Hello,
I've been trying to fix my brother's computer for a while now. It's a brand new build I helped him pick out and I personally did the physical building. This is after several computers built on my part, so I'm pretty comfortable with handling the hardware. For the life of me, I can't find out what's causing this issue.
Here's what I've tried:
Here's the computer specs:
Here's the last two minidumps:
I'd be eternally grateful if one of you could tell what's going on. I have more dumps with different errors on each if you need to take a look at those.
Thanks for your time!
I've been trying to fix my brother's computer for a while now. It's a brand new build I helped him pick out and I personally did the physical building. This is after several computers built on my part, so I'm pretty comfortable with handling the hardware. For the life of me, I can't find out what's causing this issue.
Here's what I've tried:
Uninstalled and reinstalled various drivers. Problems persisted.
Reseating components.
I thought I narrowed the fault down to the GPU; after all, the rig was temporarily on a less powerful GPU with few problems. Sent it back for a new one. Problems persisted.
I found out I couldn't do a full system restore; windows was giving me errors when I tried. Tried a fresh install of windows, completely cleaning out the drive, from an external USB. Problems persisted.
Here's the computer specs:
Here's the last two minidumps:
Microsoft (R) Windows Debugger Version 6.3.9600.17336 AMD64
Copyright (c) Microsoft Corporation. All rights reserved.
Loading Dump File [C:\Windows\Minidump\102217-17500-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available
************* Symbol Path validation summary **************
Response Time (ms) Location
Deferred srv*c:\cache*http://msdl.microsoft.com/download/symbols
Symbol search path is: srv*c:\cache*http://msdl.microsoft.com/download/symbols
Executable search path is:
Windows 8 Kernel Version 16299 MP (8 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS Personal
Built by: 16299.15.amd64fre.rs3_release.170928-1534
Machine Name:
Kernel base = 0xfffff800`bfc99000 PsLoadedModuleList = 0xfffff800`bfffafd0
Debug session time: Sun Oct 22 22:36:40.467 2017 (UTC - 4:00)
System Uptime: 0 days 6:49:04.147
Loading Kernel Symbols
.
Press ctrl-c (cdb, kd, ntsd) or ctrl-break (windbg) to abort symbol loads that take too long.
Run !sym noisy before .reload to track down problems loading symbols.
..............................................................
................................................................
.....................................
Loading User Symbols
Loading unloaded module list
..................
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
Use !analyze -v to get detailed debugging information.
BugCheck 50, {fffff0cb44dfbb28, 0, fffff099653e078d, 2}
*** ERROR: Symbol file could not be found. Defaulted to export symbols for win32kbase.sys -
Could not read faulting driver name
Probably caused by : memory_corruption
Followup: memory_corruption
---------
5: kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
PAGE_FAULT_IN_NONPAGED_AREA (50)
Invalid system memory was referenced. This cannot be protected by try-except,
it must be protected by a Probe. Typically the address is just plain bad or it
is pointing at freed memory.
Arguments:
Arg1: fffff0cb44dfbb28, memory referenced.
Arg2: 0000000000000000, value 0 = read operation, 1 = write operation.
Arg3: fffff099653e078d, If non-zero, the instruction address which referenced the bad memory
address.
Arg4: 0000000000000002, (reserved)
Debugging Details:
------------------
Could not read faulting driver name
READ_ADDRESS: unable to get nt!MmSpecialPoolStart
unable to get nt!MmSpecialPoolEnd
unable to get nt!MmPagedPoolEnd
unable to get nt!MmNonPagedPoolStart
unable to get nt!MmSizeOfNonPagedPoolInBytes
fffff0cb44dfbb28
FAULTING_IP:
win32kbase!HmgRemoveObject+28d
fffff099`653e078d 8b4708 mov eax,dword ptr [rdi+8]
MM_INTERNAL_CODE: 2
CUSTOMER_CRASH_COUNT: 1
DEFAULT_BUCKET_ID: CODE_CORRUPTION
BUGCHECK_STR: AV
PROCESS_NAME: explorer.exe
CURRENT_IRQL: 0
ANALYSIS_VERSION: 6.3.9600.17336 (debuggers(dbg).150226-1500) amd64fre
TRAP_FRAME: ffff9109b7b56fd0 -- (.trap 0xffff9109b7b56fd0)
NOTE: The trap frame does not contain all registers.
