API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Apr 8th, 2016
121
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 6.21 KB | None | 0 0
raw download clone embed print report
  1. Instant Online Crash Analysis, brought to you by OSR Open Systems Resources, Inc.
  2.  
  3. Show DivPrimary Analysis
  4.  
  5. Crash Dump Analysis provided by OSR Open Systems Resources, Inc. (http://www.osr.com)
  6. Online Crash Dump Analysis Service
  7. See http://www.osronline.com for more information
  8. Windows 7 Kernel Version 7601 (Service Pack 1) MP (8 procs) Free x64
  9. Product: WinNt, suite: TerminalServer SingleUserTS
  10. Built by: 7601.19160.amd64fre.win7sp1_gdr.160211-0600
  11. Machine Name:
  12. Kernel base = 0xfffff800`02c19000 PsLoadedModuleList = 0xfffff800`02e60730
  13. Debug session time: Fri Apr 8 15:23:33.241 2016 (UTC - 4:00)
  14. System Uptime: 0 days 1:22:48.959
  15. *******************************************************************************
  16. * *
  17. * Bugcheck Analysis *
  18. * *
  19. *******************************************************************************
  20.  
  21. DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1)
  22. An attempt was made to access a pageable (or completely invalid) address at an
  23. interrupt request level (IRQL) that is too high. This is usually
  24. caused by drivers using improper addresses.
  25. If kernel debugger is available get stack backtrace.
  26. Arguments:
  27. Arg1: 0000000000000000, memory referenced
  28. Arg2: 0000000000000002, IRQL
  29. Arg3: 0000000000000000, value 0 = read operation, 1 = write operation
  30. Arg4: fffff8800209456b, address which referenced memory
  31.  
  32. Debugging Details:
  33. ------------------
  34.  
  35. TRIAGER: Could not open triage file : e:\dump_analysis\program\triage\modclass.ini, error 2
  36.  
  37. READ_ADDRESS: GetPointerFromAddress: unable to read from fffff80002eca100
  38. GetUlongFromAddress: unable to read from fffff80002eca1c0
  39. 0000000000000000 Nonpaged pool
  40.  
  41. CURRENT_IRQL: 2
  42.  
  43. FAULTING_IP:
  44. tcpip! ?? ::FNODOBFM::`string'+57b4
  45. fffff880`0209456b 488b01 mov rax,qword ptr [rcx]
  46.  
  47. CUSTOMER_CRASH_COUNT: 1
  48.  
  49. DEFAULT_BUCKET_ID: WIN7_DRIVER_FAULT
  50.  
  51. BUGCHECK_STR: 0xD1
  52.  
  53. PROCESS_NAME: mbamservice.ex
  54.  
  55. TRAP_FRAME: fffff8800a558310 -- (.trap 0xfffff8800a558310)
  56. NOTE: The trap frame does not contain all registers.
  57. Some register values may be zeroed or incorrect.
  58. rax=fffffa8016274b20 rbx=0000000000000000 rcx=0000000000000000
  59. rdx=fffffa8016274b21 rsi=0000000000000000 rdi=0000000000000000
  60. rip=fffff8800209456b rsp=fffff8800a5584a0 rbp=0000000000000000
  61. r8=fffffa8016274b20 r9=00000000000000d0 r10=fffff880037e6e80
  62. r11=fffffa8011b4bc60 r12=0000000000000000 r13=0000000000000000
  63. r14=0000000000000000 r15=0000000000000000
  64. iopl=0 nv up ei ng nz na pe nc
  65. tcpip! ?? ::FNODOBFM::`string'+0x57b4:
  66. fffff880`0209456b 488b01 mov rax,qword ptr [rcx] ds:00000000`00000000=????????????????
  67. Resetting default scope
  68.  
  69. LAST_CONTROL_TRANSFER: from fffff80002c8c629 to fffff80002c8d080
  70.  
