Microsoft (R) Windows Debugger Version 10.0.14321.1024 X86Copyright (c) Micros

1. Microsoft (R) Windows Debugger Version 10.0.14321.1024 X86
2. Copyright (c) Microsoft Corporation. All rights reserved.
3.  
4. Auto Dump Analyzer by gardenman
5. Time to debug file(s): 00 hours and 04 minutes and 59 seconds
6.  
7. ========================================================================
8. =================== Dump File: 080117-16187-01.dmp ===================
9. ========================================================================
10. Mini Kernel Dump File: Only registers and stack trace are available
11. Windows 10 Kernel Version 15063 MP (4 procs) Free x64
12. Product: WinNt, suite: TerminalServer SingleUserTS
13. Built by: 15063.0.amd64fre.rs2_release.170317-1834
14. Kernel base = 0xfffff803`32c7e000 PsLoadedModuleList = 0xfffff803`32fca5a0
15. Debug session time: Tue Aug 1 01:23:40.858 2017 (UTC - 4:00)
16. System Uptime: 0 days 0:11:29.476
17.  
18. BugCheck 50, {fffff803323ce400, 2, fffff80332cdd3ff, 0}
19. Could not read faulting driver name
20. Probably caused by : ntkrnlmp.exe ( nt!RtlSetBits+3f )
21. Followup: MachineOwner
22.  
23. PAGE_FAULT_IN_NONPAGED_AREA (50)
24. Invalid system memory was referenced. This cannot be protected by try-except.
25. Typically the address is just plain bad or it is pointing at freed memory.
26.  
27. Arguments:
28. Arg1: fffff803323ce400, memory referenced.
29. Arg2: 0000000000000002, value 0 = read operation, 1 = write operation.
30. Arg3: fffff80332cdd3ff, If non-zero, the instruction address which referenced the bad memory
31. address.
32. Arg4: 0000000000000000, (reserved)
33.  
34. Debugging Details:
35. Could not read faulting driver name
36. DUMP_CLASS: 1
37. DUMP_QUALIFIER: 400
38. BUILD_VERSION_STRING: 10.0.15063.0 (WinBuild.160101.0800)
39. SYSTEM_MANUFACTURER: Gigabyte Technology Co., Ltd.
40. SYSTEM_PRODUCT_NAME: B250M-D3H
41. SYSTEM_SKU: Default string
42. SYSTEM_VERSION: Default string
43. BIOS_VENDOR: American Megatrends Inc.
44. BIOS_VERSION: F7
45. BIOS_DATE: 07/06/2017
46. BASEBOARD_MANUFACTURER: Gigabyte Technology Co., Ltd.
47. BASEBOARD_PRODUCT: B250M-D3H-CF
48. BASEBOARD_VERSION: x.x
49. DUMP_TYPE: 2
50. DUMP_FILE_ATTRIBUTES: 0x8
51. Kernel Generated Triage Dump
52. READ_ADDRESS: fffff8033305f358: Unable to get MiVisibleState
53. fffff803323ce400
54. FAULTING_IP:
55. nt!RtlSetBits+3f
56. fffff803`32cdd3ff 0803 or byte ptr [rbx],al
57. MM_INTERNAL_CODE: 0
58. CPU_COUNT: 4
59. CPU_MHZ: bb8
60. CPU_VENDOR: GenuineIntel
61. CPU_FAMILY: 6
62. CPU_MODEL: 9e
63. CPU_STEPPING: 9
64. CPU_MICROCODE: 6,9e,9,0 (F,M,S,R) SIG: 5E'00000000 (cache) 5E'00000000 (init)
65. CUSTOMER_CRASH_COUNT: 1
66. DEFAULT_BUCKET_ID: WIN8_DRIVER_FAULT
67. BUGCHECK_STR: AV
68.  
69. PROCESS_NAME: CompatTelRunne
70.  
71. CURRENT_IRQL: 2
72. TRAP_FRAME: ffffb9003d3a21d0 -- (.trap 0xffffb9003d3a21d0)
73. NOTE: The trap frame does not contain all registers.
74. Some register values may be zeroed or incorrect.
75. rax=0000000000000003 rbx=0000000000000000 rcx=0000000000000000
76. rdx=0000000000000000 rsi=0000000000000000 rdi=0000000000000000
77. rip=fffff80332cdd3ff rsp=ffffb9003d3a2360 rbp=fffff80332c7e000
78. r8=0000000000000002 r9=0000000000028000 r10=0000000000000001
79. r11=ffffa88f88348a00 r12=0000000000000000 r13=0000000000000000
80. r14=0000000000000000 r15=0000000000000000
81. iopl=0 nv up ei ng nz ac po cy
82. nt!RtlSetBits+0x3f:
83. fffff803`32cdd3ff 0803 or byte ptr [rbx],al ds:00000000`00000000=??
84. Resetting default scope
85. LAST_CONTROL_TRANSFER: from fffff80332e18d5c to fffff80332de9fd0
86. STACK_TEXT:
87. ffffb900`3d3a1f38 fffff803`32e18d5c : 00000000`00000050 fffff803`323ce400 00000000`00000002 ffffb900`3d3a21d0 : nt!KeBugCheckEx
88. ffffb900`3d3a1f40 fffff803`32cec766 : 00000000`00000002 fffff803`323ce400 ffffb900`3d3a21d0 ffffa88f`8dd537c0 : nt!MiSystemFault+0x12e79c
89. ffffb900`3d3a1fe0 fffff803`32df3872 : 00000000`00006280 00000000`00000000 ffffb900`3d3a2270 fffff803`32df39a0 : nt!MmAccessFault+0xae6
90. ffffb900`3d3a21d0 fffff803`32cdd3ff : ffffb900`3d3a23f8 ffffb900`3d3a23d0 ffffb900`3d3a2388 00000000`00000018 : nt!KiPageFault+0x132
91. ffffb900`3d3a2360 fffff803`33195a25 : ffffce0a`04f23920 ffffb900`3d3a2401 00000000`00000007 ffffa88f`88348a00 : nt!RtlSetBits+0x3f
92. ffffb900`3d3a2390 fffff803`33194617 : ffffce0a`0707f058 00000000`0000012d ffffce0a`0707f010 00000000`0000018a : nt!MiUpdateCfgSystemWideBitmapWorker+0x2e5
93. ffffb900`3d3a2460 fffff803`3319a1bc : 00000000`00000023 ffffb900`3d3a26d9 00000000`5cf00000 00000000`00000000 : nt!MiUpdateCfgSystemWideBitmap+0x83
94. ffffb900`3d3a24a0 fffff803`33197a99 : ffffb900`3d3a2890 ffffb900`3d3a2890 ffffb900`3d3a26d9 ffffb900`3d3a2890 : nt!MiRelocateImage+0x30c
95. ffffb900`3d3a2600 fffff803`330fdf29 : ffffb900`00000000 ffffb900`3d3a2890 ffffb900`3d3a2890 ffffa88f`8ad7b370 : nt!MiCreateNewSection+0x3ad
96. ffffb900`3d3a2740 fffff803`330fd6a2 : ffffb900`3d3a2770 ffffce0a`0704b7b0 ffffa88f`8ad7b370 00000000`00f80090 : nt!MiCreateImageOrDataSection+0x289
97. ffffb900`3d3a2820 fffff803`330fe222 : 00000000`11000000 00000000`00000000 ffffce09`ffd0b060 fffff803`331687f8 : nt!MiCreateSection+0xd2
98. ffffb900`3d3a2960 fffff803`32df4f13 : ffffa88f`8ef282c0 fffff803`00000004 00000000`00000000 00000007`a3ef8de8 : nt!NtCreateSection+0x1e2
99. ffffb900`3d3a2a10 00007ffb`aee95cf4 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x13
100. 00000007`a3ef8dc8 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x00007ffb`aee95cf4
101. STACK_COMMAND: kb
102. THREAD_SHA1_HASH_MOD_FUNC: d885ed60512863ae72cc84f501b87df966e8411c
103. THREAD_SHA1_HASH_MOD_FUNC_OFFSET: 2f5a57a1cf28d25012b23515739c92edb122d100
104. THREAD_SHA1_HASH_MOD: fe34192f63d13620a8987d294372ee74d699cfee
105. FOLLOWUP_IP:
106. nt!RtlSetBits+3f
107. fffff803`32cdd3ff 0803 or byte ptr [rbx],al
108. FAULT_INSTR_CODE: 8b480308
109. SYMBOL_STACK_INDEX: 4
110. SYMBOL_NAME: nt!RtlSetBits+3f
111. FOLLOWUP_NAME: MachineOwner
112. MODULE_NAME: nt
113.  
