API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Nov 14th, 2019
171
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 6.28 KB | None | 0 0
raw download clone embed print report
  1. 5: kd> !analyze -v
  2. *******************************************************************************
  3. * *
  4. * Bugcheck Analysis *
  5. * *
  6. *******************************************************************************
  7.  
  8. PAGE_FAULT_IN_NONPAGED_AREA (50)
  9. Invalid system memory was referenced. This cannot be protected by try-except.
  10. Typically the address is just plain bad or it is pointing at freed memory.
  11. Arguments:
  12. Arg1: ffffc000a70d1b01, memory referenced.
  13. Arg2: 0000000000000000, value 0 = read operation, 1 = write operation.
  14. Arg3: fffff801d1a60654, If non-zero, the instruction address which referenced the bad memory
  15. address.
  16. Arg4: 0000000000000000, (reserved)
  17.  
  18. Debugging Details:
  19. ------------------
  20.  
  21. *** WARNING: Unable to verify timestamp for EX64.SYS
  22.  
  23. Could not read faulting driver name
  24. GetUlongPtrFromAddress: unable to read from fffff801b11c4308
  25.  
  26. KEY_VALUES_STRING: 1
  27.  
  28.  
  29. PROCESSES_ANALYSIS: 1
  30.  
  31. SERVICE_ANALYSIS: 1
  32.  
  33. STACKHASH_ANALYSIS: 1
  34.  
  35. TIMELINE_ANALYSIS: 1
  36.  
  37.  
  38. DUMP_CLASS: 1
  39.  
  40. DUMP_QUALIFIER: 400
  41.  
  42. BUILD_VERSION_STRING: 9600.19478.amd64fre.winblue_ltsb.190831-0600
  43.  
  44. SYSTEM_MANUFACTURER: Microsoft Corporation
  45.  
  46. VIRTUAL_MACHINE: HyperV
  47.  
  48. SYSTEM_PRODUCT_NAME: Virtual Machine
  49.  
  50. SYSTEM_SKU: None
  51.  
  52. SYSTEM_VERSION: Hyper-V UEFI Release v1.0
  53.  
  54. BIOS_VENDOR: Microsoft Corporation
  55.  
  56. BIOS_VERSION: Hyper-V UEFI Release v1.0
  57.  
  58. BIOS_DATE: 11/26/2012
  59.  
  60. BASEBOARD_MANUFACTURER: Microsoft Corporation
  61.  
  62. BASEBOARD_PRODUCT: Virtual Machine
  63.  
  64. BASEBOARD_VERSION: Hyper-V UEFI Release v1.0
  65.  
  66. DUMP_TYPE: 2
  67.  
  68. BUGCHECK_P1: ffffc000a70d1b01
  69.  
  70. BUGCHECK_P2: 0
  71.  
  72. BUGCHECK_P3: fffff801d1a60654
  73.  
  74. BUGCHECK_P4: 0
  75.  
  76. READ_ADDRESS: GetUlongPtrFromAddress: unable to read from fffff801b11c42a8
  77. GetUlongPtrFromAddress: unable to read from fffff801b11c4530
  78. ffffc000a70d1b01 Paged pool
  79.  
  80. FAULTING_IP:
  81. EX64+54654
  82. fffff801`d1a60654 448a0401 mov r8b,byte ptr [rcx+rax]
  83.  
  84. MM_INTERNAL_CODE: 0
  85.  
  86. CPU_COUNT: 14
  87.  
  88. CPU_MHZ: a25
  89.  
  90. CPU_VENDOR: GenuineIntel
  91.  
  92. CPU_FAMILY: 6
  93.  
  94. CPU_MODEL: 3f
  95.  
  96. CPU_STEPPING: 2
  97.  
  98. CPU_MICROCODE: 6,3f,2,0 (F,M,S,R) SIG: FFFFFFFF'00000000 (cache) FFFFFFFF'00000000 (init)
  99.  
  100. CUSTOMER_CRASH_COUNT: 1
  101.  
  102. DEFAULT_BUCKET_ID: WIN8_DRIVER_FAULT_SERVER
  103.  
  104. BUGCHECK_STR: AV
  105.  
  106. PROCESS_NAME: System
  107.  
  108. CURRENT_IRQL: 0
  109.  
  110. ANALYSIS_SESSION_HOST: SAC-ALEXDPC
  111.  
  112. ANALYSIS_SESSION_TIME: 11-14-2019 08:00:19.0152
  113.  
  114. ANALYSIS_VERSION: 10.0.18362.1 amd64fre
  115.  
  116. TRAP_FRAME: ffffd000edee8f90 -- (.trap 0xffffd000edee8f90)
  117. NOTE: The trap frame does not contain all registers.
  118. Some register values may be zeroed or incorrect.
  119. rax=ffffc000a70d0bd2 rbx=0000000000000000 rcx=0000000000000f2f
  120. rdx=0000000000007979 rsi=0000000000000000 rdi=0000000000000000
  121. rip=fffff801d1a60654 rsp=ffffd000edee9128 rbp=0000000000000006
  122. r8=ffffc000a2a02000 r9=ffffc000a2a022b8 r10=0000000000000000
  123. r11=ffffc000a2bc3e72 r12=0000000000000000 r13=0000000000000000
  124. r14=0000000000000000 r15=0000000000000000
  125. iopl=0 nv up ei pl zr ac po cy
  126. EX64+0x54654:
  127. fffff801`d1a60654 448a0401 mov r8b,byte ptr [rcx+rax] ds:ffffc000`a70d1b01=??
  128. Resetting default scope
  129.  
