Hi
I keep getting a bsod when I convert video from one format to another. I looked at the event viewer on system and it said
"The following boot-start or system-start driver(s) failed to load:
Aspi32"
Here is a full dump file from Win dbg
Microsoft (R) Windows Debugger Version 6.11.0001.404 AMD64
Copyright (c) Microsoft Corporation. All rights reserved.
Loading Dump File [C:\Windows\MEMORY.DMP]
Kernel Summary Dump File: Only kernel address space is available
Symbol search path is: SRV*c:\symbols*Symbol information
Executable search path is:
Windows Server 2008/Windows Vista Kernel Version 6001 (Service Pack 1) MP (4 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 6001.18226.amd64fre.vistasp1_gdr.090302-1506
Machine Name:
Kernel base = 0xfffff800`02004000 PsLoadedModuleList = 0xfffff800`021c9db0
Debug session time: Sat Aug 1 11:50:24.661 2009 (GMT+1)
System Uptime: 0 days 18:00:25.493
Loading Kernel Symbols
...............................................................
................................................................
........................
Loading User Symbols
PEB is paged out (Peb.Ldr = 000007ff`fffdf018). Type ".hh dbgerr001" for details
Loading unloaded module list
..........
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
Use !analyze -v to get detailed debugging information.
BugCheck C5, {8, 2, 1, fffff80002137369}
Page a633f not present in the dump file. Type ".hh dbgerr004" for details
PEB is paged out (Peb.Ldr = 000007ff`fffdf018). Type ".hh dbgerr001" for details
PEB is paged out (Peb.Ldr = 000007ff`fffdf018). Type ".hh dbgerr001" for details
Probably caused by : ntkrnlmp.exe ( nt!ExAllocatePoolWithTag+359 )
Followup: MachineOwner
---------
2: kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
DRIVER_CORRUPTED_EXPOOL (c5)
An attempt was made to access a pageable (or completely invalid) address at an
interrupt request level (IRQL) that is too high. This is
caused by drivers that have corrupted the system pool. Run the driver
verifier against any new (or suspect) drivers, and if that doesn't turn up
the culprit, then use gflags to enable special pool.
Arguments:
Arg1: 0000000000000008, memory referenced
Arg2: 0000000000000002, IRQL
Arg3: 0000000000000001, value 0 = read operation, 1 = write operation
Arg4: fffff80002137369, address which referenced memory
Debugging Details:
------------------
Page a633f not present in the dump file. Type ".hh dbgerr004" for details
PEB is paged out (Peb.Ldr = 000007ff`fffdf018). Type ".hh dbgerr001" for details
PEB is paged out (Peb.Ldr = 000007ff`fffdf018). Type ".hh dbgerr001" for details
BUGCHECK_STR: 0xC5_2
CURRENT_IRQL: 2
FAULTING_IP:
nt!ExAllocatePoolWithTag+359
fffff800`02137369 48895808 mov qword ptr [rax+8],rbx
DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT
PROCESS_NAME: svchost.exe
TRAP_FRAME: fffffa6009565790 -- (.trap 0xfffffa6009565790)
NOTE: The trap frame does not contain all registers.
Some register values may be zeroed or incorrect.
rax=0000000000000000 rbx=0000000000000000 rcx=fffffa800800c290
rdx=0000000000000000 rsi=0000000000000000 rdi=0000000000000000
rip=fffff80002137369 rsp=fffffa6009565920 rbp=0000000000000000
r8=fffff8000222f580 r9=fffff80002004000 r10=0000000000000001
r11=0000000000000002 r12=0000000000000000 r13=0000000000000000
r14=0000000000000000 r15=0000000000000000
iopl=0 nv up ei pl nz ac pe nc
nt!ExAllocatePoolWithTag+0x359:
fffff800`02137369 48895808 mov qword ptr [rax+8],rbx ds:00000000`00000008=????????????????
