X
XxBaddaskillerX
So i was playing vrchat and a couple weeks ago i updated my driver to 457.09 (not important now but later).So i was playing VRChat for the first time since updating my driver and i went into the game and ran straight into a BSOD.Now this kinda scared me, since the last time i got a BSOD was because my RAM were dying.So i thought it was because in VRChat people can have avatars that completely crash your pc.So i went into windbg and i got this. What do you guys think happend?
Debug:
Microsoft (R) Windows Debugger Version 10.0.19041.685 AMD64
Copyright (c) Microsoft Corporation. All rights reserved.
Loading Dump File [C:\Windows\MEMORY.DMP]
Kernel Bitmap Dump File: Kernel address space is available, User address space may not be available.
* Path validation summary **
Response Time (ms) Location
Deferred SRVC:\Windows\symbol_cache
Symbol information
Symbol search path is: SRVC:\Windows\symbol_cache
Symbol information
Executable search path is:
Windows 10 Kernel Version 18362 MP (12 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 18362.1.amd64fre.19h1_release.190318-1202
Machine Name:
Kernel base = 0xfffff802
Debug session time: Tue Dec 29 22:31:27.155 2020 (UTC + 2:00)
System Uptime: 0 days 12:15:05.803
Loading Kernel Symbols
...............................................................
................................................................
............................Page 1f27d not present in the dump file. Type ".hh dbgerr004" for details
....................................
..................
Loading User Symbols
PEB is paged out (Peb.Ldr = 0000007f
3a70a8eb cd29 int 29h
Resetting default scope
EXCEPTION_RECORD: fffff8023ec6f8d8 -- (.exr 0xfffff8023ec6f8d8)
ExceptionAddress: fffff8023a70a8eb (nt!ExInterlockedRemoveHeadList+0x000000000000008b)
ExceptionCode: c0000409 (Security check failure or stack buffer overrun)
ExceptionFlags: 00000001
NumberParameters: 1
Parameter[0]: 0000000000000003
Subcode: 0x3 FAST_FAIL_CORRUPT_LIST_ENTRY
BLACKBOXBSD: 1 (!blackboxbsd)
BLACKBOXNTFS: 1 (!blackboxntfs)
BLACKBOXPNP: 1 (!blackboxpnp)
BLACKBOXWINLOGON: 1
PROCESS_NAME: Corsair.Service.CpuIdRemote64.exe
ERROR_CODE: (NTSTATUS) 0xc0000409 - The system detected an overrun of a stack-based buffer in this application. This overrun could potentially allow a malicious user to gain control of this application.
EXCEPTION_CODE_STR: c0000409
EXCEPTION_PARAMETER1: 0000000000000003
DPC_STACK_BASE: FFFFF8023EC6FFB0
EXCEPTION_STR: 0xc0000409
STACK_TEXT:
fffff802
fffff802
fffff802
fffff802
fffff802
fffff802
fffff802
fffff802
fffff802
fffff802
fffff802
fffffe89
fffffe89
fffffe89
fffffe89
fffffe89
fffffe89
fffffe89
fffffe89
fffffe89
fffffe89
fffffe89
0000007f
SYMBOL_NAME: nvlddmkm+7c269a
MODULE_NAME: nvlddmkm
IMAGE_NAME: nvlddmkm.sys
STACK_COMMAND: .thread ; .cxr ; kb
BUCKET_ID_FUNC_OFFSET: 7c269a
FAILURE_BUCKET_ID: 0x139_3_CORRUPT_LIST_ENTRY_nvlddmkm!unknown_function
OS_VERSION: 10.0.18362.1
BUILDLAB_STR: 19h1_release
OSPLATFORM_TYPE: x64
OSNAME: Windows 10
FAILURE_ID_HASH: {313b10a2-72d5-e118-5040-eef20d8afced}
Followup: MachineOwner
---------
Continue reading...
Debug:
Microsoft (R) Windows Debugger Version 10.0.19041.685 AMD64
Copyright (c) Microsoft Corporation. All rights reserved.
Loading Dump File [C:\Windows\MEMORY.DMP]
Kernel Bitmap Dump File: Kernel address space is available, User address space may not be available.
* Path validation summary **
Response Time (ms) Location
Deferred SRVC:\Windows\symbol_cache
Symbol information
Symbol search path is: SRVC:\Windows\symbol_cache
Symbol information
Executable search path is:
Windows 10 Kernel Version 18362 MP (12 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 18362.1.amd64fre.19h1_release.190318-1202
Machine Name:
Kernel base = 0xfffff802
3a600000 PsLoadedModuleList = 0xfffff802
3aa461b0Debug session time: Tue Dec 29 22:31:27.155 2020 (UTC + 2:00)
System Uptime: 0 days 12:15:05.803
Loading Kernel Symbols
...............................................................
