API tools faq
paste
Guest User

Untitled

a guest
Aug 2nd, 2017
205
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 27.84 KB | None | 0 0
raw download clone embed print report
  1. Microsoft (R) Windows Debugger Version 10.0.14321.1024 X86
  2. Copyright (c) Microsoft Corporation. All rights reserved.
  3.  
  4. Auto Dump Analyzer by gardenman
  5. Time to debug file(s): 00 hours and 02 minutes and 19 seconds
  6.  
  7. ========================================================================
  8. =================== Dump File: 080217-5812-01.dmp ====================
  9. ========================================================================
  10. Mini Kernel Dump File: Only registers and stack trace are available
  11. Windows 10 Kernel Version 15063 MP (4 procs) Free x64
  12. Product: WinNt, suite: TerminalServer SingleUserTS Personal
  13. Built by: 15063.0.amd64fre.rs2_release.170317-1834
  14. Kernel base = 0xfffff803`e988c000 PsLoadedModuleList = 0xfffff803`e9bd85e0
  15. Debug session time: Wed Aug 2 09:50:28.884 2017 (UTC - 4:00)
  16. System Uptime: 0 days 0:09:29.537
  17.  
  18. BugCheck F7, {6692bff56ecf, 6e92bff56ecf, ffff916d400a9130, 0}
  19. Probably caused by : ntkrnlmp.exe ( nt!_report_gsfailure+25 )
  20. Followup: MachineOwner
  21.  
  22. DRIVER_OVERRAN_STACK_BUFFER (f7)
  23. A driver has overrun a stack-based buffer. This overrun could potentially
  24. allow a malicious user to gain control of this machine.
  25. DESCRIPTION
  26. A driver overran a stack-based buffer (or local variable) in a way that would
  27. have overwritten the function's return address and jumped back to an arbitrary
  28. address when the function returned. This is the classic "buffer overrun"
  29. hacking attack and the system has been brought down to prevent a malicious user
  30. from gaining complete control of it.
  31. Do a kb to get a stack backtrace -- the last routine on the stack before the
  32. buffer overrun handlers and bugcheck call is the one that overran its local
  33. variable(s).
  34.  
  35. Arguments:
  36. Arg1: 00006692bff56ecf, Actual security check cookie from the stack
  37. Arg2: 00006e92bff56ecf, Expected security check cookie
  38. Arg3: ffff916d400a9130, Complement of the expected security check cookie
  39. Arg4: 0000000000000000, zero
  40.  
  41. Debugging Details:
  42. DUMP_CLASS: 1
  43. DUMP_QUALIFIER: 400
  44. BUILD_VERSION_STRING: 10.0.15063.483 (WinBuild.160101.0800)
  45. SYSTEM_SKU: SKU
  46. BIOS_VENDOR: American Megatrends Inc.
  47. BIOS_VERSION: 1902
  48. BIOS_DATE: 06/24/2016
  49. BASEBOARD_MANUFACTURER: ASUSTeK COMPUTER INC.
  50. BASEBOARD_PRODUCT: Z170-A
  51. BASEBOARD_VERSION: Rev 1.xx
  52. DUMP_TYPE: 2
  53. SECURITY_COOKIE: Expected 00006e92bff56ecf found 00006692bff56ecf
  54. BUGCHECK_STR: 0xF7_ONE_BIT
  55. CPU_COUNT: 4
  56. CPU_MHZ: db0
  57. CPU_VENDOR: GenuineIntel
  58. CPU_FAMILY: 6
  59. CPU_MODEL: 5e
  60. CPU_STEPPING: 3
  61. CPU_MICROCODE: 6,5e,3,0 (F,M,S,R) SIG: 74'00000000 (cache) 74'00000000 (init)
  62. CUSTOMER_CRASH_COUNT: 1
  63. DEFAULT_BUCKET_ID: WIN8_DRIVER_FAULT
  64.  
  65. PROCESS_NAME: nvspcaps64.exe
  66.  
