Microsoft (R) Windows Debugger Version 10.0.14321.1024 X86Copyright (c) Micros

1. Microsoft (R) Windows Debugger Version 10.0.14321.1024 X86
2. Copyright (c) Microsoft Corporation. All rights reserved.
3.  
4. Auto Dump Analyzer by gardenman
5. Time to debug file(s): 00 hours and 02 minutes and 50 seconds
6.  
7. ========================================================================
8. =================== Dump File: 080217-5718-01.dmp ====================
9. ========================================================================
10. Mini Kernel Dump File: Only registers and stack trace are available
11. Windows 10 Kernel Version 15063 MP (4 procs) Free x64
12. Product: WinNt, suite: TerminalServer SingleUserTS Personal
13. Built by: 15063.0.amd64fre.rs2_release.170317-1834
14. Kernel base = 0xfffff800`e7e8d000 PsLoadedModuleList = 0xfffff800`e81d95e0
15. Debug session time: Wed Aug 2 09:37:52.354 2017 (UTC - 4:00)
16. System Uptime: 0 days 0:00:03.007
17.  
18. BugCheck D1, {ffffa087c5dd04ec, 2, 1, fffff80795632ee8}
19. Probably caused by : HDAudBus.sys ( HDAudBus!HdaController::ProcessCodecResponses+b8 )
20. Followup: MachineOwner
21.  
22. DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1)
23. An attempt was made to access a pageable (or completely invalid) address at an
24. interrupt request level (IRQL) that is too high. This is usually
25. caused by drivers using improper addresses.
26. If kernel debugger is available get stack backtrace.
27.  
28. Arguments:
29. Arg1: ffffa087c5dd04ec, memory referenced
30. Arg2: 0000000000000002, IRQL
31. Arg3: 0000000000000001, value 0 = read operation, 1 = write operation
32. Arg4: fffff80795632ee8, address which referenced memory
33.  
34. Debugging Details:
35. DUMP_CLASS: 1
36. DUMP_QUALIFIER: 400
37. BUILD_VERSION_STRING: 10.0.15063.483 (WinBuild.160101.0800)
38. SYSTEM_SKU: SKU
39. BIOS_VENDOR: American Megatrends Inc.
40. BIOS_VERSION: 1902
41. BIOS_DATE: 06/24/2016
42. BASEBOARD_MANUFACTURER: ASUSTeK COMPUTER INC.
43. BASEBOARD_PRODUCT: Z170-A
44. BASEBOARD_VERSION: Rev 1.xx
45. DUMP_TYPE: 2
46. WRITE_ADDRESS: fffff800e826e358: Unable to get MiVisibleState
47. ffffa087c5dd04ec
48. CURRENT_IRQL: 2
49. FAULTING_IP:
50. HDAudBus!HdaController::ProcessCodecResponses+b8
51. fffff807`95632ee8 814cc80c00000080 or dword ptr [rax+rcx*8+0Ch],80000000h
52. CPU_COUNT: 4
53. CPU_MHZ: db0
54. CPU_VENDOR: GenuineIntel
55. CPU_FAMILY: 6
56. CPU_MODEL: 5e
57. CPU_STEPPING: 3
58. CPU_MICROCODE: 6,5e,3,0 (F,M,S,R) SIG: 74'00000000 (cache) 74'00000000 (init)
59. CUSTOMER_CRASH_COUNT: 1
60. DEFAULT_BUCKET_ID: WIN8_DRIVER_FAULT
61. BUGCHECK_STR: AV
62.  
63. PROCESS_NAME: System
64.  
65. TRAP_FRAME: fffff800ea039610 -- (.trap 0xfffff800ea039610)
66. NOTE: The trap frame does not contain all registers.
67. Some register values may be zeroed or incorrect.
68. rax=ffffa08105d6f2e0 rbx=0000000000000000 rcx=00000000d800c240
69. rdx=0000000000000000 rsi=0000000000000000 rdi=0000000000000000
70. rip=fffff80795632ee8 rsp=fffff800ea0397a0 rbp=fffff800ea039839
71. r8=ffffa081061b4ea0 r9=0000000000000000 r10=ffff8886403b2000
72. r11=0000000000000000 r12=0000000000000000 r13=0000000000000000
73. r14=0000000000000000 r15=0000000000000000
74. iopl=0 nv up ei pl nz na pe nc
75. HDAudBus!HdaController::ProcessCodecResponses+0xb8:
76. fffff807`95632ee8 814cc80c00000080 or dword ptr [rax+rcx*8+0Ch],80000000h ds:ffffa087`c5dd04ec=????????
