Howdy,
Windows XP SP2 gave me a BSOD today when I was logging in after a fresh reboot... I've tried to track the cause down and have hit a brick-wall due to my lack of knowledge of Windows Debugging.
Any help you could offer would be greatly appreciated!
The BSOD error message is:
"Driver_IRQL_NOT_LESS_OR_EQUAL"
Microsoft's Error reporting wizard gave the following info:
BCCode : 100000d1
BCP1 : 000000ED
BCP2 : 00000002
BCP3 : 00000000
BCP4 : 000000ED
OSVer : 5_1_2600
SP : 2_0
Product : 768_1
A google search turned up the fact that this is probably related to an "out of date" driver... One that's not compatible with XP. So now I'm trying to figure out which driver has caused this BSOD.
Since the crash generated a memory dump, I took the mini-dump file that it generated and analyzed it with MS's DUMPCHK.exe and here are the results:
============
----- 32 bit Kernel Mini Dump Analysis
DUMP_HEADER32:
MajorVersion 0000000f
MinorVersion 00000a28
DirectoryTableBase 00039000
PfnDataBase 81051000
PsLoadedModuleList 8055a420
PsActiveProcessHead 805604d8
MachineImageType 0000014c
NumberProcessors 00000001
BugCheckCode 100000d1
BugCheckParameter1 000000ed
BugCheckParameter2 00000002
BugCheckParameter3 00000000
BugCheckParameter4 000000ed
PaeEnabled 00000000
KdDebuggerDataBlock 8054c060
MiniDumpFields 00000dff
TRIAGE_DUMP32:
ServicePackBuild 00000200
SizeOfDump 00010000
ValidOffset 0000fffc
ContextOffset 00000320
ExceptionOffset 000007d0
MmOffset 00001068
UnloadedDriversOffset 000010a0
PrcbOffset 00001878
ProcessOffset 000024c8
ThreadOffset 00002728
CallStackOffset 00002980
SizeOfCallStack 000005e0
DriverListOffset 000031f0
DriverCount 0000009d
StringPoolOffset 00006090
StringPoolSize 000015e0
BrokenDriverOffset 00000000
TriageOptions 00000041
TopOfStack f899ca20
DebuggerDataOffset 00002f60
DebuggerDataSize 00000290
DataBlocksOffset 00007670
DataBlocksCount 00000002
Windows XP Kernel Version 2600 (Service Pack 2) UP Free x86 compatible
Kernel base = 0x804d7000 PsLoadedModuleList = 0x8055a420
Debug session time: Wed Apr 12 11:44:55 2006
System Uptime: 0 days 0:00:39
start end module name
804d7000 806eb100 nt Checksum: 002198AF Timestamp: Tue Mar 01 17:59:37 2005 (42250FF9)
Unloaded modules:
a9e3d000 a9e4d000 Serial.SYS Timestamp: unavailable (00000000)
f89f1000 f89f5000 kbdhid.sys Timestamp: unavailable (00000000)
f88f1000 f88f6000 Cdaudio.SYS Timestamp: unavailable (00000000)
f89ed000 f89f0000 Sfloppy.SYS Timestamp: unavailable (00000000)
f88e9000 f88ee000 Flpydisk.SYS Timestamp: unavailable (00000000)
f88e1000 f88e8000 Fdc.SYS Timestamp: unavailable (00000000)
Finished dump check
============
The problem is I don't know what any of this means.
Two questions:
1. Does this information give any clue as to the cause of my crash?
2. What command line options should I be running with DUMPCHK.exe to get the proper results. The following command line options are available:
==============
DUMPCHK [options] <CrashDumpFile>
-? Displays the command syntax.
-p Prints the header only (with no validation).
-v Specifies verbose mode.
-q Performs a quick test. Not available in Windows XP.
-c Does dump validation.
-x Does extra file validation; takes several minutes.
-e Does dump exam.
-y <Path> Sets the symbol search path for a dump exam.
If the symbol search path is empty, the CD-ROM
is used for symbols.
-b <Path> Sets the image search path for a dump exam.
If the symbol search path is empty, %SystemRoot%\System32
is used for symbols.
-k <File> Sets the name of the kernel to File.
-h <File> Sets the name of the HAL to File.
==============
So... any help anyone could offer on this would be most appreciated.
I'm not a technophobe and I guess it's time I start to learn about this stuff.
Thanks in advance...!