114. IMAGE_NAME: ntkrnlmp.exe
115.  
116. DEBUG_FLR_IMAGE_TIMESTAMP: 58ccba4c
117. IMAGE_VERSION: 10.0.15063.0
118. BUCKET_ID_FUNC_OFFSET: 3f
119. FAILURE_BUCKET_ID: AV_INVALID_nt!RtlSetBits
120. BUCKET_ID: AV_INVALID_nt!RtlSetBits
121. PRIMARY_PROBLEM_CLASS: AV_INVALID_nt!RtlSetBits
122. TARGET_TIME: 2017-08-01T05:23:40.000Z
123. OSBUILD: 15063
124. OSSERVICEPACK: 0
125. SERVICEPACK_NUMBER: 0
126. OS_REVISION: 0
127. SUITE_MASK: 272
128. PRODUCT_TYPE: 1
129. OSPLATFORM_TYPE: x64
130. OSNAME: Windows 10
131. OSEDITION: Windows 10 WinNt TerminalServer SingleUserTS
132. USER_LCID: 0
133. OSBUILD_TIMESTAMP: 2017-03-18 00:40:44
134. BUILDDATESTAMP_STR: 160101.0800
135. BUILDLAB_STR: WinBuild
136. BUILDOSVER_STR: 10.0.15063.0
137. ANALYSIS_SESSION_ELAPSED_TIME: a3c
138. ANALYSIS_SOURCE: KM
139. FAILURE_ID_HASH_STRING: km:av_invalid_nt!rtlsetbits
140. FAILURE_ID_HASH: {d8bc1995-ce19-2f06-c15b-0181e3fe55f4}
141. Followup: MachineOwner
142.  
143. =============================== Drivers ================================
144. Image path: kdcom.dll
145. Image name: kdcom.dll
146. Possible Info Link: http://www.carrona.org/drivers/driver.php?id=kdcom.dll
147. Timestamp: ***** Invalid (91688416)
148.  
149. Image path: mcupdate.dll
150. Image name: mcupdate.dll
151. Possible Info Link: http://www.carrona.org/drivers/driver.php?id=mcupdate.dll
152. Timestamp: Tue Jul 17 1979
153.  
154. Image path: peauth.sys
155. Image name: peauth.sys
156. Possible Info Link: http://www.carrona.org/drivers/driver.php?id=peauth.sys
157. Possible Driver Info: Protected Environment Authentication and Authorization Export Driver (Microsoft)
158. Timestamp: Sat Dec 9 1989
159.  
160. Image path: amdkmpfd.sys
161. Image name: amdkmpfd.sys
162. Possible Info Link: http://www.carrona.org/drivers/driver.php?id=amdkmpfd.sys
163. Timestamp: Mon May 25 2015
164.  
165. Image path: iaStorA.sys
166. Image name: iaStorA.sys
167. Possible Info Link: http://www.carrona.org/drivers/driver.php?id=iaStorA.sys
168. Possible Driver Info: Intel SATA Storage Device RAID Controller
169. Timestamp: Tue Jun 6 2017
170.  
171. Image path: TeeDriverW8x64.sys
172. Image name: TeeDriverW8x64.sys
173. Possible Info Link: http://www.carrona.org/drivers/driver.php?id=TeeDriverW8x64.sys
174. Timestamp: Tue Apr 4 2017
175.  
176. Image path: dump_iaStorA.sys
177. Image name: dump_iaStorA.sys
178. Possible Info Link: http://www.carrona.org/drivers/driver.php?id=dump_iaStorA.sys
179. Possible Driver Info: IASTOR.SYS is a Intel SATA driver for hard drives.
180. Timestamp: Tue Jun 6 2017
181.  
182. Image path: ISODrv64.sys
183. Image name: ISODrv64.sys
184. Possible Info Link: http://www.carrona.org/drivers/driver.php?id=ISODrv64.sys
185. Timestamp: Thu Jan 28 2010
186.  
187. Image path: ElcMouUFlt.sys
188. Image name: ElcMouUFlt.sys
189. Possible Info Link: http://www.carrona.org/drivers/driver.php?id=ElcMouUFlt.sys
190. Timestamp: Tue Nov 30 2010
191.  
192. Image path: dump_storport.sys
193. Image name: dump_storport.sys
194. Possible Info Link: http://www.carrona.org/drivers/driver.php?id=dump_storport.sys
195. Timestamp: Wed Aug 28 2013
196.  
197. Image path: RTKVHD64.sys
198. Image name: RTKVHD64.sys
199. Possible Info Link: http://www.carrona.org/drivers/driver.php?id=RTKVHD64.sys
200. Timestamp: Thu Jan 5 2017
201.  
202. Image path: t_mouse.sys
203. Image name: t_mouse.sys
204. Possible Info Link: http://www.carrona.org/drivers/driver.php?id=t_mouse.sys
205. Timestamp: Mon Dec 3 2012
206.  
207. Image path: ElcMouLFlt.sys
208. Image name: ElcMouLFlt.sys
209. Possible Info Link: http://www.carrona.org/drivers/driver.php?id=ElcMouLFlt.sys
210. Timestamp: Mon Oct 4 2010
211.  
212. Image path: drmk.sys
213. Image name: drmk.sys
214. Possible Info Link: http://www.carrona.org/drivers/driver.php?id=drmk.sys
215. Timestamp: ***** Invalid (A01C1986)
216.  
217. Image path: e1d65x64.sys
218. Image name: e1d65x64.sys
219. Possible Info Link: http://www.carrona.org/drivers/driver.php?id=e1d65x64.sys
220. Timestamp: Sun Mar 19 2017
221.  
222. Image path: nvvad64v.sys
223. Image name: nvvad64v.sys
224. Possible Info Link: http://www.carrona.org/drivers/driver.php?id=nvvad64v.sys
225. Timestamp: Sun May 28 2017
226.  
227. Image path: nvvhci.sys
228. Image name: nvvhci.sys
229. Possible Info Link: http://www.carrona.org/drivers/driver.php?id=nvvhci.sys
230. Timestamp: Tue Dec 27 2016
231.  
232. Image path: womic.sys
233. Image name: womic.sys
234. Possible Info Link: http://www.carrona.org/drivers/driver.php?id=womic.sys
235. Timestamp: Sun May 21 2017
236.  
237. Image path: nvhda64v.sys
238. Image name: nvhda64v.sys
239. Possible Info Link: http://www.carrona.org/drivers/driver.php?id=nvhda64v.sys
240. Timestamp: Tue May 16 2017
241.  
242. Image path: nvlddmkm.sys
243. Image name: nvlddmkm.sys
244. Possible Info Link: http://www.carrona.org/drivers/driver.php?id=nvlddmkm.sys
245. Timestamp: Tue Jul 18 2017
246.  
247. Unloaded modules:
248. fffff803`bd110000 fffff803`bd11b000 cldflt.sys
249. fffff803`b9490000 fffff803`b949f000 dump_storpor
250. fffff803`bc470000 fffff803`bcfbd000 dump_iaStorA
251. fffff803`bcfe0000 fffff803`bcffd000 dump_dumpfve
252. fffff803`bbd70000 fffff803`bbd90000 dam.sys
253. fffff803`b8100000 fffff803`b810f000 WdBoot.sys
254. fffff803`b9490000 fffff803`b949f000 hwpolicy.sys
255.  
