Windows 10 WINDOWS 10 - KERNEL MODE DUMP FILE - NOT ABLE TO ANALYZE

  • Thread starter Thread starter rahulak2011
  • Start date Start date
R

rahulak2011

Guest
Hey guys,

I got the BSOD twice after I upgraded my laptop to Windows 10. I tried extracting the Memory Dump file but couldn't get anything out of it. Help is much appreciated. Thanks!

Microsoft (R) Windows Debugger Version 10.0.17763.1 X86

Copyright (c) Microsoft Corporation. All rights reserved.


Loading Dump File [F:\MEMORY.DMP]
Kernel Bitmap Dump File: Kernel address space is available, User address space may not be available.

<g class="gr_ gr_693 gr-alert gr_gramm gr_inline_cards gr_run_anim Grammar only-ins doubleReplace replaceWithoutSep" data-gr-id="693" id="693">Symbol</g> search path is: <g class="gr_ gr_676 gr-alert gr_spell gr_inline_cards gr_run_anim ContextualSpelling" data-gr-id="676" id="676">srv</g>*
<g class="gr_ gr_694 gr-alert gr_gramm gr_inline_cards gr_run_anim Grammar only-ins doubleReplace replaceWithoutSep" data-gr-id="694" id="694">Executable</g> search path is:
Windows 10 Kernel Version 17763 MP (4 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS Personal
Built by: 17763.1.amd64fre.rs5_release.180914-1434
Machine Name:
Kernel base = 0xfffff8001fea6000 PsLoadedModuleList = 0xfffff800202c1ad0
Debug session time: Thu Jan 31 00:06:06.749 2019 (UTC + 5:30)
System Uptime: 1 days 10:59:17.711
Loading Kernel Symbols
...............................................................
................................................................
................................................................
......................
Loading User Symbols

Loading unloaded module list
..................................................
***
  • *
  • Bugcheck Analysis *
  • *
***

Use !analyze -v to get detailed debugging information.

BugCheck 13A, {11, ffffe38b75202100, ffffe38b814ac8b0, 0}

Page 3c00 not present in the dump file. Type ".hh dbgerr004" for details
Page 3c00 not present in the dump file. Type ".hh dbgerr004" for details
Page 3c00 not present in the dump file. Type ".hh dbgerr004" for details
Probably caused by : Pool_Corruption ( nt!ExFreePool+b )

Followup: Pool_corruption
---------

1: kd> !analyze -v
***
  • *
  • Bugcheck Analysis *
  • *
***

KERNEL_MODE_HEAP_CORRUPTION (13a)
The kernel mode heap manager has detected corruption in a heap.
Arguments:
Arg1: 0000000000000011, Type of corruption detected
Arg2: ffffe38b75202100, Address of the heap that reported the corruption
Arg3: ffffe38b814ac8b0, Address at which the corruption was detected
Arg4: 0000000000000000

Debugging Details:
------------------

Page 3c00 not present in the dump file. Type ".hh dbgerr004" for details
Page 3c00 not present in the dump file. Type ".hh dbgerr004" for details
Page 3c00 not present in the dump file. Type ".hh dbgerr004" for details

KEY_VALUES_STRING: 1


STACKHASH_ANALYSIS: 1

TIMELINE_ANALYSIS: 1


DUMP_CLASS: 1

DUMP_QUALIFIER: 401

BUILD_VERSION_STRING: 17763.1.amd64fre.rs5_release.180914-1434

SYSTEM_MANUFACTURER: Hewlett-Packard

SYSTEM_PRODUCT_NAME: HP 240 G3 Notebook PC

SYSTEM_SKU: K1V41PA#ACJ

SYSTEM_VERSION: 0976100000405F00000610181

BIOS_VENDOR: Insyde

BIOS_VERSION: F.43

BIOS_DATE: 12/19/2017

BASEBOARD_MANUFACTURER: Hewlett-Packard

BASEBOARD_PRODUCT: 220F

BASEBOARD_VERSION: 57.58

DUMP_TYPE: 1

BUGCHECK_P1: 11

BUGCHECK_P2: ffffe38b75202100

BUGCHECK_P3: ffffe38b814ac8b0

BUGCHECK_P4: 0

CPU_COUNT: 4

CPU_MHZ: 877

CPU_VENDOR: GenuineIntel

CPU_FAMILY: 6

CPU_MODEL: 37

CPU_STEPPING: 8

CPU_MICROCODE: 6,37,8,0 (F,M,S,R) SIG: 829'00000000 (cache) 829'00000000 (init)

BLACKBOXBSD: 1 (!blackboxbsd)


BLACKBOXPNP: 1 (!blackboxpnp)


