2019. 9. 24. 17:17ㆍCase by Case
안녕하세요? Holmes 입니다.
오랜만에 BSOD 0xD1 Case 가 들어왔습니다.
---------------------------------------------------------------------------------------------------------------------------------
[환 경]
Windows Server 2008 R2 with OpenStack
[문의사항]
Bugcheck 0xD1 Crashdump analysis
[원 인]
Netkvm.sys 드라이버가 잘못된 메모리 주소에 쓰려고 시도하여 Crash가 발생했습니다.
|
1: kd> .trap fffff880`016634a6 NOTE: The trap frame does not contain all registers. Some register values may be zeroed or incorrect. Unable to get program counter rax=0000000000000000 rbx=0000000000000000 rcx=0000000000000000 rdx=0000000000000000 rsi=0000000000000000 rdi=0000000000000000 rip=85483f8b48187408 rsp=b824bc8b48e87508 rbp=fa5f99e8cb8b4820 r8=0000000000000000 r9=0000000000000000 r10=0000000000000000 r11=0000000000000000 r12=0000000000000000 r13=0000000000000000 r14=0000000000000000 r15=0000000000000000 iopl=3 ov dn ei pl zr na pe cy 74ff:7408 ?? ??? 1: kd> ub ^ Unable to find valid previous instruction for 'ub' 1: kd> u 85483f8b`48187408 ?? ??? ^ Memory access error in 'u' 1: kd> r Last set context: Unable to get program counter rax=0000000000000000 rbx=0000000000000000 rcx=0000000000000000 rdx=0000000000000000 rsi=0000000000000000 rdi=0000000000000000 rip=85483f8b48187408 rsp=b824bc8b48e87508 rbp=fa5f99e8cb8b4820 r8=0000000000000000 r9=0000000000000000 r10=0000000000000000 r11=0000000000000000 r12=0000000000000000 r13=0000000000000000 r14=0000000000000000 r15=0000000000000000 iopl=3 ov dn ei pl zr na pe cy cs=74ff ss=0000 ds=0000 es=0000 fs=0000 gs=0000 efl=0845ff41 74ff:7408 ?? ??? ^ Unable to get program counter 'r ' |
[Action Plan]
netkvm.sys 드라이버를 업데이트 하십시오.
[참고자료]
https://bugzilla.redhat.com/show_bug.cgi?id=1167614
https://www.linux-kvm.org/page/WindowsGuestDrivers/kvmnet/installer
[Debug Log]
|
1: kd> kvL # Child-SP RetAddr : Args to Child : Call Site 00 fffff880`01c21798 fffff800`016ea0e9 : 00000000`0000000a 00000000`0000001c 00000000`00000002 00000000`00000001 : nt!KeBugCheckEx 01 fffff880`01c217a0 fffff800`016e7ece : 00000000`00000001 00000000`0000001c 00000000`00000000 fffffa80`0694e360 : nt!KiBugCheckDispatch+0x69 02 fffff880`01c218e0 fffff880`016634a6 : fffffa80`0694e360 fffffa80`0694e360 00000000`00000003 fffff880`016667ff : nt!KiPageFault+0x44e (TrapFrame @ fffff880`01c218e0) 03 fffff880`01c21a70 fffff880`01667b90 : 00000000`00000002 fffffa80`03ed8022 00000000`000085cf 00000000`00000001 : tcpip!TcpBeginTcbSend+0xb76 04 fffff880`01c21ca0 fffff880`0168b9f6 : 00000000`00000000 fffffa80`05a4b201 fffff880`01766128 fffffa80`03e70022 : tcpip!TcpTcbSend+0x1e0 05 fffff880`01c21f20 fffff880`01662715 : fffffa80`03ed8000 00000000`00000000 00000000`00000000 fffff880`0178a200 : tcpip!TcpFlushDelay+0x316 06 fffff880`01c22000 fffff880`0165a5e7 : fffffa80`03a42670 fffffa80`0398ebc0 fffffa80`000085cf 00000000`00000000 : tcpip!TcpPreValidatedReceive+0x3e5 07 fffff880`01c220d0 fffff880`0165a15a : 00000000`00000000 fffff880`0176ca20 fffff880`01c22290 fffffa80`0640ee20 : tcpip!IppDeliverListToProtocol+0x97 08 fffff880`01c22190 fffff880`01659711 : 00000001`1f82700c fffffa80`06cdc100 fffff880`01c2220c fffff880`01c22280 : tcpip!IppProcessDeliverList+0x5a 09 fffff880`01c22230 fffff880`0165742f : 00000000`69e0560a fffff880`0176ca20 00000000`00000000 00000000`00000000 : tcpip!IppReceiveHeaderBatch+0x232 0a fffff880`01c22330 fffff880`01656a4c : fffffa80`03f60220 00000000`00000000 fffff880`0179d801 fffffa80`00000001 : tcpip!IpFlcReceivePackets+0x64f 0b fffff880`01c22530 fffff880`0165543a : fffffa80`03f5fba0 fffff880`01c22670 fffffa80`03f5fba0 fffff880`02180000 : tcpip!FlpReceiveNonPreValidatedNetBufferListChain+0xcec 0c fffff880`01c22620 fffff800`01691609 : fffffa80`0640ee20 00000000`00000000 fffffa80`03a16cd0 00000000`00000000 : tcpip!FlReceiveNetBufferListChainCalloutRoutine+0xda 0d fffff880`01c22670 fffff880`01655b32 : fffff880`01655360 fffff880`01c22790 00000000`00000000 fffffa80`04f02b00 : nt!KeExpandKernelStackAndCalloutEx+0x2c9 0e fffff880`01c22760 fffff880`00f5a0eb : fffffa80`03f5e570 00000000`00000000 fffffa80`03c681a0 fffff880`00ea5c46 : tcpip!FlReceiveNetBufferListChain+0xb2 0f fffff880`01c227d0 fffff880`00f23ad6 : fffffa80`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : NDIS!ndisMIndicateNetBufferListsToOpen+0xdb 10 fffff880`01c22840 fffff880`00e9dac1 : fffffa80`03c681a0 00000000`00000002 00000000`00000001 00000000`00000000 : NDIS!ndisMDispatchReceiveNetBufferLists+0x1d6 11 fffff880`01c22cc0 fffff880`0218921f : fffffa80`03cde000 00000000`00000001 fffffa80`03cde620 00000000`00000000 : NDIS!NdisMIndicateReceiveNetBufferLists+0xc1 12 fffff880`01c22d10 fffff880`02182cef : fffffa80`03cde000 00000000`00000028 00000000`00000000 fffffa80`03cde620 : netkvm+0xc21f 13 fffff880`01c22d50 fffff880`02180018 : fffffa80`03cde000 00000000`00000010 00000000`00000001 fffffa80`03cde000 : netkvm+0x5cef 14 fffff880`01c22da0 fffff880`0218877f : fffffa80`03cd97f0 00000000`000003e7 00000000`00000000 00000000`00000000 : netkvm+0x3018 15 fffff880`01c22de0 fffff880`00e9d951 : fffff880`00000000 00000000`00000000 fffff880`009be100 fffff880`009b9180 : netkvm+0xb77f 16 fffff880`01c22e70 fffff800`016884ec : fffffa80`03cd9a08 fffffa80`00000000 00000000`00000000 fffff880`009b9180 : NDIS!ndisInterruptDpc+0x151 17 fffff880`01c22f00 fffff800`016de3e5 : 894ccf8b`48c68b44 fffffa80`071745d0 00000000`00000000 fffff880`00e9d800 : nt!KiRetireDpcList+0x1bc 18 fffff880`01c22fb0 fffff800`016de1fc : 00000000`00000000 00000000`00000002 00000000`00000000 fffff800`01842880 : nt!KxRetireDpcList+0x5 (TrapFrame @ fffff880`01c22e70) 19 fffff880`05dfd8e0 fffff800`016e0afe : fffffa80`05685128 fffffa80`04322e70 00000000`00000000 fffffa80`03cd4250 : nt!KiDispatchInterruptContinue 1a fffff880`05dfd910 fffff800`0167cf1a : fffffa80`05e8b790 fffff880`04fb2b4c fffffa80`05e8b790 00000000`00000000 : nt!KiDpcInterrupt+0x2ae (TrapFrame @ fffff880`05dfd910) 1b fffff880`05dfdaa0 fffff880`04fb240f : fffffa80`05e8b790 fffff880`00002600 00000000`00000000 fffff880`05dfe3b0 : nt!KeReleaseSpinLock+0x2a 1c fffff880`05dfdad0 fffff880`04fb08ae : fffffa80`042fb2c0 00000000`00000000 00000000`00000000 fffff880`00e369cb : TNNipsNt+0x440f 1d fffff880`05dfdb20 fffff880`039d02f9 : fffffa80`03cb62c0 fffffa80`042fb2c0 fffff880`05dfe3b0 00000000`00000000 : TNNipsNt+0x28ae 1e fffff880`05dfdb60 fffff880`039daeef : fffffa80`042fb2c0 fffff880`00000009 00000000`00000000 fffff880`05dfe3e0 : AMonCDW7+0x42f9 1f fffff880`05dfdbd0 fffff880`039dabfc : fffffa80`05685110 fffffa80`07148218 fffffa80`07148218 fffff880`039dc388 : AMonCDW7!IAnfdTDScanAllSessionV4V6+0x6f03 20 fffff880`05dfdc10 fffff880`039dac26 : fffffa80`07148218 fffffa80`06293d18 fffffa80`06293d18 fffff880`039dc388 : AMonCDW7!IAnfdTDScanAllSessionV4V6+0x6c10 21 fffff880`05dfdc80 fffff880`039cfb83 : fffffa80`06293d18 fffffa80`00000009 fffffa80`00000004 00000000`00000006 : AMonCDW7!IAnfdTDScanAllSessionV4V6+0x6c3a 22 fffff880`05dfdcf0 fffff880`039ce216 : fffff880`05dfe380 fffff880`05dfe3e0 00000000`00000000 00000000`00000000 : AMonCDW7+0x3b83 23 fffff880`05dfdd30 fffff880`00e0cba2 : fffff880`05dfe380 fffff880`05dfe3e0 00000000`00000000 00000000`00000000 : AMonCDW7+0x2216 24 fffff880`05dfddb0 fffff880`00e0617c : fffffa80`0449003e fffff880`05dfe380 fffff880`05dfe3b0 00000000`00000000 : NETIO!ProcessCallout+0x1a2 25 fffff880`05dfdee0 fffff880`016a1a70 : 00000000`00000002 fffff880`05dfe380 00000000`00000000 00000000`00000000 : NETIO!KfdClassify+0x24c 26 fffff880`05dfe250 fffff880`0166ae52 : 00000000`00000000 fffffa80`05b2d890 00000000`00000000 fffffa80`03984000 : tcpip! ?? ::FNODOBFM::`string'+0xb8da 27 fffff880`05dfe5b0 fffff880`01680a05 : fffffa80`07e72920 fffffa80`03c31670 fffffa80`03984000 00000000`00004800 : tcpip!WfpAleEndpointTeardownHandler+0x102 28 fffff880`05dfe5e0 fffff880`016808a2 : fffff880`05dfe778 fffffa80`03acd240 00000000`00000000 fffffa80`03acd240 : tcpip!TcpCleanupEndpointWorkQueueRoutine+0x105 29 fffff880`05dfe680 fffff880`016808e9 : fffffa80`052d0e80 00000000`00000000 00000000`00000000 fffffa80`05633340 : tcpip!TcpCloseEndpoint+0x92 2a fffff880`05dfe6f0 fffff880`02856a30 : 00000000`00000000 00000000`ffffffff 00000000`00000000 fffffa80`05633340 : tcpip!TcpTlEndpointCloseEndpoint+0x9 2b fffff880`05dfe720 fffff880`02856ef2 : 00000000`00000000 fffffa80`03c31670 fffffa80`05633240 fffff800`016770d6 : afd!AfdCleanupCore+0x410 2c fffff880`05dfe8a0 fffff800`01940d8f : fffffa80`0728f010 fffffa80`07175b00 00000000`00000000 fffffa80`03c31670 : afd!AfdDispatch+0x42 2d fffff880`05dfe8f0 fffff800`0194198d : 00000000`00000000 fffffa80`036fa8a0 00000000`00000000 fffff800`0167bc0c : nt!IopCloseFile+0x11f 2e fffff880`05dfe980 fffff800`01a755f9 : 00000000`000005a4 fffffa80`00000001 fffffa80`03c31670 fffffa80`071745d0 : nt!ObpDecrementHandleCount+0x16d 2f fffff880`05dfea00 fffff800`01940674 : 00000000`000005a4 fffffa80`03c31640 fffffa80`07175b00 fffff8a0`1015c6a0 : nt!ObpCloseHandleTableEntry+0x269 30 fffff880`05dfea90 fffff800`016e9d53 : fffffa80`071745d0 fffff880`05dfeb60 00000000`7ef9a000 fffffa80`00000000 : nt!ObpCloseHandle+0x94 31 fffff880`05dfeae0 00000000`7775997a : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x13 (TrapFrame @ fffff880`05dfeae0)
1: kd> uf fffff880`016634a6 tcpip!TcpBeginTcbSend: fffff880`01662930 48895c2420 mov qword ptr [rsp+20h],rbx fffff880`01662935 55 push rbp fffff880`01662936 56 push rsi fffff880`01662937 57 push rdi fffff880`01662938 4154 push r12 fffff880`0166293a 4155 push r13 fffff880`0166293c 4156 push r14 fffff880`0166293e 4157 push r15 fffff880`01662940 4881ecf0010000 sub rsp,1F0h fffff880`01662947 488b05b2371000 mov rax,qword ptr [tcpip!_security_cookie (fffff880`01766100)] fffff880`0166294e 4833c4 xor rax,rsp fffff880`01662951 48898424e0010000 mov qword ptr [rsp+1E0h],rax fffff880`01662959 488bb42450020000 mov rsi,qword ptr [rsp+250h] fffff880`01662961 488bbc2458020000 mov rdi,qword ptr [rsp+258h] fffff880`01662969 450fb6e9 movzx r13d,r9b fffff880`0166296d 44888c2480000000 mov byte ptr [rsp+80h],r9b fffff880`01662975 458bf8 mov r15d,r8d fffff880`01662978 4c8be2 mov r12,rdx fffff880`0166297b 4889b424e8000000 mov qword ptr [rsp+0E8h],rsi fffff880`01662983 488bd9 mov rbx,rcx fffff880`01662986 4885d2 test rdx,rdx fffff880`01662989 7551 jne tcpip!TcpBeginTcbSend+0xac (fffff880`016629dc) Branch
tcpip!TcpBeginTcbSend+0x5b: fffff880`0166298b 8b417c mov eax,dword ptr [rcx+7Ch] fffff880`0166298e 4c8da424f0000000 lea r12,[rsp+0F0h] fffff880`01662996 898424f0000000 mov dword ptr [rsp+0F0h],eax fffff880`0166299d 488b8130010000 mov rax,qword ptr [rcx+130h] fffff880`016629a4 48898424f8000000 mov qword ptr [rsp+0F8h],rax fffff880`016629ac 4885c0 test rax,rax fffff880`016629af 742b je tcpip!TcpBeginTcbSend+0xac (fffff880`016629dc) Branch
tcpip!TcpBeginTcbSend+0x81: fffff880`016629b1 488b8138010000 mov rax,qword ptr [rcx+138h] fffff880`016629b8 4889842400010000 mov qword ptr [rsp+100h],rax fffff880`016629c0 488b8140010000 mov rax,qword ptr [rcx+140h] fffff880`016629c7 4889842408010000 mov qword ptr [rsp+108h],rax fffff880`016629cf 8b8148010000 mov eax,dword ptr [rcx+148h] fffff880`016629d5 89842410010000 mov dword ptr [rsp+110h],eax
tcpip!TcpBeginTcbSend+0xac: fffff880`016629dc 41f6c502 test r13b,2 fffff880`016629e0 7449 je tcpip!TcpBeginTcbSend+0xfb (fffff880`01662a2b) Branch
tcpip!TcpBeginTcbSend+0xb2: fffff880`016629e2 0fb68170020000 movzx eax,byte ptr [rcx+270h] fffff880`016629e9 0fb68972020000 movzx ecx,byte ptr [rcx+272h] fffff880`016629f0 448bc8 mov r9d,eax fffff880`016629f3 448bc0 mov r8d,eax fffff880`016629f6 8bd0 mov edx,eax fffff880`016629f8 41c1e905 shr r9d,5 fffff880`016629fc 41c1e803 shr r8d,3 fffff880`01662a00 c1ea06 shr edx,6 fffff880`01662a03 c1e903 shr ecx,3 fffff880`01662a06 4183e101 and r9d,1 fffff880`01662a0a 4183e001 and r8d,1 fffff880`01662a0e 83e201 and edx,1 fffff880`01662a11 83e101 and ecx,1 fffff880`01662a14 e817210300 call tcpip!TcpHeaderSizeForSynSend (fffff880`01694b30) fffff880`01662a19 408ae8 mov bpl,al fffff880`01662a1c 8b835c010000 mov eax,dword ptr [rbx+15Ch] fffff880`01662a22 89ac2484000000 mov dword ptr [rsp+84h],ebp fffff880`01662a29 eb29 jmp tcpip!TcpBeginTcbSend+0x124 (fffff880`01662a54) Branch
