PAGE_FAULT_IN_NONPAGED_AREA (50)
Invalid system memory was referenced. This cannot be protected by try-except.
Typically the address is just plain bad or it is pointing at freed memory.
Arguments:
Arg1: ffffba8a267ad2d8, memory referenced.
Arg2: 0000000000000000, value 0 = read operation, 1 = write operation.
Arg3: fffff8016a69f8ee, If non-zero, the instruction address which referenced the bad memory
address.
Arg4: 0000000000000002, (reserved)
Debugging Details:
------------------
Could not read faulting driver name
KEY_VALUES_STRING: 1
PROCESSES_ANALYSIS: 1
SERVICE_ANALYSIS: 1
STACKHASH_ANALYSIS: 1
TIMELINE_ANALYSIS: 1
DUMP_CLASS: 1
DUMP_QUALIFIER: 400
BUILD_VERSION_STRING: 18362.1.amd64fre.19h1_release.190318-1202
DUMP_TYPE: 2
BUGCHECK_P1: ffffba8a267ad2d8
BUGCHECK_P2: 0
BUGCHECK_P3: fffff8016a69f8ee
BUGCHECK_P4: 2
READ_ADDRESS: fffff8016a3733b8: Unable to get MiVisibleState
Unable to get NonPagedPoolStart
Unable to get NonPagedPoolEnd
Unable to get PagedPoolStart
Unable to get PagedPoolEnd
ffffba8a267ad2d8
FAULTING_IP:
nt!ObpCaptureHandleInformation+8e
fffff801`6a69f8ee 410fb64118 movzx eax,byte ptr [r9+18h]
MM_INTERNAL_CODE: 2
CPU_COUNT: c
CPU_MHZ: d48
CPU_VENDOR: AuthenticAMD
CPU_FAMILY: 17
CPU_MODEL: 8
CPU_STEPPING: 2
CUSTOMER_CRASH_COUNT: 1
DEFAULT_BUCKET_ID: WIN8_DRIVER_FAULT
BUGCHECK_STR: AV
PROCESS_NAME: Steam.exe
CURRENT_IRQL: 0
ANALYSIS_SESSION_HOST: DESKTOP-BKJR0DQ
ANALYSIS_SESSION_TIME: 03-03-2020 18:34:30.0775
ANALYSIS_VERSION: 10.0.18362.1 amd64fre
TRAP_FRAME: ffff9e0ee6ab4630 -- (.trap 0xffff9e0ee6ab4630)
NOTE: The trap frame does not contain all registers.
Some register values may be zeroed or incorrect.
rax=00ffffba8a267ad2 rbx=0000000000000000 rcx=00000000000000d2
rdx=ffffba8a267ad2f0 rsi=0000000000000000 rdi=0000000000000000
rip=fffff8016a69f8ee rsp=ffff9e0ee6ab47c8 rbp=ffff8a0a3be11700
r8=0000000000000000 r9=ffffba8a267ad2c0 r10=00000000001858d0
r11=ffff9e0ee6ab4810 r12=0000000000000000 r13=0000000000000000
r14=0000000000000000 r15=0000000000000000
iopl=0 nv up ei pl nz ac po cy
nt!ObpCaptureHandleInformation+0x8e:
fffff801`6a69f8ee 410fb64118 movzx eax,byte ptr [r9+18h] ds:ffffba8a`267ad2d8=??