77. Resetting default scope
78. LAST_CONTROL_TRANSFER: from fffff800e80048a9 to fffff800e7ff94c0
79. STACK_TEXT:
80. fffff800`ea0394c8 fffff800`e80048a9 : 00000000`0000000a ffffa087`c5dd04ec 00000000`00000002 00000000`00000001 : nt!KeBugCheckEx
81. fffff800`ea0394d0 fffff800`e8002e7d : 00000000`00000000 00000000`0000000f fffff800`e8200000 00000000`00000000 : nt!KiBugCheckDispatch+0x69
82. fffff800`ea039610 fffff807`95632ee8 : fffff800`e6c8e180 fffff800`e7f0455a 00000000`00000000 fffff800`00000000 : nt!KiPageFault+0x23d
83. fffff800`ea0397a0 fffff807`95632df0 : ffff8886`403b2000 ffff8886`403b8c38 00000000`00000000 fffff800`ea039839 : HDAudBus!HdaController::ProcessCodecResponses+0xb8
84. fffff800`ea0397f0 fffff800`e7effb6c : fffff800`e6c90f80 00000000`00000001 fffff800`e6c8e180 00000000`00010001 : HDAudBus!HdaController::CodecDpc+0x70
85. fffff800`ea0398a0 fffff800`e7eff477 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiExecuteAllDpcs+0x1dc
86. fffff800`ea0399e0 fffff800`e7ffc56a : 00000000`00000000 fffff800`e6c8e180 00000000`001a6fd0 fffff800`e8286a40 : nt!KiRetireDpcList+0xd7
87. fffff800`ea039be0 00000000`00000000 : fffff800`ea03a000 fffff800`ea033000 00000000`00000000 00000000`00000000 : nt!KiIdleLoop+0x5a
88. STACK_COMMAND: kb
89. THREAD_SHA1_HASH_MOD_FUNC: 286085e0e1881fab9ddcefd3b0d2f1b9a8af6992
90. THREAD_SHA1_HASH_MOD_FUNC_OFFSET: 0fb7a980ad76883b698c1ef17ae1b78258489530
91. THREAD_SHA1_HASH_MOD: c45ee725c8d5fb0d0409d0de11f98f0bac8ce545
92. FOLLOWUP_IP:
93. HDAudBus!HdaController::ProcessCodecResponses+b8
94. fffff807`95632ee8 814cc80c00000080 or dword ptr [rax+rcx*8+0Ch],80000000h
95. FAULT_INSTR_CODE: cc84c81
96. SYMBOL_STACK_INDEX: 3
97. SYMBOL_NAME: HDAudBus!HdaController::ProcessCodecResponses+b8
98. FOLLOWUP_NAME: MachineOwner
99. MODULE_NAME: HDAudBus
100.  
101. IMAGE_NAME: HDAudBus.sys
102.  
103. DEBUG_FLR_IMAGE_TIMESTAMP: 21fd8579
104. IMAGE_VERSION: 10.0.15046.0
105. BUCKET_ID_FUNC_OFFSET: b8
106. FAILURE_BUCKET_ID: OLD_IMAGE_HDAudBus.sys
107. BUCKET_ID: OLD_IMAGE_HDAudBus.sys
108. PRIMARY_PROBLEM_CLASS: OLD_IMAGE_HDAudBus.sys
109. TARGET_TIME: 2017-08-02T13:37:52.000Z
110. OSBUILD: 15063
111. OSSERVICEPACK: 483
112. SERVICEPACK_NUMBER: 0
113. OS_REVISION: 0
114. SUITE_MASK: 784
115. PRODUCT_TYPE: 1
116. OSPLATFORM_TYPE: x64
117. OSNAME: Windows 10
118. OSEDITION: Windows 10 WinNt TerminalServer SingleUserTS Personal
119. USER_LCID: 0
120. OSBUILD_TIMESTAMP: 2017-07-07 02:06:35
121. BUILDDATESTAMP_STR: 160101.0800
122. BUILDLAB_STR: WinBuild
123. BUILDOSVER_STR: 10.0.15063.483
124. ANALYSIS_SESSION_ELAPSED_TIME: 21ab
125. ANALYSIS_SOURCE: KM
126. FAILURE_ID_HASH_STRING: km:old_image_hdaudbus.sys
127. FAILURE_ID_HASH: {07e9e28c-c1da-5e3c-13fb-74d30982443e}
128. Followup: MachineOwner
129.  
130. ========================================================================
131. ============================== Drivers ===============================
132. ========================================================================
133. Image path: \SystemRoot\system32\DRIVERS\e1d65x64.sys
134. Image name: e1d65x64.sys
135. Possible Info Link: http://www.carrona.org/drivers/driver.php?id=e1d65x64.sys
136. Timestamp: Thu Aug 13 2015
137.  
138. Image path: \SystemRoot\system32\drivers\nvvad64v.sys
139. Image name: nvvad64v.sys
140. Possible Info Link: http://www.carrona.org/drivers/driver.php?id=nvvad64v.sys
141. Possible Driver Info: Nvidia Virtual Audio Driver http://www.nvidia.com/
142. Timestamp: Sun May 28 2017
143.  
144. Image path: \SystemRoot\System32\drivers\nvvhci.sys
145. Image name: nvvhci.sys
146. Possible Info Link: http://www.carrona.org/drivers/driver.php?id=nvvhci.sys
147. Timestamp: Tue Dec 27 2016
148.  
149. Image path: \SystemRoot\system32\drivers\nvhda64v.sys
150. Image name: nvhda64v.sys
151. Possible Info Link: http://www.carrona.org/drivers/driver.php?id=nvhda64v.sys
152. Timestamp: Wed Mar 15 2017
153.  
154. Image path: \SystemRoot\System32\DriverStore\FileRepository\nv_ref_pubwu.inf_amd64_f9309145156afb40\nvlddmkm.sys
155. Image name: nvlddmkm.sys
156. Possible Info Link: http://www.carrona.org/drivers/driver.php?id=nvlddmkm.sys
157. Possible Driver Info: Nvidia Graphics Card driver. http://www.nvidia.com/
158. Timestamp: Mon May 1 2017
159.  
160. Image path: \SystemRoot\System32\drivers\TeeDriverW8x64.sys
161. Image name: TeeDriverW8x64.sys
162. Possible Info Link: http://www.carrona.org/drivers/driver.php?id=TeeDriverW8x64.sys
163. Possible Driver Info: Intel® Management Engine Interface
164. Timestamp: Mon Mar 28 2016
165.  