Some register values may be zeroed or incorrect.
rax=0000000000000008 rbx=0000000000000000 rcx=00000000000000ae
rdx=0000000000000006 rsi=0000000000000000 rdi=0000000000000000
rip=fffff099653e078d rsp=ffff9109b7b57160 rbp=0000000000000000
r8=fffff0cbc00006f0 r9=0000000000000001 r10=7ffffffffffffffc
r11=00007ffffffeffff r12=0000000000000000 r13=0000000000000000
r14=0000000000000000 r15=0000000000000000
iopl=0 nv up ei pl zr na po nc
win32kbase!HmgRemoveObject+0x28d:
fffff099`653e078d 8b4708 mov eax,dword ptr [rdi+8] ds:00000000`00000008=????????
Resetting default scope
LAST_CONTROL_TRANSFER: from fffff800bfe440d6 to fffff800bfdfc960
STACK_TEXT:
ffff9109`b7b56d48 fffff800`bfe440d6 : 00000000`00000050 fffff0cb`44dfbb28 00000000`00000000 ffff9109`b7b56fd0 : nt!KeBugCheckEx
ffff9109`b7b56d50 fffff800`bfd25c87 : 00000000`00000000 fffff0cb`44dfbb28 ffff9109`b7b56fd0 ffff9109`b7b56ef0 : nt!MiSystemFault+0x100fa6
ffff9109`b7b56df0 fffff800`bfe06472 : 00000000`0c0e0000 ffff9109`b7b57318 ffff9109`b7b572c0 00000000`00000000 : nt!MmAccessFault+0xae7
ffff9109`b7b56fd0 fffff099`653e078d : 00000000`00000657 fffff0cb`00000000 fffff0cb`00000000 00000000`00000000 : nt!KiPageFault+0x132
ffff9109`b7b57160 fffff099`653d0c9a : 00000000`00000000 fffff099`00000000 fffff0cb`00000001 ffff9109`00000000 : win32kbase!HmgRemoveObject+0x28d
ffff9109`b7b57210 fffff099`653d1aa1 : 00000000`00000000 00000000`00000000 fffff0cb`c4753500 00000000`00001470 : win32kbase!XEPALOBJ::vUnrefPalette+0x4a
ffff9109`b7b57270 fffff099`653b9f64 : 00000000`00000000 00000000`00000001 00000000`00000000 ffff9109`00000000 : win32kbase!SURFACE::bDeleteSurface+0x361
ffff9109`b7b57440 fffff099`653b939f : 00000000`00000c0a 00000000`00001470 00000000`00000001 00000000`00000001 : win32kbase!GreLockSprite+0x64
ffff9109`b7b57470 fffff099`653b97f3 : 00000000`00000001 00000000`00000000 fffff0cb`c4753500 ffffffff`a7050c17 : win32kbase!NtGdiCreateRectRgn+0x5ef
ffff9109`b7b574a0 fffff099`653b9404 : fffff0cb`c013a630 ffff9109`b7b57728 00000000`0a051174 fffff099`653bdb64 : win32kbase!GdiProcessCallout+0x443
ffff9109`b7b57510 fffff099`650e8529 : ffff9109`b7b57728 ffffac0b`8e3d5080 ffffac0b`8e3d5080 00000000`00000000 : win32kbase!GdiProcessCallout+0x54
ffff9109`b7b57590 fffff099`653c9f49 : ffff9109`b7b57728 00000000`00000000 ffff9109`b7b57728 ffffac0b`8deaf5c0 : win32kfull!W32pProcessCallout+0xd9
ffff9109`b7b575c0 fffff099`65a5103a : ffff9109`b7b57728 00000000`00000000 ffffac0b`88824090 ffffe084`4f0c2040 : win32kbase!W32CalloutDispatch+0x329
ffff9109`b7b57620 fffff800`c01acdd9 : 00000000`00000000 ffff9109`b7b57728 00060030`00010002 00000000`00000000 : win32k!W32CalloutDispatchThunk+0xa
ffff9109`b7b57650 fffff800`c014fd49 : ffffac0b`88824090 ffff9109`b7b57818 00000000`00000000 00000000`00000000 : nt!ExCallCallBack+0x3d
ffff9109`b7b57680 fffff800`c0150473 : 00000000`40010004 00000000`00000001 ffffac0b`8e201700 00000000`00000000 : nt!PspExitThread+0x525
ffff9109`b7b57780 fffff800`bfd1b6d7 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSchedulerApcTerminate+0x33
ffff9109`b7b577c0 fffff800`bfe000b0 : 00000000`00000000 ffff9109`b7b57850 00000000`00000000 fffff800`bfcd51d0 : nt!KiDeliverApc+0x337
ffff9109`b7b57850 fffff800`bfe07dfa : 00000000`00000000 00000000`1d35f938 00000000`ffffffff fffff800`000014ff : nt!KiInitiateUserApc+0x70
ffff9109`b7b57990 00007ffe`413e9164 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceExit+0x9f
00000000`1d35f818 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x00007ffe`413e9164
STACK_COMMAND: kb
CHKIMG_EXTENSION: !chkimg -lo 50 -d !nt
fffff800bfcaacbe-fffff800bfcaacbf 2 bytes - nt!MiUnmapLockedPagesInUserSpace+4a
[ 80 f6:00 80 ]
2 errors : !nt (fffff800bfcaacbe-fffff800bfcaacbf)
MODULE_NAME: memory_corruption
IMAGE_NAME: memory_corruption
FOLLOWUP_NAME: memory_corruption
DEBUG_FLR_IMAGE_TIMESTAMP: 0
MEMORY_CORRUPTOR: LARGE
FAILURE_BUCKET_ID: MEMORY_CORRUPTION_LARGE
BUCKET_ID: MEMORY_CORRUPTION_LARGE
ANALYSIS_SOURCE: KM
FAILURE_ID_HASH_STRING: km:memory_corruption_large
FAILURE_ID_HASH: {e29154ac-69a4-0eb8-172a-a860f73c0a3c}
Followup: memory_corruption
---------
Copyright (c) Microsoft Corporation. All rights reserved.
