X
XxBaddaskillerX
Guest
So i was playing vrchat and a couple weeks ago i updated my driver to 457.09 (not important now but later).So i was playing VRChat for the first time since updating my driver and i went into the game and ran straight into a BSOD.Now this kinda scared me, since the last time i got a BSOD was because my RAM were dying.So i thought it was because in VRChat people can have avatars that completely crash your pc.So i went into windbg and i got this. What do you guys think happend?
Debug:
Microsoft (R) Windows Debugger Version 10.0.19041.685 AMD64
Copyright (c) Microsoft Corporation. All rights reserved.
Loading Dump File [C:\Windows\MEMORY.DMP]
Kernel Bitmap Dump File: Kernel address space is available, User address space may not be available.
* Path validation summary **
Response Time (ms) Location
Deferred SRVC:\Windows\symbol_cache
Symbol information
Symbol search path is: SRVC:\Windows\symbol_cache
Symbol information
Executable search path is:
Windows 10 Kernel Version 18362 MP (12 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 18362.1.amd64fre.19h1_release.190318-1202
Machine Name:
Kernel base = 0xfffff8023a600000 PsLoadedModuleList = 0xfffff8023aa461b0
Debug session time: Tue Dec 29 22:31:27.155 2020 (UTC + 2:00)
System Uptime: 0 days 12:15:05.803
Loading Kernel Symbols
...............................................................
................................................................
............................Page 1f27d not present in the dump file. Type ".hh dbgerr004" for details
....................................
..................
Loading User Symbols
PEB is paged out (Peb.Ldr = 0000007f0079d018). Type ".hh dbgerr001" for details
Loading unloaded module list
...............................
For analysis of this file, run !analyze -v
0: kd> !analyze -v
*******************************************************************************
KERNEL_SECURITY_CHECK_FAILURE (139)
A kernel component has corrupted a critical data structure. The corruption
could potentially allow a malicious user to gain control of this machine.
Arguments:
Arg1: 0000000000000003, A LIST_ENTRY has been corrupted (i.e. double remove).
Arg2: fffff8023ec6f980, Address of the trap frame for the exception that caused the bugcheck
Arg3: fffff8023ec6f8d8, Address of the exception record for the exception that caused the bugcheck
Arg4: 0000000000000000, Reserved
Debugging Details:
------------------
KEY_VALUES_STRING: 1
Key : Analysis.CPU.Sec
Value: 3
Key : Analysis.DebugAnalysisProvider.CPP
Value: Create: 8007007e on DESKTOP-5JVVM3A
Key : Analysis.DebugData
Value: CreateObject
Key : Analysis.DebugModel
Value: CreateObject
Key : Analysis.Elapsed.Sec
Value: 16
Key : Analysis.Memory.CommitPeak.Mb
Value: 71
Key : Analysis.System
Value: CreateObject
BUGCHECK_CODE: 139
BUGCHECK_P1: 3
BUGCHECK_P2: fffff8023ec6f980
BUGCHECK_P3: fffff8023ec6f8d8
BUGCHECK_P4: 0
TRAP_FRAME: fffff8023ec6f980 -- (.trap 0xfffff8023ec6f980)
NOTE: The trap frame does not contain all registers.
Some register values may be zeroed or incorrect.
