Microsoft (R) Windows Debugger Version 10.0.18362.1 AMD64
Copyright (c) Microsoft Corporation. All rights reserved.
Loading Dump File [F:\MEMORY.DMP]
Kernel Bitmap Dump File: Kernel address space is available, User address space may not be available.
************* Path validation summary **************
Response Time (ms) Location
Deferred SRV*
Symbol search path is: SRV*
Executable search path is:
Windows 10 Kernel Version 18362 MP (4 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS Personal
Built by: 18362.1.amd64fre.19h1_release.190318-1202
Machine Name:
Kernel base = 0xfffff805`21600000 PsLoadedModuleList = 0xfffff805`21a432d0
Debug session time: Fri Jul 5 06:46:16.077 2019 (UTC + 2:00)
System Uptime: 0 days 0:18:25.813
Loading Kernel Symbols
....................................Page 20010b45f too large to be in the dump file.
Page 20010b65e too large to be in the dump file.
...........................
................................................................
................................
Loading User Symbols
PEB is paged out (Peb.Ldr = 00000045`a42f0018). Type ".hh dbgerr001" for details
Loading unloaded module list
.....
For analysis of this file, run !analyze -v
2: kd> !analyze
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
Use !analyze -v to get detailed debugging information.
BugCheck D1, {fffff804aa7c9b29, ff, 0, fffff804aa7c9b29}
Probably caused by : ntkrnlmp.exe ( nt!KiPageFault+465 )
Followup: MachineOwner
---------
2: kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1)
An attempt was made to access a pageable (or completely invalid) address at an
interrupt request level (IRQL) that is too high. This is usually
caused by drivers using improper addresses.
If kernel debugger is available get stack backtrace.
Arguments:
Arg1: fffff804aa7c9b29, memory referenced
Arg2: 00000000000000ff, IRQL
Arg3: 0000000000000000, value 0 = read operation, 1 = write operation
Arg4: fffff804aa7c9b29, address which referenced memory
Debugging Details:
------------------
KEY_VALUES_STRING: 1
PROCESSES_ANALYSIS: 1
SERVICE_ANALYSIS: 1
STACKHASH_ANALYSIS: 1
TIMELINE_ANALYSIS: 1
DUMP_CLASS: 1
DUMP_QUALIFIER: 401
BUILD_VERSION_STRING: 18362.1.amd64fre.19h1_release.190318-1202
SYSTEM_MANUFACTURER: System manufacturer
SYSTEM_PRODUCT_NAME: System Product Name
SYSTEM_SKU: SKU
SYSTEM_VERSION: System Version
BIOS_VENDOR: American Megatrends Inc.
BIOS_VERSION: 0402
BIOS_DATE: 06/09/2013
BASEBOARD_MANUFACTURER: ASUSTeK COMPUTER INC.
BASEBOARD_PRODUCT: B75M-PLUS
BASEBOARD_VERSION: Rev X.0x
DUMP_TYPE: 1
BUGCHECK_P1: fffff804aa7c9b29
BUGCHECK_P2: ff
BUGCHECK_P3: 0
BUGCHECK_P4: fffff804aa7c9b29
READ_ADDRESS: fffff804aa7c9b29
CURRENT_IRQL: 0
FAULTING_IP:
+0
fffff804`aa7c9b29 ?? ???
ADDITIONAL_DEBUG_TEXT: The trap occurred when interrupts are disabled on the target.
BUGCHECK_STR: DISABLED_INTERRUPT_FAULT
CPU_COUNT: 4
CPU_MHZ: c15
CPU_VENDOR: GenuineIntel
CPU_FAMILY: 6
CPU_MODEL: 3a
CPU_STEPPING: 9
CPU_MICROCODE: 6,3a,9,0 (F,M,S,R) SIG: 20'00000000 (cache) 20'00000000 (init)
BLACKBOXBSD: 1 (!blackboxbsd)
BLACKBOXNTFS: 1 (!blackboxntfs)
BLACKBOXWINLOGON: 1
DEFAULT_BUCKET_ID: WIN8_DRIVER_FAULT
PROCESS_NAME: Overwatch.exe
ANALYSIS_SESSION_HOST: MICHAL
ANALYSIS_SESSION_TIME: 07-05-2019 21:32:43.0453
ANALYSIS_VERSION: 10.0.18362.1 amd64fre
TRAP_FRAME: ffffe50c8df5d960 -- (.trap 0xffffe50c8df5d960)
NOTE: The trap frame does not contain all registers.
Some register values may be zeroed or incorrect.
rax=00000000ffff0ff0 rbx=0000000000000000 rcx=0000000100000002
rdx=00007ff6dfbaee08 rsi=0000000000000000 rdi=0000000000000000
rip=fffff804aa7c9b29 rsp=ffffe50c8df5daf0 rbp=ffffe50c8df5db80
r8=00007ff6dfb69998 r9=ffffbb81f9cd2000 r10=00000000000004f4
r11=0000000000000246 r12=0000000000000000 r13=0000000000000000
r14=0000000000000000 r15=0000000000000000
iopl=0 nv up di pl nz na pe nc
fffff804`aa7c9b29 ?? ???
Resetting default scope
LAST_CONTROL_TRANSFER: from fffff805217ce569 to fffff805217bc8a0
FAILED_INSTRUCTION_ADDRESS:
+0
fffff804`aa7c9b29 ?? ???