256. ============================= BIOS INFO ================================
257. [SMBIOS Data Tables v3.0]
258. [DMI Version - 0]
259. [2.0 Calling Convention - No]
260. [Table Size - 4226 bytes]
261. [BIOS Information (Type 0) - Length 24 - Handle 0000h]
262. Vendor American Megatrends Inc.
263. BIOS Version F7
264. BIOS Starting Address Segment f000
265. BIOS Release Date 07/06/2017
266. BIOS ROM Size 800000
267. BIOS Characteristics
268. 07: - PCI Supported
269. 11: - Upgradeable FLASH BIOS
270. 12: - BIOS Shadowing Supported
271. 15: - CD-Boot Supported
272. 16: - Selectable Boot Supported
273. 17: - BIOS ROM Socketed
274. 19: - EDD Supported
275. 23: - 1.2MB Floppy Supported
276. 24: - 720KB Floppy Supported
277. 25: - 2.88MB Floppy Supported
278. 26: - Print Screen Device Supported
279. 28: - Serial Services Supported
280. 29: - Printer Services Supported
281. 32: - BIOS Vendor Reserved
282. BIOS Characteristic Extensions
283. 00: - ACPI Supported
284. 01: - USB Legacy Supported
285. 08: - BIOS Boot Specification Supported
286. 10: - Specification Reserved
287. 11: - Specification Reserved
288. BIOS Major Revision 5
289. BIOS Minor Revision 12
290. EC Firmware Major Revision 255
291. EC Firmware Minor Revision 255
292. [System Information (Type 1) - Length 27 - Handle 0001h]
293. Manufacturer Gigabyte Technology Co., Ltd.
294. Product Name B250M-D3H
295. Version Default string
296. UUID 00000000-0000-0000-0000-000000000000
297. Wakeup Type Power Switch
298. SKUNumber Default string
299. Family Default string
300. [BaseBoard Information (Type 2) - Length 15 - Handle 0002h]
301. Manufacturer Gigabyte Technology Co., Ltd.
302. Product B250M-D3H-CF
303. Version x.x
304. Feature Flags 09h
305. 1634083336: - ?ÿU?ì?ì¡H.ya3Å?Eü3ÀW?}?Eô?Eø?ÿu
306. ¸@
307. 1634083376: - ?ÿU?ì?ì¡H.ya3Å?Eü3ÀW?}?Eô?Eø?ÿu
308. ¸@
309. Location Default string
310. Chassis Handle 0003h
311. Board Type 0ah - Processor/Memory Module
312. Number of Child Handles 0
313. [System Enclosure (Type 3) - Length 22 - Handle 0003h]
314. Manufacturer Default string
315. Chassis Type Desktop
316. Version Default string
317. Bootup State Safe
318. Power Supply State Safe
319. Thermal State Safe
320. Security Status None
321. OEM Defined 0
322. Height 0U
323. Number of Power Cords 1
324. Number of Contained Elements 0
325. Contained Element Size 3
326. [Onboard Devices Information (Type 10) - Length 6 - Handle 0021h]
327. Number of Devices 1
328. 01: Type Video [enabled]
329. [OEM Strings (Type 11) - Length 5 - Handle 0022h]
330. Number of Strings 1
331. 1 Default string
332. [System Configuration Options (Type 12) - Length 5 - Handle 0023h]
333. [Physical Memory Array (Type 16) - Length 23 - Handle 003dh]
334. Location 03h - SystemBoard/Motherboard
335. Use 03h - System Memory
336. Memory Error Correction 03h - None
337. Maximum Capacity 67108864KB
338. Number of Memory Devices 4
339. [Memory Device (Type 17) - Length 40 - Handle 003eh]
340. Physical Memory Array Handle 003dh
341. Total Width 64 bits
342. Data Width 64 bits
343. Size 4096MB
344. Form Factor 09h - DIMM
345. Device Locator ChannelA-DIMM0
346. Bank Locator BANK 0
347. Memory Type 1ah - Specification Reserved
348. Type Detail 0080h - Synchronous
349. Speed 2133MHz
350. Manufacturer 0616
351. Part Number DDR4-2400 CL16 4GB
352. [Memory Device (Type 17) - Length 40 - Handle 003fh]
353. Physical Memory Array Handle 003dh
354. Total Width 0 bits
355. Data Width 0 bits
356. Form Factor 02h - Unknown
357. Device Locator ChannelA-DIMM1
358. Bank Locator BANK 1
359. Memory Type 02h - Unknown
360. Type Detail 0000h -
361. Speed 0MHz
362. [Memory Device (Type 17) - Length 40 - Handle 0040h]
363. Physical Memory Array Handle 003dh
364. Total Width 0 bits
365. Data Width 0 bits
366. Form Factor 02h - Unknown
367. Device Locator ChannelB-DIMM0
368. Bank Locator BANK 2
369. Memory Type 02h - Unknown
370. Type Detail 0000h -
371. Speed 0MHz
372. [Memory Device (Type 17) - Length 40 - Handle 0041h]
373. Physical Memory Array Handle 003dh
374. Total Width 64 bits
375. Data Width 64 bits
376. Size 4096MB
377. Form Factor 09h - DIMM
378. Device Locator ChannelB-DIMM1
379. Bank Locator BANK 3
380. Memory Type 1ah - Specification Reserved
381. Type Detail 0080h - Synchronous
382. Speed 2133MHz
383. Manufacturer 0616
384. Part Number DDR4-2400 CL16 4GB
385. [Memory Array Mapped Address (Type 19) - Length 31 - Handle 0042h]
386. Starting Address 00000000h
387. Ending Address 007fffffh
388. Memory Array Handle 003dh
389. Partition Width 02
390. [Cache Information (Type 7) - Length 19 - Handle 0043h]
391. Socket Designation L1 Cache
392. Cache Configuration 0180h - WB Enabled Int NonSocketed L1
393. Maximum Cache Size 0100h - 256K
394. Installed Size 0100h - 256K
395. Supported SRAM Type 0020h - Synchronous
396. Current SRAM Type 0020h - Synchronous
397. Cache Speed 0ns
398. Error Correction Type ParitySingle-Bit ECC
399. System Cache Type Unified
400. Associativity 8-way Set-Associative
401. [Cache Information (Type 7) - Length 19 - Handle 0044h]
402. Socket Designation L2 Cache
403. Cache Configuration 0181h - WB Enabled Int NonSocketed L2
404. Maximum Cache Size 0400h - 1024K
405. Installed Size 0400h - 1024K
406. Supported SRAM Type 0020h - Synchronous
407. Current SRAM Type 0020h - Synchronous
408. Cache Speed 0ns
409. Error Correction Type Multi-Bit ECC
410. System Cache Type Unified
411. Associativity 4-way Set-Associative
412. [Cache Information (Type 7) - Length 19 - Handle 0045h]
413. Socket Designation L3 Cache
414. Cache Configuration 0182h - WB Enabled Int NonSocketed L3
415. Maximum Cache Size 1800h - 6144K
416. Installed Size 1800h - 6144K
417. Supported SRAM Type 0020h - Synchronous
418. Current SRAM Type 0020h - Synchronous
419. Cache Speed 0ns
420. Error Correction Type Specification Reserved
421. System Cache Type Unified
422. Associativity Specification Reserved
423. [Processor Information (Type 4) - Length 48 - Handle 0046h]
424. Socket Designation U3E1
425. Processor Type Central Processor
426. Processor Family cdh - Specification Reserved
427. Processor Manufacturer Intel(R) Corporation
428. Processor ID e9060900fffbebbf
429. Processor Version Intel(R) Core(TM) i5-7400 CPU @ 3.00GHz
430. Processor Voltage 8ah - 1.0V
431. External Clock 100MHz
432. Max Speed 8300MHz
433. Current Speed 3300MHz
434. Status Enabled Populated
435. Processor Upgrade Other
436. L1 Cache Handle 0043h
437. L2 Cache Handle 0044h
438. L3 Cache Handle 0045h
439. [Memory Device Mapped Address (Type 20) - Length 35 - Handle 0047h]
440. Starting Address 00000000h
441. Ending Address 003fffffh
442. Memory Device Handle 003eh
443. Mem Array Mapped Adr Handle 0042h
444. Interleave Position [None]
445. Interleave Data Depth [None]
446. [Memory Device Mapped Address (Type 20) - Length 35 - Handle 0048h]
447. Starting Address 00400000h
448. Ending Address 007fffffh
449. Memory Device Handle 0041h
450. Mem Array Mapped Adr Handle 0042h
451. Interleave Position [None]
452. Interleave Data Depth [None]
453.  
454. ========================================================================
455. =================== Dump File: 080117-16390-01.dmp ===================
456. ========================================================================
457. Mini Kernel Dump File: Only registers and stack trace are available
458. Windows 10 Kernel Version 15063 MP (4 procs) Free x64
459. Product: WinNt, suite: TerminalServer SingleUserTS
460. Built by: 15063.0.amd64fre.rs2_release.170317-1834
461. Kernel base = 0xfffff803`f061a000 PsLoadedModuleList = 0xfffff803`f09665a0
462. Debug session time: Tue Aug 1 00:35:29.128 2017 (UTC - 4:00)
463. System Uptime: 0 days 0:00:39.747
464.  
465. BugCheck 50, {ffff948e22e95103, 0, fffff803f089910e, 0}
466. Could not read faulting driver name
467. Probably caused by : Pool_Corruption ( nt!ExDeferredFreePool+fe )
468. Followup: Pool_corruption
469.  
470. PAGE_FAULT_IN_NONPAGED_AREA (50)
471. Invalid system memory was referenced. This cannot be protected by try-except.
472. Typically the address is just plain bad or it is pointing at freed memory.
473.  
474. Arguments:
475. Arg1: ffff948e22e95103, memory referenced.
476. Arg2: 0000000000000000, value 0 = read operation, 1 = write operation.
477. Arg3: fffff803f089910e, If non-zero, the instruction address which referenced the bad memory
478. address.
479. Arg4: 0000000000000000, (reserved)
480.  
481. Debugging Details:
482. Could not read faulting driver name
483. DUMP_CLASS: 1
484. DUMP_QUALIFIER: 400
485. BUILD_VERSION_STRING: 10.0.15063.0 (WinBuild.160101.0800)
486. SYSTEM_MANUFACTURER: Gigabyte Technology Co., Ltd.
487. SYSTEM_PRODUCT_NAME: B250M-D3H
488. SYSTEM_SKU: Default string
489. SYSTEM_VERSION: Default string
490. BIOS_VENDOR: American Megatrends Inc.
491. BIOS_VERSION: F7
492. BIOS_DATE: 07/06/2017
493. BASEBOARD_MANUFACTURER: Gigabyte Technology Co., Ltd.
494. BASEBOARD_PRODUCT: B250M-D3H-CF
495. BASEBOARD_VERSION: x.x
496. DUMP_TYPE: 2
497. DUMP_FILE_ATTRIBUTES: 0x8
498. Kernel Generated Triage Dump
499. READ_ADDRESS: fffff803f09fb358: Unable to get MiVisibleState
500. ffff948e22e95103
501. FAULTING_IP:
502. nt!ExDeferredFreePool+fe
503. fffff803`f089910e 44385103 cmp byte ptr [rcx+3],r10b
504. MM_INTERNAL_CODE: 0
505. CPU_COUNT: 4
506. CPU_MHZ: bb8
507. CPU_VENDOR: GenuineIntel
508. CPU_FAMILY: 6
509. CPU_MODEL: 9e
510. CPU_STEPPING: 9
511. CPU_MICROCODE: 6,9e,9,0 (F,M,S,R) SIG: 5E'00000000 (cache) 5E'00000000 (init)
512. CUSTOMER_CRASH_COUNT: 1
513. DEFAULT_BUCKET_ID: WIN8_DRIVER_FAULT
514. BUGCHECK_STR: AV
515.  
516. PROCESS_NAME: WerFault.exe
517.  
518. CURRENT_IRQL: 2
519. TRAP_FRAME: ffffaf00179b9ea0 -- (.trap 0xffffaf00179b9ea0)
520. NOTE: The trap frame does not contain all registers.
521. Some register values may be zeroed or incorrect.
522. rax=0000000000000577 rbx=0000000000000000 rcx=ffff948e22e95100
523. rdx=ffff948e22e66010 rsi=0000000000000000 rdi=0000000000000000
524. rip=fffff803f089910e rsp=ffffaf00179ba030 rbp=0000000000000000
525. r8=ffff948e22e94990 r9=ffff948e22c4de00 r10=0000000000000000
526. r11=ffff948e22e3e560 r12=0000000000000000 r13=0000000000000000
527. r14=0000000000000000 r15=0000000000000000
528. iopl=0 nv up ei pl nz na po nc
529. nt!ExDeferredFreePool+0xfe:
530. fffff803`f089910e 44385103 cmp byte ptr [rcx+3],r10b ds:ffff948e`22e95103=??
531. Resetting default scope
532. LOCK_ADDRESS: fffff803f097ef20 -- (!locks fffff803f097ef20)
533. Resource @ nt!PiEngineLock (0xfffff803f097ef20) Available
534. WARNING: SystemResourcesList->Flink chain invalid. Resource may be corrupted, or already deleted.
535. WARNING: SystemResourcesList->Blink chain invalid. Resource may be corrupted, or already deleted.
536. 1 total locks
537. PNP_TRIAGE:
538. Lock address : 0xfffff803f097ef20
539. Thread Count : 0
540. Thread address: 0x0000000000000000
541. Thread wait : 0x0
542. LAST_CONTROL_TRANSFER: from fffff803f07b4d5c to fffff803f0785fd0
543. STACK_TEXT:
544. ffffaf00`179b9c08 fffff803`f07b4d5c : 00000000`00000050 ffff948e`22e95103 00000000`00000000 ffffaf00`179b9ea0 : nt!KeBugCheckEx
545. ffffaf00`179b9c10 fffff803`f0688766 : 00000000`00000000 ffff948e`22e95103 ffffaf00`179b9ea0 ffffbf04`f80af080 : nt!MiSystemFault+0x12e79c
546. ffffaf00`179b9cb0 fffff803`f078f872 : ffff948e`22685e00 ffffaf00`179b9db0 00000000`00000002 ffff948e`221d5600 : nt!MmAccessFault+0xae6
547. ffffaf00`179b9ea0 fffff803`f089910e : ffffbf04`f3240280 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiPageFault+0x132
548. ffffaf00`179ba030 fffff803`f089a7f1 : ffff948e`221d5820 ffffbf04`f3240280 ffffaf00`179ba149 ffff948e`221d55f0 : nt!ExDeferredFreePool+0xfe
549. ffffaf00`179ba0b0 fffff803`f0ac5acf : ffff948e`22e31010 ffff948e`22e31010 00000000`006e006c ffffaf00`00000001 : nt!ExFreePoolWithTag+0x7e1
550. ffffaf00`179ba1b0 fffff803`f0ac6702 : 00640064`00350036 00330065`0032002d 00300034`002d0064 0061002d`00340039 : nt!_RegRtlQueryValue+0x12b
551. ffffaf00`179ba2e0 fffff803`f0a38a8d : ffff948e`1aabb2b0 ffffffff`8000160c ffffaf00`179ba4a0 ffff948e`1aabb2b0 : nt!_PnpRegQueryValueIndirect+0x72
552. ffffaf00`179ba340 fffff803`f0ac34f7 : 00000000`02000001 ffff948e`1aabb200 00000000`00000000 ffffaf00`179ba430 : nt!PnpCtxRegQueryValueIndirect+0x4d
553. ffffaf00`179ba390 fffff803`f0ac7852 : 00000000`c0000016 00000000`00000200 ffff948e`22e31010 ffff948e`22e31010 : nt!PnpGetGenericStoreProperty+0x1cf
554. ffffaf00`179ba520 fffff803`f0ac69f9 : 00000000`00000000 ffff948e`22dc2050 ffffaf00`179ba661 ffff948e`1aabb2b0 : nt!_PnpGetObjectPropertyWorker+0x126
555. ffffaf00`179ba5c0 fffff803`f0ac4a26 : 00000000`00000000 ffff948e`22e31010 00000000`00000001 ffffaf00`00000000 : nt!_PnpGetObjectProperty+0x119
556. ffffaf00`179ba690 fffff803`f0ac4243 : bf04f965`5050fe6d ffffbf04`f3327b00 00000000`00000000 00000000`00000214 : nt!PiCMGetObjectProperty+0x14e
557. ffffaf00`179ba7b0 fffff803`f0ac41da : ffffbf04`f9655080 00000000`00470813 ffffbf04`f80af080 ffffbf04`00000000 : nt!PiCMFastIoDeviceDispatch+0x53
558. ffffaf00`179ba800 fffff803`f0a76b22 : ffffbf04`f9655080 00000000`00000000 00000000`00000000 00000000`00000001 : nt!PiDaFastIoDispatch+0x6a
559. ffffaf00`179ba860 fffff803`f0a76756 : ffffbf04`f80af080 00000000`00000000 00000000`00000000 00000000`00000000 : nt!IopXxxControlFile+0x3b2
560. ffffaf00`179ba9a0 fffff803`f0790f13 : ffffaf00`179baa90 00000000`00000000 ffffbf04`f80a6080 00000099`295dcc68 : nt!NtDeviceIoControlFile+0x56
561. ffffaf00`179baa10 00007ffe`131a5494 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x13
562. 00000099`295dcb78 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x00007ffe`131a5494
563. STACK_COMMAND: kb
564. THREAD_SHA1_HASH_MOD_FUNC: 076212619202c5b1a39c96a8f16a6c474bd3a47a
565. THREAD_SHA1_HASH_MOD_FUNC_OFFSET: 2889022a15a286090331a06401cd904298c82b1d
566. THREAD_SHA1_HASH_MOD: 82d14546c43bd06881f781d6d197c4c7f7ceb9cb
567. FOLLOWUP_IP:
568. nt!ExDeferredFreePool+fe
569. fffff803`f089910e 44385103 cmp byte ptr [rcx+3],r10b
570. FAULT_INSTR_CODE: 3513844
571. SYMBOL_STACK_INDEX: 4
572. SYMBOL_NAME: nt!ExDeferredFreePool+fe
573. FOLLOWUP_NAME: Pool_corruption
574.  