  130. LAST_CONTROL_TRANSFER: from fffff801b105b898 to fffff801b0fb63a0
  131.  
  132. STACK_TEXT:
  133. ffffd000`edee8df8 fffff801`b105b898 : 00000000`00000050 ffffc000`a70d1b01 00000000`00000000 ffffd000`edee8f90 : nt!KeBugCheckEx
  134. ffffd000`edee8e00 fffff801`b0eb4509 : 00000000`00000000 ffffc000`a70d1b01 ffffd000`edee8f90 ffffc000`a70d1b01 : nt!MiSystemFault+0x1048
  135. ffffd000`edee8e90 fffff801`b0fc3a9d : ffffc000`a2bc3e6d 00000000`00000000 00000000`00000000 00000000`000010a0 : nt!MmAccessFault+0x219
  136. ffffd000`edee8f90 fffff801`d1a60654 : ffffd000`edee9370 ffffc000`a2a02000 fffff801`d1a62b20 ffffc000`a78533c0 : nt!KiPageFault+0x31d
  137. ffffd000`edee9128 ffffd000`edee9370 : ffffc000`a2a02000 fffff801`d1a62b20 ffffc000`a78533c0 ffffd000`edee9370 : EX64+0x54654
  138. ffffd000`edee9130 ffffc000`a2a02000 : fffff801`d1a62b20 ffffc000`a78533c0 ffffd000`edee9370 ffffc000`d691c650 : 0xffffd000`edee9370
  139. ffffd000`edee9138 fffff801`d1a62b20 : ffffc000`a78533c0 ffffd000`edee9370 ffffc000`d691c650 00000000`00000e3c : 0xffffc000`a2a02000
  140. ffffd000`edee9140 ffffc000`a78533c0 : ffffd000`edee9370 ffffc000`d691c650 00000000`00000e3c 00000000`00000000 : EX64+0x56b20
  141. ffffd000`edee9148 ffffd000`edee9370 : ffffc000`d691c650 00000000`00000e3c 00000000`00000000 00000000`00000211 : 0xffffc000`a78533c0
  142. ffffd000`edee9150 ffffc000`d691c650 : 00000000`00000e3c 00000000`00000000 00000000`00000211 00000000`00000002 : 0xffffd000`edee9370
  143. ffffd000`edee9158 00000000`00000e3c : 00000000`00000000 00000000`00000211 00000000`00000002 fffff801`d1a4f88b : 0xffffc000`d691c650
  144. ffffd000`edee9160 00000000`00000000 : 00000000`00000211 00000000`00000002 fffff801`d1a4f88b 00000000`00000000 : 0xe3c
  145.  
  146.  
  147. THREAD_SHA1_HASH_MOD_FUNC: 47e8eefce965628f61e4e0cdbffe16196f895f04
  148.  
  149. THREAD_SHA1_HASH_MOD_FUNC_OFFSET: b005decf448f68def4f724794ef48e36d76ff9b2
  150.  
  151. THREAD_SHA1_HASH_MOD: 438f0a4d702ceaf1cfa4419dd2817de56ee93d79
  152.  
  153. FOLLOWUP_IP:
  154. EX64+54654
  155. fffff801`d1a60654 448a0401 mov r8b,byte ptr [rcx+rax]
  156.  
  157. FAULT_INSTR_CODE: 1048a44
  158.  
  159. SYMBOL_STACK_INDEX: 4
  160.  
  161. SYMBOL_NAME: EX64+54654
  162.  
  163. FOLLOWUP_NAME: MachineOwner
  164.  
  165. MODULE_NAME: EX64
  166.  
  167. IMAGE_NAME: EX64.SYS
  168.  
  169. DEBUG_FLR_IMAGE_TIMESTAMP: 5b177aeb
  170.  
  171. STACK_COMMAND: .thread ; .cxr ; kb
  172.  
  173. BUCKET_ID_FUNC_OFFSET: 54654
  174.  
  175. FAILURE_BUCKET_ID: AV_EX64!unknown_function
  176.  
  177. BUCKET_ID: AV_EX64!unknown_function
  178.  
  179. PRIMARY_PROBLEM_CLASS: AV_EX64!unknown_function
  180.  
  181. TARGET_TIME: 2019-11-14T14:53:02.000Z
  182.  
  183. OSBUILD: 9600
  184.  
  185. OSSERVICEPACK: 19478
  186.  
  187. SERVICEPACK_NUMBER: 0
  188.  
  189. OS_REVISION: 0
  190.  
  191. SUITE_MASK: 16
  192.  
  193. PRODUCT_TYPE: 3
  194.  
  195. OSPLATFORM_TYPE: x64
  196.  
  197. OSNAME: Windows 8.1
  198.  
  199. OSEDITION: Windows 8.1 Server TerminalServer
  200.  
  201. OS_LOCALE:
  202.  
  203. USER_LCID: 0
  204.  
  205. OSBUILD_TIMESTAMP: 2019-08-31 08:06:47
  206.  
  207. BUILDDATESTAMP_STR: 190831-0600
  208.  
  209. BUILDLAB_STR: winblue_ltsb
  210.  
  211. BUILDOSVER_STR: 6.3.9600.19478.amd64fre.winblue_ltsb.190831-0600
  212.  
  213. ANALYSIS_SESSION_ELAPSED_TIME: cf7
  214.  
  215. ANALYSIS_SOURCE: KM
  216.  
  217. FAILURE_ID_HASH_STRING: km:av_ex64!unknown_function
  218.  
  219. FAILURE_ID_HASH: {36c0e73b-48b3-22e8-78ad-b2ca7320b916}
  220.  
  221. Followup: MachineOwner
  222. ---------
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!