Help debugging a problem - Virtual Server 2005

Tue, 03 Jul 2007 09:40:26 -0700 

Found a packet that causes a Microsoft Windows Server
2003 R2 to blue screen even if the firewall is turned
on.  The server is unning Virtual Server 2005 R2 SP1
with an XP virtual machine. The packet needs to be
sent to the virtual machine and it causes an exception
in the VMNetSrv.sys. Interesting is after causing a
blue screen about 6-8 times, the packet will not work
anymore. However if you reinstall Virtual Server then
it will work again. I opened the crash file with
WinDbg, to try to figure out what is causing the
crash. I am new to using WinDbg and trying to debug
problems, so I am asking for help on how to debug, or
resources (books or websites) where I can go to look
up information.

Thanks,
Jeremy

I am including an analysis of the dump file from
WinDbg:

*******************************************************************************
*                                                     
                       *
*                        Bugcheck Analysis            
                       *
*                                                     
                       *
*******************************************************************************

DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1)
An attempt was made to access a pageable (or
completely invalid) address at an
interrupt request level (IRQL) that is too high.  This
is usually
caused by drivers using improper addresses.
If kernel debugger is available get stack backtrace.
Arguments:
Arg1: e225a000, memory referenced
Arg2: 00000002, IRQL
Arg3: 00000000, value 0 = read operation, 1 = write
operation
Arg4: f75c8343, address which referenced memory

Debugging Details:
------------------


READ_ADDRESS:  e225a000

CURRENT_IRQL:  2

FAULTING_IP:
VMNetSrv+1343
f75c8343 ??              ???

CUSTOMER_CRASH_COUNT:  2

DEFAULT_BUCKET_ID:  DRIVER_FAULT_SERVER_MINIDUMP

BUGCHECK_STR:  0xD1

PROCESS_NAME:  vssrvc.exe

TRAP_FRAME:  f789ea80 -- (.trap 0xfffffffff789ea80)
ErrCode = 00000000
eax=e225a000 ebx=00000000 ecx=025370af edx=000067ae
esi=00000001 edi=00000000
eip=f75c8343 esp=f789eaf4 ebp=e2256f60 iopl=0        
nv up ei pl nz na po nc
cs=0008  ss=0010  ds=0023  es=0023  fs=0030  gs=0000  
          efl=00010202
VMNetSrv+0x1343:
f75c8343 ??              ???
Resetting default scope

LAST_CONTROL_TRANSFER:  from f75c8343 to 80837ed5

STACK_TEXT:
f789ea80 f75c8343 badb0d00 000067ae f789eac8
nt!KiTrap0E+0x2a7
WARNING: Stack unwind information not available.
Following frames may be wrong.
f789eaf0 85e0b610 e2256f16 00000005 85e219d8
VMNetSrv+0x1343
f789eb74 8081fdb5 f75cd688 85cf75d0 00000000
0x85e0b610
f789eb84 85a46140 f789eba8 85cf7598 85cf75d0
nt!KeResetEvent+0x34
00000000 00000000 00000000 00000000 00000000
0x85a46140


STACK_COMMAND:  kb

FOLLOWUP_IP:
VMNetSrv+1343
f75c8343 ??              ???

SYMBOL_STACK_INDEX:  1

SYMBOL_NAME:  VMNetSrv+1343

FOLLOWUP_NAME:  MachineOwner

MODULE_NAME: VMNetSrv

IMAGE_NAME:  VMNetSrv.sys

DEBUG_FLR_IMAGE_TIMESTAMP:  4639dc03

FAILURE_BUCKET_ID:  0xD1_VMNetSrv+1343

BUCKET_ID:  0xD1_VMNetSrv+1343

Followup: MachineOwner
---------


      
____________________________________________________________________________________
Fussy? Opinionated? Impossible to please? Perfect.  Join Yahoo!'s user panel 
and lay it on us. http://surveylink.yahoo.com/gmrs/yahoo_panel_invite.asp?a=7

Reply via email to