MANUALLY_INITIATED_CRASH (e2)
The user manually initiated this crash dump.
Arguments:
Arg1: 0000000000000000
Arg2: 0000000000000000
Arg3: 0000000000000000
Arg4: 0000000000000000

0: kd> kc
# Call Site
00 nt!KeBugCheck2
01 nt!KeBugCheckEx
02 kbdhid!KbdHidProcessCrashDump
03 kbdhid!KbdHid_InsertCodesIntoQueue
04 HIDPARSE!HidP_ModifierCode
05 HIDPARSE!HidP_TranslateUsageAndPagesToI8042ScanCodes
06 kbdhid!KbdHid_ReadComplete
07 nt!IopUnloadSafeCompletion
08 nt!IopfCompleteRequest
09 HIDCLASS!HidpDistributeInterruptReport
0a HIDCLASS!HidpInterruptReadComplete
0b nt!IopfCompleteRequest
0c Wdf01000!FxIrp::CompleteRequest
0d Wdf01000!FxRequest::CompleteInternal
0e Wdf01000!FxRequest::Complete
0f Wdf01000!imp_WdfRequestComplete
10 USBXHCI!Bulk_ProcessTransferEventWithED1
11 USBXHCI!Bulk_EP_TransferEventHandler
12 USBXHCI!Endpoint_TransferEventHandler
13 USBXHCI!Interrupter_DeferredWorkProcessor
14 Wdf01000!FxInterrupt::DpcHandler
15 Wdf01000!FxInterrupt::_InterruptDpcThunk
16 nt!KiExecuteAllDpcs
17 nt!KiRetireDpcList
18 nt!KxPlatformSwapStacksAndCall
19 nt!KiPlatformSwapStacksAndCallReturn
1a nt!KiDispatchInterrupt
1b nt!HalpInterruptCheckForSoftwareInterrupt
1c nt!KiInterruptException
1d nt!KiUserInterruptHandler
1e ntdll!RtlpHpTagFreeHeap
1f ntdll!RtlFreeHeap
20 msvcrt!free
21 diagperf!XPerfCore::CPathNode::`scalar deleting destructor’
22 diagperf!XPerfCore::CPathNode::Insert
23 diagperf!XPerfCore::CPathNode::Insert
24 diagperf!XPerfCore::CPathNode::Insert
25 diagperf!XPerfCore::CPathNode::Insert
26 diagperf!XPerfAddIn::CProcessInfoSource::ImageEvent
27 diagperf!XPerfAddIn::CProcessInfoSource::OnEvent
28 diagperf!XPerfCore::CSession::OnEventRecord
29 diagperf!XPerfCore::CSession::EventRecordCallback
2a diagperf!XPerfCore::CEtwTrace::EventRecordCallback
2b sechost!EtwpProcessTraceLog
2c sechost!ProcessTrace
2d diagperf!XPerfCore::CEtwTraceGroup::ProcessEvents
2e diagperf!XPerfCore::CSession::ProcessEvents
2f diagperf!PerfDiagBoot::CTraceContext::Open
30 diagperf!BootScenario::PerformTroubleshooting
31 diagperf!BootScenario::TroubleShoot
32 diagperf!PerfDiagDm::CDmManager::HandleInstance
33 diagperf!WdiHandleInstance
34 wdi!WdipHandleInstance
35 wdi!WdipProcessDiagnosticMessage
36 wdi!WdipProcessSessionMessage
37 wdi!WdipSessionListener
38 ntdll!TppAlpcpExecuteCallback
39 ntdll!TppWorkerThread
3a KERNEL32!BaseThreadInitThunk
3b ntdll!RtlUserThreadStart

0: kd> .bugcheck
Bugcheck code 000000EF

0: kd> kc
# Call Site
00 nt!KeBugCheckEx
01 nt!PspCatchCriticalBreak
02 nt!PspTerminateAllThreads
03 nt!PspTerminateProcess
04 nt!NtTerminateProcess
05 nt!KiSystemServiceCopyEnd
06 nt!KiServiceLinkage
07 kprocesshacker
08 kprocesshacker
09 nt!IofCallDriver
0a nt!IopSynchronousServiceTail
0b nt!IopXxxControlFile
0c nt!NtDeviceIoControlFile
0d nt!KiSystemServiceCopyEnd
0e ntdll!NtDeviceIoControlFile

BUCKET_ID: IP_MISALIGNED

0: kd> .trap 0xffffffff99189ce4
ErrCode = 00000002
eax=00000115 ebx=8092596a ecx=00000000 edx=00cbff30 esi=00cbff38 edi=99189d64
eip=8092596c esp=99189d58 ebp=99189d64 iopl=0 nv up ei ng nz na pe cy
cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00010287
nt!NtUnmapViewOfSection+0x2:
8092596c 8c28 mov word ptr [eax],gs ds:0023:00000115=????????

0: kd> u nt!NtUnmapViewOfSection
nt!NtUnmapViewOfSection:
8092596a e9cd8c2877 jmp driverA+0x4263c (f7bae63c)
8092596f 51 push ecx
80925970 64a124010000 mov eax,dword ptr fs:[00000124h]
80925976 8a80d7000000 mov al,byte ptr [eax+0D7h]
8092597c 3c01 cmp al,1
8092597e 56 push esi
8092597f 8b750c mov esi,dword ptr [ebp+0Ch]
80925982 8845fc mov byte ptr [ebp-4],al

The server was reported hang and all CPUs were busy.

DRIVER_VERIFIER_DETECTED_VIOLATION (c4)
A device driver attempting to corrupt the system has been caught. This is
because the driver was specified in the registry as being suspect (by the
administrator) and the kernel has enabled substantial checking of this driver.
If the driver attempts to corrupt the system, bugchecks 0xC4, 0xC1 and 0xA will
be among the most commonly seen crashes.
Arguments:
Arg1: 0000000000000091, A driver switched stacks using a method that is not supported by
the operating system. The only supported way to extend a kernel
mode stack is by using KeExpandKernelStackAndCallout.
Arg2: 0000000000000000
Arg3: fffff8000185bc40
Arg4: 0000000000000000

0: kd> kL 100
Child-SP RetAddr Call Site
fffff880`0891f8c8 fffff800`01729c8a nt!KeBugCheckEx
fffff880`0891f8d0 fffff800`01700573 nt! ?? ::FNODOBFM::`string'+0x4904
fffff880`0891f910 fffff800`0170d8df nt!RtlDispatchException+0x33
fffff880`0891fff0 fffff800`016d2c42 nt!KiDispatchException+0x16f
fffff880`08920680 fffff800`016d17ba nt!KiExceptionDispatch+0xc2
fffff880`08920860 fffff800`016ca533 nt!KiPageFault+0x23a
fffff880`089209f8 fffff800`016a88c0 nt!memcpy+0x223
fffff880`08920a00 fffff800`016a8638 nt!KiOpFetchBytes+0x30
fffff880`08920a30 fffff800`0170dd6f nt!KiOpDecode+0x68
fffff880`08920a80 fffff800`0170d896 nt!KiPreprocessFault+0x53
fffff880`08920b10 fffff800`016d2c42 nt!KiDispatchException+0x126
fffff880`089211a0 fffff800`016d17ba nt!KiExceptionDispatch+0xc2
fffff880`08921380 00000000`0000f001 nt!KiPageFault+0x23a
fffff880`08921518 fffff800`016d9b4b 0xf001
fffff880`08921520 fffff800`016d94da nt!EnlightenedSwapContext_PatchXSave+0xa8
fffff880`08921560 fffff800`016da752 nt!KiSwapContext+0x7a
fffff880`089216a0 fffff800`016dc8af nt!KiCommitThreadWait+0x1d2
fffff880`08921730 fffff800`0169c1de nt!KeWaitForSingleObject+0x19f
fffff880`089217d0 fffff800`016db8bc nt!ExpWaitForResource+0xae
fffff880`08921840 fffff880`042fcd91 nt!ExAcquireResourceExclusiveLite+0x14f
[...]
fffff880`08921a10 fffff800`019eff16 nt!IopXxxControlFile+0x607
fffff880`08921b40 fffff800`016d2853 nt!NtDeviceIoControlFile+0x56
fffff880`08921bb0 00000000`7755ff2a nt!KiSystemServiceCopyEnd+0x13
00000000`0343f708 00000000`00000000 0x7755ff2a

x86:

BugCheck D1, {f001, 2, 0, f001}

DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1)
An attempt was made to access a pageable (or completely invalid) address at an
interrupt request level (IRQL) that is too high. This is usually
caused by drivers using improper addresses.
If kernel debugger is available get stack backtrace.
Arguments:
Arg1: 0000f001, memory referenced
Arg2: 00000002, IRQL
Arg3: 00000000, value 0 = read operation, 1 = write operation
Arg4: 0000f001, address which referenced memory

STACK_TEXT:
805573c0 0000f001 nt!KiTrap0E+0x238
80557430 ffdffc70 0xf001
80557450 804dcbef 0xffdffc70
80557454 00000000 nt!KiIdleLoop+0x10

x64:

BugCheck 1E, {ffffffffc0000005, f001, 8, f001}

KMODE_EXCEPTION_NOT_HANDLED (1e)
This is a very common bugcheck. Usually the exception address pinpoints
the driver/function that caused the problem. Always note this address
as well as the link date of the driver/image that contains this address.
Arguments:
Arg1: ffffffffc0000005, The exception code that was not handled
Arg2: 000000000000f001, The address that the exception occurred at
Arg3: 0000000000000008, Parameter 0 of the exception
Arg4: 000000000000f001, Parameter 1 of the exception

STACK_TEXT:
fffff800`062b8358 fffff800`01896747 : nt!KeBugCheckEx
fffff800`062b8360 fffff800`018b1ce9 : nt! ?? ::FNODOBFM::`string'+0x250e7
fffff800`062b8960 fffff800`018b0ae5 : nt!KiExceptionDispatch+0xa9
fffff800`062b8b40 00000000`0000f0: nt!KiPageFault+0x1e5
fffff800`062b8cd8 fffffa60`02a7e685 : 0xf001
fffff800`062b8ce0 fffff800`018b6583 : intelppm!C1Idle+0x9
fffff800`062b8d10 fffff800`018b62a1 : nt!PoIdle+0x183
fffff800`062b8d80 fffff800`01a88860 : nt!KiIdleLoop+0x21
fffff800`062b8db0 00000000`fffff800 : nt!zzz_AsmCodeRange_End+0x4
fffff800`062b20b0 00000000`00000000 : 0xfffff800

1: kd> k
Child-SP RetAddr Call Site
fffffa60`06bf7558 fffff800`0165712e nt!KeBugCheckEx
fffffa60`06bf7560 fffff800`0165600b nt!KiBugCheckDispatch+0×6e
fffffa60`06bf76a0 fffffa60`053da17a nt!KiPageFault+0×20b
fffffa60`06bf7830 fffffa60`053da397 myfault+0×117a
fffffa60`06bf7990 fffff800`018dd25a myfault+0×1397
fffffa60`06bf79f0 fffff800`018f5f76 nt!IopXxxControlFile+0×5da
fffffa60`06bf7b40 fffff800`01656e33 nt!NtDeviceIoControlFile+0×56
fffffa60`06bf7bb0 00000000`77525aea nt!KiSystemServiceCopyEnd+0×13