Windows XP SP2 gave me a BSOD today when I was logging in after a fresh reboot... I've tried to track the cause down and have hit a brick-wall due to my lack of knowledge of Windows Debugging.
Any help you could offer would be greatly appreciated!
The BSOD error message is:
"Driver_IRQL_NOT_LESS_OR_EQUAL"
Microsoft's Error reporting wizard gave the following info:
BCCode : 100000d1
BCP1 : 000000ED
BCP2 : 00000002
BCP3 : 00000000
BCP4 : 000000ED
OSVer : 5_1_2600
SP : 2_0
Product : 768_1
A google search turned up the fact that this is probably related to an "out of date" driver... One that's not compatible with XP. So now I'm trying to figure out which driver has caused this BSOD.
Since the crash generated a memory dump, I took the mini-dump file that it generated and analyzed it with MS's DUMPCHK.exe and here are the results:
============
----- 32 bit Kernel Mini Dump Analysis
DUMP_HEADER32:
MajorVersion 0000000f
MinorVersion 00000a28
DirectoryTableBase 00039000
PfnDataBase 81051000
PsLoadedModuleList 8055a420
PsActiveProcessHead 805604d8
MachineImageType 0000014c
NumberProcessors 00000001
BugCheckCode 100000d1
BugCheckParameter1 000000ed
BugCheckParameter2 00000002
BugCheckParameter3 00000000
BugCheckParameter4 000000ed
PaeEnabled 00000000
KdDebuggerDataBlock 8054c060
MiniDumpFields 00000dff
TRIAGE_DUMP32:
ServicePackBuild 00000200
SizeOfDump 00010000
ValidOffset 0000fffc
ContextOffset 00000320
ExceptionOffset 000007d0
MmOffset 00001068
UnloadedDriversOffset 000010a0
PrcbOffset 00001878
ProcessOffset 000024c8
ThreadOffset 00002728
CallStackOffset 00002980
SizeOfCallStack 000005e0
DriverListOffset 000031f0
DriverCount 0000009d
StringPoolOffset 00006090
StringPoolSize 000015e0
BrokenDriverOffset 00000000
TriageOptions 00000041
TopOfStack f899ca20
DebuggerDataOffset 00002f60
DebuggerDataSize 00000290
DataBlocksOffset 00007670
DataBlocksCount 00000002
Windows XP Kernel Version 2600 (Service Pack 2) UP Free x86 compatible
Kernel base = 0x804d7000 PsLoadedModuleList = 0x8055a420
Debug session time: Wed Apr 12 11:44:55 2006
System Uptime: 0 days 0:00:39
start end module name
804d7000 806eb100 nt Checksum: 002198AF Timestamp: Tue Mar 01 17:59:37 2005 (42250FF9)
Unloaded modules:
a9e3d000 a9e4d000 Serial.SYS Timestamp: unavailable (00000000)
f89f1000 f89f5000 kbdhid.sys Timestamp: unavailable (00000000)
f88f1000 f88f6000 Cdaudio.SYS Timestamp: unavailable (00000000)
f89ed000 f89f0000 Sfloppy.SYS Timestamp: unavailable (00000000)
f88e9000 f88ee000 Flpydisk.SYS Timestamp: unavailable (00000000)
f88e1000 f88e8000 Fdc.SYS Timestamp: unavailable (00000000)
Finished dump check
============
The problem is I don't know what any of this means.
Two questions:
1. Does this information give any clue as to the cause of my crash?
2. What command line options should I be running with DUMPCHK.exe to get the proper results. The following command line options are available:
==============
DUMPCHK [options] <CrashDumpFile>
-? Displays the command syntax.
-p Prints the header only (with no validation).
-v Specifies verbose mode.
-q Performs a quick test. Not available in Windows XP.
-c Does dump validation.
-x Does extra file validation; takes several minutes.
-e Does dump exam.
-y <Path> Sets the symbol search path for a dump exam.
If the symbol search path is empty, the CD-ROM
is used for symbols.
-b <Path> Sets the image search path for a dump exam.
If the symbol search path is empty, %SystemRoot%\System32
is used for symbols.
-k <File> Sets the name of the kernel to File.
-h <File> Sets the name of the HAL to File.
==============
So... any help anyone could offer on this would be most appreciated.
I'm not a technophobe and I guess it's time I start to learn about this stuff.
Thanks in advance...!
