Windows 10 BSOD NDIS.sys

Windows 10 BSOD NDIS.sys

我正在排除 Windows 10 BSOD 问题,我在 windbg 上打开了 memory.dmp 文件并运行了 analyze 命令。以下是输出。您能否告诉我还需要运行哪些其他命令才能锁定触发 BSOD 的故障组件?

*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck A, {0, 2, 0, fffff803b9d36848}

Probably caused by : ndis.sys ( ndis!ndisMQueuedFinishClose+fcf4 )

Followup:     MachineOwner
---------

3: kd> !analyze -v
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

IRQL_NOT_LESS_OR_EQUAL (a)
An attempt was made to access a pageable (or completely invalid) address at an
interrupt request level (IRQL) that is too high.  This is usually
caused by drivers using improper addresses.
If a kernel debugger is available get the stack backtrace.
Arguments:
Arg1: 0000000000000000, memory referenced
Arg2: 0000000000000002, IRQL
Arg3: 0000000000000000, bitfield :
    bit 0 : value 0 = read operation, 1 = write operation
    bit 3 : value 0 = not an execute operation, 1 = execute operation (only on chips which support this level of status)
Arg4: fffff803b9d36848, address which referenced memory

Debugging Details:
------------------


KEY_VALUES_STRING: 1


TIMELINE_ANALYSIS: 1


DUMP_CLASS: 1

DUMP_QUALIFIER: 401

BUILD_VERSION_STRING:  15063.0.amd64fre.rs2_release.170317-1834

SYSTEM_MANUFACTURER:  HP

SYSTEM_PRODUCT_NAME:  HP EliteBook 745 G4

SYSTEM_SKU:  2ML48EP#ABU

BIOS_VENDOR:  HP

BIOS_VERSION:  P81 Ver. 01.12

BIOS_DATE:  03/23/2018

BASEBOARD_MANUFACTURER:  HP

BASEBOARD_PRODUCT:  8236

BASEBOARD_VERSION:  KBC Version 38.3A

DUMP_TYPE:  1

BUGCHECK_P1: 0

BUGCHECK_P2: 2

BUGCHECK_P3: 0

BUGCHECK_P4: fffff803b9d36848

READ_ADDRESS:  0000000000000000 

CURRENT_IRQL:  2

FAULTING_IP: 
nt!KeSetEvent+148
fffff803`b9d36848 488b00          mov     rax,qword ptr [rax]

CPU_COUNT: 4

CPU_MHZ: 95c

CPU_VENDOR:  AuthenticAMD

CPU_FAMILY: 15

CPU_MODEL: 65

CPU_STEPPING: 1

BLACKBOXBSD: 1 (!blackboxbsd)


DEFAULT_BUCKET_ID:  WIN8_DRIVER_FAULT

BUGCHECK_STR:  AV

PROCESS_NAME:  System

ANALYSIS_SESSION_HOST:  V-IS99008

ANALYSIS_SESSION_TIME:  06-08-2018 14:06:30.0464

ANALYSIS_VERSION: 10.0.17134.12 amd64fre

TRAP_FRAME:  ffffc4010c3d3990 -- (.trap 0xffffc4010c3d3990)
NOTE: The trap frame does not contain all registers.
Some register values may be zeroed or incorrect.
rax=0000000000000000 rbx=0000000000000000 rcx=ffffd786c6a984b8
rdx=0000000000000000 rsi=0000000000000000 rdi=0000000000000000
rip=fffff803b9d36848 rsp=ffffc4010c3d3b20 rbp=0000000000000000
 r8=0000000000000000  r9=0000000000000000 r10=ffffc4010bde0180
r11=ffffc4010c3d3b70 r12=0000000000000000 r13=0000000000000000
r14=0000000000000000 r15=0000000000000000
iopl=0         nv up ei pl nz na pe cy
nt!KeSetEvent+0x148:
fffff803`b9d36848 488b00          mov     rax,qword ptr [rax] ds:00000000`00000000=????????????????
Resetting default scope