166. Image path: \SystemRoot\system32\drivers\RTKVHD64.sys
167. Image name: RTKVHD64.sys
168. Possible Info Link: http://www.carrona.org/drivers/driver.php?id=RTKVHD64.sys
169. Timestamp: Tue Aug 16 2016
170.  
171. Unloaded modules:
172. fffff807`92ec0000 fffff807`92ee0000 dam.sys
173. fffff807`919b0000 fffff807`919bf000 WdBoot.sys
174. fffff807`92120000 fffff807`9212f000 hwpolicy.sys
175.  
176. ========================================================================
177. ============================== BIOS INFO =============================
178. ========================================================================
179. [SMBIOS Data Tables v3.0]
180. [DMI Version - 0]
181. [2.0 Calling Convention - No]
182. [Table Size - 4402 bytes]
183. [BIOS Information (Type 0) - Length 24 - Handle 0000h]
184. Vendor American Megatrends Inc.
185. BIOS Version 1902
186. BIOS Starting Address Segment f000
187. BIOS Release Date 06/24/2016
188. BIOS ROM Size 1000000
189. BIOS Characteristics
190. 07: - PCI Supported
191. 10: - APM Supported
192. 11: - Upgradeable FLASH BIOS
193. 12: - BIOS Shadowing Supported
194. 15: - CD-Boot Supported
195. 16: - Selectable Boot Supported
196. 17: - BIOS ROM Socketed
197. 19: - EDD Supported
198. 23: - 1.2MB Floppy Supported
199. 24: - 720KB Floppy Supported
200. 25: - 2.88MB Floppy Supported
201. 26: - Print Screen Device Supported
202. 27: - Keyboard Services Supported
203. 28: - Serial Services Supported
204. 29: - Printer Services Supported
205. 32: - BIOS Vendor Reserved
206. BIOS Characteristic Extensions
207. 00: - ACPI Supported
208. 01: - USB Legacy Supported
209. 08: - BIOS Boot Specification Supported
210. 10: - Specification Reserved
211. 11: - Specification Reserved
212. BIOS Major Revision 5
213. BIOS Minor Revision 11
214. EC Firmware Major Revision 255
215. EC Firmware Minor Revision 255
216. [System Information (Type 1) - Length 27 - Handle 0001h]
217. Manufacturer System manufacturer
218. Product Name System Product Name
219. Version System Version
220. UUID 00000000-0000-0000-0000-000000000000
221. Wakeup Type Power Switch
222. SKUNumber SKU
223. [BaseBoard Information (Type 2) - Length 15 - Handle 0002h]
224. Manufacturer ASUSTeK COMPUTER INC.
225. Product Z170-A
226. Version Rev 1.xx
227. Feature Flags 09h
228. 1591878152: - ?ÿU?ì?ì¡H.õ^3Å?Eü3ÀW?}?Eô?Eø?ÿu
229. ¸@
230. 1591878192: - ?ÿU?ì?ì¡H.õ^3Å?Eü3ÀW?}?Eô?Eø?ÿu
231. ¸@
232. Location Default string
233. Chassis Handle 0003h
234. Board Type 0ah - Processor/Memory Module
235. Number of Child Handles 0
236. [System Enclosure (Type 3) - Length 22 - Handle 0003h]
237. Manufacturer Default string
238. Chassis Type Desktop
239. Version Default string
240. Bootup State Safe
241. Power Supply State Safe
242. Thermal State Safe
243. Security Status None
244. OEM Defined 0
245. Height 0U
246. Number of Power Cords 1
247. Number of Contained Elements 0
248. Contained Element Size 3
249. [Onboard Devices Information (Type 10) - Length 6 - Handle 0028h]
250. Number of Devices 1
251. 01: Type Video [enabled]
252. [OEM Strings (Type 11) - Length 5 - Handle 0029h]
253. Number of Strings 4
254. 1 Default string
255. 2 Default string
256. 3 ORC
257. 4 Default string
258. [System Configuration Options (Type 12) - Length 5 - Handle 002ah]
259. [Cache Information (Type 7) - Length 19 - Handle 0045h]
260. Socket Designation L1 Cache
261. Cache Configuration 0180h - WB Enabled Int NonSocketed L1
262. Maximum Cache Size 0080h - 128K
263. Installed Size 0080h - 128K
264. Supported SRAM Type 0020h - Synchronous
265. Current SRAM Type 0020h - Synchronous
266. Cache Speed 0ns
267. Error Correction Type ParitySingle-Bit ECC
268. System Cache Type Data
269. Associativity 8-way Set-Associative
270. [Cache Information (Type 7) - Length 19 - Handle 0046h]
271. Socket Designation L1 Cache
272. Cache Configuration 0180h - WB Enabled Int NonSocketed L1
273. Maximum Cache Size 0080h - 128K
274. Installed Size 0080h - 128K
275. Supported SRAM Type 0020h - Synchronous
276. Current SRAM Type 0020h - Synchronous
277. Cache Speed 0ns
278. Error Correction Type ParitySingle-Bit ECC
279. System Cache Type Instruction
280. Associativity 8-way Set-Associative
281. [Cache Information (Type 7) - Length 19 - Handle 0047h]
282. Socket Designation L2 Cache
283. Cache Configuration 0181h - WB Enabled Int NonSocketed L2
284. Maximum Cache Size 0400h - 1024K
285. Installed Size 0400h - 1024K
286. Supported SRAM Type 0020h - Synchronous
287. Current SRAM Type 0020h - Synchronous
288. Cache Speed 0ns
289. Error Correction Type Multi-Bit ECC