rax=ffff88014be70238 rbx=0000000000000000 rcx=0000000000000003
rdx=ffff88014be70158 rsi=0000000000000000 rdi=0000000000000000
rip=fffff8023a70a8eb rsp=fffff8023ec6fb10 rbp=0000000000000001
r8=0000000000000002 r9=0000000000000000 r10=0000fffff8024a3a
r11=ffffc97db4400000 r12=0000000000000000 r13=0000000000000000
r14=0000000000000000 r15=0000000000000000
iopl=0 nv up di pl nz na po nc
nt!ExInterlockedRemoveHeadList+0x8b:
fffff8023a70a8eb cd29 int 29h
Resetting default scope
EXCEPTION_RECORD: fffff8023ec6f8d8 -- (.exr 0xfffff8023ec6f8d8)
ExceptionAddress: fffff8023a70a8eb (nt!ExInterlockedRemoveHeadList+0x000000000000008b)
ExceptionCode: c0000409 (Security check failure or stack buffer overrun)
ExceptionFlags: 00000001
NumberParameters: 1
Parameter[0]: 0000000000000003
Subcode: 0x3 FAST_FAIL_CORRUPT_LIST_ENTRY
BLACKBOXBSD: 1 (!blackboxbsd)
BLACKBOXNTFS: 1 (!blackboxntfs)
BLACKBOXPNP: 1 (!blackboxpnp)
BLACKBOXWINLOGON: 1
PROCESS_NAME: Corsair.Service.CpuIdRemote64.exe
ERROR_CODE: (NTSTATUS) 0xc0000409 - The system detected an overrun of a stack-based buffer in this application. This overrun could potentially allow a malicious user to gain control of this application.
EXCEPTION_CODE_STR: c0000409
EXCEPTION_PARAMETER1: 0000000000000003
DPC_STACK_BASE: FFFFF8023EC6FFB0
EXCEPTION_STR: 0xc0000409
STACK_TEXT:
fffff8023ec6f658 fffff8023a7d5929 : 0000000000000139 0000000000000003 fffff8023ec6f980 fffff8023ec6f8d8 : nt!KeBugCheckEx
fffff8023ec6f660 fffff8023a7d5d50 : 00000000004559cf 0000000000000000 0000000000000000 0000000000000000 : nt!KiBugCheckDispatch+0x69
fffff8023ec6f7a0 fffff8023a7d40e3 : 0000000000000000 0000000000000000 ffff88015c8bf9f0 fffff8023ec6fa10 : nt!KiFastFailDispatch+0xd0
fffff8023ec6f980 fffff8023a70a8eb : 0000000000000000 ffff880100000000 ffff88014be70160 ffff88014be70158 : nt!KiRaiseSecurityCheckFailure+0x323
fffff8023ec6fb10 fffff8024a32269a : ffff88014be70000 fffff8023ec6fd40 ffff88014be70160 ffff88014be55000 : nt!ExInterlockedRemoveHeadList+0x8b
fffff8023ec6fb40 fffff8024a38c745 : ffff88014be55000 ffff880151376000 ffff880151376000 ffff88014be55000 : nvlddmkm+0x7c269a
fffff8023ec6fb80 fffff80249c15f6d : ffff88014be55000 ffff88014be550e0 ffff88014be550e0 0000000000000000 : nvlddmkm+0x82c745
fffff8023ec6fbb0 fffff8023a6c296a : fffff80249c15ee7 fffff80236bfff80 fffff8023aa395e0 fffff80200000002 : nvlddmkm+0xb5f6d
fffff8023ec6fc40 fffff8023a6c1fbf : fffff80236bfd180 0000000000000000 0000000000000002 0000000000000004 : nt!KiExecuteAllDpcs+0x30a
fffff8023ec6fd80 fffff8023a7cab25 : 0000000000000000 fffff80236bfd180 ffffd98074e49640 fffff7fc00001000 : nt!KiRetireDpcList+0x1ef
fffff8023ec6ffb0 fffff8023a7ca910 : fffff8023a575b20 fffff8023a55f37a ffff880164338a80 0000000000000000 : nt!KxRetireDpcList+0x5
fffffe897caae230 fffff8023a7ca1c5 : fffff7fc00001000 fffff8023a7c5671 000000000000c350 fffffe897caae2f0 : nt!KiDispatchInterruptContinue
fffffe897caae260 fffff8023a7c5671 : 000000000000c350 fffffe897caae2f0 ffffd98074e49640 fffffe897caae578 : nt!KiDpcInterruptBypass+0x25
fffffe897caae270 fffff8023a9532b9 : fffff8023a55d8d0 0000000000000000 0000000000000000 ffff880163217a00 : nt!KiInterruptDispatch+0xb1
fffffe897caae408 fffff8023a55d8d0 : 0000000000000000 0000000000000000 ffff880163217a00 0000000000000000 : nt!_guard_retpoline_indirect_cfg_rax+0x19
