 2024 (UTC + 2:00) System Uptime: 0 days 0:09:07.499 Loading Kernel Symbols ............................................................... ............Page f20a not present in the dump file. Type ".hh dbgerr004" for details .................................................... ................................................................ ...... Loading User Symbols PEB is paged out (Peb.Ldr = 00000078`62c69018). Type ".hh dbgerr001" for details Loading unloaded module list ...... For analysis of this file, run !analyze -v nt!KeBugCheckEx: fffff804`5d5fdaf0 48894c2408 mov qword ptr [rsp+8],rcx ss:0018:ffffad04`8d6221d0=0000000000000018 2: kd> !analyze -v ******************************************************************************* * * * Bugcheck Analysis * * * ******************************************************************************* REFERENCE_BY_POINTER (18) Arguments: Arg1: 0000000000000000, Object type of the object whose reference count is being lowered Arg2: ffffe48063d79080, Object whose reference count is being lowered Arg3: 0000000000000010, Reserved Arg4: 0000000000000001, Reserved The reference count of an object is illegal for the current state of the object. Each time a driver uses a pointer to an object the driver calls a kernel routine to increment the reference count of the object. When the driver is done with the pointer the driver calls another kernel routine to decrement the reference count. Drivers must match calls to the increment and decrement routines. This BugCheck can occur because an object's reference count goes to zero while there are still open handles to the object, in which case the fourth parameter indicates the number of opened handles. It may also occur when the object's reference count drops below zero whether or not there are open handles to the object, and in that case the fourth parameter contains the actual value of the pointer references count. Debugging Details: ------------------ Unable to load image \SystemRoot\system32\DRIVERS\nfs41_driver.sys, Win32 error 0n2 KEY_VALUES_STRING: 1 Key : Analysis.CPU.mSec Value: 4202 Key : Analysis.Elapsed.mSec Value: 6781 Key : Analysis.IO.Other.Mb Value: 0 Key : Analysis.IO.Read.Mb Value: 2 Key : Analysis.IO.Write.Mb Value: 27 Key : Analysis.Init.CPU.mSec Value: 1467 Key : Analysis.Init.Elapsed.mSec Value: 11530 Key : Analysis.Memory.CommitPeak.Mb Value: 97 Key : Bugcheck.Code.KiBugCheckData Value: 0x18 Key : Bugcheck.Code.LegacyAPI Value: 0x18 Key : Bugcheck.Code.TargetModel Value: 0x18 Key : Failure.Bucket Value: 0x18_nfs41_driver!unknown_function Key : Failure.Hash Value: {290a9a32-97e9-d474-54ba-132ba9f991b9} Key : Hypervisor.Enlightenments.Value Value: 12576 Key : Hypervisor.Enlightenments.ValueHex Value: 3120 Key : Hypervisor.Flags.AnyHypervisorPresent Value: 1 Key : Hypervisor.Flags.ApicEnlightened Value: 0 Key : Hypervisor.Flags.ApicVirtualizationAvailable Value: 0 Key : Hypervisor.Flags.AsyncMemoryHint