290. System Cache Type Unified
291. Associativity 4-way Set-Associative
292. [Cache Information (Type 7) - Length 19 - Handle 0048h]
293. Socket Designation L3 Cache
294. Cache Configuration 0182h - WB Enabled Int NonSocketed L3
295. Maximum Cache Size 1800h - 6144K
296. Installed Size 1800h - 6144K
297. Supported SRAM Type 0020h - Synchronous
298. Current SRAM Type 0020h - Synchronous
299. Cache Speed 0ns
300. Error Correction Type Specification Reserved
301. System Cache Type Unified
302. Associativity Specification Reserved
303. [Processor Information (Type 4) - Length 48 - Handle 0049h]
304. Socket Designation LGA1151
305. Processor Type Central Processor
306. Processor Family cdh - Specification Reserved
307. Processor Manufacturer Intel(R) Corporation
308. Processor ID e3060500fffbebbf
309. Processor Version Intel(R) Core(TM) i5-6600K CPU @ 3.50GHz
310. Processor Voltage 8bh - 1.1V
311. External Clock 100MHz
312. Max Speed 8300MHz
313. Current Speed 3500MHz
314. Status Enabled Populated
315. Processor Upgrade Other
316. L1 Cache Handle 0046h
317. L2 Cache Handle 0047h
318. L3 Cache Handle 0048h
319. [Physical Memory Array (Type 16) - Length 23 - Handle 004ah]
320. Location 03h - SystemBoard/Motherboard
321. Use 03h - System Memory
322. Memory Error Correction 03h - None
323. Maximum Capacity 67108864KB
324. Number of Memory Devices 4
325. [Memory Device (Type 17) - Length 40 - Handle 004bh]
326. Physical Memory Array Handle 004ah
327. Total Width 0 bits
328. Data Width 0 bits
329. Form Factor 02h - Unknown
330. Device Locator ChannelA-DIMM1
331. Bank Locator BANK 0
332. Memory Type 02h - Unknown
333. Type Detail 0000h -
334. Speed 0MHz
335. [Memory Device (Type 17) - Length 40 - Handle 004ch]
336. Physical Memory Array Handle 004ah
337. Total Width 64 bits
338. Data Width 64 bits
339. Size 8192MB
340. Form Factor 09h - DIMM
341. Device Locator ChannelA-DIMM2
342. Bank Locator BANK 1
343. Memory Type 1ah - Specification Reserved
344. Type Detail 0080h - Synchronous
345. Speed 2133MHz
346. Manufacturer G-Skill
347. Part Number F4-2133C15-8GRR
348. [Memory Device (Type 17) - Length 40 - Handle 004dh]
349. Physical Memory Array Handle 004ah
350. Total Width 0 bits
351. Data Width 0 bits
352. Form Factor 02h - Unknown
353. Device Locator ChannelB-DIMM1
354. Bank Locator BANK 2
355. Memory Type 02h - Unknown
356. Type Detail 0000h -
357. Speed 0MHz
358. [Memory Device (Type 17) - Length 40 - Handle 004eh]
359. Physical Memory Array Handle 004ah
360. Total Width 64 bits
361. Data Width 64 bits
362. Size 8192MB
363. Form Factor 09h - DIMM
364. Device Locator ChannelB-DIMM2
365. Bank Locator BANK 3
366. Memory Type 1ah - Specification Reserved
367. Type Detail 0080h - Synchronous
368. Speed 2133MHz
369. Manufacturer G-Skill
370. Part Number F4-2133C15-8GRR
371. [Memory Array Mapped Address (Type 19) - Length 31 - Handle 004fh]
372. Starting Address 00000000h
373. Ending Address 00ffffffh
374. Memory Array Handle 004ah
375. Partition Width 02
376. [Memory Device Mapped Address (Type 20) - Length 35 - Handle 0051h]
377. Starting Address 00000000h
378. Ending Address 007fffffh
379. Memory Device Handle 004ch
380. Mem Array Mapped Adr Handle 004fh
381. Interleave Position 01
382. Interleave Data Depth 02
383. [Memory Device Mapped Address (Type 20) - Length 35 - Handle 0052h]
384. Starting Address 00800000h
385. Ending Address 00ffffffh
386. Memory Device Handle 004eh
387. Mem Array Mapped Adr Handle 004fh
388. Interleave Position 02
389. Interleave Data Depth 02
390.  
391. ========================================================================
392. =================== Dump File: 080217-5812-01.dmp ====================
393. ========================================================================
394. Mini Kernel Dump File: Only registers and stack trace are available
395. Windows 10 Kernel Version 15063 MP (4 procs) Free x64
396. Product: WinNt, suite: TerminalServer SingleUserTS Personal
397. Built by: 15063.0.amd64fre.rs2_release.170317-1834
398. Kernel base = 0xfffff803`e988c000 PsLoadedModuleList = 0xfffff803`e9bd85e0
399. Debug session time: Wed Aug 2 09:50:28.884 2017 (UTC - 4:00)
400. System Uptime: 0 days 0:09:29.537
401.  
402. BugCheck F7, {6692bff56ecf, 6e92bff56ecf, ffff916d400a9130, 0}
403. Probably caused by : ntkrnlmp.exe ( nt!_report_gsfailure+25 )
404. Followup: MachineOwner
405.  
406. DRIVER_OVERRAN_STACK_BUFFER (f7)
407. A driver has overrun a stack-based buffer. This overrun could potentially
408. allow a malicious user to gain control of this machine.