Resetting default scope
LAST_CONTROL_TRANSFER: from fffff800020583ee to fffff80002058650
STACK_TEXT:
fffffa60`09565648 fffff800`020583ee : 00000000`0000000a 00000000`00000008 00000000`00000002 00000000`00000001 : nt!KeBugCheckEx
fffffa60`09565650 fffff800`020572cb : 00000000`00000001 fffffa60`095657f0 fffffa80`09dca800 fffff800`021971f8 : nt!KiBugCheckDispatch+0x6e
fffffa60`09565790 fffff800`02137369 : fffffa80`07d840d0 fffff800`02197160 00000000`00000801 00000000`000007ff : nt!KiPageFault+0x20b
fffffa60`09565920 fffff800`0209f95a : 00000000`20706349 00000000`00001000 00000000`20706349 fffff800`00000000 : nt!ExAllocatePoolWithTag+0x359
fffffa60`095659f0 fffff800`02291ff3 : 00000000`00810000 00000000`00000200 00000000`00003038 00000000`00008000 : nt!ExAllocatePoolWithTagPriority+0x4a
fffffa60`09565a70 fffff800`022789e2 : 00000000`6e496c41 fffffa80`07f76000 fffffa80`07f78510 00000000`00000189 : nt!IopAllocateMiniCompletionPacket+0xd3
fffffa60`09565ab0 fffff800`0224ab33 : fffff880`0f35bc30 fffffa60`09565ca0 fffffa80`09de8e60 00000000`00000000 : nt!AlpcpAllocateCompletionPacketLookaside+0x82
fffffa60`09565ae0 fffff800`02278e47 : fffffa80`09de8e60 00000000`00000001 00000000`00000018 00000000`00000002 : nt!AlpcpInitializeCompletionList+0x207
fffffa60`09565b60 fffff800`020580f3 : fffffa80`09de8e60 fffffa80`07453500 00000000`00250d80 fffffa80`0a04b040 : nt!NtAlpcSetInformation+0x2ce
fffffa60`09565c20 00000000`77b262da : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x13
00000000`01aaf788 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x77b262da
STACK_COMMAND: kb
FOLLOWUP_IP:
nt!ExAllocatePoolWithTag+359
fffff800`02137369 48895808 mov qword ptr [rax+8],rbx
SYMBOL_STACK_INDEX: 3
SYMBOL_NAME: nt!ExAllocatePoolWithTag+359
FOLLOWUP_NAME: MachineOwner
MODULE_NAME: nt
IMAGE_NAME: ntkrnlmp.exe
DEBUG_FLR_IMAGE_TIMESTAMP: 49ac93e1
FAILURE_BUCKET_ID: X64_0xC5_2_nt!ExAllocatePoolWithTag+359
BUCKET_ID: X64_0xC5_2_nt!ExAllocatePoolWithTag+359
Followup: MachineOwner
---------
Here is a picture of a program showing me the Aspi32 driver
I keep getting a bsod when I convert video from one format to another. I looked at the event viewer on system and it said
"The following boot-start or system-start driver(s) failed to load:
Aspi32"
Here is a full dump file from Win dbg
Microsoft (R) Windows Debugger Version 6.11.0001.404 AMD64
Copyright (c) Microsoft Corporation. All rights reserved.
Loading Dump File [C:\Windows\MEMORY.DMP]
Kernel Summary Dump File: Only kernel address space is available
Symbol search path is: SRV*c:\symbols*Symbol information
Executable search path is:
Windows Server 2008/Windows Vista Kernel Version 6001 (Service Pack 1) MP (4 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 6001.18226.amd64fre.vistasp1_gdr.090302-1506
Machine Name:
Kernel base = 0xfffff800`02004000 PsLoadedModuleList = 0xfffff800`021c9db0
Debug session time: Sat Aug 1 11:50:24.661 2009 (GMT+1)
System Uptime: 0 days 18:00:25.493
Loading Kernel Symbols
...............................................................
................................................................
........................
Loading User Symbols
PEB is paged out (Peb.Ldr = 000007ff`fffdf018). Type ".hh dbgerr001" for details
Loading unloaded module list
..........
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
Use !analyze -v to get detailed debugging information.
BugCheck C5, {8, 2, 1, fffff80002137369}
Page a633f not present in the dump file. Type ".hh dbgerr004" for details
PEB is paged out (Peb.Ldr = 000007ff`fffdf018). Type ".hh dbgerr001" for details
PEB is paged out (Peb.Ldr = 000007ff`fffdf018). Type ".hh dbgerr001" for details
Probably caused by : ntkrnlmp.exe ( nt!ExAllocatePoolWithTag+359 )
Followup: MachineOwner
---------
2: kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
DRIVER_CORRUPTED_EXPOOL (c5)
An attempt was made to access a pageable (or completely invalid) address at an
interrupt request level (IRQL) that is too high. This is
caused by drivers that have corrupted the system pool. Run the driver
verifier against any new (or suspect) drivers, and if that doesn't turn up
the culprit, then use gflags to enable special pool.
