|
 |  |  |  |  |  |  |
| Welcome to Windows Vista Forums. Our forum is dedicated to helping you find solutions with any problems, errors or issues you are experiencing with Windows Vista. The Vista forum also covers news and updates and has an extensive Windows Vista tutorial section that covers a wide range of tips and tricks. |
| |||||||
 | Vista - BlueScreen - KMODE_EXCEPTION_NOT_HANDLED in NTOSKRNL.EXE |
 |
| |
| 07-06-2009 | #1 |
| Vista Business x64 | BlueScreen - KMODE_EXCEPTION_NOT_HANDLED in NTOSKRNL.EXE Hi Guys, I am having recurring blue screens on my Vista Business x64 OS. The machine has the following components: - Intel Core2 Quad Q9550 @ 2.83 Ghz - 8 GB of RAM - ATI Radeon HD 2400 PRO The problem seems to occure when debugging in Visual Studio 2008. However, I can't say for sure this is the cause because I'm pretty much using VS all day long and the odds would have been slim that the crash occured when VS was off. However, that's what the minidump (see below) seems to indicate (VSProject2009 is the name of the project I was debugging). Also, I have been using VS for years with different configurations and never had such problems. We also actually have a few other computers identical to this one (hardware + software images) and people using VS on them, and no one has reported any issues. Now on to the minidump. This is the message displayed by Vista: Problem signature: Problem Event Name: BlueScreen OS Version: 6.0.6001.2.1.0.256.6 Locale ID: 3081 Additional information about the problem: BCCode: 1e BCP1: FFFFFFFFC0000005 BCP2: FFFFF80002AC750A BCP3: 0000000000000000 BCP4: 00000000000000D8 OS Version: 6_0_6001 Service Pack: 1_0 Product: 256_1 Files that help describe the problem: C:\Windows\Minidump\Mini070609-02.dmp C:\Users\xavierp\AppData\Local\Temp\WER-84614-0.sysdata.xml C:\Users\xavierp\AppData\Local\Temp\WER1850.tmp.version.txt Read our privacy statement: Microsoft Online Crash Analysis The last minidumps are attached. This is what I could extract from the last one (not sure if I did that correctly): Microsoft (R) Windows Debugger Version 6.11.0001.404 AMD64 Copyright (c) Microsoft Corporation. All rights reserved. Loading Dump File [C:\Program Files\Debugging Tools for Windows (x64)\Mini070609-02.dmp] Mini Kernel Dump File: Only registers and stack trace are available Symbol search path is: SRV*c:\symbols*Symbol information Executable search path is: Windows Server 2008/Windows Vista Kernel Version 6001 (Service Pack 1) MP (4 procs) Free x64 Product: WinNt, suite: TerminalServer SingleUserTS Built by: 6001.18226.amd64fre.vistasp1_gdr.090302-1506 Machine Name: Kernel base = 0xfffff800`02a60000 PsLoadedModuleList = 0xfffff800`02c25db0 Debug session time: Mon Jul 6 16:12:17.703 2009 (GMT+10) System Uptime: 0 days 4:39:37.117 Loading Kernel Symbols .. Press ctrl-c (cdb, kd, ntsd) or ctrl-break (windbg) to abort symbol loads that take too long. Run !sym noisy before .reload to track down problems loading symbols. ............................................................. ................................................................ ............ Loading User Symbols Loading unloaded module list ...... ******************************************************************************* * * * Bugcheck Analysis * * * ******************************************************************************* Use !analyze -v to get detailed debugging information. BugCheck 1E, {ffffffffc0000005, fffff80002ac750a, 0, d8} Unable to load image \SystemRoot\system32\DRIVERS\klif.sys, Win32 error 0n2 *** WARNING: Unable to verify timestamp for klif.sys *** ERROR: Module load completed but symbols could not be loaded for klif.sys Probably caused by : klif.sys ( klif+4756 ) Followup: MachineOwner --------- 3: kd> !analyze -v ******************************************************************************* * * * Bugcheck Analysis * * * ******************************************************************************* KMODE_EXCEPTION_NOT_HANDLED (1e) This is a very common bugcheck. Usually the exception address pinpoints the driver/function that caused the problem. Always note this address as well as the link date of the driver/image that contains this address. Arguments: Arg1: ffffffffc0000005, The exception code that was not handled Arg2: fffff80002ac750a, The address that the exception occurred at Arg3: 0000000000000000, Parameter 0 of the exception Arg4: 00000000000000d8, Parameter 1 of the exception Debugging Details: ------------------ EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x%08lx referenced memory at 0x%08lx. The memory could not be %s. FAULTING_IP: nt!RtlVirtualUnwind+17a