IRQL_NOT_LESS_OR_EQUAL (a)
An attempt was made to access a pageable (or completely invalid) address at an
interrupt request level (IRQL) that is too high. This is usually
caused by drivers using improper addresses.
If a kernel debugger is available get the stack backtrace.
Arguments:
Arg1: ffffbba33a26acc4, memory referenced
Arg2: 0000000000000002, IRQL
Arg3: 0000000000000001, bitfield :
bit 0 : value 0 = read operation, 1 = write operation
bit 3 : value 0 = not an execute operation, 1 = execute operation (only on chips which support this level of status)
Arg4: fffff8057b8a1013, address which referenced memory
Debugging Details:
------------------
*** WARNING: Unable to verify timestamp for rtwlane.sys
KEY_VALUES_STRING: 1
PROCESSES_ANALYSIS: 1
SERVICE_ANALYSIS: 1
STACKHASH_ANALYSIS: 1
TIMELINE_ANALYSIS: 1
DUMP_CLASS: 1
DUMP_QUALIFIER: 400
BUILD_VERSION_STRING: 18362.1.amd64fre.19h1_release.190318-1202
SYSTEM_MANUFACTURER: HP
SYSTEM_PRODUCT_NAME: HP Laptop 15-db0xxx
SYSTEM_SKU: 6QA33EA#AB8
SYSTEM_VERSION: Type1ProductConfigId
BIOS_VENDOR: Insyde
BIOS_VERSION: F.22
BIOS_DATE: 11/06/2019
BASEBOARD_MANUFACTURER: HP
BASEBOARD_PRODUCT: 84AE
BASEBOARD_VERSION: 86.26
DUMP_TYPE: 2
BUGCHECK_P1: ffffbba33a26acc4
BUGCHECK_P2: 2
BUGCHECK_P3: 1
BUGCHECK_P4: fffff8057b8a1013
WRITE_ADDRESS: fffff8057bd733b8: Unable to get MiVisibleState
Unable to get NonPagedPoolStart
Unable to get NonPagedPoolEnd
Unable to get PagedPoolStart
Unable to get PagedPoolEnd
ffffbba33a26acc4
CURRENT_IRQL: 2
FAULTING_IP:
nt!KeAcquireSpinLockRaiseToDpc+53
fffff805`7b8a1013 f0480fba2b00 lock bts qword ptr [rbx],0
CPU_COUNT: 4
CPU_MHZ: 9bf
CPU_VENDOR: AuthenticAMD
CPU_FAMILY: 17
CPU_MODEL: 11
CPU_STEPPING: 0
BLACKBOXBSD: 1 (!blackboxbsd)
BLACKBOXNTFS: 1 (!blackboxntfs)
BLACKBOXPNP: 1 (!blackboxpnp)
BLACKBOXWINLOGON: 1
CUSTOMER_CRASH_COUNT: 1
DEFAULT_BUCKET_ID: WIN8_DRIVER_FAULT
BUGCHECK_STR: AV
PROCESS_NAME: HD-Player.exe
ANALYSIS_SESSION_HOST: DESKTOP-ME9UFOB
ANALYSIS_SESSION_TIME: 04-18-2020 21:46:53.0410
ANALYSIS_VERSION: 10.0.18362.1 amd64fre
DPC_STACK_BASE: FFFFF8057FE6EFB0
TRAP_FRAME: fffff8057fe6eaa0 -- (.trap 0xfffff8057fe6eaa0)
NOTE: The trap frame does not contain all registers.
Some register values may be zeroed or incorrect.
rax=0000000000000000 rbx=0000000000000000 rcx=0000000000000000
rdx=0000000000000000 rsi=0000000000000000 rdi=0000000000000000
rip=fffff8057b8a1013 rsp=fffff8057fe6ec30 rbp=0000000000000080
r8=00000000503b06a1 r9=0000000001d615a6 r10=0000fffff8058b87
r11=ffff88fe34e00000 r12=0000000000000000 r13=0000000000000000
r14=0000000000000000 r15=0000000000000000
iopl=0 nv up ei pl zr na po nc
nt!KeAcquireSpinLockRaiseToDpc+0x53:
fffff805`7b8a1013 f0480fba2b00 lock bts qword ptr [rbx],0 ds:00000000`00000000=????????????????
