Hall of Fame

1. johnb6767829,221
2. flubbster541,468
3. LeeTutor448,580
4. nobus412,140
5. jcimarron395,713
6. dstewartjr316,641
7. dbrunton300,080
8. Jonvee290,103
9. houssam...280,539
10. MASQUE...240,856
11. MightySW201,525
12. orangutang195,421
13. garycase172,182
14. KCTS171,287
15. carrzkiss167,966
16. leew164,872
17. oBdA162,864
18. rpggamer...154,927
19. torimar154,885
20. optoma146,429
21. noxcho139,861
22. burrcm132,284
23. BitsBytes...122,781
24. rindi122,732
25. thinkpads...122,191

1. Sheharya...3,803,683
2. LeeTutor3,791,650
3. johnb67672,574,071
4. sramesh2k2,050,244
5. and235...1,991,387
6. war11,878,192
7. KCTS1,787,719
8. nobus1,701,653
9. sirbounty1,606,591
10. Merete1,544,830
11. CrazyOne1,345,842
12. leew1,122,557
13. flubbster1,043,006
14. Kenneniah1,039,003
15. Fatal_Ex...979,967
16. orangutang968,166
17. slam69923,320
18. sunray_...893,020
19. Jonvee889,010
20. rindi863,861
21. rpggamer...813,242
22. PeteLong763,127
23. garycase750,331
24. gemarti727,102
25. jcimarron722,795

	[x] Posted via EE Mobile
	Search, ask, and monitor your questions on the go with EE Mobile. Visit Experts Exchange from your mobile device and never be out of touch again.

Question

	[x] Attachment Details

[x]

The Solution Rating System

With so many solutions, how can you tell which solutions are most likely to help you and which ones are not? To provide you with a tool to use, we rate our solutions based on various elements that most accurately determine if a solution is a quality solution. To explain what factors affect the solution rating, here are the elements we take into consideration when formulating our solution rating.

The Grade of the Solution
The Zone Rank of the Expert Providing the Solution
The Number of Author and Expert Comments
The Number of Experts Contributing
The Feedback of the Community

Your Input Matters
Because of the way the system is set up, the most important variable in this equation is you. As a member of Experts Exchange, you are able to cast your vote on the quality of the solutions in regard to how complete, accurate, helpful and easy to understand each solution is. When you provide your feedback, each rating is adjusted accordingly. So, if you see a solution that has a poor rating that you think is a good solution, let us know by rating it. As you do, the rating will be adjusted and will become more accurate for other members of our site.

If you have any suggestions that you would like to make for our rating system, please ask a question in the Suggestions Zone of Community Support.

Thank you!

5.2

Intermittent reboot after shutdown with bugcheck d1

Asked by sjeter in Windows XP Operating System

I installed the Windows Debugger and had trouble getting the Microsoft link to the Symbols path to work. I read somewhere that you need high-speed internet for that, which I don't have. I also read that the symbols were on the SP2 CD, so I installed them, first on my secondary drive, and then copied them to the Windows folder. For the Symbol path, I have C:\WINDOWS\Symbols\ and for the Image file path I have C:\WINDOWS\system32\ . When I load the minidump, this is what I get (including the analyze command):

Microsoft (R) Windows Debugger Version 6.6.0003.5
Copyright (c) Microsoft Corporation. All rights reserved.

Loading Dump File [C:\WINDOWS\Minidump\Mini022506-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available

Symbol search path is: C:\WINDOWS\Symbols\
Executable search path is: C:\WINDOWS\system32\
*** ERROR: Symbol file could not be found. Defaulted to export symbols for ntoskrnl.exe -
Windows XP Kernel Version 2600 (Service Pack 2) UP Free x86 compatible
Product: WinNt, suite: TerminalServer SingleUserTS Personal
Built by: 2600.xpsp_sp2_gdr.050301-1519
Kernel base = 0x804d7000 PsLoadedModuleList = 0x8055a420
Debug session time: Sat Feb 25 07:39:59.823 2006 (GMT-6)
System Uptime: 0 days 0:53:12.488
*** ERROR: Symbol file could not be found. Defaulted to export symbols for ntoskrnl.exe -
Loading Kernel Symbols
.................................................................................................................................................
Loading User Symbols
Loading unloaded module list
..............
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck 100000D1, {f7bc29c2, 2, 0, f7bc29c2}

***** Kernel symbols are WRONG. Please fix symbols to do analysis.

*************************************************************************
*** ***
*** ***
*** Your debugger is not using the correct symbols ***
*** ***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!_KPRCB ***
*** ***
*************************************************************************
Probably caused by : COMFiltr.sys ( COMFiltr+9c2 )

Followup: MachineOwner
---------

kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************

DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1)
An attempt was made to access a pageable (or completely invalid) address at an
interrupt request level (IRQL) that is too high. This is usually
caused by drivers using improper addresses.
If kernel debugger is available get stack backtrace.
Arguments:
Arg1: f7bc29c2, memory referenced
Arg2: 00000002, IRQL
Arg3: 00000000, value 0 = read operation, 1 = write operation
Arg4: f7bc29c2, address which referenced memory

