Hi,
I had a blue screen in Windows 8.1 x64 using avast today and I wanted to report it to see if it is a known issue and whether a fix is available. Below is the windbg trace from the dump file.
Thanks
Paul
Microsoft (R) Windows Debugger Version 6.3.9600.17029 AMD64
Copyright (c) Microsoft Corporation. All rights reserved.
Loading Dump File [C:\Windows\Minidump\051014-23781-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available
************* Symbol Path validation summary **************
Response Time (ms) Location
Deferred
http://msdl.microsoft.com/download/symbolsSymbol search path is:
http://msdl.microsoft.com/download/symbolsExecutable search path is:
Windows 8 Kernel Version 9600 MP (4 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 9600.17041.amd64fre.winblue_gdr.140305-1710
Machine Name:
Kernel base = 0xfffff803`9421b000 PsLoadedModuleList = 0xfffff803`944e52d0
Debug session time: Sat May 10 08:44:18.095 2014 (UTC + 1:00)
System Uptime: 0 days 14:11:54.849
Loading Kernel Symbols
.
Press ctrl-c (cdb, kd, ntsd) or ctrl-break (windbg) to abort symbol loads that take too long.
Run !sym noisy before .reload to track down problems loading symbols.
..............................................................
................................................................
...................................
Loading User Symbols
Loading unloaded module list
................
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
Use !analyze -v to get detailed debugging information.
BugCheck A, {ffffe101fe1585e0, 2, 0, fffff803942fadc7}
Probably caused by : NETIO.SYS ( NETIO!KfdClassify+6fd )
Followup: MachineOwner
---------
1: kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
IRQL_NOT_LESS_OR_EQUAL (a)
An attempt was made to access a pageable (or completely invalid) address at an
interrupt request level (IRQL) that is too high. This is usually
caused by drivers using improper addresses.
If a kernel debugger is available get the stack backtrace.
Arguments:
Arg1: ffffe101fe1585e0, memory referenced
Arg2: 0000000000000002, IRQL
Arg3: 0000000000000000, bitfield :
bit 0 : value 0 = read operation, 1 = write operation
bit 3 : value 0 = not an execute operation, 1 = execute operation (only on chips which support this level of status)
Arg4: fffff803942fadc7, address which referenced memory
Debugging Details:
------------------
READ_ADDRESS: GetPointerFromAddress: unable to read from fffff8039456f138
unable to get nt!MmNonPagedPoolStart
unable to get nt!MmSizeOfNonPagedPoolInBytes
ffffe101fe1585e0
CURRENT_IRQL: 2
FAULTING_IP:
nt!RtlLookupEntryHashTable+77
fffff803`942fadc7 488b4110 mov rax,qword ptr [rcx+10h]
CUSTOMER_CRASH_COUNT: 1
DEFAULT_BUCKET_ID: WIN8_DRIVER_FAULT
BUGCHECK_STR: AV
PROCESS_NAME: AvastSvc.exe
ANALYSIS_VERSION: 6.3.9600.17029 (debuggers(dbg).140219-1702) amd64fre
TRAP_FRAME: ffffd0002868cef0 -- (.trap 0xffffd0002868cef0)
NOTE: The trap frame does not contain all registers.
Some register values may be zeroed or incorrect.
rax=5085a946b1e35d98 rbx=0000000000000000 rcx=ffffe101fe1585d0
rdx=ffffe00200037630 rsi=0000000000000000 rdi=0000000000000000
rip=fffff803942fadc7 rsp=ffffd0002868d080 rbp=ffffd0002868d1b0
r8=ffffe00200f701e0 r9=ecc4b5485964d0a6 r10=ffffd0002868d280
r11=0000000000000008 r12=0000000000000000 r13=0000000000000000
r14=0000000000000000 r15=0000000000000000
iopl=0 nv up ei pl nz na po nc
nt!RtlLookupEntryHashTable+0x77:
fffff803`942fadc7 488b4110 mov rax,qword ptr [rcx+10h] ds:ffffe101`fe1585e0=?
