XP Pro rebooting on its own

**captainjack913** · September 28, 2007

Has anyone ever had a case like this:

I have an XP Pro laptop with Remote Desktop enabled. I can log onto the console in the morning, check my IMs, lock it and go to work. I can remote into the machine from work with no problems. When I get home and unlock the console, the machine blue screens. this is about the only time it does this. Any thoughts?

**cluberti** · September 29, 2007

Well, a few, but a memory dump of it happening would be great. If you could configure your machine to gather one, and then compress it and make it available once the problem next occurs and you actually have a .dmp file, that'd be great.

**gosh** · September 29, 2007

well how about some info on the blue screen? When you take your car to the mechanic, do you say, "sometimes my car makes noises, do you know what causes that?" ????

-gosh

**SmaugyGrrr** · September 29, 2007

Update your video drivers.

**captainjack913** · September 29, 2007

this is taken from the event logs:

Event Type: Error

Event Source: System Error

Event Category: (102)

Event ID: 1003

Date: 9/24/2007

Time: 7:06:04 PM

User: N/A

Computer:

Description:

Error code 0000010d, parameter1 00000004, parameter2 f812fc80, parameter3 00000000, parameter4 82164f18.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Data:

0000: 53 79 73 74 65 6d 20 45 System E

0008: 72 72 6f 72 20 20 45 72 rror Er

0010: 72 6f 72 20 63 6f 64 65 ror code

0018: 20 30 30 30 30 30 31 30 0000010

0020: 64 20 20 50 61 72 61 6d d Param

0028: 65 74 65 72 73 20 30 30 eters 00

0030: 30 30 30 30 30 34 2c 20 000004,

0038: 66 38 31 32 66 63 38 30 f812fc80

0040: 2c 20 30 30 30 30 30 30 , 000000

0048: 30 30 2c 20 38 32 31 36 00, 8216

0050: 34 66 31 38 4f18

Does that help at all?

**cluberti** · September 29, 2007

Somewhat, yes:

Bug Check 0x10D: WDF_VIOLATION

The WDF_VIOLATION bug check has a value of 0x0000010D. This indicates that Kernel-Mode Driver Framework (KMDF) detected that Windows found an error in a framework-based driver.

- The first parameter passed (00000004) after the bugcheck code means "A NULL parameter was passed to a function that required a non-NULL value"

- The second parameter passed (f812fc80) isn't helpful without a dump file, as the first parameter being 4 means this points to the function in memory that had the third parameter (00000000, or NULL) and is the offender.

Did your system generate any *.dmp files on the disk at all when this occurred?

**captainjack913** · September 29, 2007

This should be the dump file from the latest crash

Mini092807_01.txt

**cluberti** · September 30, 2007

That's the one - looks like a driver called tp4track.sys is the culprit. Since this is a minidump a lot of info is missing that would be in a full dump (like the handle table), but I'd say it's pretty obvious that this driver is causing the problem - note line 04, where the first parameter passed to tp4track.sys at offset 0x1c9a is "00000000", that will cause a bugcheck if this is a KMDF driver (which it is):

kd> kvn
 # ChildEBP RetAddr  Args to Child			  
00 f41e0a44 f8116c3b 0000010d 00000004 f810dc80 nt!KeBugCheckEx+0x1b (FPO: [Non-Fpo])
WARNING: Stack unwind information not available. Following frames may be wrong.
01 f41e0a60 f8117480 821bc770 00000004 f810dc80 Wdf01000+0x28c3b
02 f41e0a80 f810dc80 821bc770 81f7b1c8 00000000 Wdf01000+0x29480
03 f41e0a98 f8727c9a f872a000 82093ec8 81f7b1c8 Wdf01000+0x1fc80
04 f41e0ad4 f872b204 00000000 820c7728 00000013 tp4track+0x1c9a
05 f41e0b78 f812abde 7de9bd70 7e60c228 000000c8 tp4track+0x5204
06 f41e0b9c f812bd89 7de9bd70 7e60c228 000000c8 Wdf01000+0x3cbde
07 f41e0bcc f812d929 7e60c228 819f3dd0 82164288 Wdf01000+0x3dd89
08 f41e0be8 f812ebe0 82164200 f81539b8 82371290 Wdf01000+0x3f929
09 f41e0c04 f8130bb1 00000000 81dc6fb8 821d0818 Wdf01000+0x40be0
0a f41e0c28 f8120272 82093ec8 f41e0c58 804e37f7 Wdf01000+0x42bb1
0b f41e0c34 804e37f7 8209cf00 82093ec8 806ed070 Wdf01000+0x32272
0c f41e0c44 8056a148 82093f38 81b10e38 82093ec8 nt!IopfCallDriver+0x31 (FPO: [0,0,0])
0d f41e0c58 8057ad03 8209cf00 82093ec8 81b10e38 nt!IopSynchronousServiceTail+0x60 (FPO: [Non-Fpo])
0e f41e0d00 8057d281 00000058 00000000 00000000 nt!IopXxxControlFile+0x611 (FPO: [Non-Fpo])
0f f41e0d34 804de7ec 00000058 00000000 00000000 nt!NtDeviceIoControlFile+0x2a (FPO: [Non-Fpo])
10 f41e0d34 7c90eb94 00000058 00000000 00000000 nt!KiFastCallEntry+0xf8 (FPO: [0,0] TrapFrame @ f41e0d64)
11 0006f9ec 00000000 00000000 00000000 00000000 0x7c90eb94

kd> lmvm tp4track
start	end		module name
f8726000 f8730000   tp4track T (no symbols)		   
	Loaded symbol image file: tp4track.sys
	Image path: tp4track.sys
	Image name: tp4track.sys
	Timestamp:		Thu Apr 26 08:12:22 2007 (46309726)
	CheckSum:		 0000CBF2
	ImageSize:		0000A000
	Translations:	 0000.04b0 0000.04e0 0409.04b0 0409.04e0

**captainjack913** · September 30, 2007

If i'm guessing right, that looks like it's talking about the trackpoint driver on the thinkpad. I'll see of lenovo has an updated driver. Thanks Culberti

Sign In

XP Pro rebooting on its own

Recommended Posts

captainjack913

cluberti

gosh

SmaugyGrrr

captainjack913

cluberti

captainjack913

cluberti

captainjack913

Create an account or sign in to comment

Create an account

Sign in

Recently Browsing 0 members

Activity

Browse