API tools faq
paste
Advertisement
Guest User

Untitled

a guest
May 12th, 2018
536
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 26.38 KB | None | 0 0
raw download clone embed print report
  1.  
  2. Microsoft (R) Windows Debugger Version 10.0.17134.12 AMD64
  3. Copyright (c) Microsoft Corporation. All rights reserved.
  4.  
  5.  
  6. Loading Dump File [C:\Users\mcbac\Downloads\Telegram Desktop\051118-7109-01.dmp]
  7. Mini Kernel Dump File: Only registers and stack trace are available
  8.  
  9. Symbol search path is: srv*
  10. Executable search path is:
  11. Windows 10 Kernel Version 16299 MP (8 procs) Free x64
  12. Product: WinNt, suite: TerminalServer SingleUserTS Personal
  13. Built by: 16299.15.amd64fre.rs3_release.170928-1534
  14. Machine Name:
  15. Kernel base = 0xfffff800`2ce82000 PsLoadedModuleList = 0xfffff800`2d1e3ff0
  16. Debug session time: Fri May 11 15:06:43.772 2018 (UTC - 3:00)
  17. System Uptime: 0 days 0:04:12.499
  18. Loading Kernel Symbols
  19. .
  20.  
  21. Press ctrl-c (cdb, kd, ntsd) or ctrl-break (windbg) to abort symbol loads that take too long.
  22. Run !sym noisy before .reload to track down problems loading symbols.
  23.  
  24. ..............................................................
  25. ................................................................
  26. ................................................................
  27. ...
  28. Loading User Symbols
  29. Loading unloaded module list
  30. ...........
  31. *******************************************************************************
  32. * *
  33. * Bugcheck Analysis *
  34. * *
  35. *******************************************************************************
  36.  
  37. Use !analyze -v to get detailed debugging information.
  38.  
  39. BugCheck 12B, {ffffffffc00002c4, cf6, 294a80, ffffd181b0f20000}
  40.  
  41. *** WARNING: Unable to verify timestamp for win32k.sys
  42. *** ERROR: Module load completed but symbols could not be loaded for win32k.sys
  43. Probably caused by : ntkrnlmp.exe ( nt!ST_STORE<SM_TRAITS>::StDmPageError+f4 )
  44.  
  45. Followup: MachineOwner
  46. ---------
  47.  
  48. 2: kd> !analyze -v
  49. *******************************************************************************
  50. * *
  51. * Bugcheck Analysis *
  52. * *
  53. *******************************************************************************
  54.  
  55. FAULTY_HARDWARE_CORRUPTED_PAGE (12b)
  56. This bugcheck indicates that a single bit error was found in this page. This is a hardware memory error.
  57. Arguments:
  58. Arg1: ffffffffc00002c4, virtual address mapping the corrupted page
  59. Arg2: 0000000000000cf6, physical page number
  60. Arg3: 0000000000294a80, zero
  61. Arg4: ffffd181b0f20000, zero
  62.  
  63. Debugging Details:
  64. ------------------
  65.  
  66.  
  67. KEY_VALUES_STRING: 1
  68.  
  69.  
  70. TIMELINE_ANALYSIS: 1
  71.  
  72.  
  73. DUMP_CLASS: 1
  74.  
  75. DUMP_QUALIFIER: 400
  76.  
  77. BUILD_VERSION_STRING: 16299.15.amd64fre.rs3_release.170928-1534
  78.  
  79. SYSTEM_MANUFACTURER: LENOVO
  80.  
  81. SYSTEM_PRODUCT_NAME: 81CQ
  82.  
  83. SYSTEM_SKU: LENOVO_MT_81CQ_BU_idea_FM_
  84.  
  85. SYSTEM_VERSION: Lenovo Y720-15IKB
  86.  
  87. BIOS_VENDOR: LENOVO
  88.  
  89. BIOS_VERSION: 4GCN35WW
  90.  
  91. BIOS_DATE: 02/23/2018
  92.  
  93. BASEBOARD_MANUFACTURER: LENOVO
  94.  
  95. BASEBOARD_PRODUCT: Provence-75I
  96.  
  97. BASEBOARD_VERSION: SDK0J40688 WIN
  98.  
  99. DUMP_TYPE: 2
  100.  
  101. BUGCHECK_P1: ffffffffc00002c4
  102.  
  103. BUGCHECK_P2: cf6
  104.  
  105. BUGCHECK_P3: 294a80
  106.  
  107. BUGCHECK_P4: ffffd181b0f20000
  108.  
  109. SM_COMPRESSION_FORMAT: 3
  110.  
  111. SM_SOURCE_PFN1: 48b6e5
  112.  
  113. SM_SOURCE_PFN2: 48aee4
  114.  
  115. SM_SOURCE_OFFSET: 4a80
  116.  
  117. SM_SOURCE_SIZE: cf6
  118.  
  119. SM_TARGET_PFN: 1a89
  120.  
  121. SM_BUFFER_HASH: 133c35c0
  122.  
  123. BUGCHECK_STR: 0x12B_c00002c4_StCtDecompressFailed
  124.  
  125. CPU_COUNT: 8
  126.  
  127. CPU_MHZ: af8
  128.  
  129. CPU_VENDOR: GenuineIntel
  130.  
  131. CPU_FAMILY: 6
  132.  
  133. CPU_MODEL: 9e
  134.  
  135. CPU_STEPPING: 9
  136.  
