Moin,
hatte eben einen Bluescreen mit der Meldung tcpip.sys Driver IRQL not less or equal. Mglw. erwähnenswert, dass das Programm Forticlient im Hintergrund lief und verbunden war und nach dem Neustart auch nicht automatisch erneut lud.
Danke!
Hier der Crash-Dump:
Crash Dump Analysis provided by OSR Open Systems Resources, Inc. (http://www.osr.com)
Online Crash Dump Analysis Service
See http://www.osronline.com for more information
Windows 8 Kernel Version 17134 MP (4 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 17134.1.amd64fre.rs4_release.180410-1804
Machine Name:
Kernel base = 0xfffff801`9080d000 PsLoadedModuleList = 0xfffff801`90bc71f0
Debug session time: Sat Jul 21 02:44:11.027 2018 (UTC - 4:00)
System Uptime: 0 days 14:00:42.415
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1)
An attempt was made to access a pageable (or completely invalid) address at an
interrupt request level (IRQL) that is too high. This is usually
caused by drivers using improper addresses.
If kernel debugger is available get stack backtrace.
Arguments:
Arg1: 0000002056a17004, memory referenced
Arg2: 0000000000000002, IRQL
Arg3: 0000000000000000, value 0 = read operation, 1 = write operation
Arg4: fffff800e6096bf6, address which referenced memory
Debugging Details:
------------------
TRIAGER: Could not open triage file : e:\dump_analysis\program\triage\modclass.ini, error 2
READ_ADDRESS: unable to get nt!MmSpecialPoolStart
unable to get nt!MmSpecialPoolEnd
unable to get nt!MmPagedPoolEnd
unable to get nt!MmNonPagedPoolStart
unable to get nt!MmSizeOfNonPagedPoolInBytes
0000002056a17004
CURRENT_IRQL: 2
FAULTING_IP:
tcpip!TcpPortPoolQueryLocalAddressFunction+69e36
fffff800`e6096bf6 488b08 mov rcx,qword ptr [rax]
CUSTOMER_CRASH_COUNT: 1
DEFAULT_BUCKET_ID: WIN8_DRIVER_FAULT
BUGCHECK_STR: AV
PROCESS_NAME: Dropbox.exe
TRAP_FRAME: ffffc9873f733030 -- (.trap 0xffffc9873f733030)
NOTE: The trap frame does not contain all registers.
Some register values may be zeroed or incorrect.
rax=0000002056a17004 rbx=0000000000000000 rcx=ffffb980a9d94288
rdx=0000000000000003 rsi=0000000000000000 rdi=0000000000000000
rip=fffff800e6096bf6 rsp=ffffc9873f7331c8 rbp=ffffc9873f7332d0
r8=ffffc9873f73320c r9=0800000000000000 r10=ffffc9873f7332b8
r11=ffffb9809e98eb90 r12=0000000000000000 r13=0000000000000000
r14=0000000000000000 r15=0000000000000000
iopl=0 nv up ei pl zr na po nc
tcpip!TcpPortPoolQueryLocalAddressFunction+0x69e36:
fffff800`e6096bf6 488b08 mov rcx,qword ptr [rax] ds:00000020`56a17004=????????????????
Resetting default scope
LAST_CONTROL_TRANSFER: from fffff801909b5f69 to fffff801909a5430
STACK_TEXT:
ffffc987`3f732ee8 fffff801`909b5f69 : 00000000`0000000a 00000020`56a17004 00000000`00000002 00000000`00000000 : nt!KeBugCheckEx
ffffc987`3f732ef0 fffff801`909b2be5 : 00000000`00000000 00000000`00000000 00000000`00000000 fffff801`90893257 : nt!KiBugCheckDispatch+0x69
ffffc987`3f733030 fffff800`e6096bf6 : fffff800`e6032f51 00000000`0000d4e3 ffffc987`3f7332d0 00000000`00000002 : nt!KiPageFault+0x425
ffffc987`3f7331c8 fffff800`e6032f51 : 00000000`0000d4e3 ffffc987`3f7332d0 00000000`00000002 00000000`00000000 : tcpip!TcpPortPoolQueryLocalAddressFunction+0x69e36
ffffc987`3f7331d0 fffff800`e60332d7 : 00000000`00002a00 ffffb980`a9b6d088 ffffb980`a9b6ed80 00000000`00000067 : tcpip!TcpEnumerateListeners+0x5f5
ffffc987`3f733340 fffff800`e60ac10e : fffff800`e61a20f8 ffffc987`3f7334c0 fffff800`e61a4818 fffff800`e5f642c0 : tcpip!TcpEnumerateConnectionType+0x9b
ffffc987`3f733390 fffff800`e5f04f95 : 00000000`00000000 ffffb980`a9b6d000 ffffb980`a734e288 00000000`00000000 : tcpip!TcpEnumerateAllConnections+0xe
