I have a client who is sending me !analyze -v where the second argument of PAGE_FAULT_IN_NONPAGED_AREA is 2 which is not documented. This is Windows 10 with the lack of symbols because the symbol server not keeping up with the OS updates.
Anyone have a clue as to why this is 2? I’m trying to help them remotely find this problem.
Don Burn
Windows Driver Consulting
Website: http://www.windrvr.com
kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
PAGE_FAULT_IN_NONPAGED_AREA (50)
Invalid system memory was referenced. This cannot be protected by try-except.
Typically the address is just plain bad or it is pointing at freed memory.
Arguments:
Arg1: ffffcb81ab600000, memory referenced.
Arg2: 0000000000000002, value 0 = read operation, 1 = write operation.
Arg3: fffff80a6d419a47, If non-zero, the instruction address which referenced the bad memory
address.
Arg4: 0000000000000002, (reserved)
Debugging Details:
DUMP_CLASS: 1
DUMP_QUALIFIER: 401
BUILD_VERSION_STRING: 14393.1480.amd64fre.rs1_release.170706-2004
SYSTEM_MANUFACTURER: System manufacturer
SYSTEM_PRODUCT_NAME: System Product Name
SYSTEM_SKU: SKU
SYSTEM_VERSION: System Version
BIOS_VENDOR: American Megatrends Inc.
BIOS_VERSION: 5109
BIOS_DATE: 10/16/2012
BASEBOARD_MANUFACTURER: ASUSTeK COMPUTER INC.
BASEBOARD_PRODUCT: F2A85-V PRO
BASEBOARD_VERSION: Rev X.0x
DUMP_TYPE: 1
BUGCHECK_P1: ffffcb81ab600000
BUGCHECK_P2: 2
BUGCHECK_P3: fffff80a6d419a47
BUGCHECK_P4: 2
FAULTING_IP:
netvmini_build!Ndis64Write32+37 [c:\shop\codelever\a664-ndis-driver\netvmini\a664-driver-solution\netvmini_build\netvmini_build\a664api
\ttes_api_os_ndis.c @ 177]
fffff80a`6d419a47 8908 mov dword ptr [rax],ecx
MM_INTERNAL_CODE: 2
IMAGE_NAME: memory_corruption
DEBUG_FLR_IMAGE_TIMESTAMP: 0
FAULTING_MODULE: fffff80a6d400000 netvmini_build
CPU_COUNT: 2
CPU_MHZ: e10
CPU_VENDOR: AuthenticAMD
CPU_FAMILY: 15
CPU_MODEL: 10
CPU_STEPPING: 1
DEFAULT_BUCKET_ID: CODE_CORRUPTION
BUGCHECK_STR: AV
PROCESS_NAME: System
CURRENT_IRQL: 0
ANALYSIS_SESSION_HOST: PREDATOR
ANALYSIS_SESSION_TIME: 07-14-2017 10:22:40.0349
ANALYSIS_VERSION: 10.0.14321.1024 amd64fre
TRAP_FRAME: ffffcb81a959a710 – (.trap 0xffffcb81a959a710)
NOTE: The trap frame does not contain all registers.
Some register values may be zeroed or incorrect.
rax=ffffcb81ab600000 rbx=0000000000000000 rcx=0000000010000000
rdx=0000000000000006 rsi=0000000000000000 rdi=0000000000000000
rip=fffff80a6d419a47 rsp=ffffcb81a959a8a0 rbp=ffffcb81a959ae90
r8=0000000000000065 r9=0000000000000003 r10=0000000000000000
r11=ffffcb81a959a640 r12=0000000000000000 r13=0000000000000000
r14=0000000000000000 r15=0000000000000000
iopl=0 nv up ei pl nz na pe nc
netvmini_build!Ndis64Write32+0x37:
fffff80a6d419a47 8908 mov dword ptr [rax],ecx ds:ffffcb81
ab600000=???
