Code:
Windows 7 Kernel Version 7600 MP (4 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS Personal
Built by: 7600.16385.amd64fre.win7_rtm.090713-1255
Machine Name:
Kernel base = 0xfffff800`03604000 PsLoadedModuleList = 0xfffff800`03841e50
Debug session time: Tue Jan 11 02:50:42.894 2011 (GMT-5)
System Uptime: 0 days 0:09:31.814
Loading Kernel Symbols
...............................................................
................................................................
.......................
Loading User Symbols
Loading unloaded module list
.....
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
Use !analyze -v to get detailed debugging information.
BugCheck 1E, {ffffffffc000001d, fffff80004be70a0, 0, 0}
Probably caused by : ntkrnlmp.exe ( nt!KipFatalFilter+1b )
Followup: MachineOwner
---------
0: kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
KMODE_EXCEPTION_NOT_HANDLED (1e)
This is a very common bugcheck. Usually the exception address pinpoints
the driver/function that caused the problem. Always note this address
as well as the link date of the driver/image that contains this address.
Arguments:
Arg1: ffffffffc000001d, The exception code that was not handled
Arg2: fffff80004be70a0, The address that the exception occurred at
Arg3: 0000000000000000, Parameter 0 of the exception
Arg4: 0000000000000000, Parameter 1 of the exception
Debugging Details:
------------------
EXCEPTION_CODE: (NTSTATUS) 0xc000001d - {EXCEPTION} Illegal Instruction An attempt was made to execute an illegal instruction.
FAULTING_IP:
+52de952f01b4dab8
fffff800`04be70a0 c87fbe04 enter 0BE7Fh,4
EXCEPTION_PARAMETER1: 0000000000000000
EXCEPTION_PARAMETER2: 0000000000000000
CUSTOMER_CRASH_COUNT: 1
DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT
BUGCHECK_STR: 0x1E
PROCESS_NAME: System
CURRENT_IRQL: 2
EXCEPTION_RECORD: fffff80004be7fc8 -- (.exr 0xfffff80004be7fc8)
Cannot read Exception record @ fffff80004be7fc8
TRAP_FRAME: fffff80004be8070 -- (.trap 0xfffff80004be8070)
Unable to read trap frame at fffff800`04be8070
LAST_CONTROL_TRANSFER: from fffff80003706b2b to fffff80003675f00
FAILED_INSTRUCTION_ADDRESS:
+52de952f01b4dab8
fffff800`04be70a0 c87fbe04 enter 0BE7Fh,4
STACK_TEXT:
fffff800`04be6fe8 fffff800`03706b2b : 00000000`0000001e ffffffff`c000001d fffff800`04be70a0 00000000`00000000 : nt!KeBugCheckEx
fffff800`04be6ff0 fffff800`036c9390 : fffffa80`03f32d70 fffffa80`04030102 fffffa80`054d3ec0 fffff880`1008b907 : nt!KipFatalFilter+0x1b
fffff800`04be7030 fffff800`036a44dc : fffffa80`03cd5000 fffff880`1014759e fffffa80`03cfe290 fffffa80`03cfe290 : nt! ?? ::FNODOBFM::`string'+0x95d
fffff800`04be7070 fffff800`0369bbed : fffff800`037bc470 fffff800`04be9160 00000000`00000000 fffff800`03604000 : nt!_C_specific_handler+0x8c
fffff800`04be70e0 fffff800`036a3250 : fffff800`037bc470 fffff800`04be7158 fffff800`04be7fc8 fffff800`03604000 : nt!RtlpExecuteHandlerForException+0xd
fffff800`04be7110 fffff800`036b01b5 : fffff800`04be7fc8 fffff800`04be7820 fffff800`00000000 00000000`00000005 : nt!RtlDispatchException+0x410
fffff800`04be77f0 fffff800`03675542 : fffff800`04be7fc8 00000000`00000000 fffff800`04be8070 fffffa80`04b6aa88 : nt!KiDispatchException+0x135
fffff800`04be7e90 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiExceptionDispatch+0xc2
STACK_COMMAND: kb
FOLLOWUP_IP:
nt!KipFatalFilter+1b
fffff800`03706b2b cc int 3
SYMBOL_STACK_INDEX: 1
SYMBOL_NAME: nt!KipFatalFilter+1b
FOLLOWUP_NAME: MachineOwner
MODULE_NAME: nt
IMAGE_NAME: ntkrnlmp.exe
DEBUG_FLR_IMAGE_TIMESTAMP: 4a5bc600
FAILURE_BUCKET_ID: X64_0x1E_BAD_IP_nt!KipFatalFilter+1b
BUCKET_ID: X64_0x1E_BAD_IP_nt!KipFatalFilter+1b
Followup: MachineOwner
---------
Debug session time: Wed Jan 12 20:28:23.153 2011 (GMT-5)
System Uptime: 0 days 0:17:13.698
Loading Kernel Symbols
...............................................................