................................................................
............................Page 1f27d not present in the dump file. Type ".hh dbgerr004" for details
....................................
..................
Loading User Symbols
PEB is paged out (Peb.Ldr = 0000007f
Code:
0079d018). Type ".hh dbgerr001" for details
Loading unloaded module list
...............................
For analysis of this file, run !analyze -v
0: kd> !analyze -v
*******************************************************************************
[LIST]
[*]*
[*]Bugcheck Analysis *
[*]*
[/LIST]
*******************************************************************************
KERNEL_SECURITY_CHECK_FAILURE (139)
A kernel component has corrupted a critical data structure. The corruption
could potentially allow a malicious user to gain control of this machine.
Arguments:
Arg1: 0000000000000003, A LIST_ENTRY has been corrupted (i.e. double remove).
Arg2: fffff8023ec6f980, Address of the trap frame for the exception that caused the bugcheck
Arg3: fffff8023ec6f8d8, Address of the exception record for the exception that caused the bugcheck
Arg4: 0000000000000000, Reserved
Debugging Details:
------------------
KEY_VALUES_STRING: 1
Key : Analysis.CPU.Sec
Value: 3
Key : Analysis.DebugAnalysisProvider.CPP
Value: Create: 8007007e on DESKTOP-5JVVM3A
Key : Analysis.DebugData
Value: CreateObject
Key : Analysis.DebugModel
Value: CreateObject
Key : Analysis.Elapsed.Sec
Value: 16
Key : Analysis.Memory.CommitPeak.Mb
Value: 71
Key : Analysis.System
Value: CreateObject
BUGCHECK_CODE: 139
BUGCHECK_P1: 3
BUGCHECK_P2: fffff8023ec6f980
BUGCHECK_P3: fffff8023ec6f8d8
BUGCHECK_P4: 0
TRAP_FRAME: fffff8023ec6f980 -- (.trap 0xfffff8023ec6f980)
NOTE: The trap frame does not contain all registers.
Some register values may be zeroed or incorrect.
rax=ffff88014be70238 rbx=0000000000000000 rcx=0000000000000003
rdx=ffff88014be70158 rsi=0000000000000000 rdi=0000000000000000
rip=fffff8023a70a8eb rsp=fffff8023ec6fb10 rbp=0000000000000001
r8=0000000000000002 r9=0000000000000000 r10=0000fffff8024a3a
r11=ffffc97db4400000 r12=0000000000000000 r13=0000000000000000
r14=0000000000000000 r15=0000000000000000
iopl=0 nv up di pl nz na po nc
nt!ExInterlockedRemoveHeadList+0x8b:
fffff802
Resetting default scope
EXCEPTION_RECORD: fffff8023ec6f8d8 -- (.exr 0xfffff8023ec6f8d8)
ExceptionAddress: fffff8023a70a8eb (nt!ExInterlockedRemoveHeadList+0x000000000000008b)
ExceptionCode: c0000409 (Security check failure or stack buffer overrun)
ExceptionFlags: 00000001
NumberParameters: 1
Parameter[0]: 0000000000000003
Subcode: 0x3 FAST_FAIL_CORRUPT_LIST_ENTRY
BLACKBOXBSD: 1 (!blackboxbsd)
BLACKBOXNTFS: 1 (!blackboxntfs)
BLACKBOXPNP: 1 (!blackboxpnp)
BLACKBOXWINLOGON: 1
PROCESS_NAME: Corsair.Service.CpuIdRemote64.exe
ERROR_CODE: (NTSTATUS) 0xc0000409 - The system detected an overrun of a stack-based buffer in this application. This overrun could potentially allow a malicious user to gain control of this application.
