How to explain KMODE_EXCEPTION_NOT_HANDLED in ntoskl.exe +70380?

I have very hard puzzle with blue screens on windows 7. Few weeks ago a computer started to have some blu screens during smartcard computation. This is a POS machine with a smartcard, for every recepit issued it has to compute an hash in the smartcard.

So I started to looking for drivers/hardware errors, I updated some drivers (also if the old drivers worked for many years without errors)... without success. Therefore I changed the smartcard and the smartcardreader but it still didn't work. I also tried to switch all the POS system to another computer but every 10-20 hash computation the blue screen appeared again.

I tried to analyze the dump file, and seems that the failing component was ntoskl.exe, and this seems not to be a driver connected error.

This is the dump details:

KMODE_EXCEPTION_NOT_HANDLED 0x0000001e  ffffffff`c0000005   00000000`00000000   00000000`00000008   00000000`00000000   ntoskl.exe    ntoskl.exe+70380

and the dump analysis data:

Crash Dump Analysis provided by OSR Open Systems Resources, Inc. (http://www.osr.com)
Online Crash Dump Analysis Service
See http://www.osronline.com for more information
Windows 7 Keel Version 7601 (Service Pack 1) MP (4 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 7601.23392.amd64fre.win7sp1_ldr.160317-0600
Machine Name:
Keel base = 0xfffff800`02e4f000 PsLoadedModuleList = 0xfffff800`03091730
Debug session time: Sat May  7 14:48:33.499 2016 (UTC - 4:00)
System Uptime: 0 days 0:24:58.841
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

KMODE_EXCEPTION_NOT_HANDLED (1e)
This is a very common bugcheck.  Usually the exception address pinpoints
the driver/function that caused the problem.  Always note this address
as well as the link date of the driver/image that contains this address.
Arguments:
Arg1: ffffffffc0000005, The exception code that was not handled
Arg2: 0000000000000000, The address that the exception occurred at
Arg3: 0000000000000008, Parameter 0 of the exception
Arg4: 0000000000000000, Parameter 1 of the exception

Debugging Details:
------------------

TRIAGER: Could not open triage file : e:dump_analysisprogramtriagemodclass.ini, error 2

EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - The instruction at "0x%08lx" referenced memory at "0x%08lx". The memory could not be "%s".

FAULTING_IP: 
+0
00000000`00000000 ??              ???

EXCEPTION_PARAMETER1:  0000000000000008

EXCEPTION_PARAMETER2:  0000000000000000

WRITE_ADDRESS: GetPointerFromAddress: unable to read from fffff800030fb100
GetUlongFromAddress: unable to read from fffff800030fb1c8
 0000000000000000 Nonpaged pool

ERROR_CODE: (NTSTATUS) 0xc0000005 - The instruction at "0x%08lx" referenced memory at "0x%08lx". The memory could not be "%s".

BUGCHECK_STR:  0x1e_c0000005

CUSTOMER_CRASH_COUNT:  1

DEFAULT_BUCKET_ID:  WIN7_DRIVER_FAULT

PROCESS_NAME:  System

CURRENT_IRQL:  1

TRAP_FRAME:  fffff8800701b7f0 -- (.trap 0xfffff8800701b7f0)
NOTE: The trap frame does not contain all registers.
Some register values may be zeroed or incorrect.
rax=fffffa800737ee70 rbx=0000000000000000 rcx=fffffa8008f13a20
rdx=fffffa800737ee70 rsi=0000000000000000 rdi=0000000000000000
rip=0000000000000000 rsp=fffff8800701b980 rbp=0000000000000000
 r8=fffffa800398b010  r9=fffff8000303de80 r10=fffffa80036fb570
r11=fffffa8004a55c10 r12=0000000000000000 r13=0000000000000000
r14=0000000000000000 r15=0000000000000000
iopl=0         nv up ei ng nz na pe nc
00000000`00000000 ??              ???
Resetting default scope

LAST_CONTROL_TRANSFER:  from fffff80002f3f512 to fffff80002ebf380

STACK_TEXT:  
fffff880`0701af68 fffff800`02f3f512 : 00000000`0000001e ffffffff`c0000005 00000000`00000000 00000000`00000008 : nt!KeBugCheckEx
fffff880`0701af70 fffff800`02ebea02 : fffff880`0701b748 fffffa80`c0000120 fffff880`0701b7f0 00000000`00000000 : nt! ?? ::FNODOBFM::`string'+0x40e2d
fffff880`0701b610 fffff800`02ebd57a : 00000000`00000008 00000000`00000000 00000000`00000200 fffffa80`c0000120 : nt!KiExceptionDispatch+0xc2
fffff880`0701b7f0 00000000`00000000 : 00000000`00000000 00000000`00000000 fffff880`0507cf00 fffffa80`08239bb8 : nt!KiPageFault+0x23a


STACK_COMMAND:  kb

FOLLOWUP_IP: 
nt! ?? ::FNODOBFM::`string'+40e2d
fffff800`02f3f512 cc              int     3

SYMBOL_STACK_INDEX:  1

SYMBOL_NAME:  nt! ?? ::FNODOBFM::`string'+40e2d

FOLLOWUP_NAME:  MachineOwner

MODULE_NAME: nt

IMAGE_NAME:  ntklmp.exe

DEBUG_FLR_IMAGE_TIMESTAMP:  56eb24e6

FAILURE_BUCKET_ID:  X64_0x1e_c0000005_nt!_??_::FNODOBFM::_string_+40e2d

BUCKET_ID:  X64_0x1e_c0000005_nt!_??_::FNODOBFM::_string_+40e2d

Followup: MachineOwner
---------

The BSOD happends always at the same operation: the smartcard hash computation, but it is not systematic bacause it can work for many computation before crashing and sometimes it works for some days without errors.

I tried to read about last Windows update of that machine done few days before the first crash: KB2952664, KB3137061, KB3138901, KB3142042, KB3145739, KB3146706, KB3146963, KB3147071, KB3148198, KB3148851, KB3149090 but nothing seems to be connected to smartcard, I also tried to uninstall them without luck.

After few days another POS computer started to have the same problem with the same error. That was a system with another computer hardware but with the same smartcard, smartcard reader and thermal recepit printer. I underline that those systems well worked for many times and the only recent change I could think of are windows updates.

At the end I solved upgrading O.S. from Windows 7 to Windows 10, but this is not really a solution!

Can you tell me how to read that dump details? Is there any information I'm not considering?

Recent Questions...