fffff800`02ac750a 488b02 mov rax,qword ptr [rdx] EXCEPTION_PARAMETER1: 0000000000000000 EXCEPTION_PARAMETER2: 00000000000000d8 READ_ADDRESS: GetPointerFromAddress: unable to read from fffff80002c89080 00000000000000d8 CUSTOMER_CRASH_COUNT: 2 DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT BUGCHECK_STR: 0x1E PROCESS_NAME: VSProject2009.v CURRENT_IRQL: 1 TRAP_FRAME: fffffa60066107f0 -- (.trap 0xfffffa60066107f0) NOTE: The trap frame does not contain all registers. Some register values may be zeroed or incorrect. rax=0000000000000037 rbx=0000000000000000 rcx=0000000000000000 rdx=00000000000000d8 rsi=0000000000000000 rdi=0000000000000000 rip=fffff80002ac750a rsp=fffffa6006610980 rbp=0000000000000103 r8=0000000000000005 r9=fffff80002a60000 r10=ffffffffffffff80 r11=fffff80002c5f000 r12=0000000000000000 r13=0000000000000000 r14=0000000000000000 r15=0000000000000000 iopl=0 nv up ei ng nz na pe nc nt!RtlVirtualUnwind+0x17a: fffff800`02ac750a 488b02 mov rax,qword ptr [rdx] ds:0920:00000000`000000d8=???????????????? Resetting default scope LAST_CONTROL_TRANSFER: from fffff80002a8ee67 to fffff80002ab4650 STACK_TEXT: fffffa60`06610008 fffff800`02a8ee67 : 00000000`0000001e ffffffff`c0000005 fffff800`02ac750a 00000000`00000000 : nt!KeBugCheckEx fffffa60`06610010 fffff800`02ab44a9 : fffffa60`06610748 00000000`00000003 fffffa60`066107f0 fffffa60`06610a40 : nt! ?? ::FNODOBFM::`string'+0x29317 fffffa60`06610610 fffff800`02ab32a5 : 00000000`00000000 fffffa80`0a710280 00000000`00000000 00000000`00000003 : nt!KiExceptionDispatch+0xa9 fffffa60`066107f0 fffff800`02ac750a : 00000000`0005649f fffffa60`06610a40 fffff800`02a60000 00000000`00000000 : nt!KiPageFault+0x1e5 fffffa60`06610980 fffff800`02d4ce62 : fffff800`00000001 fffffa60`0746d500 00000000`00000000 ffffffff`ffffff80 : nt!RtlVirtualUnwind+0x17a fffffa60`066109f0 fffff800`02acf5cd : ffffffff`ffffff80 fffffa80`0e930060 fffffa60`0746d570 fffff800`02a60000 : nt!PspGetSetContextInternal+0x36a fffffa60`06610f40 fffff800`02ade662 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!PspGetSetContextSpecialApc+0x9d fffffa60`06611050 fffff800`02aba421 : 00000000`00000000 00000000`00000000 00000000`00000000 fffffa80`0e930060 : nt!KiDeliverApc+0x1e2 fffffa60`066110f0 fffff800`02ab9896 : 00000027`00000003 fffffa80`0e930060 fffffa60`00000003 fffff800`02ab6d1f : nt!KiSwapThread+0x491 fffffa60`06611160 fffff800`02d69964 : 00000000`00000002 00000000`00106a39 00000000`00000001 fffffa80`00000000 : nt!KeWaitForMultipleObjects+0x2d6 fffffa60`066111e0 fffffa60`00a17c3c : 00000000`00000010 fffffa60`066113c0 fffffa80`0acb48a0 00000000`00000000 : nt! ?? ::NNGAKEGL::`string'+0x5104 fffffa60`06611240 fffffa60`03d84756 : 00000000`00000000 00000000`00000000 fffff880`130f04e0 00000000`00000078 : fltmgr!FltSendMessage+0x4ec fffffa60`06611370 00000000`00000000 : 00000000`00000000 fffff880`130f04e0 00000000`00000078 fffffa60`066113c8 : klif+0x4756 STACK_COMMAND: kb FOLLOWUP_IP: klif+4756 fffffa60`03d84756 ?? ??? SYMBOL_STACK_INDEX: c SYMBOL_NAME: klif+4756 FOLLOWUP_NAME: MachineOwner MODULE_NAME: klif IMAGE_NAME: klif.sys DEBUG_FLR_IMAGE_TIMESTAMP: 49c7a056 FAILURE_BUCKET_ID: X64_0x1E_klif+4756 BUCKET_ID: X64_0x1E_klif+4756 Followup: MachineOwner --------- Can anyone point me to a possible cause of the problem? Apparently Visual Studio is not innocent, but why would it cause that error? Thanks heaps. |
My System Specs |
| 07-06-2009 | #2 |
| Vista Ultimate x64; Win 7 x64 and x32 | Re: BlueScreen - KMODE_EXCEPTION_NOT_HANDLED in NTOSKRNL.EXE Visual Studio was the process that was running when the crash occurred - but it doesn't blame it. Here's the key statement: Quote: Probably caused by : klif.sys ( klif+4756 ) In the event that this is the Internet Security version, I must state that I do not recommend any Internet Security application due to the problems that I see with it. When they break it's not usually this easy to pin the blame on them - and the errors that they cause are usually very difficult to troubleshoot. |
| My System Specs |
| 07-06-2009 | #3 |
| Vista Business x64 | Re: BlueScreen - KMODE_EXCEPTION_NOT_HANDLED in NTOSKRNL.EXE Thanks a lot. I have forwarded the problem to the Kaspersky support, to see if there is any known issue and fix regarding this. |
| My System Specs |
|
 |
| Thread Tools | |
| |
| Similar Threads for: BlueScreen - KMODE_EXCEPTION_NOT_HANDLED in NTOSKRNL.EXE | ||||
| Thread | Forum | |||
| BSoD - KMODE_EXCEPTION_NOT_HANDLED | General Discussion | |||
| Ntoskrnl.exe corrupt | Vista General | |||
| Updates stole the ntoskrnl.exe | Windows Updates | |||
| C:\ntoskrnl.exe | Windows Updates | |||
| ntoskrnl.exe error | Vista hardware & devices | |||