  137. CPU_MICROCODE: 6,9e,9,0 (F,M,S,R) SIG: 84'00000000 (cache) 84'00000000 (init)
  138.  
  139. BLACKBOXBSD: 1 (!blackboxbsd)
  140.  
  141.  
  142. BLACKBOXPNP: 1 (!blackboxpnp)
  143.  
  144.  
  145. CUSTOMER_CRASH_COUNT: 1
  146.  
  147. DEFAULT_BUCKET_ID: WIN8_DRIVER_FAULT
  148.  
  149. PROCESS_NAME: MemCompression
  150.  
  151. CURRENT_IRQL: 0
  152.  
  153. ANALYSIS_SESSION_HOST: MCBACKER-LENOVO
  154.  
  155. ANALYSIS_SESSION_TIME: 05-12-2018 18:48:17.0664
  156.  
  157. ANALYSIS_VERSION: 10.0.17134.12 amd64fre
  158.  
  159. LAST_CONTROL_TRANSFER: from fffff8002d0e75ac to fffff8002cfe60e0
  160.  
  161. STACK_TEXT:
  162. ffffa58f`1f76f118 fffff800`2d0e75ac : 00000000`0000012b ffffffff`c00002c4 00000000`00000cf6 00000000`00294a80 : nt!KeBugCheckEx
  163. ffffa58f`1f76f120 fffff800`2d0e8a3e : 00000000`00000200 ffffe207`ecc5d050 00000000`00294a80 00000000`00294a80 : nt!ST_STORE<SM_TRAITS>::StDmPageError+0xf4
  164. ffffa58f`1f76f170 fffff800`2d0e8c2e : 00000000`00000004 ffffa58f`1f76f380 00000000`00000000 00000000`00000014 : nt!ST_STORE<SM_TRAITS>::StDmSinglePageCopy+0x322
  165. ffffa58f`1f76f250 fffff800`2d0e9a82 : 00000000`00000001 00000000`00004a80 ffffe207`ecc5d050 00000000`00005000 : nt!ST_STORE<SM_TRAITS>::StDmSinglePageTransfer+0xaa
  166. ffffa58f`1f76f2a0 fffff800`2d0e80aa : ffffe207`ffffffff ffffe207`e894f000 ffffa58f`1f76f380 ffffe207`edd7c1f0 : nt!ST_STORE<SM_TRAITS>::StDmpSinglePageRetrieve+0x1d6
  167. ffffa58f`1f76f340 fffff800`2d0e1f26 : ffffe207`edd7c1f0 00000000`00000000 00000000`00000001 ffffe207`ecc5e788 : nt!ST_STORE<SM_TRAITS>::StDmPageRetrieve+0xc2
  168. ffffa58f`1f76f3f0 fffff800`2d0e1e21 : ffffe207`ecc5d000 ffffa58f`1f76f510 fffff800`2d0e1e00 ffffe207`ecc5e788 : nt!SMKM_STORE<SM_TRAITS>::SmStDirectReadIssue+0x76
  169. ffffa58f`1f76f450 fffff800`2cf31a3b : ffffe207`edfe8700 ffffa58f`1f76f510 ffffe207`eddcd060 00000000`00000003 : nt!SMKM_STORE<SM_TRAITS>::SmStDirectReadCallout+0x21
  170. ffffa58f`1f76f480 fffff800`2d0e1d80 : 00000000`00000003 ffffe207`e894f000 ffffe207`ecc5d000 ffffe207`edd7c1f0 : nt!KeExpandKernelStackAndCalloutInternal+0x8b
  171. ffffa58f`1f76f4d0 fffff800`2d0e35c1 : ffffa58f`1f76f5d0 fffff800`2ce8f951 00000000`00000000 fffff800`2d0e088e : nt!SMKM_STORE<SM_TRAITS>::SmStDirectRead+0xcc
  172. ffffa58f`1f76f5a0 fffff800`2d0e0f19 : 00000000`00000000 00000000`00000000 ffffa58f`1f76f650 ffffe207`edd7c1f0 : nt!SMKM_STORE<SM_TRAITS>::SmStWorkItemQueue+0x41
  173. ffffa58f`1f76f5f0 fffff800`2d0e1197 : 00000000`0000000c 00000000`00000005 ffffe207`edd7c1f0 ffffe207`eddcd060 : nt!SMKM_STORE_MGR<SM_TRAITS>::SmIoCtxQueueWork+0x1e1
  174. ffffa58f`1f76f670 fffff800`2d0eb21e : ffffe207`00000005 ffffe207`eddcd110 00000000`00000000 ffffe207`ecc5d000 : nt!SMKM_STORE_MGR<SM_TRAITS>::SmPageRead+0x1cf
  175. ffffa58f`1f76f6e0 fffff800`2d025f00 : ffffe207`eddcd010 ffffe207`edfe8700 ffffe207`edfe8700 fffff800`2cf10fcc : nt!SmPageRead+0x2e
  176. ffffa58f`1f76f730 fffff800`2cf10d1f : 00000000`00000002 ffffa58f`1f76f7c0 ffffe207`ed540ac0 00000000`00000000 : nt!MiIssueHardFaultIo+0x114f18
  177. ffffa58f`1f76f780 fffff800`2cef1941 : 00000000`00000000 00000000`c0033333 ffffa58f`1f76fa00 00000000`00000000 : nt!MiIssueHardFault+0x17f
  178. ffffa58f`1f76f820 fffff800`2cfefc72 : 00000000`00000006 0000005a`00000000 ffffe207`edfe8700 00000217`37f35220 : nt!MmAccessFault+0xcb1
  179. ffffa58f`1f76fa00 00007ff9`bbd04eb3 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiPageFault+0x132
  180. 0000005a`fcffb950 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x00007ff9`bbd04eb3
  181.  