  67. CURRENT_IRQL: 0
  68. LAST_CONTROL_TRANSFER: from fffff803e9a66905 to fffff803e99f84c0
  69. STACK_TEXT:
  70. ffffbc81`b570f7a8 fffff803`e9a66905 : 00000000`000000f7 00006692`bff56ecf 00006e92`bff56ecf ffff916d`400a9130 : nt!KeBugCheckEx
  71. ffffbc81`b570f7b0 fffff803`e98bfae6 : ffff8588`00000000 00000000`00000000 00000000`00000001 00001f80`00000000 : nt!_report_gsfailure+0x25
  72. ffffbc81`b570f7f0 fffff803`e98bf461 : 00000000`00000000 00000000`0573f730 00000000`00000000 ffff9a00`ac87e7ec : nt!KiSwapThread+0x1b6
  73. ffffbc81`b570f8a0 fffff803`e98bed78 : ffff8588`91cfd650 fffff803`00000000 ffff9a00`ac87e700 ffff8588`974c1570 : nt!KiCommitThreadWait+0x101
  74. ffffbc81`b570f940 fffff803`e9d14db8 : ffff8588`974c1570 00000000`00000006 00000000`00000001 ffffbc81`b570fb00 : nt!KeWaitForSingleObject+0x2b8
  75. ffffbc81`b570fa10 fffff803`e9a03413 : ffff8588`96568080 00000000`ffffffff 00000000`00000000 ffff8588`974c1570 : nt!NtWaitForSingleObject+0xf8
  76. ffffbc81`b570fa80 00007ffe`d52e5424 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x13
  77. 00000000`0573f7a8 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x00007ffe`d52e5424
  78. STACK_COMMAND: kb
  79. THREAD_SHA1_HASH_MOD_FUNC: 20a6c2ca139290b6b0f69f439d1ba3f651d8f65a
  80. THREAD_SHA1_HASH_MOD_FUNC_OFFSET: be8294a57536fa05d07e28d25301a945be97d28e
  81. THREAD_SHA1_HASH_MOD: 30a3e915496deaace47137d5b90c3ecc03746bf6
  82. FOLLOWUP_IP:
  83. nt!_report_gsfailure+25
  84. fffff803`e9a66905 cc int 3
  85. FAULT_INSTR_CODE: cccccccc
  86. SYMBOL_STACK_INDEX: 1
  87. SYMBOL_NAME: nt!_report_gsfailure+25
  88. FOLLOWUP_NAME: MachineOwner
  89. MODULE_NAME: nt
  90.  
  91. IMAGE_NAME: ntkrnlmp.exe
  92.  
  93. DEBUG_FLR_IMAGE_TIMESTAMP: 595f24eb
  94. IMAGE_VERSION: 10.0.15063.483
  95. BUCKET_ID_FUNC_OFFSET: 25
  96. FAILURE_BUCKET_ID: 0xF7_ONE_BIT_MISSING_GSFRAME_nt!_report_gsfailure
  97. BUCKET_ID: 0xF7_ONE_BIT_MISSING_GSFRAME_nt!_report_gsfailure
  98. PRIMARY_PROBLEM_CLASS: 0xF7_ONE_BIT_MISSING_GSFRAME_nt!_report_gsfailure
  99. TARGET_TIME: 2017-08-02T13:50:28.000Z
  100. OSBUILD: 15063
  101. OSSERVICEPACK: 483
  102. SERVICEPACK_NUMBER: 0
  103. OS_REVISION: 0
  104. SUITE_MASK: 784
  105. PRODUCT_TYPE: 1
  106. OSPLATFORM_TYPE: x64
  107. OSNAME: Windows 10
  108. OSEDITION: Windows 10 WinNt TerminalServer SingleUserTS Personal
  109. USER_LCID: 0
  110. OSBUILD_TIMESTAMP: 2017-07-07 02:06:35
  111. BUILDDATESTAMP_STR: 160101.0800
  112. BUILDLAB_STR: WinBuild
  113. BUILDOSVER_STR: 10.0.15063.483
  114. ANALYSIS_SESSION_ELAPSED_TIME: 920
  115. ANALYSIS_SOURCE: KM
  116. FAILURE_ID_HASH_STRING: km:0xf7_one_bit_missing_gsframe_nt!_report_gsfailure
  117. FAILURE_ID_HASH: {8f84f302-dd0e-1f96-6f9c-0ea31ad59f42}
  118. Followup: MachineOwner
  119.  
  120. ========================================================================
  121. ============================== Drivers ===============================
  122. ========================================================================
  123. Image path: \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{8F0AAB2B-57DC-4391-AA92-5DDB1090ED03}\MpKsla5f877d1.sys
  124. Image name: MpKsla5f877d1.sys
  125. Possible Info Link: http://www.carrona.org/drivers/driver.php?id=MpKsla5f877d1.sys
  126. Timestamp: Tue May 19 2015
  127.  
  128. Image path: \SystemRoot\system32\drivers\RTKVHD64.sys
  129. Image name: RTKVHD64.sys
  130. Possible Info Link: http://www.carrona.org/drivers/driver.php?id=RTKVHD64.sys
  131. Possible Driver Info: Realtek Audio Driver system driver http://www.realtek.com.tw
  132. Timestamp: Tue Aug 16 2016
  133.  
  134. Image path: \SystemRoot\System32\drivers\TeeDriverW8x64.sys
  135. Image name: TeeDriverW8x64.sys
  136. Possible Info Link: http://www.carrona.org/drivers/driver.php?id=TeeDriverW8x64.sys
  137. Possible Driver Info: Intel® Management Engine Interface
  138. Timestamp: Mon Mar 28 2016
  139.  