Resetting default scope
LAST_CONTROL_TRANSFER: from fffff8057b9d41e9 to fffff8057b9c2390
STACK_TEXT:
fffff805`7fe6e958 fffff805`7b9d41e9 : 00000000`0000000a ffffbba3`3a26acc4 00000000`00000002 00000000`00000001 : nt!KeBugCheckEx
fffff805`7fe6e960 fffff805`7b9d0529 : fffff805`7f2cc688 ffffab82`3a2e71a0 fffff805`00000174 fffff805`7c2b88f8 : nt!KiBugCheckDispatch+0x69
fffff805`7fe6eaa0 fffff805`7b8a1013 : 00000000`401b0088 00000000`00000000 00000000`00000000 ffffab82`374b5000 : nt!KiPageFault+0x469
fffff805`7fe6ec30 fffff805`8b876d86 : 00000000`40000000 ffffbba3`3a26acac fffff805`782d2800 00000000`00000001 : nt!KeAcquireSpinLockRaiseToDpc+0x53
fffff805`7fe6ec60 00000000`40000000 : ffffbba3`3a26acac fffff805`782d2800 00000000`00000001 fffff805`782cf180 : rtwlane+0x476d86
fffff805`7fe6ec68 ffffbba3`3a26acac : fffff805`782d2800 00000000`00000001 fffff805`782cf180 fffff805`7b8c1d49 : 0x40000000
fffff805`7fe6ec70 fffff805`782d2800 : 00000000`00000001 fffff805`782cf180 fffff805`7b8c1d49 00000000`00000002 : 0xffffbba3`3a26acac
fffff805`7fe6ec78 00000000`00000001 : fffff805`782cf180 fffff805`7b8c1d49 00000000`00000002 00000000`00000001 : 0xfffff805`782d2800
fffff805`7fe6ec80 fffff805`782cf180 : fffff805`7b8c1d49 00000000`00000002 00000000`00000001 ffffab82`3a2fe400 : 0x1
fffff805`7fe6ec88 fffff805`7b8c1d49 : 00000000`00000002 00000000`00000001 ffffab82`3a2fe400 00000093`c8456b10 : 0xfffff805`782cf180
fffff805`7fe6ec90 fffff805`7b8c0aa9 : 00000000`0000000e 00000000`00989680 00000000`0024f217 00000000`0000002f : nt!KiProcessExpiredTimerList+0x169
fffff805`7fe6ed80 fffff805`7b9c9395 : 00000000`00000000 fffff805`782cf180 fffff805`7c327100 00000000`00000001 : nt!KiRetireDpcList+0x4e9
fffff805`7fe6efb0 fffff805`7b9c9180 : fffff805`7c2d0b30 fffff805`7c2ba37a 00000000`00000000 00000000`00000000 : nt!KxRetireDpcList+0x5
fffff90e`782a73a0 fffff805`7b9c8a35 : 00000000`00000001 fffff805`7b9c4401 ffffffff`ffffffff fffff90e`782a7460 : nt!KiDispatchInterruptContinue
fffff90e`782a73d0 fffff805`7b9c4401 : ffffffff`ffffffff fffff90e`782a7460 fffff805`7c327100 00000000`00000000 : nt!KiDpcInterruptBypass+0x25
fffff90e`782a73e0 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiInterruptDispatchNoLockNoEtw+0xb1
THREAD_SHA1_HASH_MOD_FUNC: 9d4d96ebc2cdeb45cf882476fedb5cc6a574df65
THREAD_SHA1_HASH_MOD_FUNC_OFFSET: a5b8b40a995e23f5d58653af53b0484abf737990
THREAD_SHA1_HASH_MOD: 7f157c36e2836f4cb3c0bfe34a0dc3b45aa06373
FOLLOWUP_IP:
rtwlane+476d86
fffff805`8b876d86 807b2801 cmp byte ptr [rbx+28h],1
FAULT_INSTR_CODE: 1287b80
SYMBOL_STACK_INDEX: 4
SYMBOL_NAME: rtwlane+476d86
FOLLOWUP_NAME: MachineOwner
MODULE_NAME: rtwlane
IMAGE_NAME: rtwlane.sys
DEBUG_FLR_IMAGE_TIMESTAMP: 5de76a63
STACK_COMMAND: .thread ; .cxr ; kb
BUCKET_ID_FUNC_OFFSET: 476d86
FAILURE_BUCKET_ID: AV_rtwlane!unknown_function
BUCKET_ID: AV_rtwlane!unknown_function
PRIMARY_PROBLEM_CLASS: AV_rtwlane!unknown_function
TARGET_TIME: 2020-04-18T17:25:10.000Z
OSBUILD: 18362
OSSERVICEPACK: 778
SERVICEPACK_NUMBER: 0
OS_REVISION: 0
SUITE_MASK: 272
PRODUCT_TYPE: 1
OSPLATFORM_TYPE: x64
OSNAME: Windows 10
OSEDITION: Windows 10 WinNt TerminalServer SingleUserTS
OS_LOCALE:
USER_LCID: 0
OSBUILD_TIMESTAMP: 2015-10-23 09:39:54
BUILDDATESTAMP_STR: 190318-1202
BUILDLAB_STR: 19h1_release
BUILDOSVER_STR: 10.0.18362.1.amd64fre.19h1_release.190318-1202
ANALYSIS_SESSION_ELAPSED_TIME: 5329
ANALYSIS_SOURCE: KM
FAILURE_ID_HASH_STRING: km:av_rtwlane!unknown_function
FAILURE_ID_HASH: {393a0fa0-37e7-f00b-a441-ba760fd931f1}
Followup: MachineOwner
---------
KERNEL_SECURITY_CHECK_FAILURE (139)
A kernel component has corrupted a critical data structure. The corruption
could potentially allow a malicious user to gain control of this machine.
Arguments:
Arg1: 0000000000000002, Stack cookie instrumentation code detected a stack-based
buffer overrun.