Resetting default scope
LAST_CONTROL_TRANSFER: from fffff80169fe36d6 to fffff80169fc1510
STACK_TEXT:
ffff9e0e`e6ab4388 fffff801`69fe36d6 : 00000000`00000050 ffffba8a`267ad2d8 00000000`00000000 ffff9e0e`e6ab4630 : nt!KeBugCheckEx
ffff9e0e`e6ab4390 fffff801`69e72eef : 00000000`00000000 00000000`00000000 00000000`00000000 ffffba8a`267ad2d8 : nt!MiSystemFault+0x1d6966
ffff9e0e`e6ab4490 fffff801`69fcf620 : ffff8a0a`57b68900 ffff9e0e`e6ab46b0 ffffb07c`3ca00050 ffff9e0e`e6ab46c0 : nt!MmAccessFault+0x34f
ffff9e0e`e6ab4630 fffff801`6a69f8ee : fffff801`6a70cf49 00000000`00000180 00000000`00000000 00000000`00000000 : nt!KiPageFault+0x360
ffff9e0e`e6ab47c8 fffff801`6a70cf49 : 00000000`00000180 00000000`00000000 00000000`00000000 00000000`00000000 : nt!ObpCaptureHandleInformation+0x8e
ffff9e0e`e6ab47d0 fffff801`6a70a7d5 : fffff801`6a69f860 ffff8a0a`3be11718 ffff9e0e`0030ea50 00000000`0030ea50 : nt!ExpSnapShotHandleTables+0x131
ffff9e0e`e6ab4860 fffff801`6a5aa678 : 00000000`0ebca050 fffff801`00020000 00000800`001858d0 ffffb07c`3ca00050 : nt!ExpGetHandleInformation+0x71
ffff9e0e`e6ab48b0 fffff801`6a3e16ab : 00000000`0030ea60 00000000`00000000 00000000`00000010 00000000`0ebca050 : nt!ExpQuerySystemInformation+0x1c8ea8
ffff9e0e`e6ab4ac0 fffff801`69fd3351 : ffffb28a`1e2c6080 00000000`0a8af894 00000000`00000001 ffffffff`ff676980 : nt!NtQuerySystemInformation+0x2b
ffff9e0e`e6ab4b00 00007ffe`eac5c784 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceExitPico+0x2bc
00000000`0a71e348 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x00007ffe`eac5c784
THREAD_SHA1_HASH_MOD_FUNC: f35a00c0cea0700955b933c3eb52df40adaaf926
THREAD_SHA1_HASH_MOD_FUNC_OFFSET: bce110efcf73f0011e693a11dffc091150d32254
THREAD_SHA1_HASH_MOD: bc100a5647b828107ac4e18055e00abcbe1ec406
FOLLOWUP_IP:
nt!ObpCaptureHandleInformation+8e
fffff801`6a69f8ee 410fb64118 movzx eax,byte ptr [r9+18h]
FAULT_INSTR_CODE: 41b60f41
SYMBOL_STACK_INDEX: 4
SYMBOL_NAME: nt!ObpCaptureHandleInformation+8e
FOLLOWUP_NAME: MachineOwner
MODULE_NAME: nt
IMAGE_NAME: ntkrnlmp.exe
DEBUG_FLR_IMAGE_TIMESTAMP: 4269a790
IMAGE_VERSION: 10.0.18362.657
STACK_COMMAND: .thread ; .cxr ; kb
BUCKET_ID_FUNC_OFFSET: 8e
FAILURE_BUCKET_ID: AV_R_INVALID_nt!ObpCaptureHandleInformation
BUCKET_ID: AV_R_INVALID_nt!ObpCaptureHandleInformation
PRIMARY_PROBLEM_CLASS: AV_R_INVALID_nt!ObpCaptureHandleInformation
TARGET_TIME: 2020-02-29T18:03:56.000Z
OSBUILD: 18362
OSSERVICEPACK: 657
SERVICEPACK_NUMBER: 0
OS_REVISION: 0
SUITE_MASK: 272
PRODUCT_TYPE: 1
OSPLATFORM_TYPE: x64
OSNAME: Windows 10
OSEDITION: Windows 10 WinNt TerminalServer SingleUserTS
OS_LOCALE:
USER_LCID: 0
OSBUILD_TIMESTAMP: 2005-04-23 04:40:32
BUILDDATESTAMP_STR: 190318-1202
BUILDLAB_STR: 19h1_release
BUILDOSVER_STR: 10.0.18362.1.amd64fre.19h1_release.190318-1202
ANALYSIS_SESSION_ELAPSED_TIME: 27d6
ANALYSIS_SOURCE: KM
FAILURE_ID_HASH_STRING: km:av_r_invalid_nt!obpcapturehandleinformation
FAILURE_ID_HASH: {ca33f0ed-ea4f-08da-9cd1-d248328d82af}
Followup: MachineOwner
---------
PAGE_FAULT_IN_NONPAGED_AREA (50)
Invalid system memory was referenced. This cannot be protected by try-except.