tcpip!TcpBeginTcbSend+0xfb: fffff880`01662a2b f6817002000020 test byte ptr [rcx+270h],20h fffff880`01662a32 b820000000 mov eax,20h fffff880`01662a37 bd14000000 mov ebp,14h fffff880`01662a3c 0f45e8 cmovne ebp,eax fffff880`01662a3f 89ac2484000000 mov dword ptr [rsp+84h],ebp fffff880`01662a46 e8c5cd0200 call tcpip!TcpComputeTcbRcvWnd (fffff880`0168f810) fffff880`01662a4b 0fb68ba9000000 movzx ecx,byte ptr [rbx+0A9h] fffff880`01662a52 d3e8 shr eax,cl
tcpip!TcpBeginTcbSend+0x124: fffff880`01662a54 b9ffff0000 mov ecx,0FFFFh fffff880`01662a59 40882f mov byte ptr [rdi],bpl fffff880`01662a5c 3bc1 cmp eax,ecx fffff880`01662a5e 0f47c1 cmova eax,ecx fffff880`01662a61 4533c0 xor r8d,r8d fffff880`01662a64 898424c0000000 mov dword ptr [rsp+0C0h],eax fffff880`01662a6b 4080fd14 cmp bpl,14h fffff880`01662a6f 740a je tcpip!TcpBeginTcbSend+0x14b (fffff880`01662a7b) Branch
tcpip!TcpBeginTcbSend+0x141: fffff880`01662a71 b802000000 mov eax,2 fffff880`01662a76 668906 mov word ptr [rsi],ax fffff880`01662a79 eb04 jmp tcpip!TcpBeginTcbSend+0x14f (fffff880`01662a7f) Branch
tcpip!TcpBeginTcbSend+0x14b: fffff880`01662a7b 66448906 mov word ptr [rsi],r8w
tcpip!TcpBeginTcbSend+0x14f: fffff880`01662a7f 418b0424 mov eax,dword ptr [r12] fffff880`01662a83 48ba0000000001000080 mov rdx,8000000100000000h fffff880`01662a8d 2b8380000000 sub eax,dword ptr [rbx+80h] fffff880`01662a93 0f89be000000 jns tcpip!TcpBeginTcbSend+0x227 (fffff880`01662b57) Branch
tcpip!TcpBeginTcbSend+0x169: fffff880`01662a99 f6837602000040 test byte ptr [rbx+276h],40h fffff880`01662aa0 740f je tcpip!TcpBeginTcbSend+0x181 (fffff880`01662ab1) Branch
tcpip!TcpBeginTcbSend+0x172: fffff880`01662aa2 488b83c0020000 mov rax,qword ptr [rbx+2C0h] fffff880`01662aa9 488b4830 mov rcx,qword ptr [rax+30h] fffff880`01662aad 44894114 mov dword ptr [rcx+14h],r8d
tcpip!TcpBeginTcbSend+0x181: fffff880`01662ab1 f6837002000020 test byte ptr [rbx+270h],20h fffff880`01662ab8 0f8599000000 jne tcpip!TcpBeginTcbSend+0x227 (fffff880`01662b57) Branch
tcpip!TcpBeginTcbSend+0x18e: fffff880`01662abe 44898318020000 mov dword ptr [rbx+218h],r8d fffff880`01662ac5 833d7006110001 cmp dword ptr [tcpip!MICROSOFT_TCPIP_PROVIDER_Context+0x24 (fffff880`0177313c)],1 fffff880`01662acc 0f8585000000 jne tcpip!TcpBeginTcbSend+0x227 (fffff880`01662b57) Branch
tcpip!TcpBeginTcbSend+0x1a2: fffff880`01662ad2 0fb60567061100 movzx eax,byte ptr [tcpip!MICROSOFT_TCPIP_PROVIDER_Context+0x28 (fffff880`01773140)] fffff880`01662ad9 3c05 cmp al,5 fffff880`01662adb 7304 jae tcpip!TcpBeginTcbSend+0x1b1 (fffff880`01662ae1) Branch
tcpip!TcpBeginTcbSend+0x1ad: fffff880`01662add 84c0 test al,al fffff880`01662adf 7576 jne tcpip!TcpBeginTcbSend+0x227 (fffff880`01662b57) Branch
tcpip!TcpBeginTcbSend+0x1b1: fffff880`01662ae1 48851540061100 test qword ptr [tcpip!MICROSOFT_TCPIP_PROVIDER_Context+0x10 (fffff880`01773128)],rdx fffff880`01662ae8 746d je tcpip!TcpBeginTcbSend+0x227 (fffff880`01662b57) Branch
tcpip!TcpBeginTcbSend+0x1ba: fffff880`01662aea 488b0d3f061100 mov rcx,qword ptr [tcpip!MICROSOFT_TCPIP_PROVIDER_Context+0x18 (fffff880`01773130)] fffff880`01662af1 488bc1 mov rax,rcx fffff880`01662af4 4823c2 and rax,rdx fffff880`01662af7 483bc1 cmp rax,rcx fffff880`01662afa 755b jne tcpip!TcpBeginTcbSend+0x227 (fffff880`01662b57) Branch
tcpip!TcpBeginTcbSend+0x1cc: fffff880`01662afc 488b0d0d061100 mov rcx,qword ptr [tcpip!Microsoft_Windows_TCPIPHandle (fffff880`01773110)] fffff880`01662b03 4489442438 mov dword ptr [rsp+38h],r8d fffff880`01662b08 33c0 xor eax,eax fffff880`01662b0a 4489442430 mov dword ptr [rsp+30h],r8d fffff880`01662b0f 4489442428 mov dword ptr [rsp+28h],r8d fffff880`01662b14 4489442420 mov dword ptr [rsp+20h],r8d fffff880`01662b19 89842460010000 mov dword ptr [rsp+160h],eax fffff880`01662b20 89842464010000 mov dword ptr [rsp+164h],eax fffff880`01662b27 4c8d842460010000 lea r8,[rsp+160h] fffff880`01662b2f 488d15f2000e00 lea rdx,[tcpip!TCP_SRTT_MEASUREMENT_CANCELLED (fffff880`01742c28)] fffff880`01662b36 4c8bcb mov r9,rbx fffff880`01662b39 89842468010000 mov dword ptr [rsp+168h],eax fffff880`01662b40 8984246c010000 mov dword ptr [rsp+16Ch],eax fffff880`01662b47 48899c2460010000 mov qword ptr [rsp+160h],rbx fffff880`01662b4f e84c8d0800 call tcpip!Template_pqqqq (fffff880`016eb8a0) fffff880`01662b54 4533c0 xor r8d,r8d
tcpip!TcpBeginTcbSend+0x227: fffff880`01662b57 4585ff test r15d,r15d fffff880`01662b5a 0f84d2000000 je tcpip!TcpBeginTcbSend+0x302 (fffff880`01662c32) Branch
tcpip!TcpBeginTcbSend+0x230: fffff880`01662b60 0fba63701b bt dword ptr [rbx+70h],1Bh fffff880`01662b65 730b jae tcpip!TcpBeginTcbSend+0x242 (fffff880`01662b72) Branch
tcpip!TcpBeginTcbSend+0x237: fffff880`01662b67 488b83e0020000 mov rax,qword ptr [rbx+2E0h] fffff880`01662b6e 44017824 add dword ptr [rax+24h],r15d
tcpip!TcpBeginTcbSend+0x242: fffff880`01662b72 0fb78376020000 movzx eax,word ptr [rbx+276h] fffff880`01662b79 6685c0 test ax,ax fffff880`01662b7c 0f84b0000000 je tcpip!TcpBeginTcbSend+0x302 (fffff880`01662c32) Branch
tcpip!TcpBeginTcbSend+0x252: fffff880`01662b82 a802 test al,2 fffff880`01662b84 7425 je tcpip!TcpBeginTcbSend+0x27b (fffff880`01662bab) Branch
tcpip!TcpBeginTcbSend+0x256: fffff880`01662b86 418b0c24 mov ecx,dword ptr [r12] fffff880`01662b8a 8b9380000000 mov edx,dword ptr [rbx+80h] fffff880`01662b90 3bca cmp ecx,edx fffff880`01662b92 7917 jns tcpip!TcpBeginTcbSend+0x27b (fffff880`01662bab) Branch
tcpip!TcpBeginTcbSend+0x264: fffff880`01662b94 488b83c0020000 mov rax,qword ptr [rbx+2C0h] fffff880`01662b9b 2bd1 sub edx,ecx fffff880`01662b9d 488b4810 mov rcx,qword ptr [rax+10h] fffff880`01662ba1 443bfa cmp r15d,edx fffff880`01662ba4 410f42d7 cmovb edx,r15d fffff880`01662ba8 015114 add dword ptr [rcx+14h],edx
tcpip!TcpBeginTcbSend+0x27b: fffff880`01662bab f6837602000001 test byte ptr [rbx+276h],1 fffff880`01662bb2 740d je tcpip!TcpBeginTcbSend+0x291 (fffff880`01662bc1) Branch
tcpip!TcpBeginTcbSend+0x284: fffff880`01662bb4 488b83c0020000 mov rax,qword ptr [rbx+2C0h] fffff880`01662bbb 488b08 mov rcx,qword ptr [rax] fffff880`01662bbe 4c0139 add qword ptr [rcx],r15
tcpip!TcpBeginTcbSend+0x291: fffff880`01662bc1 f6837602000008 test byte ptr [rbx+276h],8 fffff880`01662bc8 741b je tcpip!TcpBeginTcbSend+0x2b5 (fffff880`01662be5) Branch
tcpip!TcpBeginTcbSend+0x29a: fffff880`01662bca 488b83c0020000 mov rax,qword ptr [rbx+2C0h] fffff880`01662bd1 418bcf mov ecx,r15d fffff880`01662bd4 2b4b78 sub ecx,dword ptr [rbx+78h] fffff880`01662bd7 488b5018 mov rdx,qword ptr [rax+18h] fffff880`01662bdb 41030c24 add ecx,dword ptr [r12] fffff880`01662bdf 390a cmp dword ptr [rdx],ecx fffff880`01662be1 7302 jae tcpip!TcpBeginTcbSend+0x2b5 (fffff880`01662be5) Branch
tcpip!TcpBeginTcbSend+0x2b3: fffff880`01662be3 890a mov dword ptr [rdx],ecx
tcpip!TcpBeginTcbSend+0x2b5: fffff880`01662be5 f6837602000020 test byte ptr [rbx+276h],20h fffff880`01662bec 7444 je tcpip!TcpBeginTcbSend+0x302 (fffff880`01662c32) Branch
tcpip!TcpBeginTcbSend+0x2be: fffff880`01662bee 488b83c0020000 mov rax,qword ptr [rbx+2C0h] fffff880`01662bf5 488b4828 mov rcx,qword ptr [rax+28h] fffff880`01662bf9 8b835c010000 mov eax,dword ptr [rbx+15Ch] fffff880`01662bff 394104 cmp dword ptr [rcx+4],eax fffff880`01662c02 7603 jbe tcpip!TcpBeginTcbSend+0x2d7 (fffff880`01662c07) Branch
tcpip!TcpBeginTcbSend+0x2d4: fffff880`01662c04 894104 mov dword ptr [rcx+4],eax
tcpip!TcpBeginTcbSend+0x2d7: fffff880`01662c07 488b83c0020000 mov rax,qword ptr [rbx+2C0h] fffff880`01662c0e 488b4828 mov rcx,qword ptr [rax+28h] fffff880`01662c12 8b835c010000 mov eax,dword ptr [rbx+15Ch] fffff880`01662c18 3901 cmp dword ptr [rcx],eax fffff880`01662c1a 7302 jae tcpip!TcpBeginTcbSend+0x2ee (fffff880`01662c1e) Branch
tcpip!TcpBeginTcbSend+0x2ec: fffff880`01662c1c 8901 mov dword ptr [rcx],eax
tcpip!TcpBeginTcbSend+0x2ee: fffff880`01662c1e 488b83c0020000 mov rax,qword ptr [rbx+2C0h] fffff880`01662c25 488b4828 mov rcx,qword ptr [rax+28h] fffff880`01662c29 8b835c010000 mov eax,dword ptr [rbx+15Ch] fffff880`01662c2f 89412c mov dword ptr [rcx+2Ch],eax
tcpip!TcpBeginTcbSend+0x302: fffff880`01662c32 0fb74338 movzx eax,word ptr [rbx+38h] fffff880`01662c36 488b4b18 mov rcx,qword ptr [rbx+18h] fffff880`01662c3a 4c8db424a0000000 lea r14,[rsp+0A0h] fffff880`01662c42 6623056f971200 and ax,word ptr [tcpip!PartitionMask (fffff880`0178c3b8)] fffff880`01662c49 f6833802000004 test byte ptr [rbx+238h],4 fffff880`01662c50 4c898424a0000000 mov qword ptr [rsp+0A0h],r8 fffff880`01662c58 668984248a000000 mov word ptr [rsp+8Ah],ax fffff880`01662c60 8b842460020000 mov eax,dword ptr [rsp+260h] fffff880`01662c67 4c89b42490000000 mov qword ptr [rsp+90h],r14 fffff880`01662c6f 488d14c0 lea rdx,[rax+rax*8] fffff880`01662c73 488b8180000000 mov rax,qword ptr [rcx+80h] fffff880`01662c7a 488d358f570000 lea rsi,[tcpip!TcpTcbSendDatagramsComplete (fffff880`01668410)] fffff880`01662c81 48898424d0000000 mov qword ptr [rsp+0D0h],rax fffff880`01662c89 48899424e0000000 mov qword ptr [rsp+0E0h],rdx fffff880`01662c91 7518 jne tcpip!TcpBeginTcbSend+0x37b (fffff880`01662cab) Branch
tcpip!TcpBeginTcbSend+0x363: fffff880`01662c93 488b9368020000 mov rdx,qword ptr [rbx+268h] fffff880`01662c9a 0fb74914 movzx ecx,word ptr [rcx+14h] fffff880`01662c9e e8bdea0200 call tcpip!InetInspectReevaluateOffload (fffff880`01691760) fffff880`01662ca3 84c0 test al,al fffff880`01662ca5 0f841e070000 je tcpip!TcpBeginTcbSend+0xa99 (fffff880`016633c9) Branch
tcpip!TcpBeginTcbSend+0x37b: fffff880`01662cab 8b8b38020000 mov ecx,dword ptr [rbx+238h] fffff880`01662cb1 f6c108 test cl,8 fffff880`01662cb4 0f850f070000 jne tcpip!TcpBeginTcbSend+0xa99 (fffff880`016633c9) Branch
tcpip!TcpBeginTcbSend+0x38a: fffff880`01662cba 8b83a0000000 mov eax,dword ptr [rbx+0A0h] fffff880`01662cc0 ffc0 inc eax fffff880`01662cc2 413bc7 cmp eax,r15d fffff880`01662cc5 0f87fe060000 ja tcpip!TcpBeginTcbSend+0xa99 (fffff880`016633c9) Branch
tcpip!TcpBeginTcbSend+0x39b: fffff880`01662ccb 488d8424f0000000 lea rax,[rsp+0F0h] fffff880`01662cd3 4c3be0 cmp r12,rax fffff880`01662cd6 0f85ed060000 jne tcpip!TcpBeginTcbSend+0xa99 (fffff880`016633c9) Branch
tcpip!TcpBeginTcbSend+0x3ac: fffff880`01662cdc 488b83e0020000 mov rax,qword ptr [rbx+2E0h] fffff880`01662ce3 4885c0 test rax,rax fffff880`01662ce6 740b je tcpip!TcpBeginTcbSend+0x3c3 (fffff880`01662cf3) Branch
tcpip!TcpBeginTcbSend+0x3b8: fffff880`01662ce8 4883781000 cmp qword ptr [rax+10h],0 fffff880`01662ced 0f85d6060000 jne tcpip!TcpBeginTcbSend+0xa99 (fffff880`016633c9) Branch
tcpip!TcpBeginTcbSend+0x3c3: fffff880`01662cf3 410fb6c5 movzx eax,r13b fffff880`01662cf7 24fe and al,0FEh fffff880`01662cf9 3c10 cmp al,10h fffff880`01662cfb 0f85c8060000 jne tcpip!TcpBeginTcbSend+0xa99 (fffff880`016633c9) Branch
tcpip!TcpBeginTcbSend+0x3d1: fffff880`01662d01 0fba63700c bt dword ptr [rbx+70h],0Ch fffff880`01662d06 0f82bd060000 jb tcpip!TcpBeginTcbSend+0xa99 (fffff880`016633c9) Branch
tcpip!TcpBeginTcbSend+0x3dc: fffff880`01662d0c 4883bbb802000000 cmp qword ptr [rbx+2B8h],0 fffff880`01662d14 0f84af060000 je tcpip!TcpBeginTcbSend+0xa99 (fffff880`016633c9) Branch
tcpip!TcpBeginTcbSend+0x3ea: fffff880`01662d1a 488b4318 mov rax,qword ptr [rbx+18h] fffff880`01662d1e 80b89e00000000 cmp byte ptr [rax+9Eh],0 fffff880`01662d25 0f859e060000 jne tcpip!TcpBeginTcbSend+0xa99 (fffff880`016633c9) Branch
tcpip!TcpBeginTcbSend+0x3fb: fffff880`01662d2b 83c904 or ecx,4 fffff880`01662d2e 488d842489000000 lea rax,[rsp+89h] fffff880`01662d36 4c8d8c24a8000000 lea r9,[rsp+0A8h] fffff880`01662d3e 4889442428 mov qword ptr [rsp+28h],rax fffff880`01662d43 488d842488000000 lea rax,[rsp+88h] fffff880`01662d4b 898b38020000 mov dword ptr [rbx+238h],ecx fffff880`01662d51 4c8d8424d8000000 lea r8,[rsp+0D8h] fffff880`01662d59 488d9424b0000000 lea rdx,[rsp+0B0h] fffff880`01662d61 488bcb mov rcx,rbx fffff880`01662d64 4889442420 mov qword ptr [rsp+20h],rax fffff880`01662d69 e8122b0100 call tcpip!OlmQuerySegmentationOffloadSupport (fffff880`01675880) fffff880`01662d6e 85c0 test eax,eax fffff880`01662d70 790c jns tcpip!TcpBeginTcbSend+0x44e (fffff880`01662d7e) Branch