  140. Image path: \SystemRoot\system32\DRIVERS\e1d65x64.sys
  141. Image name: e1d65x64.sys
  142. Possible Info Link: http://www.carrona.org/drivers/driver.php?id=e1d65x64.sys
  143. Possible Driver Info: Intel(R) Gigabit Adapter NDIS 6.x driver
  144. Timestamp: Thu Aug 13 2015
  145.  
  146. Image path: \SystemRoot\system32\drivers\nvvad64v.sys
  147. Image name: nvvad64v.sys
  148. Possible Info Link: http://www.carrona.org/drivers/driver.php?id=nvvad64v.sys
  149. Possible Driver Info: Nvidia Virtual Audio Driver http://www.nvidia.com/
  150. Timestamp: Wed Apr 5 2017
  151.  
  152. Image path: \SystemRoot\System32\drivers\nvvhci.sys
  153. Image name: nvvhci.sys
  154. Possible Info Link: http://www.carrona.org/drivers/driver.php?id=nvvhci.sys
  155. Possible Driver Info: Virtual USB Host Controller driver http://www.nvidia.com/
  156. Timestamp: Tue Dec 27 2016
  157.  
  158. Image path: \SystemRoot\system32\drivers\nvhda64v.sys
  159. Image name: nvhda64v.sys
  160. Possible Info Link: http://www.carrona.org/drivers/driver.php?id=nvhda64v.sys
  161. Possible Driver Info: Nvidia HDMI Audio Device http://www.nvidia.com/
  162. Timestamp: Wed Mar 15 2017
  163.  
  164. Image path: \SystemRoot\System32\DriverStore\FileRepository\nv_ref_pubwu.inf_amd64_f9309145156afb40\nvlddmkm.sys
  165. Image name: nvlddmkm.sys
  166. Possible Info Link: http://www.carrona.org/drivers/driver.php?id=nvlddmkm.sys
  167. Possible Driver Info: Nvidia Graphics Card driver http://www.nvidia.com/
  168. Timestamp: Mon May 1 2017
  169.  
  170. Image path: \SystemRoot\System32\drivers\sshid.sys
  171. Image name: sshid.sys
  172. Possible Info Link: http://www.carrona.org/drivers/driver.php?id=sshid.sys
  173. Timestamp: Mon Dec 19 2016
  174.  
  175. Image path: \??\C:\WINDOWS\system32\drivers\IOMap64.sys
  176. Image name: IOMap64.sys
  177. Possible Info Link: http://www.carrona.org/drivers/driver.php?id=IOMap64.sys
  178. Timestamp: Wed Oct 22 2014
  179.  
  180. Unloaded modules:
  181. fffff80c`28330000 fffff80c`2833b000 cldflt.sys
  182. fffff80c`23bf0000 fffff80c`23bff000 dump_storpor
  183. fffff80c`23c30000 fffff80c`23c57000 dump_storahc
  184. fffff80c`23c80000 fffff80c`23c9d000 dump_dumpfve
  185. fffff80c`24620000 fffff80c`24640000 dam.sys
  186. fffff80c`22c10000 fffff80c`22c1f000 WdBoot.sys
  187. fffff80c`23b00000 fffff80c`23b0f000 hwpolicy.sys
  188.  
  189. ========================================================================
  190. ============================== BIOS INFO =============================
  191. ========================================================================
  192. [SMBIOS Data Tables v3.0]
  193. [DMI Version - 0]
  194. [2.0 Calling Convention - No]
  195. [Table Size - 4402 bytes]
  196. [BIOS Information (Type 0) - Length 24 - Handle 0000h]
  197. Vendor American Megatrends Inc.
  198. BIOS Version 1902
  199. BIOS Starting Address Segment f000
  200. BIOS Release Date 06/24/2016
  201. BIOS ROM Size 1000000
  202. BIOS Characteristics
  203. 07: - PCI Supported
  204. 10: - APM Supported
  205. 11: - Upgradeable FLASH BIOS
  206. 12: - BIOS Shadowing Supported
  207. 15: - CD-Boot Supported
  208. 16: - Selectable Boot Supported
  209. 17: - BIOS ROM Socketed
  210. 19: - EDD Supported
  211. 23: - 1.2MB Floppy Supported
  212. 24: - 720KB Floppy Supported
  213. 25: - 2.88MB Floppy Supported
  214. 26: - Print Screen Device Supported
  215. 27: - Keyboard Services Supported
  216. 28: - Serial Services Supported
  217. 29: - Printer Services Supported
  218. 32: - BIOS Vendor Reserved
  219. BIOS Characteristic Extensions
  220. 00: - ACPI Supported
  221. 01: - USB Legacy Supported
  222. 08: - BIOS Boot Specification Supported
  223. 10: - Specification Reserved
  224. 11: - Specification Reserved
  225. BIOS Major Revision 5
  226. BIOS Minor Revision 11
  227. EC Firmware Major Revision 255
  228. EC Firmware Minor Revision 255
  229. [System Information (Type 1) - Length 27 - Handle 0001h]
  230. Manufacturer System manufacturer
  231. Product Name System Product Name
  232. Version System Version
  233. UUID 00000000-0000-0000-0000-000000000000
  234. Wakeup Type Power Switch
  235. SKUNumber SKU
  236. [BaseBoard Information (Type 2) - Length 15 - Handle 0002h]