fffffe897caae410 fffff8023720427c : 000000000000c350 0000000000989680 00000066b15185d7 ffff88016235dd80 : hal!KeQueryPerformanceCounter+0x60
fffffe897caae440 fffff8023a637159 : ffff880154ca5e10 ffff88016235dd80 ffff88016235de98 0000000000000001 : cpuz148_x64+0x427c
fffffe897caae820 fffff8023abf2a95 : fffffe897caaeb80 ffff88016235dd80 0000000000000001 ffff880156e703c0 : nt!IofCallDriver+0x59
fffffe897caae860 fffff8023abf28a0 : 0000000000000000 fffffe897caaeb80 ffff88016235dd80 fffffe897caaeb80 : nt!IopSynchronousServiceTail+0x1a5
fffffe897caae900 fffff8023abf1c76 : 0000000000000000 0000000000000000 0000000000000000 0000000000000000 : nt!IopXxxControlFile+0xc10
fffffe897caaea20 fffff8023a7d5358 : 0000000000000001 0000000000000000 fffffe8900000002 fffffe897caaea00 : nt!NtDeviceIoControlFile+0x56
fffffe897caaea90 00007ff9a5d7c7d4 : 0000000000000000 0000000000000000 0000000000000000 0000000000000000 : nt!KiSystemServiceCopyEnd+0x28
0000007f03bffb38 0000000000000000 : 0000000000000000 0000000000000000 0000000000000000 0000000000000000 : 0x00007ff9`a5d7c7d4
SYMBOL_NAME: nvlddmkm+7c269a
MODULE_NAME: nvlddmkm
IMAGE_NAME: nvlddmkm.sys
STACK_COMMAND: .thread ; .cxr ; kb
BUCKET_ID_FUNC_OFFSET: 7c269a
FAILURE_BUCKET_ID: 0x139_3_CORRUPT_LIST_ENTRY_nvlddmkm!unknown_function
OS_VERSION: 10.0.18362.1
BUILDLAB_STR: 19h1_release
OSPLATFORM_TYPE: x64
OSNAME: Windows 10
FAILURE_ID_HASH: {313b10a2-72d5-e118-5040-eef20d8afced}
Followup: MachineOwner
---------
Continue reading...
Debug:
Microsoft (R) Windows Debugger Version 10.0.19041.685 AMD64
Copyright (c) Microsoft Corporation. All rights reserved.
Loading Dump File [C:\Windows\MEMORY.DMP]
Kernel Bitmap Dump File: Kernel address space is available, User address space may not be available.
* Path validation summary **
Response Time (ms) Location
Deferred SRVC:\Windows\symbol_cache
Symbol information
Symbol search path is: SRVC:\Windows\symbol_cache
Symbol information
Executable search path is:
Windows 10 Kernel Version 18362 MP (12 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 18362.1.amd64fre.19h1_release.190318-1202
Machine Name:
Kernel base = 0xfffff8023a600000 PsLoadedModuleList = 0xfffff8023aa461b0
Debug session time: Tue Dec 29 22:31:27.155 2020 (UTC + 2:00)
System Uptime: 0 days 12:15:05.803
Loading Kernel Symbols
...............................................................
................................................................
............................Page 1f27d not present in the dump file. Type ".hh dbgerr004" for details
....................................
..................
Loading User Symbols
PEB is paged out (Peb.Ldr = 0000007f0079d018). Type ".hh dbgerr001" for details
Loading unloaded module list
...............................
For analysis of this file, run !analyze -v
0: kd> !analyze -v
*******************************************************************************
- *
- Bugcheck Analysis *
- *
KERNEL_SECURITY_CHECK_FAILURE (139)
A kernel component has corrupted a critical data structure. The corruption
could potentially allow a malicious user to gain control of this machine.
Arguments:
Arg1: 0000000000000003, A LIST_ENTRY has been corrupted (i.e. double remove).