Arg2: fffff30be9370190, Address of the trap frame for the exception that caused the bugcheck
Arg3: fffff30be93700e8, Address of the exception record for the exception that caused the bugcheck
Arg4: 0000000000000000, Reserved
Debugging Details:
------------------
KEY_VALUES_STRING: 1
PROCESSES_ANALYSIS: 1
SERVICE_ANALYSIS: 1
STACKHASH_ANALYSIS: 1
TIMELINE_ANALYSIS: 1
DUMP_CLASS: 1
DUMP_QUALIFIER: 400
BUILD_VERSION_STRING: 18362.1.amd64fre.19h1_release.190318-1202
SYSTEM_MANUFACTURER: HP
SYSTEM_PRODUCT_NAME: HP Laptop 15-db0xxx
SYSTEM_SKU: 6QA33EA#AB8
SYSTEM_VERSION: Type1ProductConfigId
BIOS_VENDOR: Insyde
BIOS_VERSION: F.22
BIOS_DATE: 11/06/2019
BASEBOARD_MANUFACTURER: HP
BASEBOARD_PRODUCT: 84AE
BASEBOARD_VERSION: 86.26
DUMP_TYPE: 2
BUGCHECK_P1: 2
BUGCHECK_P2: fffff30be9370190
BUGCHECK_P3: fffff30be93700e8
BUGCHECK_P4: 0
TRAP_FRAME: ffff800000000000 -- (.trap 0xffff800000000000)
Unable to read trap frame at ffff8000`00000000
EXCEPTION_RECORD: fffff8fc7e3f1000 -- (.exr 0xfffff8fc7e3f1000)
ExceptionAddress: 0000000000000000
ExceptionCode: 1cb63867
ExceptionFlags: 0a000002
NumberParameters: 0
CPU_COUNT: 4
CPU_MHZ: 9bf
CPU_VENDOR: AuthenticAMD
CPU_FAMILY: 17
CPU_MODEL: 11
CPU_STEPPING: 0
BLACKBOXBSD: 1 (!blackboxbsd)
BLACKBOXNTFS: 1 (!blackboxntfs)
BLACKBOXPNP: 1 (!blackboxpnp)
BLACKBOXWINLOGON: 1
CUSTOMER_CRASH_COUNT: 1
BUGCHECK_STR: 0x139
PROCESS_NAME: csrss.exe
CURRENT_IRQL: 0
DEFAULT_BUCKET_ID: FAIL_FAST_STACK_COOKIE_CHECK_FAILURE
WATSON_BKT_EVENT: BEX
ERROR_CODE: (NTSTATUS) 0xc0000409 - <Unable to get error code text>
EXCEPTION_CODE: (NTSTATUS) 0xc0000409 - <Unable to get error code text>
EXCEPTION_CODE_STR: c0000409
EXCEPTION_PARAMETER1: 0000000000000002
ANALYSIS_SESSION_HOST: DESKTOP-ME9UFOB
ANALYSIS_SESSION_TIME: 04-18-2020 21:46:57.0430
ANALYSIS_VERSION: 10.0.18362.1 amd64fre
LAST_CONTROL_TRANSFER: from fffff8073c9d41e9 to fffff8073c9c2390
STACK_TEXT:
fffff30b`e936fe68 fffff807`3c9d41e9 : 00000000`00000139 00000000`00000002 fffff30b`e9370190 fffff30b`e93700e8 : nt!KeBugCheckEx
fffff30b`e936fe70 fffff807`3c9d4610 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000033 : nt!KiBugCheckDispatch+0x69
fffff30b`e936ffb0 fffff807`3c9d29a3 : 00000000`00000000 00000000`ffffff00 fffff30b`00000000 00000000`00000000 : nt!KiFastFailDispatch+0xd0
fffff30b`e9370190 fffff807`4dc67d75 : fffff807`4dc68166 00000000`00000000 fffff30b`e9370910 fffff30b`e9370400 : nt!KiRaiseSecurityCheckFailure+0x323
fffff30b`e9370328 fffff807`4dc68166 : 00000000`00000000 fffff30b`e9370910 fffff30b`e9370400 fffff807`4dcc3167 : dxgmms2!_report_gsfailure+0x5
fffff30b`e9370330 fffff807`4dc681b6 : fffff30b`e9370900 fffff807`3c8fd154 fffff30b`e93709e0 00000000`000000a2 : dxgmms2!_GSHandlerCheckCommon+0x5a
fffff30b`e9370360 fffff807`3c9cb182 : fffff30b`e9371538 fffff30b`e9370900 00000000`00000000 00000000`00000000 : dxgmms2!_GSHandlerCheck_SEH+0x42
fffff30b`e9370390 fffff807`3c8fa2c5 : fffff30b`e93712f8 00000000`00000000 fffff30b`e9370900 00007fff`ffff0000 : nt!RtlpExecuteHandlerForException+0x12
fffff30b`e93703c0 fffff807`3c8fe85e : fffff30b`e93712f8 fffff30b`e9371040 fffff30b`e93712f8 00000000`00000000 : nt!RtlDispatchException+0x4a5
fffff30b`e9370b10 fffff807`3c9d431d : fffff8fc`7e3f1000 fffff30b`e93713a0 ffff8000`00000000 00000000`0020001e : nt!KiDispatchException+0x16e