Typically the address is just plain bad or it is pointing at freed memory.
Arguments:
Arg1: ffffffffb0cf53ee, memory referenced.
Arg2: 0000000000000000, value 0 = read operation, 1 = write operation.
Arg3: fffff8007fffba70, If non-zero, the instruction address which referenced the bad memory
address.
Arg4: 0000000000000002, (reserved)
Debugging Details:
------------------
Could not read faulting driver name
KEY_VALUES_STRING: 1
PROCESSES_ANALYSIS: 1
SERVICE_ANALYSIS: 1
STACKHASH_ANALYSIS: 1
TIMELINE_ANALYSIS: 1
DUMP_CLASS: 1
DUMP_QUALIFIER: 400
BUILD_VERSION_STRING: 18362.1.amd64fre.19h1_release.190318-1202
DUMP_TYPE: 2
BUGCHECK_P1: ffffffffb0cf53ee
BUGCHECK_P2: 0
BUGCHECK_P3: fffff8007fffba70
BUGCHECK_P4: 2
READ_ADDRESS: fffff8007fd733b8: Unable to get MiVisibleState
Unable to get NonPagedPoolStart
Unable to get NonPagedPoolEnd
Unable to get PagedPoolStart
Unable to get PagedPoolEnd
ffffffffb0cf53ee
FAULTING_IP:
nt!PiDevCfgResolveVariable+f3318
fffff800`7fffba70 ff90e953cff0 call qword ptr [rax-0F30AC17h]
MM_INTERNAL_CODE: 2
CPU_COUNT: c
CPU_MHZ: d48
CPU_VENDOR: AuthenticAMD
CPU_FAMILY: 17
CPU_MODEL: 8
CPU_STEPPING: 2
CUSTOMER_CRASH_COUNT: 1
DEFAULT_BUCKET_ID: WIN8_DRIVER_FAULT
BUGCHECK_STR: AV
PROCESS_NAME: wermgr.exe
CURRENT_IRQL: 0
ANALYSIS_SESSION_HOST: DESKTOP-BKJR0DQ
ANALYSIS_SESSION_TIME: 03-03-2020 18:34:26.0849
ANALYSIS_VERSION: 10.0.18362.1 amd64fre
TRAP_FRAME: fffff68b5826f6f0 -- (.trap 0xfffff68b5826f6f0)
NOTE: The trap frame does not contain all registers.
Some register values may be zeroed or incorrect.
rax=ffffffffc0000005 rbx=0000000000000000 rcx=fff68b5826f8f8ff
rdx=fffff68b5826de01 rsi=0000000000000000 rdi=0000000000000000
rip=fffff8007fffba70 rsp=fffff68b5826f880 rbp=fffff68b5826fb80
r8=0000000000000001 r9=fffff68b5826dee0 r10=000000000010000b
r11=fffff68b5826df50 r12=0000000000000000 r13=0000000000000000
r14=0000000000000000 r15=0000000000000000
iopl=0 nv up ei ng nz na po nc
nt!PiDevCfgResolveVariable+0xf3318:
fffff800`7fffba70 ff90e953cff0 call qword ptr [rax-0F30AC17h] ds:ffffffff`b0cf53ee=????????????????