409. DESCRIPTION
410. A driver overran a stack-based buffer (or local variable) in a way that would
411. have overwritten the function's return address and jumped back to an arbitrary
412. address when the function returned. This is the classic "buffer overrun"
413. hacking attack and the system has been brought down to prevent a malicious user
414. from gaining complete control of it.
415. Do a kb to get a stack backtrace -- the last routine on the stack before the
416. buffer overrun handlers and bugcheck call is the one that overran its local
417. variable(s).
418.  
419. Arguments:
420. Arg1: 00006692bff56ecf, Actual security check cookie from the stack
421. Arg2: 00006e92bff56ecf, Expected security check cookie
422. Arg3: ffff916d400a9130, Complement of the expected security check cookie
423. Arg4: 0000000000000000, zero
424.  
425. Debugging Details:
426. DUMP_CLASS: 1
427. DUMP_QUALIFIER: 400
428. BUILD_VERSION_STRING: 10.0.15063.483 (WinBuild.160101.0800)
429. SYSTEM_SKU: SKU
430. BIOS_VENDOR: American Megatrends Inc.
431. BIOS_VERSION: 1902
432. BIOS_DATE: 06/24/2016
433. BASEBOARD_MANUFACTURER: ASUSTeK COMPUTER INC.
434. BASEBOARD_PRODUCT: Z170-A
435. BASEBOARD_VERSION: Rev 1.xx
436. DUMP_TYPE: 2
437. SECURITY_COOKIE: Expected 00006e92bff56ecf found 00006692bff56ecf
438. BUGCHECK_STR: 0xF7_ONE_BIT
439. CPU_COUNT: 4
440. CPU_MHZ: db0
441. CPU_VENDOR: GenuineIntel
442. CPU_FAMILY: 6
443. CPU_MODEL: 5e
444. CPU_STEPPING: 3
445. CPU_MICROCODE: 6,5e,3,0 (F,M,S,R) SIG: 74'00000000 (cache) 74'00000000 (init)
446. CUSTOMER_CRASH_COUNT: 1
447. DEFAULT_BUCKET_ID: WIN8_DRIVER_FAULT
448.  
449. PROCESS_NAME: nvspcaps64.exe
450.  
451. CURRENT_IRQL: 0
452. LAST_CONTROL_TRANSFER: from fffff803e9a66905 to fffff803e99f84c0
453. STACK_TEXT:
454. ffffbc81`b570f7a8 fffff803`e9a66905 : 00000000`000000f7 00006692`bff56ecf 00006e92`bff56ecf ffff916d`400a9130 : nt!KeBugCheckEx
455. ffffbc81`b570f7b0 fffff803`e98bfae6 : ffff8588`00000000 00000000`00000000 00000000`00000001 00001f80`00000000 : nt!_report_gsfailure+0x25
456. ffffbc81`b570f7f0 fffff803`e98bf461 : 00000000`00000000 00000000`0573f730 00000000`00000000 ffff9a00`ac87e7ec : nt!KiSwapThread+0x1b6
457. ffffbc81`b570f8a0 fffff803`e98bed78 : ffff8588`91cfd650 fffff803`00000000 ffff9a00`ac87e700 ffff8588`974c1570 : nt!KiCommitThreadWait+0x101
458. ffffbc81`b570f940 fffff803`e9d14db8 : ffff8588`974c1570 00000000`00000006 00000000`00000001 ffffbc81`b570fb00 : nt!KeWaitForSingleObject+0x2b8
459. ffffbc81`b570fa10 fffff803`e9a03413 : ffff8588`96568080 00000000`ffffffff 00000000`00000000 ffff8588`974c1570 : nt!NtWaitForSingleObject+0xf8
460. ffffbc81`b570fa80 00007ffe`d52e5424 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x13
461. 00000000`0573f7a8 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x00007ffe`d52e5424
462. STACK_COMMAND: kb
463. THREAD_SHA1_HASH_MOD_FUNC: 20a6c2ca139290b6b0f69f439d1ba3f651d8f65a
464. THREAD_SHA1_HASH_MOD_FUNC_OFFSET: be8294a57536fa05d07e28d25301a945be97d28e
465. THREAD_SHA1_HASH_MOD: 30a3e915496deaace47137d5b90c3ecc03746bf6
466. FOLLOWUP_IP:
467. nt!_report_gsfailure+25
468. fffff803`e9a66905 cc int 3
469. FAULT_INSTR_CODE: cccccccc
470. SYMBOL_STACK_INDEX: 1
471. SYMBOL_NAME: nt!_report_gsfailure+25
472. FOLLOWUP_NAME: MachineOwner
473. MODULE_NAME: nt
474.  
475. IMAGE_NAME: ntkrnlmp.exe
476.  
477. DEBUG_FLR_IMAGE_TIMESTAMP: 595f24eb
478. IMAGE_VERSION: 10.0.15063.483
479. BUCKET_ID_FUNC_OFFSET: 25
480. FAILURE_BUCKET_ID: 0xF7_ONE_BIT_MISSING_GSFRAME_nt!_report_gsfailure
481. BUCKET_ID: 0xF7_ONE_BIT_MISSING_GSFRAME_nt!_report_gsfailure
482. PRIMARY_PROBLEM_CLASS: 0xF7_ONE_BIT_MISSING_GSFRAME_nt!_report_gsfailure
483. TARGET_TIME: 2017-08-02T13:50:28.000Z
484. OSBUILD: 15063
485. OSSERVICEPACK: 483
486. SERVICEPACK_NUMBER: 0
487. OS_REVISION: 0
488. SUITE_MASK: 784
489. PRODUCT_TYPE: 1
490. OSPLATFORM_TYPE: x64
491. OSNAME: Windows 10
492. OSEDITION: Windows 10 WinNt TerminalServer SingleUserTS Personal
493. USER_LCID: 0
494. OSBUILD_TIMESTAMP: 2017-07-07 02:06:35
495. BUILDDATESTAMP_STR: 160101.0800
496. BUILDLAB_STR: WinBuild
497. BUILDOSVER_STR: 10.0.15063.483
498. ANALYSIS_SESSION_ELAPSED_TIME: 91b
499. ANALYSIS_SOURCE: KM
500. FAILURE_ID_HASH_STRING: km:0xf7_one_bit_missing_gsframe_nt!_report_gsfailure
501. FAILURE_ID_HASH: {8f84f302-dd0e-1f96-6f9c-0ea31ad59f42}
502. Followup: MachineOwner
503.  