575. IMAGE_NAME: Pool_Corruption
576.  
577. DEBUG_FLR_IMAGE_TIMESTAMP: 0
578. IMAGE_VERSION: 10.0.15063.0
579. MODULE_NAME: Pool_Corruption
580. BUCKET_ID_FUNC_OFFSET: fe
581. FAILURE_BUCKET_ID: AV_R_INVALID_nt!ExDeferredFreePool
582. BUCKET_ID: AV_R_INVALID_nt!ExDeferredFreePool
583. PRIMARY_PROBLEM_CLASS: AV_R_INVALID_nt!ExDeferredFreePool
584. TARGET_TIME: 2017-08-01T04:35:29.000Z
585. OSBUILD: 15063
586. OSSERVICEPACK: 0
587. SERVICEPACK_NUMBER: 0
588. OS_REVISION: 0
589. SUITE_MASK: 272
590. PRODUCT_TYPE: 1
591. OSPLATFORM_TYPE: x64
592. OSNAME: Windows 10
593. OSEDITION: Windows 10 WinNt TerminalServer SingleUserTS
594. USER_LCID: 0
595. OSBUILD_TIMESTAMP: 2017-03-18 00:40:44
596. BUILDDATESTAMP_STR: 160101.0800
597. BUILDLAB_STR: WinBuild
598. BUILDOSVER_STR: 10.0.15063.0
599. ANALYSIS_SESSION_ELAPSED_TIME: 1325
600. ANALYSIS_SOURCE: KM
601. FAILURE_ID_HASH_STRING: km:av_r_invalid_nt!exdeferredfreepool
602. FAILURE_ID_HASH: {028c647e-835a-75c4-058d-04f80fc3ba93}
603. Followup: Pool_corruption
604.  
605. ========================================================================
606. =================== Dump File: 080117-16984-01.dmp ===================
607. ========================================================================
608. Mini Kernel Dump File: Only registers and stack trace are available
609. Windows 10 Kernel Version 15063 MP (4 procs) Free x64
610. Product: WinNt, suite: TerminalServer SingleUserTS
611. Kernel base = 0xfffff803`ac412000 PsLoadedModuleList = 0xfffff803`ac75e5a0
612. Debug session time: Tue Aug 1 07:29:29.874 2017 (UTC - 4:00)
613. System Uptime: 0 days 6:05:18.492
614.  
615. BugCheck 50, {fffff8021bc7e4c2, 2, fffff803ac4713ff, 2}
616. Could not read faulting driver name
617. Probably caused by : ntkrnlmp.exe ( nt!RtlSetBits+3f )
618. Followup: MachineOwner
619.  
620. PAGE_FAULT_IN_NONPAGED_AREA (50)
621. Invalid system memory was referenced. This cannot be protected by try-except.
622. Typically the address is just plain bad or it is pointing at freed memory.
623.  
624. Arguments:
625. Arg1: fffff8021bc7e4c2, memory referenced.
626. Arg2: 0000000000000002, value 0 = read operation, 1 = write operation.
627. Arg3: fffff803ac4713ff, If non-zero, the instruction address which referenced the bad memory
628. address.
629. Arg4: 0000000000000002, (reserved)
630.  
631. Debugging Details:
632. Could not read faulting driver name
633. DUMP_CLASS: 1
634. DUMP_QUALIFIER: 400
635. BUILD_VERSION_STRING: 10.0.15063.0 (WinBuild.160101.0800)
636. SYSTEM_MANUFACTURER: Gigabyte Technology Co., Ltd.
637. SYSTEM_PRODUCT_NAME: B250M-D3H
638. SYSTEM_SKU: Default string
639. SYSTEM_VERSION: Default string
640. BIOS_VENDOR: American Megatrends Inc.
641. BIOS_VERSION: F7
642. BIOS_DATE: 07/06/2017
643. BASEBOARD_MANUFACTURER: Gigabyte Technology Co., Ltd.
644. BASEBOARD_PRODUCT: B250M-D3H-CF
645. BASEBOARD_VERSION: x.x
646. DUMP_TYPE: 2
647. DUMP_FILE_ATTRIBUTES: 0x8
648. Kernel Generated Triage Dump
649. READ_ADDRESS: fffff803ac7f3358: Unable to get MiVisibleState
650. fffff8021bc7e4c2
651. FAULTING_IP:
652. nt!RtlSetBits+3f
653. fffff803`ac4713ff 0803 or byte ptr [rbx],al
654. MM_INTERNAL_CODE: 2
655. CPU_COUNT: 4
656. CPU_MHZ: bb8
657. CPU_VENDOR: GenuineIntel
658. CPU_FAMILY: 6
659. CPU_MODEL: 9e
660. CPU_STEPPING: 9
661. CPU_MICROCODE: 6,9e,9,0 (F,M,S,R) SIG: 5E'00000000 (cache) 5E'00000000 (init)
662. CUSTOMER_CRASH_COUNT: 1
663. DEFAULT_BUCKET_ID: WIN8_DRIVER_FAULT
664. BUGCHECK_STR: AV
665.  
666. PROCESS_NAME: CompatTelRunne
667.  
668. CURRENT_IRQL: 0
669. TRAP_FRAME: ffff9100f488d1d0 -- (.trap 0xffff9100f488d1d0)
670. NOTE: The trap frame does not contain all registers.
671. Some register values may be zeroed or incorrect.
672. rax=00000000000000c0 rbx=0000000000000000 rcx=0000000000000006
673. rdx=0000000000000006 rsi=0000000000000000 rdi=0000000000000000
674. rip=fffff803ac4713ff rsp=ffff9100f488d360 rbp=fffff803ac412000
675. r8=0000000000000002 r9=000000000026630b r10=0000000000000001
676. r11=ffffc50931348a00 r12=0000000000000000 r13=0000000000000000
677. r14=0000000000000000 r15=0000000000000000
678. iopl=0 nv up ei ng nz na po nc
679. nt!RtlSetBits+0x3f:
680. fffff803`ac4713ff 0803 or byte ptr [rbx],al ds:00000000`00000000=??