ffffc987`3f7333c0 fffff800`e72a27d1 : ffffb980`a9b6d000 ffffb980`00000070 ffffc987`3f733720 fffff801`6770534e : NETIO!NsiEnumerateObjectsAllParametersEx+0x225
ffffc987`3f7335c0 fffff800`e72a2422 : 00000000`00000000 ffffb980`a734e320 ffffb980`a734e250 00000000`149ee838 : nsiproxy!NsippEnumerateObjectsAllParameters+0x201
ffffc987`3f7337b0 fffff801`908911a9 : ffffb980`a4b32ef0 ffffb980`a4b32ef0 00000000`00000002 00000000`00000000 : nsiproxy!NsippDispatch+0x82
ffffc987`3f733800 fffff801`90d042eb : ffffb980`a734e250 00000000`00000000 00000000`00000000 00000000`00000000 : nt!IofCallDriver+0x59
ffffc987`3f733840 fffff801`90d1022f : ffffb980`00000000 ffffb980`a4b32f40 00000000`00000000 ffffc987`3f733b80 : nt!IopSynchronousServiceTail+0x1ab
ffffc987`3f7338f0 fffff801`90d109d6 : 00000000`148ee3e8 00000000`0000208c 00000000`00000001 00000000`00000000 : nt!IopXxxControlFile+0x66f
ffffc987`3f733a20 fffff801`909b5a43 : ffffb980`a5180700 00000000`148ee388 ffffc987`3f733aa8 00000000`00000001 : nt!NtDeviceIoControlFile+0x56
ffffc987`3f733a90 00000000`771c1e4c : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x13
00000000`148eec98 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x771c1e4c
STACK_COMMAND: kb
FOLLOWUP_IP:
NETIO!NsiEnumerateObjectsAllParametersEx+225
fffff800`e5f04f95 89442460 mov dword ptr [rsp+60h],eax
SYMBOL_STACK_INDEX: 7
SYMBOL_NAME: NETIO!NsiEnumerateObjectsAllParametersEx+225
FOLLOWUP_NAME: MachineOwner
MODULE_NAME: NETIO
IMAGE_NAME: NETIO.SYS
DEBUG_FLR_IMAGE_TIMESTAMP: 62e4197b
FAILURE_BUCKET_ID: X64_AV_NETIO!NsiEnumerateObjectsAllParametersEx+225
BUCKET_ID: X64_AV_NETIO!NsiEnumerateObjectsAllParametersEx+225
Followup: MachineOwner
---------
hatte eben einen Bluescreen mit der Meldung tcpip.sys Driver IRQL not less or equal. Mglw. erwähnenswert, dass das Programm Forticlient im Hintergrund lief und verbunden war und nach dem Neustart auch nicht automatisch erneut lud.
Danke!
Hier der Crash-Dump:
Crash Dump Analysis provided by OSR Open Systems Resources, Inc. (http://www.osr.com)
Online Crash Dump Analysis Service
See http://www.osronline.com for more information
Windows 8 Kernel Version 17134 MP (4 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 17134.1.amd64fre.rs4_release.180410-1804
Machine Name:
Kernel base = 0xfffff801`9080d000 PsLoadedModuleList = 0xfffff801`90bc71f0
Debug session time: Sat Jul 21 02:44:11.027 2018 (UTC - 4:00)
System Uptime: 0 days 14:00:42.415
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1)
An attempt was made to access a pageable (or completely invalid) address at an
interrupt request level (IRQL) that is too high. This is usually
caused by drivers using improper addresses.
If kernel debugger is available get stack backtrace.
Arguments:
Arg1: 0000002056a17004, memory referenced
Arg2: 0000000000000002, IRQL
Arg3: 0000000000000000, value 0 = read operation, 1 = write operation
Arg4: fffff800e6096bf6, address which referenced memory
Debugging Details:
------------------
TRIAGER: Could not open triage file : e:\dump_analysis\program\triage\modclass.ini, error 2
READ_ADDRESS: unable to get nt!MmSpecialPoolStart
unable to get nt!MmSpecialPoolEnd
unable to get nt!MmPagedPoolEnd
unable to get nt!MmNonPagedPoolStart
unable to get nt!MmSizeOfNonPagedPoolInBytes
0000002056a17004
CURRENT_IRQL: 2
FAULTING_IP:
tcpip!TcpPortPoolQueryLocalAddressFunction+69e36
fffff800`e6096bf6 488b08 mov rcx,qword ptr [rax]
CUSTOMER_CRASH_COUNT: 1
DEFAULT_BUCKET_ID: WIN8_DRIVER_FAULT
BUGCHECK_STR: AV
PROCESS_NAME: Dropbox.exe
TRAP_FRAME: ffffc9873f733030 -- (.trap 0xffffc9873f733030)
NOTE: The trap frame does not contain all registers.
