BSOD minidump analysis

  • Thread starter Thread starter yaro137
  • Start date Start date
Y

yaro137

After a BSOD occured I've managed to get the minidump file.
Unfortunately I have no idea what should be blamed for the BSOD based
on the minidump analysis in this case. Can anyone help?
yaro


KERNEL_MODE_EXCEPTION_NOT_HANDLED_M (1000008e)
This is a very common bugcheck. Usually the exception address
pinpoints
the driver/function that caused the problem. Always note this address
as well as the link date of the driver/image that contains this
address.
Some common problems are exception code 0x80000003. This means a hard
coded breakpoint or assertion was hit, but this system was booted
/NODEBUG. This is not supposed to happen as developers should never
have
hardcoded breakpoints in retail code, but ...
If this happens, make sure a debugger gets connected, and the
system is booted /DEBUG. This will let us see why this breakpoint is
happening.
Arguments:
Arg1: c0000005, The exception code that was not handled
Arg2: 00000000, The address that the exception occurred at
Arg3: 88d908d8, Trap Frame
Arg4: 00000000

Debugging Details:
------------------


EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x%08lx
referenced memory at 0x%08lx. The memory could not be %s.

FAULTING_IP:
+0
00000000 ?? ???

TRAP_FRAME: 88d908d8 -- (.trap 0xffffffff88d908d8)
..trap 0xffffffff88d908d8
ErrCode = 00000010
eax=8cdf19a0 ebx=8e2a5008 ecx=00000d20 edx=8e2a5008 esi=8cdf8a50
edi=00000000
eip=00000000 esp=88d9094c ebp=8cdf19a0 iopl=0 nv up ei pl nz
ac po nc
cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000
efl=00010212
00000000 ?? ???
..trap
Resetting default scope

CUSTOMER_CRASH_COUNT: 1

DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT

BUGCHECK_STR: 0x8E

PROCESS_NAME: csrss.exe

CURRENT_IRQL: 0

LAST_CONTROL_TRANSFER: from 8908dba1 to 00000000

STACK_TEXT:
WARNING: Frame IP not in any known module. Following frames may be
wrong.
88d90948 8908dba1 8e2a5008 8cdf19a0 89256033 0x0
88d9094c 8e2a5008 8cdf19a0 89256033 8e2a5008 nvlddmkm+0x156ba1
88d90950 8cdf19a0 89256033 8e2a5008 8cdf19a0 0x8e2a5008
88d90954 89256033 8e2a5008 8cdf19a0 0000000f 0x8cdf19a0
88d90958 8e2a5008 8cdf19a0 0000000f 8e2a58c8 nvlddmkm+0x31f033
88d9095c 8cdf19a0 0000000f 8e2a58c8 8e2a5008 0x8e2a5008
88d90960 00000000 8e2a58c8 8e2a5008 8cdf8a50 0x8cdf19a0


STACK_COMMAND: kb

FOLLOWUP_IP:
nvlddmkm+156ba1
8908dba1 ?? ???