Debugging Details:
------------------

***** Kernel symbols are WRONG. Please fix symbols to do analysis.

*************************************************************************
*** ***
*** ***
*** Your debugger is not using the correct symbols ***
*** ***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!_KPRCB ***
*** ***
*************************************************************************

FAULTING_MODULE: 804d7000 nt

DEBUG_FLR_IMAGE_TIMESTAMP: 0

READ_ADDRESS: unable to get nt!MmSpecialPoolStart
unable to get nt!MmSpecialPoolEnd
unable to get nt!MmPoolCodeStart
unable to get nt!MmPoolCodeEnd
f7bc29c2

CURRENT_IRQL: 2

FAULTING_IP:
COMFiltr+9c2
f7bc29c2 ?? ???

CUSTOMER_CRASH_COUNT: 1

DEFAULT_BUCKET_ID: DRIVER_FAULT

BUGCHECK_STR: 0xD1

IP_MODULE_UNLOADED:
COMFiltr+9c2
f7bc29c2 ?? ???

LAST_CONTROL_TRANSFER: from 804e37f7 to f7bc29c2

FAILED_INSTRUCTION_ADDRESS:
COMFiltr+9c2
f7bc29c2 ?? ???

STACK_TEXT:
WARNING: Frame IP not in any known module. Following frames may be wrong.
b8b12978 804e37f7 86c6fc68 8569c558 8569c558 <Unloaded_COMFiltr.sys>+0x9c2
b8b129a0 b8bd40db 86bad008 853da064 b8b129d4 nt!IofCallDriver+0x32
b8b129b0 f74ec204 852a5008 86bad008 853da064 asyncmac!MpSend+0x1d
b8b129d4 f69d01ae 004615f8 86bad008 853da064 NDIS!ndisMWanSend+0xe2
b8b12a00 f69d0866 85628604 856283d0 86c32bdc ndiswan!SendOnLegacyLink+0xd2
b8b12a5c f69d09bf 86c325d8 00000012 853da008 ndiswan!FramePacket+0x255
b8b12a98 f69d0bbc 86c325d8 01c32bdc b8b12acf ndiswan!SendFromPPP+0x11b
b8b12ad0 f69d0e8e 00c325d8 00000000 852fc640 ndiswan!SendPacketOnBundle+0x60
b8b12b08 f69c85fe 856283d0 86c325d8 852fc640 ndiswan!BuildIoPacket+0x1ad
b8b12b30 f69c798c 852fc640 000005f0 852fc640 ndiswan!IoSendPacket+0x117
b8b12b4c f69ca280 0000000a 852fc640 000005f0 ndiswan!ExecuteIo+0x28
b8b12b80 f74dc4bb 86ba9030 852fc640 8536d230 ndiswan!NdisWanIoctl+0x77
b8b12b98 f74dc947 86ba9030 852ee5b0 86c3c030 NDIS!ndisDummyIrpHandler+0x48
b8b12c34 804e37f7 86ba9030 852ee5b0 806ee2d0 NDIS!ndisDeviceControlIrpHandler+0x5c
b8b12c58 80579a8a 86ba9030 852ee5b0 86d0b608 nt!IofCallDriver+0x32
b8b12d00 8057bfa5 00001134 00001499 00000000 nt!IoCreateFileSpecifyDeviceObjectHint+0x347
b8b12d34 804de7ec 00001134 00001499 00000000 nt!NtDeviceIoControlFile+0x2a
b8b12ddc 804fa4da f74dbb85 86d75a38 00000000 nt!ZwYieldExecution+0xb78
b8b12de0 f74dbb84 86d75a38 00000000 0000027f nt!KeInitializeTimer+0x107
b8b12de4 86d75a38 00000000 0000027f 03860000 NDIS!___PchSym_+0xc
f74dbb85 08458bec 3bf63356 840f57c6 00006fb1 0x86d75a38
f74dbb89 3bf63356 840f57c6 00006fb1 54bff08b 0x8458bec
f74dbb8d 840f57c6 00006fb1 54bff08b a5f74db4 0x3bf63356
f74dbb91 00000000 54bff08b a5f74db4 ffa5a5a5 0x840f57c6

STACK_COMMAND: .bugcheck ; kb

FOLLOWUP_IP:
COMFiltr+9c2
f7bc29c2 ?? ???

FAULTING_SOURCE_CODE:

SYMBOL_STACK_INDEX: 0

FOLLOWUP_NAME: MachineOwner

SYMBOL_NAME: COMFiltr+9c2

MODULE_NAME: COMFiltr

IMAGE_NAME: COMFiltr.sys

BUCKET_ID: WRONG_SYMBOLS

Followup: MachineOwner
---------

View the Solution FREE for 30 Days

20091111-EE-VQP-92

Intermittent reboot after shutdown with bugcheck d1

Asked by sjeter in Windows XP Operating System

About this solution