tcpip!TcpBeginTcbSend+0x442: fffff880`01662d72 83a338020000fb and dword ptr [rbx+238h],0FFFFFFFBh fffff880`01662d79 e94b060000 jmp tcpip!TcpBeginTcbSend+0xa99 (fffff880`016633c9) Branch
tcpip!TcpBeginTcbSend+0x44e: fffff880`01662d7e 448bb424b0000000 mov r14d,dword ptr [rsp+0B0h] fffff880`01662d86 4585f6 test r14d,r14d fffff880`01662d89 7406 je tcpip!TcpBeginTcbSend+0x461 (fffff880`01662d91) Branch
tcpip!TcpBeginTcbSend+0x45b: fffff880`01662d8b 4183fe01 cmp r14d,1 fffff880`01662d8f 753b jne tcpip!TcpBeginTcbSend+0x49c (fffff880`01662dcc) Branch
tcpip!TcpBeginTcbSend+0x461: fffff880`01662d91 f6837002000020 test byte ptr [rbx+270h],20h fffff880`01662d98 740a je tcpip!TcpBeginTcbSend+0x474 (fffff880`01662da4) Branch
tcpip!TcpBeginTcbSend+0x46a: fffff880`01662d9a 80bc248800000000 cmp byte ptr [rsp+88h],0 fffff880`01662da2 7414 je tcpip!TcpBeginTcbSend+0x488 (fffff880`01662db8) Branch
tcpip!TcpBeginTcbSend+0x474: fffff880`01662da4 0fbaa33802000015 bt dword ptr [rbx+238h],15h fffff880`01662dac 731e jae tcpip!TcpBeginTcbSend+0x49c (fffff880`01662dcc) Branch
tcpip!TcpBeginTcbSend+0x47e: fffff880`01662dae 80bc248900000000 cmp byte ptr [rsp+89h],0 fffff880`01662db6 7514 jne tcpip!TcpBeginTcbSend+0x49c (fffff880`01662dcc) Branch
tcpip!TcpBeginTcbSend+0x488: fffff880`01662db8 83a338020000fb and dword ptr [rbx+238h],0FFFFFFFBh
tcpip!TcpBeginTcbSend+0x48f: fffff880`01662dbf 4c8db424a0000000 lea r14,[rsp+0A0h] fffff880`01662dc7 e9fd050000 jmp tcpip!TcpBeginTcbSend+0xa99 (fffff880`016633c9) Branch
tcpip!TcpBeginTcbSend+0x49c: fffff880`01662dcc 4585f6 test r14d,r14d fffff880`01662dcf 7406 je tcpip!TcpBeginTcbSend+0x4a7 (fffff880`01662dd7) Branch
tcpip!TcpBeginTcbSend+0x4a1: fffff880`01662dd1 4183fe01 cmp r14d,1 fffff880`01662dd5 7522 jne tcpip!TcpBeginTcbSend+0x4c9 (fffff880`01662df9) Branch
tcpip!TcpBeginTcbSend+0x4a7: fffff880`01662dd7 b880000000 mov eax,80h fffff880`01662ddc 663983a0020000 cmp word ptr [rbx+2A0h],ax fffff880`01662de3 7614 jbe tcpip!TcpBeginTcbSend+0x4c9 (fffff880`01662df9) Branch
tcpip!TcpBeginTcbSend+0x4b5: fffff880`01662de5 83a338020000fb and dword ptr [rbx+238h],0FFFFFFFBh fffff880`01662dec 4c8db424a0000000 lea r14,[rsp+0A0h] fffff880`01662df4 e9d0050000 jmp tcpip!TcpBeginTcbSend+0xa99 (fffff880`016633c9) Branch
tcpip!TcpBeginTcbSend+0x4c9: fffff880`01662df9 448b9424a8000000 mov r10d,dword ptr [rsp+0A8h] fffff880`01662e01 8b7b78 mov edi,dword ptr [rbx+78h] fffff880`01662e04 2b7b7c sub edi,dword ptr [rbx+7Ch] fffff880`01662e07 418d42ff lea eax,[r10-1] fffff880`01662e0b 03bb18010000 add edi,dword ptr [rbx+118h] fffff880`01662e11 0faf83a0000000 imul eax,dword ptr [rbx+0A0h] fffff880`01662e18 ffc0 inc eax fffff880`01662e1a 89bc24ac000000 mov dword ptr [rsp+0ACh],edi fffff880`01662e21 898424b8000000 mov dword ptr [rsp+0B8h],eax fffff880`01662e28 443bf8 cmp r15d,eax fffff880`01662e2b 7292 jb tcpip!TcpBeginTcbSend+0x48f (fffff880`01662dbf) Branch
tcpip!TcpBeginTcbSend+0x4fd: fffff880`01662e2d 8b8424d8000000 mov eax,dword ptr [rsp+0D8h] fffff880`01662e34 33d2 xor edx,edx fffff880`01662e36 b900400000 mov ecx,4000h fffff880`01662e3b 443bf8 cmp r15d,eax fffff880`01662e3e 761a jbe tcpip!TcpBeginTcbSend+0x52a (fffff880`01662e5a) Branch
tcpip!TcpBeginTcbSend+0x510: fffff880`01662e40 8baba0000000 mov ebp,dword ptr [rbx+0A0h] fffff880`01662e46 f7f5 div eax,ebp fffff880`01662e48 3bc1 cmp eax,ecx fffff880`01662e4a 448be8 mov r13d,eax fffff880`01662e4d 440f47e9 cmova r13d,ecx fffff880`01662e51 410fafed imul ebp,r13d fffff880`01662e55 e939020000 jmp tcpip!TcpBeginTcbSend+0x763 (fffff880`01663093) Branch
tcpip!TcpBeginTcbSend+0x52a: fffff880`01662e5a 448b8ba0000000 mov r9d,dword ptr [rbx+0A0h] fffff880`01662e61 438d4439ff lea eax,[r9+r15-1] fffff880`01662e66 41f7f1 div eax,r9d fffff880`01662e69 448be8 mov r13d,eax fffff880`01662e6c 443bff cmp r15d,edi fffff880`01662e6f 0f831b020000 jae tcpip!TcpBeginTcbSend+0x760 (fffff880`01663090) Branch
tcpip!TcpBeginTcbSend+0x545: fffff880`01662e75 0fba637015 bt dword ptr [rbx+70h],15h fffff880`01662e7a 0f8210020000 jb tcpip!TcpBeginTcbSend+0x760 (fffff880`01663090) Branch
tcpip!TcpBeginTcbSend+0x550: fffff880`01662e80 418bc9 mov ecx,r9d fffff880`01662e83 458bc7 mov r8d,r15d fffff880`01662e86 410fafcd imul ecx,r13d fffff880`01662e8a 442bc1 sub r8d,ecx fffff880`01662e8d 7903 jns tcpip!TcpBeginTcbSend+0x562 (fffff880`01662e92) Branch
tcpip!TcpBeginTcbSend+0x55f: fffff880`01662e8f 4503c1 add r8d,r9d
tcpip!TcpBeginTcbSend+0x562: fffff880`01662e92 4585c0 test r8d,r8d fffff880`01662e95 0f84f5010000 je tcpip!TcpBeginTcbSend+0x760 (fffff880`01663090) Branch
tcpip!TcpBeginTcbSend+0x56b: fffff880`01662e9b 448b8b98000000 mov r9d,dword ptr [rbx+98h] fffff880`01662ea2 418bc1 mov eax,r9d fffff880`01662ea5 99 cdq fffff880`01662ea6 2bc2 sub eax,edx fffff880`01662ea8 d1f8 sar eax,1 fffff880`01662eaa 443bc0 cmp r8d,eax fffff880`01662ead 0f8ddd010000 jge tcpip!TcpBeginTcbSend+0x760 (fffff880`01663090) Branch
tcpip!TcpBeginTcbSend+0x583: fffff880`01662eb3 41ffcd dec r13d fffff880`01662eb6 453bea cmp r13d,r10d fffff880`01662eb9 0f82d1040000 jb tcpip!TcpBeginTcbSend+0xa60 (fffff880`01663390) Branch
tcpip!TcpBeginTcbSend+0x58f: fffff880`01662ebf 452bf8 sub r15d,r8d fffff880`01662ec2 837b6804 cmp dword ptr [rbx+68h],4 fffff880`01662ec6 0f8cc4010000 jl tcpip!TcpBeginTcbSend+0x760 (fffff880`01663090) Branch
tcpip!TcpBeginTcbSend+0x59c: fffff880`01662ecc 818b3802000000010000 or dword ptr [rbx+238h],100h fffff880`01662ed6 833d5f02110001 cmp dword ptr [tcpip!MICROSOFT_TCPIP_PROVIDER_Context+0x24 (fffff880`0177313c)],1 fffff880`01662edd 0f85af000000 jne tcpip!TcpBeginTcbSend+0x662 (fffff880`01662f92) Branch
tcpip!TcpBeginTcbSend+0x5b3: fffff880`01662ee3 0fb60556021100 movzx eax,byte ptr [tcpip!MICROSOFT_TCPIP_PROVIDER_Context+0x28 (fffff880`01773140)] fffff880`01662eea 3c04 cmp al,4 fffff880`01662eec 7308 jae tcpip!TcpBeginTcbSend+0x5c6 (fffff880`01662ef6) Branch
tcpip!TcpBeginTcbSend+0x5be: fffff880`01662eee 84c0 test al,al fffff880`01662ef0 0f859c000000 jne tcpip!TcpBeginTcbSend+0x662 (fffff880`01662f92) Branch
tcpip!TcpBeginTcbSend+0x5c6: fffff880`01662ef6 48ba8000000001000080 mov rdx,8000000100000080h fffff880`01662f00 48851521021100 test qword ptr [tcpip!MICROSOFT_TCPIP_PROVIDER_Context+0x10 (fffff880`01773128)],rdx fffff880`01662f07 0f8485000000 je tcpip!TcpBeginTcbSend+0x662 (fffff880`01662f92) Branch
tcpip!TcpBeginTcbSend+0x5dd: fffff880`01662f0d 488b0d1c021100 mov rcx,qword ptr [tcpip!MICROSOFT_TCPIP_PROVIDER_Context+0x18 (fffff880`01773130)] fffff880`01662f14 488bc1 mov rax,rcx fffff880`01662f17 4823c2 and rax,rdx fffff880`01662f1a 483bc1 cmp rax,rcx fffff880`01662f1d 7573 jne tcpip!TcpBeginTcbSend+0x662 (fffff880`01662f92) Branch
tcpip!TcpBeginTcbSend+0x5ef: fffff880`01662f1f 488b5318 mov rdx,qword ptr [rbx+18h] fffff880`01662f23 33c0 xor eax,eax fffff880`01662f25 4c894c2440 mov qword ptr [rsp+40h],r9 fffff880`01662f2a 898424b0010000 mov dword ptr [rsp+1B0h],eax fffff880`01662f31 898424b4010000 mov dword ptr [rsp+1B4h],eax fffff880`01662f38 898424b8010000 mov dword ptr [rsp+1B8h],eax fffff880`01662f3f 898424bc010000 mov dword ptr [rsp+1BCh],eax fffff880`01662f46 8b83c4000000 mov eax,dword ptr [rbx+0C4h] fffff880`01662f4c 418bcf mov ecx,r15d fffff880`01662f4f 89442438 mov dword ptr [rsp+38h],eax fffff880`01662f53 8b8318010000 mov eax,dword ptr [rbx+118h] fffff880`01662f59 48899c24b0010000 mov qword ptr [rsp+1B0h],rbx fffff880`01662f61 89442430 mov dword ptr [rsp+30h],eax fffff880`01662f65 8b82b0000000 mov eax,dword ptr [rdx+0B0h] fffff880`01662f6b 48894c2428 mov qword ptr [rsp+28h],rcx fffff880`01662f70 488b0d99011100 mov rcx,qword ptr [tcpip!Microsoft_Windows_TCPIPHandle (fffff880`01773110)] fffff880`01662f77 4c8d8424b0010000 lea r8,[rsp+1B0h] fffff880`01662f7f 488d15a2f90d00 lea rdx,[tcpip!TCP_SWS_AVOIDANCE_BEGIN (fffff880`01742928)] fffff880`01662f86 4c8bcb mov r9,rbx fffff880`01662f89 89442420 mov dword ptr [rsp+20h],eax fffff880`01662f8d e8ae8b0800 call tcpip!Template_pqpqqp (fffff880`016ebb40)
tcpip!TcpBeginTcbSend+0x662: fffff880`01662f92 83bb1803000000 cmp dword ptr [rbx+318h],0 fffff880`01662f99 8bbc2468020000 mov edi,dword ptr [rsp+268h] fffff880`01662fa0 742e je tcpip!TcpBeginTcbSend+0x6a0 (fffff880`01662fd0) Branch
tcpip!TcpBeginTcbSend+0x672: fffff880`01662fa2 448bc7 mov r8d,edi fffff880`01662fa5 ba81000000 mov edx,81h fffff880`01662faa 488bcb mov rcx,rbx fffff880`01662fad e85efefdff call tcpip!TcpQueryTimerTcb (fffff880`01642e10) fffff880`01662fb2 488b4b18 mov rcx,qword ptr [rbx+18h] fffff880`01662fb6 448bd8 mov r11d,eax fffff880`01662fb9 b8cdcccccc mov eax,0CCCCCCCDh fffff880`01662fbe f7a1b0000000 mul eax,dword ptr [rcx+0B0h] fffff880`01662fc4 c1ea03 shr edx,3 fffff880`01662fc7 443bda cmp r11d,edx fffff880`01662fca 0f8ec0000000 jle tcpip!TcpBeginTcbSend+0x760 (fffff880`01663090) Branch
tcpip!TcpBeginTcbSend+0x6a0: fffff880`01662fd0 488b4b18 mov rcx,qword ptr [rbx+18h] fffff880`01662fd4 b8cdcccccc mov eax,0CCCCCCCDh fffff880`01662fd9 448bcf mov r9d,edi fffff880`01662fdc f7a1b0000000 mul eax,dword ptr [rcx+0B0h] fffff880`01662fe2 488bcb mov rcx,rbx fffff880`01662fe5 c1ea03 shr edx,3 fffff880`01662fe8 448bc2 mov r8d,edx fffff880`01662feb ba81000000 mov edx,81h fffff880`01662ff0 e85b43feff call tcpip!TcpStartTimerTcb (fffff880`01647350) fffff880`01662ff5 833d4001110001 cmp dword ptr [tcpip!MICROSOFT_TCPIP_PROVIDER_Context+0x24 (fffff880`0177313c)],1 fffff880`01662ffc 0f858e000000 jne tcpip!TcpBeginTcbSend+0x760 (fffff880`01663090) Branch
tcpip!TcpBeginTcbSend+0x6d2: fffff880`01663002 0fb60537011100 movzx eax,byte ptr [tcpip!MICROSOFT_TCPIP_PROVIDER_Context+0x28 (fffff880`01773140)] fffff880`01663009 3c05 cmp al,5 fffff880`0166300b 7304 jae tcpip!TcpBeginTcbSend+0x6e1 (fffff880`01663011) Branch
tcpip!TcpBeginTcbSend+0x6dd: fffff880`0166300d 84c0 test al,al fffff880`0166300f 757f jne tcpip!TcpBeginTcbSend+0x760 (fffff880`01663090) Branch
tcpip!TcpBeginTcbSend+0x6e1: fffff880`01663011 48ba0400000000080080 mov rdx,8000080000000004h fffff880`0166301b 48851506011100 test qword ptr [tcpip!MICROSOFT_TCPIP_PROVIDER_Context+0x10 (fffff880`01773128)],rdx fffff880`01663022 746c je tcpip!TcpBeginTcbSend+0x760 (fffff880`01663090) Branch
tcpip!TcpBeginTcbSend+0x6f4: fffff880`01663024 488b0d05011100 mov rcx,qword ptr [tcpip!MICROSOFT_TCPIP_PROVIDER_Context+0x18 (fffff880`01773130)] fffff880`0166302b 488bc1 mov rax,rcx fffff880`0166302e 4823c2 and rax,rdx fffff880`01663031 483bc1 cmp rax,rcx fffff880`01663034 755a jne tcpip!TcpBeginTcbSend+0x760 (fffff880`01663090) Branch
tcpip!TcpBeginTcbSend+0x706: fffff880`01663036 33c0 xor eax,eax fffff880`01663038 4c8d8424d0010000 lea r8,[rsp+1D0h] fffff880`01663040 488d1571f60d00 lea rdx,[tcpip!TCP_TCB_TIMER_START (fffff880`017426b8)] fffff880`01663047 898424d0010000 mov dword ptr [rsp+1D0h],eax fffff880`0166304e 898424d4010000 mov dword ptr [rsp+1D4h],eax fffff880`01663055 898424d8010000 mov dword ptr [rsp+1D8h],eax fffff880`0166305c 898424dc010000 mov dword ptr [rsp+1DCh],eax fffff880`01663063 488b4318 mov rax,qword ptr [rbx+18h] fffff880`01663067 48899c24d0010000 mov qword ptr [rsp+1D0h],rbx fffff880`0166306f 8b88b0000000 mov ecx,dword ptr [rax+0B0h] fffff880`01663075 4c8bcb mov r9,rbx fffff880`01663078 894c2428 mov dword ptr [rsp+28h],ecx fffff880`0166307c 488b0d8d001100 mov rcx,qword ptr [tcpip!Microsoft_Windows_TCPIPHandle (fffff880`01773110)] fffff880`01663083 c744242006000000 mov dword ptr [rsp+20h],6 fffff880`0166308b e8d0860800 call tcpip!Template_pqq (fffff880`016eb760)
tcpip!TcpBeginTcbSend+0x760: fffff880`01663090 418bef mov ebp,r15d
