F:\kdfe_Dump_Analize>echo off
Microsoft (R) Windows Debugger Version 6.11.0001.402 X86
Copyright (c) Microsoft Corporation. All rights reserved.
Loading Dump File [F:\kdfe_Dump_Analize\DumpS\Mini052709-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available
Symbol search path is: srv*symbols*
http://msdl.microsoft.com/download/symbols
Executable search path is: srv*symbols *
http://msdl.microsoft.com/download/symbols
Windows Server 2008/Windows Vista Kernel Version 6001 (Service Pack 1) MP (4 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS Personal
Built by: 6001.18226.amd64fre.vistasp1_gdr.090302-1506
Machine Name:
Kernel base = 0xfffff800`0265f000 PsLoadedModuleList = 0xfffff800`02824db0
Debug session time: Tue May 26 19:07:51.736 2009 (GMT+6)
System Uptime: 0 days 3:47:14.391
Loading Kernel Symbols
...............................................................
................................................................
....................................
Loading User Symbols
Loading unloaded module list
...........
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
Use !analyze -v to get detailed debugging information.
BugCheck D1, {10, 2, 1, fffffa6000e4fc5e}
Unable to load image \SystemRoot\system32\DRIVERS\Rtlh64.sys, Win32 error 0n2
*** WARNING: Unable to verify timestamp for Rtlh64.sys
*** ERROR: Module load completed but symbols could not be loaded for Rtlh64.sys
Probably caused by : pacer.sys ( pacer!PcFilterSendNetBufferListsComplete+f4 )
Followup: MachineOwner
---------
3: kd> kd: Reading initial command '!analyze -v; q'
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1)
An attempt was made to access a pageable (or completely invalid) address at an
interrupt request level (IRQL) that is too high. This is usually
caused by drivers using improper addresses.
If kernel debugger is available get stack backtrace.
Arguments:
Arg1: 0000000000000010, memory referenced
Arg2: 0000000000000002, IRQL
Arg3: 0000000000000001, value 0 = read operation, 1 = write operation
Arg4: fffffa6000e4fc5e, address which referenced memory
Debugging Details:
------------------
WRITE_ADDRESS: GetPointerFromAddress: unable to read from fffff80002888080
0000000000000010
CURRENT_IRQL: 2
FAULTING_IP:
ndis!ndisXlateSendCompleteNetBufferListToPacket+3e
fffffa60`00e4fc5e 48c7411036434f4d mov qword ptr [rcx+10h],4D4F4336h
CUSTOMER_CRASH_COUNT: 1
DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT
BUGCHECK_STR: 0xD1
PROCESS_NAME: dmaster.exe
TRAP_FRAME: fffffa600996d9b0 -- (.trap 0xfffffa600996d9b0)
NOTE: The trap frame does not contain all registers.
Some register values may be zeroed or incorrect.
rax=fffffa80089d30b0 rbx=0000000000000000 rcx=0000000000000000
rdx=fffffa600996dbc8 rsi=0000000000000000 rdi=0000000000000000
rip=fffffa6000e4fc5e rsp=fffffa600996db40 rbp=0000000000000000
r8=fffffa600996dbc0 r9=fffffa80065d3780 r10=0000000000000089
r11=0000000000000089 r12=0000000000000000 r13=0000000000000000
r14=0000000000000000 r15=0000000000000000
iopl=0 nv up ei pl zr na po nc
ndis!ndisXlateSendCompleteNetBufferListToPacket+0x3e:
fffffa60`00e4fc5e 48c7411036434f4d mov qword ptr [rcx+10h],4D4F4336h ds:47c8:00000000`00000010=????????????????
