dhucul
How do I cheat?
![]() Reputation: 0
Joined: 04 Mar 2016
Posts: 1
|
 Posted: Sat Mar 05, 2016 5:09 pm Post subject: dbvm crashes windows |
 |
|
Microsoft (R) Windows Debugger Version 10.0.10240.9 AMD64
Copyright (c) Microsoft Corporation. All rights reserved.
Loading Dump File [C:\temp\030516-16625-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available
************* Symbol Path validation summary **************
Response Time (ms) Location
Deferred Executable search path is:
No .natvis files found at C:\Program Files (x86)\Windows Kits\10\Debuggers\x64\Visualizers.
Windows 10 Kernel Version 10586 MP (4 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 10586.122.amd64fre.th2_release_inmarket.160222-1549
Machine Name:
Kernel base = 0xfffff801`d1875000 PsLoadedModuleList = 0xfffff801`d1b53cf0
Debug session time: Sat Mar 5 13:57:14.187 2016 (UTC - 8:00)
System Uptime: 0 days 1:21:52.455
Loading Kernel Symbols
...............................................................
................................................................
................................................
Loading User Symbols
Loading unloaded module list
.........
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
Use !analyze -v to get detailed debugging information.
BugCheck D1, {18, ff, 0, fffff80078c3bf4f}
*** WARNING: Unable to verify timestamp for dbk64.sys
*** ERROR: Module load completed but symbols could not be loaded for dbk64.sys
Probably caused by : dbk64.sys ( dbk64+bf4f )
Followup: MachineOwner
---------
3: kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1)
An attempt was made to access a pageable (or completely invalid) address at an
interrupt request level (IRQL) that is too high. This is usually
caused by drivers using improper addresses.
If kernel debugger is available get stack backtrace.
Arguments:
Arg1: 0000000000000018, memory referenced
Arg2: 00000000000000ff, IRQL
Arg3: 0000000000000000, value 0 = read operation, 1 = write operation
Arg4: fffff80078c3bf4f, address which referenced memory
Debugging Details:
------------------
SYSTEM_SKU: SKU
SYSTEM_VERSION: System Version
BIOS_DATE: 01/28/2016
BASEBOARD_PRODUCT: Z170-A
BASEBOARD_VERSION: Rev 1.xx
BUGCHECK_P1: 18
BUGCHECK_P2: ff
BUGCHECK_P3: 0
BUGCHECK_P4: fffff80078c3bf4f
READ_ADDRESS: fffff801d1bf3520: Unable to get MiVisibleState
0000000000000018
CURRENT_IRQL: 0
FAULTING_IP:
dbk64+bf4f
fffff800`78c3bf4f 488b4018 mov rax,qword ptr [rax+18h]
ADDITIONAL_DEBUG_TEXT: The trap occurred when interrupts are disabled on the target.
BUGCHECK_STR: DISABLED_INTERRUPT_FAULT
CPU_COUNT: 4
CPU_MHZ: c78
CPU_VENDOR: GenuineIntel
CPU_FAMILY: 6
CPU_MODEL: 5e
CPU_STEPPING: 3
CUSTOMER_CRASH_COUNT: 1
DEFAULT_BUCKET_ID: WIN8_DRIVER_FAULT
PROCESS_NAME: taskhostw.exe
ANALYSIS_VERSION: 10.0.10240.9 amd64fre
TRAP_FRAME: ffffd00155170bd0 -- (.trap 0xffffd00155170bd0)
NOTE: The trap frame does not contain all registers.
Some register values may be zeroed or incorrect.
rax=0000000000000000 rbx=0000000000000000 rcx=0000000000000007
rdx=000000007ffafbff rsi=0000000000000000 rdi=0000000000000000
rip=fffff80078c3bf4f rsp=ffffd00155170d60 rbp=ffffd00155170e38
r8=00000000bfebfbff r9=0000000000000000 r10=0000000000000006
r11=ffffe0012d2960d9 r12=0000000000000000 r13=0000000000000000
r14=0000000000000000 r15=0000000000000000
iopl=0 nv up di ng nz na po nc
dbk64+0xbf4f:
fffff800`78c3bf4f 488b4018 mov rax,qword ptr [rax+18h] ds:00000000`00000018=????????????????
Resetting default scope
LAST_CONTROL_TRANSFER: from fffff801d19c1fe9 to fffff801d19b7450
STACK_TEXT:
ffffd001`55170a88 fffff801`d19c1fe9 : 00000000`0000000a 00000000`00000018 00000000`000000ff 00000000`00000000 : nt!KeBugCheckEx
ffffd001`55170a90 fffff801`d19c07c7 : ffffe001`23b13710 ffffe001`2b9c6cd8 ffffe001`2b9c6d78 00000000`00010000 : nt!KiBugCheckDispatch+0x69
ffffd001`55170bd0 fffff800`78c3bf4f : ffffe001`23020b70 ffffe001`20707249 00000000`00000000 00000000`00000000 : nt!KiPageFault+0x247
ffffd001`55170d60 ffffe001`23020b70 : ffffe001`20707249 00000000`00000000 00000000`00000000 00000000`00000000 : dbk64+0xbf4f
ffffd001`55170d68 ffffe001`20707249 : 00000000`00000000 00000000`00000000 00000000`00000000 fffff800`7576db26 : 0xffffe001`23020b70
ffffd001`55170d70 00000000`00000000 : 00000000`00000000 00000000`00000000 fffff800`7576db26 00000000`00000000 : 0xffffe001`20707249
STACK_COMMAND: kb
FOLLOWUP_IP:
dbk64+bf4f
fffff800`78c3bf4f 488b4018 mov rax,qword ptr [rax+18h]
SYMBOL_STACK_INDEX: 3
SYMBOL_NAME: dbk64+bf4f
FOLLOWUP_NAME: MachineOwner
MODULE_NAME: dbk64
IMAGE_NAME: dbk64.sys
DEBUG_FLR_IMAGE_TIMESTAMP: 567c3757
BUCKET_ID_FUNC_OFFSET: bf4f
FAILURE_BUCKET_ID: DISABLED_INTERRUPT_FAULT_dbk64!Unknown_Function
BUCKET_ID: DISABLED_INTERRUPT_FAULT_dbk64!Unknown_Function
PRIMARY_PROBLEM_CLASS: DISABLED_INTERRUPT_FAULT_dbk64!Unknown_Function
ANALYSIS_SOURCE: KM
FAILURE_ID_HASH_STRING: km:disabled_interrupt_fault_dbk64!unknown_function
FAILURE_ID_HASH: {eee99284-4df8-00fe-1805-44deba944f32}
Followup: MachineOwner
---------
3: kd> .trap 0xffffd00155170bd0
NOTE: The trap frame does not contain all registers.
Some register values may be zeroed or incorrect.
rax=0000000000000000 rbx=0000000000000000 rcx=0000000000000007
rdx=000000007ffafbff rsi=0000000000000000 rdi=0000000000000000
rip=fffff80078c3bf4f rsp=ffffd00155170d60 rbp=ffffd00155170e38
r8=00000000bfebfbff r9=0000000000000000 r10=0000000000000006
r11=ffffe0012d2960d9 r12=0000000000000000 r13=0000000000000000
r14=0000000000000000 r15=0000000000000000
iopl=0 nv up di ng nz na po nc
dbk64+0xbf4f:
fffff800`78c3bf4f 488b4018 mov rax,qword ptr [rax+18h] ds:00000000`00000018=????????????????
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
