Windows 2008 crash dump am i reading this right ?

is this the exe that caused the BSOD , i really have never looked at this stuff in this much detail

WmiApSrv.exe is what i am looking at deeper , am i correct????






rosoft (R) Windows Debugger Version 6.11.0001.402 AMD64
Copyright (c) Microsoft Corporation. All rights reserved.


Loading Dump File [C:\DUMP\MEMORY.DMP]
Kernel Summary Dump File: Only kernel address space is available

Symbol search path is: SRV*C:\Symbols*http://msdl.microsoft.com/download/symbols
Executable search path is:
Windows 7 Kernel Version 7600 MP (16 procs) Free x64
Product: Server, suite: Enterprise TerminalServer SingleUserTS
Built by: 7600.16841.amd64fre.win7_gdr.110622-1503
Machine Name:
Kernel base = 0xfffff800`01a4d000 PsLoadedModuleList = 0xfffff800`01c8ae70
Debug session time: Wed Oct 12 15:43:01.372 2011 (GMT-4)
System Uptime: 0 days 0:06:34.808
Loading Kernel Symbols
...............................................................
.........................................................Page f95a7d not present in the dump file. Type ".hh dbgerr004" for details
..Page 1038a4f not present in the dump file. Type ".hh dbgerr004" for details
..Page 7c1dae not present in the dump file. Type ".hh dbgerr004" for details
...
.....................
Loading User Symbols
PEB is paged out (Peb.Ldr = 000007ff`fffd6018).  Type ".hh dbgerr001" for details
Loading unloaded module list
....
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck 19, {20, fffffa803dd88000, fffffa803dd88380, c380000}

Page 1038a4f not present in the dump file. Type ".hh dbgerr004" for details
Page f95a7d not present in the dump file. Type ".hh dbgerr004" for details
Page f95a7d not present in the dump file. Type ".hh dbgerr004" for details
Page 1038a4f not present in the dump file. Type ".hh dbgerr004" for details
Page 7c1dae not present in the dump file. Type ".hh dbgerr004" for details
PEB is paged out (Peb.Ldr = 000007ff`fffd6018).  Type ".hh dbgerr001" for details
Page f95a7d not present in the dump file. Type ".hh dbgerr004" for details
Page 1038a4f not present in the dump file. Type ".hh dbgerr004" for details
Page 7c1dae not present in the dump file. Type ".hh dbgerr004" for details
PEB is paged out (Peb.Ldr = 000007ff`fffd6018).  Type ".hh dbgerr001" for details
Probably caused by : WmiApSrv.exe

Followup: MachineOwner
---------

6: kd> !analyze -v
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

BAD_POOL_HEADER (19)
The pool is already corrupt at the time of the current request.
This may or may not be due to the caller.
The internal pool links must be walked to figure out a possible cause of
the problem, and then special pool applied to the suspect tags or the driver
verifier to a suspect driver.
Arguments:
Arg1: 0000000000000020, a pool block header size is corrupt.
Arg2: fffffa803dd88000, The pool entry we were looking for within the page.
Arg3: fffffa803dd88380, The next pool entry.
Arg4: 000000000c380000, (reserved)

Debugging Details:
------------------

Page 1038a4f not present in the dump file. Type ".hh dbgerr004" for details
Page f95a7d not present in the dump file. Type ".hh dbgerr004" for details
Page f95a7d not present in the dump file. Type ".hh dbgerr004" for details
Page 1038a4f not present in the dump file. Type ".hh dbgerr004" for details
Page 7c1dae not present in the dump file. Type ".hh dbgerr004" for details
PEB is paged out (Peb.Ldr = 000007ff`fffd6018).  Type ".hh dbgerr001" for details
Page f95a7d not present in the dump file. Type ".hh dbgerr004" for details
Page 1038a4f not present in the dump file. Type ".hh dbgerr004" for details
Page 7c1dae not present in the dump file. Type ".hh dbgerr004" for details
PEB is paged out (Peb.Ldr = 000007ff`fffd6018).  Type ".hh dbgerr001" for details

BUGCHECK_STR:  0x19_20

POOL_ADDRESS:  fffffa803dd88000 Nonpaged pool

DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT

PROCESS_NAME:  WmiApSrv.exe

CURRENT_IRQL:  1

IRP_ADDRESS:  fffffa803dd87fc8

LAST_CONTROL_TRANSFER:  from fffff80001bf06d3 to fffff80001abd5c0

STACK_TEXT:  
fffff880`0b8d3648 fffff800`01bf06d3 : 00000000`00000019 00000000`00000020 fffffa80`3dd88000 fffffa80`3dd88380 : nt!KeBugCheckEx
fffff880`0b8d3650 fffff800`01adcbee : 00000000`a0000003 00000000`0b8d3740 fffff6fb`20206f49 00000000`00000001 : nt!ExDeferredFreePool+0x12c4
fffff880`0b8d3700 fffff800`01abff76 : fffffa80`3dd88040 fffffa80`00000000 00000000`00000001 fffff8a0`047567f0 : nt!IopCompleteRequest+0x5ce
fffff880`0b8d37d0 fffff800`01d4b7ea : fffffa80`3dad4f20 fffffa80`20707200 fffff880`00800530 00000000`00000000 : nt!IopfCompleteRequest+0x6f6
fffff880`0b8d38c0 fffff800`01dd5597 : fffffa80`3dad4f20 fffff880`0b8d3ca0 fffff880`0b8d3ca0 fffffa80`3d891910 : nt!WmipIoControl+0xd6
fffff880`0b8d3a10 fffff800`01dd5df6 : 00000000`00000000 00000000`000001e0 00000000`00000000 00000000`00000000 : nt!IopXxxControlFile+0x607
fffff880`0b8d3b40 fffff800`01abc813 : 00000000`0000044e 00000000`00000001 fffff880`0b8d3bc8 0000007f`ffffffff : nt!NtDeviceIoControlFile+0x56
fffff880`0b8d3bb0 00000000`775bf72a : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x13
00000000`00d4f168 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x775bf72a


STACK_COMMAND:  kb

PROCESS_OBJECT: fffffa80701d7b30

FOLLOWUP_NAME:  MachineOwner

MODULE_NAME: WmiApSrv

IMAGE_NAME:  WmiApSrv.exe

DEBUG_FLR_IMAGE_TIMESTAMP:  0

FAILURE_BUCKET_ID:  X64_0x19_20_IMAGE_WmiApSrv.exe

BUCKET_ID:  X64_0x19_20_IMAGE_WmiApSrv.exe

Followup: MachineOwner
LVL 1
NAMEWITHELD12Asked:
Who is Participating?
 
jrhelgesonConnect With a Mentor Commented:
I'd need more information - what is the precursor to the crash? When does this happen. How often does it happen?
Yes, it appears that the WmiApSrv.exe is involved, but is it the cause, or is it the victim?

Joel
0
 
NAMEWITHELD12Author Commented:
well what happened is the box stopped responding and it has done this only one time . i could not ping it or anyhting , black screen on it , had to power cycle it

it happend at about 330 in the afternoon
0
All Courses

From novice to tech pro — start learning today.