fffff30b`e93711c0 fffff807`3c9d0503 : 00000000`00000000 00000000`00000000 ffffc483`a2eef010 fffff807`3c75dd03 : nt!KiExceptionDispatch+0x11d
fffff30b`e93713a0 fffff807`4dcc3167 : ffffdb00`05580180 00000000`00040206 fffff807`3c921db5 00000000`00000000 : nt!KiPageFault+0x443
fffff30b`e9371538 ffffc483`a0127390 : fffff807`3c912399 fffff2d4`828bb0f0 ffffc483`a92280b0 fffff2d4`828bb001 : dxgmms2!VIDMM_GLOBAL::ReferenceDmaBuffer+0x187
fffff30b`e93718c8 fffff807`3c912399 : fffff2d4`828bb0f0 ffffc483`a92280b0 fffff2d4`828bb001 ffff870d`00000001 : 0xffffc483`a0127390
fffff30b`e93718d0 fffff807`4bf0d2b7 : 00000000`00000100 00000000`00000100 00000000`00000100 00000000`08000100 : nt!ExReleasePushLockExclusiveEx+0x1a9
fffff30b`e9371930 fffff807`4bf0a918 : fffff30b`e9372160 fffff2d4`828bb108 fffff30b`e93722d8 00000000`00000000 : dxgkrnl!DXGCONTEXT::Render+0x8f7
fffff30b`e9372110 fffff2ad`db665a01 : 00000000`00000000 fffff2d4`828bb0c0 fffff2d4`82932090 fffff2d4`828b9020 : dxgkrnl!DxgkCddGdiCommand+0x6e8
fffff30b`e9372740 fffff2ad`db662939 : 00000000`000208d5 00000000`000208d5 ffffc483`aad71b50 fffff2d4`828b9020 : cdd!CHwCommandBuffer::FlushGdiCommands+0x281
fffff30b`e93729c0 fffff807`3c86bcd5 : ffffc483`a6c4b0c0 ffffc483`a6c4b0c0 fffff2ad`db662460 fffff2d4`828b9020 : cdd!PresentWorkerThread+0x4d9
fffff30b`e9372c10 fffff807`3c9c9998 : ffffdb00`056c0180 ffffc483`a6c4b0c0 fffff807`3c86bc80 00000000`00000001 : nt!PspSystemThreadStartup+0x55
fffff30b`e9372c60 00000000`00000000 : fffff30b`e9373000 fffff30b`e936d000 00000000`00000000 00000000`00000000 : nt!KiStartSystemThread+0x28
THREAD_SHA1_HASH_MOD_FUNC: 9b5a7ff027b3b8f62279290097695926e755105a
THREAD_SHA1_HASH_MOD_FUNC_OFFSET: 132a678d1d7afe9a8c602b4b774c633d80371cbf
THREAD_SHA1_HASH_MOD: 3777fc073a84dfc565c7a075bad4980ca8d0a7c7
FOLLOWUP_IP:
dxgmms2!_report_gsfailure+5
fffff807`4dc67d75 cd29 int 29h
FAULT_INSTR_CODE: cccc29cd
SYMBOL_STACK_INDEX: 4
SYMBOL_NAME: dxgmms2!_report_gsfailure+5
FOLLOWUP_NAME: MachineOwner
MODULE_NAME: dxgmms2
IMAGE_NAME: dxgmms2.sys
DEBUG_FLR_IMAGE_TIMESTAMP: 5e39f19c
IMAGE_VERSION: 10.0.18362.1059
STACK_COMMAND: .thread ; .cxr ; kb
BUCKET_ID_FUNC_OFFSET: 5
FAILURE_BUCKET_ID: 0x139_MISSING_GSFRAME_dxgmms2!_report_gsfailure
BUCKET_ID: 0x139_MISSING_GSFRAME_dxgmms2!_report_gsfailure
PRIMARY_PROBLEM_CLASS: 0x139_MISSING_GSFRAME_dxgmms2!_report_gsfailure
TARGET_TIME: 2020-04-18T18:27:37.000Z
OSBUILD: 18362
OSSERVICEPACK: 778
SERVICEPACK_NUMBER: 0
OS_REVISION: 0
SUITE_MASK: 272
PRODUCT_TYPE: 1
OSPLATFORM_TYPE: x64
OSNAME: Windows 10
OSEDITION: Windows 10 WinNt TerminalServer SingleUserTS
OS_LOCALE:
USER_LCID: 0
OSBUILD_TIMESTAMP: 2015-10-23 09:39:54
BUILDDATESTAMP_STR: 190318-1202
BUILDLAB_STR: 19h1_release
BUILDOSVER_STR: 10.0.18362.1.amd64fre.19h1_release.190318-1202
ANALYSIS_SESSION_ELAPSED_TIME: 120d0
ANALYSIS_SOURCE: KM
FAILURE_ID_HASH_STRING: km:0x139_missing_gsframe_dxgmms2!_report_gsfailure
FAILURE_ID_HASH: {f40afed2-47dc-8171-8418-ea5cdc2e07a6}
Followup: MachineOwner
---------
PAGE_FAULT_IN_NONPAGED_AREA (50)
Invalid system memory was referenced. This cannot be protected by try-except.
Typically the address is just plain bad or it is pointing at freed memory.
Arguments:
Arg1: ffff8f861e105034, memory referenced.
Arg2: 0000000000000000, value 0 = read operation, 1 = write operation.
Arg3: ffffcdbe935b69bf, If non-zero, the instruction address which referenced the bad memory
address.