Arg2: fffff8023ec6f980, Address of the trap frame for the exception that caused the bugcheck
Arg3: fffff8023ec6f8d8, Address of the exception record for the exception that caused the bugcheck
Arg4: 0000000000000000, Reserved
Debugging Details:
------------------
KEY_VALUES_STRING: 1
Key : Analysis.CPU.Sec
Value: 3
Key : Analysis.DebugAnalysisProvider.CPP
Value: Create: 8007007e on DESKTOP-5JVVM3A
Key : Analysis.DebugData
Value: CreateObject
Key : Analysis.DebugModel
Value: CreateObject
Key : Analysis.Elapsed.Sec
Value: 16
Key : Analysis.Memory.CommitPeak.Mb
Value: 71
Key : Analysis.System
Value: CreateObject
BUGCHECK_CODE: 139
BUGCHECK_P1: 3
BUGCHECK_P2: fffff8023ec6f980
BUGCHECK_P3: fffff8023ec6f8d8
BUGCHECK_P4: 0
TRAP_FRAME: fffff8023ec6f980 -- (.trap 0xfffff8023ec6f980)
NOTE: The trap frame does not contain all registers.
Some register values may be zeroed or incorrect.
rax=ffff88014be70238 rbx=0000000000000000 rcx=0000000000000003
rdx=ffff88014be70158 rsi=0000000000000000 rdi=0000000000000000
rip=fffff8023a70a8eb rsp=fffff8023ec6fb10 rbp=0000000000000001
r8=0000000000000002 r9=0000000000000000 r10=0000fffff8024a3a
r11=ffffc97db4400000 r12=0000000000000000 r13=0000000000000000
r14=0000000000000000 r15=0000000000000000
iopl=0 nv up di pl nz na po nc
nt!ExInterlockedRemoveHeadList+0x8b:
fffff8023a70a8eb cd29 int 29h
Resetting default scope
EXCEPTION_RECORD: fffff8023ec6f8d8 -- (.exr 0xfffff8023ec6f8d8)
ExceptionAddress: fffff8023a70a8eb (nt!ExInterlockedRemoveHeadList+0x000000000000008b)
ExceptionCode: c0000409 (Security check failure or stack buffer overrun)
ExceptionFlags: 00000001
NumberParameters: 1
Parameter[0]: 0000000000000003
Subcode: 0x3 FAST_FAIL_CORRUPT_LIST_ENTRY
BLACKBOXBSD: 1 (!blackboxbsd)
BLACKBOXNTFS: 1 (!blackboxntfs)
BLACKBOXPNP: 1 (!blackboxpnp)
BLACKBOXWINLOGON: 1
PROCESS_NAME: Corsair.Service.CpuIdRemote64.exe
ERROR_CODE: (NTSTATUS) 0xc0000409 - The system detected an overrun of a stack-based buffer in this application. This overrun could potentially allow a malicious user to gain control of this application.
EXCEPTION_CODE_STR: c0000409
EXCEPTION_PARAMETER1: 0000000000000003
DPC_STACK_BASE: FFFFF8023EC6FFB0
EXCEPTION_STR: 0xc0000409
STACK_TEXT:
fffff8023ec6f658 fffff8023a7d5929 : 0000000000000139 0000000000000003 fffff8023ec6f980 fffff8023ec6f8d8 : nt!KeBugCheckEx
fffff8023ec6f660 fffff8023a7d5d50 : 00000000004559cf 0000000000000000 0000000000000000 0000000000000000 : nt!KiBugCheckDispatch+0x69
fffff8023ec6f7a0 fffff8023a7d40e3 : 0000000000000000 0000000000000000 ffff88015c8bf9f0 fffff8023ec6fa10 : nt!KiFastFailDispatch+0xd0
fffff8023ec6f980 fffff8023a70a8eb : 0000000000000000 ffff880100000000 ffff88014be70160 ffff88014be70158 : nt!KiRaiseSecurityCheckFailure+0x323
fffff8023ec6fb10 fffff8024a32269a : ffff88014be70000 fffff8023ec6fd40 ffff88014be70160 ffff88014be55000 : nt!ExInterlockedRemoveHeadList+0x8b
