Here is the analyze -v output
2: kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1)
An attempt was made to access a pageable (or completely invalid) address at an
interrupt request level (IRQL) that is too high. This is usually
caused by drivers using improper addresses.
If kernel debugger is available get stack backtrace.
Arguments:
Arg1: 0000000000000028, memory referenced
Arg2: 0000000000000002, IRQL
Arg3: 0000000000000000, value 0 = read operation, 1 = write operation
Arg4: fffff8800181cfd2, address which referenced memory
Debugging Details:
READ_ADDRESS: 0000000000000028
CURRENT_IRQL: 2
FAULTING_IP:
NETIO!RtlCopyBufferToMdl+22
fffff880`0181cfd2 8b5228 mov edx,dword ptr [rdx+28h]
DEFAULT_BUCKET_ID: WIN8_DRIVER_FAULT
BUGCHECK_STR: AV
PROCESS_NAME: System
ANALYSIS_VERSION: 6.3.9600.17237 (debuggers(dbg).140716-0327) amd64fre
TRAP_FRAME: fffff880192447e0 – (.trap 0xfffff880192447e0)
NOTE: The trap frame does not contain all registers.
Some register values may be zeroed or incorrect.
rax=0000000100000000 rbx=0000000000000000 rcx=fffffa80054034b0
rdx=0000000000000000 rsi=0000000000000000 rdi=0000000000000000
rip=fffff8800181cfd2 rsp=fffff88019244970 rbp=fffff88019244a90
r8=00000000ffffffbc r9=0000000000000044 r10=0000000000000000
r11=fffff880192449a0 r12=0000000000000000 r13=0000000000000000
r14=0000000000000000 r15=0000000000000000
iopl=0 nv up ei ng nz na pe nc
NETIO!RtlCopyBufferToMdl+0x22:
fffff8800181cfd2 8b5228 mov edx,dword ptr [rdx+28h] ds:0000000000000028=???
Resetting default scope
LAST_CONTROL_TRANSFER: from fffff803dc0e4869 to fffff803dc0e5540
STACK_TEXT:
fffff88019244698 fffff803dc0e4869 : 000000000000000a 0000000000000028 0000000000000002 0000000000000000 : nt!KeBugCheckEx
fffff880192446a0 fffff803dc0e30e0 : 0000000000000000 0000000000000000 fffffa80055fc700 fffff880192447e0 : nt!KiBugCheckDispatch+0x69
fffff880192447e0 fffff8800181cfd2 : 0000000056b52598 fffff88001d4e56c fffffa800b591100 fffffa800b591100 : nt!KiPageFault+0x260
fffff88019244970 fffff88001d28406 : fffffa800401bf60 000000003f655741 fffffa800e7ce3d0 fffff88019244cf0 : NETIO!RtlCopyBufferToMdl+0x22
fffff880192449d0 fffff88001d22626 : 0000000000000000 0000000000000000 fffff88019244ab8 fffff8803f655741 : tcpip!TcpTcbReassemblyRetrieveSegments+0x1d6
fffff88019244a40 fffff88001d4d934 : 0000000000000000 fffffa800e56de88 fffff88005d004bc fffff88005d030a1 : tcpip!TcpTcbCarefulDatagram+0x726
fffff88019244c70 fffff88001d4c750 : fffff880192451e8 fffff880192451d8 fffff88019244f40 0000000000000000 : tcpip!TcpTcbReceive+0x474
fffff88019244dd0 fffff88001d4de41 : fffffa800a53a202 fffffa8006aad000 0000000000000000 fffffa8006aad000 : tcpip!TcpMatchReceive+0x1f0
fffff88019244f40 fffff88001d5fd43 : fffffa80059f1f00 0000000000002ff9 fffffa8006aa17fc fffffa80059f1f00 : tcpip!TcpPreValidatedReceive+0x381
fffff88019245020 fffff88001d60058 : fffff88019245249 fffffa8009f63a00 0000000000000000 fffff88001d3775d : tcpip!IppDeliverListToProtocol+0x93
fffff880192450d0 fffff88001d640eb : fffff88001e77f30 fffff8800180d743 fffffa800000f6e6 fffff880192451e8 : tcpip!IppProcessDeliverList+0x68