  71. STACK_TEXT:
  72. fffff880`0a5581c8 fffff800`02c8c629 : 00000000`0000000a 00000000`00000000 00000000`00000002 00000000`00000000 : nt!KeBugCheckEx
  73. fffff880`0a5581d0 fffff800`02c8b2a0 : fffffa80`1382d010 00000000`00000040 fffff880`0a558b60 fffffa80`11b4ba70 : nt!KiBugCheckDispatch+0x69
  74. fffff880`0a558310 fffff880`0209456b : fffffa80`11b4ba70 00000000`00000000 fffff880`206c644d fffff880`01e352a2 : nt!KiPageFault+0x260
  75. fffff880`0a5584a0 fffff880`01f9f316 : fffffa80`11b4ba70 00000000`c000000d 00000000`00000000 fffffa80`11b4ba70 : tcpip! ?? ::FNODOBFM::`string'+0x57b4
  76. fffff880`0a5584f0 fffff880`01e3225e : fffffa80`11b4ba70 fffffa80`0e3878d0 fffffa80`0e3878d0 fffffa80`16012700 : NETIO!NetioDereferenceNetBufferList+0x86
  77. fffff880`0a558520 fffff880`09b18fd3 : fffffa80`16012720 fffffa80`16012720 00000000`00000003 fffffa80`11b4bba0 : fwpkclnt!FwpsDereferenceNetBufferList0+0xaa
  78. fffff880`0a558570 fffffa80`16012720 : fffffa80`16012720 00000000`00000003 fffffa80`11b4bba0 00000000`00000008 : mwac+0x8fd3
  79. fffff880`0a558578 fffffa80`16012720 : 00000000`00000003 fffffa80`11b4bba0 00000000`00000008 fffff880`09b161e2 : 0xfffffa80`16012720
  80. fffff880`0a558580 00000000`00000003 : fffffa80`11b4bba0 00000000`00000008 fffff880`09b161e2 00000000`00000008 : 0xfffffa80`16012720
  81. fffff880`0a558588 fffffa80`11b4bba0 : 00000000`00000008 fffff880`09b161e2 00000000`00000008 00000000`00000008 : 0x3
  82. fffff880`0a558590 00000000`00000008 : fffff880`09b161e2 00000000`00000008 00000000`00000008 00000000`c000000d : 0xfffffa80`11b4bba0
  83. fffff880`0a558598 fffff880`09b161e2 : 00000000`00000008 00000000`00000008 00000000`c000000d fffffa80`16012720 : 0x8
  84. fffff880`0a5585a0 00000000`00000008 : 00000000`00000008 00000000`c000000d fffffa80`16012720 fffffa80`16012734 : mwac+0x61e2
  85. fffff880`0a5585a8 00000000`00000008 : 00000000`c000000d fffffa80`16012720 fffffa80`16012734 fffffa80`00000011 : 0x8
  86. fffff880`0a5585b0 00000000`c000000d : fffffa80`16012720 fffffa80`16012734 fffffa80`00000011 00000000`00000000 : 0x8
  87. fffff880`0a5585b8 fffffa80`16012720 : fffffa80`16012734 fffffa80`00000011 00000000`00000000 00000000`00000000 : 0xc000000d
  88. fffff880`0a5585c0 fffffa80`16012734 : fffffa80`00000011 00000000`00000000 00000000`00000000 fffffa80`00000000 : 0xfffffa80`16012720
  89. fffff880`0a5585c8 fffffa80`00000011 : 00000000`00000000 00000000`00000000 fffffa80`00000000 fffffa80`00000000 : 0xfffffa80`16012734
  90. fffff880`0a5585d0 00000000`00000000 : 00000000`00000000 fffffa80`00000000 fffffa80`00000000 00000000`00000000 : 0xfffffa80`00000011
  91.  
  92.  
  93. STACK_COMMAND: kb
  94.  
  95. FOLLOWUP_IP:
  96. NETIO!NetioDereferenceNetBufferList+86
  97. fffff880`01f9f316 4885ff test rdi,rdi
  98.  
  99. SYMBOL_STACK_INDEX: 4
  100.  
  101. SYMBOL_NAME: NETIO!NetioDereferenceNetBufferList+86
  102.  
  103. FOLLOWUP_NAME: MachineOwner
  104.  
  105. MODULE_NAME: NETIO
  106.  
  107. IMAGE_NAME: NETIO.SYS
  108.  
  109. DEBUG_FLR_IMAGE_TIMESTAMP: 5294760d
  110.  
  111. FAILURE_BUCKET_ID: X64_0xD1_NETIO!NetioDereferenceNetBufferList+86
  112.  
  113. BUCKET_ID: X64_0xD1_NETIO!NetioDereferenceNetBufferList+86
  114.  
  115. Followup: MachineOwner
  116. ---------
  117.  
  118.  
  119. This free analysis is provided by OSR Open Systems Resources, Inc.
  120. Want a deeper understanding of crash dump analysis? Check out our Windows Kernel Debugging and Crash Dump Analysis Seminar (opens in new tab/window)
  121. Show DivCrash Code Links
  122.  
  123. Show DivInformation About Address 0x0
  124.  
  125. Show DivLoaded Module List
  126.  
  127. Show DivRaw Stack Contents
  128.  
  129. Show DivDump Header Information
  130.  
  131. Show DivStrings
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!