我正在排除 Windows 10 BSOD 问题,我在 windbg 上打开了 memory.dmp 文件并运行了 analyze 命令。以下是输出。您能否告诉我还需要运行哪些其他命令才能锁定触发 BSOD 的故障组件?
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
Use !analyze -v to get detailed debugging information.
BugCheck A, {0, 2, 0, fffff803b9d36848}
Probably caused by : ndis.sys ( ndis!ndisMQueuedFinishClose+fcf4 )
Followup: MachineOwner
---------
3: kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
IRQL_NOT_LESS_OR_EQUAL (a)
An attempt was made to access a pageable (or completely invalid) address at an
interrupt request level (IRQL) that is too high. This is usually
caused by drivers using improper addresses.
If a kernel debugger is available get the stack backtrace.
Arguments:
Arg1: 0000000000000000, memory referenced
Arg2: 0000000000000002, IRQL
Arg3: 0000000000000000, bitfield :
bit 0 : value 0 = read operation, 1 = write operation
bit 3 : value 0 = not an execute operation, 1 = execute operation (only on chips which support this level of status)
Arg4: fffff803b9d36848, address which referenced memory
Debugging Details:
------------------
KEY_VALUES_STRING: 1
TIMELINE_ANALYSIS: 1
DUMP_CLASS: 1
DUMP_QUALIFIER: 401
BUILD_VERSION_STRING: 15063.0.amd64fre.rs2_release.170317-1834
SYSTEM_MANUFACTURER: HP
SYSTEM_PRODUCT_NAME: HP EliteBook 745 G4
SYSTEM_SKU: 2ML48EP#ABU
BIOS_VENDOR: HP
BIOS_VERSION: P81 Ver. 01.12
BIOS_DATE: 03/23/2018
BASEBOARD_MANUFACTURER: HP
BASEBOARD_PRODUCT: 8236
BASEBOARD_VERSION: KBC Version 38.3A
DUMP_TYPE: 1
BUGCHECK_P1: 0
BUGCHECK_P2: 2
BUGCHECK_P3: 0
BUGCHECK_P4: fffff803b9d36848
READ_ADDRESS: 0000000000000000
CURRENT_IRQL: 2
FAULTING_IP:
nt!KeSetEvent+148
fffff803`b9d36848 488b00 mov rax,qword ptr [rax]
CPU_COUNT: 4
CPU_MHZ: 95c
CPU_VENDOR: AuthenticAMD
CPU_FAMILY: 15
CPU_MODEL: 65
CPU_STEPPING: 1
BLACKBOXBSD: 1 (!blackboxbsd)
DEFAULT_BUCKET_ID: WIN8_DRIVER_FAULT
BUGCHECK_STR: AV
PROCESS_NAME: System
ANALYSIS_SESSION_HOST: V-IS99008
ANALYSIS_SESSION_TIME: 06-08-2018 14:06:30.0464
ANALYSIS_VERSION: 10.0.17134.12 amd64fre
TRAP_FRAME: ffffc4010c3d3990 -- (.trap 0xffffc4010c3d3990)
NOTE: The trap frame does not contain all registers.
Some register values may be zeroed or incorrect.
rax=0000000000000000 rbx=0000000000000000 rcx=ffffd786c6a984b8
rdx=0000000000000000 rsi=0000000000000000 rdi=0000000000000000
rip=fffff803b9d36848 rsp=ffffc4010c3d3b20 rbp=0000000000000000
r8=0000000000000000 r9=0000000000000000 r10=ffffc4010bde0180
r11=ffffc4010c3d3b70 r12=0000000000000000 r13=0000000000000000
r14=0000000000000000 r15=0000000000000000
iopl=0 nv up ei pl nz na pe cy
nt!KeSetEvent+0x148:
fffff803`b9d36848 488b00 mov rax,qword ptr [rax] ds:00000000`00000000=????????????????