fffff88019245180 fffff88001d61b31 : fffffa8008127600 fffff880192453b0 0000000000000000 0000000000000000 : tcpip!IppReceiveHeaderBatch+0x21b
fffff880192452b0 fffff88001d63473 : fffffa8009050b00 0000000000000000 0000000000000000 fffff88001e72b00 : tcpip!IpFlcReceivePackets+0x641
fffff880192454e0 fffff88001d6e04d : 0000000000000000 0000000000000000 fffff88001d61400 fffff80300000000 : tcpip!FlpReceiveNonPreValidatedNetBufferListChain+0x2ce
fffff880192455b0 fffff803dc13aae6 : 0000000000000000 fffffa800a982a30 0000000000000001 0000000000000001 : tcpip!FlReceiveNetBufferListChainCalloutRoutine+0x12c
fffff880192456b0 fffff803dc13d545 : fffff88001d6df20 fffff88019245820 0000000000000000 fffffa80009f01b1 : nt!KeExpandKernelStackAndCalloutInternal+0xe6
fffff880192457b0 fffff88001d6e12e : fffff880192458f0 fffffa8004c350d0 ffffffff00000010 0000000200000005 : nt!KeExpandKernelStackAndCalloutEx+0x25
fffff880192457f0 fffff88001adcb06 : 0000000000000000 fffffa800956bdf0 fffffa800812b620 0000000000000801 : tcpip!FlReceiveNetBufferListChain+0xae
fffff88019245870 fffff88001adc16d : 0000000000000702 fffffa8009560000 fffffa800b584650 0000000000000001 : ndis!ndisMIndicateNetBufferListsToOpen+0x126
fffff88019245920 fffff88001adc843 : 0000000000000020 0000000000000100 0000000000000001 fffff803dc128970 : ndis!ndisInvokeNextReceiveHandler+0x25d
fffff880192459f0 fffff88000a0ccec : fffff88000a1ea00 0000000000000001 0000000000000000 fffff88000a090d0 : ndis!NdisMIndicateReceiveNetBufferLists+0xd3
fffff88019245aa0 fffff88000a090ee : fffff88000a1ea10 fffff88000a090d0 ffffffff00000010 0000000200000005 : tunnel!TeredoWfpIndicationWorker+0x70
fffff88019245ae0 fffff803dc133cd7 : fffffa800af35610 fffff88000a090d0 fffffa8007e50520 fffff803dc1abf60 : tunnel!LwWorker+0x1e
fffff88019245b10 fffff803dc123411 : fffff803dc311190 fffffa800a601a00 fffff803dc133c78 fffff803dc324d00 : nt!IopProcessWorkItem+0x5f
fffff88019245b80 fffff803dc0b8075 : fffff803dc383180 0000000000000080 fffff803dc1232d0 fffffa800a601a00 : nt!ExpWorkerThread+0x142
fffff88019245c10 fffff803dc16c3b6 : fffff803dc383180 fffffa800a601a00 fffffa8005789b00 fffffa8003fcd800 : nt!PspSystemThreadStartup+0x59
fffff88019245c60 0000000000000000 : fffff88019246000 fffff88019240000 0000000000000000 0000000000000000 : nt!KiStartSystemThread+0x16
STACK_COMMAND: kb
FOLLOWUP_IP:
NETIO!RtlCopyBufferToMdl+22
fffff880`0181cfd2 8b5228 mov edx,dword ptr [rdx+28h]
SYMBOL_STACK_INDEX: 3
SYMBOL_NAME: NETIO!RtlCopyBufferToMdl+22
FOLLOWUP_NAME: MachineOwner
MODULE_NAME: NETIO
IMAGE_NAME: NETIO.SYS
DEBUG_FLR_IMAGE_TIMESTAMP: 50765624
BUCKET_ID_FUNC_OFFSET: 22
FAILURE_BUCKET_ID: AV_NETIO!RtlCopyBufferToMdl
BUCKET_ID: AV_NETIO!RtlCopyBufferToMdl
ANALYSIS_SOURCE: KM
FAILURE_ID_HASH_STRING: km:av_netio!rtlcopybuffertomdl
FAILURE_ID_HASH: {d1f0b36b-846d-6c9d-08f6-8457013ed970}
Followup: MachineOwner
It doesn’t show anything about our WFP callout driver.
After looking at the forums, i see that same issue is reported multiple times i.e. dump in NETIO.sys with torrent clients.
Is there any clue?