我们得到了一个随机停止的框IRQL_NOT_LESS_OR_EQUAL。我们得到了一个完整的内存转储。
这显然与网络有关。我该如何深入研究这个问题以找出确切的罪魁祸首(如果可能的话)?
几个月前,系统从 Windows Embedded Standard 7 升级到 Windows 10 IoT LTSC 2019。升级之前,它运行良好。
0: kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
IRQL_NOT_LESS_OR_EQUAL (a)
An attempt was made to access a pageable (or completely invalid) address at an
interrupt request level (IRQL) that is too high. This is usually
caused by drivers using improper addresses.
If a kernel debugger is available get the stack backtrace.
Arguments:
Arg1: 00000020, memory referenced
Arg2: 00000002, IRQL
Arg3: 00000002, bitfield :
bit 0 : value 0 = read operation, 1 = write operation
bit 3 : value 0 = not an execute operation, 1 = execute operation (only on chips which support this level of status)
Arg4: e1ab478f, address which referenced memory
Debugging Details:
------------------
VirtualToOffset: dab02a04 not properly sign extended
VirtualToOffset: dab0274c not properly sign extended
KEY_VALUES_STRING: 1
Key : Analysis.CPU.mSec
Value: 2124
Key : Analysis.DebugAnalysisManager
Value: Create
Key : Analysis.Elapsed.mSec
Value: 10624
Key : Analysis.Init.CPU.mSec
Value: 2546
Key : Analysis.Init.Elapsed.mSec
Value: 29492
Key : Analysis.Memory.CommitPeak.Mb
Value: 86
Key : WER.OS.Branch
Value: rs5_release
Key : WER.OS.Timestamp
Value: 2018-09-14T14:34:00Z
Key : WER.OS.Version
Value: 10.0.17763.1
BUGCHECK_CODE: a
BUGCHECK_P1: 20
BUGCHECK_P2: 2
BUGCHECK_P3: 2
BUGCHECK_P4: ffffffffe1ab478f
READ_ADDRESS: 00000020
BLACKBOXBSD: 1 (!blackboxbsd)
BLACKBOXPNP: 1 (!blackboxpnp)
PROCESS_NAME: svchost.exe
DPC_STACK_BASE: FFFFFFFFE363A000
TRAP_FRAME: e3639d7c -- (.trap 0xffffffffe3639d7c)
ErrCode = 00000002
eax=40c6fc26 ebx=f6996710 ecx=00000000 edx=0001e553 esi=e3639f30 edi=e0ec4300
eip=e1ab478f esp=e3639df0 ebp=e3639eb0 iopl=0 nv up ei ng nz ac pe cy
cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00010297
nt!KiExecuteAllDpcs+0x24f:
e1ab478f 894120 mov dword ptr [ecx+20h],eax ds:0023:00000020=????????
Resetting default scope
STACK_TEXT:
e3639cd0 e1b8d4d5 0000000a 00000020 00000002 nt!KiBugCheck2
<Intermediate frames may have been skipped due to lack of complete unwind>
e3639cd0 e1ab478f (T) 0000000a 00000020 00000002 nt!KiTrap0E+0x3a5
<Intermediate frames may have been skipped due to lack of complete unwind>
e3639eb0 e1ab3fef (T) e3639f18 00000000 00000001 nt!KiExecuteAllDpcs+0x24f
e3639ff4 e1b8e97e ed2f38cc 00000000 00000000 nt!KiRetireDpcList+0x10f
ed2f38f0 d03a0baa b56344b2 cbfe93d0 ed2f3b70 nt!KiDispatchInterrupt+0x2e
ed2f3940 d038b222 cbfe93d0 00012087 cbfe9301 afd!AfdEventSelect+0x13a
ed2f3ae8 e1dd9b69 cbfe9301 00000001 035fec54 afd!AfdFastIoDeviceControl+0x2e2
ed2f3bb8 e1dd993a 00000000 00000000 035fec68 nt!IopXxxControlFile+0x229
ed2f3be4 e1b873ab 00000f58 00000c58 00000000 nt!NtDeviceIoControlFile+0x2a
<Intermediate frames may have been skipped due to lack of complete unwind>
ed2f3be4 77ed0c80 (T) 00000f58 00000c58 00000000 nt!KiSystemServicePostCall
<Intermediate frames may have been skipped due to lack of complete unwind>
035fec14 77ecf47a (T) 740e2362 00000f58 00000c58 ntdll!KiFastSystemCallRet
035fec18 740e2362 00000f58 00000c58 00000000 ntdll!NtDeviceIoControlFile+0xa
035fec84 75cc008d 00000f58 00000f08 00000001 mswsock!WSPEventSelect+0x1d2
035fecb8 706cd103 00000f58 00000f08 00000001 WS2_32!WSAEventSelect+0xdd
035fee20 706ccf43 00003e68 00000000 0000000d dhcpcore!AsyncSelect+0x71
035fee64 706ccdbb 026b8370 035ff2d4 035fee98 dhcpcore!TryReceive+0x63
035feea8 706cc72a 026b7b98 035fef78 035ff2d4 dhcpcore!ProcessRecvFromSocket+0xa8
035feef8 706cb4c6 cfd3d0fc 00007ce8 035fef78 dhcpcore!GetSpecifiedDhcpMessageEx+0x40
035fef50 706ef052 cfd3d0fc 00007ce8 035fef78 dhcpcore!GetSpecifiedDhcpMessage+0x51
035ff2a0 706f1371 00000006 00000000 00000000 dhcpcore!DhcpInitState+0x35f
035ff4c0 706f1c0d 035ff4ec 035ff4e4 706f1810 dhcpcore!ObtainInitialParameters+0x1ee
035ff708 706e433e 026b7b98 00000000 706d7be0 dhcpcore!ReObtainInitialParameters+0x3fd
035ff818 77dbe2f9 026b7b98 77dbe2e0 035ff884 dhcpcore!DhcpRenewThread+0xc75e
035ff828 77ea27c7 026b7b98 e1039e85 00000000 KERNEL32!BaseThreadInitThunk+0x19
035ff884 77ea279b ffffffff 77ee2d8d 00000000 ntdll!__RtlUserThreadStart+0x2b
035ff894 00000000 706d7be0 026b7b98 00000000 ntdll!_RtlUserThreadStart+0x1b
SYMBOL_NAME: afd!AfdEventSelect+13a
MODULE_NAME: afd
IMAGE_NAME: afd.sys
STACK_COMMAND: .thread ; .cxr ; kb
BUCKET_ID_FUNC_OFFSET: 13a
FAILURE_BUCKET_ID: AV_CODE_AV_afd!AfdEventSelect
OS_VERSION: 10.0.17763.1
BUILDLAB_STR: rs5_release
OSPLATFORM_TYPE: x86
OSNAME: Windows 10
FAILURE_ID_HASH: {72329ad8-c7ee-3513-6ecb-5e0916af74c8}
Followup: MachineOwner
---------