RDR_FILE_SYSTEM (27)
If you see RxExceptionFilter on the stack then the 2nd and 3rd parameters are the
exception record and context record. Do a .cxr on the 3rd parameter and then kb to
obtain a more informative stack trace.
The high 16 bits of the first parameter is the RDBSS bugcheck code, which is defined
as follows:
RDBSS_BUG_CHECK_CACHESUP = 0xca550000,
RDBSS_BUG_CHECK_CLEANUP = 0xc1ee0000,
RDBSS_BUG_CHECK_CLOSE = 0xc10e0000,
RDBSS_BUG_CHECK_NTEXCEPT = 0xbaad0000,
Arguments:
Arg1: baad0073
Arg2: a3d336a8
Arg3: a3d33280
Arg4: 911e1c82
*** WARNING: Unable to verify timestamp for[U][B] proxyclientflt32.sys[/B][/U]
*** ERROR: Module load completed but symbols could not be loaded for[U][B] proxyclientflt32.sys[/B][/U]
*** WARNING: Unable to verify timestamp for [U][B]proxyclientwebfilter32.sys[/B][/U]
*** ERROR: Module load completed but symbols could not be loaded for [U][B]proxyclientwebfilter32.sys
[/B][/U]
EXCEPTION_RECORD: a3d336a8 -- (.exr 0xffffffffa3d336a8)
ExceptionAddress: 911e1c82 (tdx!TdxCreateControlChannel+0x00000070)
ExceptionCode: c0000005 (Access violation)
ExceptionFlags: 00000000
NumberParameters: 2
Parameter[0]: 00000001
Parameter[1]: 0000000c
Attempt to write to address 0000000c
CONTEXT: a3d33280 -- (.cxr 0xffffffffa3d33280)
eax=00000000 ebx=00000000 ecx=00000002 edx=00000000 esi=86445cf8 edi=00000003
eip=911e1c82 esp=a3d33770 ebp=a3d33778 iopl=0 nv up ei pl nz na pe nc
cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00010206
tdx!TdxCreateControlChannel+0x70:
911e1c82 89700c mov dword ptr [eax+0Ch],esi ds:0023:0000000c=????????
Resetting default scope
CUSTOMER_CRASH_COUNT: 1
PROCESS_NAME: System
CURRENT_IRQL: 0
ERROR_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x%08lx referenced memory at 0x%08lx. The memory could not be %s.
EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x%08lx referenced memory at 0x%08lx. The memory could not be %s.
EXCEPTION_PARAMETER1: 00000001
EXCEPTION_PARAMETER2: 0000000c
WRITE_ADDRESS: GetPointerFromAddress: unable to read from 82d77848
Unable to read MiSystemVaType memory at 82d56e20
0000000c
FOLLOWUP_IP:
tdx!TdxCreateControlChannel+70
911e1c82 89700c mov dword ptr [eax+0Ch],esi
FAULTING_IP:
tdx!TdxCreateControlChannel+70
911e1c82 89700c mov dword ptr [eax+0Ch],esi
BUGCHECK_STR: 0x27
DEFAULT_BUCKET_ID: NULL_CLASS_PTR_DEREFERENCE
LAST_CONTROL_TRANSFER: from 911e9009 to 911e1c82
STACK_TEXT:
a3d33778 911e9009 884d5c90 00000000 00000000 tdx!TdxCreateControlChannel+0x70
a3d337b0 82c4558e 880a5be8 89c5bd98 89c5bd98 tdx!TdxTdiDispatchCreate+0x5f
a3d337c8 910027b2 a3d337e8 91003501 880a5be8 nt!IofCallDriver+0x63
WARNING: Stack unwind information not available. Following frames may be wrong.