fffff8023ec6fb40 fffff8024a38c745 : ffff88014be55000 ffff880151376000 ffff880151376000 ffff88014be55000 : nvlddmkm+0x7c269a
fffff8023ec6fb80 fffff80249c15f6d : ffff88014be55000 ffff88014be550e0 ffff88014be550e0 0000000000000000 : nvlddmkm+0x82c745
fffff8023ec6fbb0 fffff8023a6c296a : fffff80249c15ee7 fffff80236bfff80 fffff8023aa395e0 fffff80200000002 : nvlddmkm+0xb5f6d
fffff8023ec6fc40 fffff8023a6c1fbf : fffff80236bfd180 0000000000000000 0000000000000002 0000000000000004 : nt!KiExecuteAllDpcs+0x30a
fffff8023ec6fd80 fffff8023a7cab25 : 0000000000000000 fffff80236bfd180 ffffd98074e49640 fffff7fc00001000 : nt!KiRetireDpcList+0x1ef
fffff8023ec6ffb0 fffff8023a7ca910 : fffff8023a575b20 fffff8023a55f37a ffff880164338a80 0000000000000000 : nt!KxRetireDpcList+0x5
fffffe897caae230 fffff8023a7ca1c5 : fffff7fc00001000 fffff8023a7c5671 000000000000c350 fffffe897caae2f0 : nt!KiDispatchInterruptContinue
fffffe897caae260 fffff8023a7c5671 : 000000000000c350 fffffe897caae2f0 ffffd98074e49640 fffffe897caae578 : nt!KiDpcInterruptBypass+0x25
fffffe897caae270 fffff8023a9532b9 : fffff8023a55d8d0 0000000000000000 0000000000000000 ffff880163217a00 : nt!KiInterruptDispatch+0xb1
fffffe897caae408 fffff8023a55d8d0 : 0000000000000000 0000000000000000 ffff880163217a00 0000000000000000 : nt!_guard_retpoline_indirect_cfg_rax+0x19
fffffe897caae410 fffff8023720427c : 000000000000c350 0000000000989680 00000066b15185d7 ffff88016235dd80 : hal!KeQueryPerformanceCounter+0x60
fffffe897caae440 fffff8023a637159 : ffff880154ca5e10 ffff88016235dd80 ffff88016235de98 0000000000000001 : cpuz148_x64+0x427c
fffffe897caae820 fffff8023abf2a95 : fffffe897caaeb80 ffff88016235dd80 0000000000000001 ffff880156e703c0 : nt!IofCallDriver+0x59
fffffe897caae860 fffff8023abf28a0 : 0000000000000000 fffffe897caaeb80 ffff88016235dd80 fffffe897caaeb80 : nt!IopSynchronousServiceTail+0x1a5
fffffe897caae900 fffff8023abf1c76 : 0000000000000000 0000000000000000 0000000000000000 0000000000000000 : nt!IopXxxControlFile+0xc10
fffffe897caaea20 fffff8023a7d5358 : 0000000000000001 0000000000000000 fffffe8900000002 fffffe897caaea00 : nt!NtDeviceIoControlFile+0x56
fffffe897caaea90 00007ff9a5d7c7d4 : 0000000000000000 0000000000000000 0000000000000000 0000000000000000 : nt!KiSystemServiceCopyEnd+0x28
0000007f03bffb38 0000000000000000 : 0000000000000000 0000000000000000 0000000000000000 0000000000000000 : 0x00007ff9`a5d7c7d4
SYMBOL_NAME: nvlddmkm+7c269a
MODULE_NAME: nvlddmkm
IMAGE_NAME: nvlddmkm.sys
STACK_COMMAND: .thread ; .cxr ; kb
BUCKET_ID_FUNC_OFFSET: 7c269a
FAILURE_BUCKET_ID: 0x139_3_CORRUPT_LIST_ENTRY_nvlddmkm!unknown_function
OS_VERSION: 10.0.18362.1
BUILDLAB_STR: 19h1_release
OSPLATFORM_TYPE: x64
OSNAME: Windows 10
FAILURE_ID_HASH: {313b10a2-72d5-e118-5040-eef20d8afced}
Followup: MachineOwner
---------
Continue reading...