Some register values may be zeroed or incorrect.
rax=0000002056a17004 rbx=0000000000000000 rcx=ffffb980a9d94288
rdx=0000000000000003 rsi=0000000000000000 rdi=0000000000000000
rip=fffff800e6096bf6 rsp=ffffc9873f7331c8 rbp=ffffc9873f7332d0
r8=ffffc9873f73320c r9=0800000000000000 r10=ffffc9873f7332b8
r11=ffffb9809e98eb90 r12=0000000000000000 r13=0000000000000000
r14=0000000000000000 r15=0000000000000000
iopl=0 nv up ei pl zr na po nc
tcpip!TcpPortPoolQueryLocalAddressFunction+0x69e36:
fffff800`e6096bf6 488b08 mov rcx,qword ptr [rax] ds:00000020`56a17004=????????????????
Resetting default scope
LAST_CONTROL_TRANSFER: from fffff801909b5f69 to fffff801909a5430
STACK_TEXT:
ffffc987`3f732ee8 fffff801`909b5f69 : 00000000`0000000a 00000020`56a17004 00000000`00000002 00000000`00000000 : nt!KeBugCheckEx
ffffc987`3f732ef0 fffff801`909b2be5 : 00000000`00000000 00000000`00000000 00000000`00000000 fffff801`90893257 : nt!KiBugCheckDispatch+0x69
ffffc987`3f733030 fffff800`e6096bf6 : fffff800`e6032f51 00000000`0000d4e3 ffffc987`3f7332d0 00000000`00000002 : nt!KiPageFault+0x425
ffffc987`3f7331c8 fffff800`e6032f51 : 00000000`0000d4e3 ffffc987`3f7332d0 00000000`00000002 00000000`00000000 : tcpip!TcpPortPoolQueryLocalAddressFunction+0x69e36
ffffc987`3f7331d0 fffff800`e60332d7 : 00000000`00002a00 ffffb980`a9b6d088 ffffb980`a9b6ed80 00000000`00000067 : tcpip!TcpEnumerateListeners+0x5f5
ffffc987`3f733340 fffff800`e60ac10e : fffff800`e61a20f8 ffffc987`3f7334c0 fffff800`e61a4818 fffff800`e5f642c0 : tcpip!TcpEnumerateConnectionType+0x9b
ffffc987`3f733390 fffff800`e5f04f95 : 00000000`00000000 ffffb980`a9b6d000 ffffb980`a734e288 00000000`00000000 : tcpip!TcpEnumerateAllConnections+0xe
ffffc987`3f7333c0 fffff800`e72a27d1 : ffffb980`a9b6d000 ffffb980`00000070 ffffc987`3f733720 fffff801`6770534e : NETIO!NsiEnumerateObjectsAllParametersEx+0x225
ffffc987`3f7335c0 fffff800`e72a2422 : 00000000`00000000 ffffb980`a734e320 ffffb980`a734e250 00000000`149ee838 : nsiproxy!NsippEnumerateObjectsAllParameters+0x201
ffffc987`3f7337b0 fffff801`908911a9 : ffffb980`a4b32ef0 ffffb980`a4b32ef0 00000000`00000002 00000000`00000000 : nsiproxy!NsippDispatch+0x82
ffffc987`3f733800 fffff801`90d042eb : ffffb980`a734e250 00000000`00000000 00000000`00000000 00000000`00000000 : nt!IofCallDriver+0x59
ffffc987`3f733840 fffff801`90d1022f : ffffb980`00000000 ffffb980`a4b32f40 00000000`00000000 ffffc987`3f733b80 : nt!IopSynchronousServiceTail+0x1ab
ffffc987`3f7338f0 fffff801`90d109d6 : 00000000`148ee3e8 00000000`0000208c 00000000`00000001 00000000`00000000 : nt!IopXxxControlFile+0x66f
ffffc987`3f733a20 fffff801`909b5a43 : ffffb980`a5180700 00000000`148ee388 ffffc987`3f733aa8 00000000`00000001 : nt!NtDeviceIoControlFile+0x56
ffffc987`3f733a90 00000000`771c1e4c : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x13
00000000`148eec98 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x771c1e4c
STACK_COMMAND: kb
FOLLOWUP_IP:
NETIO!NsiEnumerateObjectsAllParametersEx+225
fffff800`e5f04f95 89442460 mov dword ptr [rsp+60h],eax
SYMBOL_STACK_INDEX: 7
SYMBOL_NAME: NETIO!NsiEnumerateObjectsAllParametersEx+225
FOLLOWUP_NAME: MachineOwner
MODULE_NAME: NETIO
IMAGE_NAME: NETIO.SYS
DEBUG_FLR_IMAGE_TIMESTAMP: 62e4197b
FAILURE_BUCKET_ID: X64_AV_NETIO!NsiEnumerateObjectsAllParametersEx+225
BUCKET_ID: X64_AV_NETIO!NsiEnumerateObjectsAllParametersEx+225
Followup: MachineOwner
---------
