IRQL_NOT_LESS_OR_EQUAL ntoskrnl.exe Windows 8.1

BigSant · Apr 18, 2015

Hello, I have receiving a BSOD for the often time on my computer, i tried reinstall windows, but with windwos 7/8/8.1/10 have same problem.

To start off this Blue Screen is IRQL_NOT_LESS_OR_EQUAL.

All it said was it was caused by ntosrknl.exe

Bug check code 0x0000000a

Caused by address ntoskrnl.exe+5d632

The drivers I have: http://imgur.com/J9AAdyB

Minidump file: http://www.mediafire.com/download/p4p6bi6l59l02nt/Minidump.rar

If you would be kind, please help me with this.

If you need any more information about the Blue Screen, reply to me. Thank you

johnbl · Apr 18, 2015

first bugcheck was cause by memory corruption.

I would start by running memtest86 and confirm your system does not have a BIOS/memory timing problem
if that does not turn up any errors I would then run verifier.exe to see if I could get windows to catch a programming error in a driver.
run cmd.exe as an admin, then run
verifier.exe /standard /all

reboot and run until you get another bugcheck.
use verifier.exe /reset
to turn off the extra device driver checking

BigSant · Apr 18, 2015

I already did memtest86: http://imgur.com/F6FdoMl
I tried verifier.exe too.
I saw BSOD and and later disable verifier.exe in safe mode.

johnbl · Apr 18, 2015

verifier.exe was off in the two memory dumps provided.
I would turn it on: run cmd.exe as an admin, then run
verifier.exe /standard /all
I would change the memory dump type to kernel memory dump or the debugging info is stripped out when the memory dump is saved to disk.
reboot
go until you get next bugcheck, reboot into safe mode and run
verifier.exe /reset
to clear the dubug checking of the drivers so you can boot again (in the case your system will not boot normally with verifier running)
-------
when the system bugcheck with verifier turned on it will name the bad driver in the bugcheck memory .dmp file
you should copy the file to a server and post a link. ( or indicate which memory .dmp has verifier on)

BigSant :

BigSant · Apr 23, 2015

Hello today i got new BSOD:

Tried check minidumb file with WinDBG.exe and got this:

*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************

IRQL_NOT_LESS_OR_EQUAL (a)
An attempt was made to access a pageable (or completely invalid) address at an
interrupt request level (IRQL) that is too high. This is usually
caused by drivers using improper addresses.
If a kernel debugger is available get the stack backtrace.
Arguments:
Arg1: 0000000000001048, memory referenced
Arg2: 0000000000000002, IRQL
Arg3: 0000000000000001, bitfield :
bit 0 : value 0 = read operation, 1 = write operation
bit 3 : value 0 = not an execute operation, 1 = execute operation (only on chips which support this level of status)
Arg4: fffff8037d83ea02, address which referenced memory

Debugging Details:
------------------

WRITE_ADDRESS: 0000000000001048 Nonpaged pool

CURRENT_IRQL: 2

FAULTING_IP:
nt!MiIdentifyPfn+322
fffff803`7d83ea02 f0410fba6f481f lock bts dword ptr [r15+48h],1Fh

CUSTOMER_CRASH_COUNT: 1

DEFAULT_BUCKET_ID: WIN8_DRIVER_FAULT

BUGCHECK_STR: AV

PROCESS_NAME: svchost.exe

ANALYSIS_VERSION: 6.3.9600.17298 (debuggers(dbg).141024-1500) amd64fre

TRAP_FRAME: ffffd0003a976fe0 -- (.trap 0xffffd0003a976fe0)
NOTE: The trap frame does not contain all registers.
Some register values may be zeroed or incorrect.
rax=0200000000000020 rbx=0000000000000000 rcx=0200000000000000
rdx=fffff8037d83eaea rsi=0000000000000000 rdi=0000000000000000
rip=fffff8037d83ea02 rsp=ffffd0003a977170 rbp=0000000000000000
r8=0000000000369075 r9=02200000003abfa0 r10=7800205101420000
r11=0000000000000042 r12=0000000000000000 r13=0000000000000000
r14=0000000000000000 r15=0000000000000000
iopl=0 nv up ei pl zr na po nc
nt!MiIdentifyPfn+0x322:
fffff803`7d83ea02 f0410fba6f481f lock bts dword ptr [r15+48h],1Fh ds:00000000`00000048=????????
Resetting default scope

