Hallo Leute,
hab hier folgenden Mini Crash Dumb mit dem Windows Debugger auswerten lassen.
Kann leider selber das Problem bisher nicht beheben.
Vielleicht kann ja einer von euch nen guten Tipp geben.
Meine Mutmaßungen lass ich hier erst mal außen vor, damit sich jeder ein unvoreingenommenes Bild machen kann
Gruß
Auswertung:
Debugging Details:
hab hier folgenden Mini Crash Dumb mit dem Windows Debugger auswerten lassen.
Kann leider selber das Problem bisher nicht beheben.
Vielleicht kann ja einer von euch nen guten Tipp geben.
Meine Mutmaßungen lass ich hier erst mal außen vor, damit sich jeder ein unvoreingenommenes Bild machen kann
Gruß
Auswertung:
Microsoft (R) Windows Debugger Version 6.3.9600.17298 AMD64
Copyright (c) Microsoft Corporation. All rights reserved.
Loading Dump File [C:\Windows\Minidump\011215-21949-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available
************* Symbol Path validation summary **************
Response Time (ms) Location
Deferred SRV*C:\symbols*http://msdl.microsoft.com/download/symbols
Symbol search path is: SRV*C:\symbols*http://msdl.microsoft.com/download/symbols
Executable search path is:
Windows 7 Kernel Version 7601 (Service Pack 1) MP (4 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 7601.18526.amd64fre.win7sp1_gdr.140706-1506
Machine Name:
Kernel base = 0xfffff800`02c01000 PsLoadedModuleList = 0xfffff800`02e44890
Debug session time: Mon Jan 12 20:41:40.299 2015 (UTC + 1:00)
System Uptime: 0 days 6:47:33.735
Loading Kernel Symbols
.
Press ctrl-c (cdb, kd, ntsd) or ctrl-break (windbg) to abort symbol loads that take too long.
Run !sym noisy before .reload to track down problems loading symbols.
..............................................................
................................................................
.........................................
Loading User Symbols
Loading unloaded module list
.....
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
Use !analyze -v to get detailed debugging information.
BugCheck A, {7c40034060, 2, 1, fffff80002c65635}
*** WARNING: Unable to verify timestamp for NETwsw00.sys
*** ERROR: Module load completed but symbols could not be loaded for NETwsw00.sys
Probably caused by : memory_corruption
Followup: memory_corruption
Copyright (c) Microsoft Corporation. All rights reserved.
Loading Dump File [C:\Windows\Minidump\011215-21949-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available
************* Symbol Path validation summary **************
Response Time (ms) Location
Deferred SRV*C:\symbols*http://msdl.microsoft.com/download/symbols
Symbol search path is: SRV*C:\symbols*http://msdl.microsoft.com/download/symbols
Executable search path is:
Windows 7 Kernel Version 7601 (Service Pack 1) MP (4 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 7601.18526.amd64fre.win7sp1_gdr.140706-1506
Machine Name:
Kernel base = 0xfffff800`02c01000 PsLoadedModuleList = 0xfffff800`02e44890
Debug session time: Mon Jan 12 20:41:40.299 2015 (UTC + 1:00)
System Uptime: 0 days 6:47:33.735
Loading Kernel Symbols
.
Press ctrl-c (cdb, kd, ntsd) or ctrl-break (windbg) to abort symbol loads that take too long.
Run !sym noisy before .reload to track down problems loading symbols.
..............................................................
................................................................
.........................................
Loading User Symbols
Loading unloaded module list
.....
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
Use !analyze -v to get detailed debugging information.
BugCheck A, {7c40034060, 2, 1, fffff80002c65635}
*** WARNING: Unable to verify timestamp for NETwsw00.sys
*** ERROR: Module load completed but symbols could not be loaded for NETwsw00.sys
Probably caused by : memory_corruption
Followup: memory_corruption
Debugging Details:
IRQL_NOT_LESS_OR_EQUAL (a)
An attempt was made to access a pageable (or completely invalid) address at an
interrupt request level (IRQL) that is too high. This is usually
caused by drivers using improper addresses.
If a kernel debugger is available get the stack backtrace.
Arguments:
Arg1: 0000007c40034060, memory referenced
Arg2: 0000000000000002, IRQL
Arg3: 0000000000000001, bitfield :
bit 0 : value 0 = read operation, 1 = write operation
bit 3 : value 0 = not an execute operation, 1 = execute operation (only on chips which support this level of status)
Arg4: fffff80002c65635, address which referenced memory
Debugging Details:
------------------
WRITE_ADDRESS: GetPointerFromAddress: unable to read from fffff80002eae100
GetUlongFromAddress: unable to read from fffff80002eae1c0
0000007c40034060 Nonpaged pool
CURRENT_IRQL: 2
FAULTING_IP:
nt!MmBuildMdlForNonPagedPool+d5
fffff800`02c65635 4b89140b mov qword ptr [r11+r9],rdx
CUSTOMER_CRASH_COUNT: 1
DEFAULT_BUCKET_ID: CODE_CORRUPTION
BUGCHECK_STR: 0xA
PROCESS_NAME: System
ANALYSIS_VERSION: 6.3.9600.17298 (debuggers(dbg).141024-1500) amd64fre
TRAP_FRAME: fffff88008dc1530 -- (.trap 0xfffff88008dc1530)
NOTE: The trap frame does not contain all registers.