SYMBOL_STACK_INDEX: 1

SYMBOL_NAME: nvlddmkm+156ba1

FOLLOWUP_NAME: MachineOwner

MODULE_NAME: nvlddmkm

IMAGE_NAME: nvlddmkm.sys

DEBUG_FLR_IMAGE_TIMESTAMP: 46400e53

FAILURE_BUCKET_ID: 0x8E_nvlddmkm+156ba1

BUCKET_ID: 0x8E_nvlddmkm+156ba1

Followup: MachineOwner
---------

eax=8cdf19a0 ebx=8e2a5008 ecx=00000d20 edx=8e2a5008 esi=8cdf8a50
edi=00000000
eip=00000000 esp=88d9094c ebp=8cdf19a0 iopl=0 nv up ei pl nz
ac po nc
cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000
efl=00010212
00000000 ?? ???
ChildEBP RetAddr Args to Child
WARNING: Frame IP not in any known module. Following frames may be
wrong.
88d90948 8908dba1 8e2a5008 8cdf19a0 89256033 0x0
88d9094c 8e2a5008 8cdf19a0 89256033 8e2a5008 nvlddmkm+0x156ba1
88d90950 8cdf19a0 89256033 8e2a5008 8cdf19a0 0x8e2a5008
88d90954 89256033 8e2a5008 8cdf19a0 0000000f 0x8cdf19a0
88d90958 8e2a5008 8cdf19a0 0000000f 8e2a58c8 nvlddmkm+0x31f033
88d9095c 8cdf19a0 0000000f 8e2a58c8 8e2a5008 0x8e2a5008
88d90960 00000000 8e2a58c8 8e2a5008 8cdf8a50 0x8cdf19a0
start end module name
80201000 80203900 compbatt compbatt.sys Fri Aug 31 01:57:47 2007
(46D7678B)
80204000 8020d000 WMILIB WMILIB.SYS Thu Nov 02 08:54:53 2006
(4549B25D)
8020d000 8021a000 WDFLDR WDFLDR.SYS Thu Dec 06 02:21:19 2007
(47575C9F)
8021a000 80255000 CLFS CLFS.SYS Thu Dec 06 01:55:42 2007
(4757569E)
80255000 8025d000 BOOTVID BOOTVID.dll Thu Nov 02 09:39:29 2006
(4549BCD1)
8025d000 80266000 PSHED PSHED.dll Thu Nov 02 09:42:51 2006
(4549BD9B)
80266000 802c6000 mcupdate_GenuineIntel mcupdate_GenuineIntel.dll
Tue Apr 24 04:40:05 2007 (462D7C15)
802c6000 802ce000 kdcom kdcom.dll Thu Nov 02 09:42:20 2006
(4549BD7C)
80402000 80403980 Thpevm Thpevm.SYS Wed Feb 07 08:29:17 2007
(45C98DDD)
80404000 8040b000 intelide intelide.sys Sat Jan 19 02:28:20 2008
(47916044)
8040b000 8041b000 mountmgr mountmgr.sys Thu Nov 02 08:51:06 2006
(4549B17A)
8041b000 80425000 BATTC BATTC.SYS Fri Aug 31 01:57:44 2007
(46D76788)
80425000 80434000 volmgr volmgr.sys Thu Nov 02 08:51:44 2006
(4549B1A0)
80434000 80459000 pci pci.sys Thu Nov 02 08:35:13 2006
(4549ADC1)
80459000 80461000 msisadrv msisadrv.sys Thu Nov 02 08:35:08 2006
(4549ADBC)
80461000 804a4000 acpi acpi.sys Fri Aug 31 01:57:46 2007
(46D7678A)
804a4000 8051f000 Wdf01000 Wdf01000.sys Thu Dec 06 02:21:28 2007
(47575CA8)
8051f000 80600000 CI CI.dll Tue Feb 19 04:59:14 2008
(47BA6222)
80608000 80617000 partmgr partmgr.sys Thu Nov 02 08:51:47 2006
(4549B1A3)
80617000 8061f000 spldr spldr.sys Wed Oct 25 23:40:44 2006
(453FE7EC)