Resetting default scope
LOCK_ADDRESS: fffff801fa7a8880 – (!locks fffff801fa7a8880)
Resource @ nt!PiEngineLock (0xfffff801fa7a8880) Exclusively owned
Contention Count = 11
Threads: ffff938d547da040-01<*>
1 total locks, 1 locks currently held
PNP_TRIAGE:
Lock address : 0xfffff801fa7a8880
Thread Count : 1
Thread address: 0xffff938d547da040
Thread wait : 0xbaf6
LAST_CONTROL_TRANSFER: from fffff801fa60ae11 to fffff801fa5e0960
STACK_TEXT:
ffffcb81a959a418 fffff801
fa60ae11 : 0000000000000050 ffffcb81
ab600000 0000000000000002 ffffcb81
a959a710 : nt!KeBugCheckEx
ffffcb81a959a420 fffff801
fa4e60fd : 0000000000000002 00000000
00000000 ffffcb81a959a710 ffffcb81
ab600000 : nt!MiSystemFault+0x100201
ffffcb81a959a510 fffff801
fa5e9ffc : 72000a2032726142 2c747365
54737365 7373657264644120 43464646
465b203a : nt!MmAccessFault+0x27d
ffffcb81a959a710 fffff80a
6d419a47 : ffffcb81ab600000 fffff80a
6d454440 ffffcb81a959aaa0 ffffcb81
ab3e4000 : nt!KiPageFault+0x13c
ffffcb81a959a8a0 fffff80a
6d406af4 : ffffcb81ab600000 00000000
10000000 0000000000000065 00000000
00000003 : netvmini_build!
Ndis64Write32+0x37 [c:\shop\codelever\a664-ndis-driver\netvmini\a664-driver-solution\netvmini_build\netvmini_build\a664api
\ttes_api_os_ndis.c @ 177]
ffffcb81a959a8e0 fffff80a
6d401e29 : fffff80a6d5968c0 ffffcb81
00000001 0000000000000001 00000000
00064000 : netvmini_build!
i664InternalSetPhys+0x1a4 [c:\shop\codelever\a664-ndis-driver\netvmini\a664-driver-solution\netvmini_build\netvmini_build\a664api
\i664_api_internal.c @ 864]
ffffcb81a959a970 fffff80a
6d42a07e : fffff80a6d5968c0 fffff80a
6d43bce0 0000000000000065 00000000
00000003 : netvmini_build!
Ndisi664ESConfigureEx+0xe29 [c:\shop\codelever\a664-ndis-driver\netvmini\a664-driver-solution\netvmini_build\netvmini_build\a664api
\i664_api_es.c @ 1208]
ffffcb81a959aa20 fffff80a
6d42d8c7 : ffff938d52b19040 ffff938d
52b19040 0000000000000a80 ffffdfef
f6dfe460 : netvmini_build!
A664DeviceInitialize+0x42e [c:\shop\codelever\a664-ndis-driver\netvmini\a664-driver-solution\netvmini_build\netvmini_build\a664device.c @
118]
ffffcb81a959aac0 fffff80a
6d42c644 : ffff938d52b19040 ffffcb81
a959ae90 ffffcb81a959ae90 ffffcb81
a959abe8 : netvmini_build!
HWInitialize+0x507 [c:\shop\codelever\a664-ndis-driver\netvmini\a664-driver-solution\netvmini_build\netvmini_build\a664mphal.c @ 214]
ffffcb81a959ab90 fffff80a
6b6fd762 : ffff938d55fd81a0 fffff80a
6d43b7c0 ffffcb81a959ae90 ffff938d
55fd9028 : netvmini_build!
