Connected to Windows XP 2600 x86 compatible target at (Thu Jul 25 20:58:03.049 2024 (UTC - 7:00)), ptr64 FALSE Kernel Debugger connection established. Symbol search path is: C:\Users\owner\Desktop\msvc_pdb_x86;C:\Users\owner\Desktop\msvc_pdb_xp_sp3 Executable search path is: Windows XP Kernel Version 2600 MP (1 procs) Free x86 compatible Built by: 2600.xpsp.080413-2111 Machine Name: Kernel base = 0x804d7000 PsLoadedModuleList = 0x8055d720 System Uptime: not available LDR: LdrpWalkImportDescriptor() failed to probe C:\WINDOWS\system32\atiadlxx.dll for its manifest, ntstatus 0xc0150002 bSyncWithGlobalService enter bSyncWithGlobalService, Ati Hot Key Poller Service is not running ERROR: DavReadRegistryValues/RegQueryValueExW(4). WStatus = 5 ERROR: DavReadRegistryValues/RegQueryValueExW(5). WStatus = 5 ERROR: DavReadRegistryValues/RegQueryValueExW(6). WStatus = 5 *** Fatal System Error: 0x000000d1 (0xFA9F3000,0x00000002,0x00000000,0xB5D38084) Break instruction exception - code 80000003 (first chance) A fatal system error has occurred. Debugger entered on first try; Bugcheck callbacks have not been invoked. A fatal system error has occurred. Connected to Windows XP 2600 x86 compatible target at (Thu Jul 25 20:59:13.952 2024 (UTC - 7:00)), ptr64 FALSE Loading Kernel Symbols ............................................................... ..................................... Loading User Symbols Loading unloaded module list ........ ******************************************************************************* * * * Bugcheck Analysis * * * ******************************************************************************* Use !analyze -v to get detailed debugging information. BugCheck D1, {fa9f3000, 2, 0, b5d38084} *** ERROR: Module load completed but symbols could not be loaded for es199x.sys Probably caused by : es199x.sys ( es199x+e084 ) Followup: MachineOwner --------- nt!RtlpBreakWithStatusInstruction: 8052b5dc cc int 3 kd> !analyze -v ******************************************************************************* * * * Bugcheck Analysis * * * ******************************************************************************* DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1) An attempt was made to access a pageable (or completely invalid) address at an interrupt request level (IRQL) that is too high. This is usually caused by drivers using improper addresses. If kernel debugger is available get stack backtrace. Arguments: Arg1: fa9f3000, memory referenced Arg2: 00000002, IRQL Arg3: 00000000, value 0 = read operation, 1 = write operation Arg4: b5d38084, address which referenced memory Debugging Details: ------------------ READ_ADDRESS: fa9f3000 Nonpaged pool expansion CURRENT_IRQL: 2 FAULTING_IP: es199x+e084 b5d38084 8b48f0 mov ecx,dword ptr [eax-10h] DEFAULT_BUCKET_ID: DRIVER_FAULT BUGCHECK_STR: 0xD1 PROCESS_NAME: Idle TRAP_FRAME: 80551250 -- (.trap 0xffffffff80551250) ErrCode = 00000000 eax=fa9f3010 ebx=00000001 ecx=00000000 edx=00000000 esi=8a5253f0 edi=00000000 eip=b5d38084 esp=805512c4 ebp=805513fc iopl=0 nv up ei ng nz na po nc cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00010282 es199x+0xe084: b5d38084 8b48f0 mov ecx,dword ptr [eax-10h] ds:0023:fa9f3000=???????? Resetting default scope LAST_CONTROL_TRANSFER: from 804f8df9 to 8052b5dc STACK_TEXT: 80550e04 804f8df9 00000003 80551160 00000000 nt!RtlpBreakWithStatusInstruction 80550e50 804f99e4 00000003 fa9f3000 b5d38084 nt!KiBugCheckDebugBreak+0x19 80551230 805446e0 0000000a fa9f3000 00000002 nt!KeBugCheck2+0x574 80551230 b5d38084 0000000a fa9f3000 00000002 nt!KiTrap0E+0x238 WARNING: Stack unwind information not available. Following frames may be wrong. 805513fc 8050231b 8055c0c0 ffdff9c0 ffdff000 es199x+0xe084 80551428 80545e6f 8055c4c0 00000000 00000ac5 nt!KiTimerExpiration+0xb1 80551450 80545d54 00000000 0000000e 00000000 nt!KiRetireDpcList+0x61 80551454 00000000 0000000e 00000000 00000000 nt!KiIdleLoop+0x28 STACK_COMMAND: kb FOLLOWUP_IP: es199x+e084 b5d38084 8b48f0 mov ecx,dword ptr [eax-10h] SYMBOL_STACK_INDEX: 4 SYMBOL_NAME: es199x+e084 FOLLOWUP_NAME: MachineOwner MODULE_NAME: es199x IMAGE_NAME: es199x.sys DEBUG_FLR_IMAGE_TIMESTAMP: 3c0848ee FAILURE_BUCKET_ID: 0xD1_es199x+e084 BUCKET_ID: 0xD1_es199x+e084 Followup: MachineOwner ---------