Loading Dump File [C:\Windows\Minidump\102217-17500-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available
************* Symbol Path validation summary **************
Response Time (ms) Location
Deferred srv*c:\cache*http://msdl.microsoft.com/download/symbols
Symbol search path is: srv*c:\cache*http://msdl.microsoft.com/download/symbols
Executable search path is:
Windows 8 Kernel Version 16299 MP (8 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS Personal
Built by: 16299.15.amd64fre.rs3_release.170928-1534
Machine Name:
Kernel base = 0xfffff800`bfc99000 PsLoadedModuleList = 0xfffff800`bfffafd0
Debug session time: Sun Oct 22 22:36:40.467 2017 (UTC - 4:00)
System Uptime: 0 days 6:49:04.147
Loading Kernel Symbols
.
Press ctrl-c (cdb, kd, ntsd) or ctrl-break (windbg) to abort symbol loads that take too long.
Run !sym noisy before .reload to track down problems loading symbols.
..............................................................
................................................................
.....................................
Loading User Symbols
Loading unloaded module list
..................
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
Use !analyze -v to get detailed debugging information.
BugCheck 50, {fffff0cb44dfbb28, 0, fffff099653e078d, 2}
*** ERROR: Symbol file could not be found. Defaulted to export symbols for win32kbase.sys -
Could not read faulting driver name
Probably caused by : memory_corruption
Followup: memory_corruption
---------
5: kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
PAGE_FAULT_IN_NONPAGED_AREA (50)
Invalid system memory was referenced. This cannot be protected by try-except,
it must be protected by a Probe. Typically the address is just plain bad or it
is pointing at freed memory.
Arguments:
Arg1: fffff0cb44dfbb28, memory referenced.
Arg2: 0000000000000000, value 0 = read operation, 1 = write operation.
Arg3: fffff099653e078d, If non-zero, the instruction address which referenced the bad memory
address.
Arg4: 0000000000000002, (reserved)
Debugging Details:
------------------
Could not read faulting driver name
READ_ADDRESS: unable to get nt!MmSpecialPoolStart
unable to get nt!MmSpecialPoolEnd
unable to get nt!MmPagedPoolEnd
unable to get nt!MmNonPagedPoolStart
unable to get nt!MmSizeOfNonPagedPoolInBytes
fffff0cb44dfbb28
FAULTING_IP:
win32kbase!HmgRemoveObject+28d
fffff099`653e078d 8b4708 mov eax,dword ptr [rdi+8]
MM_INTERNAL_CODE: 2
CUSTOMER_CRASH_COUNT: 1
DEFAULT_BUCKET_ID: CODE_CORRUPTION
BUGCHECK_STR: AV
PROCESS_NAME: explorer.exe
CURRENT_IRQL: 0
ANALYSIS_VERSION: 6.3.9600.17336 (debuggers(dbg).150226-1500) amd64fre
TRAP_FRAME: ffff9109b7b56fd0 -- (.trap 0xffff9109b7b56fd0)
NOTE: The trap frame does not contain all registers.