MPInitializeEx+0x604 [c:\shop\codelever\a664-ndis-driver\netvmini\a664-driver-solution\netvmini_build\netvmini_build\a664adapter.c @ 404]
ffffcb81a959ad30 fffff80a
6b73b848 : ffff938d55fd8ed8 00000000
00000000 0000000000000000 ffff938d
55fd81a0 : ndis!
ndisMInvokeInitialize+0x5e
ffffcb81a959ad90 fffff80a
6b6fdc03 : 0000000000000000 00000000
000000a0 ffff938d53600400 01d2fcb0
4e560014 : ndis!
ndisMInitializeAdapter+0x4d4
ffffcb81a959b450 fffff80a
6b6fdd10 : 00000000000000a0 ffff938d
551b41a0 ffffb985d5427c80 ffff938d
55fd81a0 : ndis!
ndisInitializeAdapter+0x5f
ffffcb81a959b4a0 fffff80a
6b6efb2b : ffff938d55fd81a0 00000000
00000004 ffff938d530f72a0 fffff80a
6b66a10d : ndis!ndisPnPStartDevice
+0x80
ffffcb81a959b4e0 fffff80a
6b6eefd5 : ffff938d55fd81a0 ffff938d
55fd81a0 ffff938d530f72a0 ffff938d
55fd81a0 : ndis!
ndisStartDeviceSynchronous+0x4f
ffffcb81a959b530 fffff80a
6b6eebf9 : ffff938d530f72a0 ffffcb81
a959b5a0 0000000000000000 ffff938d
55fd81a0 : ndis!
ndisPnPIrpStartDevice+0x149
ffffcb81a959b560 fffff801
fa9768dd : ffff938d530f72a0 ffffcb81
a959b604 0000000000000001 00000000
00000001 : ndis!ndisPnPDispatch
+0x149
ffffcb81a959b5d0 fffff801
fa58bb0e : ffff938d52fba060 00000000
00000000 ffff938d55353de0 00000000
00000000 : nt!PnpAsynchronousCall
+0xe5
ffffcb81a959b610 fffff801
fa582ba4 : 0000000000000000 ffff938d
52fba060 fffff801fa58c050 fffff801
fa58c050 : nt!PnpSendIrp+0x92
ffffcb81a959b680 fffff801
fa976117 : ffff938d52fb9010 ffff938d
55353de0 0000000000000000 00000000
00000000 : nt!PnpStartDevice+0x88
ffffcb81a959b710 fffff801
fa940bff : ffff938d52fb9010 ffffcb81
a959b8e0 0000000000000000 ffff938d
52fb9010 : nt!PnpStartDeviceNode
+0xdb
ffffcb81a959b7a0 fffff801
fa97ad69 : ffff938d52fb9010 00000000
00000001 0000000000000001 ffff938d
52fb9010 : nt!
PipProcessStartPhase1+0x53
ffffcb81a959b7e0 fffff801
faad576a : ffff938d52fb9010 00000000
00000001 ffffcb81a959bb19 fffff801
fa97b273 : nt!PipProcessDevNodeTree
+0x401
ffffcb81a959ba60 fffff801
fa63590a : 0000000100000003 00000000
00000000 fffff801fa7a7360 fffff801
fa7a7430 : nt!PiRestartDevice+0xba
ffffcb81a959bab0 fffff801
fa4f7599 : ffff938d547da040 fffff801
fa7a7320 fffff801fa847280 fffff801
fa847280 : nt!PnpDeviceActionWorker
+0xac1fe
ffffcb81a959bb80 fffff801
fa547965 : fffff801fa7cd180 00000000
00000080 ffff938d526b06c0 ffff938d
547da040 : nt!ExpWorkerThread+0xe9
ffffcb81a959bc10 fffff801
fa5e5e26 : fffff801fa7cd180 ffff938d
547da040 fffff801fa547924 00000000
00000000 : nt!
PspSystemThreadStartup+0x41
ffffcb81a959bc60 00000000
00000000 : ffffcb81a959c000 ffffcb81
a9596000 0000000000000000 00000000
00000000 : nt!KiStartSystemThread
+0x16