a3d337d0 91003501 880a5be8 89c5bd98 886410d0 [U][B]proxyclientflt32[/B][/U]+0x27b2
a3d337e8 91001753 88633e40 89c5bd98 88633e40 [U][B]proxyclientflt32[/B][/U]+0x3501
a3d337fc 82c4558e 88633e40 89c5bd98 8a0c8904 [U][B]proxyclientflt32[/B][/U]+0x1753
a3d33814 91011627 886410d0 8a0c8904 89545430 nt!IofCallDriver+0x63
a3d33828 9100d7ab 886410d0 8a0c8904 89545430 [U][B]proxyclientwebfilter32[/B][/U]+0x6627
a3d33860 9101241e 89545430 8b13e458 89545430 [U][B]proxyclientwebfilter32[/B][/U]+0x27ab
a3d33880 910148c6 89545430 8a0c8904 89545430 [U][B]proxyclientwebfilter32[/B][/U]+0x741e
a3d33898 910131e1 00000000 89545430 886410d0 [U][B]proxyclientwebfilter32[/B][/U]+0x98c6
a3d338b4 91011635 0f6410d0 8a0c8904 00000000 [U][B]proxyclientwebfilter32[/B][/U]+0x81e1
a3d338d0 91011836 886410d0 00000103 89c5bd98 [U][B]proxyclientwebfilter32[/B][/U]+0x6635
a3d3391c 91011eac 8a0c8904 0000009f 00000001 [U][B]proxyclientwebfilter32[/B][/U]+0x6836
a3d33930 9100de1c 8a0c8904 89c5bf28 886410d0 [U][B]proxyclientwebfilter32[/B][/U]+0x6eac
a3d3395c 9101241e 85b0f1d0 00000104 89c5bd98 [U][B]proxyclientwebfilter32[/B][/U]+0x2e1c
a3d3397c 910148c6 89c5bd98 89c5bd98 88641018 [U][B]proxyclientwebfilter32[/B][/U]+0x741e
a3d33994 82c4558e 00000000 89c5bd98 a3d339e0 [U][B]proxyclientwebfilter32[/B][/U]+0x98c6
a3d339ac 9166fced 85f24798 85fb2fa0 85fb2f68 nt!IofCallDriver+0x63
a3d339c4 91632e50 8a3bf2c8 85fb2fd8 00000000 afd!WskTdiTLRequestSend+0x12f
a3d33a00 9163185a a3d33a20 82c4558e 885fa868 afd!WskProIRPSend+0xc2
a3d33a08 82c4558e 885fa868 85fb2f68 8af0fa40 afd!AfdWskDispatchInternalDeviceControl+0x21
a3d33a20 91632fa8 a3d33a7c 911146b0 85f247ac nt!IofCallDriver+0x63
a3d33a28 911146b0 85f247ac a3d33a64 00000002 afd!WskProAPISend+0x67
a3d33a7c 911290d8 89cd3010 9163fe30 8ab30258 mrxsmb!SmbWskSend+0x12f
a3d33acc 9112919a 89cd3010 00000000 8ab30258 mrxsmb!RxCeSend+0x4a
a3d33af4 911165a6 89cd3010 00000000 8ab30258 mrxsmb!VctSend+0x24
a3d33b28 9111a2fc 00000000 0000009b 00000000 mrxsmb!SmbCseSubmitBufferContext+0x208
a3d33b4c 911170d8 00000000 89cd3010 00000000 mrxsmb!SmbNegotiate_Start+0x138
a3d33b7c 9111a0bb 00bc1c00 87c19828 8abc1c00 mrxsmb!SmbCeInitiateExchange+0x347
a3d33b90 9111b7ae 8a8f1768 89cd3010 87c19828 mrxsmb!MRxSmbInitialNegotiate+0x70
a3d33bbc 9111b86b 8a8f1768 8a65ba68 8a8998c8 mrxsmb!SmbCeCompleteTransportConnectionEstablishment+0xfa
a3d33bd4 9111a893 00000000 92246cc8 a3d33c40 mrxsmb!VctCompleteConnectRequest+0x6f
a3d33be4 92234143 8a8998c8 31f75b05 00000000 mrxsmb!RxCeInitiateConnection+0x1bd
a3d33c40 92249d32 92246cc8 92247108 a3d33c90 rdbss!RxpWorkerThreadDispatcher+0x13e
a3d33c50 82e16fda 92246cc8 84778901 00000000 rdbss!RxWorkerThreadDispatcher+0x1a
a3d33c90 82cbf1f9 92249d18 92246cc8 00000000 nt!PspSystemThreadStartup+0x9e
00000000 00000000 00000000 00000000 00000000 nt!KiThreadStartup+0x19
SYMBOL_STACK_INDEX: 0
SYMBOL_NAME: tdx!TdxCreateControlChannel+70