Some register values may be zeroed or incorrect.
rax=0000000000000008 rbx=0000000000000000 rcx=00000000000000ae
rdx=0000000000000006 rsi=0000000000000000 rdi=0000000000000000
rip=fffff099653e078d rsp=ffff9109b7b57160 rbp=0000000000000000
r8=fffff0cbc00006f0 r9=0000000000000001 r10=7ffffffffffffffc
r11=00007ffffffeffff r12=0000000000000000 r13=0000000000000000
r14=0000000000000000 r15=0000000000000000
iopl=0 nv up ei pl zr na po nc
win32kbase!HmgRemoveObject+0x28d:
fffff099`653e078d 8b4708 mov eax,dword ptr [rdi+8] ds:00000000`00000008=????????
Resetting default scope
LAST_CONTROL_TRANSFER: from fffff800bfe440d6 to fffff800bfdfc960
STACK_TEXT:
ffff9109`b7b56d48 fffff800`bfe440d6 : 00000000`00000050 fffff0cb`44dfbb28 00000000`00000000 ffff9109`b7b56fd0 : nt!KeBugCheckEx
ffff9109`b7b56d50 fffff800`bfd25c87 : 00000000`00000000 fffff0cb`44dfbb28 ffff9109`b7b56fd0 ffff9109`b7b56ef0 : nt!MiSystemFault+0x100fa6
ffff9109`b7b56df0 fffff800`bfe06472 : 00000000`0c0e0000 ffff9109`b7b57318 ffff9109`b7b572c0 00000000`00000000 : nt!MmAccessFault+0xae7
ffff9109`b7b56fd0 fffff099`653e078d : 00000000`00000657 fffff0cb`00000000 fffff0cb`00000000 00000000`00000000 : nt!KiPageFault+0x132
ffff9109`b7b57160 fffff099`653d0c9a : 00000000`00000000 fffff099`00000000 fffff0cb`00000001 ffff9109`00000000 : win32kbase!HmgRemoveObject+0x28d
ffff9109`b7b57210 fffff099`653d1aa1 : 00000000`00000000 00000000`00000000 fffff0cb`c4753500 00000000`00001470 : win32kbase!XEPALOBJ::vUnrefPalette+0x4a
ffff9109`b7b57270 fffff099`653b9f64 : 00000000`00000000 00000000`00000001 00000000`00000000 ffff9109`00000000 : win32kbase!SURFACE::bDeleteSurface+0x361
ffff9109`b7b57440 fffff099`653b939f : 00000000`00000c0a 00000000`00001470 00000000`00000001 00000000`00000001 : win32kbase!GreLockSprite+0x64
ffff9109`b7b57470 fffff099`653b97f3 : 00000000`00000001 00000000`00000000 fffff0cb`c4753500 ffffffff`a7050c17 : win32kbase!NtGdiCreateRectRgn+0x5ef
ffff9109`b7b574a0 fffff099`653b9404 : fffff0cb`c013a630 ffff9109`b7b57728 00000000`0a051174 fffff099`653bdb64 : win32kbase!GdiProcessCallout+0x443
ffff9109`b7b57510 fffff099`650e8529 : ffff9109`b7b57728 ffffac0b`8e3d5080 ffffac0b`8e3d5080 00000000`00000000 : win32kbase!GdiProcessCallout+0x54
ffff9109`b7b57590 fffff099`653c9f49 : ffff9109`b7b57728 00000000`00000000 ffff9109`b7b57728 ffffac0b`8deaf5c0 : win32kfull!W32pProcessCallout+0xd9
ffff9109`b7b575c0 fffff099`65a5103a : ffff9109`b7b57728 00000000`00000000 ffffac0b`88824090 ffffe084`4f0c2040 : win32kbase!W32CalloutDispatch+0x329
ffff9109`b7b57620 fffff800`c01acdd9 : 00000000`00000000 ffff9109`b7b57728 00060030`00010002 00000000`00000000 : win32k!W32CalloutDispatchThunk+0xa
ffff9109`b7b57650 fffff800`c014fd49 : ffffac0b`88824090 ffff9109`b7b57818 00000000`00000000 00000000`00000000 : nt!ExCallCallBack+0x3d
ffff9109`b7b57680 fffff800`c0150473 : 00000000`40010004 00000000`00000001 ffffac0b`8e201700 00000000`00000000 : nt!PspExitThread+0x525
ffff9109`b7b57780 fffff800`bfd1b6d7 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSchedulerApcTerminate+0x33
ffff9109`b7b577c0 fffff800`bfe000b0 : 00000000`00000000 ffff9109`b7b57850 00000000`00000000 fffff800`bfcd51d0 : nt!KiDeliverApc+0x337
ffff9109`b7b57850 fffff800`bfe07dfa : 00000000`00000000 00000000`1d35f938 00000000`ffffffff fffff800`000014ff : nt!KiInitiateUserApc+0x70
ffff9109`b7b57990 00007ffe`413e9164 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceExit+0x9f
00000000`1d35f818 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x00007ffe`413e9164
STACK_COMMAND: kb
CHKIMG_EXTENSION: !chkimg -lo 50 -d !nt
fffff800bfcaacbe-fffff800bfcaacbf 2 bytes - nt!MiUnmapLockedPagesInUserSpace+4a
[ 80 f6:00 80 ]
2 errors : !nt (fffff800bfcaacbe-fffff800bfcaacbf)
MODULE_NAME: memory_corruption
IMAGE_NAME: memory_corruption
FOLLOWUP_NAME: memory_corruption
DEBUG_FLR_IMAGE_TIMESTAMP: 0
MEMORY_CORRUPTOR: LARGE