  182.  
  183. THREAD_SHA1_HASH_MOD_FUNC: 0e25f7e1a5e1caae3d28e6a7023983c4503045c5
  184.  
  185. THREAD_SHA1_HASH_MOD_FUNC_OFFSET: e5d19ee7530f1c6c3ecf008a9b4f24cbb19c9459
  186.  
  187. THREAD_SHA1_HASH_MOD: 82d14546c43bd06881f781d6d197c4c7f7ceb9cb
  188.  
  189. FOLLOWUP_IP:
  190. nt!ST_STORE<SM_TRAITS>::StDmPageError+f4
  191. fffff800`2d0e75ac cc int 3
  192.  
  193. FAULT_INSTR_CODE: 48c033cc
  194.  
  195. SYMBOL_STACK_INDEX: 1
  196.  
  197. SYMBOL_NAME: nt!ST_STORE<SM_TRAITS>::StDmPageError+f4
  198.  
  199. FOLLOWUP_NAME: MachineOwner
  200.  
  201. MODULE_NAME: nt
  202.  
  203. IMAGE_NAME: ntkrnlmp.exe
  204.  
  205. DEBUG_FLR_IMAGE_TIMESTAMP: 5a29b8d4
  206.  
  207. IMAGE_VERSION: 10.0.16299.125
  208.  
  209. STACK_COMMAND: .thread ; .cxr ; kb
  210.  
  211. BUCKET_ID_FUNC_OFFSET: f4
  212.  
  213. FAILURE_BUCKET_ID: 0x12B_c00002c4_StCtDecompressFailed_nt!ST_STORE_SM_TRAITS_::StDmPageError
  214.  
  215. BUCKET_ID: 0x12B_c00002c4_StCtDecompressFailed_nt!ST_STORE_SM_TRAITS_::StDmPageError
  216.  
  217. PRIMARY_PROBLEM_CLASS: 0x12B_c00002c4_StCtDecompressFailed_nt!ST_STORE_SM_TRAITS_::StDmPageError
  218.  
  219. TARGET_TIME: 2018-05-11T18:06:43.000Z
  220.  
  221. OSBUILD: 16299
  222.  
  223. OSSERVICEPACK: 125
  224.  
  225. SERVICEPACK_NUMBER: 0
  226.  
  227. OS_REVISION: 0
  228.  
  229. SUITE_MASK: 784
  230.  
  231. PRODUCT_TYPE: 1
  232.  
  233. OSPLATFORM_TYPE: x64
  234.  
  235. OSNAME: Windows 10
  236.  
  237. OSEDITION: Windows 10 WinNt TerminalServer SingleUserTS Personal
  238.  
  239. OS_LOCALE:
  240.  
  241. USER_LCID: 0
  242.  
  243. OSBUILD_TIMESTAMP: 2017-12-07 19:55:32
  244.  
  245. BUILDDATESTAMP_STR: 170928-1534
  246.  
  247. BUILDLAB_STR: rs3_release
  248.  
  249. BUILDOSVER_STR: 10.0.16299.15.amd64fre.rs3_release.170928-1534
  250.  
  251. ANALYSIS_SESSION_ELAPSED_TIME: 1626
  252.  
  253. ANALYSIS_SOURCE: KM
  254.  
  255. FAILURE_ID_HASH_STRING: km:0x12b_c00002c4_stctdecompressfailed_nt!st_store_sm_traits_::stdmpageerror
  256.  
  257. FAILURE_ID_HASH: {c6a6bb4d-3b77-dff6-2d9b-75f5d0f61a50}
  258.  
  259. Followup: MachineOwner
  260. ---------
  261.  
  262.  
  263. Microsoft (R) Windows Debugger Version 10.0.17134.12 AMD64
  264. Copyright (c) Microsoft Corporation. All rights reserved.
  265.  
  266.  
  267. Loading Dump File [C:\Users\mcbac\Downloads\Telegram Desktop\051218-12171-01.dmp]
  268. Mini Kernel Dump File: Only registers and stack trace are available
  269.  
  270. Symbol search path is: srv*
  271. Executable search path is:
  272. Windows 10 Kernel Version 16299 MP (8 procs) Free x64
  273. Product: WinNt, suite: TerminalServer SingleUserTS Personal
  274. Built by: 16299.431.amd64fre.rs3_release_svc_escrow.180502-1908
  275. Machine Name:
  276. Kernel base = 0xfffff800`c121b000 PsLoadedModuleList = 0xfffff800`c1581030
  277. Debug session time: Sat May 12 10:08:27.098 2018 (UTC - 3:00)
  278. System Uptime: 0 days 0:00:04.849
  279. Loading Kernel Symbols
  280. .
  281.  
  282. Press ctrl-c (cdb, kd, ntsd) or ctrl-break (windbg) to abort symbol loads that take too long.
  283. Run !sym noisy before .reload to track down problems loading symbols.
  284.  
  285. ..............................................................
  286. ................................................................
  287. .........
  288. Loading User Symbols
  289. Loading unloaded module list
  290. ...