tcpip!TcpBeginTcbSend+0x763: fffff880`01663093 448b842484000000 mov r8d,dword ptr [rsp+84h] fffff880`0166309b 488b0db6a21200 mov rcx,qword ptr [tcpip!TcpSendNetBufferListPool (fffff880`0178d358)] fffff880`016630a2 41b910000000 mov r9d,10h fffff880`016630a8 418d5168 lea edx,[r9+68h] fffff880`016630ac 450fb6c0 movzx r8d,r8b fffff880`016630b0 48c744242800000000 mov qword ptr [rsp+28h],0 fffff880`016630b9 4889742420 mov qword ptr [rsp+20h],rsi fffff880`016630be e8ed77ffff call tcpip!NetioAllocateAndReferenceNetBufferListNetBufferMdlAndData (fffff880`0165a8b0) fffff880`016630c3 488b8c2490000000 mov rcx,qword ptr [rsp+90h] fffff880`016630cb 488901 mov qword ptr [rcx],rax fffff880`016630ce 4885c0 test rax,rax fffff880`016630d1 0f84e8020000 je tcpip!TcpBeginTcbSend+0xa8f (fffff880`016633bf) Branch
tcpip!TcpBeginTcbSend+0x7a7: fffff880`016630d7 488b5010 mov rdx,qword ptr [rax+10h] fffff880`016630db 488b7008 mov rsi,qword ptr [rax+8] fffff880`016630df 0fb74a0a movzx ecx,word ptr [rdx+0Ah] fffff880`016630e3 488d7c1110 lea rdi,[rcx+rdx+10h] fffff880`016630e8 8b4b38 mov ecx,dword ptr [rbx+38h] fffff880`016630eb b201 mov dl,1 fffff880`016630ed 488988d0000000 mov qword ptr [rax+0D0h],rcx fffff880`016630f4 488b8b68020000 mov rcx,qword ptr [rbx+268h] fffff880`016630fb e820d80200 call tcpip!InetInspectQueryQoSFlowHandle (fffff880`01690920) fffff880`01663100 488b8c2490000000 mov rcx,qword ptr [rsp+90h] fffff880`01663108 488b09 mov rcx,qword ptr [rcx] fffff880`0166310b 488981a8000000 mov qword ptr [rcx+0A8h],rax fffff880`01663112 488b4e20 mov rcx,qword ptr [rsi+20h] fffff880`01663116 f6410a05 test byte ptr [rcx+0Ah],5 fffff880`0166311a 7406 je tcpip!TcpBeginTcbSend+0x7f2 (fffff880`01663122) Branch
tcpip!TcpBeginTcbSend+0x7ec: fffff880`0166311c 488b4118 mov rax,qword ptr [rcx+18h] fffff880`01663120 eb1f jmp tcpip!TcpBeginTcbSend+0x811 (fffff880`01663141) Branch
tcpip!TcpBeginTcbSend+0x7f2: fffff880`01663122 4533c9 xor r9d,r9d fffff880`01663125 33d2 xor edx,edx fffff880`01663127 c744242810000000 mov dword ptr [rsp+28h],10h fffff880`0166312f 458d4101 lea r8d,[r9+1] fffff880`01663133 c744242000000000 mov dword ptr [rsp+20h],0 fffff880`0166313b ff153fe10d00 call qword ptr [tcpip!_imp_MmMapLockedPagesSpecifyCache (fffff880`01741280)]
tcpip!TcpBeginTcbSend+0x811: fffff880`01663141 f6833802000004 test byte ptr [rbx+238h],4 fffff880`01663148 4c8d4878 lea r9,[rax+78h] fffff880`0166314c 745f je tcpip!TcpBeginTcbSend+0x87d (fffff880`016631ad) Branch
tcpip!TcpBeginTcbSend+0x81e: fffff880`0166314e 8b842498000000 mov eax,dword ptr [rsp+98h] fffff880`01663155 418bce mov ecx,r14d fffff880`01663158 83e101 and ecx,1 fffff880`0166315b 250000f0bf and eax,0BFF00000h fffff880`01663160 c1e11e shl ecx,1Eh fffff880`01663163 0bc8 or ecx,eax fffff880`01663165 8b83a0000000 mov eax,dword ptr [rbx+0A0h] fffff880`0166316b 25ffff0f00 and eax,0FFFFFh fffff880`01663170 0bc8 or ecx,eax fffff880`01663172 898c2498000000 mov dword ptr [rsp+98h],ecx fffff880`01663179 4183fe01 cmp r14d,1 fffff880`0166317d 7405 je tcpip!TcpBeginTcbSend+0x854 (fffff880`01663184) Branch
tcpip!TcpBeginTcbSend+0x84f: fffff880`0166317f 4585f6 test r14d,r14d fffff880`01663182 750d jne tcpip!TcpBeginTcbSend+0x861 (fffff880`01663191) Branch
tcpip!TcpBeginTcbSend+0x854: fffff880`01663184 81e1ffff0fc0 and ecx,0C00FFFFFh fffff880`0166318a 898c2498000000 mov dword ptr [rsp+98h],ecx
tcpip!TcpBeginTcbSend+0x861: fffff880`01663191 4c8bb42490000000 mov r14,qword ptr [rsp+90h] fffff880`01663199 488b842498000000 mov rax,qword ptr [rsp+98h] fffff880`016631a1 498b0e mov rcx,qword ptr [r14] fffff880`016631a4 488981a0000000 mov qword ptr [rcx+0A0h],rax fffff880`016631ab eb08 jmp tcpip!TcpBeginTcbSend+0x885 (fffff880`016631b5) Branch
tcpip!TcpBeginTcbSend+0x87d: fffff880`016631ad 4c8bb42490000000 mov r14,qword ptr [rsp+90h]
tcpip!TcpBeginTcbSend+0x885: fffff880`016631b5 498b442408 mov rax,qword ptr [r12+8] fffff880`016631ba f083401c01 lock add dword ptr [rax+1Ch],1 fffff880`016631bf 498b4c2408 mov rcx,qword ptr [r12+8] fffff880`016631c4 c7470801000000 mov dword ptr [rdi+8],1 fffff880`016631cb 4d8bc4 mov r8,r12 fffff880`016631ce 48890f mov qword ptr [rdi],rcx fffff880`016631d1 418b0424 mov eax,dword ptr [r12] fffff880`016631d5 488bd7 mov rdx,rdi fffff880`016631d8 894160 mov dword ptr [rcx+60h],eax fffff880`016631db 8b842468020000 mov eax,dword ptr [rsp+268h] fffff880`016631e2 488bcb mov rcx,rbx fffff880`016631e5 89442450 mov dword ptr [rsp+50h],eax fffff880`016631e9 8a842480000000 mov al,byte ptr [rsp+80h] fffff880`016631f0 88442448 mov byte ptr [rsp+48h],al fffff880`016631f4 8b842484000000 mov eax,dword ptr [rsp+84h] fffff880`016631fb 88442440 mov byte ptr [rsp+40h],al fffff880`016631ff 0fb783a6000000 movzx eax,word ptr [rbx+0A6h] fffff880`01663206 6689442438 mov word ptr [rsp+38h],ax fffff880`0166320b 8b8424c0000000 mov eax,dword ptr [rsp+0C0h] fffff880`01663212 89442430 mov dword ptr [rsp+30h],eax fffff880`01663216 896c2428 mov dword ptr [rsp+28h],ebp fffff880`0166321a 4889742420 mov qword ptr [rsp+20h],rsi fffff880`0166321f e8bc220000 call tcpip!TcpSegmentTcbSend (fffff880`016654e0) fffff880`01663224 85c0 test eax,eax fffff880`01663226 0f886e010000 js tcpip!TcpBeginTcbSend+0xa6a (fffff880`0166339a) Branch
tcpip!TcpBeginTcbSend+0x8fc: fffff880`0166322c 8b055a381200 mov eax,dword ptr [tcpip!Microsoft_Windows_Networking_CorrelationEnabled (fffff880`01786a8c)] fffff880`01663232 85c0 test eax,eax fffff880`01663234 7429 je tcpip!TcpBeginTcbSend+0x92f (fffff880`0166325f) Branch
tcpip!TcpBeginTcbSend+0x906: fffff880`01663236 488bcf mov rcx,rdi fffff880`01663239 e842010a00 call tcpip!TcpFindAndTransferActivityIDForSend (fffff880`01703380) fffff880`0166323e 498b0e mov rcx,qword ptr [r14] fffff880`01663241 4885c0 test rax,rax fffff880`01663244 740b je tcpip!TcpBeginTcbSend+0x921 (fffff880`01663251) Branch
tcpip!TcpBeginTcbSend+0x916: fffff880`01663246 41b813000000 mov r8d,13h fffff880`0166324c 488bd0 mov rdx,rax fffff880`0166324f eb09 jmp tcpip!TcpBeginTcbSend+0x92a (fffff880`0166325a) Branch
tcpip!TcpBeginTcbSend+0x921: fffff880`01663251 41b814000000 mov r8d,14h fffff880`01663257 488bd3 mov rdx,rbx
tcpip!TcpBeginTcbSend+0x92a: fffff880`0166325a e891010a00 call tcpip!TcpipTransferActivityIDToNBL (fffff880`017033f0)
tcpip!TcpBeginTcbSend+0x92f: fffff880`0166325f 8bbc24ac000000 mov edi,dword ptr [rsp+0ACh] fffff880`01663266 488b8c24e0000000 mov rcx,qword ptr [rsp+0E0h] fffff880`0166326e 488b9424d0000000 mov rdx,qword ptr [rsp+0D0h] fffff880`01663276 418bc5 mov eax,r13d fffff880`01663279 2bfd sub edi,ebp fffff880`0166327b 442bfd sub r15d,ebp fffff880`0166327e 480144ca20 add qword ptr [rdx+rcx*8+20h],rax fffff880`01663283 488b4320 mov rax,qword ptr [rbx+20h] fffff880`01663287 89bc24ac000000 mov dword ptr [rsp+0ACh],edi fffff880`0166328e 4885c0 test rax,rax fffff880`01663291 741a je tcpip!TcpBeginTcbSend+0x97d (fffff880`016632ad) Branch
tcpip!TcpBeginTcbSend+0x963: fffff880`01663293 488b00 mov rax,qword ptr [rax] fffff880`01663296 458bc5 mov r8d,r13d fffff880`01663299 488b4808 mov rcx,qword ptr [rax+8] fffff880`0166329d 8b5108 mov edx,dword ptr [rcx+8] fffff880`016632a0 0fb78c248a000000 movzx ecx,word ptr [rsp+8Ah] fffff880`016632a8 e803220300 call tcpip!OlmRssCountActivity (fffff880`016954b0)
tcpip!TcpBeginTcbSend+0x97d: fffff880`016632ad 4d8b36 mov r14,qword ptr [r14] fffff880`016632b0 488bb424e8000000 mov rsi,qword ptr [rsp+0E8h] fffff880`016632b8 66830e01 or word ptr [rsi],1 fffff880`016632bc 0fb78376020000 movzx eax,word ptr [rbx+276h] fffff880`016632c3 4c89b42490000000 mov qword ptr [rsp+90h],r14 fffff880`016632cb 6685c0 test ax,ax fffff880`016632ce 7412 je tcpip!TcpBeginTcbSend+0x9b2 (fffff880`016632e2) Branch
tcpip!TcpBeginTcbSend+0x9a0: fffff880`016632d0 a801 test al,1 fffff880`016632d2 740e je tcpip!TcpBeginTcbSend+0x9b2 (fffff880`016632e2) Branch
tcpip!TcpBeginTcbSend+0x9a4: fffff880`016632d4 488b83c0020000 mov rax,qword ptr [rbx+2C0h] fffff880`016632db 488b08 mov rcx,qword ptr [rax] fffff880`016632de 48ff4120 inc qword ptr [rcx+20h]
tcpip!TcpBeginTcbSend+0x9b2: fffff880`016632e2 833d53fe100001 cmp dword ptr [tcpip!MICROSOFT_TCPIP_PROVIDER_Context+0x24 (fffff880`0177313c)],1 fffff880`016632e9 757f jne tcpip!TcpBeginTcbSend+0xa3a (fffff880`0166336a) Branch
tcpip!TcpBeginTcbSend+0x9bb: fffff880`016632eb 8a054ffe1000 mov al,byte ptr [tcpip!MICROSOFT_TCPIP_PROVIDER_Context+0x28 (fffff880`01773140)] fffff880`016632f1 3c05 cmp al,5 fffff880`016632f3 7304 jae tcpip!TcpBeginTcbSend+0x9c9 (fffff880`016632f9) Branch
tcpip!TcpBeginTcbSend+0x9c5: fffff880`016632f5 84c0 test al,al fffff880`016632f7 7571 jne tcpip!TcpBeginTcbSend+0xa3a (fffff880`0166336a) Branch
tcpip!TcpBeginTcbSend+0x9c9: fffff880`016632f9 48ba0000000001000080 mov rdx,8000000100000000h fffff880`01663303 4885151efe1000 test qword ptr [tcpip!MICROSOFT_TCPIP_PROVIDER_Context+0x10 (fffff880`01773128)],rdx fffff880`0166330a 745e je tcpip!TcpBeginTcbSend+0xa3a (fffff880`0166336a) Branch
tcpip!TcpBeginTcbSend+0x9dc: fffff880`0166330c 488b0d1dfe1000 mov rcx,qword ptr [tcpip!MICROSOFT_TCPIP_PROVIDER_Context+0x18 (fffff880`01773130)] fffff880`01663313 488bc1 mov rax,rcx fffff880`01663316 4823c2 and rax,rdx fffff880`01663319 483bc1 cmp rax,rcx fffff880`0166331c 754c jne tcpip!TcpBeginTcbSend+0xa3a (fffff880`0166336a) Branch
tcpip!TcpBeginTcbSend+0x9ee: fffff880`0166331e 488b0debfd1000 mov rcx,qword ptr [tcpip!Microsoft_Windows_TCPIPHandle (fffff880`01773110)] fffff880`01663325 33c0 xor eax,eax fffff880`01663327 4c8d842440010000 lea r8,[rsp+140h] fffff880`0166332f 89842440010000 mov dword ptr [rsp+140h],eax fffff880`01663336 89842444010000 mov dword ptr [rsp+144h],eax fffff880`0166333d 488d1594f60d00 lea rdx,[tcpip!TCP_LSO (fffff880`017429d8)] fffff880`01663344 4c8bcb mov r9,rbx fffff880`01663347 897c2428 mov dword ptr [rsp+28h],edi fffff880`0166334b 89842448010000 mov dword ptr [rsp+148h],eax fffff880`01663352 8984244c010000 mov dword ptr [rsp+14Ch],eax fffff880`01663359 48899c2440010000 mov qword ptr [rsp+140h],rbx fffff880`01663361 896c2420 mov dword ptr [rsp+20h],ebp fffff880`01663365 e8f6830800 call tcpip!Template_pqq (fffff880`016eb760)
tcpip!TcpBeginTcbSend+0xa3a: fffff880`0166336a 488d359f500000 lea rsi,[tcpip!TcpTcbSendDatagramsComplete (fffff880`01668410)] fffff880`01663371 443bbc24b8000000 cmp r15d,dword ptr [rsp+0B8h] fffff880`01663379 7247 jb tcpip!TcpBeginTcbSend+0xa92 (fffff880`016633c2) Branch
tcpip!TcpBeginTcbSend+0xa4b: fffff880`0166337b 448b9424a8000000 mov r10d,dword ptr [rsp+0A8h] fffff880`01663383 448bb424b0000000 mov r14d,dword ptr [rsp+0B0h] fffff880`0166338b e99dfaffff jmp tcpip!TcpBeginTcbSend+0x4fd (fffff880`01662e2d) Branch
tcpip!TcpBeginTcbSend+0xa60: fffff880`01663390 4c8bb42490000000 mov r14,qword ptr [rsp+90h] fffff880`01663398 eb28 jmp tcpip!TcpBeginTcbSend+0xa92 (fffff880`016633c2) Branch
tcpip!TcpBeginTcbSend+0xa6a: fffff880`0166339a 498b06 mov rax,qword ptr [r14] fffff880`0166339d b201 mov dl,1 fffff880`0166339f 48c7407078563412 mov qword ptr [rax+70h],12345678h fffff880`016633a7 498b0e mov rcx,qword ptr [r14] fffff880`016633aa e81d5e0200 call tcpip!NetioDereferenceNetBufferList (fffff880`016891cc) fffff880`016633af 49c70600000000 mov qword ptr [r14],0 fffff880`016633b6 488d3553500000 lea rsi,[tcpip!TcpTcbSendDatagramsComplete (fffff880`01668410)] fffff880`016633bd eb03 jmp tcpip!TcpBeginTcbSend+0xa92 (fffff880`016633c2) Branch
tcpip!TcpBeginTcbSend+0xa8f: fffff880`016633bf 4c8bf1 mov r14,rcx
tcpip!TcpBeginTcbSend+0xa92: fffff880`016633c2 8bac2484000000 mov ebp,dword ptr [rsp+84h]
tcpip!TcpBeginTcbSend+0xa99: fffff880`016633c9 4585ff test r15d,r15d fffff880`016633cc 750f jne tcpip!TcpBeginTcbSend+0xaad (fffff880`016633dd) Branch
tcpip!TcpBeginTcbSend+0xa9e: fffff880`016633ce 4883bc24a000000000 cmp qword ptr [rsp+0A0h],0 fffff880`016633d7 0f8538070000 jne tcpip!TcpBeginTcbSend+0x11e5 (fffff880`01663b15) Branch