Arg4: 0000000000000002, (reserved)
Debugging Details:
------------------
Could not read faulting driver name
KEY_VALUES_STRING: 1
PROCESSES_ANALYSIS: 1
SERVICE_ANALYSIS: 1
STACKHASH_ANALYSIS: 1
TIMELINE_ANALYSIS: 1
DUMP_CLASS: 1
DUMP_QUALIFIER: 400
BUILD_VERSION_STRING: 18362.1.amd64fre.19h1_release.190318-1202
SYSTEM_MANUFACTURER: HP
SYSTEM_PRODUCT_NAME: HP Laptop 15-db0xxx
SYSTEM_SKU: 6QA33EA#AB8
SYSTEM_VERSION: Type1ProductConfigId
BIOS_VENDOR: Insyde
BIOS_VERSION: F.22
BIOS_DATE: 11/06/2019
BASEBOARD_MANUFACTURER: HP
BASEBOARD_PRODUCT: 84AE
BASEBOARD_VERSION: 86.26
DUMP_TYPE: 2
BUGCHECK_P1: ffff8f861e105034
BUGCHECK_P2: 0
BUGCHECK_P3: ffffcdbe935b69bf
BUGCHECK_P4: 2
READ_ADDRESS: fffff8005ad733b8: Unable to get MiVisibleState
Unable to get NonPagedPoolStart
Unable to get NonPagedPoolEnd
Unable to get PagedPoolStart
Unable to get PagedPoolEnd
ffff8f861e105034
FAULTING_IP:
win32kbase!GreEqualRgn+b
ffffcdbe`935b69bf 483902 cmp qword ptr [rdx],rax
MM_INTERNAL_CODE: 2
CPU_COUNT: 4
CPU_MHZ: 9bf
CPU_VENDOR: AuthenticAMD
CPU_FAMILY: 17
CPU_MODEL: 11
CPU_STEPPING: 0
BLACKBOXBSD: 1 (!blackboxbsd)
BLACKBOXNTFS: 1 (!blackboxntfs)
BLACKBOXPNP: 1 (!blackboxpnp)
BLACKBOXWINLOGON: 1
CUSTOMER_CRASH_COUNT: 1
DEFAULT_BUCKET_ID: WIN8_DRIVER_FAULT
BUGCHECK_STR: AV
PROCESS_NAME: chrome.exe
CURRENT_IRQL: 0
ANALYSIS_SESSION_HOST: DESKTOP-ME9UFOB
ANALYSIS_SESSION_TIME: 04-18-2020 21:46:50.0042
ANALYSIS_VERSION: 10.0.18362.1 amd64fre
TRAP_FRAME: ffff8f86562848e0 -- (.trap 0xffff8f86562848e0)
NOTE: The trap frame does not contain all registers.
Some register values may be zeroed or incorrect.
rax=0000000000000000 rbx=0000000000000000 rcx=ffff8f8656284ad8
rdx=ffff8f8656284ac0 rsi=0000000000000000 rdi=0000000000000000
rip=ffffcdbe935b69bf rsp=ffff8f8656284a70 rbp=ffff8f8656284b80
r8=ffffcd82049525f0 r9=ffffcd8204952680 r10=0000000000000000
r11=ffff8f8656284a70 r12=0000000000000000 r13=0000000000000000
r14=0000000000000000 r15=0000000000000000
iopl=0 nv up ei ng nz na po nc
win32kbase!GreEqualRgn+0xb:
ffffcdbe`935b69bf 483902 cmp qword ptr [rdx],rax ds:ffff8f86`56284ac0=ffffcd82049525f0
Resetting default scope
LAST_CONTROL_TRANSFER: from fffff8005aa2dd34 to fffff8005a9c2390
STACK_TEXT:
ffff8f86`56284638 fffff800`5aa2dd34 : 00000000`00000050 ffff8f86`1e105034 00000000`00000000 ffff8f86`562848e0 : nt!KeBugCheckEx
ffff8f86`56284640 fffff800`5a8c91af : 00000000`00000000 00000000`00000000 00000000`00000000 ffff8f86`1e105034 : nt!MiSystemFault+0x195c94
ffff8f86`56284740 fffff800`5a9d041e : ffff910f`410c8080 fffff800`6b33357e 00000000`00000000 ffffb984`799090a0 : nt!MmAccessFault+0x34f
ffff8f86`562848e0 ffffcdbe`935b69bf : 00000000`394089e0 00000000`228f0cc8 00007ffd`d35ecc60 00000000`00000000 : nt!KiPageFault+0x35e
ffff8f86`56284a70 ffffcdbe`935b652e : 00000000`015fe0d8 00000000`0181ff00 00000000`5d0408e7 00000000`39408ce0 : win32kbase!GreEqualRgn+0xb
ffff8f86`56284aa0 fffff800`5a9d3c18 : ffff910f`410c8080 00000000`0dc00c40 ffff910f`00000000 ffff910f`41f0c260 : win32kbase!NtGdiEqualRgn+0x3e
ffff8f86`56284b00 00007ffd`d4f93124 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x28
00000000`015fcf18 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x00007ffd`d4f93124