  291. *******************************************************************************
  292. * *
  293. * Bugcheck Analysis *
  294. * *
  295. *******************************************************************************
  296.  
  297. Use !analyze -v to get detailed debugging information.
  298.  
  299. BugCheck 1A, {61941, ffffcc8aa5701000, 9, fffff88a2cd366d0}
  300.  
  301. Probably caused by : ntkrnlmp.exe ( nt!KiPageFault+382 )
  302.  
  303. Followup: MachineOwner
  304. ---------
  305.  
  306. 7: kd> !analyze -v
  307. *******************************************************************************
  308. * *
  309. * Bugcheck Analysis *
  310. * *
  311. *******************************************************************************
  312.  
  313. MEMORY_MANAGEMENT (1a)
  314. # Any other values for parameter 1 must be individually examined.
  315. Arguments:
  316. Arg1: 0000000000061941, The subtype of the bugcheck.
  317. Arg2: ffffcc8aa5701000
  318. Arg3: 0000000000000009
  319. Arg4: fffff88a2cd366d0
  320.  
  321. Debugging Details:
  322. ------------------
  323.  
  324.  
  325. KEY_VALUES_STRING: 1
  326.  
  327.  
  328. TIMELINE_ANALYSIS: 1
  329.  
  330.  
  331. DUMP_CLASS: 1
  332.  
  333. DUMP_QUALIFIER: 400
  334.  
  335. BUILD_VERSION_STRING: 16299.431.amd64fre.rs3_release_svc_escrow.180502-1908
  336.  
  337. DUMP_TYPE: 2
  338.  
  339. BUGCHECK_P1: 61941
  340.  
  341. BUGCHECK_P2: ffffcc8aa5701000
  342.  
  343. BUGCHECK_P3: 9
  344.  
  345. BUGCHECK_P4: fffff88a2cd366d0
  346.  
  347. BUGCHECK_STR: 0x1a_61941
  348.  
  349. CPU_COUNT: 8
  350.  
  351. CPU_MHZ: af8
  352.  
  353. CPU_VENDOR: GenuineIntel
  354.  
  355. CPU_FAMILY: 6
  356.  
  357. CPU_MODEL: 9e
  358.  
  359. CPU_STEPPING: 9
  360.  
  361. CUSTOMER_CRASH_COUNT: 1
  362.  
  363. DEFAULT_BUCKET_ID: WIN8_DRIVER_FAULT
  364.  
  365. PROCESS_NAME: System
  366.  
  367. CURRENT_IRQL: 0
  368.  
  369. ANALYSIS_SESSION_HOST: MCBACKER-LENOVO
  370.  
  371. ANALYSIS_SESSION_TIME: 05-12-2018 18:55:43.0899
  372.  
  373. ANALYSIS_VERSION: 10.0.17134.12 amd64fre
  374.  
  375. TRAP_FRAME: fffff88a2cd366d0 -- (.trap 0xfffff88a2cd366d0)
  376. NOTE: The trap frame does not contain all registers.
  377. Some register values may be zeroed or incorrect.
  378. rax=0000000000440000 rbx=0000000000000000 rcx=ffffa48404600000
  379. rdx=00002806a1101000 rsi=0000000000000000 rdi=0000000000000000
  380. rip=fffff800c13a3920 rsp=fffff88a2cd36868 rbp=0000000000000000
  381. r8=0000000000000000 r9=0000000000000800 r10=ffff8b800da07570
  382. r11=ffffa48404600000 r12=0000000000000000 r13=0000000000000000
  383. r14=0000000000000000 r15=0000000000000000
  384. iopl=0 nv up ei pl zr na po nc
  385. nt!memcpy+0xa0:
  386. fffff800`c13a3920 f30f6f040a movdqu xmm0,xmmword ptr [rdx+rcx] ds:ffffcc8a`a5701000=????????????????????????????????
  387. Resetting default scope
  388.  
  389. LAST_CONTROL_TRANSFER: from fffff800c126c671 to fffff800c1390570
  390.  