504. ========================================================================
505. =================== Dump File: 080217-5125-01.dmp ====================
506. ========================================================================
507. Mini Kernel Dump File: Only registers and stack trace are available
508. Windows 10 Kernel Version 15063 MP (4 procs) Free x64
509. Product: WinNt, suite: TerminalServer SingleUserTS Personal
510. Built by: 15063.0.amd64fre.rs2_release.170317-1834
511. Kernel base = 0xfffff802`7ea99000 PsLoadedModuleList = 0xfffff802`7ede55e0
512. Debug session time: Wed Aug 2 11:40:02.338 2017 (UTC - 4:00)
513. System Uptime: 0 days 0:53:37.900
514.  
515. BugCheck A, {fffffa862a03ed48, 2, 0, fffff8027eb0a794}
516. Probably caused by : ntkrnlmp.exe ( nt!KiProcessExpiredTimerList+144 )
517. Followup: MachineOwner
518.  
519. IRQL_NOT_LESS_OR_EQUAL (a)
520. An attempt was made to access a pageable (or completely invalid) address at an
521. interrupt request level (IRQL) that is too high. This is usually
522. caused by drivers using improper addresses.
523. If a kernel debugger is available get the stack backtrace.
524.  
525. Arguments:
526. Arg1: fffffa862a03ed48, memory referenced
527. Arg2: 0000000000000002, IRQL
528. Arg3: 0000000000000000, bitfield :
529. bit 0 : value 0 = read operation, 1 = write operation
530. bit 3 : value 0 = not an execute operation, 1 = execute operation (only on chips which support this level of status)
531. Arg4: fffff8027eb0a794, address which referenced memory
532.  
533. Debugging Details:
534. DUMP_CLASS: 1
535. DUMP_QUALIFIER: 400
536. BUILD_VERSION_STRING: 10.0.15063.483 (WinBuild.160101.0800)
537. SYSTEM_SKU: SKU
538. BIOS_VENDOR: American Megatrends Inc.
539. BIOS_VERSION: 1902
540. BIOS_DATE: 06/24/2016
541. BASEBOARD_MANUFACTURER: ASUSTeK COMPUTER INC.
542. BASEBOARD_PRODUCT: Z170-A
543. BASEBOARD_VERSION: Rev 1.xx
544. DUMP_TYPE: 2
545. READ_ADDRESS: fffff8027ee7a358: Unable to get MiVisibleState
546. fffffa862a03ed48
547. CURRENT_IRQL: 2
548. FAULTING_IP:
549. nt!KiProcessExpiredTimerList+144
550. fffff802`7eb0a794 483918 cmp qword ptr [rax],rbx
551. CPU_COUNT: 4
552. CPU_MHZ: db0
553. CPU_VENDOR: GenuineIntel
554. CPU_FAMILY: 6
555. CPU_MODEL: 5e
556. CPU_STEPPING: 3
557. CPU_MICROCODE: 6,5e,3,0 (F,M,S,R) SIG: 74'00000000 (cache) 74'00000000 (init)
558. CUSTOMER_CRASH_COUNT: 1
559. DEFAULT_BUCKET_ID: WIN8_DRIVER_FAULT
560. BUGCHECK_STR: AV
561.  
562. PROCESS_NAME: System
563.  
564. TRAP_FRAME: fffff80280c39760 -- (.trap 0xfffff80280c39760)
565. NOTE: The trap frame does not contain all registers.
566. Some register values may be zeroed or incorrect.
567. rax=fffffa862a03ed48 rbx=0000000000000000 rcx=ffffaa862a03ed48
568. rdx=ffffaa862a03ed40 rsi=0000000000000000 rdi=0000000000000000
569. rip=fffff8027eb0a794 rsp=fffff80280c398f0 rbp=ffffaa862a03d080
570. r8=fffff8027d90c800 r9=0000000000000001 r10=000000077e04ad43
571. r11=0000000000000001 r12=0000000000000000 r13=0000000000000000
572. r14=0000000000000000 r15=0000000000000000
573. iopl=0 nv up ei pl zr na po nc
574. nt!KiProcessExpiredTimerList+0x144:
575. fffff802`7eb0a794 483918 cmp qword ptr [rax],rbx ds:fffffa86`2a03ed48=????????????????