Resetting default scope
LAST_CONTROL_TRANSFER: from fffff800026b33ee to fffff800026b3650
STACK_TEXT:
fffffa60`0996d868 fffff800`026b33ee : 00000000`0000000a 00000000`00000010 00000000`00000002 00000000`00000001 : nt!KeBugCheckEx
fffffa60`0996d870 fffff800`026b22cb : 00000000`00000001 fffff800`026b43c3 fffffa80`06628a00 fffffa80`08787e40 : nt!KiBugCheckDispatch+0x6e
fffffa60`0996d9b0 fffffa60`00e4fc5e : fffffa60`0996db58 00000000`00000018 00000000`00000001 fffff800`0261d916 : nt!KiPageFault+0x20b
fffffa60`0996db40 fffffa60`00fb60fd : 00000000`00000001 fffffa80`06628a00 fffffa80`066347b0 fffff800`0261dff6 : ndis!ndisXlateSendCompleteNetBufferListToPacket+0x3e
fffffa60`0996db70 fffffa60`00fb10b2 : fffffa80`00000000 fffffa80`089d30b0 fffffa80`063a11a0 00000000`0000004e : ndis!ndisMSendNetBufferListsCompleteToNdisPackets+0x6d
fffffa60`0996dbc0 fffffa60`04ac98ec : fffffa80`063a11a0 00000000`00000000 fffffa80`06a471d0 fffffa80`063a11a0 : ndis!ndisMSendCompleteNetBufferListsInternal+0xa2
fffffa60`0996dc30 fffffa60`00fb11ac : fffffa80`063a11a0 fffffa60`00e65110 00000000`00000001 fffffa80`08787e40 : pacer!PcFilterSendNetBufferListsComplete+0xf4
fffffa60`0996dca0 fffffa60`009ea9d7 : 00000000`00000000 fffffa80`065d3780 00000000`00000000 00000000`00000046 : ndis!NdisMSendNetBufferListsComplete+0x7c
fffffa60`0996dce0 00000000`00000000 : fffffa80`065d3780 00000000`00000000 00000000`00000046 fffffa80`06634780 : Rtlh64+0x69d7
STACK_COMMAND: kb
FOLLOWUP_IP:
pacer!PcFilterSendNetBufferListsComplete+f4
fffffa60`04ac98ec 4c8d5c2450 lea r11,[rsp+50h]
SYMBOL_STACK_INDEX: 6
SYMBOL_NAME: pacer!PcFilterSendNetBufferListsComplete+f4
FOLLOWUP_NAME: MachineOwner
MODULE_NAME: pacer
IMAGE_NAME: pacer.sys
DEBUG_FLR_IMAGE_TIMESTAMP: 47f6dc22
FAILURE_BUCKET_ID: X64_0xD1_pacer!PcFilterSendNetBufferListsComplete+f4
BUCKET_ID: X64_0xD1_pacer!PcFilterSendNetBufferListsComplete+f4
Followup: MachineOwner
---------
quit:
F:\kdfe_Dump_Analize>echo off
Microsoft (R) Windows Debugger Version 6.11.0001.402 X86
Copyright (c) Microsoft Corporation. All rights reserved.
Loading Dump File [F:\kdfe_Dump_Analize\DumpS\Mini052709-02.dmp]
Mini Kernel Dump File: Only registers and stack trace are available
Symbol search path is: srv*symbols*
http://msdl.microsoft.com/download/symbols
Executable search path is: srv*symbols *
http://msdl.microsoft.com/download/symbols
Windows Server 2008/Windows Vista Kernel Version 6001 (Service Pack 1) MP (4 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS Personal
Built by: 6001.18226.amd64fre.vistasp1_gdr.090302-1506
Machine Name:
Kernel base = 0xfffff800`0264e000 PsLoadedModuleList = 0xfffff800`02813db0
Debug session time: Wed May 27 04:49:09.142 2009 (GMT+6)
System Uptime: 0 days 1:41:14.543
Loading Kernel Symbols
...............................................................
................................................................
...............................
Loading User Symbols
Loading unloaded module list
...........
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
Use !analyze -v to get detailed debugging information.