LAST_CONTROL_TRANSFER: from fffff8037d9657e9 to fffff8037d959ca0

STACK_TEXT:
ffffd000`3a976e98 fffff803`7d9657e9 : 00000000`0000000a 00000000`00001048 00000000`00000002 00000000`00000001 : nt!KeBugCheckEx
ffffd000`3a976ea0 fffff803`7d96403a : 00000000`00000001 ffffe000`0a4b0818 fffffa80`0a2cfc00 ffffd000`3a976fe0 : nt!KiBugCheckDispatch+0x69
ffffd000`3a976fe0 fffff803`7d83ea02 : 00000000`000018c0 fffff803`7da9d99e ffffe000`0a4af000 ffffd000`3a977268 : nt!KiPageFault+0x23a
ffffd000`3a977170 fffff803`7d83e68c : 00000000`00000004 ffffe000`0a4b0818 00000000`00000001 ffffd000`3a977320 : nt!MiIdentifyPfn+0x322
ffffd000`3a977220 fffff803`7dba39cb : ffffe000`0a4b0818 ffffd000`3a977b80 ffffe000`0a4af000 fffff803`42506650 : nt!MiIdentifyPfnWrapper+0x3c
ffffd000`3a977250 fffff803`7dbbd512 : ffffc000`04366060 00000000`00000001 ffffd000`3a977434 ffffe000`0a4af000 : nt!PfpPfnPrioRequest+0xbb
ffffd000`3a9772d0 fffff803`7dbbb67b : 00000025`fd1fa708 00000000`00000000 00000000`0000004f 00000000`00000000 : nt!PfQuerySuperfetchInformation+0x336
ffffd000`3a977400 fffff803`7dbbb429 : 00000025`fd1fa708 00000026`ff5ea6a0 00000000`00000000 00000000`00000000 : nt!ExpQuerySystemInformation+0x1ff
ffffd000`3a977ac0 fffff803`7d9654b3 : 00000000`00000000 00000026`fdd037d0 00000000`00000001 ffffd000`3a977b00 : nt!NtQuerySystemInformation+0x49
ffffd000`3a977b00 00007ffc`86b768da : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x13
00000025`fd1fa5c8 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x00007ffc`86b768da

STACK_COMMAND: kb

FOLLOWUP_IP:
nt!MiIdentifyPfn+322
fffff803`7d83ea02 f0410fba6f481f lock bts dword ptr [r15+48h],1Fh

SYMBOL_STACK_INDEX: 3

SYMBOL_NAME: nt!MiIdentifyPfn+322

FOLLOWUP_NAME: MachineOwner

MODULE_NAME: nt

DEBUG_FLR_IMAGE_TIMESTAMP: 52718d9c

IMAGE_VERSION: 6.3.9600.16452

IMAGE_NAME: memory_corruption

BUCKET_ID_FUNC_OFFSET: 322

FAILURE_BUCKET_ID: AV_nt!MiIdentifyPfn

BUCKET_ID: AV_nt!MiIdentifyPfn

ANALYSIS_SOURCE: KM

FAILURE_ID_HASH_STRING: km:av_nt!miidentifypfn

FAILURE_ID_HASH: {4f0b8d4b-7219-bc8c-33a3-7bfc14bc92e1}

Followup: MachineOwner
---------

If someone understand this problem, please tell me whats wrong with my Computer

My .dmp file after bugcheck with verifier turned on: http://www.mediafire.com/download/gjd73ip5dulbawg/042315-50468-01.rar

johnbl · Apr 23, 2015

data in memory was corrupted, most likely another driver overwrote it with data then the kernel used the bad data as a memory address and bugchecked.

verifier was turned off, so no extra debug info. Also, would need the memory dump type changed to kernel memory dump rather than minidump. Minidump strips out the extra debug info.

suspect drivers
drxvi314_64.sys you might want to find out what this is.
\SystemRoot\system32\DRIVERS\drxvi314_64.sys Tue Sep 06 03:36:29 2011
BcmBusCtr_64.sys Beceem Communications Inc. WiMAX driver
\SystemRoot\System32\drivers\BcmBusCtr_64.sys Tue Sep 06 03:34:14 2011

SystemRoot\System32\DRIVERS\LhdX64.sys Mon Jan 11 07:06:58 2010 (Lenovo HD Disk Driver, just old driver)

BigSant · Apr 23, 2015

After updating Lenovo HD Disk driver BSOD stop showing. Tried verifier.exe /standard /all and windows start normal. So HD disk drivers fix my problem?

If so then thank you a lot.

Search

IRQL_NOT_LESS_OR_EQUAL ntoskrnl.exe Windows 8.1

BigSant

Reputable

johnbl

johnbl

Polypheme

BigSant

Reputable

johnbl

Polypheme

BigSant

Reputable

johnbl

Polypheme

BigSant

Reputable

TRENDING THREADS

Latest posts

Moderators online

Share this page