Resetting default scope
LOCK_ADDRESS: fffff8007fc62980 -- (!locks fffff8007fc62980)
Cannot get _ERESOURCE type
Resource @ nt!PiEngineLock (0xfffff8007fc62980) Available
1 total locks
PNP_TRIAGE_DATA:
Lock address : 0xfffff8007fc62980
Thread Count : 0
Thread address: 0x0000000000000000
Thread wait : 0x0
MISALIGNED_IP:
nt!PiDevCfgResolveVariable+f3318
fffff800`7fffba70 ff90e953cff0 call qword ptr [rax-0F30AC17h]
LAST_CONTROL_TRANSFER: from fffff8007f9e36d6 to fffff8007f9c1510
STACK_TEXT:
fffff68b`5826f448 fffff800`7f9e36d6 : 00000000`00000050 ffffffff`b0cf53ee 00000000`00000000 fffff68b`5826f6f0 : nt!KeBugCheckEx
fffff68b`5826f450 fffff800`7f872eef : 00000000`00000000 00000000`00000000 00000000`00000000 ffffffff`b0cf53ee : nt!MiSystemFault+0x1d6966
fffff68b`5826f550 fffff800`7f9cf620 : ffffaf8c`97e60d70 fffff68b`5826fb80 00000022`981fd7d0 00000000`00000000 : nt!MmAccessFault+0x34f
fffff68b`5826f6f0 fffff800`7fffba70 : 00000022`981fda60 fffff800`7fdf6b41 00000000`00000000 00000000`00000000 : nt!KiPageFault+0x360
fffff68b`5826f880 00000000`00000028 : 00000022`981fd9b0 00000000`00000000 00000000`00000000 00000000`00000000 : nt!PiDevCfgResolveVariable+0xf3318
fffff68b`5826f950 00000022`981fd9b0 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x28
fffff68b`5826f958 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x00000022`981fd9b0
THREAD_SHA1_HASH_MOD_FUNC: 96e5dc984528cc49da51fc063bd924450e8d00eb
THREAD_SHA1_HASH_MOD_FUNC_OFFSET: 5b3aa2b72cce978d87456d50fc525a3850c5d9c6
THREAD_SHA1_HASH_MOD: f08ac56120cad14894587db086f77ce277bfae84
FOLLOWUP_IP:
nt!PiDevCfgResolveVariable+f3318
fffff800`7fffba70 ff90e953cff0 call qword ptr [rax-0F30AC17h]
FAULT_INSTR_CODE: 53e990ff
SYMBOL_STACK_INDEX: 4
SYMBOL_NAME: nt!PiDevCfgResolveVariable+f3318
FOLLOWUP_NAME: MachineOwner
IMAGE_NAME: hardware
DEBUG_FLR_IMAGE_TIMESTAMP: 0
IMAGE_VERSION: 10.0.18362.657
STACK_COMMAND: .thread ; .cxr ; kb
MODULE_NAME: hardware
FAILURE_BUCKET_ID: IP_MISALIGNED
BUCKET_ID: IP_MISALIGNED
PRIMARY_PROBLEM_CLASS: IP_MISALIGNED
TARGET_TIME: 2020-02-29T18:05:29.000Z
OSBUILD: 18362
OSSERVICEPACK: 657
SERVICEPACK_NUMBER: 0
OS_REVISION: 0
SUITE_MASK: 272
PRODUCT_TYPE: 1
OSPLATFORM_TYPE: x64
OSNAME: Windows 10
OSEDITION: Windows 10 WinNt TerminalServer SingleUserTS
OS_LOCALE:
USER_LCID: 0
OSBUILD_TIMESTAMP: 2005-04-23 04:40:32
BUILDDATESTAMP_STR: 190318-1202
BUILDLAB_STR: 19h1_release
BUILDOSVER_STR: 10.0.18362.1.amd64fre.19h1_release.190318-1202
ANALYSIS_SESSION_ELAPSED_TIME: 1e8d
ANALYSIS_SOURCE: KM
FAILURE_ID_HASH_STRING: km:ip_misaligned
FAILURE_ID_HASH: {201b0e5d-db2a-63d2-77be-8ce8ff234750}
Followup: MachineOwner
---------
drive.google.com