tcpip!TcpBeginTcbSend+0xaad: fffff880`016633dd 488b0d749f1200 mov rcx,qword ptr [tcpip!TcpSendNetBufferListPool (fffff880`0178d358)] fffff880`016633e4 440fb6c5 movzx r8d,bpl fffff880`016633e8 33ed xor ebp,ebp fffff880`016633ea 448d4d10 lea r9d,[rbp+10h] fffff880`016633ee 8d5578 lea edx,[rbp+78h] fffff880`016633f1 48896c2428 mov qword ptr [rsp+28h],rbp fffff880`016633f6 4889742420 mov qword ptr [rsp+20h],rsi fffff880`016633fb e8b074ffff call tcpip!NetioAllocateAndReferenceNetBufferListNetBufferMdlAndData (fffff880`0165a8b0) fffff880`01663400 498906 mov qword ptr [r14],rax fffff880`01663403 4885c0 test rax,rax fffff880`01663406 0f840b070000 je tcpip!TcpBeginTcbSend+0x11e7 (fffff880`01663b17) Branch
tcpip!TcpBeginTcbSend+0xadc: fffff880`0166340c 488b5010 mov rdx,qword ptr [rax+10h] fffff880`01663410 4c8b7008 mov r14,qword ptr [rax+8] fffff880`01663414 0fb74a0a movzx ecx,word ptr [rdx+0Ah] fffff880`01663418 4c8d6c1110 lea r13,[rcx+rdx+10h] fffff880`0166341d 8b4b38 mov ecx,dword ptr [rbx+38h] fffff880`01663420 488988d0000000 mov qword ptr [rax+0D0h],rcx fffff880`01663427 488b8b68020000 mov rcx,qword ptr [rbx+268h] fffff880`0166342e 4885c9 test rcx,rcx fffff880`01663431 7505 jne tcpip!TcpBeginTcbSend+0xb08 (fffff880`01663438) Branch
tcpip!TcpBeginTcbSend+0xb03: fffff880`01663433 488bc5 mov rax,rbp fffff880`01663436 eb07 jmp tcpip!TcpBeginTcbSend+0xb0f (fffff880`0166343f) Branch
tcpip!TcpBeginTcbSend+0xb08: fffff880`01663438 b201 mov dl,1 fffff880`0166343a e801d50200 call tcpip!QimInspectQueryQoSFlowHandle (fffff880`01690940)
tcpip!TcpBeginTcbSend+0xb0f: fffff880`0166343f 488b942490000000 mov rdx,qword ptr [rsp+90h] fffff880`01663447 488b0a mov rcx,qword ptr [rdx] fffff880`0166344a 488981a8000000 mov qword ptr [rcx+0A8h],rax fffff880`01663451 498b4e20 mov rcx,qword ptr [r14+20h] fffff880`01663455 f6410a05 test byte ptr [rcx+0Ah],5 fffff880`01663459 7406 je tcpip!TcpBeginTcbSend+0xb31 (fffff880`01663461) Branch
tcpip!TcpBeginTcbSend+0xb2b: fffff880`0166345b 488b4118 mov rax,qword ptr [rcx+18h] fffff880`0166345f eb23 jmp tcpip!TcpBeginTcbSend+0xb54 (fffff880`01663484) Branch
tcpip!TcpBeginTcbSend+0xb31: fffff880`01663461 4533c9 xor r9d,r9d fffff880`01663464 33d2 xor edx,edx fffff880`01663466 c744242810000000 mov dword ptr [rsp+28h],10h fffff880`0166346e 458d4101 lea r8d,[r9+1] fffff880`01663472 896c2420 mov dword ptr [rsp+20h],ebp fffff880`01663476 ff1504de0d00 call qword ptr [tcpip!_imp_MmMapLockedPagesSpecifyCache (fffff880`01741280)] fffff880`0166347c 488b942490000000 mov rdx,qword ptr [rsp+90h]
tcpip!TcpBeginTcbSend+0xb54: fffff880`01663484 488d6878 lea rbp,[rax+78h] fffff880`01663488 4889ac2498000000 mov qword ptr [rsp+98h],rbp fffff880`01663490 4585ff test r15d,r15d fffff880`01663493 750c jne tcpip!TcpBeginTcbSend+0xb71 (fffff880`016634a1) Branch
tcpip!TcpBeginTcbSend+0xb65: fffff880`01663495 33c9 xor ecx,ecx fffff880`01663497 49894d00 mov qword ptr [r13],rcx fffff880`0166349b 41894d08 mov dword ptr [r13+8],ecx fffff880`0166349f eb24 jmp tcpip!TcpBeginTcbSend+0xb95 (fffff880`016634c5) Branch
tcpip!TcpBeginTcbSend+0xb71: fffff880`016634a1 498b442408 mov rax,qword ptr [r12+8] fffff880`016634a6 f083401c01 lock add dword ptr [rax+1Ch],1 fffff880`016634ab 498b4c2408 mov rcx,qword ptr [r12+8] fffff880`016634b0 41c7450801000000 mov dword ptr [r13+8],1 fffff880`016634b8 49894d00 mov qword ptr [r13],rcx fffff880`016634bc 418b0424 mov eax,dword ptr [r12] fffff880`016634c0 894160 mov dword ptr [rcx+60h],eax fffff880`016634c3 33c9 xor ecx,ecx
tcpip!TcpBeginTcbSend+0xb95: fffff880`016634c5 488b83e0020000 mov rax,qword ptr [rbx+2E0h] fffff880`016634cc 4885c0 test rax,rax fffff880`016634cf 750a jne tcpip!TcpBeginTcbSend+0xbab (fffff880`016634db) Branch
tcpip!TcpBeginTcbSend+0xba1: fffff880`016634d1 48898c24c8000000 mov qword ptr [rsp+0C8h],rcx fffff880`016634d9 eb0c jmp tcpip!TcpBeginTcbSend+0xbb7 (fffff880`016634e7) Branch
tcpip!TcpBeginTcbSend+0xbab: fffff880`016634db 488b4010 mov rax,qword ptr [rax+10h] fffff880`016634df 48898424c8000000 mov qword ptr [rsp+0C8h],rax
tcpip!TcpBeginTcbSend+0xbb7: fffff880`016634e7 488b3a mov rdi,qword ptr [rdx] fffff880`016634ea 4883c708 add rdi,8 fffff880`016634ee 4889bc24b8000000 mov qword ptr [rsp+0B8h],rdi
tcpip!TcpBeginTcbSend+0xbc6: fffff880`016634f6 4c8d152b2c1000 lea r10,[tcpip!WPP_GLOBAL_Control (fffff880`01766128)] fffff880`016634fd 41b900080000 mov r9d,800h fffff880`01663503 4585ff test r15d,r15d fffff880`01663506 7504 jne tcpip!TcpBeginTcbSend+0xbdc (fffff880`0166350c) Branch
tcpip!TcpBeginTcbSend+0xbd8: fffff880`01663508 8bf1 mov esi,ecx fffff880`0166350a eb42 jmp tcpip!TcpBeginTcbSend+0xc1e (fffff880`0166354e) Branch
tcpip!TcpBeginTcbSend+0xbdc: fffff880`0166350c 8bb3a0000000 mov esi,dword ptr [rbx+0A0h] fffff880`01663512 443bfe cmp r15d,esi fffff880`01663515 7337 jae tcpip!TcpBeginTcbSend+0xc1e (fffff880`0166354e) Branch
tcpip!TcpBeginTcbSend+0xbe7: fffff880`01663517 0fba637015 bt dword ptr [rbx+70h],15h fffff880`0166351c 722d jb tcpip!TcpBeginTcbSend+0xc1b (fffff880`0166354b) Branch
tcpip!TcpBeginTcbSend+0xbee: fffff880`0166351e 49837c240800 cmp qword ptr [r12+8],0 fffff880`01663524 7425 je tcpip!TcpBeginTcbSend+0xc1b (fffff880`0166354b) Branch
tcpip!TcpBeginTcbSend+0xbf6: fffff880`01663526 453b7c2410 cmp r15d,dword ptr [r12+10h] fffff880`0166352b 731e jae tcpip!TcpBeginTcbSend+0xc1b (fffff880`0166354b) Branch
tcpip!TcpBeginTcbSend+0xbfd: fffff880`0166352d 8b8398000000 mov eax,dword ptr [rbx+98h] fffff880`01663533 d1e8 shr eax,1 fffff880`01663535 443bf8 cmp r15d,eax fffff880`01663538 7311 jae tcpip!TcpBeginTcbSend+0xc1b (fffff880`0166354b) Branch
tcpip!TcpBeginTcbSend+0xc0a: fffff880`0166353a 488d8424f0000000 lea rax,[rsp+0F0h] fffff880`01663542 4c3be0 cmp r12,rax fffff880`01663545 0f847e030000 je tcpip!TcpBeginTcbSend+0xf99 (fffff880`016638c9) Branch
tcpip!TcpBeginTcbSend+0xc1b: fffff880`0166354b 418bf7 mov esi,r15d
tcpip!TcpBeginTcbSend+0xc1e: fffff880`0166354e 4883bc24c800000000 cmp qword ptr [rsp+0C8h],0 fffff880`01663557 0f84f6000000 je tcpip!TcpBeginTcbSend+0xd23 (fffff880`01663653) Branch
tcpip!TcpBeginTcbSend+0xc2d: fffff880`0166355d 488d8424f0000000 lea rax,[rsp+0F0h] fffff880`01663565 4c3be0 cmp r12,rax fffff880`01663568 0f85e5000000 jne tcpip!TcpBeginTcbSend+0xd23 (fffff880`01663653) Branch
tcpip!TcpBeginTcbSend+0xc3e: fffff880`0166356e 85f6 test esi,esi fffff880`01663570 0f84dd000000 je tcpip!TcpBeginTcbSend+0xd23 (fffff880`01663653) Branch
tcpip!TcpBeginTcbSend+0xc46: fffff880`01663576 0fba637015 bt dword ptr [rbx+70h],15h fffff880`0166357b 0f82d2000000 jb tcpip!TcpBeginTcbSend+0xd23 (fffff880`01663653) Branch
tcpip!TcpBeginTcbSend+0xc51: fffff880`01663581 418b1424 mov edx,dword ptr [r12] fffff880`01663585 4c8d8424c8000000 lea r8,[rsp+0C8h] fffff880`0166358d 488bcb mov rcx,rbx fffff880`01663590 e8eb4b0800 call tcpip!TcpLocateTcbSack (fffff880`016e8180) fffff880`01663595 4885c0 test rax,rax fffff880`01663598 0f84af000000 je tcpip!TcpBeginTcbSend+0xd1d (fffff880`0166364d) Branch
tcpip!TcpBeginTcbSend+0xc6e: fffff880`0166359e 418b1424 mov edx,dword ptr [r12] fffff880`016635a2 488bc8 mov rcx,rax fffff880`016635a5 8d2c32 lea ebp,[rdx+rsi] fffff880`016635a8 448bc5 mov r8d,ebp fffff880`016635ab e8c0730700 call tcpip!TcpIsSendInTcbSack (fffff880`016da970) fffff880`016635b0 84c0 test al,al fffff880`016635b2 0f8486000000 je tcpip!TcpBeginTcbSend+0xd0e (fffff880`0166363e) Branch
tcpip!TcpBeginTcbSend+0xc88: fffff880`016635b8 498b0424 mov rax,qword ptr [r12] fffff880`016635bc 498b7c2408 mov rdi,qword ptr [r12+8] fffff880`016635c1 488d8c2418010000 lea rcx,[rsp+118h] fffff880`016635c9 488901 mov qword ptr [rcx],rax fffff880`016635cc 498b442408 mov rax,qword ptr [r12+8] fffff880`016635d1 488d942418010000 lea rdx,[rsp+118h] fffff880`016635d9 48894108 mov qword ptr [rcx+8],rax fffff880`016635dd 498b442410 mov rax,qword ptr [r12+10h] fffff880`016635e2 4d8bc4 mov r8,r12 fffff880`016635e5 48894110 mov qword ptr [rcx+10h],rax fffff880`016635e9 498b442418 mov rax,qword ptr [r12+18h] fffff880`016635ee 48894118 mov qword ptr [rcx+18h],rax fffff880`016635f2 498b442420 mov rax,qword ptr [r12+20h] fffff880`016635f7 41892c24 mov dword ptr [r12],ebp fffff880`016635fb 48894120 mov qword ptr [rcx+20h],rax fffff880`016635ff 488bcb mov rcx,rbx fffff880`01663602 e8995ffaff call tcpip!TcpLocateTcbSend (fffff880`016095a0) fffff880`01663607 442bfe sub r15d,esi fffff880`0166360a 493b7c2408 cmp rdi,qword ptr [r12+8] fffff880`0166360f 7418 je tcpip!TcpBeginTcbSend+0xcf9 (fffff880`01663629) Branch
tcpip!TcpBeginTcbSend+0xce1: fffff880`01663611 488b3f mov rdi,qword ptr [rdi] fffff880`01663614 4885ff test rdi,rdi fffff880`01663617 7409 je tcpip!TcpBeginTcbSend+0xcf2 (fffff880`01663622) Branch
tcpip!TcpBeginTcbSend+0xce9: fffff880`01663619 f083471c01 lock add dword ptr [rdi+1Ch],1 fffff880`0166361e 41ff4508 inc dword ptr [r13+8]
tcpip!TcpBeginTcbSend+0xcf2: fffff880`01663622 493b7c2408 cmp rdi,qword ptr [r12+8] fffff880`01663627 75e8 jne tcpip!TcpBeginTcbSend+0xce1 (fffff880`01663611) Branch
tcpip!TcpBeginTcbSend+0xcf9: fffff880`01663629 488bbc24b8000000 mov rdi,qword ptr [rsp+0B8h] fffff880`01663631 488bac2498000000 mov rbp,qword ptr [rsp+98h] fffff880`01663639 e97b020000 jmp tcpip!TcpBeginTcbSend+0xf89 (fffff880`016638b9) Branch
tcpip!TcpBeginTcbSend+0xd0e: fffff880`0166363e 488bac2498000000 mov rbp,qword ptr [rsp+98h] fffff880`01663646 4c8d15db2a1000 lea r10,[tcpip!WPP_GLOBAL_Control (fffff880`01766128)]
tcpip!TcpBeginTcbSend+0xd1d: fffff880`0166364d 41b900080000 mov r9d,800h
tcpip!TcpBeginTcbSend+0xd23: fffff880`01663653 418b0424 mov eax,dword ptr [r12] fffff880`01663657 3b8380000000 cmp eax,dword ptr [rbx+80h] fffff880`0166365d 0f89a0000000 jns tcpip!TcpBeginTcbSend+0xdd3 (fffff880`01663703) Branch
tcpip!TcpBeginTcbSend+0xd33: fffff880`01663663 488b8c24e0000000 mov rcx,qword ptr [rsp+0E0h] fffff880`0166366b 488b9424d0000000 mov rdx,qword ptr [rsp+0D0h] fffff880`01663673 ff44ca28 inc dword ptr [rdx+rcx*8+28h] fffff880`01663677 0fbaa33802000016 bt dword ptr [rbx+238h],16h fffff880`0166367f 0f820f010000 jb tcpip!TcpBeginTcbSend+0xe64 (fffff880`01663794) Branch
tcpip!TcpBeginTcbSend+0xd55: fffff880`01663685 8b4b70 mov ecx,dword ptr [rbx+70h] fffff880`01663688 0fbae11f bt ecx,1Fh fffff880`0166368c 0f8302010000 jae tcpip!TcpBeginTcbSend+0xe64 (fffff880`01663794) Branch
tcpip!TcpBeginTcbSend+0xd62: fffff880`01663692 448b83b0000000 mov r8d,dword ptr [rbx+0B0h] fffff880`01663699 418bc0 mov eax,r8d fffff880`0166369c 412b0424 sub eax,dword ptr [r12] fffff880`016636a0 0f88ee000000 js tcpip!TcpBeginTcbSend+0xe64 (fffff880`01663794) Branch
tcpip!TcpBeginTcbSend+0xd76: fffff880`016636a6 2bc6 sub eax,esi fffff880`016636a8 85c0 test eax,eax fffff880`016636aa 0f8fe4000000 jg tcpip!TcpBeginTcbSend+0xe64 (fffff880`01663794) Branch
tcpip!TcpBeginTcbSend+0xd80: fffff880`016636b0 3bb3a0000000 cmp esi,dword ptr [rbx+0A0h] fffff880`016636b6 7307 jae tcpip!TcpBeginTcbSend+0xd8f (fffff880`016636bf) Branch
tcpip!TcpBeginTcbSend+0xd88: fffff880`016636b8 6644854b74 test word ptr [rbx+74h],r9w fffff880`016636bd 7412 je tcpip!TcpBeginTcbSend+0xda1 (fffff880`016636d1) Branch
tcpip!TcpBeginTcbSend+0xd8f: fffff880`016636bf 0fb74374 movzx eax,word ptr [rbx+74h] fffff880`016636c3 664123c1 and ax,r9w fffff880`016636c7 66413bc1 cmp ax,r9w fffff880`016636cb 0f85c3000000 jne tcpip!TcpBeginTcbSend+0xe64 (fffff880`01663794) Branch
tcpip!TcpBeginTcbSend+0xda1: fffff880`016636d1 0fbaf11f btr ecx,1Fh fffff880`016636d5 894b70 mov dword ptr [rbx+70h],ecx fffff880`016636d8 488b0d492a1000 mov rcx,qword ptr [tcpip!WPP_GLOBAL_Control (fffff880`01766128)] fffff880`016636df 493bca cmp rcx,r10 fffff880`016636e2 0f84ac000000 je tcpip!TcpBeginTcbSend+0xe64 (fffff880`01663794) Branch
tcpip!TcpBeginTcbSend+0xdb8: fffff880`016636e8 80792904 cmp byte ptr [rcx+29h],4 fffff880`016636ec 0f82a2000000 jb tcpip!TcpBeginTcbSend+0xe64 (fffff880`01663794) Branch
tcpip!TcpBeginTcbSend+0xdc2: fffff880`016636f2 f6412c80 test byte ptr [rcx+2Ch],80h fffff880`016636f6 0f8498000000 je tcpip!TcpBeginTcbSend+0xe64 (fffff880`01663794) Branch