8061f000 80629000 thpdrv thpdrv.sys Fri Apr 27 03:22:39 2007
(46315E6F)
80629000 8062d180 TVALZ TVALZ.SYS Thu Oct 05 14:13:11 2006
(452504E7)
8062e000 80659000 msrpc msrpc.sys Thu Nov 02 08:50:16 2006
(4549B148)
80659000 80669000 fileinfo fileinfo.sys Thu Nov 02 08:36:47 2006
(4549AE1F)
80669000 8069a000 fltmgr fltmgr.sys Thu Nov 02 08:30:58 2006
(4549ACC2)
8069a000 806b8000 ataport ataport.SYS Sat Jan 19 02:28:19 2008
(47916043)
806b8000 806c0000 atapi atapi.sys Sat Jan 19 02:28:18 2008
(47916042)
806c0000 8077e000 iaStor iaStor.sys Mon Feb 12 20:46:47 2007
(45D0D237)
8077e000 807c8000 volmgrx volmgrx.sys Thu Nov 02 08:51:54 2006
(4549B1AA)
807c8000 807f2000 pcmcia pcmcia.sys Thu Nov 02 08:35:13 2006
(4549ADC1)
807f2000 80800000 PCIIDEX PCIIDEX.SYS Sat Jan 19 02:28:18 2008
(47916042)
81a03000 81a14000 disk disk.sys Thu Nov 02 08:51:40 2006
(4549B19C)
81a14000 81a23000 mup mup.sys Thu Nov 02 08:31:04 2006
(4549ACC8)
81a23000 81a59000 volsnap volsnap.sys Fri Oct 26 03:04:17 2007
(47214B21)
81a59000 81ac3000 ksecdd ksecdd.sys Thu Nov 02 08:43:45 2006
(4549AFC1)
81ac3000 81afc000 NETIO NETIO.SYS Mon Jan 14 03:17:13 2008
(478AD439)
81afc000 81c00000 ndis ndis.sys Mon Jan 08 03:51:25 2007
(45A1BFBD)
81c00000 81fa1000 nt ntkrpamp.exe Thu Sep 18 02:56:32 2008
(48D1B550)
81fa1000 81fd5000 hal halmacpi.dll Sun Dec 24 04:05:34 2006
(458DFC8E)
84e01000 84e10000 raspppoe raspppoe.sys Thu Nov 02 08:58:12 2006
(4549B324)
84ea9000 84eb2000 crcdisk crcdisk.sys Thu Nov 02 08:52:27 2006
(4549B1CB)
84eb2000 84ed3000 CLASSPNP CLASSPNP.SYS Thu Nov 02 08:51:34 2006
(4549B196)
84ed3000 84ef8000 ecache ecache.sys Thu Nov 02 08:52:42 2006
(4549B1DA)
84ef8000 85000000 Ntfs Ntfs.sys Sun Dec 16 09:31:37 2007
(4764F079)
8583e000 8583f380 swenum swenum.sys Thu Nov 02 08:51:15 2006
(4549B183)
85c44000 85c51000 crashdmp crashdmp.sys Thu Nov 02 08:51:36 2006
(4549B198)
85c65000 85c6f000 serenum serenum.sys Thu Nov 02 08:51:25 2006
(4549B18D)
85c7f000 85c81400 tosrfec tosrfec.sys Mon Oct 23 08:32:19 2006
(453C7003)
85d80000 85d90000 NDProxy NDProxy.SYS Wed Jul 04 02:28:13 2007
(468AF7AD)
85db0000 85dbf280 ohci1394 ohci1394.sys Thu Nov 02 08:55:16 2006
(4549B274)
88600000 8860b000 kbdclass kbdclass.sys Thu Dec 06 02:18:23 2007
(47575BEF)
8860b000 8861d000 HDAudBus HDAudBus.sys Sat Mar 24 18:54:34 2007
(460573EA)
8861d000 8862b000 usbehci usbehci.sys Tue Apr 10 03:09:19 2007
(461AF1CF)
8862b000 88636000 usbuhci usbuhci.sys Tue Apr 10 03:09:18 2007
(461AF1CE)
88636000 88640f00 HECI HECI.sys Fri Apr 06 17:27:35 2007
(461674F7)