BugCheck D1, {10, 2, 1, fffffa6000e4ac5e}
Unable to load image \SystemRoot\system32\DRIVERS\Rtlh64.sys, Win32 error 0n2
*** WARNING: Unable to verify timestamp for Rtlh64.sys
*** ERROR: Module load completed but symbols could not be loaded for Rtlh64.sys
Probably caused by : pacer.sys ( pacer!PcFilterSendNetBufferListsComplete+f4 )
Followup: MachineOwner
---------
0: kd> kd: Reading initial command '!analyze -v; q'
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1)
An attempt was made to access a pageable (or completely invalid) address at an
interrupt request level (IRQL) that is too high. This is usually
caused by drivers using improper addresses.
If kernel debugger is available get stack backtrace.
Arguments:
Arg1: 0000000000000010, memory referenced
Arg2: 0000000000000002, IRQL
Arg3: 0000000000000001, value 0 = read operation, 1 = write operation
Arg4: fffffa6000e4ac5e, address which referenced memory
Debugging Details:
------------------
WRITE_ADDRESS: GetPointerFromAddress: unable to read from fffff80002877080
0000000000000010
CURRENT_IRQL: 2
FAULTING_IP:
ndis!ndisXlateSendCompleteNetBufferListToPacket+3e
fffffa60`00e4ac5e 48c7411036434f4d mov qword ptr [rcx+10h],4D4F4336h
CUSTOMER_CRASH_COUNT: 2
DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT
BUGCHECK_STR: 0xD1
PROCESS_NAME: System
TRAP_FRAME: fffff80003825270 -- (.trap 0xfffff80003825270)
NOTE: The trap frame does not contain all registers.
Some register values may be zeroed or incorrect.
rax=fffffa8005de2da0 rbx=0000000000000000 rcx=0000000000000000
rdx=fffff80003825488 rsi=0000000000000000 rdi=0000000000000000
rip=fffffa6000e4ac5e rsp=fffff80003825400 rbp=0000000000000000
r8=fffff80003825480 r9=fffffa80065aa780 r10=0000000000000287
r11=0000000000000287 r12=0000000000000000 r13=0000000000000000
r14=0000000000000000 r15=0000000000000000
iopl=0 nv up ei pl zr na po nc
ndis!ndisXlateSendCompleteNetBufferListToPacket+0x3e:
fffffa60`00e4ac5e 48c7411036434f4d mov qword ptr [rcx+10h],4D4F4336h ds:0287:00000000`00000010=????????????????
Resetting default scope
LAST_CONTROL_TRANSFER: from fffff800026a23ee to fffff800026a2650
STACK_TEXT:
fffff800`03825128 fffff800`026a23ee : 00000000`0000000a 00000000`00000010 00000000`00000002 00000000`00000001 : nt!KeBugCheckEx
fffff800`03825130 fffff800`026a12cb : 00000000`00000001 fffff800`0271eceb 00000000`00000000 fffffa80`05bffcc0 : nt!KiBugCheckDispatch+0x6e
fffff800`03825270 fffffa60`00e4ac5e : 00000000`00000000 00000000`00000000 00000014`420b7d26 fffff800`0260c916 : nt!KiPageFault+0x20b
fffff800`03825400 fffffa60`00fb10fd : 00000000`00000001 fffffa80`04703b00 fffffa80`065eceb0 fffff800`0260cff6 : ndis!ndisXlateSendCompleteNetBufferListToPacket+0x3e
fffff800`03825430 fffffa60`00fac0b2 : fffffa80`00000000 fffffa80`05de2da0 fffffa80`063671a0 fffffa80`063671a0 : ndis!ndisMSendNetBufferListsCompleteToNdisPackets+0x6d
fffff800`03825480 fffffa60`04aea8ec : fffffa80`063671a0 00000000`00000000 fffffa80`06ae9b20 fffffa80`063671a0 : ndis!ndisMSendCompleteNetBufferListsInternal+0xa2
fffff800`038254f0 fffffa60`00fac1ac : fffffa80`063671a0 fffffa60`00e60110 00000000`00000001 fffffa80`05bffcc0 : pacer!PcFilterSendNetBufferListsComplete+0xf4
fffff800`03825560 fffffa60`007ad9d7 : 00000000`00000000 fffffa80`065aa780 00000000`00000000 00000000`00000000 : ndis!NdisMSendNetBufferListsComplete+0x7c