681. Resetting default scope
682. LAST_CONTROL_TRANSFER: from fffff803ac5acf86 to fffff803ac57dfd0
683. STACK_TEXT:
684. ffff9100`f488cf38 fffff803`ac5acf86 : 00000000`00000050 fffff802`1bc7e4c2 00000000`00000002 ffff9100`f488d1d0 : nt!KeBugCheckEx
685. ffff9100`f488cf40 fffff803`ac480766 : 00000000`00000002 fffff802`1bc7e4c2 ffff9100`f488d1d0 ffffc509`31899080 : nt!MiSystemFault+0x12e9c6
686. ffff9100`f488cfe0 fffff803`ac587872 : 00000000`00006280 00000000`00000000 ffff9100`f488d270 fffff803`ac5879a0 : nt!MmAccessFault+0xae6
687. ffff9100`f488d1d0 fffff803`ac4713ff : ffff9100`f488d3f8 ffff9100`f488d3d0 ffff9100`f488d388 00000000`00000018 : nt!KiPageFault+0x132
688. ffff9100`f488d360 fffff803`ac929a25 : ffff8003`0e879d50 ffff9100`f488d401 00000000`00000007 ffffc509`31348a00 : nt!RtlSetBits+0x3f
689. ffff9100`f488d390 fffff803`ac928617 : ffff8003`0effe058 00000000`0000012d ffff8003`0effe010 00000000`0000018a : nt!MiUpdateCfgSystemWideBitmapWorker+0x2e5
690. ffff9100`f488d460 fffff803`ac92e1bc : 00000000`00000023 ffff9100`f488d6d9 00000000`5cf00000 00000000`00000000 : nt!MiUpdateCfgSystemWideBitmap+0x83
691. ffff9100`f488d4a0 fffff803`ac92ba99 : ffff9100`f488d890 ffff9100`f488d890 ffff9100`f488d6d9 ffff9100`f488d890 : nt!MiRelocateImage+0x30c
692. ffff9100`f488d600 fffff803`ac891f29 : ffff9100`00000000 ffff9100`f488d890 ffff9100`f488d890 ffffc509`385107f0 : nt!MiCreateNewSection+0x3ad
693. ffff9100`f488d740 fffff803`ac8916a2 : ffff9100`f488d770 ffff8003`0edb2670 ffffc509`385107f0 00000000`00f80090 : nt!MiCreateImageOrDataSection+0x289
694. ffff9100`f488d820 fffff803`ac892222 : 00000000`11000000 00000000`00000000 ffff8003`0e5f97c0 fffff803`ac8fc7f8 : nt!MiCreateSection+0xd2
695. ffff9100`f488d960 fffff803`ac588f13 : ffffc509`39022080 fffff803`00000004 00000000`00000000 000000ad`695b8b68 : nt!NtCreateSection+0x1e2
696. ffff9100`f488da10 00007ffa`ce3e5cf4 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x13
697. 000000ad`695b8b48 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x00007ffa`ce3e5cf4
698. STACK_COMMAND: kb
699. THREAD_SHA1_HASH_MOD_FUNC: d885ed60512863ae72cc84f501b87df966e8411c
700. THREAD_SHA1_HASH_MOD_FUNC_OFFSET: b4101bd84c0450b4374d12f4a111885d3bf99a75
701. THREAD_SHA1_HASH_MOD: fe34192f63d13620a8987d294372ee74d699cfee
702. FOLLOWUP_IP:
703. nt!RtlSetBits+3f
704. fffff803`ac4713ff 0803 or byte ptr [rbx],al
705. FAULT_INSTR_CODE: 8b480308
706. SYMBOL_STACK_INDEX: 4
707. SYMBOL_NAME: nt!RtlSetBits+3f
708. FOLLOWUP_NAME: MachineOwner
709. MODULE_NAME: nt
710.  
711. IMAGE_NAME: ntkrnlmp.exe
712.  
713. DEBUG_FLR_IMAGE_TIMESTAMP: 58ccba4c
714. IMAGE_VERSION: 10.0.15063.0
715. BUCKET_ID_FUNC_OFFSET: 3f
716. FAILURE_BUCKET_ID: AV_INVALID_nt!RtlSetBits
717. BUCKET_ID: AV_INVALID_nt!RtlSetBits
718. PRIMARY_PROBLEM_CLASS: AV_INVALID_nt!RtlSetBits
719. TARGET_TIME: 2017-08-01T11:29:29.000Z
720. OSBUILD: 15063
721. OSSERVICEPACK: 0
722. SERVICEPACK_NUMBER: 0
723. OS_REVISION: 0
724. SUITE_MASK: 272
725. PRODUCT_TYPE: 1
726. OSPLATFORM_TYPE: x64
727. OSNAME: Windows 10
728. OSEDITION: Windows 10 WinNt TerminalServer SingleUserTS
729. USER_LCID: 0
730. OSBUILD_TIMESTAMP: 2017-03-18 00:40:44
731. BUILDDATESTAMP_STR: 160101.0800
732. BUILDLAB_STR: WinBuild
733. BUILDOSVER_STR: 10.0.15063.0
734. ANALYSIS_SESSION_ELAPSED_TIME: a4b
735. ANALYSIS_SOURCE: KM
736. FAILURE_ID_HASH_STRING: km:av_invalid_nt!rtlsetbits
737. FAILURE_ID_HASH: {d8bc1995-ce19-2f06-c15b-0181e3fe55f4}
738. Followup: MachineOwner
739.  
740. ========================================================================
741. =================== Dump File: 080117-22375-01.dmp ===================
742. ========================================================================
743. Mini Kernel Dump File: Only registers and stack trace are available
744. Windows 10 Kernel Version 15063 MP (4 procs) Free x64
745. Product: WinNt, suite: TerminalServer SingleUserTS
746. Kernel base = 0xfffff801`c4e19000 PsLoadedModuleList = 0xfffff801`c51655a0
747. Debug session time: Tue Aug 1 01:11:42.537 2017 (UTC - 4:00)
748. System Uptime: 0 days 0:14:12.154
749.  
750. BugCheck 50, {fffff80476e25bda, 2, fffff801c4e783ff, 2}
751. Could not read faulting driver name
752. Probably caused by : ntkrnlmp.exe ( nt!RtlSetBits+3f )
753. Followup: MachineOwner
754.  
755. PAGE_FAULT_IN_NONPAGED_AREA (50)
756. Invalid system memory was referenced. This cannot be protected by try-except.
757. Typically the address is just plain bad or it is pointing at freed memory.
758.  
759. Arguments:
760. Arg1: fffff80476e25bda, memory referenced.
761. Arg2: 0000000000000002, value 0 = read operation, 1 = write operation.
762. Arg3: fffff801c4e783ff, If non-zero, the instruction address which referenced the bad memory
763. address.
764. Arg4: 0000000000000002, (reserved)
765.  
766. Debugging Details:
767. Could not read faulting driver name
768. DUMP_CLASS: 1
769. DUMP_QUALIFIER: 400
770. BUILD_VERSION_STRING: 10.0.15063.0 (WinBuild.160101.0800)
771. SYSTEM_MANUFACTURER: Gigabyte Technology Co., Ltd.
772. SYSTEM_PRODUCT_NAME: B250M-D3H
773. SYSTEM_SKU: Default string
774. SYSTEM_VERSION: Default string
775. BIOS_VENDOR: American Megatrends Inc.
776. BIOS_VERSION: F7
777. BIOS_DATE: 07/06/2017
778. BASEBOARD_MANUFACTURER: Gigabyte Technology Co., Ltd.
779. BASEBOARD_PRODUCT: B250M-D3H-CF
780. BASEBOARD_VERSION: x.x
781. DUMP_TYPE: 2
782. DUMP_FILE_ATTRIBUTES: 0x8
783. Kernel Generated Triage Dump
784. READ_ADDRESS: fffff801c51fa358: Unable to get MiVisibleState
785. fffff80476e25bda
786. FAULTING_IP:
787. nt!RtlSetBits+3f
788. fffff801`c4e783ff 0803 or byte ptr [rbx],al
789. MM_INTERNAL_CODE: 2
790. CPU_COUNT: 4
791. CPU_MHZ: bb8
792. CPU_VENDOR: GenuineIntel
793. CPU_FAMILY: 6
794. CPU_MODEL: 9e
795. CPU_STEPPING: 9
796. CPU_MICROCODE: 6,9e,9,0 (F,M,S,R) SIG: 5E'00000000 (cache) 5E'00000000 (init)
797. CUSTOMER_CRASH_COUNT: 1
798. DEFAULT_BUCKET_ID: WIN8_DRIVER_FAULT
799. BUGCHECK_STR: AV
800.  
801. PROCESS_NAME: CompatTelRunne
802.  
803. CURRENT_IRQL: 0
804. TRAP_FRAME: ffffac81f5a331d0 -- (.trap 0xffffac81f5a331d0)
805. NOTE: The trap frame does not contain all registers.
806. Some register values may be zeroed or incorrect.
807. rax=00000000000000c0 rbx=0000000000000000 rcx=0000000000000006
808. rdx=0000000000000006 rsi=0000000000000000 rdi=0000000000000000
809. rip=fffff801c4e783ff rsp=ffffac81f5a33360 rbp=fffff801c4e19000
810. r8=0000000000000002 r9=0000000000deaf6b r10=0000000000000001
811. r11=ffffd90fe234db70 r12=0000000000000000 r13=0000000000000000
812. r14=0000000000000000 r15=0000000000000000
813. iopl=0 nv up ei ng nz na po nc
814. nt!RtlSetBits+0x3f:
815. fffff801`c4e783ff 0803 or byte ptr [rbx],al ds:00000000`00000000=??