  237. Manufacturer ASUSTeK COMPUTER INC.
  238. Product Z170-A
  239. Version Rev 1.xx
  240. Feature Flags 09h
  241. 1591878152: - ?ÿU?ì?ì¡H.õ^3Å?Eü3ÀW?}?Eô?Eø?ÿu
  242. ¸@
  243. 1591878192: - ?ÿU?ì?ì¡H.õ^3Å?Eü3ÀW?}?Eô?Eø?ÿu
  244. ¸@
  245. Location Default string
  246. Chassis Handle 0003h
  247. Board Type 0ah - Processor/Memory Module
  248. Number of Child Handles 0
  249. [System Enclosure (Type 3) - Length 22 - Handle 0003h]
  250. Manufacturer Default string
  251. Chassis Type Desktop
  252. Version Default string
  253. Bootup State Safe
  254. Power Supply State Safe
  255. Thermal State Safe
  256. Security Status None
  257. OEM Defined 0
  258. Height 0U
  259. Number of Power Cords 1
  260. Number of Contained Elements 0
  261. Contained Element Size 3
  262. [Onboard Devices Information (Type 10) - Length 6 - Handle 0028h]
  263. Number of Devices 1
  264. 01: Type Video [enabled]
  265. [OEM Strings (Type 11) - Length 5 - Handle 0029h]
  266. Number of Strings 4
  267. 1 Default string
  268. 2 Default string
  269. 3 ORC
  270. 4 Default string
  271. [System Configuration Options (Type 12) - Length 5 - Handle 002ah]
  272. [Cache Information (Type 7) - Length 19 - Handle 0045h]
  273. Socket Designation L1 Cache
  274. Cache Configuration 0180h - WB Enabled Int NonSocketed L1
  275. Maximum Cache Size 0080h - 128K
  276. Installed Size 0080h - 128K
  277. Supported SRAM Type 0020h - Synchronous
  278. Current SRAM Type 0020h - Synchronous
  279. Cache Speed 0ns
  280. Error Correction Type ParitySingle-Bit ECC
  281. System Cache Type Data
  282. Associativity 8-way Set-Associative
  283. [Cache Information (Type 7) - Length 19 - Handle 0046h]
  284. Socket Designation L1 Cache
  285. Cache Configuration 0180h - WB Enabled Int NonSocketed L1
  286. Maximum Cache Size 0080h - 128K
  287. Installed Size 0080h - 128K
  288. Supported SRAM Type 0020h - Synchronous
  289. Current SRAM Type 0020h - Synchronous
  290. Cache Speed 0ns
  291. Error Correction Type ParitySingle-Bit ECC
  292. System Cache Type Instruction
  293. Associativity 8-way Set-Associative
  294. [Cache Information (Type 7) - Length 19 - Handle 0047h]
  295. Socket Designation L2 Cache
  296. Cache Configuration 0181h - WB Enabled Int NonSocketed L2
  297. Maximum Cache Size 0400h - 1024K
  298. Installed Size 0400h - 1024K
  299. Supported SRAM Type 0020h - Synchronous
  300. Current SRAM Type 0020h - Synchronous
  301. Cache Speed 0ns
  302. Error Correction Type Multi-Bit ECC
  303. System Cache Type Unified
  304. Associativity 4-way Set-Associative
  305. [Cache Information (Type 7) - Length 19 - Handle 0048h]
  306. Socket Designation L3 Cache
  307. Cache Configuration 0182h - WB Enabled Int NonSocketed L3
  308. Maximum Cache Size 1800h - 6144K
  309. Installed Size 1800h - 6144K
  310. Supported SRAM Type 0020h - Synchronous
  311. Current SRAM Type 0020h - Synchronous
  312. Cache Speed 0ns
  313. Error Correction Type Specification Reserved
  314. System Cache Type Unified
  315. Associativity Specification Reserved
  316. [Processor Information (Type 4) - Length 48 - Handle 0049h]
  317. Socket Designation LGA1151
  318. Processor Type Central Processor
  319. Processor Family cdh - Specification Reserved
  320. Processor Manufacturer Intel(R) Corporation
  321. Processor ID e3060500fffbebbf
  322. Processor Version Intel(R) Core(TM) i5-6600K CPU @ 3.50GHz
  323. Processor Voltage 8bh - 1.1V
  324. External Clock 100MHz
  325. Max Speed 8300MHz
  326. Current Speed 3500MHz
  327. Status Enabled Populated
  328. Processor Upgrade Other
  329. L1 Cache Handle 0046h
  330. L2 Cache Handle 0047h
  331. L3 Cache Handle 0048h
  332. [Physical Memory Array (Type 16) - Length 23 - Handle 004ah]
  333. Location 03h - SystemBoard/Motherboard
  334. Use 03h - System Memory
  335. Memory Error Correction 03h - None