fffff800`038255a0 00000000`00000000 : fffffa80`065aa780 00000000`00000000 00000000`00000000 fffffa80`065ece80 : Rtlh64+0x69d7
STACK_COMMAND: kb
FOLLOWUP_IP:
pacer!PcFilterSendNetBufferListsComplete+f4
fffffa60`04aea8ec 4c8d5c2450 lea r11,[rsp+50h]
SYMBOL_STACK_INDEX: 6
SYMBOL_NAME: pacer!PcFilterSendNetBufferListsComplete+f4
FOLLOWUP_NAME: MachineOwner
MODULE_NAME: pacer
IMAGE_NAME: pacer.sys
DEBUG_FLR_IMAGE_TIMESTAMP: 47f6dc22
FAILURE_BUCKET_ID: X64_0xD1_pacer!PcFilterSendNetBufferListsComplete+f4
BUCKET_ID: X64_0xD1_pacer!PcFilterSendNetBufferListsComplete+f4
Followup: MachineOwner
---------
quit:
F:\kdfe_Dump_Analize>echo off
Microsoft (R) Windows Debugger Version 6.11.0001.402 X86
Copyright (c) Microsoft Corporation. All rights reserved.
Loading Dump File [F:\kdfe_Dump_Analize\DumpS\Mini052709-03.dmp]
Mini Kernel Dump File: Only registers and stack trace are available
Symbol search path is: srv*symbols*
http://msdl.microsoft.com/download/symbols
Executable search path is: srv*symbols *
http://msdl.microsoft.com/download/symbols
Windows Server 2008/Windows Vista Kernel Version 6001 (Service Pack 1) MP (4 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS Personal
Built by: 6001.18226.amd64fre.vistasp1_gdr.090302-1506
Machine Name:
Kernel base = 0xfffff800`02601000 PsLoadedModuleList = 0xfffff800`027c6db0
Debug session time: Wed May 27 04:55:15.281 2009 (GMT+6)
System Uptime: 0 days 0:05:10.975
Loading Kernel Symbols
...............................................................
................................................................
...............................
Loading User Symbols
Loading unloaded module list
...........
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
Use !analyze -v to get detailed debugging information.
BugCheck D1, {10, 2, 1, fffffa6000e4fc5e}
Unable to load image \SystemRoot\system32\DRIVERS\Rtlh64.sys, Win32 error 0n2
*** WARNING: Unable to verify timestamp for Rtlh64.sys
*** ERROR: Module load completed but symbols could not be loaded for Rtlh64.sys
Probably caused by : pacer.sys ( pacer!PcFilterSendNetBufferListsComplete+f4 )
Followup: MachineOwner
---------
0: kd> kd: Reading initial command '!analyze -v; q'
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1)
An attempt was made to access a pageable (or completely invalid) address at an
interrupt request level (IRQL) that is too high. This is usually
caused by drivers using improper addresses.
If kernel debugger is available get stack backtrace.
Arguments:
Arg1: 0000000000000010, memory referenced
Arg2: 0000000000000002, IRQL
Arg3: 0000000000000001, value 0 = read operation, 1 = write operation
Arg4: fffffa6000e4fc5e, address which referenced memory
Debugging Details:
------------------
WRITE_ADDRESS: GetPointerFromAddress: unable to read from fffff8000282a080
0000000000000010
CURRENT_IRQL: 2
FAULTING_IP:
ndis!ndisXlateSendCompleteNetBufferListToPacket+3e
fffffa60`00e4fc5e 48c7411036434f4d mov qword ptr [rcx+10h],4D4F4336h
CUSTOMER_CRASH_COUNT: 3
DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT
BUGCHECK_STR: 0xD1
PROCESS_NAME: System
TRAP_FRAME: fffff8000381f040 -- (.trap 0xfffff8000381f040)
NOTE: The trap frame does not contain all registers.
