keep getting BSOD errors randomly

  • Thread starter Thread starter BlackSpider71
  • Start date Start date
B

BlackSpider71

Guest
here is the latest crash report:

Microsoft (R) Windows Debugger Version 10.0.18362.1 AMD64
Copyright (c) Microsoft Corporation. All rights reserved.


Loading Dump File [C:\Windows\Minidump\060219-6187-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available

Symbol search path is: srv*
Executable search path is:
Windows 10 Kernel Version 17763 MP (4 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS Personal
Built by: 17763.1.amd64fre.rs5_release.180914-1434
Machine Name:
Kernel base = 0xfffff806`6dca1000 PsLoadedModuleList = 0xfffff806`6e0bc5d0
Debug session time: Sun Jun 2 15:56:11.083 2019 (UTC - 5:00)
System Uptime: 0 days 4:40:43.172
Loading Kernel Symbols
...............................................................
................................................................
...............................................
Loading User Symbols
Loading unloaded module list
.......
For analysis of this file, run !analyze -v
0: kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************

DRIVER_OVERRAN_STACK_BUFFER (f7)
A driver has overrun a stack-based buffer. This overrun could potentially
allow a malicious user to gain control of this machine.
DESCRIPTION
A driver overran a stack-based buffer (or local variable) in a way that would
have overwritten the function's return address and jumped back to an arbitrary
address when the function returned. This is the classic "buffer overrun"
hacking attack and the system has been brought down to prevent a malicious user
from gaining complete control of it.
Do a kb to get a stack backtrace -- the last routine on the stack before the
buffer overrun handlers and bugcheck call is the one that overran its local
variable(s).
Arguments:
Arg1: 000000000000fe50, Actual security check cookie from the stack
Arg2: 0000dc12e3e8b9c9, Expected security check cookie
Arg3: ffff23ed1c174636, Complement of the expected security check cookie
Arg4: 0000000000000000, zero

Debugging Details:
------------------


KEY_VALUES_STRING: 1


PROCESSES_ANALYSIS: 1

SERVICE_ANALYSIS: 1

STACKHASH_ANALYSIS: 1

TIMELINE_ANALYSIS: 1


DUMP_CLASS: 1

DUMP_QUALIFIER: 400

BUILD_VERSION_STRING: 17763.1.amd64fre.rs5_release.180914-1434

SYSTEM_MANUFACTURER: ASUS

SYSTEM_PRODUCT_NAME: All Series

SYSTEM_SKU: All

SYSTEM_VERSION: System Version

BIOS_VENDOR: American Megatrends Inc.

BIOS_VERSION: 2507

BIOS_DATE: 10/09/2014

BASEBOARD_MANUFACTURER: ASUSTeK COMPUTER INC.

BASEBOARD_PRODUCT: Z97-P

BASEBOARD_VERSION: Rev X.0x

DUMP_TYPE: 2

BUGCHECK_P1: fe50

BUGCHECK_P2: dc12e3e8b9c9

BUGCHECK_P3: ffff23ed1c174636

BUGCHECK_P4: 0

SECURITY_COOKIE: Expected 0000dc12e3e8b9c9 found 000000000000fe50

CPU_COUNT: 4

CPU_MHZ: df2

CPU_VENDOR: GenuineIntel

CPU_FAMILY: 6

CPU_MODEL: 3c

CPU_STEPPING: 3

CPU_MICROCODE: 6,3c,3,0 (F,M,S,R) SIG: 24'00000000 (cache) 24'00000000 (init)

BLACKBOXBSD: 1 (!blackboxbsd)


CUSTOMER_CRASH_COUNT: 1

DEFAULT_BUCKET_ID: WIN8_DRIVER_FAULT

BUGCHECK_STR: 0xF7

PROCESS_NAME: javaw.exe

CURRENT_IRQL: c

ANALYSIS_SESSION_HOST: BORO

ANALYSIS_SESSION_TIME: 06-02-2019 16:30:31.0370

ANALYSIS_VERSION: 10.0.18362.1 amd64fre

LAST_CONTROL_TRANSFER: from fffff8066df087b5 to fffff8066de54ef0

STACK_TEXT:
ffffaf0f`44bb7e38 fffff806`6df087b5 : 00000000`000000f7 00000000`0000fe50 0000dc12`e3e8b9c9 ffff23ed`1c174636 : nt!KeBugCheckEx
ffffaf0f`44bb7e40 fffff806`6dd8b555 : 00000000`00000000 fffff806`6dd8b555 00000000`00000000 00000000`00000000 : nt!_report_gsfailure+0x25
ffffaf0f`44bb7e80 fffff806`6dc0668c : 00000000`00000000 ffffaf0f`44bb8230 00000000`00000206 00000000`00000000 : nt!KeAndAffinityEx+0xe5
ffffaf0f`44bb7f50 fffff806`6ddaa9cc : ffffaf0f`44bb83f0 00000000`00000000 00000000`00000001 00000000`00000000 : hal!HalRequestIpi+0xbc
ffffaf0f`44bb81d0 fffff806`6dd44ff7 : ffffaf0f`44bb8598 00000000`00000000 ffffaf0f`44bb8680 ffffedf6`c0001b80 : nt!KiIpiSendRequest+0x34c
ffffaf0f`44bb83e0 fffff806`6dd43db5 : ffff9a03`64bae580 ffffaf0f`44bb8630 ffffedf6`fb7db000 ffffed80`00370eb0 : nt!MiFlushTbList+0x337
ffffaf0f`44bb8530 fffff806`6e2b7e4f : ffffc28a`00000000 ffff9a03`00000001 ffff9a03`67c5c440 ffff9a03`67c5c440 : nt!MiSetProtectionOnSection+0x875
ffffaf0f`44bb8860 fffff806`6e2b79a7 : ffff9a03`64bae080 ffff9a03`64bae080 ffffaf0f`44bb89f0 ffffaf0f`44bb8a00 : nt!MmProtectVirtualMemory+0x3df
ffffaf0f`44bb89a0 fffff806`6de66088 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!NtProtectVirtualMemory+0x197
ffffaf0f`44bb8a90 00007ffa`11aa0164 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x28
00000000`031dcc08 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x00007ffa`11aa0164


