BSOD DRIVER_IRQL_NOT_LESS_OR_EQUAL referencing Wdf01000.sys

  • Thread starter Thread starter Slater35
  • Start date Start date
S

Slater35

I build and maintain a Windows 7 Enterprise 64bit image for my company. Whenever we receive a new series of laptop I have to make sure the drivers are up to date. Recently we received the new Lenovo T440 and X240 series of laptops. During my first attempts to update the images drivers to support the new laptops I began receiving random BSOD's which seemed to blame Wdf01000.sys. This has never happened before. After much struggling I decided that there must be other drivers conflicting. I then undertook the project of building a new image from scratch and devised some VB scripts that would detect the model laptop and install the drivers for that laptop at the first logon. Everything seemed to work great, until I again received the same BSOD. I'm at a loss over what could be the cause. I'm using all the latest drivers obtained from Lenovo. Below is the MiniDump from the latest BSOD. If anyone can help me identify the cause it would be much appreciated.



Microsoft (R) Windows Debugger Version 6.12.0002.633 AMD64
Copyright (c) Microsoft Corporation. All rights reserved.


Loading Dump File [E:\060414-20155-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available

Symbol search path is: SRV*c:\symbols*http://msdl.microsoft.com/download/symbols
Executable search path is:
Windows 7 Kernel Version 7601 (Service Pack 1) MP (4 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 7601.18409.amd64fre.win7sp1_gdr.140303-2144
Machine Name:
Kernel base = 0xfffff800`03218000 PsLoadedModuleList = 0xfffff800`0345b890
Debug session time: Wed Jun 4 14:58:50.990 2014 (UTC - 4:00)
System Uptime: 0 days 2:56:37.737
Loading Kernel Symbols
...............................................................
................................................................
...................................................
Loading User Symbols
Loading unloaded module list
...........
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck D1, {10, 2, 0, fffff88000eff294}

Probably caused by : Wdf01000.sys ( Wdf01000!FxIrpQueue::RemoveNextIrpFromQueue+14 )

Followup: MachineOwner
---------

3: kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************

DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1)
An attempt was made to access a pageable (or completely invalid) address at an
interrupt request level (IRQL) that is too high. This is usually
caused by drivers using improper addresses.
If kernel debugger is available get stack backtrace.
Arguments:
Arg1: 0000000000000010, memory referenced
Arg2: 0000000000000002, IRQL
Arg3: 0000000000000000, value 0 = read operation, 1 = write operation
Arg4: fffff88000eff294, address which referenced memory

Debugging Details:
------------------


READ_ADDRESS: GetPointerFromAddress: unable to read from fffff800034c5100
0000000000000010

CURRENT_IRQL: 2

FAULTING_IP:
Wdf01000!FxIrpQueue::RemoveNextIrpFromQueue+14
fffff880`00eff294 498b81b8000000 mov rax,qword ptr [r9+0B8h]

CUSTOMER_CRASH_COUNT: 1

DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT

BUGCHECK_STR: 0xD1

PROCESS_NAME: System

TRAP_FRAME: fffff880033ff420 -- (.trap 0xfffff880033ff420)
NOTE: The trap frame does not contain all registers.
Some register values may be zeroed or incorrect.
rax=fffffa800cb21690 rbx=0000000000000000 rcx=0000000000000000
rdx=fffffa800cb21690 rsi=0000000000000000 rdi=0000000000000000
rip=fffff88000eff294 rsp=fffff880033ff5b8 rbp=fffff880033ff640
r8=fffff880033ff600 r9=ffffffffffffff58 r10=fffffa8009d38cf8
r11=fffffa800cb21690 r12=0000000000000000 r13=0000000000000000
r14=0000000000000000 r15=0000000000000000
iopl=0 nv up ei ng nz na po nc
Wdf01000!FxIrpQueue::RemoveNextIrpFromQueue+0x14:
fffff880`00eff294 498b81b8000000 mov rax,qword ptr [r9+0B8h] ds:7c30:00000000`00000010=????????????????
Resetting default scope

LAST_CONTROL_TRANSFER: from fffff8000328d169 to fffff8000328dbc0

STACK_TEXT:
fffff880`033ff2d8 fffff800`0328d169 : 00000000`0000000a 00000000`00000010 00000000`00000002 00000000`00000000 : nt!KeBugCheckEx
fffff880`033ff2e0 fffff800`0328bde0 : fffff880`033ff400 fffff800`0329885c fffff880`033ff4c0 00000000`00000000 : nt!KiBugCheckDispatch+0x69
fffff880`033ff420 fffff880`00eff294 : fffff880`00f03c69 fffffa80`0a72d4a0 fffffa80`0daf8580 fffffa80`0cb21690 : nt!KiPageFault+0x260
fffff880`033ff5b8 fffff880`00f03c69 : fffffa80`0a72d4a0 fffffa80`0daf8580 fffffa80`0cb21690 00000000`00000000 : Wdf01000!FxIrpQueue::RemoveNextIrpFromQueue+0x14
fffff880`033ff5c0 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : Wdf01000!FxRequest::GetNextRequest+0x29


STACK_COMMAND: kb

FOLLOWUP_IP:
Wdf01000!FxIrpQueue::RemoveNextIrpFromQueue+14
fffff880`00eff294 498b81b8000000 mov rax,qword ptr [r9+0B8h]

SYMBOL_STACK_INDEX: 3

SYMBOL_NAME: Wdf01000!FxIrpQueue::RemoveNextIrpFromQueue+14

FOLLOWUP_NAME: MachineOwner

MODULE_NAME: Wdf01000

IMAGE_NAME: Wdf01000.sys

DEBUG_FLR_IMAGE_TIMESTAMP: 51c51641

FAILURE_BUCKET_ID: X64_0xD1_Wdf01000!FxIrpQueue::RemoveNextIrpFromQueue+14

BUCKET_ID: X64_0xD1_Wdf01000!FxIrpQueue::RemoveNextIrpFromQueue+14

Followup: MachineOwner
---------

Continue reading...
 

Similar threads

J
BSOD tcpip.sys
Replies
0
Views
183
JacobColtman
J
AWS
I keep getting the error bluse screen and pc restart: Unexpected_Kernel_Mode_Trap nvlddmkm.sys what
Replies
0
Views
257
AWS
AWS
T
BSOD fails with my new computer need help!!!
Replies
0
Views
185
thetravis0916
T
AWS
Windows 8 can't wake up from Sleep on brand new Lenovo laptop, Minidump included
Replies
0
Views
248
AWS
AWS
AWS
BSOD While Watching Netflix
Replies
0
Views
155
AWS
AWS
Back
Top