Re: Bsod irql_not_less_or_equal
- From: jcgriff2 <guest@xxxxxxxxxxxxxxxxx>
- Date: Wed, 29 Oct 2008 20:15:39 -0500
Hi. . .
The bugcheck found in that full kernel dump is 0x0000001e
(0xffffffffc0000005, 0xfffffa6000a0e248, 0x0, 0xffffffffffffffff),
listing a probable cause of -"unknown image"- (the driver name could not
be read)and occured while svchost.exe was running.
0x0000001e = 0x1e = *KMODE_EXCEPTION_NOT_HANDLED* and indicates that a
kernel-mode app generated an exception not caught by the error handler.
The exception here can be found by looking at the first parameter (1st #
inside the parenthesis) = 0xffffffffc0000005 - which tells us that a
memory access violation occurred. Parm #4 is the memory address of the
object that the "unknown image" attempted to access. That doesn't do us
any good here even w/ a full kernel dump to work with because parm 4 is
all high-values and not a valid memory address.
Just to note, I did not find any reference in the dbug log to the
infamous *IRQL_NOT_LESS_OR_EQUAL*, which is a bugcheck 0x0000000a (0xa).
Did you have a 0xa BSOD in addition to this 0x1e crash? If so when?
A look at the right side of the stack text tells us that the Microsoft
module *nt *and *fltmgr *were
Code:
--------------------
STACK_TEXT:
00000`00000000 : nt!KeBugCheckEx
ffa80`0447c360 : nt! ?? ::FNODOBFM::`string'+0x
ffa60`0101b97f : nt!KiExceptionDispatch+0xa9
ffa80`04c4c010 : nt!KiGeneralProtectionFault+0x
::*ffa80`052af040 : fltmgr!**TreeFindNodeOrParent+0x8 * *←←← BSOD*::
00000`00000001 : fltmgr!TreeInsert+0x2b
ffa80`052afe10 : fltmgr!FltpCacheCreateNames+0
ffa60`0f231e70 : fltmgr! ?? ::FNODOBFM::`strin
ff880`098a0210 : fltmgr!FltpCreate+0x25d
00000`00000000 : nt!IopParseDevice+0x5e3
00000`00000000 : nt!ObpLookupObjectName+0x202
ffa80`0488ca00 : nt!ObOpenObjectByName+0x2f4
ffa60`0f232550 : nt!IopCreateFile+0x290
00000`00000081 : nt!IoCreateFileEx+0xfa
ffa60`0f232508 : fltmgr!FltCreateFileEx2+0x169
ffa80`05ccbd60 : fileinfo!FIPfInterfaceOpen+0x400
ffa80`00000000 : nt!PfpOpenHandleCreate+0x117
ffa60`00000060 : nt!PfpFileBuildReadSupport+0xe
00000`00000000 : nt!PfpPrefetchFilesTrickle+0x1
ff880`0da00001 : nt!PfpPrefetchRequestPerform+0
00000`00000000 : nt!PfpPrefetchRequest+0x171
00000`05ffef01 : nt!PfSetSuperfetchInformation+
00000`000a47f6 : nt!NtSetSystemInformation+0x8
f00000`00000000 : nt!KiSystemServiceCopyEnd+0x13
--------------------
Code:
--------------------
driverquery /v > %temp%\drv.txt & start notepad %temp%\drv.txt
--------------------
--
jcgriff2
.
- References:
- Bsod irql_not_less_or_equal
- From: RichTaylor1974
- Bsod irql_not_less_or_equal
- Prev by Date: Re: New User Wanting to Install More RAM
- Next by Date: Re: Windows Easy Transfer problem
- Previous by thread: Re: Bsod irql_not_less_or_equal
- Next by thread: Re: Bsod irql_not_less_or_equal
- Index(es):
Loading
