Microsoft (R) Windows Debugger Version 10.0.17763.132 AMD64
Copyright (c) Microsoft Corporation. All rights reserved.
Loading Dump File [F:\031819-11934-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available
************* Path validation summary **************
Response Time (ms) Location
Deferred SRV*C:\SymCache*http://msdl.microsoft.com/download/symbols
Symbol search path is: SRV*C:\SymCache*http://msdl.microsoft.com/download/symbols
Executable search path is:
Windows 7 Kernel Version 7601 (Service Pack 1) MP (8 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS Personal
Built by: 7601.24387.amd64fre.win7sp1_ldr_escrow.190305-1700
Machine Name:
Kernel base = 0xfffff800`0300a000 PsLoadedModuleList = 0xfffff800`03243c90
Debug session time: Mon Mar 18 12:21:53.548 2019 (UTC + 1:00)
System Uptime: 0 days 0:02:49.313
Loading Kernel Symbols
...............................................................
................................................................
..........................
Loading User Symbols
Loading unloaded module list
......
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
Use !analyze -v to get detailed debugging information.
BugCheck C4, {f6, 170, fffffa8013dee680, fffff880042142d9}
*** WARNING: Unable to verify timestamp for 690b33e1-0462-4e84-9bea-c7552b45432a.sys
*** ERROR: Module load completed but symbols could not be loaded for 690b33e1-0462-4e84-9bea-c7552b45432a.sys
Probably caused by : 690b33e1-0462-4e84-9bea-c7552b45432a.sys ( 690b33e1_0462_4e84_9bea_c7552b45432a+12d9 )
Followup: MachineOwner
---------
1: kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
DRIVER_VERIFIER_DETECTED_VIOLATION (c4)
A device driver attempting to corrupt the system has been caught. This is
because the driver was specified in the registry as being suspect (by the
administrator) and the kernel has enabled substantial checking of this driver.
If the driver attempts to corrupt the system, bugchecks 0xC4, 0xC1 and 0xA will
be among the most commonly seen crashes.
Arguments:
Arg1: 00000000000000f6, Referencing user handle as KernelMode.
Arg2: 0000000000000170, Handle value being referenced.
Arg3: fffffa8013dee680, Address of the current process.
Arg4: fffff880042142d9, Address inside the driver that is performing the incorrect reference.
Debugging Details:
------------------
KEY_VALUES_STRING: 1
STACKHASH_ANALYSIS: 1
TIMELINE_ANALYSIS: 1
DUMP_CLASS: 1
DUMP_QUALIFIER: 400
BUILD_VERSION_STRING: 7601.24387.amd64fre.win7sp1_ldr_escrow.190305-1700
SYSTEM_MANUFACTURER: ASUS
SYSTEM_PRODUCT_NAME: All Series
SYSTEM_SKU: All
SYSTEM_VERSION: System Version
BIOS_VENDOR: American Megatrends Inc.
BIOS_VERSION: 1402
BIOS_DATE: 01/28/2014
BASEBOARD_MANUFACTURER: ASUSTeK COMPUTER INC.
BASEBOARD_PRODUCT: MAXIMUS VI HERO
BASEBOARD_VERSION: Rev 1.xx
DUMP_TYPE: 2
BUGCHECK_P1: f6
BUGCHECK_P2: 170
BUGCHECK_P3: fffffa8013dee680
BUGCHECK_P4: fffff880042142d9
BUGCHECK_STR: 0xc4_f6
CPU_COUNT: 8
CPU_MHZ: fa0
CPU_VENDOR: GenuineIntel
CPU_FAMILY: 6
CPU_MODEL: 3c
CPU_STEPPING: 3
CPU_MICROCODE: 6,3c,3,0 (F,M,S,R) SIG: 12'00000000 (cache) 12'00000000 (init)
CUSTOMER_CRASH_COUNT: 1
DEFAULT_BUCKET_ID: WIN7_DRIVER_FAULT
PROCESS_NAME: ASUSGPUFanServ
CURRENT_IRQL: 0
ANALYSIS_SESSION_HOST: MICHAL
ANALYSIS_SESSION_TIME: 03-21-2019 15:51:24.0587
ANALYSIS_VERSION: 10.0.17763.132 amd64fre
LAST_CONTROL_TRANSFER: from fffff800035044fc to fffff8000309dba0
STACK_TEXT:
fffff880`0ddc83b8 fffff800`035044fc : 00000000`000000c4 00000000`000000f6 00000000`00000170 fffffa80`13dee680 : nt!KeBugCheckEx