88641000 8864e000 watchdog watchdog.sys Thu Nov 02 08:37:44 2006
(4549AE58)
8864e000 88659000 tunnel tunnel.sys Thu Jun 07 03:57:03 2007
(466773FF)
8867c000 8867ff00 tdcmdpst tdcmdpst.sys Wed Oct 18 03:50:02 2006
(4535965A)
88684000 88687780 CmBatt CmBatt.sys Fri Aug 31 01:57:48 2007
(46D7678C)
886f0000 886f9000 tunmp tunmp.sys Thu Jun 07 03:56:53 2007
(466773F5)
8872f000 88738000 Fs_Rec Fs_Rec.SYS Tue Apr 17 02:26:39 2007
(4624224F)
88738000 88741000 rasacd rasacd.sys Thu Nov 02 08:58:13 2006
(4549B325)
887b8000 887bfd80 tcusb tcusb.sys Sat Oct 28 05:25:50 2006
(4542DBCE)
887d8000 887e0000 RDPCDD RDPCDD.sys Thu Nov 02 09:02:01 2006
(4549B409)
887e0000 887e8000 rdpencdd rdpencdd.sys Thu Nov 02 09:02:01 2006
(4549B409)
88c04000 88c0f000 mouclass mouclass.sys Thu Dec 06 02:18:22 2007
(47575BEE)
88c0f000 88c27000 sdbus sdbus.sys Sat Apr 28 03:10:54 2007
(4632AD2E)
88c27000 88c34080 1394BUS 1394BUS.SYS Thu Nov 02 08:55:12 2006
(4549B270)
88c35000 88cd2000 dxgkrnl dxgkrnl.sys Tue Jul 03 02:01:10 2007
(46899FD6)
88cee000 88cf5000 Null Null.SYS Thu Nov 02 08:51:05 2006
(4549B179)
88cf5000 88cfc000 Beep Beep.SYS Thu Nov 02 08:51:03 2006
(4549B177)
88d2f000 88d42000 i8042prt i8042prt.sys Thu Dec 06 02:18:28 2007
(47575BF4)
88dc5000 88e00000 udfs udfs.sys Thu Nov 02 08:30:57 2006
(4549ACC1)
88e0b000 88e16000 ndistapi ndistapi.sys Wed Jul 04 02:28:09 2007
(468AF7A9)
88e16000 88e41000 msiscsi msiscsi.sys Thu Nov 02 08:52:40 2006
(4549B1D8)
88e41000 88e4f000 intelppm intelppm.sys Thu Nov 02 08:30:18 2006
(4549AC9A)
88e4f000 88e67000 cdrom cdrom.sys Thu Nov 02 08:51:44 2006
(4549B1A0)
88e67000 88e81000 serial serial.sys Thu Nov 02 08:51:29 2006
(4549B191)
88e81000 88e8e000 tpm tpm.sys Thu Nov 02 08:30:07 2006
(4549AC8F)
88e8e000 88e99000 TDI TDI.SYS Thu Nov 02 08:58:46 2006
(4549B346)
88e99000 88ec1000 Apfiltr Apfiltr.sys Wed Aug 30 01:35:58 2006
(44F4DD6E)
88ec1000 88efe000 USBPORT USBPORT.SYS Tue Apr 10 03:09:22 2007
(461AF1D2)
88efe000 88f37000 e1e6032 e1e6032.sys Thu Feb 01 19:39:18 2007
(45C241E6)
88f37000 895ff4a0 nvlddmkm nvlddmkm.sys Tue May 08 06:44:51 2007
(46400E53)
89815000 8983f000 ks ks.sys Thu Nov 02 08:51:18 2006
(4549B186)
8983f000 8984c000 umbus umbus.sys Thu Nov 02 08:55:24 2006
(4549B27C)
8984c000 8985f000 raspptp raspptp.sys Thu Nov 02 08:58:14 2006
(4549B326)
8985f000 89882000 ndiswan ndiswan.sys Thu Nov 02 08:58:13 2006
(4549B325)
89882000 89899000 rasl2tp rasl2tp.sys Thu Nov 02 08:58:13 2006
(4549B325)
89899000 898d9000 storport storport.sys Thu Nov 02 08:51:45 2006