  336. Maximum Capacity 67108864KB
  337. Number of Memory Devices 4
  338. [Memory Device (Type 17) - Length 40 - Handle 004bh]
  339. Physical Memory Array Handle 004ah
  340. Total Width 0 bits
  341. Data Width 0 bits
  342. Form Factor 02h - Unknown
  343. Device Locator ChannelA-DIMM1
  344. Bank Locator BANK 0
  345. Memory Type 02h - Unknown
  346. Type Detail 0000h -
  347. Speed 0MHz
  348. [Memory Device (Type 17) - Length 40 - Handle 004ch]
  349. Physical Memory Array Handle 004ah
  350. Total Width 64 bits
  351. Data Width 64 bits
  352. Size 8192MB
  353. Form Factor 09h - DIMM
  354. Device Locator ChannelA-DIMM2
  355. Bank Locator BANK 1
  356. Memory Type 1ah - Specification Reserved
  357. Type Detail 0080h - Synchronous
  358. Speed 2133MHz
  359. Manufacturer G-Skill
  360. Part Number F4-2133C15-8GRR
  361. [Memory Device (Type 17) - Length 40 - Handle 004dh]
  362. Physical Memory Array Handle 004ah
  363. Total Width 0 bits
  364. Data Width 0 bits
  365. Form Factor 02h - Unknown
  366. Device Locator ChannelB-DIMM1
  367. Bank Locator BANK 2
  368. Memory Type 02h - Unknown
  369. Type Detail 0000h -
  370. Speed 0MHz
  371. [Memory Device (Type 17) - Length 40 - Handle 004eh]
  372. Physical Memory Array Handle 004ah
  373. Total Width 64 bits
  374. Data Width 64 bits
  375. Size 8192MB
  376. Form Factor 09h - DIMM
  377. Device Locator ChannelB-DIMM2
  378. Bank Locator BANK 3
  379. Memory Type 1ah - Specification Reserved
  380. Type Detail 0080h - Synchronous
  381. Speed 2133MHz
  382. Manufacturer G-Skill
  383. Part Number F4-2133C15-8GRR
  384. [Memory Array Mapped Address (Type 19) - Length 31 - Handle 004fh]
  385. Starting Address 00000000h
  386. Ending Address 00ffffffh
  387. Memory Array Handle 004ah
  388. Partition Width 02
  389. [Memory Device Mapped Address (Type 20) - Length 35 - Handle 0051h]
  390. Starting Address 00000000h
  391. Ending Address 007fffffh
  392. Memory Device Handle 004ch
  393. Mem Array Mapped Adr Handle 004fh
  394. Interleave Position 01
  395. Interleave Data Depth 02
  396. [Memory Device Mapped Address (Type 20) - Length 35 - Handle 0052h]
  397. Starting Address 00800000h
  398. Ending Address 00ffffffh
  399. Memory Device Handle 004eh
  400. Mem Array Mapped Adr Handle 004fh
  401. Interleave Position 02
  402. Interleave Data Depth 02
  403.  
  404. ========================================================================
  405. =================== Dump File: 080217-5718-01.dmp ====================
  406. ========================================================================
  407. Mini Kernel Dump File: Only registers and stack trace are available
  408. Windows 10 Kernel Version 15063 MP (4 procs) Free x64
  409. Product: WinNt, suite: TerminalServer SingleUserTS Personal
  410. Built by: 15063.0.amd64fre.rs2_release.170317-1834
  411. Kernel base = 0xfffff800`e7e8d000 PsLoadedModuleList = 0xfffff800`e81d95e0
  412. Debug session time: Wed Aug 2 09:37:52.354 2017 (UTC - 4:00)
  413. System Uptime: 0 days 0:00:03.007
  414.  
  415. BugCheck D1, {ffffa087c5dd04ec, 2, 1, fffff80795632ee8}
  416. Probably caused by : HDAudBus.sys ( HDAudBus!HdaController::ProcessCodecResponses+b8 )
  417. Followup: MachineOwner
  418.  
  419. DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1)
  420. An attempt was made to access a pageable (or completely invalid) address at an
  421. interrupt request level (IRQL) that is too high. This is usually
  422. caused by drivers using improper addresses.
  423. If kernel debugger is available get stack backtrace.
  424.  
  425. Arguments:
  426. Arg1: ffffa087c5dd04ec, memory referenced
  427. Arg2: 0000000000000002, IRQL
  428. Arg3: 0000000000000001, value 0 = read operation, 1 = write operation
  429. Arg4: fffff80795632ee8, address which referenced memory
  430.  