THREAD_SHA1_HASH_MOD_FUNC: 206352dee8da0fd4f0bb5b5c97d551ea62636b84
THREAD_SHA1_HASH_MOD_FUNC_OFFSET: ac7eb655d679acbcc14526d082507d3f06d98de1
THREAD_SHA1_HASH_MOD: cfb30b6fa9811382dd6a36ac1d4525de9b8c62b8
FOLLOWUP_IP:
win32kbase!GreEqualRgn+b
ffffcdbe`935b69bf 483902 cmp qword ptr [rdx],rax
FAULT_INSTR_CODE: 74023948
SYMBOL_STACK_INDEX: 4
SYMBOL_NAME: win32kbase!GreEqualRgn+b
FOLLOWUP_NAME: MachineOwner
MODULE_NAME: win32kbase
IMAGE_NAME: win32kbase.sys
DEBUG_FLR_IMAGE_TIMESTAMP: 5f964a24
IMAGE_VERSION: 10.0.18362.777
STACK_COMMAND: .thread ; .cxr ; kb
BUCKET_ID_FUNC_OFFSET: b
FAILURE_BUCKET_ID: AV_R_INVALID_win32kbase!GreEqualRgn
BUCKET_ID: AV_R_INVALID_win32kbase!GreEqualRgn
PRIMARY_PROBLEM_CLASS: AV_R_INVALID_win32kbase!GreEqualRgn
TARGET_TIME: 2020-04-17T23:46:34.000Z
OSBUILD: 18362
OSSERVICEPACK: 778
SERVICEPACK_NUMBER: 0
OS_REVISION: 0
SUITE_MASK: 272
PRODUCT_TYPE: 1
OSPLATFORM_TYPE: x64
OSNAME: Windows 10
OSEDITION: Windows 10 WinNt TerminalServer SingleUserTS
OS_LOCALE:
USER_LCID: 0
OSBUILD_TIMESTAMP: 2015-10-23 09:39:54
BUILDDATESTAMP_STR: 190318-1202
BUILDLAB_STR: 19h1_release
BUILDOSVER_STR: 10.0.18362.1.amd64fre.19h1_release.190318-1202
ANALYSIS_SESSION_ELAPSED_TIME: 3ce8
ANALYSIS_SOURCE: KM
FAILURE_ID_HASH_STRING: km:av_r_invalid_win32kbase!greequalrgn
FAILURE_ID_HASH: {f3a83209-8dca-e970-a4f1-342d35e0cf61}
Followup: MachineOwner
---------
SYSTEM_SERVICE_EXCEPTION (3b)
An exception happened while executing a system service routine.
Arguments:
Arg1: 00000000c000001d, Exception code that caused the bugcheck
Arg2: fffff807752028ff, Address of the instruction which caused the bugcheck
Arg3: ffffc8020971de90, Address of the context record for the exception that caused the bugcheck
Arg4: 0000000000000000, zero.
Debugging Details:
------------------
KEY_VALUES_STRING: 1
PROCESSES_ANALYSIS: 1
SERVICE_ANALYSIS: 1
STACKHASH_ANALYSIS: 1
TIMELINE_ANALYSIS: 1
DUMP_CLASS: 1
DUMP_QUALIFIER: 400
BUILD_VERSION_STRING: 18362.1.amd64fre.19h1_release.190318-1202
SYSTEM_MANUFACTURER: HP
SYSTEM_PRODUCT_NAME: HP Laptop 15-db0xxx
SYSTEM_SKU: 6QA33EA#AB8
SYSTEM_VERSION: Type1ProductConfigId
BIOS_VENDOR: Insyde
BIOS_VERSION: F.22
BIOS_DATE: 11/06/2019
BASEBOARD_MANUFACTURER: HP
BASEBOARD_PRODUCT: 84AE
BASEBOARD_VERSION: 86.26
DUMP_TYPE: 2
BUGCHECK_P1: c000001d
BUGCHECK_P2: fffff807752028ff
BUGCHECK_P3: ffffc8020971de90
BUGCHECK_P4: 0
EXCEPTION_CODE: (NTSTATUS) 0xc000001d - <Unable to get error code text>
FAULTING_IP:
nt!AlpcpReceiveDirectMessagePort+103
fffff807`752028ff 0f44ca cmove ecx,edx
CONTEXT: ffffc8020971de90 -- (.cxr 0xffffc8020971de90)
rax=0000000000000000 rbx=ffffffffffffffff rcx=0000000010000000
rdx=0000000000000000 rsi=ffff8403ba950f40 rdi=ffffcf001c1dcb20
rip=fffff807752028ff rsp=ffffc8020971e880 rbp=ffff8403ba950e68
r8=0000000000000000 r9=ffffc8020971e950 r10=0000000000000001
r11=ffffc8020971e8e8 r12=0000000000000000 r13=ffffc8020971e950
r14=ffff8403ba950de0 r15=ffff8403ba950ea8
iopl=0 nv up ei pl zr na po nc
cs=0010 ss=0018 ds=002b es=002b fs=0053 gs=002b efl=00050246
nt!AlpcpReceiveDirectMessagePort+0x103:
fffff807`752028ff 0f44ca cmove ecx,edx
Resetting default scope
BUGCHECK_STR: 0x3B_c000001d
CPU_COUNT: 4
CPU_MHZ: 9bf
CPU_VENDOR: AuthenticAMD