Resetting default scope
LAST_CONTROL_TRANSFER: from fffff8039437aae9 to fffff8039436efa0
STACK_TEXT:
ffffd000`2868cda8 fffff803`9437aae9 : 00000000`0000000a ffffe101`fe1585e0 00000000`00000002 00000000`00000000 : nt!KeBugCheckEx
ffffd000`2868cdb0 fffff803`9437933a : 00000000`00000000 ecc4b548`5964d0a6 ffffc6a8`81d38e00 ffffd000`2868cef0 : nt!KiBugCheckDispatch+0x69
ffffd000`2868cef0 fffff803`942fadc7 : 00000000`00000000 fffff801`a0b481c4 00000000`000002fb 00000016`00000001 : nt!KiPageFault+0x23a
ffffd000`2868d080 fffff801`a06021d9 : 00000000`00000000 ffffd000`2868d1b0 ffffe001`fdfd91b0 fffff801`a0b11a2d : nt!RtlLookupEntryHashTable+0x77
ffffd000`2868d0b0 fffff801`a0b9b364 : ffffe001`fced2078 fffff801`a08c0887 00000000`00000001 ffffe001`fdfe2300 : NETIO!KfdClassify+0x6fd
ffffd000`2868d530 fffff801`a0b48b7c : ffffd000`2868e090 fffff801`0000000e 00000000`00000000 00000000`00000002 : tcpip!WfpTlShimInspectSendTcpDatagram+0x754
ffffd000`2868d830 fffff801`a0b455b8 : fffff801`0000fab3 ffffe001`00000000 ffffe001`0000000b ffffe001`00007010 : tcpip!IppInspectLocalDatagramsOut+0x82c
ffffd000`2868db60 fffff801`a0afce62 : ffffd000`2868dff0 00000000`00000007 fffff801`a0cb6180 ffffe001`fced2010 : tcpip!IppSendDatagramsCommon+0x3f8
ffffd000`2868dd50 fffff801`a0b1dbe0 : ffffe001`fd0a5240 00000000`00000000 00000000`00000000 00000000`0000000b : tcpip!IpNlpFastSendDatagram+0xf2
ffffd000`2868de30 fffff801`a0b1f6f5 : ffffd000`2868e212 00000000`00000000 ffffe001`ff934310 ffffd000`2868e530 : tcpip!TcpTcbSend+0x780
ffffd000`2868e180 fffff801`a0b1ef8a : 00000000`00000000 ffffe001`fced2010 ffffd000`2868e211 ffffd000`2868e500 : tcpip!TcpEnqueueTcbSendOlmNotifySendComplete+0xa5
ffffd000`2868e1b0 fffff801`a0b1f2f8 : 00000000`00000000 00000000`00000000 ffffe001`fce10a00 00000000`00000000 : tcpip!TcpEnqueueTcbSend+0x2aa
ffffd000`2868e2b0 fffff803`942f5256 : ffffd000`2868e2d0 00000000`00000000 00000000`000000f0 00000000`08a4da60 : tcpip!TcpTlConnectionSendCalloutRoutine+0x28
ffffd000`2868e330 fffff801`a0b1f5a2 : fffff801`a0b1f2d0 ffffd000`2868e450 00000000`00000000 fffff801`a178b6cb : nt!KeExpandKernelStackAndCalloutInternal+0xe6
ffffd000`2868e420 fffff801`a17a6577 : ffffe001`fce10a20 ffffd000`2868ecc0 00000000`0000000b 00000000`00000003 : tcpip!TcpTlConnectionSend+0x72
ffffd000`2868e490 fffff801`a178a451 : ffffe001`ff103e10 ffffe001`ffd8eb30 00000000`00000005 00000000`20206f49 : afd!AfdFastConnectionSend+0x387
ffffd000`2868e650 fffff803`946173f4 : ffffe002`00f073c0 00000000`00000000 ffffe001`ff103e10 00000000`00000001 : afd!AfdFastIoDeviceControl+0x441
ffffd000`2868e9c0 fffff803`946181c6 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!IopXxxControlFile+0x3d4
ffffd000`2868eb60 fffff803`9437a7b3 : ffffe001`ffafd568 ffffe001`fd03b880 fffff6fb`7dbed000 fffff6fb`7da00000 : nt!NtDeviceIoControlFile+0x56
ffffd000`2868ebd0 00000000`77742772 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x13
00000000`08a4ea58 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x77742772
STACK_COMMAND: kb
FOLLOWUP_IP:
NETIO!KfdClassify+6fd
fffff801`a06021d9 4c8bc0 mov r8,rax
SYMBOL_STACK_INDEX: 4
SYMBOL_NAME: NETIO!KfdClassify+6fd
FOLLOWUP_NAME: MachineOwner
MODULE_NAME: NETIO
IMAGE_NAME: NETIO.SYS
DEBUG_FLR_IMAGE_TIMESTAMP: 5215f7e4
IMAGE_VERSION: 6.3.9600.16384
BUCKET_ID_FUNC_OFFSET: 6fd
FAILURE_BUCKET_ID: AV_NETIO!KfdClassify
BUCKET_ID: AV_NETIO!KfdClassify
ANALYSIS_SOURCE: KM
FAILURE_ID_HASH_STRING: km:av_netio!kfdclassify
FAILURE_ID_HASH: {0e14637a-385d-0a7b-00b2-7ee608277b22}
Followup: MachineOwner
---------