Some register values may be zeroed or incorrect.
rax=000000008e7c4863 rbx=0000000000000000 rcx=000000008e7c48ef
rdx=00000000000db104 rsi=0000000000000000 rdi=0000000000000000
rip=fffff80002c65635 rsp=fffff88008dc16c8 rbp=fffff6fb7e2001a0
r8=0000000000000000 r9=fffff6fc40034060 r10=fffffa8003cea010
r11=0000098000000000 r12=0000000000000000 r13=0000000000000000
r14=0000000000000000 r15=0000000000000000
iopl=0 nv up ei pl zr na po nc
nt!MmBuildMdlForNonPagedPool+0xd5:
fffff800`02c65635 4b89140b mov qword ptr [r11+r9],rdx ds:0000007c`40034060=????????????????
Resetting default scope
LAST_CONTROL_TRANSFER: from fffff80002c76169 to fffff80002c76bc0
STACK_TEXT:
fffff880`08dc13e8 fffff800`02c76169 : 00000000`0000000a 0000007c`40034060 00000000`00000002 00000000`00000001 : nt!KeBugCheckEx
fffff880`08dc13f0 fffff800`02c74de0 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000800 : nt!KiBugCheckDispatch+0x69
fffff880`08dc1530 fffff800`02c65635 : fffffa80`0479ee60 fffff880`08dc1800 fffff880`0144a271 fffffa80`05112860 : nt!KiPageFault+0x260
fffff880`08dc16c8 fffff880`0144a271 : fffffa80`05112860 fffff880`06370200 fffffa80`03cea010 fffff880`06378780 : nt!MmBuildMdlForNonPagedPool+0xd5
fffff880`08dc16e0 fffff880`05a9e1ba : fffffa80`0479ee60 fffff880`08dc1800 fffffa80`0479ef38 fffff880`0680c08c : ndis!NdisAllocateMdl+0x31
fffff880`08dc1720 fffffa80`0479ee60 : fffff880`08dc1800 fffffa80`0479ef38 fffff880`0680c08c fffffa80`0479ee60 : NETwsw00+0x1fa1ba
fffff880`08dc1728 fffff880`08dc1800 : fffffa80`0479ef38 fffff880`0680c08c fffffa80`0479ee60 fffff880`06378780 : 0xfffffa80`0479ee60
fffff880`08dc1730 fffffa80`0479ef38 : fffff880`0680c08c fffffa80`0479ee60 fffff880`06378780 00000000`00000000 : 0xfffff880`08dc1800
fffff880`08dc1738 fffff880`0680c08c : fffffa80`0479ee60 fffff880`06378780 00000000`00000000 fffff880`05a9cc03 : 0xfffffa80`0479ef38
fffff880`08dc1740 fffffa80`0479ee60 : fffff880`06378780 00000000`00000000 fffff880`05a9cc03 fffff880`00000000 : 0xfffff880`0680c08c
fffff880`08dc1748 fffff880`06378780 : 00000000`00000000 fffff880`05a9cc03 fffff880`00000000 00000000`00000000 : 0xfffffa80`0479ee60
fffff880`08dc1750 00000000`00000000 : fffff880`05a9cc03 fffff880`00000000 00000000`00000000 fffff880`0636e220 : NETwsw00+0xad4780
STACK_COMMAND: kb
CHKIMG_EXTENSION: !chkimg -lo 50 -d !nt
fffff80002c65618 - nt!MmBuildMdlForNonPagedPool+b8
[ 49:09 ]
1 error : !nt (fffff80002c65618)
MODULE_NAME: memory_corruption
IMAGE_NAME: memory_corruption
FOLLOWUP_NAME: memory_corruption
DEBUG_FLR_IMAGE_TIMESTAMP: 0
MEMORY_CORRUPTOR: ONE_BIT
FAILURE_BUCKET_ID: X64_MEMORY_CORRUPTION_ONE_BIT
BUCKET_ID: X64_MEMORY_CORRUPTION_ONE_BIT
ANALYSIS_SOURCE: KM
FAILURE_ID_HASH_STRING: km:x64_memory_corruption_one_bit
FAILURE_ID_HASH: {2dbb898e-c425-bad1-90fe-71c78117521f}
Followup: memory_corruption
---------
An attempt was made to access a pageable (or completely invalid) address at an
interrupt request level (IRQL) that is too high. This is usually
caused by drivers using improper addresses.
If a kernel debugger is available get the stack backtrace.