CPU_FAMILY: 17
CPU_MODEL: 11
CPU_STEPPING: 0
BLACKBOXBSD: 1 (!blackboxbsd)
BLACKBOXNTFS: 1 (!blackboxntfs)
BLACKBOXPNP: 1 (!blackboxpnp)
BLACKBOXWINLOGON: 1
CUSTOMER_CRASH_COUNT: 1
DEFAULT_BUCKET_ID: WIN8_DRIVER_FAULT
PROCESS_NAME: explorer.exe
CURRENT_IRQL: 0
ANALYSIS_SESSION_HOST: DESKTOP-ME9UFOB
ANALYSIS_SESSION_TIME: 04-18-2020 21:46:47.0753
ANALYSIS_VERSION: 10.0.18362.1 amd64fre
LAST_CONTROL_TRANSFER: from fffff8077527fb8f to fffff807752028ff
STACK_TEXT:
ffffc802`0971e880 fffff807`7527fb8f : ffffffff`ffffffff 00000000`00000000 00000000`166ab410 00000000`0f21f8a0 : nt!AlpcpReceiveDirectMessagePort+0x103
ffffc802`0971e8f0 fffff807`7527f355 : ffffc802`0971ea30 00000000`01000000 00000000`0f21ca38 00000000`00000000 : nt!AlpcpReceiveMessage+0x67f
ffffc802`0971e9d0 fffff807`74dd3c18 : ffff8403`b8aa2080 ffffc802`0971eb80 ffffc802`0971eaa8 00000000`00000000 : nt!NtAlpcSendWaitReceivePort+0x105
ffffc802`0971ea90 00007ff9`4e1fd1a4 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x28
00000000`0f21c9e8 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x00007ff9`4e1fd1a4
THREAD_SHA1_HASH_MOD_FUNC: 118b1d80862e856fc87d6c7ed6bd65c613e48e95
THREAD_SHA1_HASH_MOD_FUNC_OFFSET: 73a7b49b73b86108b80365e6fe07795bb1f95c5f
THREAD_SHA1_HASH_MOD: d084f7dfa548ce4e51810e4fd5914176ebc66791
FOLLOWUP_IP:
nt!AlpcpReceiveDirectMessagePort+103
fffff807`752028ff 0f44ca cmove ecx,edx
FAULT_INSTR_CODE: 85ca440f
SYMBOL_STACK_INDEX: 0
SYMBOL_NAME: nt!AlpcpReceiveDirectMessagePort+103
FOLLOWUP_NAME: MachineOwner
MODULE_NAME: nt
IMAGE_NAME: ntkrnlmp.exe
DEBUG_FLR_IMAGE_TIMESTAMP: 5629d63a
IMAGE_VERSION: 10.0.18362.778
STACK_COMMAND: .cxr 0xffffc8020971de90 ; kb
BUCKET_ID_FUNC_OFFSET: 103
FAILURE_BUCKET_ID: 0x3B_c000001d_nt!AlpcpReceiveDirectMessagePort
BUCKET_ID: 0x3B_c000001d_nt!AlpcpReceiveDirectMessagePort
PRIMARY_PROBLEM_CLASS: 0x3B_c000001d_nt!AlpcpReceiveDirectMessagePort
TARGET_TIME: 2020-04-17T17:11:54.000Z
OSBUILD: 18362
OSSERVICEPACK: 778
SERVICEPACK_NUMBER: 0
OS_REVISION: 0
SUITE_MASK: 272
PRODUCT_TYPE: 1
OSPLATFORM_TYPE: x64
OSNAME: Windows 10
OSEDITION: Windows 10 WinNt TerminalServer SingleUserTS
OS_LOCALE:
USER_LCID: 0
OSBUILD_TIMESTAMP: 2015-10-23 09:39:54
BUILDDATESTAMP_STR: 190318-1202
BUILDLAB_STR: 19h1_release
BUILDOSVER_STR: 10.0.18362.1.amd64fre.19h1_release.190318-1202
ANALYSIS_SESSION_ELAPSED_TIME: 18ac
ANALYSIS_SOURCE: KM
FAILURE_ID_HASH_STRING: km:0x3b_c000001d_nt!alpcpreceivedirectmessageport
FAILURE_ID_HASH: {f0937606-c413-6b38-f58b-23ef2f41883e}
Followup: MachineOwner
---------
DRIVER_OVERRAN_STACK_BUFFER (f7)
A driver has overrun a stack-based buffer. This overrun could potentially
allow a malicious user to gain control of this machine.
DESCRIPTION
A driver overran a stack-based buffer (or local variable) in a way that would
have overwritten the function's return address and jumped back to an arbitrary
address when the function returned. This is the classic "buffer overrun"
hacking attack and the system has been brought down to prevent a malicious user
from gaining complete control of it.
Do a kb to get a stack backtrace -- the last routine on the stack before the
buffer overrun handlers and bugcheck call is the one that overran its local
variable(s).