FAILURE_BUCKET_ID: MEMORY_CORRUPTION_LARGE
BUCKET_ID: MEMORY_CORRUPTION_LARGE
ANALYSIS_SOURCE: KM
FAILURE_ID_HASH_STRING: km:memory_corruption_large
FAILURE_ID_HASH: {e29154ac-69a4-0eb8-172a-a860f73c0a3c}
Followup: memory_corruption
---------
Microsoft (R) Windows Debugger Version 6.3.9600.17336 AMD64
Copyright (c) Microsoft Corporation. All rights reserved.
Loading Dump File [C:\Windows\Minidump\102217-22500-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available
************* Symbol Path validation summary **************
Response Time (ms) Location
Deferred srv*c:\cache*http://msdl.microsoft.com/download/symbols
Symbol search path is: srv*c:\cache*http://msdl.microsoft.com/download/symbols
Executable search path is:
Windows 8 Kernel Version 16299 MP (8 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS Personal
Built by: 16299.15.amd64fre.rs3_release.170928-1534
Machine Name:
Kernel base = 0xfffff802`c9e8d000 PsLoadedModuleList = 0xfffff802`ca1eefd0
Debug session time: Sun Oct 22 15:33:10.084 2017 (UTC - 4:00)
System Uptime: 0 days 0:10:45.763
Loading Kernel Symbols
...............................................................
................................................................
...................................
Loading User Symbols
Loading unloaded module list
.......
*** WARNING: Unable to verify timestamp for e1i63x64.sys
*** ERROR: Module load completed but symbols could not be loaded for e1i63x64.sys
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
Use !analyze -v to get detailed debugging information.
BugCheck 1000007E, {ffffffffc0000005, fffff80342d87aa5, fffff980394ff4e8, fffff980394fed30}
Probably caused by : e1i63x64.sys ( e1i63x64+17aa5 )
Followup: MachineOwner
---------
0: kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
SYSTEM_THREAD_EXCEPTION_NOT_HANDLED_M (1000007e)
This is a very common bugcheck. Usually the exception address pinpoints
the driver/function that caused the problem. Always note this address
as well as the link date of the driver/image that contains this address.
Some common problems are exception code 0x80000003. This means a hard
coded breakpoint or assertion was hit, but this system was booted
/NODEBUG. This is not supposed to happen as developers should never have
hardcoded breakpoints in retail code, but ...
If this happens, make sure a debugger gets connected, and the
system is booted /DEBUG. This will let us see why this breakpoint is
happening.
Arguments:
Arg1: ffffffffc0000005, The exception code that was not handled
Arg2: fffff80342d87aa5, The address that the exception occurred at
Arg3: fffff980394ff4e8, Exception Record Address
Arg4: fffff980394fed30, Context Record Address
Debugging Details:
------------------
EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x%p referenced memory at 0x%p. The memory could not be %s.
FAULTING_IP:
e1i63x64+17aa5
fffff803`42d87aa5 4c8b4018 mov r8,qword ptr [rax+18h]
EXCEPTION_RECORD: fffff980394ff4e8 -- (.exr 0xfffff980394ff4e8)
ExceptionAddress: fffff80342d87aa5 (e1i63x64+0x0000000000017aa5)
ExceptionCode: c0000005 (Access violation)
ExceptionFlags: 00000000
NumberParameters: 2
Parameter[0]: 0000000000000000
Parameter[1]: ffffffffffffffff
Attempt to read from address ffffffffffffffff
CONTEXT: fffff980394fed30 -- (.cxr 0xfffff980394fed30;r)
rax=00c0850fc085ffff rbx=ffffde8061800000 rcx=ffffde8061817f00
rdx=ffffde8061da5250 rsi=ffffde8061da5840 rdi=ffffde8061800e40
rip=fffff80342d87aa5 rsp=fffff980394ff720 rbp=ffffde805de7e001
r8=ffffde8061da5840 r9=ffffde8061da58d0 r10=0000000000000000
r11=0000000000000200 r12=0000000000000000 r13=0000000000000000
r14=fffff980394ff960 r15=0000000000000000
iopl=0 nv up ei ng nz na pe nc
cs=0010 ss=0018 ds=002b es=002b fs=0053 gs=002b efl=00010282
e1i63x64+0x17aa5:
fffff803`42d87aa5 4c8b4018 mov r8,qword ptr [rax+18h] ds:002b:00c0850f`c0860017=????????????????