................................................................
.........................
Loading User Symbols
Loading unloaded module list
.....
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
Use !analyze -v to get detailed debugging information.
BugCheck 50, {ffffffffffffffda, 1, fffff8000367900c, 0}
Unable to load image \SystemRoot\system32\DRIVERS\avgtdia.sys, Win32 error 0n2
*** WARNING: Unable to verify timestamp for avgtdia.sys
*** ERROR: Module load completed but symbols could not be loaded for avgtdia.sys
Could not read faulting driver name
Probably caused by : tdx.sys ( tdx!TdxDeactivateTransportAddress+1a6 )
Followup: MachineOwner
---------
2: kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
PAGE_FAULT_IN_NONPAGED_AREA (50)
Invalid system memory was referenced. This cannot be protected by try-except,
it must be protected by a Probe. Typically the address is just plain bad or it
is pointing at freed memory.
Arguments:
Arg1: ffffffffffffffda, memory referenced.
Arg2: 0000000000000001, value 0 = read operation, 1 = write operation.
Arg3: fffff8000367900c, If non-zero, the instruction address which referenced the bad memory
address.
Arg4: 0000000000000000, (reserved)
Debugging Details:
------------------
Could not read faulting driver name
WRITE_ADDRESS: GetPointerFromAddress: unable to read from fffff800038aa0e0
ffffffffffffffda
FAULTING_IP:
nt!ObfDereferenceObject+2c
fffff800`0367900c f0480fc11f lock xadd qword ptr [rdi],rbx
MM_INTERNAL_CODE: 0
CUSTOMER_CRASH_COUNT: 1
DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT
BUGCHECK_STR: 0x50
PROCESS_NAME: System
CURRENT_IRQL: 0
TRAP_FRAME: fffff880031af390 -- (.trap 0xfffff880031af390)
NOTE: The trap frame does not contain all registers.
Some register values may be zeroed or incorrect.
rax=0000000000000000 rbx=0000000000000000 rcx=000000000000000a
rdx=fffffa80062e9101 rsi=0000000000000000 rdi=0000000000000000
rip=fffff8000367900c rsp=fffff880031af520 rbp=0000000000000001
r8=fffffa80062e9100 r9=0000000000000260 r10=fffffa80062e9020
r11=fffffa80062e9380 r12=0000000000000000 r13=0000000000000000
r14=0000000000000000 r15=0000000000000000
iopl=0 nv up ei ng nz na po nc
nt!ObfDereferenceObject+0x2c:
fffff800`0367900c f0480fc11f lock xadd qword ptr [rdi],rbx ds:9080:00000000`00000000=????????????????
Resetting default scope
LAST_CONTROL_TRANSFER: from fffff800036f31e4 to fffff80003673f00
STACK_TEXT:
fffff880`031af228 fffff800`036f31e4 : 00000000`00000050 ffffffff`ffffffda 00000000`00000001 fffff880`031af390 : nt!KeBugCheckEx
fffff880`031af230 fffff800`03671fee : 00000000`00000001 ffffffff`ffffffff fffff880`031af600 fffffa80`0504da98 : nt! ?? ::FNODOBFM::`string'+0x42907
fffff880`031af390 fffff800`0367900c : 00000000`00000000 fffffa80`062e9380 00000000`00000001 00000000`00000000 : nt!KiPageFault+0x16e
fffff880`031af520 fffff880`0164ef21 : 00000000`00000001 fffffa80`057fddb0 00000000`00000000 00000000`00000001 : nt!ObfDereferenceObject+0x2c
fffff880`031af580 fffff880`0164f20b : fffffa80`0407eec0 00000000`00000000 fffffa80`0407eec0 00000000`00000000 : tcpip!UdpCleanupEndpointWorkQueueRoutine+0xd1
fffff880`031af5d0 fffff880`0188ead6 : fffffa80`04019ad0 00000000`00000000 fffffa80`04019ad0 fffffa80`04019ad0 : tcpip!UdpCloseEndpoint+0x9b
fffff880`031af650 fffff880`018901d5 : 00000000`00000000 fffffa80`04019ad0 fffffa80`03ccf040 00000000`00000000 : tdx!TdxDeactivateTransportAddress+0x1a6
fffff880`031af710 fffff880`01890949 : 00000000`00000000 fffffa80`06702b60 fffffa80`0504b890 00000000`00000000 : tdx!TdxDeleteTransportAddress+0x25
fffff880`031af740 fffff880`02cf9b56 : fffffa80`052b2e10 fffffa80`03ccf040 00000000`00000000 00000000`00000000 : tdx!TdxTdiDispatchCleanup+0x49
fffff880`031af770 fffffa80`052b2e10 : fffffa80`03ccf040 00000000`00000000 00000000`00000000 fffffa80`052b2e10 : avgtdia+0x4b56
fffff880`031af778 fffffa80`03ccf040 : 00000000`00000000 00000000`00000000 fffffa80`052b2e10 fffff800`0398768f : 0xfffffa80`052b2e10
fffff880`031af780 00000000`00000000 : 00000000`00000000 fffffa80`052b2e10 fffff800`0398768f 00000000`00000000 : 0xfffffa80`03ccf040
STACK_COMMAND: kb
FOLLOWUP_IP:
tdx!TdxDeactivateTransportAddress+1a6
fffff880`0188ead6 3d03010000 cmp eax,103h
SYMBOL_STACK_INDEX: 6
SYMBOL_NAME: tdx!TdxDeactivateTransportAddress+1a6
FOLLOWUP_NAME: MachineOwner
MODULE_NAME: tdx
IMAGE_NAME: tdx.sys
DEBUG_FLR_IMAGE_TIMESTAMP: 4a5bc16b
FAILURE_BUCKET_ID: X64_0x50_tdx!TdxDeactivateTransportAddress+1a6
BUCKET_ID: X64_0x50_tdx!TdxDeactivateTransportAddress+1a6
Followup: MachineOwner
---------
Debug session time: Tue Jan 18 08:59:42.151 2011 (GMT-5)
System Uptime: 0 days 0:09:12.696
Loading Kernel Symbols
...............................................................
