One of our clients has SEP client installed and every time a blank DVD is inserted it crashes to a BSOD. I checked the dump file and SRTSP.SYS seems to be the culprit. I searched the Internet and this forum for a solution and it seems to be a known issue with SEP. However, I am unable to find a solution other than upgrading to the latest version of SEP. We are already running the latest version (11.0.5002.333). Thank you in advance for any suggestions.
Microsoft (R) Windows Debugger Version 6.11.0001.404 X86
Copyright (c) Microsoft Corporation. All rights reserved.
Loading Dump File [C:\Documents and Settings\tdb.SHALEREMS\Desktop\Mini101709-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available
Symbol search path is: SRV*c:\temp*http://msdl.microsoft.com/download/symbols
Executable search path is:
Windows XP Kernel Version 2600 (Service Pack 3) MP (2 procs) Free x86 compatible
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 2600.xpsp_sp3_gdr.090804-1435
Machine Name:
Kernel base = 0x804d7000 PsLoadedModuleList = 0x8055d720
Debug session time: Sat Oct 17 17:51:02.930 2009 (GMT-4)
System Uptime: 2 days 1:35:03.463
Loading Kernel Symbols
...............................................................
................................................................
...............................
Loading User Symbols
Loading unloaded module list
..................................................
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
Use !analyze -v to get detailed debugging information.
BugCheck 1000008E, {c0000005, 806e694f, ae5124cc, 0}
*** WARNING: Unable to verify timestamp for SRTSP.SYS
*** ERROR: Module load completed but symbols could not be loaded for SRTSP.SYS
Probably caused by : SRTSP.SYS ( SRTSP+162a9 )
Followup: MachineOwner
---------
1: kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
KERNEL_MODE_EXCEPTION_NOT_HANDLED_M (1000008e)
This is a very common bugcheck. Usually the exception address pinpoints
the driver/function that caused the problem. Always note this address
as well as the link date of the driver/image that contains this address.
Some common problems are exception code 0x80000003. This means a hard
coded breakpoint or assertion was hit, but this system was booted
/NODEBUG. This is not supposed to happen as developers should never have
hardcoded breakpoints in retail code, but ...
If this happens, make sure a debugger gets connected, and the
system is booted /DEBUG. This will let us see why this breakpoint is
happening.
Arguments:
Arg1: c0000005, The exception code that was not handled
Arg2: 806e694f, The address that the exception occurred at
Arg3: ae5124cc, Trap Frame
Arg4: 00000000
Debugging Details:
------------------
EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - The instruction at "0x%08lx" referenced memory at "0x%08lx". The memory could not be "%s".
FAULTING_IP:
hal!ExAcquireFastMutex+f
806e694f f0ff09 lock dec dword ptr [ecx]
TRAP_FRAME: ae5124cc -- (.trap 0xffffffffae5124cc)
ErrCode = 00000002
eax=00000000 ebx=ae512604 ecx=00000001 edx=010a0003 esi=88c4bc38 edi=88c3f860
eip=806e694f esp=ae512540 ebp=ae512550 iopl=0 nv up ei pl nz ac pe cy
cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00010217
hal!ExAcquireFastMutex+0xf:
806e694f f0ff09 lock dec dword ptr [ecx] ds:0023:00000001=????????
Resetting default scope
CUSTOMER_CRASH_COUNT: 1
DEFAULT_BUCKET_ID: DRIVER_FAULT
BUGCHECK_STR: 0x8E
PROCESS_NAME: System
LAST_CONTROL_TRANSFER: from 804ed768 to 806e694f
STACK_TEXT:
ae51253c 804ed768 88c3f860 00000000 ae512604 hal!ExAcquireFastMutex+0xf
ae512550 ba6f1f56 88c4bc38 873e32e8 00000000 nt!FsRtlLookupPerStreamContextInternal+0x14
ae5125b4 ba702d21 873e32e8 88c3f860 00000000 fltmgr!FltpGetStreamListCtrl+0x5a
ae5125d0 ba6eeb19 873e32e8 88c3f860 8867d948 fltmgr!FltpCleanupStreamListCtrlForFileObjectClose+0x17
ae5125ec ba6ef059 ae512604 88c3f860 89df5280 fltmgr!FltpPassThrough+0x93
ae51261c 804ef19f 8867d948 872f8de0 872f8de0 fltmgr!FltpDispatch+0x10d
ae51262c 80583af8 88c3f848 00000000 00000000 nt!IopfCallDriver+0x31
ae512664 805bb474 00c3f860 00000000 88c3f848 nt!IopDeleteFile+0x132
ae512680 805266da 88c3f860 00000000 00001228 nt!ObpRemoveObjectRoutine+0xe0
ae512698 805bc349 874b57c0 e1001e70 874b7bd8 nt!ObfDereferenceObject+0x4c
ae5126b0 805bc3df e1001e70 88c3f860 00001228 nt!ObpCloseHandleTableEntry+0x155
ae5126f8 805bc517 00001228 00000000 00000000 nt!ObpCloseHandle+0x87
ae51270c 8054162c 80001228 ae512798 804fff41 nt!NtClose+0x1d
ae51270c 804fff41 80001228 ae512798 804fff41 nt!KiFastCallEntry+0xfc
ae512788 ba704519 80001228 8871a030 ae51283c nt!ZwClose+0x11
ae512798 b129d2a9 80001228 ae5127fc ae512808 fltmgr!FltQueryVolumeInformation+0x39
WARNING: Stack unwind information not available. Following frames may be wrong.