  391. STACK_TEXT:
  392. fffff88a`2cd364f8 fffff800`c126c671 : 00000000`0000001a 00000000`00061941 ffffcc8a`a5701000 00000000`00000009 : nt!KeBugCheckEx
  393. fffff88a`2cd36500 fffff800`c139ee42 : 00000000`00000000 ffff8b80`0da07570 00000000`00000000 00000000`00000000 : nt!MmAccessFault+0x1471
  394. fffff88a`2cd366d0 fffff800`c13a3920 : fffff800`c16dc18a ffff38d2`e4f48076 ffffdc88`f5bf82f0 ffffa484`04600000 : nt!KiPageFault+0x382
  395. fffff88a`2cd36868 fffff800`c16dc18a : ffff38d2`e4f48076 ffffdc88`f5bf82f0 ffffa484`04600000 ffffdc88`f5f4eca0 : nt!memcpy+0xa0
  396. fffff88a`2cd36870 fffff800`c16dbf14 : 00000000`00440000 00000000`0003f000 00000000`00200000 fffff88a`2cd36970 : nt!CcCopyBytesToUserBuffer+0x4a
  397. fffff88a`2cd368c0 fffff800`c12b1c9c : ffffdc88`ef19d440 00000000`00401000 00000000`0003f000 00000000`00800001 : nt!CcMapAndCopyFromCache+0x114
  398. fffff88a`2cd36960 fffff80d`04ad50f3 : fffff88a`2cd36a90 fffff88a`00000000 ffffdc88`00200000 ffffa484`03748ce8 : nt!CcCopyReadEx+0x12c
  399. fffff88a`2cd369f0 fffff80d`03808fbe : 00000000`000002b0 00000000`00000000 ffffdc88`f5f4eca0 ffffa484`04600000 : NTFS!NtfsCopyReadA+0x433
  400. fffff88a`2cd36cb0 fffff80d`038060d7 : fffff88a`2cd36da0 ffffdc88`f5f4ec00 ffffdc88`f35e2108 ffffdc88`f35e2010 : FLTMGR!FltpPerformFastIoCall+0x13e
  401. fffff88a`2cd36d10 fffff80d`0383b1f9 : 00000000`00000000 00000000`00200000 fffff88a`2cd36ff0 ffffffff`80000374 : FLTMGR!FltpPassThroughFastIo+0xc7
  402. fffff88a`2cd36d70 fffff800`c16e6d6b : fffff88a`2cd37168 fffff88a`2cd37168 00000000`00000000 fffff88a`2cd37168 : FLTMGR!FltpFastIoRead+0x159
  403. fffff88a`2cd36e10 fffff800`c13a2363 : fffff88a`2cd370a0 ffffffff`80000374 00000000`00000000 00000000`00000000 : nt!NtReadFile+0x43b
  404. fffff88a`2cd36f00 fffff800`c1394400 : fffff800`c122f5e8 fffff88a`2cd37970 ffffffff`80000380 00400110`fffffff0 : nt!KiSystemServiceCopyEnd+0x13
  405. fffff88a`2cd37108 fffff800`c122f5e8 : fffff88a`2cd37970 ffffffff`80000380 00400110`fffffff0 ffffdc88`f4fe8190 : nt!KiServiceLinkage
  406. fffff88a`2cd37110 fffff800`c1679065 : ffffdc88`f4fe8190 00000000`00401000 fffff88a`2cd3733c ffffa484`04600000 : nt!CmpFileReadEx+0xc0
  407. fffff88a`2cd371c0 fffff800`c17a2c73 : 00000000`00000002 fffff800`c13a3ad0 00000000`00000010 00000000`00010282 : nt!CmpFileRead+0x25
  408. fffff88a`2cd37200 fffff800`c16dd862 : 00000000`00001000 00000000`00000000 00000000`00400000 00000000`00000000 : nt!HvpReadHiveDataFromFile+0x57
  409. fffff88a`2cd37240 fffff800`c16feeb0 : 00000000`00000000 00000000`04f09000 ffffa484`00200000 00000000`00400000 : nt!HvpMapHiveImage+0x66
  410. fffff88a`2cd37300 fffff800`c16fe221 : ffffa484`0386b000 00000000`00000000 00000000`00000006 ffffa484`0386b000 : nt!HvpMapHiveImageFromFile+0x74
  411. fffff88a`2cd37370 fffff800`c1700068 : fffff88a`2cd37788 00000000`00000004 00000000`00000000 ffffa484`0386b000 : nt!HvLoadHive+0x131
  412. fffff88a`2cd37460 fffff800`c16ffa48 : 00000000`00020200 00000000`00000001 fffff88a`00020200 00000000`00000718 : nt!HvInitializeHive+0x27c
  413. fffff88a`2cd374d0 fffff800`c1676d9f : 00000000`00000000 00000000`00000048 fffff88a`2cd377a0 00000000`00000000 : nt!CmpInitializeHive+0x514
  414. fffff88a`2cd376a0 fffff800`c17d9981 : fffff800`c156ae00 00000000`00000000 00000000`00000000 00000000`00000000 : nt!CmpInitHiveFromFile+0x3d7
  415. fffff88a`2cd378b0 fffff800`c12d9967 : ffffdc88`f5f42700 ffffdc88`f5f42700 fffff800`c17d98a0 00000000`00000002 : nt!CmpLoadHiveThread+0xe1
  416. fffff88a`2cd37b10 fffff800`c1397fb6 : ffff9200`6a840180 ffffdc88`f5f42700 fffff800`c12d9920 00000000`00000000 : nt!PspSystemThreadStartup+0x47
  417. fffff88a`2cd37b60 00000000`00000000 : fffff88a`2cd38000 fffff88a`2cd31000 00000000`00000000 00000000`00000000 : nt!KiStartSystemThread+0x16
  418.  
  419.  
  420. THREAD_SHA1_HASH_MOD_FUNC: 8ba615762a7f37dfa15f9990ea4f19f9253daaa1
  421.  
  422. THREAD_SHA1_HASH_MOD_FUNC_OFFSET: a2650a986f6d292bf697237d855dc32d48701c27
  423.  
  424. THREAD_SHA1_HASH_MOD: ea6b7db3e33c975d4b694fe424b9115e19a8e914
  425.  
  426. FOLLOWUP_IP:
  427. nt!KiPageFault+382
  428. fffff800`c139ee42 85c0 test eax,eax
  429.  
  430. FAULT_INSTR_CODE: 367cc085
  431.  
  432. SYMBOL_STACK_INDEX: 2
  433.  
  434. SYMBOL_NAME: nt!KiPageFault+382
  435.  
  436. FOLLOWUP_NAME: MachineOwner
  437.  
  438. MODULE_NAME: nt
  439.  
  440. IMAGE_NAME: ntkrnlmp.exe
  441.  
  442. DEBUG_FLR_IMAGE_TIMESTAMP: 5aeaa6a2
  443.  
