1: kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
IRQL_GT_ZERO_AT_SYSTEM_SERVICE (4a)
Returning to usermode from a system call at an IRQL > PASSIVE_LEVEL.
Arguments:
Arg1: 87243700, Address of system function (system call routine)
Arg2: 00000002, Current IRQL
Arg3: 00000000, 0
Arg4: 00000000, 0
Debugging Details:
------------------
PROCESS_NAME: (
�á.exe
BUGCHECK_STR: RAISED_IRQL_FAULT
FAULTING_IP:
+6c0071005f0028
87243700 8bff mov edi,edi
DEFAULT_BUCKET_ID: WIN7_DRIVER_FAULT
CURRENT_IRQL: 2
ANALYSIS_VERSION: 6.3.9600.17237 (debuggers(dbg).140716-0327) x86fre
LAST_CONTROL_TRANSFER: from 83f00daf to 83e89dfc
STACK_TEXT:
8a8377fc 83f00daf 00000003 d9423579 00000065 nt!RtlpBreakWithStatusInstruction
8a83784c 83f018ad 00000003 0000001c 00000000 nt!KiBugCheckDebugBreak+0x1c
8a837c10 83e5e015 0000004a 87243700 00000002 nt!KeBugCheck2+0x68b
8a837c10 77d16bb4 0000004a 87243700 00000002 nt!KiServiceExit2+0x218
WARNING: Frame IP not in any known module. Following frames may be wrong.
002cf86c 00000000 00000000 00000000 00000000 0x77d16bb4
STACK_COMMAND: kb
FOLLOWUP_IP:
nt!KiServiceExit2+218
83e5e015 0fb68134010000 movzx eax,byte ptr [ecx+134h]
SYMBOL_STACK_INDEX: 3
SYMBOL_NAME: nt!KiServiceExit2+218
FOLLOWUP_NAME: MachineOwner
MODULE_NAME: nt
IMAGE_NAME: ntkrpamp.exe
DEBUG_FLR_IMAGE_TIMESTAMP: 5add18c0
IMAGE_VERSION: 6.1.7601.24117
FAILURE_BUCKET_ID: RAISED_IRQL_FAULT__(____.exe_nt!KiServiceExit2+218
BUCKET_ID: RAISED_IRQL_FAULT__(____.exe_nt!KiServiceExit2+218
ANALYSIS_SOURCE: KM
FAILURE_ID_HASH_STRING: km:raised_irql_fault__(____.exe_nt!kiserviceexit2+218
FAILURE_ID_HASH: {10950155-c73a-f936-fafa-5e4e6ba44902}
Followup: MachineOwner
---------