Last set context:
rax=00c0850fc085ffff rbx=ffffde8061800000 rcx=ffffde8061817f00
rdx=ffffde8061da5250 rsi=ffffde8061da5840 rdi=ffffde8061800e40
rip=fffff80342d87aa5 rsp=fffff980394ff720 rbp=ffffde805de7e001
r8=ffffde8061da5840 r9=ffffde8061da58d0 r10=0000000000000000
r11=0000000000000200 r12=0000000000000000 r13=0000000000000000
r14=fffff980394ff960 r15=0000000000000000
iopl=0 nv up ei ng nz na pe nc
cs=0010 ss=0018 ds=002b es=002b fs=0053 gs=002b efl=00010282
e1i63x64+0x17aa5:
fffff803`42d87aa5 4c8b4018 mov r8,qword ptr [rax+18h] ds:002b:00c0850f`c0860017=????????????????
Resetting default scope
CUSTOMER_CRASH_COUNT: 1
DEFAULT_BUCKET_ID: WIN8_DRIVER_FAULT
PROCESS_NAME: System
CURRENT_IRQL: 2
ERROR_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x%p referenced memory at 0x%p. The memory could not be %s.
EXCEPTION_PARAMETER1: 0000000000000000
EXCEPTION_PARAMETER2: ffffffffffffffff
READ_ADDRESS: unable to get nt!MmSpecialPoolStart
unable to get nt!MmSpecialPoolEnd
unable to get nt!MmPagedPoolEnd
unable to get nt!MmNonPagedPoolStart
unable to get nt!MmSizeOfNonPagedPoolInBytes
ffffffffffffffff
FOLLOWUP_IP:
e1i63x64+17aa5
fffff803`42d87aa5 4c8b4018 mov r8,qword ptr [rax+18h]
BUGCHECK_STR: AV
ANALYSIS_VERSION: 6.3.9600.17336 (debuggers(dbg).150226-1500) amd64fre
EXCEPTION_STR: 0x0
LAST_CONTROL_TRANSFER: from ffffde8061800000 to fffff80342d87aa5
STACK_TEXT:
fffff980`394ff720 ffffde80`61800000 : ffffde80`5de7e001 ffffde80`61da5840 ffffde80`61800e40 ffffde80`61800000 : e1i63x64+0x17aa5
fffff980`394ff728 ffffde80`5de7e001 : ffffde80`61da5840 ffffde80`61800e40 ffffde80`61800000 fffff803`42d87308 : 0xffffde80`61800000
fffff980`394ff730 ffffde80`61da5840 : ffffde80`61800e40 ffffde80`61800000 fffff803`42d87308 ffffde80`61da5840 : 0xffffde80`5de7e001
fffff980`394ff738 ffffde80`61800e40 : ffffde80`61800000 fffff803`42d87308 ffffde80`61da5840 00000000`00000000 : 0xffffde80`61da5840
fffff980`394ff740 ffffde80`61800000 : fffff803`42d87308 ffffde80`61da5840 00000000`00000000 ffffde80`61800e40 : 0xffffde80`61800e40
fffff980`394ff748 fffff803`42d87308 : ffffde80`61da5840 00000000`00000000 ffffde80`61800e40 fffff980`394ff788 : 0xffffde80`61800000
fffff980`394ff750 ffffde80`61da5840 : 00000000`00000000 ffffde80`61800e40 fffff980`394ff788 00000000`00000000 : e1i63x64+0x17308
fffff980`394ff758 00000000`00000000 : ffffde80`61800e40 fffff980`394ff788 00000000`00000000 00000000`00000000 : 0xffffde80`61da5840
SYMBOL_STACK_INDEX: 0
SYMBOL_NAME: e1i63x64+17aa5
FOLLOWUP_NAME: MachineOwner
MODULE_NAME: e1i63x64
IMAGE_NAME: e1i63x64.sys
DEBUG_FLR_IMAGE_TIMESTAMP: 56da0235
STACK_COMMAND: .cxr 0xfffff980394fed30 ; kb
FAILURE_BUCKET_ID: AV_e1i63x64+17aa5
BUCKET_ID: AV_e1i63x64+17aa5
ANALYSIS_SOURCE: KM
FAILURE_ID_HASH_STRING: km:av_e1i63x64+17aa5
FAILURE_ID_HASH: {456ce57a-8988-4048-6dff-fe29fabb64cb}
Followup: MachineOwner
---------
Copyright (c) Microsoft Corporation. All rights reserved.