tcpip!TcpBeginTcbSend+0xdcc: fffff880`016636fc ba10000000 mov edx,10h fffff880`01663701 eb79 jmp tcpip!TcpBeginTcbSend+0xe4c (fffff880`0166377c) Branch
tcpip!TcpBeginTcbSend+0xdd3: fffff880`01663703 488b8424e0000000 mov rax,qword ptr [rsp+0E0h] fffff880`0166370b 488b8c24d0000000 mov rcx,qword ptr [rsp+0D0h] fffff880`01663713 48ff44c120 inc qword ptr [rcx+rax*8+20h] fffff880`01663718 488b4318 mov rax,qword ptr [rbx+18h] fffff880`0166371c 80b89f00000001 cmp byte ptr [rax+9Fh],1 fffff880`01663723 756f jne tcpip!TcpBeginTcbSend+0xe64 (fffff880`01663794) Branch
tcpip!TcpBeginTcbSend+0xdf5: fffff880`01663725 6644854b74 test word ptr [rbx+74h],r9w fffff880`0166372a 7568 jne tcpip!TcpBeginTcbSend+0xe64 (fffff880`01663794) Branch
tcpip!TcpBeginTcbSend+0xdfc: fffff880`0166372c 3bb3a0000000 cmp esi,dword ptr [rbx+0A0h] fffff880`01663732 7560 jne tcpip!TcpBeginTcbSend+0xe64 (fffff880`01663794) Branch
tcpip!TcpBeginTcbSend+0xe04: fffff880`01663734 8b4370 mov eax,dword ptr [rbx+70h] fffff880`01663737 0fbae01f bt eax,1Fh fffff880`0166373b 7257 jb tcpip!TcpBeginTcbSend+0xe64 (fffff880`01663794) Branch
tcpip!TcpBeginTcbSend+0xe0d: fffff880`0166373d 8b8b38020000 mov ecx,dword ptr [rbx+238h] fffff880`01663743 0fbae116 bt ecx,16h fffff880`01663747 724b jb tcpip!TcpBeginTcbSend+0xe64 (fffff880`01663794) Branch
tcpip!TcpBeginTcbSend+0xe19: fffff880`01663749 84c9 test cl,cl fffff880`0166374b 7847 js tcpip!TcpBeginTcbSend+0xe64 (fffff880`01663794) Branch
tcpip!TcpBeginTcbSend+0xe1d: fffff880`0166374d 458b0424 mov r8d,dword ptr [r12] fffff880`01663751 0fbae81f bts eax,1Fh fffff880`01663755 448983b0000000 mov dword ptr [rbx+0B0h],r8d fffff880`0166375c 894370 mov dword ptr [rbx+70h],eax fffff880`0166375f 488b0dc2291000 mov rcx,qword ptr [tcpip!WPP_GLOBAL_Control (fffff880`01766128)] fffff880`01663766 493bca cmp rcx,r10 fffff880`01663769 7429 je tcpip!TcpBeginTcbSend+0xe64 (fffff880`01663794) Branch
tcpip!TcpBeginTcbSend+0xe3b: fffff880`0166376b 80792904 cmp byte ptr [rcx+29h],4 fffff880`0166376f 7223 jb tcpip!TcpBeginTcbSend+0xe64 (fffff880`01663794) Branch
tcpip!TcpBeginTcbSend+0xe41: fffff880`01663771 f6412c80 test byte ptr [rcx+2Ch],80h fffff880`01663775 741d je tcpip!TcpBeginTcbSend+0xe64 (fffff880`01663794) Branch
tcpip!TcpBeginTcbSend+0xe47: fffff880`01663777 ba11000000 mov edx,11h
tcpip!TcpBeginTcbSend+0xe4c: fffff880`0166377c 488b4918 mov rcx,qword ptr [rcx+18h] fffff880`01663780 4489442420 mov dword ptr [rsp+20h],r8d fffff880`01663785 4c8d05944c0e00 lea r8,[tcpip!CTcpProviderDispatch+0x148 (fffff880`01748420)] fffff880`0166378c 4c8bcb mov r9,rbx fffff880`0166378f e85c720700 call tcpip!WPP_SF_qD (fffff880`016da9f0)
tcpip!TcpBeginTcbSend+0xe64: fffff880`01663794 488b4320 mov rax,qword ptr [rbx+20h] fffff880`01663798 4885c0 test rax,rax fffff880`0166379b 741d je tcpip!TcpBeginTcbSend+0xe8a (fffff880`016637ba) Branch
tcpip!TcpBeginTcbSend+0xe6d: fffff880`0166379d 488b00 mov rax,qword ptr [rax] fffff880`016637a0 41b801000000 mov r8d,1 fffff880`016637a6 488b4808 mov rcx,qword ptr [rax+8] fffff880`016637aa 8b5108 mov edx,dword ptr [rcx+8] fffff880`016637ad 0fb78c248a000000 movzx ecx,word ptr [rsp+8Ah] fffff880`016637b5 e8f61c0300 call tcpip!OlmRssCountActivity (fffff880`016954b0)
tcpip!TcpBeginTcbSend+0xe8a: fffff880`016637ba 488b842490000000 mov rax,qword ptr [rsp+90h] fffff880`016637c2 488b00 mov rax,qword ptr [rax] fffff880`016637c5 4883c008 add rax,8 fffff880`016637c9 483bf8 cmp rdi,rax fffff880`016637cc 7467 je tcpip!TcpBeginTcbSend+0xf05 (fffff880`01663835) Branch
tcpip!TcpBeginTcbSend+0xe9e: fffff880`016637ce 448b842484000000 mov r8d,dword ptr [rsp+84h] fffff880`016637d6 488b0d739b1200 mov rcx,qword ptr [tcpip!TcpSendNetBufferPool (fffff880`0178d350)] fffff880`016637dd 41b101 mov r9b,1 fffff880`016637e0 450fb6c0 movzx r8d,r8b fffff880`016637e4 ba78000000 mov edx,78h fffff880`016637e9 e8a271fcff call tcpip!NetioAllocateNetBufferMdlAndData (fffff880`0162a990) fffff880`016637ee 4c8bf0 mov r14,rax fffff880`016637f1 4885c0 test rax,rax fffff880`016637f4 0f84a7020000 je tcpip!TcpBeginTcbSend+0x1171 (fffff880`01663aa1) Branch
tcpip!TcpBeginTcbSend+0xeca: fffff880`016637fa 488b4820 mov rcx,qword ptr [rax+20h] fffff880`016637fe f6410a05 test byte ptr [rcx+0Ah],5 fffff880`01663802 7406 je tcpip!TcpBeginTcbSend+0xeda (fffff880`0166380a) Branch
tcpip!TcpBeginTcbSend+0xed4: fffff880`01663804 488b4118 mov rax,qword ptr [rcx+18h] fffff880`01663808 eb1f jmp tcpip!TcpBeginTcbSend+0xef9 (fffff880`01663829) Branch
tcpip!TcpBeginTcbSend+0xeda: fffff880`0166380a 4533c9 xor r9d,r9d fffff880`0166380d 33d2 xor edx,edx fffff880`0166380f c744242810000000 mov dword ptr [rsp+28h],10h fffff880`01663817 458d4101 lea r8d,[r9+1] fffff880`0166381b c744242000000000 mov dword ptr [rsp+20h],0 fffff880`01663823 ff1557da0d00 call qword ptr [tcpip!_imp_MmMapLockedPagesSpecifyCache (fffff880`01741280)]
tcpip!TcpBeginTcbSend+0xef9: fffff880`01663829 488d6878 lea rbp,[rax+78h] fffff880`0166382d 4889ac2498000000 mov qword ptr [rsp+98h],rbp
tcpip!TcpBeginTcbSend+0xf05: fffff880`01663835 8b842468020000 mov eax,dword ptr [rsp+268h] fffff880`0166383c 4c8bcd mov r9,rbp fffff880`0166383f 4d8bc4 mov r8,r12 fffff880`01663842 89442450 mov dword ptr [rsp+50h],eax fffff880`01663846 8a842480000000 mov al,byte ptr [rsp+80h] fffff880`0166384d 498bd5 mov rdx,r13 fffff880`01663850 88442448 mov byte ptr [rsp+48h],al fffff880`01663854 8b842484000000 mov eax,dword ptr [rsp+84h] fffff880`0166385b 488bcb mov rcx,rbx fffff880`0166385e 88442440 mov byte ptr [rsp+40h],al fffff880`01663862 33c0 xor eax,eax fffff880`01663864 6689442438 mov word ptr [rsp+38h],ax fffff880`01663869 8b8424c0000000 mov eax,dword ptr [rsp+0C0h] fffff880`01663870 89442430 mov dword ptr [rsp+30h],eax fffff880`01663874 89742428 mov dword ptr [rsp+28h],esi fffff880`01663878 4c89742420 mov qword ptr [rsp+20h],r14 fffff880`0166387d e85e1c0000 call tcpip!TcpSegmentTcbSend (fffff880`016654e0) fffff880`01663882 85c0 test eax,eax fffff880`01663884 0f8817020000 js tcpip!TcpBeginTcbSend+0x1171 (fffff880`01663aa1) Branch
tcpip!TcpBeginTcbSend+0xf5a: fffff880`0166388a 4c8937 mov qword ptr [rdi],r14 fffff880`0166388d 0fb78376020000 movzx eax,word ptr [rbx+276h] fffff880`01663894 442bfe sub r15d,esi fffff880`01663897 498bfe mov rdi,r14 fffff880`0166389a 4c89b424b8000000 mov qword ptr [rsp+0B8h],r14 fffff880`016638a2 6685c0 test ax,ax fffff880`016638a5 7412 je tcpip!TcpBeginTcbSend+0xf89 (fffff880`016638b9) Branch
tcpip!TcpBeginTcbSend+0xf77: fffff880`016638a7 a801 test al,1 fffff880`016638a9 740e je tcpip!TcpBeginTcbSend+0xf89 (fffff880`016638b9) Branch
tcpip!TcpBeginTcbSend+0xf7b: fffff880`016638ab 488b83c0020000 mov rax,qword ptr [rbx+2C0h] fffff880`016638b2 488b08 mov rcx,qword ptr [rax] fffff880`016638b5 48ff4120 inc qword ptr [rcx+20h]
tcpip!TcpBeginTcbSend+0xf89: fffff880`016638b9 4585ff test r15d,r15d fffff880`016638bc 0f84df010000 je tcpip!TcpBeginTcbSend+0x1171 (fffff880`01663aa1) Branch
tcpip!TcpBeginTcbSend+0xf92: fffff880`016638c2 33c9 xor ecx,ecx fffff880`016638c4 e92dfcffff jmp tcpip!TcpBeginTcbSend+0xbc6 (fffff880`016634f6) Branch
tcpip!TcpBeginTcbSend+0xf99: fffff880`016638c9 837b6804 cmp dword ptr [rbx+68h],4 fffff880`016638cd 0f8cce010000 jl tcpip!TcpBeginTcbSend+0x1171 (fffff880`01663aa1) Branch
tcpip!TcpBeginTcbSend+0xfa3: fffff880`016638d3 818b3802000000010000 or dword ptr [rbx+238h],100h fffff880`016638dd 833d58f8100001 cmp dword ptr [tcpip!MICROSOFT_TCPIP_PROVIDER_Context+0x24 (fffff880`0177313c)],1 fffff880`016638e4 0f85b6000000 jne tcpip!TcpBeginTcbSend+0x1070 (fffff880`016639a0) Branch
tcpip!TcpBeginTcbSend+0xfba: fffff880`016638ea 0fb6054ff81000 movzx eax,byte ptr [tcpip!MICROSOFT_TCPIP_PROVIDER_Context+0x28 (fffff880`01773140)] fffff880`016638f1 3c04 cmp al,4 fffff880`016638f3 7308 jae tcpip!TcpBeginTcbSend+0xfcd (fffff880`016638fd) Branch
tcpip!TcpBeginTcbSend+0xfc5: fffff880`016638f5 84c0 test al,al fffff880`016638f7 0f85a3000000 jne tcpip!TcpBeginTcbSend+0x1070 (fffff880`016639a0) Branch
tcpip!TcpBeginTcbSend+0xfcd: fffff880`016638fd 48ba8000000001000080 mov rdx,8000000100000080h fffff880`01663907 4885151af81000 test qword ptr [tcpip!MICROSOFT_TCPIP_PROVIDER_Context+0x10 (fffff880`01773128)],rdx fffff880`0166390e 0f848c000000 je tcpip!TcpBeginTcbSend+0x1070 (fffff880`016639a0) Branch
tcpip!TcpBeginTcbSend+0xfe4: fffff880`01663914 488b0d15f81000 mov rcx,qword ptr [tcpip!MICROSOFT_TCPIP_PROVIDER_Context+0x18 (fffff880`01773130)] fffff880`0166391b 488bc1 mov rax,rcx fffff880`0166391e 4823c2 and rax,rdx fffff880`01663921 483bc1 cmp rax,rcx fffff880`01663924 757a jne tcpip!TcpBeginTcbSend+0x1070 (fffff880`016639a0) Branch
tcpip!TcpBeginTcbSend+0xff6: fffff880`01663926 4c8b4318 mov r8,qword ptr [rbx+18h] fffff880`0166392a 33c0 xor eax,eax fffff880`0166392c 418bcf mov ecx,r15d fffff880`0166392f 898424a0010000 mov dword ptr [rsp+1A0h],eax fffff880`01663936 898424a4010000 mov dword ptr [rsp+1A4h],eax fffff880`0166393d 898424a8010000 mov dword ptr [rsp+1A8h],eax fffff880`01663944 898424ac010000 mov dword ptr [rsp+1ACh],eax fffff880`0166394b 8b8398000000 mov eax,dword ptr [rbx+98h] fffff880`01663951 48899c24a0010000 mov qword ptr [rsp+1A0h],rbx fffff880`01663959 4889442440 mov qword ptr [rsp+40h],rax fffff880`0166395e 8b83c4000000 mov eax,dword ptr [rbx+0C4h] fffff880`01663964 488d15bdef0d00 lea rdx,[tcpip!TCP_SWS_AVOIDANCE_BEGIN (fffff880`01742928)] fffff880`0166396b 89442438 mov dword ptr [rsp+38h],eax fffff880`0166396f 8b8318010000 mov eax,dword ptr [rbx+118h] fffff880`01663975 4c8bcb mov r9,rbx fffff880`01663978 89442430 mov dword ptr [rsp+30h],eax fffff880`0166397c 418b80b0000000 mov eax,dword ptr [r8+0B0h] fffff880`01663983 48894c2428 mov qword ptr [rsp+28h],rcx fffff880`01663988 488b0d81f71000 mov rcx,qword ptr [tcpip!Microsoft_Windows_TCPIPHandle (fffff880`01773110)] fffff880`0166398f 4c8d8424a0010000 lea r8,[rsp+1A0h] fffff880`01663997 89442420 mov dword ptr [rsp+20h],eax fffff880`0166399b e8a0810800 call tcpip!Template_pqpqqp (fffff880`016ebb40)
tcpip!TcpBeginTcbSend+0x1070: fffff880`016639a0 83bb1803000000 cmp dword ptr [rbx+318h],0 fffff880`016639a7 7433 je tcpip!TcpBeginTcbSend+0x10ac (fffff880`016639dc) Branch
tcpip!TcpBeginTcbSend+0x1079: fffff880`016639a9 448b842468020000 mov r8d,dword ptr [rsp+268h] fffff880`016639b1 ba81000000 mov edx,81h fffff880`016639b6 488bcb mov rcx,rbx fffff880`016639b9 e852f4fdff call tcpip!TcpQueryTimerTcb (fffff880`01642e10) fffff880`016639be 488b4b18 mov rcx,qword ptr [rbx+18h] fffff880`016639c2 448bd8 mov r11d,eax fffff880`016639c5 b8cdcccccc mov eax,0CCCCCCCDh fffff880`016639ca f7a1b0000000 mul eax,dword ptr [rcx+0B0h] fffff880`016639d0 c1ea03 shr edx,3 fffff880`016639d3 443bda cmp r11d,edx fffff880`016639d6 0f8ec5000000 jle tcpip!TcpBeginTcbSend+0x1171 (fffff880`01663aa1) Branch
tcpip!TcpBeginTcbSend+0x10ac: fffff880`016639dc 488b4b18 mov rcx,qword ptr [rbx+18h] fffff880`016639e0 448b8c2468020000 mov r9d,dword ptr [rsp+268h] fffff880`016639e8 b8cdcccccc mov eax,0CCCCCCCDh fffff880`016639ed f7a1b0000000 mul eax,dword ptr [rcx+0B0h] fffff880`016639f3 488bcb mov rcx,rbx fffff880`016639f6 c1ea03 shr edx,3 fffff880`016639f9 448bc2 mov r8d,edx fffff880`016639fc ba81000000 mov edx,81h fffff880`01663a01 e84a39feff call tcpip!TcpStartTimerTcb (fffff880`01647350) fffff880`01663a06 833d2ff7100001 cmp dword ptr [tcpip!MICROSOFT_TCPIP_PROVIDER_Context+0x24 (fffff880`0177313c)],1 fffff880`01663a0d 0f858e000000 jne tcpip!TcpBeginTcbSend+0x1171 (fffff880`01663aa1) Branch
tcpip!TcpBeginTcbSend+0x10e3: fffff880`01663a13 0fb60526f71000 movzx eax,byte ptr [tcpip!MICROSOFT_TCPIP_PROVIDER_Context+0x28 (fffff880`01773140)] fffff880`01663a1a 3c05 cmp al,5 fffff880`01663a1c 7304 jae tcpip!TcpBeginTcbSend+0x10f2 (fffff880`01663a22) Branch
tcpip!TcpBeginTcbSend+0x10ee: fffff880`01663a1e 84c0 test al,al fffff880`01663a20 757f jne tcpip!TcpBeginTcbSend+0x1171 (fffff880`01663aa1) Branch