THREAD_SHA1_HASH_MOD_FUNC: 8d76a4d436dcf1692937332eff416b734cba2844

THREAD_SHA1_HASH_MOD_FUNC_OFFSET: 63cc85151f7c964dc7928aa9025d7210db3c51d2

THREAD_SHA1_HASH_MOD: 692dc177616b23b31c5615392ac069be10b8455d

FOLLOWUP_IP:
nt!_report_gsfailure+25
fffff806`6df087b5 cc int 3

FAULT_INSTR_CODE: cccccccc

SYMBOL_STACK_INDEX: 1

SYMBOL_NAME: nt!_report_gsfailure+25

FOLLOWUP_NAME: MachineOwner

MODULE_NAME: nt

IMAGE_NAME: ntkrnlmp.exe

DEBUG_FLR_IMAGE_TIMESTAMP: 6105701f

IMAGE_VERSION: 10.0.17763.503

STACK_COMMAND: .thread ; .cxr ; kb

BUCKET_ID_FUNC_OFFSET: 25

FAILURE_BUCKET_ID: 0xF7_MISSING_GSFRAME_nt!_report_gsfailure

BUCKET_ID: 0xF7_MISSING_GSFRAME_nt!_report_gsfailure

PRIMARY_PROBLEM_CLASS: 0xF7_MISSING_GSFRAME_nt!_report_gsfailure

TARGET_TIME: 2019-06-02T20:56:11.000Z

OSBUILD: 17763

OSSERVICEPACK: 503

SERVICEPACK_NUMBER: 0

OS_REVISION: 0

SUITE_MASK: 784

PRODUCT_TYPE: 1

OSPLATFORM_TYPE: x64

OSNAME: Windows 10

OSEDITION: Windows 10 WinNt TerminalServer SingleUserTS Personal

OS_LOCALE:

USER_LCID: 0

OSBUILD_TIMESTAMP: 2021-07-31 10:45:35

BUILDDATESTAMP_STR: 180914-1434

BUILDLAB_STR: rs5_release

BUILDOSVER_STR: 10.0.17763.1.amd64fre.rs5_release.180914-1434

ANALYSIS_SESSION_ELAPSED_TIME: 21aa

ANALYSIS_SOURCE: KM

FAILURE_ID_HASH_STRING: km:0xf7_missing_gsframe_nt!_report_gsfailure

FAILURE_ID_HASH: {82d2c1b5-b0cb-60a5-9a5d-78c8c4284f84}

Followup: MachineOwner
---------

0: kd> lmvm nt
Browse full module list
start end module name
fffff806`6dca1000 fffff806`6e712000 nt (pdb symbols) C:\Program Files (x86)\Windows Kits\10\Debuggers\x64\sym\ntkrnlmp.pdb\20C711BBD4C21AA5C45BC774BC7E04721\ntkrnlmp.pdb
Loaded symbol image file: ntkrnlmp.exe
Mapped memory image file: C:\Program Files (x86)\Windows Kits\10\Debuggers\x64\sym\ntoskrnl.exe\6105701Fa71000\ntoskrnl.exe
Image path: ntkrnlmp.exe
Image name: ntkrnlmp.exe
Browse all global symbols functions data
Image was built with /Brepro flag.
Timestamp: 6105701F (This is a reproducible build file hash, not a timestamp)
CheckSum: 009495F6
ImageSize: 00A71000
File version: 10.0.17763.503
Product version: 10.0.17763.503
File flags: 0 (Mask 3F)
File OS: 40004 NT Win32
File type: 1.0 App
File date: 00000000.00000000
Translations: 0409.04b0
Information from resource tables:
CompanyName: Microsoft Corporation
ProductName: Microsoft® Windows® Operating System
InternalName: ntkrnlmp.exe
OriginalFilename: ntkrnlmp.exe
ProductVersion: 10.0.17763.503
FileVersion: 10.0.17763.503 (WinBuild.160101.0800)
FileDescription: NT Kernel & System
LegalCopyright: © Microsoft Corporation. All rights reserved.

Continue reading...
 
You must log in or register to reply here.

Similar threads

J
Can someone please explain this dmp file to me. Thank you.
Replies
0
Views
16
JimrosGeruela
J
J
BSOD
Replies
0
Views
24
Jono Bassman
J
W
BSOD caused by RASPPPOE.sys and WAN MINIPORT (PPPOE)
Replies
0
Views
26
WillemJK
W
S
DPC_WATCHDOG_VIOLATION (133) BSOD ntkrnlmp.exe
Replies
0
Views
15
SandorOlah_78
S
S
Cortana BSOD my PC: KERNEL_SECURITY_CHECK_FAILURE
Replies
0
Views
12
sn00py
S
Back
Top