  444. IMAGE_VERSION: 10.0.16299.431
  445.  
  446. STACK_COMMAND: .thread ; .cxr ; kb
  447.  
  448. BUCKET_ID_FUNC_OFFSET: 382
  449.  
  450. FAILURE_BUCKET_ID: 0x1a_61941_nt!KiPageFault
  451.  
  452. BUCKET_ID: 0x1a_61941_nt!KiPageFault
  453.  
  454. PRIMARY_PROBLEM_CLASS: 0x1a_61941_nt!KiPageFault
  455.  
  456. TARGET_TIME: 2018-05-12T13:08:27.000Z
  457.  
  458. OSBUILD: 16299
  459.  
  460. OSSERVICEPACK: 431
  461.  
  462. SERVICEPACK_NUMBER: 0
  463.  
  464. OS_REVISION: 0
  465.  
  466. SUITE_MASK: 784
  467.  
  468. PRODUCT_TYPE: 1
  469.  
  470. OSPLATFORM_TYPE: x64
  471.  
  472. OSNAME: Windows 10
  473.  
  474. OSEDITION: Windows 10 WinNt TerminalServer SingleUserTS Personal
  475.  
  476. OS_LOCALE:
  477.  
  478. USER_LCID: 0
  479.  
  480. OSBUILD_TIMESTAMP: 2018-05-03 03:05:22
  481.  
  482. BUILDDATESTAMP_STR: 180502-1908
  483.  
  484. BUILDLAB_STR: rs3_release_svc_escrow
  485.  
  486. BUILDOSVER_STR: 10.0.16299.431.amd64fre.rs3_release_svc_escrow.180502-1908
  487.  
  488. ANALYSIS_SESSION_ELAPSED_TIME: 29a5
  489.  
  490. ANALYSIS_SOURCE: KM
  491.  
  492. FAILURE_ID_HASH_STRING: km:0x1a_61941_nt!kipagefault
  493.  
  494. FAILURE_ID_HASH: {60820728-e269-54d0-27b9-6b64c44bb18e}
  495.  
  496. Followup: MachineOwner
  497. ---------
  498.  
  499.  
  500. Microsoft (R) Windows Debugger Version 10.0.17134.12 AMD64
  501. Copyright (c) Microsoft Corporation. All rights reserved.
  502.  
  503.  
  504. Loading Dump File [C:\Users\mcbac\Downloads\Telegram Desktop\051118-9890-01.dmp]
  505. Mini Kernel Dump File: Only registers and stack trace are available
  506.  
  507. Symbol search path is: srv*
  508. Executable search path is:
  509. Windows 10 Kernel Version 16299 MP (8 procs) Free x64
  510. Product: WinNt, suite: TerminalServer SingleUserTS Personal
  511. Built by: 16299.15.amd64fre.rs3_release.170928-1534
  512. Machine Name:
  513. Kernel base = 0xfffff802`d320c000 PsLoadedModuleList = 0xfffff802`d356dff0
  514. Debug session time: Fri May 11 17:34:55.515 2018 (UTC - 3:00)
  515. System Uptime: 0 days 2:27:50.242
  516. Loading Kernel Symbols
  517. .
  518.  
  519. Press ctrl-c (cdb, kd, ntsd) or ctrl-break (windbg) to abort symbol loads that take too long.
  520. Run !sym noisy before .reload to track down problems loading symbols.
  521.  
  522. ..............................................................
  523. ................................................................
  524. ................................................................
  525. ......
  526. Loading User Symbols
  527. Loading unloaded module list
  528. .......
  529. *******************************************************************************
  530. * *
  531. * Bugcheck Analysis *
  532. * *
  533. *******************************************************************************
  534.  
  535. Use !analyze -v to get detailed debugging information.
  536.  
  537. BugCheck A, {ffffb5c080000240, 2, 0, fffff802d327ce65}
  538.  
  539. Probably caused by : memory_corruption ( nt!MiDispatchFault+be5 )
  540.  
  541. Followup: MachineOwner
  542. ---------
  543.  
  544. 0: kd> !analyze -v
  545. *******************************************************************************
  546. * *
  547. * Bugcheck Analysis *
  548. * *
  549. *******************************************************************************
  550.  
  551. IRQL_NOT_LESS_OR_EQUAL (a)
  552. An attempt was made to access a pageable (or completely invalid) address at an
  553. interrupt request level (IRQL) that is too high. This is usually
  554. caused by drivers using improper addresses.
  555. If a kernel debugger is available get the stack backtrace.
  556. Arguments:
  557. Arg1: ffffb5c080000240, memory referenced
  558. Arg2: 0000000000000002, IRQL
  559. Arg3: 0000000000000000, bitfield :
  560. bit 0 : value 0 = read operation, 1 = write operation
  561. bit 3 : value 0 = not an execute operation, 1 = execute operation (only on chips which support this level of status)
  562. Arg4: fffff802d327ce65, address which referenced memory
  563.  
  564. Debugging Details:
  565. ------------------
  566.  
  567.  
  568. KEY_VALUES_STRING: 1
  569.  
  570.  
  571. TIMELINE_ANALYSIS: 1
  572.  
  573.  
  574. DUMP_CLASS: 1
  575.  
  576. DUMP_QUALIFIER: 400
  577.  
  578. BUILD_VERSION_STRING: 16299.15.amd64fre.rs3_release.170928-1534
  579.  