tcpip!TcpBeginTcbSend+0x10f2: fffff880`01663a22 48ba0400000000080080 mov rdx,8000080000000004h fffff880`01663a2c 488515f5f61000 test qword ptr [tcpip!MICROSOFT_TCPIP_PROVIDER_Context+0x10 (fffff880`01773128)],rdx fffff880`01663a33 746c je tcpip!TcpBeginTcbSend+0x1171 (fffff880`01663aa1) Branch
tcpip!TcpBeginTcbSend+0x1105: fffff880`01663a35 488b0df4f61000 mov rcx,qword ptr [tcpip!MICROSOFT_TCPIP_PROVIDER_Context+0x18 (fffff880`01773130)] fffff880`01663a3c 488bc1 mov rax,rcx fffff880`01663a3f 4823c2 and rax,rdx fffff880`01663a42 483bc1 cmp rax,rcx fffff880`01663a45 755a jne tcpip!TcpBeginTcbSend+0x1171 (fffff880`01663aa1) Branch
tcpip!TcpBeginTcbSend+0x1117: fffff880`01663a47 33c0 xor eax,eax fffff880`01663a49 4c8d842480010000 lea r8,[rsp+180h] fffff880`01663a51 488d1560ec0d00 lea rdx,[tcpip!TCP_TCB_TIMER_START (fffff880`017426b8)] fffff880`01663a58 89842480010000 mov dword ptr [rsp+180h],eax fffff880`01663a5f 89842484010000 mov dword ptr [rsp+184h],eax fffff880`01663a66 89842488010000 mov dword ptr [rsp+188h],eax fffff880`01663a6d 8984248c010000 mov dword ptr [rsp+18Ch],eax fffff880`01663a74 488b4318 mov rax,qword ptr [rbx+18h] fffff880`01663a78 48899c2480010000 mov qword ptr [rsp+180h],rbx fffff880`01663a80 8b88b0000000 mov ecx,dword ptr [rax+0B0h] fffff880`01663a86 4c8bcb mov r9,rbx fffff880`01663a89 894c2428 mov dword ptr [rsp+28h],ecx fffff880`01663a8d 488b0d7cf61000 mov rcx,qword ptr [tcpip!Microsoft_Windows_TCPIPHandle (fffff880`01773110)] fffff880`01663a94 c744242006000000 mov dword ptr [rsp+20h],6 fffff880`01663a9c e8bf7c0800 call tcpip!Template_pqq (fffff880`016eb760)
tcpip!TcpBeginTcbSend+0x1171: fffff880`01663aa1 488bb42490000000 mov rsi,qword ptr [rsp+90h] fffff880`01663aa9 488b16 mov rdx,qword ptr [rsi] fffff880`01663aac 4885d2 test rdx,rdx fffff880`01663aaf 7422 je tcpip!TcpBeginTcbSend+0x11a3 (fffff880`01663ad3) Branch
tcpip!TcpBeginTcbSend+0x1181: fffff880`01663ab1 488d4208 lea rax,[rdx+8] fffff880`01663ab5 483bc7 cmp rax,rdi fffff880`01663ab8 7519 jne tcpip!TcpBeginTcbSend+0x11a3 (fffff880`01663ad3) Branch
tcpip!TcpBeginTcbSend+0x118a: fffff880`01663aba 48c7427078563412 mov qword ptr [rdx+70h],12345678h fffff880`01663ac2 488b0e mov rcx,qword ptr [rsi] fffff880`01663ac5 b201 mov dl,1 fffff880`01663ac7 e800570200 call tcpip!NetioDereferenceNetBufferList (fffff880`016891cc) fffff880`01663acc 33ed xor ebp,ebp fffff880`01663ace 48892e mov qword ptr [rsi],rbp fffff880`01663ad1 eb02 jmp tcpip!TcpBeginTcbSend+0x11a5 (fffff880`01663ad5) Branch
tcpip!TcpBeginTcbSend+0x11a3: fffff880`01663ad3 33ed xor ebp,ebp
tcpip!TcpBeginTcbSend+0x11a5: fffff880`01663ad5 8b05b12f1200 mov eax,dword ptr [tcpip!Microsoft_Windows_Networking_CorrelationEnabled (fffff880`01786a8c)] fffff880`01663adb 85c0 test eax,eax fffff880`01663add 7438 je tcpip!TcpBeginTcbSend+0x11e7 (fffff880`01663b17) Branch
tcpip!TcpBeginTcbSend+0x11af: fffff880`01663adf 48833e00 cmp qword ptr [rsi],0 fffff880`01663ae3 7432 je tcpip!TcpBeginTcbSend+0x11e7 (fffff880`01663b17) Branch
tcpip!TcpBeginTcbSend+0x11b5: fffff880`01663ae5 498bcd mov rcx,r13 fffff880`01663ae8 e893f80900 call tcpip!TcpFindAndTransferActivityIDForSend (fffff880`01703380) fffff880`01663aed 488b0e mov rcx,qword ptr [rsi] fffff880`01663af0 4885c0 test rax,rax fffff880`01663af3 7410 je tcpip!TcpBeginTcbSend+0x11d5 (fffff880`01663b05) Branch
tcpip!TcpBeginTcbSend+0x11c5: fffff880`01663af5 41b815000000 mov r8d,15h fffff880`01663afb 488bd0 mov rdx,rax fffff880`01663afe e8edf80900 call tcpip!TcpipTransferActivityIDToNBL (fffff880`017033f0) fffff880`01663b03 eb12 jmp tcpip!TcpBeginTcbSend+0x11e7 (fffff880`01663b17) Branch
tcpip!TcpBeginTcbSend+0x11d5: fffff880`01663b05 41b816000000 mov r8d,16h fffff880`01663b0b 488bd3 mov rdx,rbx fffff880`01663b0e e8ddf80900 call tcpip!TcpipTransferActivityIDToNBL (fffff880`017033f0) fffff880`01663b13 eb02 jmp tcpip!TcpBeginTcbSend+0x11e7 (fffff880`01663b17) Branch
tcpip!TcpBeginTcbSend+0x11e5: fffff880`01663b15 33ed xor ebp,ebp
tcpip!TcpBeginTcbSend+0x11e7: fffff880`01663b17 8b9380000000 mov edx,dword ptr [rbx+80h] fffff880`01663b1d 418b0424 mov eax,dword ptr [r12] fffff880`01663b21 2bc2 sub eax,edx fffff880`01663b23 85c0 test eax,eax fffff880`01663b25 0f8ea2030000 jle tcpip!TcpBeginTcbSend+0x159d (fffff880`01663ecd) Branch
tcpip!TcpBeginTcbSend+0x11fb: fffff880`01663b2b f6837602000040 test byte ptr [rbx+276h],40h fffff880`01663b32 7408 je tcpip!TcpBeginTcbSend+0x120c (fffff880`01663b3c) Branch
tcpip!TcpBeginTcbSend+0x1204: fffff880`01663b34 488bcb mov rcx,rbx fffff880`01663b37 e884c30200 call tcpip!TcpTcbTryToStartFineRttSample (fffff880`0168fec0)
tcpip!TcpBeginTcbSend+0x120c: fffff880`01663b3c 83bb1802000000 cmp dword ptr [rbx+218h],0 fffff880`01663b43 0f855a020000 jne tcpip!TcpBeginTcbSend+0x1473 (fffff880`01663da3) Branch
tcpip!TcpBeginTcbSend+0x1219: fffff880`01663b49 f6837002000020 test byte ptr [rbx+270h],20h fffff880`01663b50 0f854d020000 jne tcpip!TcpBeginTcbSend+0x1473 (fffff880`01663da3) Branch
tcpip!TcpBeginTcbSend+0x1226: fffff880`01663b56 833ddff5100001 cmp dword ptr [tcpip!MICROSOFT_TCPIP_PROVIDER_Context+0x24 (fffff880`0177313c)],1 fffff880`01663b5d 0f859a000000 jne tcpip!TcpBeginTcbSend+0x12cd (fffff880`01663bfd) Branch
tcpip!TcpBeginTcbSend+0x1233: fffff880`01663b63 8a05d7f51000 mov al,byte ptr [tcpip!MICROSOFT_TCPIP_PROVIDER_Context+0x28 (fffff880`01773140)] fffff880`01663b69 3c05 cmp al,5 fffff880`01663b6b 7308 jae tcpip!TcpBeginTcbSend+0x1245 (fffff880`01663b75) Branch
tcpip!TcpBeginTcbSend+0x123d: fffff880`01663b6d 84c0 test al,al fffff880`01663b6f 0f8588000000 jne tcpip!TcpBeginTcbSend+0x12cd (fffff880`01663bfd) Branch
tcpip!TcpBeginTcbSend+0x1245: fffff880`01663b75 49bd0000000001000080 mov r13,8000000100000000h fffff880`01663b7f 4c852da2f51000 test qword ptr [tcpip!MICROSOFT_TCPIP_PROVIDER_Context+0x10 (fffff880`01773128)],r13 fffff880`01663b86 747f je tcpip!TcpBeginTcbSend+0x12d7 (fffff880`01663c07) Branch
tcpip!TcpBeginTcbSend+0x1258: fffff880`01663b88 488b0da1f51000 mov rcx,qword ptr [tcpip!MICROSOFT_TCPIP_PROVIDER_Context+0x18 (fffff880`01773130)] fffff880`01663b8f 488bc1 mov rax,rcx fffff880`01663b92 4923c5 and rax,r13 fffff880`01663b95 483bc1 cmp rax,rcx fffff880`01663b98 756d jne tcpip!TcpBeginTcbSend+0x12d7 (fffff880`01663c07) Branch
tcpip!TcpBeginTcbSend+0x126a: fffff880`01663b9a 488b0d6ff51000 mov rcx,qword ptr [tcpip!Microsoft_Windows_TCPIPHandle (fffff880`01773110)] fffff880`01663ba1 33c0 xor eax,eax fffff880`01663ba3 896c2438 mov dword ptr [rsp+38h],ebp fffff880`01663ba7 898424c0010000 mov dword ptr [rsp+1C0h],eax fffff880`01663bae 898424c4010000 mov dword ptr [rsp+1C4h],eax fffff880`01663bb5 898424c8010000 mov dword ptr [rsp+1C8h],eax fffff880`01663bbc 898424cc010000 mov dword ptr [rsp+1CCh],eax fffff880`01663bc3 8b842468020000 mov eax,dword ptr [rsp+268h] fffff880`01663bca 896c2430 mov dword ptr [rsp+30h],ebp fffff880`01663bce 89442428 mov dword ptr [rsp+28h],eax fffff880`01663bd2 8b8380000000 mov eax,dword ptr [rbx+80h] fffff880`01663bd8 4c8d8424c0010000 lea r8,[rsp+1C0h] fffff880`01663be0 488d1521f00d00 lea rdx,[tcpip!TCP_SRTT_MEASUREMENT_STARTED (fffff880`01742c08)] fffff880`01663be7 4c8bcb mov r9,rbx fffff880`01663bea 48899c24c0010000 mov qword ptr [rsp+1C0h],rbx fffff880`01663bf2 89442420 mov dword ptr [rsp+20h],eax fffff880`01663bf6 e8a57c0800 call tcpip!Template_pqqqq (fffff880`016eb8a0) fffff880`01663bfb eb0a jmp tcpip!TcpBeginTcbSend+0x12d7 (fffff880`01663c07) Branch
tcpip!TcpBeginTcbSend+0x12cd: fffff880`01663bfd 49bd0000000001000080 mov r13,8000000100000000h
tcpip!TcpBeginTcbSend+0x12d7: fffff880`01663c07 8b842468020000 mov eax,dword ptr [rsp+268h] fffff880`01663c0e 0fb74b74 movzx ecx,word ptr [rbx+74h] fffff880`01663c12 ba00300000 mov edx,3000h fffff880`01663c17 898318020000 mov dword ptr [rbx+218h],eax fffff880`01663c1d 8b8380000000 mov eax,dword ptr [rbx+80h] fffff880`01663c23 898314020000 mov dword ptr [rbx+214h],eax fffff880`01663c29 0fb7c1 movzx eax,cx fffff880`01663c2c 6623c2 and ax,dx fffff880`01663c2f ba00200000 mov edx,2000h fffff880`01663c34 663bc2 cmp ax,dx fffff880`01663c37 0f8570010000 jne tcpip!TcpBeginTcbSend+0x147d (fffff880`01663dad) Branch
tcpip!TcpBeginTcbSend+0x130d: fffff880`01663c3d b800700000 mov eax,7000h fffff880`01663c42 660bc8 or cx,ax fffff880`01663c45 66894b74 mov word ptr [rbx+74h],cx fffff880`01663c49 83bb1403000000 cmp dword ptr [rbx+314h],0 fffff880`01663c50 0f8495000000 je tcpip!TcpBeginTcbSend+0x13bb (fffff880`01663ceb) Branch
tcpip!TcpBeginTcbSend+0x1326: fffff880`01663c56 89ab14030000 mov dword ptr [rbx+314h],ebp fffff880`01663c5c 833dd9f4100001 cmp dword ptr [tcpip!MICROSOFT_TCPIP_PROVIDER_Context+0x24 (fffff880`0177313c)],1 fffff880`01663c63 0f8582000000 jne tcpip!TcpBeginTcbSend+0x13bb (fffff880`01663ceb) Branch
tcpip!TcpBeginTcbSend+0x1339: fffff880`01663c69 0fb605d0f41000 movzx eax,byte ptr [tcpip!MICROSOFT_TCPIP_PROVIDER_Context+0x28 (fffff880`01773140)] fffff880`01663c70 3c05 cmp al,5 fffff880`01663c72 7304 jae tcpip!TcpBeginTcbSend+0x1348 (fffff880`01663c78) Branch
tcpip!TcpBeginTcbSend+0x1344: fffff880`01663c74 84c0 test al,al fffff880`01663c76 7573 jne tcpip!TcpBeginTcbSend+0x13bb (fffff880`01663ceb) Branch
tcpip!TcpBeginTcbSend+0x1348: fffff880`01663c78 48be0400000000080080 mov rsi,8000080000000004h fffff880`01663c82 4885359ff41000 test qword ptr [tcpip!MICROSOFT_TCPIP_PROVIDER_Context+0x10 (fffff880`01773128)],rsi fffff880`01663c89 746a je tcpip!TcpBeginTcbSend+0x13c5 (fffff880`01663cf5) Branch
tcpip!TcpBeginTcbSend+0x135b: fffff880`01663c8b 488b0d9ef41000 mov rcx,qword ptr [tcpip!MICROSOFT_TCPIP_PROVIDER_Context+0x18 (fffff880`01773130)] fffff880`01663c92 488bc1 mov rax,rcx fffff880`01663c95 4823c6 and rax,rsi fffff880`01663c98 483bc1 cmp rax,rcx fffff880`01663c9b 7558 jne tcpip!TcpBeginTcbSend+0x13c5 (fffff880`01663cf5) Branch
tcpip!TcpBeginTcbSend+0x136d: fffff880`01663c9d 488b0d6cf41000 mov rcx,qword ptr [tcpip!Microsoft_Windows_TCPIPHandle (fffff880`01773110)] fffff880`01663ca4 33c0 xor eax,eax fffff880`01663ca6 4c8d842450010000 lea r8,[rsp+150h] fffff880`01663cae 89842450010000 mov dword ptr [rsp+150h],eax fffff880`01663cb5 89842454010000 mov dword ptr [rsp+154h],eax fffff880`01663cbc 488d1505ea0d00 lea rdx,[tcpip!TCP_TCB_STOP_TIMER (fffff880`017426c8)] fffff880`01663cc3 4c8bcb mov r9,rbx fffff880`01663cc6 896c2428 mov dword ptr [rsp+28h],ebp fffff880`01663cca 89842458010000 mov dword ptr [rsp+158h],eax fffff880`01663cd1 8984245c010000 mov dword ptr [rsp+15Ch],eax fffff880`01663cd8 48899c2450010000 mov qword ptr [rsp+150h],rbx fffff880`01663ce0 896c2420 mov dword ptr [rsp+20h],ebp fffff880`01663ce4 e8777a0800 call tcpip!Template_pqq (fffff880`016eb760) fffff880`01663ce9 eb0a jmp tcpip!TcpBeginTcbSend+0x13c5 (fffff880`01663cf5) Branch
tcpip!TcpBeginTcbSend+0x13bb: fffff880`01663ceb 48be0400000000080080 mov rsi,8000080000000004h
tcpip!TcpBeginTcbSend+0x13c5: fffff880`01663cf5 488bcb mov rcx,rbx fffff880`01663cf8 e8535afaff call tcpip!TcpComputeRtoTcbSend (fffff880`01609750) fffff880`01663cfd 448b8c2468020000 mov r9d,dword ptr [rsp+268h] fffff880`01663d05 33d2 xor edx,edx fffff880`01663d07 018328020000 add dword ptr [rbx+228h],eax fffff880`01663d0d 448bc0 mov r8d,eax fffff880`01663d10 488bcb mov rcx,rbx fffff880`01663d13 8bf8 mov edi,eax fffff880`01663d15 e83636feff call tcpip!TcpStartTimerTcb (fffff880`01647350) fffff880`01663d1a 833d1bf4100001 cmp dword ptr [tcpip!MICROSOFT_TCPIP_PROVIDER_Context+0x24 (fffff880`0177313c)],1 fffff880`01663d21 0f8586000000 jne tcpip!TcpBeginTcbSend+0x147d (fffff880`01663dad) Branch
tcpip!TcpBeginTcbSend+0x13f7: fffff880`01663d27 8a0513f41000 mov al,byte ptr [tcpip!MICROSOFT_TCPIP_PROVIDER_Context+0x28 (fffff880`01773140)] fffff880`01663d2d 3c05 cmp al,5 fffff880`01663d2f 7304 jae tcpip!TcpBeginTcbSend+0x1405 (fffff880`01663d35) Branch
tcpip!TcpBeginTcbSend+0x1401: fffff880`01663d31 84c0 test al,al fffff880`01663d33 7578 jne tcpip!TcpBeginTcbSend+0x147d (fffff880`01663dad) Branch