Some register values may be zeroed or incorrect.
rax=fffffa800441b0b0 rbx=0000000000000000 rcx=0000000000000000
rdx=fffff8000381f258 rsi=0000000000000000 rdi=0000000000000000
rip=fffffa6000e4fc5e rsp=fffff8000381f1d0 rbp=0000000000000000
r8=fffff8000381f250 r9=fffffa80067fd780 r10=00000000000002b6
r11=00000000000002b6 r12=0000000000000000 r13=0000000000000000
r14=0000000000000000 r15=0000000000000000
iopl=0 nv up ei pl zr na po nc
ndis!ndisXlateSendCompleteNetBufferListToPacket+0x3e:
fffffa60`00e4fc5e 48c7411036434f4d mov qword ptr [rcx+10h],4D4F4336h ds:9588:00000000`00000010=????????????????
Resetting default scope
LAST_CONTROL_TRANSFER: from fffff800026553ee to fffff80002655650
STACK_TEXT:
fffff800`0381eef8 fffff800`026553ee : 00000000`0000000a 00000000`00000010 00000000`00000002 00000000`00000001 : nt!KeBugCheckEx
fffff800`0381ef00 fffff800`026542cb : 00000000`00000001 fffffa80`07c03938 00000000`00000000 fffffa80`04a84c10 : nt!KiBugCheckDispatch+0x6e
fffff800`0381f040 fffffa60`00e4fc5e : fffffa60`007aab78 fffffa60`00e106a6 00000000`00000001 fffff800`02b1d916 : nt!KiPageFault+0x20b
fffff800`0381f1d0 fffffa60`00fb60fd : 00000000`00000001 fffffa80`0472fa00 fffffa80`066f9570 fffff800`02b1dff6 : ndis!ndisXlateSendCompleteNetBufferListToPacket+0x3e
fffff800`0381f200 fffffa60`00fb10b2 : fffffa80`00000000 fffffa80`0441b0b0 fffffa80`065c41a0 00000000`0000003e : ndis!ndisMSendNetBufferListsCompleteToNdisPackets+0x6d
fffff800`0381f250 fffffa60`048e28ec : fffffa80`065c41a0 00000000`00000000 fffffa80`06d71010 fffffa80`065c41a0 : ndis!ndisMSendCompleteNetBufferListsInternal+0xa2
fffff800`0381f2c0 fffffa60`00fb11ac : fffffa80`065c41a0 fffffa60`00e65110 00000000`00000001 fffffa80`04a84c10 : pacer!PcFilterSendNetBufferListsComplete+0xf4
fffff800`0381f330 fffffa60`007a89d7 : 00000000`00000000 fffffa80`067fd780 00000000`00000000 fffffa60`0103075d : ndis!NdisMSendNetBufferListsComplete+0x7c
fffff800`0381f370 00000000`00000000 : fffffa80`067fd780 00000000`00000000 fffffa60`0103075d fffffa80`066f9540 : Rtlh64+0x69d7
STACK_COMMAND: kb
FOLLOWUP_IP:
pacer!PcFilterSendNetBufferListsComplete+f4
fffffa60`048e28ec 4c8d5c2450 lea r11,[rsp+50h]
SYMBOL_STACK_INDEX: 6
SYMBOL_NAME: pacer!PcFilterSendNetBufferListsComplete+f4
FOLLOWUP_NAME: MachineOwner
MODULE_NAME: pacer
IMAGE_NAME: pacer.sys
DEBUG_FLR_IMAGE_TIMESTAMP: 47f6dc22
FAILURE_BUCKET_ID: X64_0xD1_pacer!PcFilterSendNetBufferListsComplete+f4
BUCKET_ID: X64_0xD1_pacer!PcFilterSendNetBufferListsComplete+f4
Followup: MachineOwner
---------
quit:
