Microsoft (R) Windows Debugger Version 10.0.22000.194 AMD64
Copyright (c) Microsoft Corporation. All rights reserved.
Loading Dump File [C:\Users\MPC\Desktop\MEMORY.DMP]
Kernel Bitmap Dump File: Kernel address space is available, User address space may not be available.
Symbol search path is: srv*
Executable search path is:
Windows 10 Kernel Version 19041 MP (4 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS
Edition build lab: 19041.1.amd64fre.vb_release.191206-1406
Machine Name:
Kernel base = 0xfffff8011ba00000 PsLoadedModuleList = 0xfffff801
1c62a270
Debug session time: Thu Apr 7 15:01:58.628 2022 (UTC + 9:00)
System Uptime: 0 days 15:27:52.392
Loading Kernel Symbols
...............................................................
................................................................
..............................................
Loading User Symbols
Loading unloaded module list
...................
For analysis of this file, run !analyze -v
3: kd> !analyze -v
SYSTEM_THREAD_EXCEPTION_NOT_HANDLED (7e)
This is a very common bugcheck. Usually the exception address pinpoints
the driver/function that caused the problem. Always note this address
as well as the link date of the driver/image that contains this address.
Arguments:
Arg1: ffffffffc0000005, The exception code that was not handled
Arg2: fffff8011bc869f9, The address that the exception occurred at
Arg3: ffffbd0e01e3e908, Exception Record Address
Arg4: ffffbd0e01e3e140, Context Record Address
Debugging Details:
Unable to load image \SystemRoot\System32\drivers\DDHID1906.sys, Win32 error 0n2
KEY_VALUES_STRING: 1
Key : AV.Dereference
Value: NullPtr
Key : AV.Fault
Value: Read
Key : Analysis.CPU.mSec
Value: 4640
Key : Analysis.DebugAnalysisManager
Value: Create
Key : Analysis.Elapsed.mSec
Value: 16875
Key : Analysis.Init.CPU.mSec
Value: 2796
Key : Analysis.Init.Elapsed.mSec
Value: 17682
Key : Analysis.Memory.CommitPeak.Mb
Value: 87
Key : WER.OS.Branch
Value: vb_release
Key : WER.OS.Timestamp
Value: 2019-12-06T14:06:00Z
Key : WER.OS.Version
Value: 10.0.19041.1
BUGCHECK_CODE: 7e
BUGCHECK_P1: ffffffffc0000005
BUGCHECK_P2: fffff8011bc869f9
BUGCHECK_P3: ffffbd0e01e3e908
BUGCHECK_P4: ffffbd0e01e3e140
EXCEPTION_RECORD: ffffbd0e01e3e908 -- (.exr 0xffffbd0e01e3e908)
ExceptionAddress: fffff8011bc869f9 (nt!KeSetEvent+0x0000000000000009)
ExceptionCode: c0000005 (Access violation)
ExceptionFlags: 00000000
NumberParameters: 2
Parameter[0]: 0000000000000000
Parameter[1]: 0000000000000000
Attempt to read from address 0000000000000000
CONTEXT: ffffbd0e01e3e140 -- (.cxr 0xffffbd0e01e3e140)
rax=0000000000000000 rbx=ffffab0bf6df3300 rcx=0000000000000000
rdx=0000000000000002 rsi=ffffab0bf73be050 rdi=ffffab0bf73bea10
rip=fffff8011bc869f9 rsp=ffffbd0e01e3eb40 rbp=0000000000000080
r8=0000000000000000 r9=000000000000002f r10=fffff8011bd3a390
r11=ffffbd0e01e3eba0 r12=0000000000000487 r13=0000000000000000
r14=ffffab0bee291040 r15=0000000000000000
iopl=0 nv up ei ng nz na pe nc
cs=0010 ss=0000 ds=002b es=002b fs=0053 gs=002b efl=00010282
nt!KeSetEvent+0x9:
fffff8011bc869f9 f6017f test byte ptr [rcx],7Fh ds:002b:00000000
00000000=??
Resetting default scope
BLACKBOXBSD: 1 (!blackboxbsd)
BLACKBOXNTFS: 1 (!blackboxntfs)
BLACKBOXPNP: 1 (!blackboxpnp)
BLACKBOXWINLOGON: 1
PROCESS_NAME: System
READ_ADDRESS: 0000000000000000
ERROR_CODE: (NTSTATUS) 0xc0000005 - 0x%p 0x%p . %s .
EXCEPTION_CODE_STR: c0000005
EXCEPTION_PARAMETER1: 0000000000000000
EXCEPTION_PARAMETER2: 0000000000000000
EXCEPTION_STR: 0xc0000005
STACK_TEXT:
ffffbd0e01e3eb40 fffff801
232603c7 : fffff80123008830 ffffab0b
f6df3300 0000000000000080 ffffab0b
f73be050 : nt!KeSetEvent+0x9
ffffbd0e01e3ebd0 fffff801
23008830 : ffffab0bf6df3300 00000000
00000080 ffffab0bf73be050 00000000
00000000 : DDHID1906+0x2603c7
ffffbd0e01e3ebd8 ffffab0b
f6df3300 : 0000000000000080 ffffab0b
f73be050 0000000000000000 00000000
00000487 : DDHID1906+0x8830
ffffbd0e01e3ebe0 00000000
00000080 : ffffab0bf73be050 00000000
00000000 0000000000000487 ffffab0b
f73be050 : 0xffffab0bf6df3300 ffffbd0e
01e3ebe8 ffffab0bf73be050 : 00000000
00000000 0000000000000487 ffffab0b
f73be050 fffff8011bd55855 : 0x80 ffffbd0e
01e3ebf0 0000000000000000 : 00000000
00000487 ffffab0bf73be050 fffff801
1bd55855 ffffab0bf6df3300 : 0xffffab0b
f73be050
SYMBOL_NAME: DDHID1906+2603c7
MODULE_NAME: DDHID1906
IMAGE_NAME: DDHID1906.sys
STACK_COMMAND: .cxr 0xffffbd0e01e3e140 ; kb
BUCKET_ID_FUNC_OFFSET: 2603c7
FAILURE_BUCKET_ID: AV_DDHID1906!unknown_function
OS_VERSION: 10.0.19041.1
BUILDLAB_STR: vb_release
OSPLATFORM_TYPE: x64
OSNAME: Windows 10
FAILURE_ID_HASH: {90a47292-f375-272c-7b70-72f8b94e14e5}
Followup: MachineOwner