Loading Dump File [C:\Windows\Minidump\102217-22500-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available
************* Symbol Path validation summary **************
Response Time (ms) Location
Deferred srv*c:\cache*http://msdl.microsoft.com/download/symbols
Symbol search path is: srv*c:\cache*http://msdl.microsoft.com/download/symbols
Executable search path is:
Windows 8 Kernel Version 16299 MP (8 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS Personal
Built by: 16299.15.amd64fre.rs3_release.170928-1534
Machine Name:
Kernel base = 0xfffff802`c9e8d000 PsLoadedModuleList = 0xfffff802`ca1eefd0
Debug session time: Sun Oct 22 15:33:10.084 2017 (UTC - 4:00)
System Uptime: 0 days 0:10:45.763
Loading Kernel Symbols
...............................................................
................................................................
...................................
Loading User Symbols
Loading unloaded module list
.......
*** WARNING: Unable to verify timestamp for e1i63x64.sys
*** ERROR: Module load completed but symbols could not be loaded for e1i63x64.sys
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
Use !analyze -v to get detailed debugging information.
BugCheck 1000007E, {ffffffffc0000005, fffff80342d87aa5, fffff980394ff4e8, fffff980394fed30}
Probably caused by : e1i63x64.sys ( e1i63x64+17aa5 )
Followup: MachineOwner
---------
0: kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
SYSTEM_THREAD_EXCEPTION_NOT_HANDLED_M (1000007e)
This is a very common bugcheck. Usually the exception address pinpoints
the driver/function that caused the problem. Always note this address
as well as the link date of the driver/image that contains this address.
Some common problems are exception code 0x80000003. This means a hard
coded breakpoint or assertion was hit, but this system was booted
/NODEBUG. This is not supposed to happen as developers should never have
hardcoded breakpoints in retail code, but ...
If this happens, make sure a debugger gets connected, and the
system is booted /DEBUG. This will let us see why this breakpoint is
happening.
Arguments:
Arg1: ffffffffc0000005, The exception code that was not handled
Arg2: fffff80342d87aa5, The address that the exception occurred at
Arg3: fffff980394ff4e8, Exception Record Address
Arg4: fffff980394fed30, Context Record Address
Debugging Details:
------------------
EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x%p referenced memory at 0x%p. The memory could not be %s.
FAULTING_IP:
e1i63x64+17aa5
fffff803`42d87aa5 4c8b4018 mov r8,qword ptr [rax+18h]
EXCEPTION_RECORD: fffff980394ff4e8 -- (.exr 0xfffff980394ff4e8)
ExceptionAddress: fffff80342d87aa5 (e1i63x64+0x0000000000017aa5)
ExceptionCode: c0000005 (Access violation)
ExceptionFlags: 00000000
NumberParameters: 2
Parameter[0]: 0000000000000000
Parameter[1]: ffffffffffffffff
Attempt to read from address ffffffffffffffff
CONTEXT: fffff980394fed30 -- (.cxr 0xfffff980394fed30;r)
rax=00c0850fc085ffff rbx=ffffde8061800000 rcx=ffffde8061817f00
rdx=ffffde8061da5250 rsi=ffffde8061da5840 rdi=ffffde8061800e40
rip=fffff80342d87aa5 rsp=fffff980394ff720 rbp=ffffde805de7e001
r8=ffffde8061da5840 r9=ffffde8061da58d0 r10=0000000000000000
r11=0000000000000200 r12=0000000000000000 r13=0000000000000000
r14=fffff980394ff960 r15=0000000000000000
iopl=0 nv up ei ng nz na pe nc
cs=0010 ss=0018 ds=002b es=002b fs=0053 gs=002b efl=00010282
e1i63x64+0x17aa5:
fffff803`42d87aa5 4c8b4018 mov r8,qword ptr [rax+18h] ds:002b:00c0850f`c0860017=????????????????