LAST_CONTROL_TRANSFER:  from fffff803b9e24469 to fffff803b9e11c50

STACK_TEXT:  
ffffc401`0c3d3848 fffff803`b9e24469 : 00000000`0000000a 00000000`00000000 00000000`00000002 00000000`00000000 : nt!KeBugCheckEx
ffffc401`0c3d3850 fffff803`b9e20b19 : 00000000`00000000 ffffd786`ca2e6220 ffffd786`406a0088 00000000`00000000 : nt!KiBugCheckDispatch+0x69
ffffc401`0c3d3990 fffff803`b9d36848 : ffffd786`c6a984b8 ffffc401`0bde0180 b38bb90f`832884bc ffffffff`00000000 : nt!KiPageFault+0x519
ffffc401`0c3d3b20 fffff800`0604ec54 : ffffd786`cac63580 ffffd786`c7fec1a0 fffff800`06013b18 00000000`00000001 : nt!KeSetEvent+0x148
ffffc401`0c3d3bb0 fffff800`05f9e163 : ffffd786`cac636d8 00000000`00000080 fffff800`06013b18 ffffd786`cac636d8 : ndis!ndisMQueuedFinishClose+0xfcf4
ffffc401`0c3d3be0 fffff803`b9ca9e67 : ffffd786`c7533040 fffff800`05f9e0b0 00000000`003cd6cf ffffd786`c7533040 : ndis!ndisWorkerThread+0xb3
ffffc401`0c3d3c10 fffff803`b9e19306 : fffff803`b751b180 ffffd786`c7533040 fffff803`b9ca9e20 00000000`00000000 : nt!PspSystemThreadStartup+0x47
ffffc401`0c3d3c60 00000000`00000000 : ffffc401`0c3d4000 ffffc401`0c3ce000 00000000`00000000 00000000`00000000 : nt!KiStartSystemThread+0x16


THREAD_SHA1_HASH_MOD_FUNC:  acbcdb67ce271c2dd8688f7e4e670fc8d9360cbd

THREAD_SHA1_HASH_MOD_FUNC_OFFSET:  6631f25f3ed555514b4db19fd7146ea5fcf4ec6a

THREAD_SHA1_HASH_MOD:  5ee4fabcad46869b59358bb90170cb3afb106988

FOLLOWUP_IP: 
ndis!ndisMQueuedFinishClose+fcf4
fffff800`0604ec54 90              nop

FAULT_INSTR_CODE:  344e990

SYMBOL_STACK_INDEX:  4

SYMBOL_NAME:  ndis!ndisMQueuedFinishClose+fcf4

FOLLOWUP_NAME:  MachineOwner

MODULE_NAME: ndis

IMAGE_NAME:  ndis.sys

DEBUG_FLR_IMAGE_TIMESTAMP:  0

STACK_COMMAND:  .thread ; .cxr ; kb

BUCKET_ID_FUNC_OFFSET:  fcf4

FAILURE_BUCKET_ID:  AV_ndis!ndisMQueuedFinishClose

BUCKET_ID:  AV_ndis!ndisMQueuedFinishClose

PRIMARY_PROBLEM_CLASS:  AV_ndis!ndisMQueuedFinishClose

TARGET_TIME:  2018-06-08T12:29:55.000Z

OSBUILD:  15063

OSSERVICEPACK:  850

SERVICEPACK_NUMBER: 0

OS_REVISION: 0

SUITE_MASK:  272

PRODUCT_TYPE:  1

OSPLATFORM_TYPE:  x64

OSNAME:  Windows 10

OSEDITION:  Windows 10 WinNt TerminalServer SingleUserTS

OS_LOCALE:  

USER_LCID:  0

OSBUILD_TIMESTAMP:  2018-01-01 01:25:45

BUILDDATESTAMP_STR:  170317-1834

BUILDLAB_STR:  rs2_release

BUILDOSVER_STR:  10.0.15063.0.amd64fre.rs2_release.170317-1834

ANALYSIS_SESSION_ELAPSED_TIME:  f19

ANALYSIS_SOURCE:  KM

FAILURE_ID_HASH_STRING:  km:av_ndis!ndismqueuedfinishclose

FAILURE_ID_HASH:  {85234de8-b4f2-5d39-3723-921a48410bd9}

Followup:     MachineOwner
---------

相关内容