Hi
I've recently bought a dell laptop with Vista Home Edition. I've had it for just over 2 months and I've had about 2 to 3 BSOD when it boots.
The only things I've installed are AVG anti-virus, Commodo Firewall, but the main installation is Flight simulator 2004 with many addons.
I've managed to get a minidump debugged and pasted below
Microsoft (R) Windows Debugger Version 6.8.0004.0 X86
Copyright (c) Microsoft Corporation. All rights reserved.
Loading Dump File [C:\Windows\Minidump\Mini042608-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available
Symbol search path is: SRV*c:\windows\symbols*http://msdl.microsoft.com/download/symbols
Executable search path is:
Windows Vista Kernel Version 6000 MP (2 procs) Free x86 compatible
Product: WinNt, suite: TerminalServer SingleUserTS Personal
Built by: 6000.16575.x86fre.vista_gdr.071009-1548
Kernel base = 0x81c00000 PsLoadedModuleList = 0x81d11e10
Debug session time: Sat Apr 26 19:00:33.234 2008 (GMT+1)
System Uptime: 0 days 0:00:20.124
Loading Kernel Symbols
..................................................................................................................................
Loading User Symbols
Loading unloaded module list
..
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
Use !analyze -v to get detailed debugging information.
BugCheck 1000008E, {c0000005, 81df17c7, 88653134, 0}
Probably caused by : ntkrpamp.exe ( nt!ObpCloseHandle+121 )
Followup: MachineOwner
---------
0: kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
KERNEL_MODE_EXCEPTION_NOT_HANDLED_M (1000008e)
This is a very common bugcheck. Usually the exception address pinpoints
the driver/function that caused the problem. Always note this address
as well as the link date of the driver/image that contains this address.
Some common problems are exception code 0x80000003. This means a hard
coded breakpoint or assertion was hit, but this system was booted
/NODEBUG. This is not supposed to happen as developers should never have
hardcoded breakpoints in retail code, but ...
If this happens, make sure a debugger gets connected, and the
system is booted /DEBUG. This will let us see why this breakpoint is
happening.
Arguments:
Arg1: c0000005, The exception code that was not handled
Arg2: 81df17c7, The address that the exception occurred at
Arg3: 88653134, Trap Frame
Arg4: 00000000
Debugging Details:
------------------
EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x%08lx referenced memory at 0x%08lx. The memory could not be %s.
FAULTING_IP:
nt!ObpCloseHandle+121
81df17c7 c9 leave
TRAP_FRAME: 88653134 -- (.trap 0xffffffff88653134)
ErrCode = 00000000
eax=00000000 ebx=81df17ea ecx=889abba0 edx=83a33054 esi=88653248 edi=886531cc
eip=81df17c7 esp=886531a8 ebp=00000000 iopl=0 nv up ei pl zr na pe nc
cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00010246
nt!ObpCloseHandle+0x121:
81df17c7 c9 leave
Resetting default scope
CUSTOMER_CRASH_COUNT: 1
DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT
BUGCHECK_STR: 0x8E
PROCESS_NAME: System
CURRENT_IRQL: 0
LAST_CONTROL_TRANSFER: from 00000000 to 81df17c7
STACK_TEXT:
00000000 00000000 00000000 00000000 00000000 nt!ObpCloseHandle+0x121
STACK_COMMAND: kb
FOLLOWUP_IP:
nt!ObpCloseHandle+121
81df17c7 c9 leave
SYMBOL_STACK_INDEX: 0
SYMBOL_NAME: nt!ObpCloseHandle+121
FOLLOWUP_NAME: MachineOwner
MODULE_NAME: nt
IMAGE_NAME: ntkrpamp.exe
DEBUG_FLR_IMAGE_TIMESTAMP: 470c2f52
FAILURE_BUCKET_ID: 0x8E_nt!ObpCloseHandle+121
BUCKET_ID: 0x8E_nt!ObpCloseHandle+121
Followup: MachineOwner
---------
0: kd> lmvm nt
start end module name
81c00000 81fa1000 nt (pdb symbols) c:\windows\symbols\ntkrpamp.pdb\E42190E0396449A3882CB6F322CB176E2\ntkrpamp.pdb
Loaded symbol image file: ntkrpamp.exe
Mapped memory image file: c:\windows\symbols\ntkrnlpa.exe\470C2F523a1000\ntkrnlpa.exe
Image path: ntkrpamp.exe
Image name: ntkrpamp.exe
Timestamp: Wed Oct 10 02:48:02 2007 (470C2F52)
CheckSum: 00365AD7
ImageSize: 003A1000
File version: 6.0.6000.16575
Product version: 6.0.6000.16575
File flags: 0 (Mask 3F)
File OS: 40004 NT Win32
File type: 1.0 App
File date: 00000000.00000000
Translations: 0409.04b0
CompanyName: Microsoft Corporation
ProductName: Microsoft® Windows® Operating System
InternalName: ntkrpamp.exe
OriginalFilename: ntkrpamp.exe
ProductVersion: 6.0.6000.16575
FileVersion: 6.0.6000.16575 (vista_gdr.071009-1548)
FileDescription: NT Kernel & System
LegalCopyright: © Microsoft Corporation. All rights reserved.
0: kd> .trap 0xffffffff88653134
ErrCode = 00000000
eax=00000000 ebx=81df17ea ecx=889abba0 edx=83a33054 esi=88653248 edi=886531cc
eip=81df17c7 esp=886531a8 ebp=00000000 iopl=0 nv up ei pl zr na pe nc
cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00010246
nt!ObpCloseHandle+0x121:
81df17c7 c9 leave
Now I have no idea what all this means, but if anyone has any ideas please let me know, so I can decide whether to return it as it's still under warranty or fix it.