Value: 0 Key : Hypervisor.Flags.CoreSchedulerRequested Value: 0 Key : Hypervisor.Flags.CpuManager Value: 0 Key : Hypervisor.Flags.DeprecateAutoEoi Value: 1 Key : Hypervisor.Flags.DynamicCpuDisabled Value: 0 Key : Hypervisor.Flags.Epf Value: 0 Key : Hypervisor.Flags.ExtendedProcessorMasks Value: 0 Key : Hypervisor.Flags.HardwareMbecAvailable Value: 0 Key : Hypervisor.Flags.MaxBankNumber Value: 0 Key : Hypervisor.Flags.MemoryZeroingControl Value: 0 Key : Hypervisor.Flags.NoExtendedRangeFlush Value: 1 Key : Hypervisor.Flags.NoNonArchCoreSharing Value: 0 Key : Hypervisor.Flags.Phase0InitDone Value: 1 Key : Hypervisor.Flags.PowerSchedulerQos Value: 0 Key : Hypervisor.Flags.RootScheduler Value: 0 Key : Hypervisor.Flags.SynicAvailable Value: 1 Key : Hypervisor.Flags.UseQpcBias Value: 0 Key : Hypervisor.Flags.Value Value: 536632 Key : Hypervisor.Flags.ValueHex Value: 83038 Key : Hypervisor.Flags.VpAssistPage Value: 1 Key : Hypervisor.Flags.VsmAvailable Value: 0 Key : Hypervisor.RootFlags.AccessStats Value: 0 Key : Hypervisor.RootFlags.CrashdumpEnlightened Value: 0 Key : Hypervisor.RootFlags.CreateVirtualProcessor Value: 0 Key : Hypervisor.RootFlags.DisableHyperthreading Value: 0 Key : Hypervisor.RootFlags.HostTimelineSync Value: 0 Key : Hypervisor.RootFlags.HypervisorDebuggingEnabled Value: 0 Key : Hypervisor.RootFlags.IsHyperV Value: 0 Key : Hypervisor.RootFlags.LivedumpEnlightened Value: 0 Key : Hypervisor.RootFlags.MapDeviceInterrupt Value: 0 Key : Hypervisor.RootFlags.MceEnlightened Value: 0 Key : Hypervisor.RootFlags.Nested Value: 0 Key : Hypervisor.RootFlags.StartLogicalProcessor Value: 0 Key : Hypervisor.RootFlags.Value Value: 0 Key : Hypervisor.RootFlags.ValueHex Value: 0 Key : SecureKernel.HalpHvciEnabled Value: 0 Key : WER.OS.Branch Value: vb_release Key : WER.OS.Version Value: 10.0.19041.1 BUGCHECK_CODE: 18 BUGCHECK_P1: 0 BUGCHECK_P2: ffffe48063d79080 BUGCHECK_P3: 10 BUGCHECK_P4: 1 FILE_IN_CAB: MEMORY.DMP BLACKBOXBSD: 1 (!blackboxbsd) BLACKBOXNTFS: 1 (!blackboxntfs) BLACKBOXWINLOGON: 1 PROCESS_NAME: nfsd_debug.exe STACK_TEXT: ffffad04`8d6221c8 fffff804`5d61e05b : 00000000`00000018 00000000`00000000 ffffe480`63d79080 00000000`00000010 : nt!KeBugCheckEx ffffad04`8d6221d0 fffff804`5d829a9b : 00000000`00000002 ffffe480`63d79080 ffffbf84`d5e00100 fffff804`00000000 : nt!ObfReferenceObject+0x1e08eb ffffad04`8d622210 fffff804`5d8ba365 : 00000000`00001000 00000000`00000002 ffffbf84`d633a010 fffff804`5d442a38 : nt!PsImpersonateClient+0x15b ffffad04`8d6222a0 fffff804`634448c9 : fffff804`63477640 ffffbf84`dafd1010 00000000`00000001 ffffbf84`dafd1010 : nt!SeImpersonateClientEx+0x35 ffffad04`8d6222e0 fffff804`63450797 : ffffbf84`d633a010 ffffbf84`d5de5560 ffffad04`8d622378 ffffad04`8d61d000 : nfs41_driver+0x48c9 ffffad04`8d622340 fffff804`6344a0e8 : ffffbf84`d633a010 ffffad04`00282018 00000000`00000000 ffffbf84`df0b1ef0 : nfs41_driver+0x10797 ffffad04`8d6223b0 fffff804`63477976 : ffffbf84`d633a010 ffffbf84`dac9b060 