Arguments:
Arg1: 0000000000000008, memory referenced
Arg2: 0000000000000002, IRQL
Arg3: 0000000000000001, value 0 = read operation, 1 = write operation
Arg4: fffff80002137369, address which referenced memory
Debugging Details:
------------------
Page a633f not present in the dump file. Type ".hh dbgerr004" for details
PEB is paged out (Peb.Ldr = 000007ff`fffdf018). Type ".hh dbgerr001" for details
PEB is paged out (Peb.Ldr = 000007ff`fffdf018). Type ".hh dbgerr001" for details
BUGCHECK_STR: 0xC5_2
CURRENT_IRQL: 2
FAULTING_IP:
nt!ExAllocatePoolWithTag+359
fffff800`02137369 48895808 mov qword ptr [rax+8],rbx
DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT
PROCESS_NAME: svchost.exe
TRAP_FRAME: fffffa6009565790 -- (.trap 0xfffffa6009565790)
NOTE: The trap frame does not contain all registers.
Some register values may be zeroed or incorrect.
rax=0000000000000000 rbx=0000000000000000 rcx=fffffa800800c290
rdx=0000000000000000 rsi=0000000000000000 rdi=0000000000000000
rip=fffff80002137369 rsp=fffffa6009565920 rbp=0000000000000000
r8=fffff8000222f580 r9=fffff80002004000 r10=0000000000000001
r11=0000000000000002 r12=0000000000000000 r13=0000000000000000
r14=0000000000000000 r15=0000000000000000
iopl=0 nv up ei pl nz ac pe nc
nt!ExAllocatePoolWithTag+0x359:
fffff800`02137369 48895808 mov qword ptr [rax+8],rbx ds:00000000`00000008=????????????????
Resetting default scope
LAST_CONTROL_TRANSFER: from fffff800020583ee to fffff80002058650
STACK_TEXT:
fffffa60`09565648 fffff800`020583ee : 00000000`0000000a 00000000`00000008 00000000`00000002 00000000`00000001 : nt!KeBugCheckEx
fffffa60`09565650 fffff800`020572cb : 00000000`00000001 fffffa60`095657f0 fffffa80`09dca800 fffff800`021971f8 : nt!KiBugCheckDispatch+0x6e
fffffa60`09565790 fffff800`02137369 : fffffa80`07d840d0 fffff800`02197160 00000000`00000801 00000000`000007ff : nt!KiPageFault+0x20b
fffffa60`09565920 fffff800`0209f95a : 00000000`20706349 00000000`00001000 00000000`20706349 fffff800`00000000 : nt!ExAllocatePoolWithTag+0x359
fffffa60`095659f0 fffff800`02291ff3 : 00000000`00810000 00000000`00000200 00000000`00003038 00000000`00008000 : nt!ExAllocatePoolWithTagPriority+0x4a
fffffa60`09565a70 fffff800`022789e2 : 00000000`6e496c41 fffffa80`07f76000 fffffa80`07f78510 00000000`00000189 : nt!IopAllocateMiniCompletionPacket+0xd3
fffffa60`09565ab0 fffff800`0224ab33 : fffff880`0f35bc30 fffffa60`09565ca0 fffffa80`09de8e60 00000000`00000000 : nt!AlpcpAllocateCompletionPacketLookaside+0x82
fffffa60`09565ae0 fffff800`02278e47 : fffffa80`09de8e60 00000000`00000001 00000000`00000018 00000000`00000002 : nt!AlpcpInitializeCompletionList+0x207
fffffa60`09565b60 fffff800`020580f3 : fffffa80`09de8e60 fffffa80`07453500 00000000`00250d80 fffffa80`0a04b040 : nt!NtAlpcSetInformation+0x2ce
fffffa60`09565c20 00000000`77b262da : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x13
00000000`01aaf788 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x77b262da
STACK_COMMAND: kb
FOLLOWUP_IP:
nt!ExAllocatePoolWithTag+359
fffff800`02137369 48895808 mov qword ptr [rax+8],rbx
SYMBOL_STACK_INDEX: 3
SYMBOL_NAME: nt!ExAllocatePoolWithTag+359
FOLLOWUP_NAME: MachineOwner
MODULE_NAME: nt
IMAGE_NAME: ntkrnlmp.exe
DEBUG_FLR_IMAGE_TIMESTAMP: 49ac93e1
FAILURE_BUCKET_ID: X64_0xC5_2_nt!ExAllocatePoolWithTag+359
BUCKET_ID: X64_0xC5_2_nt!ExAllocatePoolWithTag+359
Followup: MachineOwner
---------
Here is a picture of a program showing me the Aspi32 driver