STACK_TEXT:
ffffe50c`8df5d818 fffff805`217ce569 : 00000000`0000000a fffff804`aa7c9b29 00000000`000000ff 00000000`00000000 : nt!KeBugCheckEx
ffffe50c`8df5d820 fffff805`217ca8a5 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiBugCheckDispatch+0x69
ffffe50c`8df5d960 fffff804`aa7c9b29 : fffff805`217bce1d fffff805`217cdd49 ffffe78f`f457f080 00000000`00000002 : nt!KiPageFault+0x465
ffffe50c`8df5daf0 fffff805`217bce1d : fffff805`217cdd49 ffffe78f`f457f080 00000000`00000002 00000000`00000000 : 0xfffff804`aa7c9b29
ffffe50c`8df5daf8 fffff805`217cdd49 : ffffe78f`f457f080 00000000`00000002 00000000`00000000 ffffe78f`f3dcd160 : nt!KiSaveDebugRegisterState+0x2d
ffffe50c`8df5db00 00007ffa`3c8dc224 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceUser+0x47
00000045`a41ad878 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x00007ffa`3c8dc224
THREAD_SHA1_HASH_MOD_FUNC: b4bead47f7cb411017eb64cb628ccb5b789a24a6
THREAD_SHA1_HASH_MOD_FUNC_OFFSET: a6a5bf902fc00918a21f7be74e0309737f24f2ec
THREAD_SHA1_HASH_MOD: f08ac56120cad14894587db086f77ce277bfae84
FOLLOWUP_IP:
nt!KiPageFault+465
fffff805`217ca8a5 33c0 xor eax,eax
FAULT_INSTR_CODE: ffb0c033
SYMBOL_STACK_INDEX: 2
SYMBOL_NAME: nt!KiPageFault+465
FOLLOWUP_NAME: MachineOwner
MODULE_NAME: nt
IMAGE_NAME: ntkrnlmp.exe
DEBUG_FLR_IMAGE_TIMESTAMP: 0
IMAGE_VERSION: 10.0.18362.116
STACK_COMMAND: .thread ; .cxr ; kb
BUCKET_ID_FUNC_OFFSET: 465
FAILURE_BUCKET_ID: DISABLED_INTERRUPT_FAULT_CODE_AV_BAD_IP_nt!KiPageFault
BUCKET_ID: DISABLED_INTERRUPT_FAULT_CODE_AV_BAD_IP_nt!KiPageFault
PRIMARY_PROBLEM_CLASS: DISABLED_INTERRUPT_FAULT_CODE_AV_BAD_IP_nt!KiPageFault
TARGET_TIME: 2019-07-05T04:46:16.000Z
OSBUILD: 18362
OSSERVICEPACK: 116
SERVICEPACK_NUMBER: 0
OS_REVISION: 0
SUITE_MASK: 784
PRODUCT_TYPE: 1
OSPLATFORM_TYPE: x64
OSNAME: Windows 10
OSEDITION: Windows 10 WinNt TerminalServer SingleUserTS Personal
OS_LOCALE:
USER_LCID: 0
OSBUILD_TIMESTAMP: unknown_date
BUILDDATESTAMP_STR: 190318-1202
BUILDLAB_STR: 19h1_release
BUILDOSVER_STR: 10.0.18362.1.amd64fre.19h1_release.190318-1202
ANALYSIS_SESSION_ELAPSED_TIME: 19de
ANALYSIS_SOURCE: KM
FAILURE_ID_HASH_STRING: km:disabled_interrupt_fault_code_av_bad_ip_nt!kipagefault
FAILURE_ID_HASH: {f2ab72c5-099d-9077-bfcf-ba12aa825b36}
Followup: MachineOwner
---------
2: kd> .load pde
=========================================================================================
PDE v11.3 - Copyright 2017 Andrew Richards
=========================================================================================
2: kd> !dpx
Start memory scan : 0xffffe50c8df5d818 ($csp)
End memory scan : 0xffffe50c8df5e000 (Kernel Stack Base)
rsp : 0xffffe50c8df5d818 : 0xfffff805217ce569 : nt!KiBugCheckDispatch+0x69
0xffffe50c8df5d818 : 0xfffff805217ce569 : nt!KiBugCheckDispatch+0x69
0xffffe50c8df5d908 : 0xfffff805217c3536 : nt!KiSwapContext+0x76
0xffffe50c8df5d958 : 0xfffff805217ca8a5 : nt!KiPageFault+0x465
0xffffe50c8df5d960 : 0x0000000000000000 : Trap @ ffffe50c8df5d960
0xffffe50c8df5da48 : 0xfffff80521635b54 : nt!KeDelayExecutionThread+0x3e4
0xffffe50c8df5daa0 : 0x3333333333333333 : !da "33333333"
0xffffe50c8df5dae0 : 0xffffe50c8df5daf0 : 0xfffff805217bce1d : nt!KiSaveDebugRegisterState+0x2d
0xffffe50c8df5daf0 : 0xfffff805217bce1d : nt!KiSaveDebugRegisterState+0x2d
0xffffe50c8df5daf8 : 0xfffff805217cdd49 : nt!KiSystemServiceUser+0x47
0xffffe50c8df5db00 : 0xffffe78ff457f080 : Trap @ ffffe50c8df5db00
0xffffe50c8df5dc98 : 0xffffe50c8df58000 : !du "f2845f54b85\api-ms-win-core-util-l1-1-0.dll"Has Sysnative Forums helped you? Please consider donating to help us support the site!