................................................................
......................
Loading User Symbols
Loading unloaded module list
.....
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
Use !analyze -v to get detailed debugging information.
BugCheck D1, {41, 8, 1, fffffa80052bdf00}
Probably caused by : ntkrnlmp.exe ( nt!KiPageFault+260 )
Followup: MachineOwner
---------
0: kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1)
An attempt was made to access a pageable (or completely invalid) address at an
interrupt request level (IRQL) that is too high. This is usually
caused by drivers using improper addresses.
If kernel debugger is available get stack backtrace.
Arguments:
Arg1: 0000000000000041, memory referenced
Arg2: 0000000000000008, IRQL
Arg3: 0000000000000001, value 0 = read operation, 1 = write operation
Arg4: fffffa80052bdf00, address which referenced memory
Debugging Details:
------------------
WRITE_ADDRESS: GetPointerFromAddress: unable to read from fffff800038bb0e0
0000000000000041
CURRENT_IRQL: 8
FAULTING_IP:
+52de952f01e5dbe8
fffffa80`052bdf00 0000 add byte ptr [rax],al
CUSTOMER_CRASH_COUNT: 1
DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT
BUGCHECK_STR: 0xD1
PROCESS_NAME: System
TRAP_FRAME: fffff80000b9c860 -- (.trap 0xfffff80000b9c860)
NOTE: The trap frame does not contain all registers.
Some register values may be zeroed or incorrect.
rax=0000000000000041 rbx=0000000000000000 rcx=0000000000000008
rdx=0000000000000022 rsi=0000000000000000 rdi=0000000000000000
rip=fffffa80052bdf00 rsp=fffff80000b9c9f0 rbp=0000000000000000
r8=0000000000000029 r9=0000000000000000 r10=000000000000731a
r11=0000000000000000 r12=0000000000000000 r13=0000000000000000
r14=0000000000000000 r15=0000000000000000
iopl=0 nv up ei pl nz na po nc
fffffa80`052bdf00 0000 add byte ptr [rax],al ds:0540:00000000`00000041=??
Resetting default scope
LAST_CONTROL_TRANSFER: from fffff80003684469 to fffff80003684f00
STACK_TEXT:
fffff800`00b9c718 fffff800`03684469 : 00000000`0000000a 00000000`00000041 00000000`00000008 00000000`00000001 : nt!KeBugCheckEx
fffff800`00b9c720 fffff800`036830e0 : 00000000`00000000 00000000`00000000 fffffa80`03cd7000 fffff880`102168f8 : nt!KiBugCheckDispatch+0x69
fffff800`00b9c860 fffffa80`052bdf00 : 00000000`00000000 fffffa80`052ff500 fffffa80`0461bc00 fffffa80`050c91a0 : nt!KiPageFault+0x260
fffff800`00b9c9f0 00000000`00000000 : fffffa80`052ff500 fffffa80`0461bc00 fffffa80`050c91a0 00000000`00000000 : 0xfffffa80`052bdf00
STACK_COMMAND: kb
FOLLOWUP_IP:
nt!KiPageFault+260
fffff800`036830e0 440f20c0 mov rax,cr8
SYMBOL_STACK_INDEX: 2
SYMBOL_NAME: nt!KiPageFault+260
FOLLOWUP_NAME: MachineOwner
MODULE_NAME: nt
IMAGE_NAME: ntkrnlmp.exe
DEBUG_FLR_IMAGE_TIMESTAMP: 4a5bc600
FAILURE_BUCKET_ID: X64_0xD1_nt!KiPageFault+260
BUCKET_ID: X64_0xD1_nt!KiPageFault+260
Followup: MachineOwner
---------