816. Resetting default scope
817. LAST_CONTROL_TRANSFER: from fffff801c4fb3f86 to fffff801c4f84fd0
818. STACK_TEXT:
819. ffffac81`f5a32f38 fffff801`c4fb3f86 : 00000000`00000050 fffff804`76e25bda 00000000`00000002 ffffac81`f5a331d0 : nt!KeBugCheckEx
820. ffffac81`f5a32f40 fffff801`c4e87766 : 00000000`00000002 fffff804`76e25bda ffffac81`f5a331d0 ffffd90f`e86437c0 : nt!MiSystemFault+0x12e9c6
821. ffffac81`f5a32fe0 fffff801`c4f8e872 : 00000000`00006280 00000000`00000000 ffffac81`f5a33270 fffff801`c4f8e9a0 : nt!MmAccessFault+0xae6
822. ffffac81`f5a331d0 fffff801`c4e783ff : ffffac81`f5a333f8 ffffac81`f5a333d0 ffffac81`f5a33388 00000000`00000018 : nt!KiPageFault+0x132
823. ffffac81`f5a33360 fffff801`c5330a25 : ffff950c`2fd38810 ffffac81`f5a33401 00000000`00000007 ffffd90f`e234db70 : nt!RtlSetBits+0x3f
824. ffffac81`f5a33390 fffff801`c532f617 : ffff950c`268ad058 00000000`0000012d ffff950c`268ad010 00000000`0000018a : nt!MiUpdateCfgSystemWideBitmapWorker+0x2e5
825. ffffac81`f5a33460 fffff801`c53351bc : 00000000`00000023 ffffac81`f5a336d9 00000000`5cf00000 00000000`00000000 : nt!MiUpdateCfgSystemWideBitmap+0x83
826. ffffac81`f5a334a0 fffff801`c5332a99 : ffffac81`f5a33890 ffffac81`f5a33890 ffffac81`f5a336d9 ffffac81`f5a33890 : nt!MiRelocateImage+0x30c
827. ffffac81`f5a33600 fffff801`c5298f29 : ffffac81`00000000 ffffac81`f5a33890 ffffac81`f5a33890 ffffd90f`e3807730 : nt!MiCreateNewSection+0x3ad
828. ffffac81`f5a33740 fffff801`c52986a2 : ffffac81`f5a33770 ffff950c`2e382640 ffffd90f`e3807730 00000000`00f80090 : nt!MiCreateImageOrDataSection+0x289
829. ffffac81`f5a33820 fffff801`c5299222 : 00000000`11000000 00000000`00000000 ffff950c`26af9060 fffff801`c53037f8 : nt!MiCreateSection+0xd2
830. ffffac81`f5a33960 fffff801`c4f8ff13 : ffffd90f`e86d76c0 fffff801`00000004 00000000`00000000 00000008`ae4f8cd8 : nt!NtCreateSection+0x1e2
831. ffffac81`f5a33a10 00007ffa`797e5cf4 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x13
832. 00000008`ae4f8cb8 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x00007ffa`797e5cf4
833. STACK_COMMAND: kb
834. THREAD_SHA1_HASH_MOD_FUNC: d885ed60512863ae72cc84f501b87df966e8411c
835. THREAD_SHA1_HASH_MOD_FUNC_OFFSET: b4101bd84c0450b4374d12f4a111885d3bf99a75
836. THREAD_SHA1_HASH_MOD: fe34192f63d13620a8987d294372ee74d699cfee
837. FOLLOWUP_IP:
838. nt!RtlSetBits+3f
839. fffff801`c4e783ff 0803 or byte ptr [rbx],al
840. FAULT_INSTR_CODE: 8b480308
841. SYMBOL_STACK_INDEX: 4
842. SYMBOL_NAME: nt!RtlSetBits+3f
843. FOLLOWUP_NAME: MachineOwner
844. MODULE_NAME: nt
845.  
846. IMAGE_NAME: ntkrnlmp.exe
847.  
848. DEBUG_FLR_IMAGE_TIMESTAMP: 58ccba4c
849. IMAGE_VERSION: 10.0.15063.0
850. BUCKET_ID_FUNC_OFFSET: 3f
851. FAILURE_BUCKET_ID: AV_INVALID_nt!RtlSetBits
852. BUCKET_ID: AV_INVALID_nt!RtlSetBits
853. PRIMARY_PROBLEM_CLASS: AV_INVALID_nt!RtlSetBits
854. TARGET_TIME: 2017-08-01T05:11:42.000Z
855. OSBUILD: 15063
856. OSSERVICEPACK: 0
857. SERVICEPACK_NUMBER: 0
858. OS_REVISION: 0
859. SUITE_MASK: 272
860. PRODUCT_TYPE: 1
861. OSPLATFORM_TYPE: x64
862. OSNAME: Windows 10
863. OSEDITION: Windows 10 WinNt TerminalServer SingleUserTS
864. USER_LCID: 0
865. OSBUILD_TIMESTAMP: 2017-03-18 00:40:44
866. BUILDDATESTAMP_STR: 160101.0800
867. BUILDLAB_STR: WinBuild
868. BUILDOSVER_STR: 10.0.15063.0
869. ANALYSIS_SESSION_ELAPSED_TIME: ae2
870. ANALYSIS_SOURCE: KM
871. FAILURE_ID_HASH_STRING: km:av_invalid_nt!rtlsetbits
872. FAILURE_ID_HASH: {d8bc1995-ce19-2f06-c15b-0181e3fe55f4}
873. Followup: MachineOwner
874.  
875. ========================================================================
876. =================== Dump File: 080117-14984-01.dmp ===================
877. ========================================================================
878. Mini Kernel Dump File: Only registers and stack trace are available
879. Windows 10 Kernel Version 15063 MP (4 procs) Free x64
880. Product: WinNt, suite: TerminalServer SingleUserTS
881. Kernel base = 0xfffff800`a0888000 PsLoadedModuleList = 0xfffff800`a0bd45a0
882. Debug session time: Tue Aug 1 00:40:51.836 2017 (UTC - 4:00)
883. System Uptime: 0 days 0:00:41.453
884.  
885. BugCheck 139, {3, ffff8d0040e98ae0, ffff8d0040e98a38, 0}
886. Probably caused by : Pool_Corruption ( nt!ExDeferredFreePool+22e3 )
887. Followup: Pool_corruption
888.  
889. KERNEL_SECURITY_CHECK_FAILURE (139)
890. A kernel component has corrupted a critical data structure. The corruption
891. could potentially allow a malicious user to gain control of this machine.
892.  
893. Arguments:
894. Arg1: 0000000000000003, A LIST_ENTRY has been corrupted (i.e. double remove).
895. Arg2: ffff8d0040e98ae0, Address of the trap frame for the exception that caused the bugcheck
896. Arg3: ffff8d0040e98a38, Address of the exception record for the exception that caused the bugcheck
897. Arg4: 0000000000000000, Reserved
898.  
899. Debugging Details:
900. DUMP_CLASS: 1
901. DUMP_QUALIFIER: 400
902. BUILD_VERSION_STRING: 10.0.15063.0 (WinBuild.160101.0800)
903. SYSTEM_MANUFACTURER: Gigabyte Technology Co., Ltd.
904. SYSTEM_PRODUCT_NAME: B250M-D3H
905. SYSTEM_SKU: Default string
906. SYSTEM_VERSION: Default string
907. BIOS_VENDOR: American Megatrends Inc.
908. BIOS_VERSION: F7
909. BIOS_DATE: 07/06/2017
910. BASEBOARD_MANUFACTURER: Gigabyte Technology Co., Ltd.
911. BASEBOARD_PRODUCT: B250M-D3H-CF
912. BASEBOARD_VERSION: x.x
913. DUMP_TYPE: 2
914. DUMP_FILE_ATTRIBUTES: 0x8
915. Kernel Generated Triage Dump
916. TRAP_FRAME: ffff8d0040e98ae0 -- (.trap 0xffff8d0040e98ae0)
917. NOTE: The trap frame does not contain all registers.
918. Some register values may be zeroed or incorrect.
919. rax=ffffc688ff740110 rbx=0000000000000000 rcx=0000000000000003
920. rdx=ffffc688ff7403f0 rsi=0000000000000000 rdi=0000000000000000
921. rip=fffff800a0b092f3 rsp=ffff8d0040e98c70 rbp=0000000000000000
922. r8=ffffc688ff73fee0 r9=ffffc688ff55875c r10=0000000000000001
923. r11=ffffc688ff558750 r12=0000000000000000 r13=0000000000000000
924. r14=0000000000000000 r15=0000000000000000
925. iopl=0 nv up ei pl nz na po cy
926. nt!ExDeferredFreePool+0x22e3:
927. fffff800`a0b092f3 cd29 int 29h
928. Resetting default scope
929. EXCEPTION_RECORD: ffff8d0040e98a38 -- (.exr 0xffff8d0040e98a38)
930. ExceptionAddress: fffff800a0b092f3 (nt!ExDeferredFreePool+0x00000000000022e3)
931. ExceptionCode: c0000409 (Security check failure or stack buffer overrun)
932. ExceptionFlags: 00000001
933. NumberParameters: 1
934. Parameter[0]: 0000000000000003
935. Subcode: 0x3 FAST_FAIL_CORRUPT_LIST_ENTRY
936. CPU_COUNT: 4
937. CPU_MHZ: bb8
938. CPU_VENDOR: GenuineIntel
939. CPU_FAMILY: 6
940. CPU_MODEL: 9e
941. CPU_STEPPING: 9
942. CPU_MICROCODE: 6,9e,9,0 (F,M,S,R) SIG: 5E'00000000 (cache) 5E'00000000 (init)
943. CUSTOMER_CRASH_COUNT: 1
944. DEFAULT_BUCKET_ID: LIST_ENTRY_CORRUPT
945. BUGCHECK_STR: 0x139
946.  
