API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Feb 21st, 2016
150
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 6.52 KB | None | 0 0
raw download clone embed print report
  1. Microsoft (R) Windows Debugger Version 10.0.10586.567 AMD64
  2. Copyright (c) Microsoft Corporation. All rights reserved.
  3.  
  4.  
  5. Loading Dump File [C:\Users\mordekk\Desktop\MEMORY.DMP]
  6. Kernel Bitmap Dump File: Kernel address space is available, User address space may not be available.
  7.  
  8.  
  9. ************* Symbol Path validation summary **************
  10. Response Time (ms) Location
  11. Deferred SRV*C:\Windows\symbol_cache*http://msdl.microsoft.com/download/symbols
  12. Symbol search path is: SRV*C:\Windows\symbol_cache*http://msdl.microsoft.com/download/symbols
  13. Executable search path is:
  14. Windows 10 Kernel Version 10240 MP (8 procs) Free x64
  15. Product: WinNt, suite: TerminalServer SingleUserTS
  16. Built by: 10240.16384.amd64fre.th1.150709-1700
  17. Machine Name:
  18. Kernel base = 0xfffff800`54a84000 PsLoadedModuleList = 0xfffff800`54da8f30
  19. Debug session time: Wed Feb 17 23:40:03.615 2016 (UTC + 1:00)
  20. System Uptime: 0 days 0:06:18.386
  21. Loading Kernel Symbols
  22. .............................................................Page 1040e6 not present in the dump file. Type ".hh dbgerr004" for details
  23. ..
  24. ................................................................
  25. .............................
  26. Loading User Symbols
  27. PEB is paged out (Peb.Ldr = 00000000`ff517018). Type ".hh dbgerr001" for details
  28. *******************************************************************************
  29. * *
  30. * Bugcheck Analysis *
  31. * *
  32. *******************************************************************************
  33.  
  34. Use !analyze -v to get detailed debugging information.
  35.  
  36. BugCheck 3B, {c0000096, fffff80054bd115c, ffffd0002060d0d0, 0}
  37.  
  38. Page 10aa7a not present in the dump file. Type ".hh dbgerr004" for details
  39. Probably caused by : ntkrnlmp.exe ( nt!KiSaveDebugRegisterState+5c )
  40.  
  41. Followup: MachineOwner
  42. ?-------
  43.  
  44. 6: kd> !analyze -v
  45. *******************************************************************************
  46. * *
  47. * Bugcheck Analysis *
  48. * *
  49. *******************************************************************************
  50.  
  51. SYSTEM_SERVICE_EXCEPTION (3b)
  52. An exception happened while executing a system service routine.
  53. Arguments:
  54. Arg1: 00000000c0000096, Exception code that caused the bugcheck
  55. Arg2: fffff80054bd115c, Address of the instruction which caused the bugcheck
  56. Arg3: ffffd0002060d0d0, Address of the context record for the exception that caused the bugcheck
  57. Arg4: 0000000000000000, zero.
  58.  
  59. Debugging Details:
  60. ?----------------
  61.  
  62. Page 10aa7a not present in the dump file. Type ".hh dbgerr004" for details
  63.  
  64. DUMP_CLASS: 1
  65.  
  66. DUMP_QUALIFIER: 401
  67.  
  68. BUILD_VERSION_STRING: 10240.16384.amd64fre.th1.150709-1700
  69.  
  70. SYSTEM_MANUFACTURER: QEMU
  71.  
  72. SYSTEM_PRODUCT_NAME: Standard PC (i440FX + PIIX, 1996)
  73.  
  74. SYSTEM_VERSION: pc-i440fx-2.6
  75.  
  76. BIOS_VENDOR: EFI Development Kit II / OVMF
  77.  
  78. BIOS_VERSION: 0.0.0
  79.  
  80. BIOS_DATE: 02/06/2015
  81.  
  82. DUMP_TYPE: 1
  83.  
  84. BUGCHECK_P1: c0000096
  85.  
  86. BUGCHECK_P2: fffff80054bd115c
  87.  
  88. BUGCHECK_P3: ffffd0002060d0d0
  89.  
  90. BUGCHECK_P4: 0
  91.  
  92. EXCEPTION_CODE: (NTSTATUS) 0xc0000096 - {EXCEPTION} Privileged instruction.
  93.  
  94. FAULTING_IP:
  95. nt!KiSaveDebugRegisterState+5c
  96. fffff800`54bd115c 0f32 rdmsr
  97. CONTEXT: ffffd0002060d0d0 ? (.cxr 0xffffd0002060d0d0)
  98. rax=0000000000000000 rbx=ffffe0006f1d6080 rcx=00000000000001c9
  99. rdx=0000000000000555 rsi=0000000080000008 rdi=000000000ac59880
  100. rip=fffff80054bd115c rsp=ffffd0002060daf8 rbp=ffffd0002060db80
  101. r8=00000000000001c9 r9=ffffd000dca9c000 r10=000000000ac59750
  102. r11=0000000000000206 r12=00000000ff51c000 r13=0000000000e7fda0
  103. r14=000000000ac5973c r15=0000000050903560
  104. iopl=0 nv up di pl nz na po nc
  105. cs=0010 ss=0018 ds=002b es=002b fs=0053 gs=002b efl=00010006
  106. nt!KiSaveDebugRegisterState+0x5c:
  107. fffff800`54bd115c 0f32 rdmsr
  108. Resetting default scope
  109.  
