I have repeated BSODs, but unfortunately my system doesn't seem to write minidump/kernel dumps!! I don't know why, because everything is set to!

However, on one of the three or so crashes I got in a day I did get a dump write, and analyzing it with windbg I found that it was probably a driver called ntkrnlpa.exe, whatever that is. Because I only have that one dump I cannot tell if that was the primary and consistent cause, or even if it was accurate, but I have included the bang analyze dash v and lmv results for this debug, if anyone can add any wisdom to this irritating problem.

Thanks,

Scarlet


(the lmv results extend much farther, but I only included the info relevant to the driver hinted by !analyze -v...)

--

kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************

DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1)
An attempt was made to access a pageable (or completely invalid) address at an
interrupt request level (IRQL) that is too high. This is usually
caused by drivers using improper addresses.
If kernel debugger is available get stack backtrace.
Arguments:
Arg1: 71a5df52, memory referenced
Arg2: 00000002, IRQL
Arg3: 00000008, value 0 = read operation, 1 = write operation
Arg4: 71a5df52, address which referenced memory

Debugging Details:
------------------


READ_ADDRESS: 71a5df52

CURRENT_IRQL: 2

FAULTING_IP:
+71a5df52
71a5df52 ?? ???

CUSTOMER_CRASH_COUNT: 1

DEFAULT_BUCKET_ID: DRIVER_FAULT

BUGCHECK_STR: 0xD1

LAST_CONTROL_TRANSFER: from 71a5df52 to 8053fa73

FAILED_INSTRUCTION_ADDRESS:
+71a5df52
71a5df52 ?? ???

STACK_TEXT:
ed767d64 71a5df52 badb0d00 7c90eb94 ed767d98 nt!KiTrap0E+0x233
WARNING: Frame IP not in any known module. Following frames may be wrong.
0093f158 00000000 00000000 00000000 00000000 0x71a5df52


STACK_COMMAND: kb

FOLLOWUP_IP:
nt!KiTrap0E+233
8053fa73 f7457000000200 test dword ptr [ebp+70h],20000h

SYMBOL_STACK_INDEX: 0

SYMBOL_NAME: nt!KiTrap0E+233

FOLLOWUP_NAME: MachineOwner

MODULE_NAME: nt

IMAGE_NAME: ntkrnlpa.exe

DEBUG_FLR_IMAGE_TIMESTAMP: 45e53f9c

FAILURE_BUCKET_ID: 0xD1_CODE_AV_BAD_IP_nt!KiTrap0E+233

BUCKET_ID: 0xD1_CODE_AV_BAD_IP_nt!KiTrap0E+233

Followup: MachineOwner
---------

kd> lmv
start end module name
804d7000 806cd580 nt # (pdb symbols) c:\symbols\ntkrnlpa.pdb\F612363DB38C423CB08559DDBCA9F2F71\ntkrnlpa.pdb
Loaded symbol image file: ntkrnlpa.exe
Mapped memory image file: c:\symbols\ntkrnlpa.exe\45E53F9C1f6580\ntkrnlpa.exe
Image path: ntkrnlpa.exe
Image name: ntkrnlpa.exe
Timestamp: Wed Feb 28 00:38:52 2007 (45E53F9C)
CheckSum: 00200031
ImageSize: 001F6580
File version: 5.1.2600.3093
Product version: 5.1.2600.3093
File flags: 0 (Mask 3F)
File OS: 40004 NT Win32
File type: 1.0 App
File date: 00000000.00000000
Translations: 0411.04b0
CompanyName: Microsoft Corporation
ProductName: Microsoft(R) Windows(R) Operating System
InternalName: ntkrnlpa.exe
OriginalFilename: ntkrnlpa.exe
ProductVersion: 5.1.2600.3093
FileVersion: 5.1.2600.3093 (xpsp_sp2_gdr.070227-2254)
FileDescription: NT Kernel & System
LegalCopyright: (C) Microsoft Corporation. All rights reserved.