(4549B1A1)
89939000 89943000 mssmbios mssmbios.sys Thu Nov 02 08:35:13 2006
(4549ADC1)
8994d000 89957000 nsiproxy nsiproxy.sys Thu Nov 02 08:57:30 2006
(4549B2FA)
89989000 89993000 Dxapi Dxapi.sys Thu Nov 02 08:38:17 2006
(4549AE79)
899d9000 89c00000 NETw4v32 NETw4v32.sys Fri Apr 27 12:09:35 2007
(4631D9EF)
89e89000 89f10000 rdpdr rdpdr.sys Thu Nov 02 09:02:58 2006
(4549B442)
89f10000 89f1f000 termdd termdd.sys Thu Nov 02 09:02:00 2006
(4549B408)
8a01c000 8a050000 usbhub usbhub.sys Tue Apr 10 03:09:37 2007
(461AF1E1)
8c80c000 8c80d700 USBD USBD.SYS Tue Apr 10 03:09:15 2007
(461AF1CB)
8ca03000 8ca0f000 vga vga.sys Thu Nov 02 08:53:56 2006
(4549B224)
8ca1f000 8ca2c000 modem modem.sys Thu Nov 02 08:58:52 2006
(4549B34C)
8ca2c000 8cb47aa0 AGRSM AGRSM.sys Tue Nov 28 20:10:55 2006
(456C97CF)
8cb48000 8cb6d000 drmk drmk.sys Thu Nov 02 09:20:49 2006
(4549B871)
8cb6d000 8cb9a000 portcls portcls.sys Thu Nov 02 08:55:02 2006
(4549B266)
8ce0b000 8ce16000 Msfs Msfs.SYS Thu Nov 02 08:30:56 2006
(4549ACC0)
8ce56000 8cfff5c0 RTKVHDA RTKVHDA.sys Mon Mar 12 11:29:40 2007
(45F539A4)
8d006000 8d04d000 afd afd.sys Thu Nov 02 08:58:41 2006
(4549B341)
8d04d000 8d061000 smb smb.sys Thu Nov 02 08:57:10 2006
(4549B2E6)
8d061000 8d084000 SYMEVENT SYMEVENT.SYS Sat Dec 16 00:30:34 2006
(45833E2A)
8d084000 8d0b1100 SYMTDI SYMTDI.SYS Tue Jan 09 02:31:16 2007
(45A2FE74)
8d0b2000 8d0c7000 tdx tdx.sys Thu Nov 02 08:57:34 2006
(4549B2FE)
8d0c7000 8d0e0000 fwpkclnt fwpkclnt.sys Thu Nov 02 08:57:26 2006
(4549B2F6)
8d0e0000 8d1b1000 tcpip tcpip.sys Mon Jan 14 03:17:51 2008
(478AD45F)
8d1b1000 8d1bf000 Npfs Npfs.SYS Thu Nov 02 08:30:57 2006
(4549ACC1)
8d1df000 8d200000 VIDEOPRT VIDEOPRT.SYS Thu Nov 02 08:54:07 2006
(4549B22F)
8d633000 8d64a000 dfsc dfsc.sys Thu Nov 02 08:31:04 2006
(4549ACC8)
8d64a000 8d69d000 csc csc.sys Tue Jun 19 01:48:27 2007
(467727DB)
8d69d000 8d6ff000 eeCtrl eeCtrl.sys Tue Nov 28 22:41:47 2006
(456CBB2B)
8d74b000 8d786000 rdbss rdbss.sys Thu Nov 02 08:31:24 2006
(4549ACDC)
8d786000 8d797000 SRTSPX SRTSPX.SYS Fri Jan 12 02:11:05 2007
(45A6EE39)
8d797000 8d7aa000 wanarp wanarp.sys Wed Jul 04 02:28:16 2007
(468AF7B0)
8d7aa000 8d7b8000 netbios netbios.sys Thu Nov 02 08:57:26 2006
(4549B2F6)
8d7b8000 8d7ce000 pacer pacer.sys Wed Jul 04 02:27:33 2007
(468AF785)
8d7ce000 8d800000 netbt netbt.sys Thu Nov 02 08:57:18 2006
(4549B2EE)
8e542000 8e600000 dump_iaStor dump_iaStor.sys Mon Feb 12 20:46:47
2007 (45D0D237)
93000000 93200000 win32k win32k.sys Thu Sep 18 03:02:51 2008
(48D1B6CB)