Last set context:
rax=00c0850fc085ffff rbx=ffffde8061800000 rcx=ffffde8061817f00
rdx=ffffde8061da5250 rsi=ffffde8061da5840 rdi=ffffde8061800e40
rip=fffff80342d87aa5 rsp=fffff980394ff720 rbp=ffffde805de7e001
r8=ffffde8061da5840 r9=ffffde8061da58d0 r10=0000000000000000
r11=0000000000000200 r12=0000000000000000 r13=0000000000000000
r14=fffff980394ff960 r15=0000000000000000
iopl=0 nv up ei ng nz na pe nc
cs=0010 ss=0018 ds=002b es=002b fs=0053 gs=002b efl=00010282
e1i63x64+0x17aa5:
fffff803`42d87aa5 4c8b4018 mov r8,qword ptr [rax+18h] ds:002b:00c0850f`c0860017=????????????????
Resetting default scope
CUSTOMER_CRASH_COUNT: 1
DEFAULT_BUCKET_ID: WIN8_DRIVER_FAULT
PROCESS_NAME: System
CURRENT_IRQL: 2
ERROR_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x%p referenced memory at 0x%p. The memory could not be %s.
EXCEPTION_PARAMETER1: 0000000000000000
EXCEPTION_PARAMETER2: ffffffffffffffff
READ_ADDRESS: unable to get nt!MmSpecialPoolStart
unable to get nt!MmSpecialPoolEnd
unable to get nt!MmPagedPoolEnd
unable to get nt!MmNonPagedPoolStart
unable to get nt!MmSizeOfNonPagedPoolInBytes
ffffffffffffffff
FOLLOWUP_IP:
e1i63x64+17aa5
fffff803`42d87aa5 4c8b4018 mov r8,qword ptr [rax+18h]
BUGCHECK_STR: AV
ANALYSIS_VERSION: 6.3.9600.17336 (debuggers(dbg).150226-1500) amd64fre
EXCEPTION_STR: 0x0
LAST_CONTROL_TRANSFER: from ffffde8061800000 to fffff80342d87aa5
STACK_TEXT:
fffff980`394ff720 ffffde80`61800000 : ffffde80`5de7e001 ffffde80`61da5840 ffffde80`61800e40 ffffde80`61800000 : e1i63x64+0x17aa5
fffff980`394ff728 ffffde80`5de7e001 : ffffde80`61da5840 ffffde80`61800e40 ffffde80`61800000 fffff803`42d87308 : 0xffffde80`61800000
fffff980`394ff730 ffffde80`61da5840 : ffffde80`61800e40 ffffde80`61800000 fffff803`42d87308 ffffde80`61da5840 : 0xffffde80`5de7e001
fffff980`394ff738 ffffde80`61800e40 : ffffde80`61800000 fffff803`42d87308 ffffde80`61da5840 00000000`00000000 : 0xffffde80`61da5840
fffff980`394ff740 ffffde80`61800000 : fffff803`42d87308 ffffde80`61da5840 00000000`00000000 ffffde80`61800e40 : 0xffffde80`61800e40
fffff980`394ff748 fffff803`42d87308 : ffffde80`61da5840 00000000`00000000 ffffde80`61800e40 fffff980`394ff788 : 0xffffde80`61800000
fffff980`394ff750 ffffde80`61da5840 : 00000000`00000000 ffffde80`61800e40 fffff980`394ff788 00000000`00000000 : e1i63x64+0x17308
fffff980`394ff758 00000000`00000000 : ffffde80`61800e40 fffff980`394ff788 00000000`00000000 00000000`00000000 : 0xffffde80`61da5840
SYMBOL_STACK_INDEX: 0
SYMBOL_NAME: e1i63x64+17aa5
FOLLOWUP_NAME: MachineOwner
MODULE_NAME: e1i63x64
IMAGE_NAME: e1i63x64.sys
DEBUG_FLR_IMAGE_TIMESTAMP: 56da0235
STACK_COMMAND: .cxr 0xfffff980394fed30 ; kb
FAILURE_BUCKET_ID: AV_e1i63x64+17aa5
BUCKET_ID: AV_e1i63x64+17aa5
ANALYSIS_SOURCE: KM
FAILURE_ID_HASH_STRING: km:av_e1i63x64+17aa5
FAILURE_ID_HASH: {456ce57a-8988-4048-6dff-fe29fabb64cb}
Followup: MachineOwner
---------
I'd be eternally grateful if one of you could tell what's going on. I have more dumps with different errors on each if you need to take a look at those.
Thanks for your time!
Facebook
Twitter
Instagram