00000000`00000002 ffffbf84`d633a010 : nfs41_driver+0xa0e8 ffffad04`8d622430 fffff804`63477698 : ffffbf84`d633a010 ffffbf84`d633a010 ffffbf84`dac9b000 ffffbf84`d633a010 : nfs41_driver+0x37976 ffffad04`8d622460 fffff804`63456162 : 00000000`00000000 ffffbf84`dafd1010 ffffbf84`dac9b001 00000000`00000000 : nfs41_driver+0x37698 ffffad04`8d622490 fffff804`6346e97d : fffff804`63461370 ffffbf84`d5c02100 ffffffff`ffffffff ffffbf84`dac9b060 : nfs41_driver+0x16162 ffffad04`8d622590 fffff804`6344ac37 : ffffbf84`de78c500 00000000`00000002 00000000`00000000 00000000`00000000 : nfs41_driver+0x2e97d ffffad04`8d6225c0 fffff804`5d42d835 : ffffbf84`dac9b060 ffffbf84`dafd1010 ffffbf84`de6f0730 fffff804`5d43d15b : nfs41_driver+0xac37 ffffad04`8d622600 fffff804`6255f248 : fffff804`62558000 00000000`00000000 ffffbf84`daa3bdb0 ffffbf84`debd9278 : nt!IofCallDriver+0x55 ffffad04`8d622640 fffff804`6255ed99 : ffffe480`5848d150 00000000`00000000 fffff804`62558000 00000000`00000000 : mup!MupiCallUncProvider+0xb8 ffffad04`8d6226b0 fffff804`6255ecce : ffffbf84`dafd1010 ffffbf84`debd9270 ffffbf84`df0b1e50 00000000`00000000 : mup!MupStateMachine+0x59 ffffad04`8d6226e0 fffff804`5d42d835 : ffffbf84`df0b1e50 00000000`00000000 ffffbf84`de78c500 00000000`00000001 : mup!MupFsdIrpPassThrough+0x17e ffffad04`8d622750 fffff804`5b844a76 : 00000000`00282018 ffffad04`8d622950 ffffbf84`dac9b060 fffff804`5d82f681 : nt!IofCallDriver+0x55 ffffad04`8d622790 fffff804`5d42d835 : 00000000`00000002 ffffbf84`dafd1200 ffffad04`20206f49 ffffad04`8d622950 : FLTMGR!FltpDispatch+0xd6 ffffad04`8d6227f0 fffff804`5d82e66c : 00000000`00000001 00000000`00282018 ffffbf84`df0b1e50 ffffbf84`dc8c2080 : nt!IofCallDriver+0x55 ffffad04`8d622830 fffff804`5d82e2ba : 00000000`00282018 ffffad04`8d622b80 00000000`00000000 00000000`00282018 : nt!IopSynchronousServiceTail+0x34c ffffad04`8d6228d0 fffff804`5d82d596 : 00000000`00000001 00000000`00000000 00000000`00000000 00000000`00000000 : nt!IopXxxControlFile+0xd0a ffffad04`8d622a20 fffff804`5d6119c5 : ffffbf84`de6f0080 fffff804`00000005 00000078`650f9c38 00007fff`ce227cb8 : nt!NtDeviceIoControlFile+0x56 ffffad04`8d622a90 00007ff8`04d0d194 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x25 00000078`650fa878 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x00007ff8`04d0d194 SYMBOL_NAME: nfs41_driver+48c9 MODULE_NAME: nfs41_driver IMAGE_NAME: nfs41_driver.sys STACK_COMMAND: .cxr; .ecxr ; kb BUCKET_ID_FUNC_OFFSET: 48c9 FAILURE_BUCKET_ID: 0x18_nfs41_driver!unknown_function OS_VERSION: 10.0.19041.1 BUILDLAB_STR: vb_release OSPLATFORM_TYPE: x64 OSNAME: Windows 10 FAILURE_ID_HASH: {290a9a32-97e9-d474-54ba-132ba9f991b9} Followup: MachineOwner ---------

Title:

Privacy: Public Private

How long should your post be retained?

15 mins an hour a day a week a month forever

All content is user-submitted.
The administrators of this site (kpaste.net) are not responsible for their content.
Abuse reports should be emailed to us at