  580. SYSTEM_MANUFACTURER: LENOVO
  581.  
  582. SYSTEM_PRODUCT_NAME: 81CQ
  583.  
  584. SYSTEM_SKU: LENOVO_MT_81CQ_BU_idea_FM_
  585.  
  586. SYSTEM_VERSION: Lenovo Y720-15IKB
  587.  
  588. BIOS_VENDOR: LENOVO
  589.  
  590. BIOS_VERSION: 4GCN35WW
  591.  
  592. BIOS_DATE: 02/23/2018
  593.  
  594. BASEBOARD_MANUFACTURER: LENOVO
  595.  
  596. BASEBOARD_PRODUCT: Provence-75I
  597.  
  598. BASEBOARD_VERSION: SDK0J40688 WIN
  599.  
  600. DUMP_TYPE: 2
  601.  
  602. BUGCHECK_P1: ffffb5c080000240
  603.  
  604. BUGCHECK_P2: 2
  605.  
  606. BUGCHECK_P3: 0
  607.  
  608. BUGCHECK_P4: fffff802d327ce65
  609.  
  610. READ_ADDRESS: fffff802d3604380: Unable to get MiVisibleState
  611. Unable to get NonPagedPoolStart
  612. Unable to get NonPagedPoolEnd
  613. Unable to get PagedPoolStart
  614. Unable to get PagedPoolEnd
  615. ffffb5c080000240
  616.  
  617. CURRENT_IRQL: 2
  618.  
  619. FAULTING_IP:
  620. nt!MiDispatchFault+be5
  621. fffff802`d327ce65 498b5500 mov rdx,qword ptr [r13]
  622.  
  623. CPU_COUNT: 8
  624.  
  625. CPU_MHZ: af8
  626.  
  627. CPU_VENDOR: GenuineIntel
  628.  
  629. CPU_FAMILY: 6
  630.  
  631. CPU_MODEL: 9e
  632.  
  633. CPU_STEPPING: 9
  634.  
  635. CPU_MICROCODE: 6,9e,9,0 (F,M,S,R) SIG: 84'00000000 (cache) 84'00000000 (init)
  636.  
  637. BLACKBOXBSD: 1 (!blackboxbsd)
  638.  
  639.  
  640. BLACKBOXPNP: 1 (!blackboxpnp)
  641.  
  642.  
  643. CUSTOMER_CRASH_COUNT: 1
  644.  
  645. DEFAULT_BUCKET_ID: WIN8_DRIVER_FAULT
  646.  
  647. BUGCHECK_STR: AV
  648.  
  649. PROCESS_NAME: svchost.exe
  650.  
  651. ANALYSIS_SESSION_HOST: MCBACKER-LENOVO
  652.  
  653. ANALYSIS_SESSION_TIME: 05-12-2018 19:01:28.0992
  654.  
  655. ANALYSIS_VERSION: 10.0.17134.12 amd64fre
  656.  
  657. TRAP_FRAME: fffff38ba5ec6ba0 -- (.trap 0xfffff38ba5ec6ba0)
  658. NOTE: The trap frame does not contain all registers.
  659. Some register values may be zeroed or incorrect.
  660. rax=0000000000000000 rbx=0000000000000000 rcx=ffffe089dfe06020
  661. rdx=0000000000000007 rsi=0000000000000000 rdi=0000000000000000
  662. rip=fffff802d32adaa4 rsp=fffff38ba5ec6d38 rbp=0000000000000005
  663. r8=000000000000001c r9=ffff9289ff180080 r10=ffffe089dc44f000
  664. r11=0000000000000000 r12=0000000000000000 r13=0000000000000000
  665. r14=0000000000000000 r15=0000000000000000
  666. iopl=0 nv up ei pl nz na pe nc
  667. nt!HvpFaultCellWithClustering+0x24:
  668. fffff802`d32adaa4 8b01 mov eax,dword ptr [rcx] ds:ffffe089`dfe06020=????????
  669. Resetting default scope
  670.  
  671. LAST_CONTROL_TRANSFER: from fffff802d337b9e9 to fffff802d33700e0
  672.  