  110. CPU_COUNT: 8
  111.  
  112. CPU_MHZ: da4
  113.  
  114. CPU_VENDOR: GenuineIntel
  115.  
  116. CPU_FAMILY: 6
  117.  
  118. CPU_MODEL: 3c
  119.  
  120. CPU_STEPPING: 3
  121.  
  122. CPU_MICROCODE: 6,3c,3,0 (F,M,S,R) SIG: 1'00000000 (cache) 1'00000000 (init)
  123.  
  124. DEFAULT_BUCKET_ID: WIN8_DRIVER_FAULT
  125.  
  126. BUGCHECK_STR: 0x3B
  127.  
  128. PROCESS_NAME: HeroesOfTheSto
  129.  
  130. CURRENT_IRQL: 0
  131.  
  132. ANALYSIS_SESSION_HOST: DESKTOP-8DOH0HB
  133.  
  134. ANALYSIS_SESSION_TIME: 02-19-2016 21:21:01.0482
  135.  
  136. ANALYSIS_VERSION: 10.0.10586.567 amd64fre
  137.  
  138. LAST_CONTROL_TRANSFER: from fffff80054bdb063 to fffff80054bd115c
  139.  
  140. STACK_TEXT:
  141. ffffd000`2060daf8 fffff800`54bdb063 : ffffe000`6f1d6080 00000000`77618a80 ffffe000`00000000 ffffe000`6f4c3370 : nt!KiSaveDebugRegisterState+0x5c
  142. ffffd000`2060db00 00000000`50901e52 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemCall64+0xa3
  143. 00000000`00e7ed38 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x50901e52
  144.  
  145.  
  146. THREAD_SHA1_HASH_MOD_FUNC: 1a16e79f37cd23a2fc1ba3a74adb007df13e6c74
  147.  
  148. THREAD_SHA1_HASH_MOD_FUNC_OFFSET: 43c2614ab3a67bf2be580ddb387d2745a4b34e50
  149.  
  150. THREAD_SHA1_HASH_MOD: 6997106dce080e0f247cffc7d244723501c73d61
  151.  
  152. FOLLOWUP_IP:
  153. nt!KiSaveDebugRegisterState+5c
  154. fffff800`54bd115c 0f32 rdmsr
  155.  
  156. FAULT_INSTR_CODE: 8b44320f
  157.  
  158. SYMBOL_STACK_INDEX: 0
  159.  
  160. SYMBOL_NAME: nt!KiSaveDebugRegisterState+5c
  161.  
  162. FOLLOWUP_NAME: MachineOwner
  163.  
  164. MODULE_NAME: nt
  165.  
  166. IMAGE_NAME: ntkrnlmp.exe
  167.  
  168. DEBUG_FLR_IMAGE_TIMESTAMP: 559f3c1a
  169.  
  170. STACK_COMMAND: .cxr 0xffffd0002060d0d0 ; kb
  171.  
  172. BUCKET_ID_FUNC_OFFSET: 5c
  173.  
  174. FAILURE_BUCKET_ID: 0x3B_nt!KiSaveDebugRegisterState
  175.  
  176. BUCKET_ID: 0x3B_nt!KiSaveDebugRegisterState
  177.  
  178. PRIMARY_PROBLEM_CLASS: 0x3B_nt!KiSaveDebugRegisterState
  179.  
  180. TARGET_TIME: 2016-02-17T22:40:03.000Z
  181.  
  182. OSBUILD: 10240
  183.  
  184. OSSERVICEPACK: 0
  185.  
  186. SERVICEPACK_NUMBER: 0
  187.  
  188. OS_REVISION: 0
  189.  
  190. SUITE_MASK: 272
  191.  
  192. PRODUCT_TYPE: 1
  193.  
  194. OSPLATFORM_TYPE: x64
  195.  
  196. OSNAME: Windows 10
  197.  
  198. OSEDITION: Windows 10 WinNt TerminalServer SingleUserTS
  199.  
  200. OS_LOCALE:
  201.  
  202. USER_LCID: 0
  203.  
  204. OSBUILD_TIMESTAMP: 2015-07-10 05:29:30
  205.  
  206. BUILDDATESTAMP_STR: 150709-1700
  207.  
  208. BUILDLAB_STR: th1
  209.  
  210. BUILDOSVER_STR: 10.0.10240.16384.amd64fre.th1.150709-1700
  211.  
  212. ANALYSIS_SESSION_ELAPSED_TIME: 389
  213.  
  214. ANALYSIS_SOURCE: KM
  215.  
  216. FAILURE_ID_HASH_STRING: km:0x3b_nt!kisavedebugregisterstate
  217.  
  218. FAILURE_ID_HASH: {0bc09705-4a2d-bc06-c38a-1d9dc057a547}
  219.  
  220. Followup: MachineOwner
  221. ?-------
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!