EXCEPTION_CODE_STR: c0000409
EXCEPTION_PARAMETER1: 0000000000000003
DPC_STACK_BASE: FFFFF8023EC6FFB0
EXCEPTION_STR: 0xc0000409
STACK_TEXT:
fffff802
3ec6f658 fffff802
3a7d5929 : 0000000000000139 00000000
00000003 fffff8023ec6f980 fffff802
3ec6f8d8 : nt!KeBugCheckExfffff802
3ec6f660 fffff802
3a7d5d50 : 00000000004559cf 00000000
00000000 0000000000000000 00000000
00000000 : nt!KiBugCheckDispatch+0x69fffff802
3ec6f7a0 fffff802
3a7d40e3 : 0000000000000000 00000000
00000000 ffff88015c8bf9f0 fffff802
3ec6fa10 : nt!KiFastFailDispatch+0xd0fffff802
3ec6f980 fffff802
3a70a8eb : 0000000000000000 ffff8801
00000000 ffff88014be70160 ffff8801
4be70158 : nt!KiRaiseSecurityCheckFailure+0x323fffff802
3ec6fb10 fffff802
4a32269a : ffff88014be70000 fffff802
3ec6fd40 ffff88014be70160 ffff8801
4be55000 : nt!ExInterlockedRemoveHeadList+0x8bfffff802
3ec6fb40 fffff802
4a38c745 : ffff88014be55000 ffff8801
51376000 ffff880151376000 ffff8801
4be55000 : nvlddmkm+0x7c269afffff802
3ec6fb80 fffff802
49c15f6d : ffff88014be55000 ffff8801
4be550e0 ffff88014be550e0 00000000
00000000 : nvlddmkm+0x82c745fffff802
3ec6fbb0 fffff802
3a6c296a : fffff80249c15ee7 fffff802
36bfff80 fffff8023aa395e0 fffff802
00000002 : nvlddmkm+0xb5f6dfffff802
3ec6fc40 fffff802
3a6c1fbf : fffff80236bfd180 00000000
00000000 0000000000000002 00000000
00000004 : nt!KiExecuteAllDpcs+0x30afffff802
3ec6fd80 fffff802
3a7cab25 : 0000000000000000 fffff802
36bfd180 ffffd98074e49640 fffff7fc
00001000 : nt!KiRetireDpcList+0x1effffff802
3ec6ffb0 fffff802
3a7ca910 : fffff8023a575b20 fffff802
3a55f37a ffff880164338a80 00000000
00000000 : nt!KxRetireDpcList+0x5fffffe89
7caae230 fffff802
3a7ca1c5 : fffff7fc00001000 fffff802
3a7c5671 000000000000c350 fffffe89
7caae2f0 : nt!KiDispatchInterruptContinuefffffe89
7caae260 fffff802
3a7c5671 : 000000000000c350 fffffe89
7caae2f0 ffffd98074e49640 fffffe89
7caae578 : nt!KiDpcInterruptBypass+0x25fffffe89
7caae270 fffff802
3a9532b9 : fffff8023a55d8d0 00000000
00000000 0000000000000000 ffff8801
63217a00 : nt!KiInterruptDispatch+0xb1fffffe89
7caae408 fffff802
3a55d8d0 : 0000000000000000 00000000
00000000 ffff880163217a00 00000000
00000000 : nt!_guard_retpoline_indirect_cfg_rax+0x19fffffe89
7caae410 fffff802
3720427c : 000000000000c350 00000000
00989680 00000066b15185d7 ffff8801
6235dd80 : hal!KeQueryPerformanceCounter+0x60fffffe89
7caae440 fffff802
3a637159 : ffff880154ca5e10 ffff8801
6235dd80 ffff88016235de98 00000000
00000001 : cpuz148_x64+0x427cfffffe89
7caae820 fffff802
3abf2a95 : fffffe897caaeb80 ffff8801
6235dd80 0000000000000001 ffff8801
56e703c0 : nt!IofCallDriver+0x59fffffe89
7caae860 fffff802
3abf28a0 : 0000000000000000 fffffe89
7caaeb80 ffff88016235dd80 fffffe89
7caaeb80 : nt!IopSynchronousServiceTail+0x1a5fffffe89
7caae900 fffff802
3abf1c76 : 0000000000000000 00000000
00000000 0000000000000000 00000000
00000000 : nt!IopXxxControlFile+0xc10fffffe89
7caaea20 fffff802
3a7d5358 : 0000000000000001 00000000
00000000 fffffe8900000002 fffffe89
7caaea00 : nt!NtDeviceIoControlFile+0x56fffffe89
7caaea90 00007ff9
a5d7c7d4 : 0000000000000000 00000000
00000000 0000000000000000 00000000
00000000 : nt!KiSystemServiceCopyEnd+0x280000007f
03bffb38 00000000
00000000 : 0000000000000000 00000000
00000000 0000000000000000 00000000
00000000 : 0x00007ff9`a5d7c7d4SYMBOL_NAME: nvlddmkm+7c269a
MODULE_NAME: nvlddmkm
IMAGE_NAME: nvlddmkm.sys
STACK_COMMAND: .thread ; .cxr ; kb
BUCKET_ID_FUNC_OFFSET: 7c269a
FAILURE_BUCKET_ID: 0x139_3_CORRUPT_LIST_ENTRY_nvlddmkm!unknown_function
OS_VERSION: 10.0.18362.1
BUILDLAB_STR: 19h1_release
OSPLATFORM_TYPE: x64
OSNAME: Windows 10
FAILURE_ID_HASH: {313b10a2-72d5-e118-5040-eef20d8afced}
Followup: MachineOwner
---------
Continue reading...