tcpip!TcpBeginTcbSend+0x1405: fffff880`01663d35 488535ecf31000 test qword ptr [tcpip!MICROSOFT_TCPIP_PROVIDER_Context+0x10 (fffff880`01773128)],rsi fffff880`01663d3c 746f je tcpip!TcpBeginTcbSend+0x147d (fffff880`01663dad) Branch
tcpip!TcpBeginTcbSend+0x140e: fffff880`01663d3e 488b0debf31000 mov rcx,qword ptr [tcpip!MICROSOFT_TCPIP_PROVIDER_Context+0x18 (fffff880`01773130)] fffff880`01663d45 488bc1 mov rax,rcx fffff880`01663d48 4823c6 and rax,rsi fffff880`01663d4b 483bc1 cmp rax,rcx fffff880`01663d4e 755d jne tcpip!TcpBeginTcbSend+0x147d (fffff880`01663dad) Branch
tcpip!TcpBeginTcbSend+0x1420: fffff880`01663d50 488b0db9f31000 mov rcx,qword ptr [tcpip!Microsoft_Windows_TCPIPHandle (fffff880`01773110)] fffff880`01663d57 33c0 xor eax,eax fffff880`01663d59 4c8d842470010000 lea r8,[rsp+170h] fffff880`01663d61 89842470010000 mov dword ptr [rsp+170h],eax fffff880`01663d68 89842474010000 mov dword ptr [rsp+174h],eax fffff880`01663d6f 89842478010000 mov dword ptr [rsp+178h],eax fffff880`01663d76 8984247c010000 mov dword ptr [rsp+17Ch],eax fffff880`01663d7d 8d04bf lea eax,[rdi+rdi*4] fffff880`01663d80 488d1531e90d00 lea rdx,[tcpip!TCP_TCB_TIMER_START (fffff880`017426b8)] fffff880`01663d87 03c0 add eax,eax fffff880`01663d89 4c8bcb mov r9,rbx fffff880`01663d8c 48899c2470010000 mov qword ptr [rsp+170h],rbx fffff880`01663d94 89442428 mov dword ptr [rsp+28h],eax fffff880`01663d98 896c2420 mov dword ptr [rsp+20h],ebp fffff880`01663d9c e8bf790800 call tcpip!Template_pqq (fffff880`016eb760) fffff880`01663da1 eb0a jmp tcpip!TcpBeginTcbSend+0x147d (fffff880`01663dad) Branch
tcpip!TcpBeginTcbSend+0x1473: fffff880`01663da3 49bd0000000001000080 mov r13,8000000100000000h
tcpip!TcpBeginTcbSend+0x147d: fffff880`01663dad 0fb68373020000 movzx eax,byte ptr [rbx+273h] fffff880`01663db4 2438 and al,38h fffff880`01663db6 3c10 cmp al,10h fffff880`01663db8 752b jne tcpip!TcpBeginTcbSend+0x14b5 (fffff880`01663de5) Branch
tcpip!TcpBeginTcbSend+0x148a: fffff880`01663dba f6437401 test byte ptr [rbx+74h],1 fffff880`01663dbe 7525 jne tcpip!TcpBeginTcbSend+0x14b5 (fffff880`01663de5) Branch
tcpip!TcpBeginTcbSend+0x1490: fffff880`01663dc0 448b8b80000000 mov r9d,dword ptr [rbx+80h] fffff880`01663dc7 458b0424 mov r8d,dword ptr [r12] fffff880`01663dcb ba05000000 mov edx,5 fffff880`01663dd0 488bcb mov rcx,rbx fffff880`01663dd3 452bc1 sub r8d,r9d fffff880`01663dd6 c644242800 mov byte ptr [rsp+28h],0 fffff880`01663ddb c644242000 mov byte ptr [rsp+20h],0 fffff880`01663de0 e8bb280000 call tcpip!TcpCcmNotifyEvent (fffff880`016666a0)
tcpip!TcpBeginTcbSend+0x14b5: fffff880`01663de5 8b0d51f31000 mov ecx,dword ptr [tcpip!MICROSOFT_TCPIP_PROVIDER_Context+0x24 (fffff880`0177313c)] fffff880`01663deb 85c9 test ecx,ecx fffff880`01663ded 0f84d0000000 je tcpip!TcpBeginTcbSend+0x1593 (fffff880`01663ec3) Branch
tcpip!TcpBeginTcbSend+0x14c3: fffff880`01663df3 0fb68373020000 movzx eax,byte ptr [rbx+273h] fffff880`01663dfa 2438 and al,38h fffff880`01663dfc 3c10 cmp al,10h fffff880`01663dfe 0f84bf000000 je tcpip!TcpBeginTcbSend+0x1593 (fffff880`01663ec3) Branch
tcpip!TcpBeginTcbSend+0x14d4: fffff880`01663e04 83f901 cmp ecx,1 fffff880`01663e07 0f85b6000000 jne tcpip!TcpBeginTcbSend+0x1593 (fffff880`01663ec3) Branch
tcpip!TcpBeginTcbSend+0x14dd: fffff880`01663e0d 8a052df31000 mov al,byte ptr [tcpip!MICROSOFT_TCPIP_PROVIDER_Context+0x28 (fffff880`01773140)] fffff880`01663e13 3c04 cmp al,4 fffff880`01663e15 7308 jae tcpip!TcpBeginTcbSend+0x14ef (fffff880`01663e1f) Branch
tcpip!TcpBeginTcbSend+0x14e7: fffff880`01663e17 84c0 test al,al fffff880`01663e19 0f85a4000000 jne tcpip!TcpBeginTcbSend+0x1593 (fffff880`01663ec3) Branch
tcpip!TcpBeginTcbSend+0x14ef: fffff880`01663e1f 4c852d02f31000 test qword ptr [tcpip!MICROSOFT_TCPIP_PROVIDER_Context+0x10 (fffff880`01773128)],r13 fffff880`01663e26 0f8497000000 je tcpip!TcpBeginTcbSend+0x1593 (fffff880`01663ec3) Branch
tcpip!TcpBeginTcbSend+0x14fc: fffff880`01663e2c 488b0dfdf21000 mov rcx,qword ptr [tcpip!MICROSOFT_TCPIP_PROVIDER_Context+0x18 (fffff880`01773130)] fffff880`01663e33 488bc1 mov rax,rcx fffff880`01663e36 4923c5 and rax,r13 fffff880`01663e39 483bc1 cmp rax,rcx fffff880`01663e3c 0f8581000000 jne tcpip!TcpBeginTcbSend+0x1593 (fffff880`01663ec3) Branch
tcpip!TcpBeginTcbSend+0x1512: fffff880`01663e42 418b0c24 mov ecx,dword ptr [r12] fffff880`01663e46 896c2478 mov dword ptr [rsp+78h],ebp fffff880`01663e4a 896c2470 mov dword ptr [rsp+70h],ebp fffff880`01663e4e 2b8b80000000 sub ecx,dword ptr [rbx+80h] fffff880`01663e54 896c2468 mov dword ptr [rsp+68h],ebp fffff880`01663e58 896c2460 mov dword ptr [rsp+60h],ebp fffff880`01663e5c 896c2458 mov dword ptr [rsp+58h],ebp fffff880`01663e60 33c0 xor eax,eax fffff880`01663e62 896c2450 mov dword ptr [rsp+50h],ebp fffff880`01663e66 896c2448 mov dword ptr [rsp+48h],ebp fffff880`01663e6a 89842490010000 mov dword ptr [rsp+190h],eax fffff880`01663e71 89842494010000 mov dword ptr [rsp+194h],eax fffff880`01663e78 89842498010000 mov dword ptr [rsp+198h],eax fffff880`01663e7f 8984249c010000 mov dword ptr [rsp+19Ch],eax fffff880`01663e86 8b437c mov eax,dword ptr [rbx+7Ch] fffff880`01663e89 89442440 mov dword ptr [rsp+40h],eax fffff880`01663e8d 894c2438 mov dword ptr [rsp+38h],ecx fffff880`01663e91 488b0d78f21000 mov rcx,qword ptr [tcpip!Microsoft_Windows_TCPIPHandle (fffff880`01773110)] fffff880`01663e98 896c2430 mov dword ptr [rsp+30h],ebp fffff880`01663e9c 4c8d842490010000 lea r8,[rsp+190h] fffff880`01663ea4 488d158de80d00 lea rdx,[tcpip!TCP_DATA_TRANSFER_SEND (fffff880`01742738)] fffff880`01663eab 4c8bcb mov r9,rbx fffff880`01663eae 896c2428 mov dword ptr [rsp+28h],ebp fffff880`01663eb2 48899c2490010000 mov qword ptr [rsp+190h],rbx fffff880`01663eba 896c2420 mov dword ptr [rsp+20h],ebp fffff880`01663ebe e86d7a0800 call tcpip!Template_pqqqqqqqqqqqq (fffff880`016eb930)
tcpip!TcpBeginTcbSend+0x1593: fffff880`01663ec3 418b0424 mov eax,dword ptr [r12] fffff880`01663ec7 898380000000 mov dword ptr [rbx+80h],eax
tcpip!TcpBeginTcbSend+0x159d: fffff880`01663ecd 488d8424f0000000 lea rax,[rsp+0F0h] fffff880`01663ed5 4c3be0 cmp r12,rax fffff880`01663ed8 7540 jne tcpip!TcpBeginTcbSend+0x15ea (fffff880`01663f1a) Branch
tcpip!TcpBeginTcbSend+0x15aa: fffff880`01663eda 418b0424 mov eax,dword ptr [r12] fffff880`01663ede 3b437c cmp eax,dword ptr [rbx+7Ch] fffff880`01663ee1 7437 je tcpip!TcpBeginTcbSend+0x15ea (fffff880`01663f1a) Branch
tcpip!TcpBeginTcbSend+0x15b3: fffff880`01663ee3 89437c mov dword ptr [rbx+7Ch],eax fffff880`01663ee6 498b442408 mov rax,qword ptr [r12+8] fffff880`01663eeb 48898330010000 mov qword ptr [rbx+130h],rax fffff880`01663ef2 4885c0 test rax,rax fffff880`01663ef5 7423 je tcpip!TcpBeginTcbSend+0x15ea (fffff880`01663f1a) Branch
tcpip!TcpBeginTcbSend+0x15c7: fffff880`01663ef7 498b442410 mov rax,qword ptr [r12+10h] fffff880`01663efc 48898338010000 mov qword ptr [rbx+138h],rax fffff880`01663f03 498b442418 mov rax,qword ptr [r12+18h] fffff880`01663f08 48898340010000 mov qword ptr [rbx+140h],rax fffff880`01663f0f 418b442420 mov eax,dword ptr [r12+20h] fffff880`01663f14 898348010000 mov dword ptr [rbx+148h],eax
tcpip!TcpBeginTcbSend+0x15ea: fffff880`01663f1a 4883bc24a000000000 cmp qword ptr [rsp+0A0h],0 fffff880`01663f23 7463 je tcpip!TcpBeginTcbSend+0x1658 (fffff880`01663f88) Branch
tcpip!TcpBeginTcbSend+0x15f5: fffff880`01663f25 f684248000000010 test byte ptr [rsp+80h],10h fffff880`01663f2d 7459 je tcpip!TcpBeginTcbSend+0x1658 (fffff880`01663f88) Branch
tcpip!TcpBeginTcbSend+0x15ff: fffff880`01663f2f 8b9338020000 mov edx,dword ptr [rbx+238h] fffff880`01663f35 0fb683a4000000 movzx eax,byte ptr [rbx+0A4h] fffff880`01663f3c 816370ff7ffdff and dword ptr [rbx+70h],0FFFD7FFFh fffff880`01663f43 8bca mov ecx,edx fffff880`01663f45 c1e917 shr ecx,17h fffff880`01663f48 83e103 and ecx,3 fffff880`01663f4b 03c8 add ecx,eax fffff880`01663f4d 83f902 cmp ecx,2 fffff880`01663f50 7210 jb tcpip!TcpBeginTcbSend+0x1632 (fffff880`01663f62) Branch
tcpip!TcpBeginTcbSend+0x1622: fffff880`01663f52 0fbaf217 btr edx,17h fffff880`01663f56 0fbaea18 bts edx,18h fffff880`01663f5a 899338020000 mov dword ptr [rbx+238h],edx fffff880`01663f60 eb13 jmp tcpip!TcpBeginTcbSend+0x1645 (fffff880`01663f75) Branch
tcpip!TcpBeginTcbSend+0x1632: fffff880`01663f62 c1e117 shl ecx,17h fffff880`01663f65 33ca xor ecx,edx fffff880`01663f67 81e100008001 and ecx,1800000h fffff880`01663f6d 33ca xor ecx,edx fffff880`01663f6f 898b38020000 mov dword ptr [rbx+238h],ecx
tcpip!TcpBeginTcbSend+0x1645: fffff880`01663f75 8b834c010000 mov eax,dword ptr [rbx+14Ch] fffff880`01663f7b c683a400000000 mov byte ptr [rbx+0A4h],0 fffff880`01663f82 898324020000 mov dword ptr [rbx+224h],eax
tcpip!TcpBeginTcbSend+0x1658: fffff880`01663f88 488b8424a0000000 mov rax,qword ptr [rsp+0A0h] fffff880`01663f90 488b8c24e0010000 mov rcx,qword ptr [rsp+1E0h] fffff880`01663f98 4833cc xor rcx,rsp fffff880`01663f9b e880920200 call tcpip!_security_check_cookie (fffff880`0168d220) fffff880`01663fa0 488b9c2448020000 mov rbx,qword ptr [rsp+248h] fffff880`01663fa8 4881c4f0010000 add rsp,1F0h fffff880`01663faf 415f pop r15 fffff880`01663fb1 415e pop r14 fffff880`01663fb3 415d pop r13 fffff880`01663fb5 415c pop r12 fffff880`01663fb7 5f pop rdi fffff880`01663fb8 5e pop rsi fffff880`01663fb9 5d pop rbp fffff880`01663fba c3 ret 1: kd> r rax=fffff88001c218a0 rbx=fffffa800694e360 rcx=000000000000000a rdx=000000000000001c rsi=fffff88001668410 rdi=fffff88001c21cf4 rip=fffff800016dbca0 rsp=fffff88001c21798 rbp=fffff88001c21960 r8=0000000000000002 r9=0000000000000001 r10=fffff880016634a6 r11=fffff6fb7da00000 r12=fffff88001c21b60 r13=fffffa80047f6af0 r14=fffffa80047f6a30 r15=0000000000000001 iopl=0 nv up ei ng nz na po nc cs=0010 ss=0018 ds=002b es=002b fs=0053 gs=002b efl=00000286 nt!KeBugCheckEx: fffff800`016dbca0 48894c2408 mov qword ptr [rsp+8],rcx ss:0018:fffff880`01c217a0=000000000000000a 1: kd> u nt!KeBugCheckEx: fffff800`016dbca0 48894c2408 mov qword ptr [rsp+8],rcx fffff800`016dbca5 4889542410 mov qword ptr [rsp+10h],rdx fffff800`016dbcaa 4c89442418 mov qword ptr [rsp+18h],r8 fffff800`016dbcaf 4c894c2420 mov qword ptr [rsp+20h],r9 fffff800`016dbcb4 9c pushfq fffff800`016dbcb5 4883ec30 sub rsp,30h fffff800`016dbcb9 fa cli fffff800`016dbcba 65488b0c2520000000 mov rcx,qword ptr gs:[20h] 1: kd> .trap fffff880`016634a6 NOTE: The trap frame does not contain all registers. Some register values may be zeroed or incorrect. Unable to get program counter rax=0000000000000000 rbx=0000000000000000 rcx=0000000000000000 rdx=0000000000000000 rsi=0000000000000000 rdi=0000000000000000 rip=85483f8b48187408 rsp=b824bc8b48e87508 rbp=fa5f99e8cb8b4820 r8=0000000000000000 r9=0000000000000000 r10=0000000000000000 r11=0000000000000000 r12=0000000000000000 r13=0000000000000000 r14=0000000000000000 r15=0000000000000000 iopl=3 ov dn ei pl zr na pe cy 74ff:7408 ?? ??? 1: kd> ub ^ Unable to find valid previous instruction for 'ub' 1: kd> u 85483f8b`48187408 ?? ??? ^ Memory access error in 'u' 1: kd> r Last set context: Unable to get program counter rax=0000000000000000 rbx=0000000000000000 rcx=0000000000000000 rdx=0000000000000000 rsi=0000000000000000 rdi=0000000000000000 rip=85483f8b48187408 rsp=b824bc8b48e87508 rbp=fa5f99e8cb8b4820 r8=0000000000000000 r9=0000000000000000 r10=0000000000000000 r11=0000000000000000 r12=0000000000000000 r13=0000000000000000 r14=0000000000000000 r15=0000000000000000 iopl=3 ov dn ei pl zr na pe cy cs=74ff ss=0000 ds=0000 es=0000 fs=0000 gs=0000 efl=0845ff41 74ff:7408 ?? ??? ^ Unable to get program counter 'r ' 1: kd> vertarget Windows 7 Kernel Version 7601 (Service Pack 1) MP (2 procs) Free x64 Product: Server, suite: Enterprise TerminalServer SingleUserTS Built by: 7601.24499.amd64fre.win7sp1_ldr.190612-0600 Machine Name: Kernel base = 0xfffff800`01648000 PsLoadedModuleList = 0xfffff800`01881c90 Debug session time: Fri Sep 20 15:06:45.323 2019 (UTC + 9:00) System Uptime: 2 days 16:26:25.260
|