  431. Debugging Details:
  432. DUMP_CLASS: 1
  433. DUMP_QUALIFIER: 400
  434. BUILD_VERSION_STRING: 10.0.15063.483 (WinBuild.160101.0800)
  435. SYSTEM_SKU: SKU
  436. BIOS_VENDOR: American Megatrends Inc.
  437. BIOS_VERSION: 1902
  438. BIOS_DATE: 06/24/2016
  439. BASEBOARD_MANUFACTURER: ASUSTeK COMPUTER INC.
  440. BASEBOARD_PRODUCT: Z170-A
  441. BASEBOARD_VERSION: Rev 1.xx
  442. DUMP_TYPE: 2
  443. WRITE_ADDRESS: fffff800e826e358: Unable to get MiVisibleState
  444. ffffa087c5dd04ec
  445. CURRENT_IRQL: 2
  446. FAULTING_IP:
  447. HDAudBus!HdaController::ProcessCodecResponses+b8
  448. fffff807`95632ee8 814cc80c00000080 or dword ptr [rax+rcx*8+0Ch],80000000h
  449. CPU_COUNT: 4
  450. CPU_MHZ: db0
  451. CPU_VENDOR: GenuineIntel
  452. CPU_FAMILY: 6
  453. CPU_MODEL: 5e
  454. CPU_STEPPING: 3
  455. CPU_MICROCODE: 6,5e,3,0 (F,M,S,R) SIG: 74'00000000 (cache) 74'00000000 (init)
  456. CUSTOMER_CRASH_COUNT: 1
  457. DEFAULT_BUCKET_ID: WIN8_DRIVER_FAULT
  458. BUGCHECK_STR: AV
  459.  
  460. PROCESS_NAME: System
  461.  
  462. TRAP_FRAME: fffff800ea039610 -- (.trap 0xfffff800ea039610)
  463. NOTE: The trap frame does not contain all registers.
  464. Some register values may be zeroed or incorrect.
  465. rax=ffffa08105d6f2e0 rbx=0000000000000000 rcx=00000000d800c240
  466. rdx=0000000000000000 rsi=0000000000000000 rdi=0000000000000000
  467. rip=fffff80795632ee8 rsp=fffff800ea0397a0 rbp=fffff800ea039839
  468. r8=ffffa081061b4ea0 r9=0000000000000000 r10=ffff8886403b2000
  469. r11=0000000000000000 r12=0000000000000000 r13=0000000000000000
  470. r14=0000000000000000 r15=0000000000000000
  471. iopl=0 nv up ei pl nz na pe nc
  472. HDAudBus!HdaController::ProcessCodecResponses+0xb8:
  473. fffff807`95632ee8 814cc80c00000080 or dword ptr [rax+rcx*8+0Ch],80000000h ds:ffffa087`c5dd04ec=????????
  474. Resetting default scope
  475. LAST_CONTROL_TRANSFER: from fffff800e80048a9 to fffff800e7ff94c0
  476. STACK_TEXT:
  477. fffff800`ea0394c8 fffff800`e80048a9 : 00000000`0000000a ffffa087`c5dd04ec 00000000`00000002 00000000`00000001 : nt!KeBugCheckEx
  478. fffff800`ea0394d0 fffff800`e8002e7d : 00000000`00000000 00000000`0000000f fffff800`e8200000 00000000`00000000 : nt!KiBugCheckDispatch+0x69
  479. fffff800`ea039610 fffff807`95632ee8 : fffff800`e6c8e180 fffff800`e7f0455a 00000000`00000000 fffff800`00000000 : nt!KiPageFault+0x23d
  480. fffff800`ea0397a0 fffff807`95632df0 : ffff8886`403b2000 ffff8886`403b8c38 00000000`00000000 fffff800`ea039839 : HDAudBus!HdaController::ProcessCodecResponses+0xb8
  481. fffff800`ea0397f0 fffff800`e7effb6c : fffff800`e6c90f80 00000000`00000001 fffff800`e6c8e180 00000000`00010001 : HDAudBus!HdaController::CodecDpc+0x70
  482. fffff800`ea0398a0 fffff800`e7eff477 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiExecuteAllDpcs+0x1dc
  483. fffff800`ea0399e0 fffff800`e7ffc56a : 00000000`00000000 fffff800`e6c8e180 00000000`001a6fd0 fffff800`e8286a40 : nt!KiRetireDpcList+0xd7
  484. fffff800`ea039be0 00000000`00000000 : fffff800`ea03a000 fffff800`ea033000 00000000`00000000 00000000`00000000 : nt!KiIdleLoop+0x5a
  485. STACK_COMMAND: kb
  486. THREAD_SHA1_HASH_MOD_FUNC: 286085e0e1881fab9ddcefd3b0d2f1b9a8af6992
  487. THREAD_SHA1_HASH_MOD_FUNC_OFFSET: 0fb7a980ad76883b698c1ef17ae1b78258489530
  488. THREAD_SHA1_HASH_MOD: c45ee725c8d5fb0d0409d0de11f98f0bac8ce545
  489. FOLLOWUP_IP:
  490. HDAudBus!HdaController::ProcessCodecResponses+b8
  491. fffff807`95632ee8 814cc80c00000080 or dword ptr [rax+rcx*8+0Ch],80000000h
  492. FAULT_INSTR_CODE: cc84c81
  493. SYMBOL_STACK_INDEX: 3
  494. SYMBOL_NAME: HDAudBus!HdaController::ProcessCodecResponses+b8
  495. FOLLOWUP_NAME: MachineOwner
  496. MODULE_NAME: HDAudBus
  497.  