Resetting default scope
LAST_CONTROL_TRANSFER: from fffff803b9e24469 to fffff803b9e11c50
STACK_TEXT:
ffffc401`0c3d3848 fffff803`b9e24469 : 00000000`0000000a 00000000`00000000 00000000`00000002 00000000`00000000 : nt!KeBugCheckEx
ffffc401`0c3d3850 fffff803`b9e20b19 : 00000000`00000000 ffffd786`ca2e6220 ffffd786`406a0088 00000000`00000000 : nt!KiBugCheckDispatch+0x69
ffffc401`0c3d3990 fffff803`b9d36848 : ffffd786`c6a984b8 ffffc401`0bde0180 b38bb90f`832884bc ffffffff`00000000 : nt!KiPageFault+0x519
ffffc401`0c3d3b20 fffff800`0604ec54 : ffffd786`cac63580 ffffd786`c7fec1a0 fffff800`06013b18 00000000`00000001 : nt!KeSetEvent+0x148
ffffc401`0c3d3bb0 fffff800`05f9e163 : ffffd786`cac636d8 00000000`00000080 fffff800`06013b18 ffffd786`cac636d8 : ndis!ndisMQueuedFinishClose+0xfcf4
ffffc401`0c3d3be0 fffff803`b9ca9e67 : ffffd786`c7533040 fffff800`05f9e0b0 00000000`003cd6cf ffffd786`c7533040 : ndis!ndisWorkerThread+0xb3
ffffc401`0c3d3c10 fffff803`b9e19306 : fffff803`b751b180 ffffd786`c7533040 fffff803`b9ca9e20 00000000`00000000 : nt!PspSystemThreadStartup+0x47
ffffc401`0c3d3c60 00000000`00000000 : ffffc401`0c3d4000 ffffc401`0c3ce000 00000000`00000000 00000000`00000000 : nt!KiStartSystemThread+0x16
THREAD_SHA1_HASH_MOD_FUNC: acbcdb67ce271c2dd8688f7e4e670fc8d9360cbd
THREAD_SHA1_HASH_MOD_FUNC_OFFSET: 6631f25f3ed555514b4db19fd7146ea5fcf4ec6a
THREAD_SHA1_HASH_MOD: 5ee4fabcad46869b59358bb90170cb3afb106988
FOLLOWUP_IP:
ndis!ndisMQueuedFinishClose+fcf4
fffff800`0604ec54 90 nop
FAULT_INSTR_CODE: 344e990
SYMBOL_STACK_INDEX: 4
SYMBOL_NAME: ndis!ndisMQueuedFinishClose+fcf4
FOLLOWUP_NAME: MachineOwner
MODULE_NAME: ndis
IMAGE_NAME: ndis.sys
DEBUG_FLR_IMAGE_TIMESTAMP: 0
STACK_COMMAND: .thread ; .cxr ; kb
BUCKET_ID_FUNC_OFFSET: fcf4
FAILURE_BUCKET_ID: AV_ndis!ndisMQueuedFinishClose
BUCKET_ID: AV_ndis!ndisMQueuedFinishClose
PRIMARY_PROBLEM_CLASS: AV_ndis!ndisMQueuedFinishClose
TARGET_TIME: 2018-06-08T12:29:55.000Z
OSBUILD: 15063
OSSERVICEPACK: 850
SERVICEPACK_NUMBER: 0
OS_REVISION: 0
SUITE_MASK: 272
PRODUCT_TYPE: 1
OSPLATFORM_TYPE: x64
OSNAME: Windows 10
OSEDITION: Windows 10 WinNt TerminalServer SingleUserTS
OS_LOCALE:
USER_LCID: 0
OSBUILD_TIMESTAMP: 2018-01-01 01:25:45
BUILDDATESTAMP_STR: 170317-1834
BUILDLAB_STR: rs2_release
BUILDOSVER_STR: 10.0.15063.0.amd64fre.rs2_release.170317-1834
ANALYSIS_SESSION_ELAPSED_TIME: f19
ANALYSIS_SOURCE: KM
FAILURE_ID_HASH_STRING: km:av_ndis!ndismqueuedfinishclose
FAILURE_ID_HASH: {85234de8-b4f2-5d39-3723-921a48410bd9}
Followup: MachineOwner
---------