Another reboot problem with XP
Hi,
I have WinXP SP2:
Since about a week, I have occasional reboots (sometimes twice a day).
I used the Win Debugger to check the minidump file and found out that this driver could cause this: vsdatant.sys
Looking at Google, they say it might be caused by ZoneAlarm. But I have the same version since a long time without updating it (so did not change recently). I'm surprised it would be that.
I'm including the debugger ananlysis as well as the dump file.
Any ideas?
Thanks.
Hi,
I have WinXP SP2:
Since about a week, I have occasional reboots (sometimes twice a day).
I used the Win Debugger to check the minidump file and found out that this driver could cause this: vsdatant.sys
Looking at Google, they say it might be caused by ZoneAlarm. But I have the same version since a long time without updating it (so did not change recently). I'm surprised it would be that.
I'm including the debugger ananlysis as well as the dump file.
Any ideas?
Thanks.
Code:
Microsoft (R) Windows Debugger Version 6.6.0007.5
Copyright (c) Microsoft Corporation. All rights reserved.
Loading Dump File [D:\Video\Mini082406-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available
Symbol search path is: *** Invalid ***
****************************************************************************
* Symbol loading may be unreliable without a symbol search path. *
* Use .symfix to have the debugger choose a symbol path. *
* After setting your symbol path, use .reload to refresh symbol locations. *
****************************************************************************
Executable search path is:
*********************************************************************
* Symbols can not be loaded because symbol path is not initialized. *
* *
* The Symbol Path can be set by: *
* using the _NT_SYMBOL_PATH environment variable. *
* using the -y <symbol_path> argument when starting the debugger. *
* using .sympath and .sympath+ *
*********************************************************************
Unable to load image \WINDOWS\system32\ntoskrnl.exe, Win32 error 2
*** WARNING: Unable to verify timestamp for ntoskrnl.exe
*** ERROR: Module load completed but symbols could not be loaded for ntoskrnl.exe
Windows XP Kernel Version 2600 (Service Pack 2) UP Free x86 compatible
Product: WinNt
Kernel base = 0x804d7000 PsLoadedModuleList = 0x8055a420
Debug session time: Thu Aug 24 13:46:12.329 2006 (GMT-4)
System Uptime: 0 days 21:21:27.927
*********************************************************************
* Symbols can not be loaded because symbol path is not initialized. *
* *
* The Symbol Path can be set by: *
* using the _NT_SYMBOL_PATH environment variable. *
* using the -y <symbol_path> argument when starting the debugger. *
* using .sympath and .sympath+ *
*********************************************************************
Unable to load image \WINDOWS\system32\ntoskrnl.exe, Win32 error 2
*** WARNING: Unable to verify timestamp for ntoskrnl.exe
*** ERROR: Module load completed but symbols could not be loaded for ntoskrnl.exe
Loading Kernel Symbols
...................................................................................................................................................................................................
Loading User Symbols
Loading unloaded module list
..............................................
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
Use !analyze -v to get detailed debugging information.
BugCheck 1000008E, {c0000005, 80566ccc, f07806b4, 0}
ANALYSIS: Kernel with unknown size. Will force reload symbols with known size.
ANALYSIS: Force reload command: .reload /f ntoskrnl.exe=FFFFFFFF804D7000,213F80,42250FF9
***** Kernel symbols are WRONG. Please fix symbols to do analysis.
***** Kernel symbols are WRONG. Please fix symbols to do analysis.
*** WARNING: Unable to verify timestamp for mssmbios.sys
*** ERROR: Module load completed but symbols could not be loaded for mssmbios.sys
*** WARNING: Unable to verify timestamp for vsdatant.sys
*** ERROR: Module load completed but symbols could not be loaded for vsdatant.sys
Probably caused by : vsdatant.sys ( vsdatant+1c596 )
Followup: MachineOwner
---------
!analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
KERNEL_MODE_EXCEPTION_NOT_HANDLED_M (1000008e)
This is a very common bugcheck. Usually the exception address pinpoints
the driver/function that caused the problem. Always note this address
as well as the link date of the driver/image that contains this address.
Some common problems are exception code 0x80000003. This means a hard
coded breakpoint or assertion was hit, but this system was booted
/NODEBUG. This is not supposed to happen as developers should never have
hardcoded breakpoints in retail code, but ...
If this happens, make sure a debugger gets connected, and the
system is booted /DEBUG. This will let us see why this breakpoint is
happening.
Arguments:
Arg1: c0000005, The exception code that was not handled
Arg2: 80566ccc, The address that the exception occurred at
Arg3: f07806b4, Trap Frame
Arg4: 00000000
Debugging Details:
------------------
ANALYSIS: Kernel with unknown size. Will force reload symbols with known size.
ANALYSIS: Force reload command: .reload /f ntoskrnl.exe=FFFFFFFF804D7000,213F80,42250FF9
***** Kernel symbols are WRONG. Please fix symbols to do analysis.
***** Kernel symbols are WRONG. Please fix symbols to do analysis.
FAULTING_MODULE: 804d7000 nt
DEBUG_FLR_IMAGE_TIMESTAMP: 3ee570a2
EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - The instruction at "0x%08lx" referenced memory at "0x%08lx". The memory could not be "%s".
FAULTING_IP:
nt+8fccc
80566ccc ?? ???
TRAP_FRAME: f07806b4 -- (.trap fffffffff07806b4)
Unable to read trap frame at f07806b4
CUSTOMER_CRASH_COUNT: 1
DEFAULT_BUCKET_ID: WRONG_SYMBOLS
BUGCHECK_STR: 0x8E
LAST_CONTROL_TRANSFER: from f07808d8 to 80566ccc
STACK_TEXT:
WARNING: Stack unwind information not available. Following frames may be wrong.
f0780724 f07808d8 00000000 00000400 00000000 nt+0x8fccc
f078074c 80566dd1 00000000 f0780764 00000000 0xf07808d8
f0780768 80564138 00000000 f078079c 00000000 nt+0x8fdd1
f07807bc 8056bc01 00000001 fed31bc8 00000000 nt+0x8d138
f078088c 80573dd6 fed31bc8 00000000 f07808d8 nt+0x94c01
f0780990 f0eaf596 f0780a60 00000400 f0780a6c nt+0x9cdd6
f0780994 f0780a60 00000400 f0780a6c f0780a64 vsdatant+0x1c596
f0780998 00000000 f0780a6c f0780a64 f07809d8 0xf0780a60
STACK_COMMAND: kb
FOLLOWUP_IP:
vsdatant+1c596
f0eaf596 ?? ???
SYMBOL_STACK_INDEX: 6
SYMBOL_NAME: vsdatant+1c596
FOLLOWUP_NAME: MachineOwner
MODULE_NAME: vsdatant
IMAGE_NAME: vsdatant.sys
BUCKET_ID: WRONG_SYMBOLS
Followup: MachineOwner
---------