Arguments:
Arg1: 0000000000000648, Actual security check cookie from the stack
Arg2: 0000c3daceb0a7a5, Expected security check cookie
Arg3: ffffd466d2205dcd, Complement of the expected security check cookie
Arg4: 0000000000000000, zero
Debugging Details:
------------------
KEY_VALUES_STRING: 1
PROCESSES_ANALYSIS: 1
SERVICE_ANALYSIS: 1
STACKHASH_ANALYSIS: 1
TIMELINE_ANALYSIS: 1
DUMP_CLASS: 1
DUMP_QUALIFIER: 400
BUILD_VERSION_STRING: 18362.1.amd64fre.19h1_release.190318-1202
SYSTEM_MANUFACTURER: HP
SYSTEM_PRODUCT_NAME: HP Laptop 15-db0xxx
SYSTEM_SKU: 6QA33EA#AB8
SYSTEM_VERSION: Type1ProductConfigId
BIOS_VENDOR: Insyde
BIOS_VERSION: F.22
BIOS_DATE: 11/06/2019
BASEBOARD_MANUFACTURER: HP
BASEBOARD_PRODUCT: 84AE
BASEBOARD_VERSION: 86.26
DUMP_TYPE: 2
BUGCHECK_P1: 648
BUGCHECK_P2: c3daceb0a7a5
BUGCHECK_P3: ffffd466d2205dcd
BUGCHECK_P4: 0
SECURITY_COOKIE: Expected 0000c3daceb0a7a5 found 0000000000000648
CPU_COUNT: 4
CPU_MHZ: 9bf
CPU_VENDOR: AuthenticAMD
CPU_FAMILY: 17
CPU_MODEL: 11
CPU_STEPPING: 0
BLACKBOXBSD: 1 (!blackboxbsd)
BLACKBOXNTFS: 1 (!blackboxntfs)
BLACKBOXPNP: 1 (!blackboxpnp)
BLACKBOXWINLOGON: 1
CUSTOMER_CRASH_COUNT: 1
DEFAULT_BUCKET_ID: WIN8_DRIVER_FAULT
BUGCHECK_STR: 0xF7
PROCESS_NAME: chrome.exe
CURRENT_IRQL: a
ANALYSIS_SESSION_HOST: DESKTOP-ME9UFOB
ANALYSIS_SESSION_TIME: 04-18-2020 21:46:39.0657
ANALYSIS_VERSION: 10.0.18362.1 amd64fre
LAST_CONTROL_TRANSFER: from fffff8033136c69b to fffff8031b7c2390
STACK_TEXT:
fffff803`1f674918 fffff803`3136c69b : 00000000`000000f7 00000000`00000648 0000c3da`ceb0a7a5 ffffd466`d2205dcd : nt!KeBugCheckEx
fffff803`1f674920 00000000`000000f7 : 00000000`00000648 0000c3da`ceb0a7a5 ffffd466`d2205dcd 00000000`00000000 : atikmdag+0xec69b
fffff803`1f674928 00000000`00000648 : 0000c3da`ceb0a7a5 ffffd466`d2205dcd 00000000`00000000 00000000`00000000 : 0xf7
fffff803`1f674930 0000c3da`ceb0a7a5 : ffffd466`d2205dcd 00000000`00000000 00000000`00000000 00000000`00000000 : 0x648
fffff803`1f674938 ffffd466`d2205dcd : 00000000`00000000 00000000`00000000 00000000`00000000 fffff803`3136c3ee : 0x0000c3da`ceb0a7a5
fffff803`1f674940 00000000`00000000 : 00000000`00000000 00000000`00000000 fffff803`3136c3ee ffffe58b`72ac7000 : 0xffffd466`d2205dcd
THREAD_SHA1_HASH_MOD_FUNC: 4d9ecf4533af7e9994652177d7ef14a20ac317c8
THREAD_SHA1_HASH_MOD_FUNC_OFFSET: 7f5347d3cde35a0a0e23735a756120eca29cefde
THREAD_SHA1_HASH_MOD: d69b6d99667c5b3ebfa2768f4f9ddbdec5180598
FOLLOWUP_IP:
atikmdag+ec69b
fffff803`3136c69b 0f1f440000 nop dword ptr [rax+rax]
FAULT_INSTR_CODE: 441f0f
SYMBOL_STACK_INDEX: 1
SYMBOL_NAME: atikmdag+ec69b
FOLLOWUP_NAME: MachineOwner
MODULE_NAME: atikmdag
IMAGE_NAME: atikmdag.sys
DEBUG_FLR_IMAGE_TIMESTAMP: 5e84ec45
STACK_COMMAND: .thread ; .cxr ; kb
BUCKET_ID_FUNC_OFFSET: ec69b
FAILURE_BUCKET_ID: 0xF7_MISSING_GSFRAME_atikmdag!unknown_function
BUCKET_ID: 0xF7_MISSING_GSFRAME_atikmdag!unknown_function
PRIMARY_PROBLEM_CLASS: 0xF7_MISSING_GSFRAME_atikmdag!unknown_function
TARGET_TIME: 2020-04-18T18:18:07.000Z
OSBUILD: 18362
OSSERVICEPACK: 778
SERVICEPACK_NUMBER: 0
OS_REVISION: 0
SUITE_MASK: 272
PRODUCT_TYPE: 1
OSPLATFORM_TYPE: x64
OSNAME: Windows 10
OSEDITION: Windows 10 WinNt TerminalServer SingleUserTS
OS_LOCALE:
USER_LCID: 0
OSBUILD_TIMESTAMP: 2015-10-23 09:39:54
BUILDDATESTAMP_STR: 190318-1202
BUILDLAB_STR: 19h1_release
BUILDOSVER_STR: 10.0.18362.1.amd64fre.19h1_release.190318-1202
ANALYSIS_SESSION_ELAPSED_TIME: 17981
ANALYSIS_SOURCE: KM
FAILURE_ID_HASH_STRING: km:0xf7_missing_gsframe_atikmdag!unknown_function
FAILURE_ID_HASH: {deacbb19-74cd-edab-fe73-2dddaa9b4bde}
Followup: MachineOwner
---------