576. Resetting default scope
577. LAST_CONTROL_TRANSFER: from fffff8027ec108a9 to fffff8027ec054c0
578. STACK_TEXT:
579. fffff802`80c39618 fffff802`7ec108a9 : 00000000`0000000a fffffa86`2a03ed48 00000000`00000002 00000000`00000000 : nt!KeBugCheckEx
580. fffff802`80c39620 fffff802`7ec0ee7d : 00000384`5811af65 fffff802`7d90ef48 00000390`863ad091 00000000`00000001 : nt!KiBugCheckDispatch+0x69
581. fffff802`80c39760 fffff802`7eb0a794 : fffff802`7d909180 ffffaa86`00000000 fffff802`80c39a98 00000000`00000000 : nt!KiPageFault+0x23d
582. fffff802`80c398f0 fffff802`7eb0b707 : fffff802`7d909180 00000000`003436b4 00000000`00000000 00000000`0001df99 : nt!KiProcessExpiredTimerList+0x144
583. fffff802`80c399e0 fffff802`7ec0856a : 00000000`00000000 fffff802`7d909180 00000000`001a6fd0 fffff802`7ee92a40 : nt!KiRetireDpcList+0x367
584. fffff802`80c39be0 00000000`00000000 : fffff802`80c3a000 fffff802`80c33000 00000000`00000000 00000000`00000000 : nt!KiIdleLoop+0x5a
585. STACK_COMMAND: kb
586. THREAD_SHA1_HASH_MOD_FUNC: c73bb6ff898fe473664c349f64dc01aa275821e8
587. THREAD_SHA1_HASH_MOD_FUNC_OFFSET: c83217197397b6586eb2f7586c5d7246bdd71e96
588. THREAD_SHA1_HASH_MOD: ee8fcf1fb60cb6e3e2f60ddbed2ec02b5748a693
589. FOLLOWUP_IP:
590. nt!KiProcessExpiredTimerList+144
591. fffff802`7eb0a794 483918 cmp qword ptr [rax],rbx
592. FAULT_INSTR_CODE: f183948
593. SYMBOL_STACK_INDEX: 3
594. SYMBOL_NAME: nt!KiProcessExpiredTimerList+144
595. FOLLOWUP_NAME: MachineOwner
596. MODULE_NAME: nt
597.  
598. IMAGE_NAME: ntkrnlmp.exe
599.  
600. DEBUG_FLR_IMAGE_TIMESTAMP: 595f24eb
601. IMAGE_VERSION: 10.0.15063.483
602. BUCKET_ID_FUNC_OFFSET: 144
603. FAILURE_BUCKET_ID: AV_nt!KiProcessExpiredTimerList
604. BUCKET_ID: AV_nt!KiProcessExpiredTimerList
605. PRIMARY_PROBLEM_CLASS: AV_nt!KiProcessExpiredTimerList
606. TARGET_TIME: 2017-08-02T15:40:02.000Z
607. OSBUILD: 15063
608. OSSERVICEPACK: 483
609. SERVICEPACK_NUMBER: 0
610. OS_REVISION: 0
611. SUITE_MASK: 784
612. PRODUCT_TYPE: 1
613. OSPLATFORM_TYPE: x64
614. OSNAME: Windows 10
615. OSEDITION: Windows 10 WinNt TerminalServer SingleUserTS Personal
616. USER_LCID: 0
617. OSBUILD_TIMESTAMP: 2017-07-07 02:06:35
618. BUILDDATESTAMP_STR: 160101.0800
619. BUILDLAB_STR: WinBuild
620. BUILDOSVER_STR: 10.0.15063.483
621. ANALYSIS_SESSION_ELAPSED_TIME: 1eaa
622. ANALYSIS_SOURCE: KM
623. FAILURE_ID_HASH_STRING: km:av_nt!kiprocessexpiredtimerlist
624. FAILURE_ID_HASH: {a74cefe1-c8f8-f6bc-a51d-bfc4da639d5f}
625. Followup: MachineOwner
626.  
627. ========================================================================
628. =================== Dump File: 080217-5437-01.dmp ====================
629. ========================================================================
630. Mini Kernel Dump File: Only registers and stack trace are available
631. Windows 10 Kernel Version 15063 MP (4 procs) Free x64
632. Product: WinNt, suite: TerminalServer SingleUserTS Personal
633. Built by: 15063.0.amd64fre.rs2_release.170317-1834
634. Kernel base = 0xfffff802`a200a000 PsLoadedModuleList = 0xfffff802`a23565e0
635. Debug session time: Wed Aug 2 10:28:59.828 2017 (UTC - 4:00)
636. System Uptime: 0 days 0:02:03.481
637.  
638. BugCheck 50, {fffffd02a203d461, 10, fffffd02a203d461, 2}
639. Could not read faulting driver name
640. *** WARNING: Unable to verify timestamp for win32k.sys
641. *** ERROR: Module load completed but symbols could not be loaded for win32k.sys
642. Probably caused by : memory_corruption
643. Followup: memory_corruption
644.  
645. PAGE_FAULT_IN_NONPAGED_AREA (50)
646. Invalid system memory was referenced. This cannot be protected by try-except.
647. Typically the address is just plain bad or it is pointing at freed memory.
648.  
649. Arguments:
650. Arg1: fffffd02a203d461, memory referenced.
651. Arg2: 0000000000000010, value 0 = read operation, 1 = write operation.
652. Arg3: fffffd02a203d461, If non-zero, the instruction address which referenced the bad memory
653. address.
654. Arg4: 0000000000000002, (reserved)
655.  
656. Debugging Details:
657. Could not read faulting driver name
658. DUMP_CLASS: 1
659. DUMP_QUALIFIER: 400
660. BUILD_VERSION_STRING: 10.0.15063.483 (WinBuild.160101.0800)
661. SYSTEM_SKU: SKU
662. BIOS_VENDOR: American Megatrends Inc.
663. BIOS_VERSION: 1902
664. BIOS_DATE: 06/24/2016
665. BASEBOARD_MANUFACTURER: ASUSTeK COMPUTER INC.
666. BASEBOARD_PRODUCT: Z170-A
667. BASEBOARD_VERSION: Rev 1.xx
668. DUMP_TYPE: 2
669. READ_ADDRESS: fffff802a23eb358: Unable to get MiVisibleState
670. fffffd02a203d461
671. FAULTING_IP:
672. +0
673. fffffd02`a203d461 ?? ???