  498. IMAGE_NAME: HDAudBus.sys
  499.  
  500. DEBUG_FLR_IMAGE_TIMESTAMP: 21fd8579
  501. IMAGE_VERSION: 10.0.15046.0
  502. BUCKET_ID_FUNC_OFFSET: b8
  503. FAILURE_BUCKET_ID: OLD_IMAGE_HDAudBus.sys
  504. BUCKET_ID: OLD_IMAGE_HDAudBus.sys
  505. PRIMARY_PROBLEM_CLASS: OLD_IMAGE_HDAudBus.sys
  506. TARGET_TIME: 2017-08-02T13:37:52.000Z
  507. OSBUILD: 15063
  508. OSSERVICEPACK: 483
  509. SERVICEPACK_NUMBER: 0
  510. OS_REVISION: 0
  511. SUITE_MASK: 784
  512. PRODUCT_TYPE: 1
  513. OSPLATFORM_TYPE: x64
  514. OSNAME: Windows 10
  515. OSEDITION: Windows 10 WinNt TerminalServer SingleUserTS Personal
  516. USER_LCID: 0
  517. OSBUILD_TIMESTAMP: 2017-07-07 02:06:35
  518. BUILDDATESTAMP_STR: 160101.0800
  519. BUILDLAB_STR: WinBuild
  520. BUILDOSVER_STR: 10.0.15063.483
  521. ANALYSIS_SESSION_ELAPSED_TIME: 23df
  522. ANALYSIS_SOURCE: KM
  523. FAILURE_ID_HASH_STRING: km:old_image_hdaudbus.sys
  524. FAILURE_ID_HASH: {07e9e28c-c1da-5e3c-13fb-74d30982443e}
  525. Followup: MachineOwner
  526.  
  527. ========================================================================
  528. =================== Dump File: 080217-4109-01.dmp ====================
  529. ========================================================================
  530. Mini Kernel Dump File: Only registers and stack trace are available
  531. Windows 10 Kernel Version 15063 MP (4 procs) Free x64
  532. Product: WinNt, suite: TerminalServer SingleUserTS Personal
  533. Built by: 15063.0.amd64fre.rs2_release.170317-1834
  534. Kernel base = 0xfffff800`a327c000 PsLoadedModuleList = 0xfffff800`a35c85e0
  535. Debug session time: Wed Aug 2 15:06:57.390 2017 (UTC - 4:00)
  536. System Uptime: 0 days 0:01:07.052
  537.  
  538. BugCheck 50, {fffff900a32af461, 10, fffff900a32af461, 2}
  539. Could not read faulting driver name
  540. Probably caused by : memory_corruption
  541. Followup: memory_corruption
  542.  
  543. PAGE_FAULT_IN_NONPAGED_AREA (50)
  544. Invalid system memory was referenced. This cannot be protected by try-except.
  545. Typically the address is just plain bad or it is pointing at freed memory.
  546.  
  547. Arguments:
  548. Arg1: fffff900a32af461, memory referenced.
  549. Arg2: 0000000000000010, value 0 = read operation, 1 = write operation.
  550. Arg3: fffff900a32af461, If non-zero, the instruction address which referenced the bad memory
  551. address.
  552. Arg4: 0000000000000002, (reserved)
  553.  
  554. Debugging Details:
  555. Could not read faulting driver name
  556. DUMP_CLASS: 1
  557. DUMP_QUALIFIER: 400
  558. BUILD_VERSION_STRING: 10.0.15063.483 (WinBuild.160101.0800)
  559. SYSTEM_SKU: SKU
  560. BIOS_VENDOR: American Megatrends Inc.
  561. BIOS_VERSION: 3401
  562. BIOS_DATE: 01/25/2017
  563. BASEBOARD_MANUFACTURER: ASUSTeK COMPUTER INC.
  564. BASEBOARD_PRODUCT: Z170-A
  565. BASEBOARD_VERSION: Rev 1.xx
  566. DUMP_TYPE: 2
  567. READ_ADDRESS: fffff800a365d358: Unable to get MiVisibleState
  568. fffff900a32af461
  569. FAULTING_IP:
  570. +0
  571. fffff900`a32af461 ?? ???