DEFAULT_BUCKET_ID: WIN8_DRIVER_FAULT

BUGCHECK_STR: 0x13A

PROCESS_NAME: System

CURRENT_IRQL: 0

ANALYSIS_SESSION_HOST: RAHUL

ANALYSIS_SESSION_TIME: 01-31-2019 00:57:27.0241

ANALYSIS_VERSION: 10.0.17763.1 x86fre

LAST_CONTROL_TRANSFER: from fffff800201a02c9 to fffff80020059440

STACK_TEXT:
ffffb48c81f24478 fffff800201a02c9 : 000000000000013a 0000000000000011 ffffe38b75202100 ffffe38b814ac8b0 : nt!KeBugCheckEx
ffffb48c81f24480 fffff800201a0328 : 0000000000000011 00000000ffffffff ffffe38b75202100 fffff8012e7811e5 : nt!RtlpHeapHandleError+0x29
ffffb48c81f244c0 fffff8002019ff51 : 00000000000000d0 ffffe38b81484000 ffffb48c00000002 fffff8012d408360 : nt!RtlpHpHeapHandleError+0x58
ffffb48c81f244f0 fffff800200ced74 : 00000000000000d0 ffffe38b86d43000 ffffe38b75202340 ffffe38b00000000 : nt!RtlpLogHeapFailure+0x45
ffffb48c81f24520 fffff800201f1753 : ffffe38b75202340 ffff317bffffffff ffffb48c81f24860 fffff80100000000 : nt!RtlpHpLfhSubsegmentFreeBlock+0x169944
ffffb48c81f245e0 fffff800201f001b : ffffe38b814ac8c0 ffffe38b80a97290 ffffe38b00000a9d ffffb48c206c644d : nt!ExFreePoolWithTag+0xad3
ffffb48c81f24710 fffff8001feba478 : 0000000000000002 fffff8001ffc5f5d 0000000000000002 ffffe38b811a20b8 : nt!ExFreePool+0xb
ffffb48c81f24740 fffff8012d41224b : ffffe38b811a09a0 ffffe38b80a97290 ffffb48c81f24890 fffff8012d404ee9 : nt!IoFreeMdl+0x88
ffffb48c81f24770 fffff8001ee43487 : 0000000000000002 0000000000989680 0000000000000001 ffffe38b7590c9c0 : ndis!NdisFreeBuffer+0xb
ffffb48c81f247a0 fffff8001ee57df7 : ffffe38b80a97290 ffffb48c81f248a0 fffff8001f0e7000 ffffe38b81600000 : rtwlanu!WDI_FreeRxFrame+0xdb
ffffb48c81f247e0 fffff8001f32b5ba : ffffe38b811a4970 0000000000000000 0000000000000000 ffffe38b80a97290 : rtwlanu!N6UsbWdi_RxReturnFrames+0x4f
ffffb48c81f24810 fffff8001f32b896 : 0000000000000000 0000000000000000 00000000fffffffe fffff8001f375941 : wdiwifi!CRxMgr::RxReturnFrames+0x36
ffffb48c81f24840 fffff8001f34307d : ffffe38b80ccc9a0 fffff8001f3d3198 0000000000000002 ffffe38b80a97290 : wdiwifi!CRxMgr::OnNdisReturnNetBufferLists+0x126
ffffb48c81f248b0 fffff8001f375c0c : ffffe38b80ccc9a0 ffffb48c81f24970 0000000000000000 ffffe38b80a97290 : wdiwifi!CAdapter::ReturnNetBufferLists+0x129
ffffb48c81f24910 fffff8001f32b6f5 : 0000000000000000 ffffe38b811a20e0 0000000000000000 ffffe38b00000002 : wdiwifi!CPort::IndicateFrames+0x2b8
ffffb48c81f249b0 fffff8001f32aa88 : fffff8001f3d2520 ffffe38b805f0000 ffffb48c81f24ad9 ffffe38b811a4970 : wdiwifi!CRxMgr::RxIndicatePortFrames+0x129
ffffb48c81f24a20 fffff8001f32b10c : ffffe38b811a4970 ffffb48c81f24ba0 ffffe38b811a4970 0000000000000001 : wdiwifi!CRxMgr::RxProcessAndIndicateNblChain+0x72c
ffffb48c81f24b40 fffff8001f327653 : ffffe38b80a97290 fffff80000000003 ffffb48c81f24ce0 ffffe38b816000be : wdiwifi!CRxMgr::RxInOrderDataInd+0x308
ffffb48c81f24be0 fffff8001ee4550f : ffffe38b80620000 fffff8001f0e7000 0000000000000005 0000000000000010 : wdiwifi!AdapterRxInorderDataInd+0x83
ffffb48c81f24c20 fffff8001ee447ef : ffffe38b7f053000 fffff8001f0a6001 ffffe38b81600000 fffff8001f0a81f9 : rtwlanu!wdi_NotifyPeerData+0x363
ffffb48c81f24c90 fffff8001eebb315 : ffffe38b00000000 ffffe38b81600000 ffffe38b81e40778 ffffe38b81e4174c : rtwlanu!WDI_NotifyDataInQueue+0x97
ffffb48c81f24ce0 fffff8001f0a5a52 : ffffe38b7f054580 ffffe38b81e406c8 ffffe38b870e93f8 ffffe38b81600000 : rtwlanu!RxNotifyThreadCallback+0xcd
ffffb48c81f24d20 fffff8001ff2cbc5 : ffffe38b83b43040 0000000000000080 fffff8001f0a59d0 ffffe38b81e406c8 : rtwlanu!Ndis6ThreadCallback+0x82
ffffb48c81f24d50 fffff8002006089c : ffffcd80d1f0f180 ffffe38b83b43040 fffff8001ff2cb70 0000000000000246 : nt!PspSystemThreadStartup+0x55
ffffb48c81f24da0 0000000000000000 : ffffb48c81f25000 ffffb48c81f1f000 0000000000000000 0000000000000000 : nt!KiStartSystemThread+0x1c