fffff880`0ddc83c0 fffff800`03519ab4 : 00000000`00000170 fffffa80`13dee680 00000000`00000002 fffff980`1b9b6ff8 : nt!VerifierBugCheckIfAppropriate+0x3c
fffff880`0ddc8400 fffff800`0337daae : ffffffff`ffffffff fffff880`0ddc8630 00000000`00000000 fffff980`1afd0f00 : nt!VfCheckUserHandle+0x1b4
fffff880`0ddc84e0 fffff800`032f5e15 : fffff800`032aa500 fffff800`000f001f 00000000`00000000 fffff880`0ddc8700 : nt! ?? ::NNGAKEGL::`string'+0x17d0e
fffff880`0ddc85b0 fffff800`03519848 : fffff980`1afd0ff8 00000000`00000002 fffff880`0ddc87a8 fffff800`030a13b0 : nt!ObReferenceObjectByHandle+0x25
fffff880`0ddc8600 fffff880`042142d9 : fffff980`1b9b6ee0 00000000`00000002 fffff980`1afd0ff8 fffff880`0ddc87a8 : nt!VerifierObReferenceObjectByHandle+0x48
fffff880`0ddc8650 fffff980`1b9b6ee0 : 00000000`00000002 fffff980`1afd0ff8 fffff880`0ddc87a8 fffff880`0ddc87b8 : 690b33e1_0462_4e84_9bea_c7552b45432a+0x12d9
fffff880`0ddc8658 00000000`00000002 : fffff980`1afd0ff8 fffff880`0ddc87a8 fffff880`0ddc87b8 00000000`00000000 : 0xfffff980`1b9b6ee0
fffff880`0ddc8660 fffff980`1afd0ff8 : fffff880`0ddc87a8 fffff880`0ddc87b8 00000000`00000000 00000000`00000001 : 0x2
fffff880`0ddc8668 fffff880`0ddc87a8 : fffff880`0ddc87b8 00000000`00000000 00000000`00000001 fffff800`03504324 : 0xfffff980`1afd0ff8
fffff880`0ddc8670 fffff880`0ddc87b8 : 00000000`00000000 00000000`00000001 fffff800`03504324 ffffc3d0`f4659a00 : 0xfffff880`0ddc87a8
fffff880`0ddc8678 00000000`00000000 : 00000000`00000001 fffff800`03504324 ffffc3d0`f4659a00 fffff800`00000000 : 0xfffff880`0ddc87b8
THREAD_SHA1_HASH_MOD_FUNC: fca5c6296a59a9f4fed63cbd7fdd4db2acb04f10
THREAD_SHA1_HASH_MOD_FUNC_OFFSET: 157113a541ea308cac83b54b829b207d6aaf3d1c
THREAD_SHA1_HASH_MOD: d7663a66a9e62eff1a754c6f89085c95ec7f36cf
FOLLOWUP_IP:
690b33e1_0462_4e84_9bea_c7552b45432a+12d9
fffff880`042142d9 89442450 mov dword ptr [rsp+50h],eax
FAULT_INSTR_CODE: 50244489
SYMBOL_STACK_INDEX: 6
SYMBOL_NAME: 690b33e1_0462_4e84_9bea_c7552b45432a+12d9
FOLLOWUP_NAME: MachineOwner
MODULE_NAME: 690b33e1_0462_4e84_9bea_c7552b45432a
IMAGE_NAME: 690b33e1-0462-4e84-9bea-c7552b45432a.sys
DEBUG_FLR_IMAGE_TIMESTAMP: 540ff16d
STACK_COMMAND: .thread ; .cxr ; kb
FAILURE_BUCKET_ID: X64_0xc4_f6_690b33e1_0462_4e84_9bea_c7552b45432a+12d9
BUCKET_ID: X64_0xc4_f6_690b33e1_0462_4e84_9bea_c7552b45432a+12d9
PRIMARY_PROBLEM_CLASS: X64_0xc4_f6_690b33e1_0462_4e84_9bea_c7552b45432a+12d9
TARGET_TIME: 2019-03-18T11:21:53.000Z
OSBUILD: 7601
OSSERVICEPACK: 1000
SERVICEPACK_NUMBER: 0
OS_REVISION: 0
SUITE_MASK: 784
PRODUCT_TYPE: 1
OSPLATFORM_TYPE: x64
OSNAME: Windows 7
OSEDITION: Windows 7 WinNt (Service Pack 1) TerminalServer SingleUserTS Personal
OS_LOCALE:
USER_LCID: 0
OSBUILD_TIMESTAMP: 2019-03-06 03:38:53
BUILDDATESTAMP_STR: 190305-1700
BUILDLAB_STR: win7sp1_ldr_escrow
BUILDOSVER_STR: 6.1.7601.24387.amd64fre.win7sp1_ldr_escrow.190305-1700
ANALYSIS_SESSION_ELAPSED_TIME: 7c7
ANALYSIS_SOURCE: KM
FAILURE_ID_HASH_STRING: km:x64_0xc4_f6_690b33e1_0462_4e84_9bea_c7552b45432a+12d9
FAILURE_ID_HASH: {2beb80ad-ddb7-b3a9-ee0a-6523137b31cf}
Followup: MachineOwner
---------
1: kd> !process fffffa8013dee680
GetPointerFromAddress: unable to read from fffff800032a7000
PROCESS fffffa8013dee680
SessionId: none Cid: 1cd0 Peb: 7efdf000 ParentCid: 08bc
DirBase: 195075000 ObjectTable: fffff8a00eab8560 HandleCount: <Data Not Accessible>
Image: ASUSGPUFanServ
VadRoot fffffa8010a63a80 Vads 74 Clone 0 Private 449. Modified 495. Locked 0.
