Mattiwatti
commented
3 years ago Thanks for the report. This was a regression caused by the fix for KB5003173 in v1.2, which broke EfiDSEFix -d on older versions of Windows 10.
I've released v1.2.1 which should fix this. The new version also makes EfiDSEFix do additional validation of the target addresses, so that it should fail with an error rather than cause a BSOD by trying to write to an illegal address.
ghost
Trying latest release v1.2. Boots and patches all good. No errors seen in the green boot process info while loading. Using default settings with renamed loader.efi. The BSOD is instant the moment i hit enter on "EfiDSEFix.exe -d" in cmd. Im a dumb dumb in this area but I hope the following info is helpful. Just let me know if there is anything else that could help. Thank you.
ATTEMPTED_WRITE_TO_READONLY_MEMORY (be) An attempt was made to write to readonly memory. The guilty driver is on the stack trace (and is typically the current instruction pointer). When possible, the guilty driver's name (Unicode string) is printed on the bugcheck screen and saved in KiBugCheckDriver. Arguments: Arg1: fffff80472de5787, Virtual address for the attempted write. Arg2: 0100000181cb2021, PTE contents. Arg3: ffff800ec764c530, (reserved) Arg4: 000000000000000b, (reserved)
Debugging Details:
KEY_VALUES_STRING: 1
BUGCHECK_CODE: be
BUGCHECK_P1: fffff80472de5787
BUGCHECK_P2: 100000181cb2021
BUGCHECK_P3: ffff800ec764c530
BUGCHECK_P4: b
BLACKBOXBSD: 1 (!blackboxbsd)
BLACKBOXPNP: 1 (!blackboxpnp)
PROCESS_NAME: EfiDSEFix.exe
TRAP_FRAME: ffff800ec764c530 -- (.trap 0xffff800ec764c530) NOTE: The trap frame does not contain all registers. Some register values may be zeroed or incorrect. rax=0000000000000000 rbx=0000000000000000 rcx=008b486373000000 rdx=0000000000000000 rsi=0000000000000000 rdi=0000000000000000 rip=fffff800739d8f7f rsp=ffff800ec764c6c0 rbp=ffff800ec764c7b0 r8=ff00000000ffffff r9=fffff80472de5787 r10=ffff8880b8068ae0 r11=ffff800ec764ca40 r12=0000000000000000 r13=0000000000000000 r14=0000000000000000 r15=0000000000000000 iopl=0 nv up ei pl zr na po nc fffff800
739d8f7f 418911 mov dword ptr [r9],edx ds:fffff80472de5787=8b486373 Resetting default scopeSTACK_TEXT:
ffff800e
c764c248 fffff8006f6c3ea1 : 00000000000000be fffff80472de5787 0100000181cb2021 ffff800ec764c530 : nt!KeBugCheckEx ffff800ec764c250 fffff8006f4e69c7 : 0000000000000000 0000000000000003 0000000000000000 fffff80472de5787 : nt!MiSystemFault+0x1678c1 ffff800ec764c390 fffff8006f66e983 : 0000000000000000 0000000000000000 ffff800ec764ca40 0000000000000000 : nt!MmAccessFault+0x327 ffff800ec764c530 fffff800739d8f7f : ffff8880b7739180 fffff8006f59257f ffff800ec764c7b0 ffff800ec764c7b0 : nt!KiPageFault+0x343 ffff800ec764c6c0 ffff8880b7739180 : fffff8006f59257f ffff800ec764c7b0 ffff800ec764c7b0 ffffb30200000000 : 0xfffff800739d8f7f ffff800ec764c6c8 fffff8006f59257f : ffff800ec764c7b0 ffff800ec764c7b0 ffffb30200000000 ffff800ec764c708 : 0xffff8880b7739180 ffff800ec764c6d0 fffff8006f443aa7 : 0000000000000000 ffff800ec764c7c0 ffff800ec764c778 0000000000000000 : nt!KeSetSystemGroupAffinityThread+0x14f ffff800ec764c750 0000000000000000 : 0000000000000000 0000000000000000 0000000000000000 0000000000000000 : hal!HalSetEnvironmentVariableEx+0x127SYMBOL_NAME: nt!MiSystemFault+1678c1
MODULE_NAME: nt
IMAGE_VERSION: 10.0.17763.1
STACK_COMMAND: .thread ; .cxr ; kb
IMAGE_NAME: memory_corruption
BUCKET_ID_FUNC_OFFSET: 1678c1
FAILURE_BUCKET_ID: 0xBE_nt!MiSystemFault
OS_VERSION: 10.0.17763.1
BUILDLAB_STR: rs5_release
OSPLATFORM_TYPE: x64
OSNAME: Windows 10
FAILURE_ID_HASH: {f42e95f2-ac01-9f1a-bba7-f215636b6297}
Followup: MachineOwner