THREAD_SHA1_HASH_MOD_FUNC: 499c98764adc25c0341f5aa2e8d9d8c66d021fb7

THREAD_SHA1_HASH_MOD_FUNC_OFFSET: a2f713f4a5abb7d5ca050d828ceadf6507473453

THREAD_SHA1_HASH_MOD: 6c3a0fe961b5c4a831fbc5609d147573f905adf4

FOLLOWUP_IP:
nt!ExFreePool+b
fffff800`201f001b 4883c428 add rsp,28h

FAULT_INSTR_CODE: 28c48348

SYMBOL_STACK_INDEX: 6

SYMBOL_NAME: nt!ExFreePool+b

FOLLOWUP_NAME: Pool_corruption

IMAGE_NAME: Pool_Corruption

DEBUG_FLR_IMAGE_TIMESTAMP: 0

MODULE_NAME: Pool_Corruption

STACK_COMMAND: .thread ; .cxr ; kb

BUCKET_ID_FUNC_OFFSET: b

FAILURE_BUCKET_ID: 0x13A_nt!ExFreePool

BUCKET_ID: 0x13A_nt!ExFreePool

PRIMARY_PROBLEM_CLASS: 0x13A_nt!ExFreePool

TARGET_TIME: 2019-01-30T18:36:06.000Z

<g class="gr_ gr_667 gr-alert gr_spell gr_inline_cards gr_run_anim ContextualSpelling ins-del multiReplace" data-gr-id="667" id="667">OSBUILD</g>: 17763

OSSERVICEPACK: 0

SERVICEPACK_NUMBER: 0

OS_REVISION: 0

SUITE_MASK: 784

PRODUCT_TYPE: 1

OSPLATFORM_TYPE: x64

OSNAME: Windows 10

<g class="gr_ gr_674 gr-alert gr_spell gr_inline_cards gr_run_anim ContextualSpelling ins-del multiReplace" data-gr-id="674" id="674">OSEDITION</g>: Windows 10 WinNt TerminalServer SingleUserTS Personal

OS_LOCALE:

USER_LCID: 0

OSBUILD_TIMESTAMP: unknown_date

BUILDDATESTAMP_STR: 180914-1434

BUILDLAB_STR: rs5_release

BUILDOSVER_STR: 10.0.17763.1.amd64fre.rs5_release.180914-1434

ANALYSIS_SESSION_ELAPSED_TIME: 231f

ANALYSIS_SOURCE: KM

FAILURE_ID_HASH_STRING: km:0x13a_nt!exfreepool

FAILURE_ID_HASH: {02a31b3f-d186-4beb-2f19-e6e95525a7df}

Followup: Pool_corruption

More...
 

Similar threads

BSchwarz
Windows 10 BSOD on first touch input (KMODE_EXCEPTION_NOT_HANDLED in win32kbase.sys)
Replies
0
Views
211
BSchwarz
BSchwarz
BSchwarz
Windows 10 BSOD on first touch input (KMODE_EXCEPTION_NOT_HANDLED in win32kbase.sys)
Replies
0
Views
235
BSchwarz
BSchwarz
BSchwarz
Windows 10 BSOD on first touch input (KMODE_EXCEPTION_NOT_HANDLED in win32kbase.sys)
Replies
0
Views
230
BSchwarz
BSchwarz
BSchwarz
Windows 10 BSOD on first touch input (KMODE_EXCEPTION_NOT_HANDLED in win32kbase.sys)
Replies
0
Views
311
BSchwarz
BSchwarz
S
Server was rebooted unexpectedly with memory dump
Replies
1
Views
281
Sven-D
S
Back
Top