  572. MM_INTERNAL_CODE: 2
  573. CPU_COUNT: 4
  574. CPU_MHZ: db0
  575. CPU_VENDOR: GenuineIntel
  576. CPU_FAMILY: 6
  577. CPU_MODEL: 5e
  578. CPU_STEPPING: 3
  579. CPU_MICROCODE: 6,5e,3,0 (F,M,S,R) SIG: 9E'00000000 (cache) 9E'00000000 (init)
  580. CUSTOMER_CRASH_COUNT: 1
  581. DEFAULT_BUCKET_ID: CODE_CORRUPTION
  582. BUGCHECK_STR: AV
  583.  
  584. PROCESS_NAME: dwm.exe
  585.  
  586. CURRENT_IRQL: 0
  587. TRAP_FRAME: ffffa980f3e23110 -- (.trap 0xffffa980f3e23110)
  588. NOTE: The trap frame does not contain all registers.
  589. Some register values may be zeroed or incorrect.
  590. rax=ffffbc8241a80bf0 rbx=0000000000000000 rcx=e025ad7d0a6c0000
  591. rdx=0000000000000097 rsi=0000000000000000 rdi=0000000000000000
  592. rip=fffff900a32af461 rsp=ffffa980f3e232a0 rbp=fffff800a20af180
  593. r8=0000000000000000 r9=0000000000000000 r10=000000000000343c
  594. r11=ffffbc823bdc9a62 r12=0000000000000000 r13=0000000000000000
  595. r14=0000000000000000 r15=0000000000000000
  596. iopl=0 nv up ei ng nz na pe nc
  597. fffff900`a32af461 ?? ???
  598. Resetting default scope
  599. LAST_CONTROL_TRANSFER: from fffff800a341dfb4 to fffff800a33e84c0
  600. FAILED_INSTRUCTION_ADDRESS:
  601. +0
  602. fffff900`a32af461 ?? ???
  603. STACK_TEXT:
  604. ffffa980`f3e22e78 fffff800`a341dfb4 : 00000000`00000050 fffff900`a32af461 00000000`00000010 ffffa980`f3e23110 : nt!KeBugCheckEx
  605. ffffa980`f3e22e80 fffff800`a33092d6 : 00000000`00000010 fffff900`a32af461 ffffa980`f3e23110 ffffbc82`4150f7c0 : nt!MiSystemFault+0x116e84
  606. ffffa980`f3e22f20 fffff800`a33f1d72 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!MmAccessFault+0xae6
  607. ffffa980`f3e23110 fffff900`a32af461 : 00000000`00000000 ffffe298`27e271d5 00000000`00000000 00000000`00000000 : nt!KiPageFault+0x132
  608. ffffa980`f3e232a0 00000000`00000000 : ffffe298`27e271d5 00000000`00000000 00000000`00000000 ffffe2c9`808a5600 : 0xfffff900`a32af461
  609. STACK_COMMAND: kb
  610. CHKIMG_EXTENSION: !chkimg -lo 50 -d !nt
  611. fffff800a33093b0 - nt!MmAccessFault+bc0
  612. [ f6:fe ]
  613. fffff800a341dfd9 - nt!MiValidFault+1160f9 (+0x114c29)
  614. [ f6:fe ]
  615. 2 errors : !nt (fffff800a33093b0-fffff800a341dfd9)
  616. MODULE_NAME: memory_corruption
  617.  
  618. IMAGE_NAME: memory_corruption
  619.  
  620. FOLLOWUP_NAME: memory_corruption
  621. DEBUG_FLR_IMAGE_TIMESTAMP: 0
  622. MEMORY_CORRUPTOR: ONE_BIT_LARGE
  623. FAILURE_BUCKET_ID: MEMORY_CORRUPTION_ONE_BIT_LARGE
  624. BUCKET_ID: MEMORY_CORRUPTION_ONE_BIT_LARGE
  625. PRIMARY_PROBLEM_CLASS: MEMORY_CORRUPTION_ONE_BIT_LARGE
  626. TARGET_TIME: 2017-08-02T19:06:57.000Z
  627. OSBUILD: 15063
  628. OSSERVICEPACK: 483
  629. SERVICEPACK_NUMBER: 0
  630. OS_REVISION: 0
  631. SUITE_MASK: 784
  632. PRODUCT_TYPE: 1
  633. OSPLATFORM_TYPE: x64
  634. OSNAME: Windows 10
  635. OSEDITION: Windows 10 WinNt TerminalServer SingleUserTS Personal
  636. USER_LCID: 0
  637. OSBUILD_TIMESTAMP: 2017-07-07 02:06:35
  638. BUILDDATESTAMP_STR: 160101.0800
  639. BUILDLAB_STR: WinBuild
  640. BUILDOSVER_STR: 10.0.15063.483
  641. ANALYSIS_SESSION_ELAPSED_TIME: 386c
  642. ANALYSIS_SOURCE: KM
  643. FAILURE_ID_HASH_STRING: km:memory_corruption_one_bit_large
  644. FAILURE_ID_HASH: {31545515-196b-fab5-2300-9ce714226f43}
  645. Followup: memory_corruption
Advertisement
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!