  673. STACK_TEXT:
  674. fffff38b`a5ec6568 fffff802`d337b9e9 : 00000000`0000000a ffffb5c0`80000240 00000000`00000002 00000000`00000000 : nt!KeBugCheckEx
  675. fffff38b`a5ec6570 fffff802`d3379d7d : ffff8a80`0d902708 ffff8a80`0ded3560 00000000`00000000 00000000`00000001 : nt!KiBugCheckDispatch+0x69
  676. fffff38b`a5ec66b0 fffff802`d327ce65 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiPageFault+0x23d
  677. fffff38b`a5ec6840 fffff802`d327b316 : 00000000`00000000 ffffe089`dfe06020 fffff38b`a5ec6ba0 fffff38b`a5ec6ac0 : nt!MiDispatchFault+0xbe5
  678. fffff38b`a5ec69c0 fffff802`d3379c72 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!MmAccessFault+0x686
  679. fffff38b`a5ec6ba0 fffff802`d32adaa4 : fffff802`d370a8e6 00000000`01fdd020 fffff38b`a5ec6de0 fffff38b`a5ec7210 : nt!KiPageFault+0x132
  680. fffff38b`a5ec6d38 fffff802`d370a8e6 : 00000000`01fdd020 fffff38b`a5ec6de0 fffff38b`a5ec7210 00000000`01edb020 : nt!HvpFaultCellWithClustering+0x24
  681. fffff38b`a5ec6d40 fffff802`d36c677f : ffffe089`dc44f000 00000000`01fdd020 ffffe089`df5b7024 00000000`00000003 : nt!HvpGetCellPaged+0x76
  682. fffff38b`a5ec6d70 fffff802`d36c71dc : 00000001`ffffffff ffffe089`df593f6c 00000000`ebdc40e3 ffffe089`e2033858 : nt!CmpFindSubKeyInRoot+0x1cf
  683. fffff38b`a5ec6de0 fffff802`d370bc7b : ffffe089`e2033858 fffff38b`a5ec70a0 fffff38b`a5ec7038 fffff38b`a5ec70c0 : nt!CmpWalkOneLevel+0x69c
  684. fffff38b`a5ec6ee0 fffff802`d3707cb0 : fffff38b`0000001c fffff38b`a5ec73d0 fffff38b`a5ec7348 ffffe089`dc21c050 : nt!CmpDoParseKey+0x12db
  685. fffff38b`a5ec72d0 fffff802`d370e987 : 00000000`00000001 ffffe089`dc228001 ffff9289`00000000 ffffe089`dc217d01 : nt!CmpParseKey+0x270
  686. fffff38b`a5ec74b0 fffff802`d3706060 : ffff9289`f93dc600 fffff38b`a5ec7708 00000000`00000040 ffff9289`f4322ce0 : nt!ObpLookupObjectName+0x5b7
  687. fffff38b`a5ec7670 fffff802`d3705ced : ffffdec1`00000001 ffff9289`f4322ce0 00000000`00000000 00000000`00000000 : nt!ObOpenObjectByNameEx+0x1e0
  688. fffff38b`a5ec77b0 fffff802`d375e58e : 00000200`4ffad9b0 00000200`0087595a 00000000`00000180 00000000`00000000 : nt!CmOpenKey+0x29d
  689. fffff38b`a5ec79c0 fffff802`d337b553 : ffff9289`ff180080 00000000`0002004e 00000000`00000020 ffff9289`fabf1120 : nt!NtOpenKey+0x12
  690. fffff38b`a5ec7a00 00007ffc`b6340084 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x13
  691. 0000006c`707fe238 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x00007ffc`b6340084
  692.  
  693.  
  694. THREAD_SHA1_HASH_MOD_FUNC: 3808487299b033042c0731b5adf4cdf46f839a36
  695.  
  696. THREAD_SHA1_HASH_MOD_FUNC_OFFSET: 1fc2bf1102cc32ba8da655e6b48dcc34f4bcaa38
  697.  
  698. THREAD_SHA1_HASH_MOD: aaa5a324bf1bd3082ad2b464ee2ed2f6d50e564c
  699.  
  700. FOLLOWUP_IP:
  701. nt!MiDispatchFault+be5
  702. fffff802`d327ce65 498b5500 mov rdx,qword ptr [r13]
  703.  
  704. FAULT_INSTR_CODE: 558b49
  705.  
  706. SYMBOL_STACK_INDEX: 3
  707.  
  708. SYMBOL_NAME: nt!MiDispatchFault+be5
  709.  
  710. FOLLOWUP_NAME: MachineOwner
  711.  
  712. MODULE_NAME: nt
  713.  
  714. DEBUG_FLR_IMAGE_TIMESTAMP: 5a29b8d4
  715.  
  716. IMAGE_VERSION: 10.0.16299.125
  717.  
  718. STACK_COMMAND: .thread ; .cxr ; kb
  719.  
  720. IMAGE_NAME: memory_corruption
  721.  
  722. BUCKET_ID_FUNC_OFFSET: be5
  723.  
  724. FAILURE_BUCKET_ID: AV_nt!MiDispatchFault
  725.  
  726. BUCKET_ID: AV_nt!MiDispatchFault
  727.  
  728. PRIMARY_PROBLEM_CLASS: AV_nt!MiDispatchFault
  729.  
  730. TARGET_TIME: 2018-05-11T20:34:55.000Z
  731.  
  732. OSBUILD: 16299
  733.  
  734. OSSERVICEPACK: 125
  735.  
  736. SERVICEPACK_NUMBER: 0
  737.  
  738. OS_REVISION: 0
  739.  
  740. SUITE_MASK: 784
  741.  
  742. PRODUCT_TYPE: 1
  743.  
  744. OSPLATFORM_TYPE: x64
  745.  
  746. OSNAME: Windows 10
  747.  
  748. OSEDITION: Windows 10 WinNt TerminalServer SingleUserTS Personal
  749.  
  750. OS_LOCALE:
  751.  
  752. USER_LCID: 0
  753.  
  754. OSBUILD_TIMESTAMP: 2017-12-07 19:55:32
  755.  
  756. BUILDDATESTAMP_STR: 170928-1534
  757.  
  758. BUILDLAB_STR: rs3_release
  759.  
  760. BUILDOSVER_STR: 10.0.16299.15.amd64fre.rs3_release.170928-1534
  761.  
  762. ANALYSIS_SESSION_ELAPSED_TIME: 563a
  763.  
  764. ANALYSIS_SOURCE: KM
  765.  
  766. FAILURE_ID_HASH_STRING: km:av_nt!midispatchfault
  767.  
  768. FAILURE_ID_HASH: {c7894f84-75e4-6902-ea46-43fb07199b4f}
  769.  
  770. Followup: MachineOwner
  771. ---------
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!