674. MM_INTERNAL_CODE: 2
675. CPU_COUNT: 4
676. CPU_MHZ: db0
677. CPU_VENDOR: GenuineIntel
678. CPU_FAMILY: 6
679. CPU_MODEL: 5e
680. CPU_STEPPING: 3
681. CPU_MICROCODE: 6,5e,3,0 (F,M,S,R) SIG: 74'00000000 (cache) 74'00000000 (init)
682. CUSTOMER_CRASH_COUNT: 1
683. DEFAULT_BUCKET_ID: CODE_CORRUPTION
684. BUGCHECK_STR: AV
685.  
686. PROCESS_NAME: System
687.  
688. CURRENT_IRQL: 0
689. TRAP_FRAME: ffffa500ac64e790 -- (.trap 0xffffa500ac64e790)
690. NOTE: The trap frame does not contain all registers.
691. Some register values may be zeroed or incorrect.
692. rax=0000000000000000 rbx=0000000000000000 rcx=ac57952602660000
693. rdx=0000000000000000 rsi=0000000000000000 rdi=0000000000000000
694. rip=fffffd02a203d461 rsp=ffffa500ac64e920 rbp=ffffa500a7f64180
695. r8=00000000ffffffff r9=0000000077d61ddc r10=0000000000000000
696. r11=0000000000000246 r12=0000000000000000 r13=0000000000000000
697. r14=0000000000000000 r15=0000000000000000
698. iopl=0 nv up ei ng nz na po nc
699. fffffd02`a203d461 ?? ???
700. Resetting default scope
701. LAST_CONTROL_TRANSFER: from fffff802a21abfb4 to fffff802a21764c0
702. FAILED_INSTRUCTION_ADDRESS:
703. +0
704. fffffd02`a203d461 ?? ???
705. STACK_TEXT:
706. ffffa500`ac64e4f8 fffff802`a21abfb4 : 00000000`00000050 fffffd02`a203d461 00000000`00000010 ffffa500`ac64e790 : nt!KeBugCheckEx
707. ffffa500`ac64e500 fffff802`a20972d6 : 00000000`00000010 fffffd02`a203d461 ffffa500`ac64e790 ffffdd04`ec27a040 : nt!MiSystemFault+0x116e84
708. ffffa500`ac64e5a0 fffff802`a217fd72 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!MmAccessFault+0xae6
709. ffffa500`ac64e790 fffffd02`a203d461 : ffffdd04`f0993040 ffffdd04`f0993180 00000000`00000000 ffffa500`ac64ea58 : nt!KiPageFault+0x132
710. ffffa500`ac64e920 ffffdd04`f0993040 : ffffdd04`f0993180 00000000`00000000 ffffa500`ac64ea58 00000000`00001200 : 0xfffffd02`a203d461
711. ffffa500`ac64e928 ffffdd04`f0993180 : 00000000`00000000 ffffa500`ac64ea58 00000000`00001200 ffffa500`ac649000 : 0xffffdd04`f0993040
712. ffffa500`ac64e930 00000000`00000000 : ffffa500`ac64ea58 00000000`00001200 ffffa500`ac649000 ffffa500`ac649000 : 0xffffdd04`f0993180
713. STACK_COMMAND: kb
714. CHKIMG_EXTENSION: !chkimg -lo 50 -d !nt
715. fffff802a20973b0 - nt!MmAccessFault+bc0
716. [ f6:dc ]
717. fffff802a21abfd9 - nt!MiValidFault+1160f9 (+0x114c29)
718. [ f6:dc ]
719. 2 errors : !nt (fffff802a20973b0-fffff802a21abfd9)
720. MODULE_NAME: memory_corruption
721.  
722. IMAGE_NAME: memory_corruption
723.  
724. FOLLOWUP_NAME: memory_corruption
725. DEBUG_FLR_IMAGE_TIMESTAMP: 0
726. MEMORY_CORRUPTOR: LARGE
727. FAILURE_BUCKET_ID: MEMORY_CORRUPTION_LARGE
728. BUCKET_ID: MEMORY_CORRUPTION_LARGE
729. PRIMARY_PROBLEM_CLASS: MEMORY_CORRUPTION_LARGE
730. TARGET_TIME: 2017-08-02T14:28:59.000Z
731. OSBUILD: 15063
732. OSSERVICEPACK: 483
733. SERVICEPACK_NUMBER: 0
734. OS_REVISION: 0
735. SUITE_MASK: 784
736. PRODUCT_TYPE: 1
737. OSPLATFORM_TYPE: x64
738. OSNAME: Windows 10
739. OSEDITION: Windows 10 WinNt TerminalServer SingleUserTS Personal
740. USER_LCID: 0
741. OSBUILD_TIMESTAMP: 2017-07-07 02:06:35
742. BUILDDATESTAMP_STR: 160101.0800
743. BUILDLAB_STR: WinBuild
744. BUILDOSVER_STR: 10.0.15063.483
745. ANALYSIS_SESSION_ELAPSED_TIME: 29c3
746. ANALYSIS_SOURCE: KM
747. FAILURE_ID_HASH_STRING: km:memory_corruption_large
748. FAILURE_ID_HASH: {e29154ac-69a4-0eb8-172a-a860f73c0a3c}
749. Followup: memory_corruption