Arguments:
Arg1: 0000007c40034060, memory referenced
Arg2: 0000000000000002, IRQL
Arg3: 0000000000000001, bitfield :
bit 0 : value 0 = read operation, 1 = write operation
bit 3 : value 0 = not an execute operation, 1 = execute operation (only on chips which support this level of status)
Arg4: fffff80002c65635, address which referenced memory
Debugging Details:
------------------
WRITE_ADDRESS: GetPointerFromAddress: unable to read from fffff80002eae100
GetUlongFromAddress: unable to read from fffff80002eae1c0
0000007c40034060 Nonpaged pool
CURRENT_IRQL: 2
FAULTING_IP:
nt!MmBuildMdlForNonPagedPool+d5
fffff800`02c65635 4b89140b mov qword ptr [r11+r9],rdx
CUSTOMER_CRASH_COUNT: 1
DEFAULT_BUCKET_ID: CODE_CORRUPTION
BUGCHECK_STR: 0xA
PROCESS_NAME: System
ANALYSIS_VERSION: 6.3.9600.17298 (debuggers(dbg).141024-1500) amd64fre
TRAP_FRAME: fffff88008dc1530 -- (.trap 0xfffff88008dc1530)
NOTE: The trap frame does not contain all registers.
Some register values may be zeroed or incorrect.
rax=000000008e7c4863 rbx=0000000000000000 rcx=000000008e7c48ef
rdx=00000000000db104 rsi=0000000000000000 rdi=0000000000000000
rip=fffff80002c65635 rsp=fffff88008dc16c8 rbp=fffff6fb7e2001a0
r8=0000000000000000 r9=fffff6fc40034060 r10=fffffa8003cea010
r11=0000098000000000 r12=0000000000000000 r13=0000000000000000
r14=0000000000000000 r15=0000000000000000
iopl=0 nv up ei pl zr na po nc
nt!MmBuildMdlForNonPagedPool+0xd5:
fffff800`02c65635 4b89140b mov qword ptr [r11+r9],rdx ds:0000007c`40034060=????????????????
Resetting default scope
LAST_CONTROL_TRANSFER: from fffff80002c76169 to fffff80002c76bc0
STACK_TEXT:
fffff880`08dc13e8 fffff800`02c76169 : 00000000`0000000a 0000007c`40034060 00000000`00000002 00000000`00000001 : nt!KeBugCheckEx
fffff880`08dc13f0 fffff800`02c74de0 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000800 : nt!KiBugCheckDispatch+0x69
fffff880`08dc1530 fffff800`02c65635 : fffffa80`0479ee60 fffff880`08dc1800 fffff880`0144a271 fffffa80`05112860 : nt!KiPageFault+0x260
fffff880`08dc16c8 fffff880`0144a271 : fffffa80`05112860 fffff880`06370200 fffffa80`03cea010 fffff880`06378780 : nt!MmBuildMdlForNonPagedPool+0xd5
fffff880`08dc16e0 fffff880`05a9e1ba : fffffa80`0479ee60 fffff880`08dc1800 fffffa80`0479ef38 fffff880`0680c08c : ndis!NdisAllocateMdl+0x31
fffff880`08dc1720 fffffa80`0479ee60 : fffff880`08dc1800 fffffa80`0479ef38 fffff880`0680c08c fffffa80`0479ee60 : NETwsw00+0x1fa1ba
fffff880`08dc1728 fffff880`08dc1800 : fffffa80`0479ef38 fffff880`0680c08c fffffa80`0479ee60 fffff880`06378780 : 0xfffffa80`0479ee60
fffff880`08dc1730 fffffa80`0479ef38 : fffff880`0680c08c fffffa80`0479ee60 fffff880`06378780 00000000`00000000 : 0xfffff880`08dc1800
fffff880`08dc1738 fffff880`0680c08c : fffffa80`0479ee60 fffff880`06378780 00000000`00000000 fffff880`05a9cc03 : 0xfffffa80`0479ef38
fffff880`08dc1740 fffffa80`0479ee60 : fffff880`06378780 00000000`00000000 fffff880`05a9cc03 fffff880`00000000 : 0xfffff880`0680c08c
fffff880`08dc1748 fffff880`06378780 : 00000000`00000000 fffff880`05a9cc03 fffff880`00000000 00000000`00000000 : 0xfffffa80`0479ee60
fffff880`08dc1750 00000000`00000000 : fffff880`05a9cc03 fffff880`00000000 00000000`00000000 fffff880`0636e220 : NETwsw00+0xad4780
STACK_COMMAND: kb
CHKIMG_EXTENSION: !chkimg -lo 50 -d !nt
fffff80002c65618 - nt!MmBuildMdlForNonPagedPool+b8
[ 49:09 ]
1 error : !nt (fffff80002c65618)
MODULE_NAME: memory_corruption
IMAGE_NAME: memory_corruption
FOLLOWUP_NAME: memory_corruption
DEBUG_FLR_IMAGE_TIMESTAMP: 0
MEMORY_CORRUPTOR: ONE_BIT
FAILURE_BUCKET_ID: X64_MEMORY_CORRUPTION_ONE_BIT
BUCKET_ID: X64_MEMORY_CORRUPTION_ONE_BIT
ANALYSIS_SOURCE: KM
FAILURE_ID_HASH_STRING: km:x64_memory_corruption_one_bit
FAILURE_ID_HASH: {2dbb898e-c425-bad1-90fe-71c78117521f}
Followup: memory_corruption
---------