Any comments welcome
Thanks
I've recently bought a dell laptop with Vista Home Edition. I've had it for just over 2 months and I've had about 2 to 3 BSOD when it boots.
The only things I've installed are AVG anti-virus, Commodo Firewall, but the main installation is Flight simulator 2004 with many addons.
I've managed to get a minidump debugged and pasted below
Microsoft (R) Windows Debugger Version 6.8.0004.0 X86
Copyright (c) Microsoft Corporation. All rights reserved.
Loading Dump File [C:\Windows\Minidump\Mini042608-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available
Symbol search path is: SRV*c:\windows\symbols*http://msdl.microsoft.com/download/symbols
Executable search path is:
Windows Vista Kernel Version 6000 MP (2 procs) Free x86 compatible
Product: WinNt, suite: TerminalServer SingleUserTS Personal
Built by: 6000.16575.x86fre.vista_gdr.071009-1548
Kernel base = 0x81c00000 PsLoadedModuleList = 0x81d11e10
Debug session time: Sat Apr 26 19:00:33.234 2008 (GMT+1)
System Uptime: 0 days 0:00:20.124
Loading Kernel Symbols
..................................................................................................................................
Loading User Symbols
Loading unloaded module list
..
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
Use !analyze -v to get detailed debugging information.
BugCheck 1000008E, {c0000005, 81df17c7, 88653134, 0}
Probably caused by : ntkrpamp.exe ( nt!ObpCloseHandle+121 )
Followup: MachineOwner
---------
0: kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
KERNEL_MODE_EXCEPTION_NOT_HANDLED_M (1000008e)
This is a very common bugcheck. Usually the exception address pinpoints
the driver/function that caused the problem. Always note this address
as well as the link date of the driver/image that contains this address.
Some common problems are exception code 0x80000003. This means a hard
coded breakpoint or assertion was hit, but this system was booted
/NODEBUG. This is not supposed to happen as developers should never have
hardcoded breakpoints in retail code, but ...
If this happens, make sure a debugger gets connected, and the
system is booted /DEBUG. This will let us see why this breakpoint is
happening.
Arguments:
Arg1: c0000005, The exception code that was not handled
Arg2: 81df17c7, The address that the exception occurred at
Arg3: 88653134, Trap Frame
Arg4: 00000000
Debugging Details:
------------------
EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x%08lx referenced memory at 0x%08lx. The memory could not be %s.
FAULTING_IP:
nt!ObpCloseHandle+121
81df17c7 c9 leave
TRAP_FRAME: 88653134 -- (.trap 0xffffffff88653134)
ErrCode = 00000000
eax=00000000 ebx=81df17ea ecx=889abba0 edx=83a33054 esi=88653248 edi=886531cc
eip=81df17c7 esp=886531a8 ebp=00000000 iopl=0 nv up ei pl zr na pe nc
cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00010246
nt!ObpCloseHandle+0x121:
81df17c7 c9 leave
Resetting default scope
CUSTOMER_CRASH_COUNT: 1
DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT
BUGCHECK_STR: 0x8E
PROCESS_NAME: System
CURRENT_IRQL: 0
LAST_CONTROL_TRANSFER: from 00000000 to 81df17c7
STACK_TEXT:
00000000 00000000 00000000 00000000 00000000 nt!ObpCloseHandle+0x121
STACK_COMMAND: kb
FOLLOWUP_IP:
nt!ObpCloseHandle+121
81df17c7 c9 leave
SYMBOL_STACK_INDEX: 0
SYMBOL_NAME: nt!ObpCloseHandle+121
FOLLOWUP_NAME: MachineOwner
MODULE_NAME: nt
IMAGE_NAME: ntkrpamp.exe
DEBUG_FLR_IMAGE_TIMESTAMP: 470c2f52
FAILURE_BUCKET_ID: 0x8E_nt!ObpCloseHandle+121
BUCKET_ID: 0x8E_nt!ObpCloseHandle+121
Followup: MachineOwner
---------
0: kd> lmvm nt
start end module name
81c00000 81fa1000 nt (pdb symbols) c:\windows\symbols\ntkrpamp.pdb\E42190E0396449A3882CB6F322CB176E2\ntkrpamp.pdb
Loaded symbol image file: ntkrpamp.exe
Mapped memory image file: c:\windows\symbols\ntkrnlpa.exe\470C2F523a1000\ntkrnlpa.exe
Image path: ntkrpamp.exe
Image name: ntkrpamp.exe
Timestamp: Wed Oct 10 02:48:02 2007 (470C2F52)
CheckSum: 00365AD7
ImageSize: 003A1000
File version: 6.0.6000.16575
Product version: 6.0.6000.16575
File flags: 0 (Mask 3F)
File OS: 40004 NT Win32
File type: 1.0 App
File date: 00000000.00000000
Translations: 0409.04b0
CompanyName: Microsoft Corporation
ProductName: Microsoft® Windows® Operating System
InternalName: ntkrpamp.exe
OriginalFilename: ntkrpamp.exe
ProductVersion: 6.0.6000.16575
FileVersion: 6.0.6000.16575 (vista_gdr.071009-1548)
FileDescription: NT Kernel & System
LegalCopyright: © Microsoft Corporation. All rights reserved.
0: kd> .trap 0xffffffff88653134
ErrCode = 00000000
eax=00000000 ebx=81df17ea ecx=889abba0 edx=83a33054 esi=88653248 edi=886531cc
eip=81df17c7 esp=886531a8 ebp=00000000 iopl=0 nv up ei pl zr na pe nc
cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00010246
nt!ObpCloseHandle+0x121:
81df17c7 c9 leave
Now I have no idea what all this means, but if anyone has any ideas please let me know, so I can decide whether to return it as it's still under warranty or fix it.
Any comments welcome
Thanks