947. PROCESS_NAME: WerFault.exe
948.  
949. CURRENT_IRQL: 1
950. ERROR_CODE: (NTSTATUS) 0xc0000409 - The system detected an overrun of a stack-based buffer in this application. This overrun could potentially allow a malicious user to gain control of this application.
951. EXCEPTION_CODE: (NTSTATUS) 0xc0000409 - The system detected an overrun of a stack-based buffer in this application. This overrun could potentially allow a malicious user to gain control of this application.
952. EXCEPTION_CODE_STR: c0000409
953. EXCEPTION_PARAMETER1: 0000000000000003
954. LAST_CONTROL_TRANSFER: from fffff800a09ff3a9 to fffff800a09f3fd0
955. STACK_TEXT:
956. ffff8d00`40e987b8 fffff800`a09ff3a9 : 00000000`00000139 00000000`00000003 ffff8d00`40e98ae0 ffff8d00`40e98a38 : nt!KeBugCheckEx
957. ffff8d00`40e987c0 fffff800`a09ff710 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiBugCheckDispatch+0x69
958. ffff8d00`40e98900 fffff800`a09fe6f7 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiFastFailDispatch+0xd0
959. ffff8d00`40e98ae0 fffff800`a0b092f3 : ffffd906`1123f140 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiRaiseSecurityCheckFailure+0xf7
960. ffff8d00`40e98c70 fffff800`a0b087f1 : ffffc688`ff75a320 ffffd906`1123f140 ffff8d00`40e98d89 ffffc688`ff76cc70 : nt!ExDeferredFreePool+0x22e3
961. ffff8d00`40e98cf0 fffff800`15556d8f : ffffd906`12ff8680 ffffc688`ff7294a0 ffffd906`16e76dc0 ffffd906`00000001 : nt!ExFreePoolWithTag+0x7e1
962. ffff8d00`40e98df0 fffff800`15526eb0 : ffffd906`16e76e00 ffffd906`1129bd60 ffffd906`179f1b00 00000000`00000000 : FLTMGR!FltpCreateFileNameInformation+0x33f
963. ffff8d00`40e98e40 fffff800`1552270a : 00000000`00008000 ffffd906`16e76dc0 00000000`00000000 ffffd906`16e76e28 : FLTMGR!FltpGetFileNameInformation+0x390
964. ffff8d00`40e98ef0 fffff800`1790d07f : 00000000`00000000 fffff780`00000320 ffff8d00`40e98f90 ffffd906`12f2d8b0 : FLTMGR!FltGetFileNameInformation+0x1ba
965. ffff8d00`40e98f70 fffff800`1790da28 : ffff8d11`feba97a6 ffffd906`12f2db40 ffff8d00`40e99100 00000000`00000001 : fileinfo!FIStreamQueryInfo+0xcf
966. ffff8d00`40e99000 fffff800`1552413c : 00000000`00000000 00000000`00000001 00000000`0000005c 00000000`00000000 : fileinfo!FIPostCreateCallback+0x208
967. ffff8d00`40e990b0 fffff800`15523af3 : ffffd906`16e6a500 ffffd906`16e6a500 ffffd906`179ad670 00000000`00000000 : FLTMGR!FltpPerformPostCallbacks+0x2ac
968. ffff8d00`40e99180 fffff800`155256ce : ffffd906`179ad240 ffffd906`16e6a580 00000000`00000008 ffffd906`16e6a598 : FLTMGR!FltpPassThroughCompletionWorker+0x73
969. ffff8d00`40e991c0 fffff800`1555612b : ffff8d00`40e99270 ffffd906`179ad670 ffff8d00`40e992f8 fffff800`00000000 : FLTMGR!FltpLegacyProcessingAfterPreCallbacksCompleted+0x21e
970. ffff8d00`40e99230 fffff800`a0ce60c5 : 00000000`00000000 00000000`000000c5 ffffd906`12e82b10 ffff8d00`00000001 : FLTMGR!FltpCreate+0x2eb
971. ffff8d00`40e992e0 fffff800`a0cf147b : fffff800`a0ce58b0 fffff800`a0ce58b0 ffff8d00`00000000 ffffd906`12e63c50 : nt!IopParseDevice+0x815
972. ffff8d00`40e994c0 fffff800`a0cf4df0 : ffffd906`17e7e100 ffff8d00`40e99728 00000000`00000040 ffffd906`112ef9a0 : nt!ObpLookupObjectName+0x46b
973. ffff8d00`40e99690 fffff800`a0d40afb : ffffd906`00000001 00000094`21cab8a0 000001f8`a42d58a0 00000094`21cab870 : nt!ObOpenObjectByNameEx+0x1e0
974. ffff8d00`40e997d0 fffff800`a09fef13 : ffffd906`173f77c0 00000000`00000000 ffffd906`173f77c0 00000000`00000000 : nt!NtQueryFullAttributesFile+0x18b
975. ffff8d00`40e99a80 00007ffc`b51f7ac4 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x13
976. 00000094`21cab818 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x00007ffc`b51f7ac4
977. STACK_COMMAND: kb
978. THREAD_SHA1_HASH_MOD_FUNC: c235256bd39ce4cb2c5cc79f6cfc2b1445807368
979. THREAD_SHA1_HASH_MOD_FUNC_OFFSET: 60931d29dd8f38d73e73303a11a21a2883bd7b91
980. THREAD_SHA1_HASH_MOD: 24c3bc276fad152f6c8bb44a001f20c83a39b813
981. FOLLOWUP_IP:
982. nt!ExDeferredFreePool+22e3
983. fffff800`a0b092f3 cd29 int 29h
984. FAULT_INSTR_CODE: 3b929cd
985. SYMBOL_STACK_INDEX: 4
986. SYMBOL_NAME: nt!ExDeferredFreePool+22e3
987. FOLLOWUP_NAME: Pool_corruption
988.  
989. IMAGE_NAME: Pool_Corruption
990.  
991. DEBUG_FLR_IMAGE_TIMESTAMP: 0
992. IMAGE_VERSION: 10.0.15063.0
993. MODULE_NAME: Pool_Corruption
994. BUCKET_ID_FUNC_OFFSET: 22e3
995. FAILURE_BUCKET_ID: 0x139_3_nt!ExDeferredFreePool
996. BUCKET_ID: 0x139_3_nt!ExDeferredFreePool
997. PRIMARY_PROBLEM_CLASS: 0x139_3_nt!ExDeferredFreePool
998. TARGET_TIME: 2017-08-01T04:40:51.000Z
999. OSBUILD: 15063
1000. OSSERVICEPACK: 0
1001. SERVICEPACK_NUMBER: 0
1002. OS_REVISION: 0
1003. SUITE_MASK: 272
1004. PRODUCT_TYPE: 1
1005. OSPLATFORM_TYPE: x64
1006. OSNAME: Windows 10
1007. OSEDITION: Windows 10 WinNt TerminalServer SingleUserTS
1008. USER_LCID: 0
1009. OSBUILD_TIMESTAMP: 2017-03-18 00:40:44
1010. BUILDDATESTAMP_STR: 160101.0800
1011. BUILDLAB_STR: WinBuild
1012. BUILDOSVER_STR: 10.0.15063.0
1013. ANALYSIS_SESSION_ELAPSED_TIME: 968
1014. ANALYSIS_SOURCE: KM
1015. FAILURE_ID_HASH_STRING: km:0x139_3_nt!exdeferredfreepool
1016. FAILURE_ID_HASH: {14bfade4-e1ed-98c0-40bb-116f20a8dfc3}
1017. Followup: Pool_corruption