ae51283c b12a2f3c e8c41fe0 00000003 00000000 SRTSP+0x162a9
ae512880 ba6fc8ff ae51289c 00000005 00000003 SRTSP+0x1bf3c
ae5128b4 ba6fce86 873e3bb8 00000005 8054b968 fltmgr!FltpDoInstanceSetupNotification+0x4b
ae512914 ba6fd211 89a35e08 873e32e8 00000005 fltmgr!FltpInitInstance+0x272
ae512984 ba6fd31c 89a35e08 873e32e8 00000005 fltmgr!FltpCreateInstanceFromName+0x295
ae5129ec ba704342 89a35e08 873e32e8 00000005 fltmgr!FltpEnumerateRegistryInstances+0xf4
ae512a3c ba6fb6da 873e32e8 89567438 873e3df0 fltmgr!FltpDoFilterNotificationForNewVolume+0xe4
ae512a70 804ef19f 8867d948 873e3de0 873e3de0 fltmgr!FltpCreate+0x1f0
ae512a80 805831fa 89c1b018 886be0ac ae512c18 nt!IopfCallDriver+0x31
ae512b60 805bf452 89c1b030 00000000 886be008 nt!IopParseDevice+0xa12
ae512bd8 805bb9de 00000000 ae512c18 00000040 nt!ObpLookupObjectName+0x53c
ae512c2c 80576033 00000000 00000000 00000001 nt!ObOpenObjectByName+0xea
ae512ca8 805769aa 0013f2ac 00100001 0013f250 nt!IopCreateFile+0x407
ae512d04 8057a1a9 0013f2ac 00100001 0013f250 nt!IoCreateFile+0x8e
ae512d44 8054162c 0013f2ac 00100001 0013f250 nt!NtOpenFile+0x27
ae512d44 7c90e514 0013f2ac 00100001 0013f250 nt!KiFastCallEntry+0xfc
0013f51c 00000000 00000000 00000000 00000000 0x7c90e514
STACK_COMMAND: kb
FOLLOWUP_IP:
SRTSP+162a9
b129d2a9 ?? ???
SYMBOL_STACK_INDEX: 10
SYMBOL_NAME: SRTSP+162a9
FOLLOWUP_NAME: MachineOwner
MODULE_NAME: SRTSP
IMAGE_NAME: SRTSP.SYS
DEBUG_FLR_IMAGE_TIMESTAMP: 4a80e37c
FAILURE_BUCKET_ID: 0x8E_SRTSP+162a9
BUCKET_ID: 0x8E_SRTSP+162a9
Followup: MachineOwner
---------
1: kd> .trap 0xffffffffae5124cc
ErrCode = 00000002
eax=00000000 ebx=ae512604 ecx=00000001 edx=010a0003 esi=88c4bc38 edi=88c3f860
eip=806e694f esp=ae512540 ebp=ae512550 iopl=0 nv up ei pl nz ac pe cy
cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00010217
hal!ExAcquireFastMutex+0xf:
806e694f f0ff09 lock dec dword ptr [ecx] ds:0023:00000001=????????
1: kd> lmvm SRTSP
start end module name
b1287000 b12d1000 SRTSP T (no symbols)
Loaded symbol image file: SRTSP.SYS
Image path: SRTSP.SYS
Image name: SRTSP.SYS
Timestamp: Mon Aug 10 23:20:28 2009 (4A80E37C)
CheckSum: 00052457
ImageSize: 0004A000
Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4