API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Nov 28th, 2018
298
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 7.02 KB | None | 0 0
raw download clone embed print report
  1. Microsoft (R) Windows Debugger Version 10.0.17763.132 AMD64
  2. Copyright (c) Microsoft Corporation. All rights reserved.
  3.  
  4.  
  5. Loading Dump File [C:\Windows\MEMORY.DMP]
  6. Kernel Bitmap Dump File: Kernel address space is available, User address space may not be available.
  7.  
  8. Symbol search path is: srv*
  9. Executable search path is:
  10. Windows 10 Kernel Version 17763 MP (6 procs) Free x64
  11. Product: WinNt, suite: TerminalServer SingleUserTS
  12. Built by: 17763.1.amd64fre.rs5_release.180914-1434
  13. Machine Name:
  14. Kernel base = 0xfffff806`15e00000 PsLoadedModuleList = 0xfffff806`1621f990
  15. Debug session time: Wed Nov 28 17:52:48.013 2018 (UTC + 0:00)
  16. System Uptime: 0 days 0:51:34.695
  17. Loading Kernel Symbols
  18. ...............................................................
  19. ................................................................
  20. ....................................
  21. Loading User Symbols
  22. PEB is paged out (Peb.Ldr = 00000000`0030d018). Type ".hh dbgerr001" for details
  23. Loading unloaded module list
  24. .........
  25. *******************************************************************************
  26. * *
  27. * Bugcheck Analysis *
  28. * *
  29. *******************************************************************************
  30.  
  31. Use !analyze -v to get detailed debugging information.
  32.  
  33. BugCheck A, {4, ff, 9e, fffff80615fc200c}
  34.  
  35. Probably caused by : ntkrnlmp.exe ( nt!KiSystemServiceUser+21 )
  36.  
  37. Followup: MachineOwner
  38. ---------
  39.  
  40. 1: kd>
  41. Implicit thread is now ffffc183`e43ba080
  42. 1: kd>
  43. Implicit thread is now ffffc183`e43ba080
  44. 1: kd>
  45. Implicit thread is now ffffc183`e43ba080
  46. 1: kd>
  47. Implicit thread is now ffffc183`e43ba080
  48. 1: kd>
  49. Implicit thread is now ffffc183`e43ba080
  50. 1: kd> !analyze -v
  51. *******************************************************************************
  52. * *
  53. * Bugcheck Analysis *
  54. * *
  55. *******************************************************************************
  56.  
  57. IRQL_NOT_LESS_OR_EQUAL (a)
  58. An attempt was made to access a pageable (or completely invalid) address at an
  59. interrupt request level (IRQL) that is too high. This is usually
  60. caused by drivers using improper addresses.
  61. If a kernel debugger is available get the stack backtrace.
  62. Arguments:
  63. Arg1: 0000000000000004, memory referenced
  64. Arg2: 00000000000000ff, IRQL
  65. Arg3: 000000000000009e, bitfield :
  66. bit 0 : value 0 = read operation, 1 = write operation
  67. bit 3 : value 0 = not an execute operation, 1 = execute operation (only on chips which support this level of status)
  68. Arg4: fffff80615fc200c, address which referenced memory
  69.  
  70. Debugging Details:
  71. ------------------
  72.  
  73.  
  74. KEY_VALUES_STRING: 1
  75.  
  76.  
  77. STACKHASH_ANALYSIS: 1
  78.  
  79. TIMELINE_ANALYSIS: 1
  80.  
  81.  
  82. DUMP_CLASS: 1
  83.  
  84. DUMP_QUALIFIER: 401
  85.  
  86. BUILD_VERSION_STRING: 17763.1.amd64fre.rs5_release.180914-1434
  87.  
  88. SYSTEM_MANUFACTURER: System manufacturer
  89.  
  90. SYSTEM_PRODUCT_NAME: System Product Name
  91.  
  92. SYSTEM_SKU: SKU
  93.  
  94. SYSTEM_VERSION: System Version
  95.  
  96. BIOS_VENDOR: American Megatrends Inc.
  97.  
  98. BIOS_VERSION: 0411
  99.  
  100. BIOS_DATE: 09/21/2018
  101.  
  102. BASEBOARD_MANUFACTURER: ASUSTeK COMPUTER INC.
  103.  
  104. BASEBOARD_PRODUCT: PRIME Z370-P II
  105.  
  106. BASEBOARD_VERSION: Rev X.0x
  107.  
  108. DUMP_TYPE: 1
  109.  
  110. BUGCHECK_P1: 4
  111.  
  112. BUGCHECK_P2: ff
  113.  
  114. BUGCHECK_P3: 9e
  115.  
  116. BUGCHECK_P4: fffff80615fc200c
  117.  
  118. READ_ADDRESS: 0000000000000004
  119.  
  120. CURRENT_IRQL: 0
  121.  
  122. FAULTING_IP:
  123. nt!KiSystemServiceUser+21
  124. fffff806`15fc200c 807b0300 cmp byte ptr [rbx+3],0
  125.  
  126. CPU_COUNT: 6
  127.  
  128. CPU_MHZ: e70
  129.  
  130. CPU_VENDOR: GenuineIntel
  131.  
  132. CPU_FAMILY: 6
  133.  
  134. CPU_MODEL: 9e
  135.  
  136. CPU_STEPPING: c
  137.  
  138. CPU_MICROCODE: 6,9e,c,0 (F,M,S,R) SIG: 9E'00000000 (cache) 9E'00000000 (init)
  139.  
  140. DEFAULT_BUCKET_ID: WIN8_DRIVER_FAULT
  141.  
