Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Microsoft (R) Windows Debugger Version 10.0.25136.1001 AMD64
- Copyright (c) Microsoft Corporation. All rights reserved.
- Loading Dump File [C:\Users\Peyton\Desktop\dmps\081922-8265-01.dmp]
- Mini Kernel Dump File: Only registers and stack trace are available
- ************* Path validation summary **************
- Response Time (ms) Location
- Deferred srv*
- Symbol search path is: srv*
- Executable search path is:
- Windows 10 Kernel Version 19041 MP (20 procs) Free x64
- Product: WinNt, suite: TerminalServer SingleUserTS
- Edition build lab: 19041.1.amd64fre.vb_release.191206-1406
- Machine Name:
- Kernel base = 0xfffff804`5b600000 PsLoadedModuleList = 0xfffff804`5c22a250
- Debug session time: Fri Aug 19 14:26:07.753 2022 (UTC - 4:00)
- System Uptime: 0 days 12:05:48.355
- Loading Kernel Symbols
- ...............................................................
- ................................................................
- ................................................................
- .................................
- Loading User Symbols
- Loading unloaded module list
- .................................................
- For analysis of this file, run !analyze -v
- nt!KeBugCheckEx:
- fffff804`5b9f88c0 48894c2408 mov qword ptr [rsp+8],rcx ss:0018:fffff90f`cb32f350=000000000000000a
- 17: kd> !analyze -v
- *******************************************************************************
- * *
- * Bugcheck Analysis *
- * *
- *******************************************************************************
- IRQL_NOT_LESS_OR_EQUAL (a)
- An attempt was made to access a pageable (or completely invalid) address at an
- interrupt request level (IRQL) that is too high. This is usually
- caused by drivers using improper addresses.
- If a kernel debugger is available get the stack backtrace.
- Arguments:
- Arg1: 00000000000002f4, memory referenced
- Arg2: 00000000000000ff, IRQL
- Arg3: 0000000000000093, bitfield :
- bit 0 : value 0 = read operation, 1 = write operation
- bit 3 : value 0 = not an execute operation, 1 = execute operation (only on chips which support this level of status)
- Arg4: fffff8045ba0baf8, address which referenced memory
- Debugging Details:
- ------------------
- *** WARNING: Unable to verify checksum for win32k.sys
- KEY_VALUES_STRING: 1
- Key : Analysis.CPU.mSec
- Value: 3046
- Key : Analysis.DebugAnalysisManager
- Value: Create
- Key : Analysis.Elapsed.mSec
- Value: 17084
- Key : Analysis.Init.CPU.mSec
- Value: 265
- Key : Analysis.Init.Elapsed.mSec
- Value: 61739
- Key : Analysis.Memory.CommitPeak.Mb
- Value: 98
- Key : Bugcheck.Code.DumpHeader
- Value: 0xa
- Key : Bugcheck.Code.Register
- Value: 0xa
- Key : WER.OS.Branch
- Value: vb_release
- Key : WER.OS.Timestamp
- Value: 2019-12-06T14:06:00Z
- Key : WER.OS.Version
- Value: 10.0.19041.1
- FILE_IN_CAB: 081922-8265-01.dmp
- BUGCHECK_CODE: a
- BUGCHECK_P1: 2f4
- BUGCHECK_P2: ff
- BUGCHECK_P3: 93
- BUGCHECK_P4: fffff8045ba0baf8
- WRITE_ADDRESS: fffff8045c2fb390: Unable to get MiVisibleState
- Unable to get NonPagedPoolStart
- Unable to get NonPagedPoolEnd
- Unable to get PagedPoolStart
- Unable to get PagedPoolEnd
- unable to get nt!MmSpecialPagesInUse
- 00000000000002f4
- BLACKBOXBSD: 1 (!blackboxbsd)
- BLACKBOXNTFS: 1 (!blackboxntfs)
- BLACKBOXPNP: 1 (!blackboxpnp)
- BLACKBOXWINLOGON: 1
- CUSTOMER_CRASH_COUNT: 1
- PROCESS_NAME: System
- TRAP_FRAME: fffff90fcb32f490 -- (.trap 0xfffff90fcb32f490)
- NOTE: The trap frame does not contain all registers.
- Some register values may be zeroed or incorrect.
- rax=00000000000002f4 rbx=0000000000000000 rcx=00000000000002f4
- rdx=0000000000000000 rsi=0000000000000000 rdi=0000000000000000
- rip=fffff8045ba0baf8 rsp=fffff90fcb32f628 rbp=0000000000000000
- r8=00000000000000a4 r9=0101010101010101 r10=fffff804884015a0
- r11=0000000000000000 r12=0000000000000000 r13=0000000000000000
- r14=0000000000000000 r15=0000000000000000
- iopl=0 nv up di pl nz ac po nc
- nt!memset+0x78:
- fffff804`5ba0baf8 0f1101 movups xmmword ptr [rcx],xmm0 ds:00000000`000002f4=????????????????????????????????
- Resetting default scope
- STACK_TEXT:
- fffff90f`cb32f348 fffff804`5ba0a869 : 00000000`0000000a 00000000`000002f4 00000000`000000ff 00000000`00000093 : nt!KeBugCheckEx
- fffff90f`cb32f350 fffff804`5ba06b69 : 7ffff804`00000002 fffff804`884087ab 00000035`00000001 fffff804`5b944feb : nt!KiBugCheckDispatch+0x69
- fffff90f`cb32f490 fffff804`5ba0baf8 : fffff804`5b84d783 ffffc388`c5f27318 00000000`00000000 00000065`64ee797d : nt!KiPageFault+0x469
- fffff90f`cb32f628 fffff804`5b84d783 : ffffc388`c5f27318 00000000`00000000 00000065`64ee797d 00000065`64ee797d : nt!memset+0x78
- fffff90f`cb32f630 fffff804`5b84bd24 : 00000000`00000000 00001f80`00000000 00000000`00000003 00000000`00000002 : nt!PpmIdleExecuteTransition+0x18e3
- fffff90f`cb32fa30 fffff804`5b9fc414 : ffffffff`00000000 ffffd880`08f0b540 ffffc388`d6bf4080 00000000`000021bb : nt!PoIdle+0x374
- fffff90f`cb32fba0 00000000`00000000 : fffff90f`cb330000 fffff90f`cb329000 00000000`00000000 00000000`00000000 : nt!KiIdleLoop+0x54
- SYMBOL_NAME: nt!KiPageFault+469
- MODULE_NAME: nt
- IMAGE_NAME: ntkrnlmp.exe
- IMAGE_VERSION: 10.0.19041.1889
- STACK_COMMAND: .cxr; .ecxr ; kb
- BUCKET_ID_FUNC_OFFSET: 469
- FAILURE_BUCKET_ID: AV_CODE_AV_nt!KiPageFault
- OS_VERSION: 10.0.19041.1
- BUILDLAB_STR: vb_release
- OSPLATFORM_TYPE: x64
- OSNAME: Windows 10
- FAILURE_ID_HASH: {22c06795-f62b-154a-eb13-05cdd373e37e}
- Followup: MachineOwner
- ---------
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement