 | |
| |
| 03 Oct 2010 | #1 |
| | Daily BSOD, ntoskrnl.exe driver fault? Hey guys, Recently got my new computer, and it is amazing! Only problem is that 2 or 3 times a day i get a BSOD...  I checked the Minidump files and it's saying something about VISTA_DRIVER_FAULT and ntoskrnl.exe driver fault. This is what the Dump File reads: Code: Loading Dump File [C:\Users\Nico\Desktop\100210-21122-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available
Symbol search path is: *** Invalid ***
****************************************************************************
* Symbol loading may be unreliable without a symbol search path. *
* Use .symfix to have the debugger choose a symbol path. *
* After setting your symbol path, use .reload to refresh symbol locations. *
****************************************************************************
Executable search path is:
*********************************************************************
* Symbols can not be loaded because symbol path is not initialized. *
* *
* The Symbol Path can be set by: *
* using the _NT_SYMBOL_PATH environment variable. *
* using the -y <symbol_path> argument when starting the debugger. *
* using .sympath and .sympath+ *
*********************************************************************
Unable to load image \SystemRoot\system32\ntoskrnl.exe, Win32 error 0n2
*** WARNING: Unable to verify timestamp for ntoskrnl.exe
*** ERROR: Module load completed but symbols could not be loaded for ntoskrnl.exe
Windows 7 Kernel Version 7600 MP (4 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS Personal
Built by: 7600.16617.amd64fre.win7_gdr.100618-1621
Machine Name:
Kernel base = 0xfffff800`02a1e000 PsLoadedModuleList = 0xfffff800`02c5be50
Debug session time: Sat Oct 2 15:59:55.289 2010 (UTC + 1:00)
System Uptime: 0 days 4:09:36.710
*********************************************************************
* Symbols can not be loaded because symbol path is not initialized. *
* *
* The Symbol Path can be set by: *
* using the _NT_SYMBOL_PATH environment variable. *
* using the -y <symbol_path> argument when starting the debugger. *
* using .sympath and .sympath+ *
*********************************************************************
Unable to load image \SystemRoot\system32\ntoskrnl.exe, Win32 error 0n2
*** WARNING: Unable to verify timestamp for ntoskrnl.exe
*** ERROR: Module load completed but symbols could not be loaded for ntoskrnl.exe
Loading Kernel Symbols
...............................................................
................................................................
......................
Loading User Symbols
Loading unloaded module list
.....
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
Use !analyze -v to get detailed debugging information.
BugCheck A, {2b, 2, 0, fffff80002a6ddaa}
***** Kernel symbols are WRONG. Please fix symbols to do analysis.
*************************************************************************
*** ***
*** ***
*** Your debugger is not using the correct symbols ***
*** ***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!_KPRCB ***
*** ***
*************************************************************************
*************************************************************************
*** ***
*** ***
*** Your debugger is not using the correct symbols ***
*** ***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!_KPRCB ***
*** ***
*************************************************************************
*************************************************************************
*** ***
*** ***
*** Your debugger is not using the correct symbols ***
*** ***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!_KPRCB ***
*** ***
*************************************************************************
Probably caused by : ntoskrnl.exe ( nt+4fdaa )
Followup: MachineOwner
---------
3: kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
IRQL_NOT_LESS_OR_EQUAL (a)
An attempt was made to access a pageable (or completely invalid) address at an
interrupt request level (IRQL) that is too high. This is usually
caused by drivers using improper addresses.
If a kernel debugger is available get the stack backtrace.
Arguments:
Arg1: 000000000000002b, memory referenced
Arg2: 0000000000000002, IRQL
Arg3: 0000000000000000, bitfield :
bit 0 : value 0 = read operation, 1 = write operation
bit 3 : value 0 = not an execute operation, 1 = execute operation (only on chips which support this level of status)
Arg4: fffff80002a6ddaa, address which referenced memory
Debugging Details:
------------------
***** Kernel symbols are WRONG. Please fix symbols to do analysis.
*************************************************************************
*** ***
*** ***
*** Your debugger is not using the correct symbols ***
*** ***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!_KPRCB ***
*** ***
*************************************************************************
*************************************************************************
*** ***
*** ***
*** Your debugger is not using the correct symbols ***
*** ***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!_KPRCB ***
*** ***
*************************************************************************
*************************************************************************
*** ***
*** ***
*** Your debugger is not using the correct symbols ***
*** ***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!_KPRCB ***
*** ***
*************************************************************************
ADDITIONAL_DEBUG_TEXT:
Use '!findthebuild' command to search for the target build information.
If the build information is available, run '!findthebuild -s ; .reload' to set symbol path and load symbols.
MODULE_NAME: nt
FAULTING_MODULE: fffff80002a1e000 nt
DEBUG_FLR_IMAGE_TIMESTAMP: 4c1c44a9
READ_ADDRESS: unable to get nt!MmSpecialPoolStart
unable to get nt!MmSpecialPoolEnd
unable to get nt!MmPoolCodeStart
unable to get nt!MmPoolCodeEnd
000000000000002b
CURRENT_IRQL: 0
FAULTING_IP:
nt+4fdaa
fffff800`02a6ddaa 0fb6472b movzx eax,byte ptr [rdi+2Bh]
CUSTOMER_CRASH_COUNT: 1
DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT
BUGCHECK_STR: 0xA
LAST_CONTROL_TRANSFER: from fffff80002a8dca9 to fffff80002a8e740
STACK_TEXT:
fffff880`0aae5838 fffff800`02a8dca9 : 00000000`0000000a 00000000`0000002b 00000000`00000002 00000000`00000000 : nt+0x70740
fffff880`0aae5840 00000000`0000000a : 00000000`0000002b 00000000`00000002 00000000`00000000 fffff800`02a6ddaa : nt+0x6fca9
fffff880`0aae5848 00000000`0000002b : 00000000`00000002 00000000`00000000 fffff800`02a6ddaa 00000000`00000000 : 0xa
fffff880`0aae5850 00000000`00000002 : 00000000`00000000 fffff800`02a6ddaa 00000000`00000000 66264438`33343836 : 0x2b
fffff880`0aae5858 00000000`00000000 : fffff800`02a6ddaa 00000000`00000000 66264438`33343836 2e313d72`6f746361 : 0x2
STACK_COMMAND: .bugcheck ; kb
FOLLOWUP_IP:
nt+4fdaa
fffff800`02a6ddaa 0fb6472b movzx eax,byte ptr [rdi+2Bh]
SYMBOL_NAME: nt+4fdaa
FOLLOWUP_NAME: MachineOwner
IMAGE_NAME: ntoskrnl.exe
BUCKET_ID: WRONG_SYMBOLS
Followup: MachineOwner
--------- I'll attach the Mini Dump files  Thanks for any help you can give <3 Really Appreciate it! |
My System Specs | |
| 03 Oct 2010 | #2 |
| | 
Quote: Originally Posted by SunDown  Hey guys, Recently got my new computer, and it is amazing! Only problem is that 2 or 3 times a day i get a BSOD... I checked the Minidump files and it's saying something about VISTA_DRIVER_FAULT and ntoskrnl.exe driver fault. This is what the Dump File reads: Code: Loading Dump File [C:\Users\Nico\Desktop\100210-21122-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available
Symbol search path is: *** Invalid ***
****************************************************************************
* Symbol loading may be unreliable without a symbol search path. *
* Use .symfix to have the debugger choose a symbol path. *
* After setting your symbol path, use .reload to refresh symbol locations. *
****************************************************************************
Executable search path is:
*********************************************************************
* Symbols can not be loaded because symbol path is not initialized. *
* *
* The Symbol Path can be set by: *
* using the _NT_SYMBOL_PATH environment variable. *
* using the -y <symbol_path> argument when starting the debugger. *
* using .sympath and .sympath+ *
*********************************************************************
Unable to load image \SystemRoot\system32\ntoskrnl.exe, Win32 error 0n2
*** WARNING: Unable to verify timestamp for ntoskrnl.exe
*** ERROR: Module load completed but symbols could not be loaded for ntoskrnl.exe
Windows 7 Kernel Version 7600 MP (4 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS Personal
Built by: 7600.16617.amd64fre.win7_gdr.100618-1621
Machine Name:
Kernel base = 0xfffff800`02a1e000 PsLoadedModuleList = 0xfffff800`02c5be50
Debug session time: Sat Oct 2 15:59:55.289 2010 (UTC + 1:00)
System Uptime: 0 days 4:09:36.710
*********************************************************************
* Symbols can not be loaded because symbol path is not initialized. *
* *
* The Symbol Path can be set by: *
* using the _NT_SYMBOL_PATH environment variable. *
* using the -y <symbol_path> argument when starting the debugger. *
* using .sympath and .sympath+ *
*********************************************************************
Unable to load image \SystemRoot\system32\ntoskrnl.exe, Win32 error 0n2
*** WARNING: Unable to verify timestamp for ntoskrnl.exe
*** ERROR: Module load completed but symbols could not be loaded for ntoskrnl.exe
Loading Kernel Symbols
...............................................................
................................................................
......................
Loading User Symbols
Loading unloaded module list
.....
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
Use !analyze -v to get detailed debugging information.
BugCheck A, {2b, 2, 0, fffff80002a6ddaa}
***** Kernel symbols are WRONG. Please fix symbols to do analysis.
*************************************************************************
*** ***
*** ***
*** Your debugger is not using the correct symbols ***
*** ***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!_KPRCB ***
*** ***
*************************************************************************
*************************************************************************
*** ***
*** ***
*** Your debugger is not using the correct symbols ***
*** ***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!_KPRCB ***
*** ***
*************************************************************************
*************************************************************************
*** ***
*** ***
*** Your debugger is not using the correct symbols ***
*** ***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!_KPRCB ***
*** ***
*************************************************************************
Probably caused by : ntoskrnl.exe ( nt+4fdaa )
Followup: MachineOwner
---------
3: kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
IRQL_NOT_LESS_OR_EQUAL (a)
An attempt was made to access a pageable (or completely invalid) address at an
interrupt request level (IRQL) that is too high. This is usually
caused by drivers using improper addresses.
If a kernel debugger is available get the stack backtrace.
Arguments:
Arg1: 000000000000002b, memory referenced
Arg2: 0000000000000002, IRQL
Arg3: 0000000000000000, bitfield :
bit 0 : value 0 = read operation, 1 = write operation
bit 3 : value 0 = not an execute operation, 1 = execute operation (only on chips which support this level of status)
Arg4: fffff80002a6ddaa, address which referenced memory
Debugging Details:
------------------
***** Kernel symbols are WRONG. Please fix symbols to do analysis.
*************************************************************************
*** ***
*** ***
*** Your debugger is not using the correct symbols ***
*** ***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!_KPRCB ***
*** ***
*************************************************************************
*************************************************************************
*** ***
*** ***
*** Your debugger is not using the correct symbols ***
*** ***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!_KPRCB ***
*** ***
*************************************************************************
*************************************************************************
*** ***
*** ***
*** Your debugger is not using the correct symbols ***
*** ***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!_KPRCB ***
*** ***
*************************************************************************
ADDITIONAL_DEBUG_TEXT:
Use '!findthebuild' command to search for the target build information.
If the build information is available, run '!findthebuild -s ; .reload' to set symbol path and load symbols.
MODULE_NAME: nt
FAULTING_MODULE: fffff80002a1e000 nt
DEBUG_FLR_IMAGE_TIMESTAMP: 4c1c44a9
READ_ADDRESS: unable to get nt!MmSpecialPoolStart
unable to get nt!MmSpecialPoolEnd
unable to get nt!MmPoolCodeStart
unable to get nt!MmPoolCodeEnd
000000000000002b
CURRENT_IRQL: 0
FAULTING_IP:
nt+4fdaa
fffff800`02a6ddaa 0fb6472b movzx eax,byte ptr [rdi+2Bh]
CUSTOMER_CRASH_COUNT: 1
DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT
BUGCHECK_STR: 0xA
LAST_CONTROL_TRANSFER: from fffff80002a8dca9 to fffff80002a8e740
STACK_TEXT:
fffff880`0aae5838 fffff800`02a8dca9 : 00000000`0000000a 00000000`0000002b 00000000`00000002 00000000`00000000 : nt+0x70740
fffff880`0aae5840 00000000`0000000a : 00000000`0000002b 00000000`00000002 00000000`00000000 fffff800`02a6ddaa : nt+0x6fca9
fffff880`0aae5848 00000000`0000002b : 00000000`00000002 00000000`00000000 fffff800`02a6ddaa 00000000`00000000 : 0xa
fffff880`0aae5850 00000000`00000002 : 00000000`00000000 fffff800`02a6ddaa 00000000`00000000 66264438`33343836 : 0x2b
fffff880`0aae5858 00000000`00000000 : fffff800`02a6ddaa 00000000`00000000 66264438`33343836 2e313d72`6f746361 : 0x2
STACK_COMMAND: .bugcheck ; kb
FOLLOWUP_IP:
nt+4fdaa
fffff800`02a6ddaa 0fb6472b movzx eax,byte ptr [rdi+2Bh]
SYMBOL_NAME: nt+4fdaa
FOLLOWUP_NAME: MachineOwner
IMAGE_NAME: ntoskrnl.exe
BUCKET_ID: WRONG_SYMBOLS
Followup: MachineOwner
--------- I'll attach the Mini Dump files Thanks for any help you can give <3 Really Appreciate it!The first one was caused by your video driver causing a memory exception. I suspect the same for the others I would re-install the video driver When upgrading your graphic driver you MUST remove all traces of the current driver. In order to do that we recommend using Guru3D - Driver Sweeper When it is removed then download and install the fresh copy. And I would test the memory Download a copy of Memtest86 and burn the ISO to a CD using Iso Recorder or another ISO burning program. Boot from the CD, and leave it running for at least 5 or 6 passes. DMP Code:
Microsoft (R) Windows Debugger Version 6.11.0001.404 X86
Copyright (c) Microsoft Corporation. All rights reserved.
Loading Dump File [C:\Users\K\Desktop\091410-27799-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available
WARNING: Whitespace at end of path element
Symbol search path is: SRV*C:\symbols;*http://msdl.microsoft.com/download/symbols ;srv*e:\symbols
*http://msdl.microsoft.com/download/symbols
Executable search path is:
Windows 7 Kernel Version 7600 MP (4 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS Personal
Built by: 7600.16617.amd64fre.win7_gdr.100618-1621
Machine Name:
Kernel base = 0xfffff800`02a1c000 PsLoadedModuleList = 0xfffff800`02c59e50
Debug session time: Tue Sep 14 07:32:04.593 2010 (GMT-4)
System Uptime: 0 days 2:23:49.904
Loading Kernel Symbols
...............................................................
................................................................
.......................
Loading User Symbols
Loading unloaded module list
.....
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
Use !analyze -v to get detailed debugging information.
BugCheck 3B, {c0000005, fffff880043c650a, fffff88007a6ec40, 0}
Probably caused by : dxgmms1.sys ( dxgmms1!VIDMM_GLOBAL::CloseOneAllocation+182 )
Followup: MachineOwner
---------
2: kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
SYSTEM_SERVICE_EXCEPTION (3b)
An exception happened while executing a system service routine.
Arguments:
Arg1: 00000000c0000005, Exception code that caused the bugcheck
Arg2: fffff880043c650a, Address of the exception record for the exception that caused the bugcheck
Arg3: fffff88007a6ec40, Address of the context record for the exception that caused the bugcheck
Arg4: 0000000000000000, zero.
Debugging Details:
------------------
EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x%08lx referenced memory at 0x%08lx. The memory could not be %s.
FAULTING_IP:
dxgmms1!VIDMM_GLOBAL::CloseOneAllocation+182
fffff880`043c650a 48894108 mov qword ptr [rcx+8],rax
CONTEXT: fffff88007a6ec40 -- (.cxr 0xfffff88007a6ec40)
rax=fffff8a0070f1718 rbx=fffffa8001de9d70 rcx=ff7ff8a0070f1718
rdx=fffffa800499b000 rsi=fffff8a00771d8f0 rdi=fffffa800499e000
rip=fffff880043c650a rsp=fffff88007a6f610 rbp=0000000000000001
r8=fffffa800499f3c0 r9=0000000000000001 r10=0000000000000018
r11=fffff88007a6f5e0 r12=0000000000000000 r13=0000000000000000
r14=0000000000000000 r15=fffff8a00780c580
iopl=0 nv up ei ng nz na po nc
cs=0010 ss=0018 ds=002b es=002b fs=0053 gs=002b efl=00010286
dxgmms1!VIDMM_GLOBAL::CloseOneAllocation+0x182:
fffff880`043c650a 48894108 mov qword ptr [rcx+8],rax ds:002b:ff7ff8a0`070f1720=????????????????
Resetting default scope
CUSTOMER_CRASH_COUNT: 1
DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT
BUGCHECK_STR: 0x3B
PROCESS_NAME: iw3mp.exe
CURRENT_IRQL: 0
LAST_CONTROL_TRANSFER: from 0000000000000000 to fffff880043c650a
STACK_TEXT:
fffff880`07a6f610 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : dxgmms1!VIDMM_GLOBAL::CloseOneAllocation+0x182
FOLLOWUP_IP:
dxgmms1!VIDMM_GLOBAL::CloseOneAllocation+182
fffff880`043c650a 48894108 mov qword ptr [rcx+8],rax
SYMBOL_STACK_INDEX: 0
SYMBOL_NAME: dxgmms1!VIDMM_GLOBAL::CloseOneAllocation+182
FOLLOWUP_NAME: MachineOwner
MODULE_NAME: dxgmms1
IMAGE_NAME: dxgmms1.sys
DEBUG_FLR_IMAGE_TIMESTAMP: 4a5bc578
STACK_COMMAND: .cxr 0xfffff88007a6ec40 ; kb
FAILURE_BUCKET_ID: X64_0x3B_dxgmms1!VIDMM_GLOBAL::CloseOneAllocation+182
BUCKET_ID: X64_0x3B_dxgmms1!VIDMM_GLOBAL::CloseOneAllocation+182
Followup: MachineOwner
--------- |
| My System Specs |
| 03 Oct 2010 | #3 |
| | |
| My System Specs |
| . |
| |
 |
Daily BSOD, ntoskrnl.exe driver fault? problems?
| Thread Tools | |
| Similar help and support threads for: Daily BSOD, ntoskrnl.exe driver fault? | ||||
| Thread | Forum | |||
| BSOD: random times, daily, ntoskrnl.exe and sometimes dxgmms1.sys | BSOD Help and Support | |||
| Intermittent BSOD - ntoskrnl.exe at fault? | BSOD Help and Support | |||
| Semi-daily BLACK screens (BSOD without the BS) on NTOSKRNL.EXE | BSOD Help and Support | |||
| BSOD - ntoskrnl.exe constantly at fault? | BSOD Help and Support | |||
| Blue screen due BCCode: a and driver fault ntoskrnl.exe | BSOD Help and Support | |||
All times are GMT -5. The time now is 01:04 AM.