Unloaded modules:
85c44000 85c51000 crashdmp.sys
Timestamp: unavailable (00000000)
Checksum: 00000000
88d42000 88e00000 dump_iaStor.
Timestamp: unavailable (00000000)
Checksum: 00000000
 
Hi,

Looks like a video driver file, nvlddmkm.sys, is causing the crash. Download
the most recent release for your card, uninstall the current ones and
supporting software, then install the new package. Most don't actually need
the supporting software, and disabling it or not installing the control
panel at all can often avoid these problems.

--
Best of Luck,

Rick Rogers, aka "Nutcase" - Microsoft MVP

Windows help - www.rickrogers.org
My thoughts http://rick-mvp.blogspot.com
 
This may be it although I thought it's the csrss process causing the
problem
and I couldn't find any info on how to troubleshoot it.
Thanks for your help.
yaro
 
Hi,

Looks like a video driver file,nvlddmkm.sys, iscausingthe crash. Download
the most recent release for your card, uninstall the current ones and
supporting software, then install the new package. Most don't actually need
the supporting software, and disabling it or not installing the control
panel at all can often avoid these problems.

--
Best of Luck,

Rick Rogers, aka "Nutcase" - Microsoft MVPhttp://mvp.support.microsoft.com/
Windows help -www.rickrogers.org
My thoughtshttp://rick-mvp.blogspot.com






...

...

read more »- Hide quoted text -

- Show quoted text -
Click to expand...

I was getting this same problem and I tried deleting that file
(nvlddmkm.sys) in safe mode, then updating my driver several times
after rebooting, but every time I reinstalled my nVidia graphics
driver I would always get the BSOD after rebooting. The only thing
that worked was deleting that file and using Vista's generic graphics
device driver. However, after turning off UAC, deleting all of my
temporary inernet files / browsing history from within IE, and then
reinstalling the latest nVidia driver, I rebooted again and it worked
fine! No BSOD. I'm wondering if maybe it was an installed temporary
internet file that was causing the problem?
 
Hi,

Not likely, a TIF file is not loaded into memory unless you open the browser
and access the site it comes from. If this is happening automatically when
you start the system, then it's more symptomatic of a viral infection, and
they don't usually cause blue screens.

Also, you shouldn't just "delete" the offending file, you should completely
uninstall the current video driver supporting software set, reboot and then
install the new set.

--
Best of Luck,

Rick Rogers, aka "Nutcase" - Microsoft MVP

Windows help - www.rickrogers.org
My thoughts http://rick-mvp.blogspot.com

Hi,

Looks like a video driver file,nvlddmkm.sys, iscausingthe crash. Download
the most recent release for your card, uninstall the current ones and
supporting software, then install the new package. Most don't actually
need
the supporting software, and disabling it or not installing the control
panel at all can often avoid these problems.

--
Best of Luck,

Rick Rogers, aka "Nutcase" - Microsoft
MVPhttp://mvp.support.microsoft.com/
Windows help -www.rickrogers.org
My thoughtshttp://rick-mvp.blogspot.com






...

...

read more »- Hide quoted text -

- Show quoted text -
Click to expand...

I was getting this same problem and I tried deleting that file
(nvlddmkm.sys) in safe mode, then updating my driver several times
after rebooting, but every time I reinstalled my nVidia graphics
driver I would always get the BSOD after rebooting. The only thing
that worked was deleting that file and using Vista's generic graphics
device driver. However, after turning off UAC, deleting all of my
temporary inernet files / browsing history from within IE, and then
reinstalling the latest nVidia driver, I rebooted again and it worked
fine! No BSOD. I'm wondering if maybe it was an installed temporary
internet file that was causing the problem?
 
Back
Top