DeviceMap fffff8a001d319a0
Token fffff8a010c1b060
ReadMemory error: Cannot get nt!KeMaximumIncrement value.
fffff78000000000: Unable to get shared data
ElapsedTime 00:00:00.000
UserTime 00:00:00.000
KernelTime 00:00:00.000
QuotaPoolUsage[PagedPool] 124232
QuotaPoolUsage[NonPagedPool] 8768
Working Set Sizes (now,min,max) (1593, 50, 345) (6372KB, 200KB, 1380KB)
PeakWorkingSetSize 1593
VirtualSize 65 Mb
PeakVirtualSize 78 Mb
PageFaultCount 1628
MemoryPriority BACKGROUND
BasePriority 6
CommitCharge 536
THREAD fffffa8013df5b50 Cid 1cd0.1cd4 Teb: 000000007efdb000 Win32Thread: fffff900c3122a10 RUNNING on processor 1
IRP List:
Unable to read nt!_IRP @ fffff9801b9b6ee0
Not impersonating
GetUlongFromAddress: unable to read from fffff800031e9c20
Owning Process fffffa8013dee680 Image: ASUSGPUFanServ
Attached Process N/A Image: N/A
fffff78000000000: Unable to get shared data
Wait Start TickCount 10853
Context Switch Count 2405 IdealProcessor: 1 LargeStack
ReadMemory error: Cannot get nt!KeMaximumIncrement value.
UserTime 00:00:00.000
KernelTime 00:00:00.000
Win32 Start Address 0x0000000001367a90
Stack Init fffff8800ddc8c70 Current fffff8800ddc7d30
Base fffff8800ddc9000 Limit fffff8800ddc0000 Call 0000000000000000
Priority 7 BasePriority 6 PriorityDecrement 0 IoPriority 1 PagePriority 3
Child-SP RetAddr Call Site
fffff880`0ddc83b8 fffff800`035044fc nt!KeBugCheckEx
fffff880`0ddc83c0 fffff800`03519ab4 nt!VerifierBugCheckIfAppropriate+0x3c
fffff880`0ddc8400 fffff800`0337daae nt!VfCheckUserHandle+0x1b4
fffff880`0ddc84e0 fffff800`032f5e15 nt! ?? ::NNGAKEGL::`string'+0x17d0e
fffff880`0ddc85b0 fffff800`03519848 nt!ObReferenceObjectByHandle+0x25
fffff880`0ddc8600 fffff880`042142d9 nt!VerifierObReferenceObjectByHandle+0x48
fffff880`0ddc8650 fffff980`1b9b6ee0 690b33e1_0462_4e84_9bea_c7552b45432a+0x12d9
fffff880`0ddc8658 00000000`00000002 0xfffff980`1b9b6ee0
fffff880`0ddc8660 fffff980`1afd0ff8 0x2
fffff880`0ddc8668 fffff880`0ddc87a8 0xfffff980`1afd0ff8
fffff880`0ddc8670 fffff880`0ddc87b8 0xfffff880`0ddc87a8
fffff880`0ddc8678 00000000`00000000 0xfffff880`0ddc87b8
*** Error in reading nt!_ETHREAD @ fffffa8013e06680
1: kd> !handle
GetPointerFromAddress: unable to read from fffff800032a7000
PROCESS fffffa8013dee680
SessionId: none Cid: 1cd0 Peb: 7efdf000 ParentCid: 08bc
DirBase: 195075000 ObjectTable: fffff8a00eab8560 HandleCount: <Data Not Accessible>
Image: ASUSGPUFanServ
GetPointerFromAddress: unable to read from fffff80003226580
fffff8a00eab8560: Unable to read handle table