*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
IRQL_NOT_LESS_OR_EQUAL (a)
An attempt was made to access a pageable (or completely invalid) address at an
interrupt request level (IRQL) that is too high. This is usually
caused by drivers using improper addresses.
If a kernel debugger is available get the stack backtrace.
Arguments:
Arg1: 00000005000000dd, memory referenced
Arg2: 0000000000000002, IRQL
Arg3: 0000000000000001, bitfield :
bit 0 : value 0 = read operation, 1 = write operation
bit 3 : value 0 = not an execute operation, 1 = execute operation (only on chips which support this level of status)
Arg4: fffff80002cc8405, address which referenced memory
Debugging Details:
------------------
TRIAGER: Could not open triage file : C:\Program Files (x86)\Windows Kits\8.0\Debuggers\x64\triage\modclass.ini, error 2
WRITE_ADDRESS: GetPointerFromAddress: unable to read from fffff80002ec7100
GetUlongFromAddress: unable to read from fffff80002ec71c0
00000005000000dd Nonpaged pool
CURRENT_IRQL: 2
FAULTING_IP:
nt!KeStackAttachProcess+115
fffff800`02cc8405 f00fc186dc000000 lock xadd dword ptr [rsi+0DCh],eax
CUSTOMER_CRASH_COUNT: 1
DEFAULT_BUCKET_ID: WIN7_DRIVER_FAULT
BUGCHECK_STR: 0xA
PROCESS_NAME: System
TRAP_FRAME: fffff88007f1d770 -- (.trap 0xfffff88007f1d770)
NOTE: The trap frame does not contain all registers.
Some register values may be zeroed or incorrect.
rax=0000000000000008 rbx=0000000000000000 rcx=fffffa8003be2bb0
rdx=fffff88007f1da58 rsi=0000000000000000 rdi=0000000000000000
rip=fffff80002cc8405 rsp=fffff88007f1d900 rbp=fffff88007f1da58
r8=fffffa8003be2ba0 r9=0000000000000130 r10=fffff880031810c0
r11=fffffa8003be2b50 r12=0000000000000000 r13=0000000000000000
r14=0000000000000000 r15=0000000000000000
iopl=0 nv up ei pl zr na po nc
nt!KeStackAttachProcess+0x115:
fffff800`02cc8405 f00fc186dc000000 lock xadd dword ptr [rsi+0DCh],eax ds:00000000`000000dc=????????
Resetting default scope
LAST_CONTROL_TRANSFER: from fffff80002c97769 to fffff80002c981c0
STACK_TEXT:
fffff880`07f1d628 fffff800`02c97769 : 00000000`0000000a 00000005`000000dd 00000000`00000002 00000000`00000001 : nt!KeBugCheckEx
fffff880`07f1d630 fffff800`02c963e0 : fffff880`07f1d7b0 fffff8a0`041a9dd0 00000000`000000c2 fffffa80`03be2b50 : nt!KiBugCheckDispatch+0x69
fffff880`07f1d770 fffff800`02cc8405 : 00000000`00000000 fffffa80`03be2b50 fffffa80`03be2b50 fffff800`02f66953 : nt!KiPageFault+0x260
fffff880`07f1d900 fffffa80`050369c8 : fffff880`07f1da80 fffff880`0171e400 fffff880`07f1da60 fffffa80`03b14b50 : nt!KeStackAttachProcess+0x115
fffff880`07f1d980 fffff880`07f1da80 : fffff880`0171e400 fffff880`07f1da60 fffffa80`03b14b50 00000000`0000afd1 : 0xfffffa80`050369c8
fffff880`07f1d988 fffff880`0171e400 : fffff880`07f1da60 fffffa80`03b14b50 00000000`0000afd1 fffffa80`03b14b50 : 0xfffff880`07f1da80
fffff880`07f1d990 00000000`0000afd2 : 00000000`0000afd4 fffffa80`03b14a30 00000000`00000000 00000000`0000afd1 : tcpip!TcpCloseEndpoint+0x40
fffff880`07f1da00 00000000`0000afd4 : fffffa80`03b14a30 00000000`00000000 00000000`0000afd1 fffffa80`03b14b50 : 0xafd2
fffff880`07f1da08 fffffa80`03b14a30 : 00000000`00000000 00000000`0000afd1 fffffa80`03b14b50 fffff880`040e5715 : 0xafd4
fffff880`07f1da10 00000000`00000000 : 00000000`0000afd1 fffffa80`03b14b50 fffff880`040e5715 00000000`0000af00 : 0xfffffa80`03b14a30
STACK_COMMAND: kb
FOLLOWUP_IP:
tcpip!TcpCloseEndpoint+40
fffff880`0171e400 4885f6 test rsi,rsi
SYMBOL_STACK_INDEX: 6
SYMBOL_NAME: tcpip!TcpCloseEndpoint+40
FOLLOWUP_NAME: MachineOwner
MODULE_NAME: tcpip
IMAGE_NAME: tcpip.sys
DEBUG_FLR_IMAGE_TIMESTAMP: 4f757012
FAILURE_BUCKET_ID: X64_0xA_tcpip!TcpCloseEndpoint+40
BUCKET_ID: X64_0xA_tcpip!TcpCloseEndpoint+40
Followup: MachineOwner
---------