  142. BUGCHECK_STR: AV
  143.  
  144. PROCESS_NAME: bfv.exe
  145.  
  146. ANALYSIS_SESSION_HOST: DESKTOP-3JS743D
  147.  
  148. ANALYSIS_SESSION_TIME: 11-28-2018 18:57:00.0915
  149.  
  150. ANALYSIS_VERSION: 10.0.17763.132 amd64fre
  151.  
  152. TRAP_FRAME: fffff880e2fd2870 -- (.trap 0xfffff880e2fd2870)
  153. NOTE: The trap frame does not contain all registers.
  154. Some register values may be zeroed or incorrect.
  155. rax=0000000000000001 rbx=0000000000000000 rcx=0000000000000048
  156. rdx=0000000000000002 rsi=0000000000000000 rdi=0000000000000000
  157. rip=fffff80615fc200c rsp=fffff880e2fd2a00 rbp=fffff880e2fd2a80
  158. r8=0000000000000000 r9=00000000003ba290 r10=0000000000000000
  159. r11=0000000000000246 r12=0000000000000000 r13=0000000000000000
  160. r14=0000000000000000 r15=0000000000000000
  161. iopl=0 nv up di pl zr na po nc
  162. nt!KiSystemServiceUser+0x21:
  163. fffff806`15fc200c 807b0300 cmp byte ptr [rbx+3],0 ds:00000000`00000003=??
  164. Resetting default scope
  165.  
  166. LAST_CONTROL_TRANSFER: from fffff80615fc2869 to fffff80615fb1040
  167.  
  168. STACK_TEXT:
  169. fffff880`e2fd2728 fffff806`15fc2869 : 00000000`0000000a 00000000`00000004 00000000`000000ff 00000000`0000009e : nt!KeBugCheckEx
  170. fffff880`e2fd2730 fffff806`15fbec8e : 00000000`00000000 ffffc183`e94bf830 00000000`00000001 ffffc183`e94bf830 : nt!KiBugCheckDispatch+0x69
  171. fffff880`e2fd2870 fffff806`15fc200c : ffffc183`e43ba080 00000000`00000000 00000000`00000000 ffffc183`eaea3b01 : nt!KiPageFault+0x44e
  172. fffff880`e2fd2a00 00007fff`6ab1ec14 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceUser+0x21
  173. 00000000`656efd98 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x00007fff`6ab1ec14
  174.  
  175.  
  176. THREAD_SHA1_HASH_MOD_FUNC: dc964d8577fe63fa761b5eb616fcc9e58528fa56
  177.  
  178. THREAD_SHA1_HASH_MOD_FUNC_OFFSET: ba9f5eb2fad8a2f97a8b0f57f691cf4c8c79aa7d
  179.  
  180. THREAD_SHA1_HASH_MOD: d084f7dfa548ce4e51810e4fd5914176ebc66791
  181.  
  182. FOLLOWUP_IP:
  183. nt!KiSystemServiceUser+21
  184. fffff806`15fc200c 807b0300 cmp byte ptr [rbx+3],0
  185.  
  186. FAULT_INSTR_CODE: 37b80
  187.  
  188. SYMBOL_STACK_INDEX: 3
  189.  
  190. SYMBOL_NAME: nt!KiSystemServiceUser+21
  191.  
  192. FOLLOWUP_NAME: MachineOwner
  193.  
  194. MODULE_NAME: nt
  195.  
  196. IMAGE_NAME: ntkrnlmp.exe
  197.  
  198. DEBUG_FLR_IMAGE_TIMESTAMP: 3eeaaca9
  199.  
  200. STACK_COMMAND: .thread ; .cxr ; kb
  201.  
  202. BUCKET_ID_FUNC_OFFSET: 21
  203.  
  204. FAILURE_BUCKET_ID: AV_CODE_AV_nt!KiSystemServiceUser
  205.  
  206. BUCKET_ID: AV_CODE_AV_nt!KiSystemServiceUser
  207.  
  208. PRIMARY_PROBLEM_CLASS: AV_CODE_AV_nt!KiSystemServiceUser
  209.  
  210. TARGET_TIME: 2018-11-28T17:52:48.000Z
  211.  
  212. OSBUILD: 17763
  213.  
  214. OSSERVICEPACK: 0
  215.  
  216. SERVICEPACK_NUMBER: 0
  217.  
  218. OS_REVISION: 0
  219.  
  220. SUITE_MASK: 272
  221.  
  222. PRODUCT_TYPE: 1
  223.  
  224. OSPLATFORM_TYPE: x64
  225.  
  226. OSNAME: Windows 10
  227.  
  228. OSEDITION: Windows 10 WinNt TerminalServer SingleUserTS
  229.  
  230. OS_LOCALE:
  231.  
  232. USER_LCID: 0
  233.  
  234. OSBUILD_TIMESTAMP: 2003-06-14 06:03:37
  235.  
  236. BUILDDATESTAMP_STR: 180914-1434
  237.  
  238. BUILDLAB_STR: rs5_release
  239.  
  240. BUILDOSVER_STR: 10.0.17763.1.amd64fre.rs5_release.180914-1434
  241.  
  242. ANALYSIS_SESSION_ELAPSED_TIME: 41d
  243.  
  244. ANALYSIS_SOURCE: KM
  245.  
  246. FAILURE_ID_HASH_STRING: km:av_code_av_nt!kisystemserviceuser
  247.  
  248. FAILURE_ID_HASH: {f943ec43-48f7-f55f-6fa9-6438d2a6855c}
  249.  
  250. Followup: MachineOwner
  251. ---------
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!