system service exception svchost.exe ntkrnlmp.exe bsod

      Microsoft (R) Windows Debugger Version 10.0.21306.1007 AMD64
Copyright (c) Microsoft Corporation. All rights reserved.


Loading Dump File [C:\Windows\MEMORY.DMP]
Kernel Bitmap Dump File: Kernel address space is available, User address space may not be available.

Symbol search path is: srv*
Executable search path is:
Windows 10 Kernel Version 16299 MP (8 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS Personal
Edition build lab: 16299.637.amd64fre.rs3_release_svc.180808-1748
Machine Name:
Kernel base = 0xfffff803`9c80b000 PsLoadedModuleList = 0xfffff803`9cb74110
Debug session time: Tue Sep 20 07:20:00.000 2022 (UTC + 8:00)
System Uptime: 0 days 4:22:35.646
Loading Kernel Symbols
...............................................................
................................................................
.......................................................
Loading User Symbols
PEB is paged out (Peb.Ldr = 00000076`0c635018).  Type ".hh dbgerr001" for details
Loading unloaded module list
........
For analysis of this file, run !analyze -v
nt!KeBugCheckEx:
fffff803`9c98b940 48894c2408      mov     qword ptr [rsp+8],rcx ss:0018:ffff8d82`e047c250=000000000000003b
2: kd> !analyze -v
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

SYSTEM_SERVICE_EXCEPTION (3b)
An exception happened while executing a system service routine.
Arguments:
Arg1: 00000000c0000005, Exception code that caused the bugcheck
Arg2: fffff8039cca9731, Address of the instruction which caused the bugcheck
Arg3: ffff8d82e047cb20, Address of the context record for the exception that caused the bugcheck
Arg4: 0000000000000000, zero.

Debugging Details:
------------------


KEY_VALUES_STRING: 1

    Key  : Analysis.CPU.mSec
    Value: 1859

    Key  : Analysis.DebugAnalysisManager
    Value: Create

    Key  : Analysis.Elapsed.mSec
    Value: 1867

    Key  : Analysis.Init.CPU.mSec
    Value: 2905

    Key  : Analysis.Init.Elapsed.mSec
    Value: 53298

    Key  : Analysis.Memory.CommitPeak.Mb
    Value: 70

    Key  : WER.OS.Branch
    Value: rs3_release_svc

    Key  : WER.OS.Timestamp
    Value: 2018-08-08T17:48:00Z

    Key  : WER.OS.Version
    Value: 10.0.16299.637


BUGCHECK_CODE:  3b

BUGCHECK_P1: c0000005

BUGCHECK_P2: fffff8039cca9731

BUGCHECK_P3: ffff8d82e047cb20

BUGCHECK_P4: 0

CONTEXT:  ffff8d82e047cb20 -- (.cxr 0xffff8d82e047cb20)
rax=0000000000000000 rbx=8b8317098522592d rcx=0000000000000011
rdx=fffff8039cb72ae0 rsi=00000000000000ac rdi=0000000000000000
rip=fffff8039cca9731 rsp=ffff8d82e047d510 rbp=fffff8039cb72ae0
 r8=ffff8d82e047d518  r9=ffffa909dd460238 r10=0000000000000015
r11=ffffa909dd46023c r12=ffff9308211d0080 r13=ffffa909dd460190
r14=fffff8039cb72ae8 r15=0000000000000000
iopl=0         nv up ei pl nz ac po cy
cs=0010  ss=0018  ds=002b  es=002b  fs=0053  gs=002b             efl=00010217
nt!ObLogSecurityDescriptor+0xe1:
fffff803`9cca9731 488b4718        mov     rax,qword ptr [rdi+18h] ds:002b:00000000`00000018=????????????????
Resetting default scope

BLACKBOXBSD: 1 (!blackboxbsd)


BLACKBOXPNP: 1 (!blackboxpnp)


PROCESS_NAME:  svchost.exe

STACK_TEXT: 
ffff8d82`e047d510 fffff803`9cca9461     : 00000000`000000ac ffff8d82`e047d5c0 ffff8d82`00000010 00000000`000000ac : nt!ObLogSecurityDescriptor+0xe1
ffff8d82`e047d590 fffff803`9cca631c     : ffff9308`21a124a0 ffff8d82`e047d6b0 ffff8d82`e047d6b0 ffff9308`21a124a0 : nt!SeDefaultObjectMethod+0x51
ffff8d82`e047d5e0 fffff803`9cd723c2     : ffff8d82`e047da00 00000000`00000000 00000076`0cf7e200 ffffa90a`1d0a12c0 : nt!ObInsertObjectEx+0x33c
ffff8d82`e047d880 fffff803`9cca4834     : ffffa909`d9aa8060 ffff8d82`e047dab8 00000000`00000fff 00000000`00001001 : nt!SeCopyClientToken+0x9e
ffff8d82`e047d910 fffff803`9cca4480     : ffffa909`d9aa8060 00000000`00000000 ffff9308`2086e580 00000000`00000001 : nt!SepCreateClientSecurityEx+0x134
ffff8d82`e047d980 fffff803`9ccf5f28     : 00000219`9fafbc00 ffffa909`e6d5cd10 00000000`00000000 ffff9308`207203d0 : nt!SeCreateClientSecurity+0x110
ffff8d82`e047da20 fffff803`9ccf63fc     : 00000219`9fafbc90 ffff8d82`e047db80 00000219`9fafbc70 00000219`9fafbc60 : nt!AlpcpCreateSecurityContext+0x90
ffff8d82`e047da80 fffff803`9c99bf43     : ffff9308`211d0080 00000000`00000001 ffff9308`211d0080 ffff9308`207203d0 : nt!NtAlpcCreateSecurityContext+0x11c
ffff8d82`e047db00 00007ffd`ad2f1044     : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x13
00000076`0cf7e228 00000000`00000000     : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x00007ffd`ad2f1044


SYMBOL_NAME:  nt!ObLogSecurityDescriptor+e1

MODULE_NAME: nt

IMAGE_NAME:  ntkrnlmp.exe

STACK_COMMAND:  .cxr 0xffff8d82e047cb20 ; kb

BUCKET_ID_FUNC_OFFSET:  e1

FAILURE_BUCKET_ID:  0x3B_c0000005_nt!ObLogSecurityDescriptor

OS_VERSION:  10.0.16299.637

BUILDLAB_STR:  rs3_release_svc

OSPLATFORM_TYPE:  x64

OSNAME:  Windows 10

FAILURE_ID_HASH:  {c7451bc4-8d5e-bc70-86b5-535f25d13589}

Followup:     MachineOwner
---------      Hi,I'mDyari.Thanksforreachingout.Iwillbehappytoassistyouinthisregard.KindlycheckC:\Windows\MinidumpandcopyavailableminidumpfilestothedesktopthensharethemviaOneDriveorGoogleDriveinordertobeanalyzedandindicatewhichfileiscausingthecrash.Regards,