Ich behebe ein BSOD-Problem unter Windows 10 und habe die Datei memory.dmp auf windbg geöffnet und den Befehl analyze ausgeführt. Unten sehen Sie die Ausgabe. Können Sie mir sagen, welchen anderen Befehl ich ausführen muss, um die fehlerhafte Komponente zu ermitteln, die den BSOD auslöst?
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
Use !analyze -v to get detailed debugging information.
BugCheck A, {0, 2, 0, fffff803b9d36848}
Probably caused by : ndis.sys ( ndis!ndisMQueuedFinishClose+fcf4 )
Followup: MachineOwner
---------
3: kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
IRQL_NOT_LESS_OR_EQUAL (a)
An attempt was made to access a pageable (or completely invalid) address at an
interrupt request level (IRQL) that is too high. This is usually
caused by drivers using improper addresses.
If a kernel debugger is available get the stack backtrace.
Arguments:
Arg1: 0000000000000000, memory referenced
Arg2: 0000000000000002, IRQL
Arg3: 0000000000000000, bitfield :
bit 0 : value 0 = read operation, 1 = write operation
bit 3 : value 0 = not an execute operation, 1 = execute operation (only on chips which support this level of status)
Arg4: fffff803b9d36848, address which referenced memory
Debugging Details:
------------------
KEY_VALUES_STRING: 1
TIMELINE_ANALYSIS: 1
DUMP_CLASS: 1
DUMP_QUALIFIER: 401
BUILD_VERSION_STRING: 15063.0.amd64fre.rs2_release.170317-1834
SYSTEM_MANUFACTURER: HP
SYSTEM_PRODUCT_NAME: HP EliteBook 745 G4
SYSTEM_SKU: 2ML48EP#ABU
BIOS_VENDOR: HP
BIOS_VERSION: P81 Ver. 01.12
BIOS_DATE: 03/23/2018
BASEBOARD_MANUFACTURER: HP
BASEBOARD_PRODUCT: 8236
BASEBOARD_VERSION: KBC Version 38.3A
DUMP_TYPE: 1
BUGCHECK_P1: 0
BUGCHECK_P2: 2
BUGCHECK_P3: 0
BUGCHECK_P4: fffff803b9d36848
READ_ADDRESS: 0000000000000000
CURRENT_IRQL: 2
FAULTING_IP:
nt!KeSetEvent+148
fffff803`b9d36848 488b00 mov rax,qword ptr [rax]
CPU_COUNT: 4
CPU_MHZ: 95c
CPU_VENDOR: AuthenticAMD
CPU_FAMILY: 15
CPU_MODEL: 65
CPU_STEPPING: 1
BLACKBOXBSD: 1 (!blackboxbsd)
DEFAULT_BUCKET_ID: WIN8_DRIVER_FAULT
BUGCHECK_STR: AV
PROCESS_NAME: System
ANALYSIS_SESSION_HOST: V-IS99008
ANALYSIS_SESSION_TIME: 06-08-2018 14:06:30.0464
ANALYSIS_VERSION: 10.0.17134.12 amd64fre
TRAP_FRAME: ffffc4010c3d3990 -- (.trap 0xffffc4010c3d3990)
NOTE: The trap frame does not contain all registers.
Some register values may be zeroed or incorrect.
rax=0000000000000000 rbx=0000000000000000 rcx=ffffd786c6a984b8
rdx=0000000000000000 rsi=0000000000000000 rdi=0000000000000000
rip=fffff803b9d36848 rsp=ffffc4010c3d3b20 rbp=0000000000000000
r8=0000000000000000 r9=0000000000000000 r10=ffffc4010bde0180
r11=ffffc4010c3d3b70 r12=0000000000000000 r13=0000000000000000
r14=0000000000000000 r15=0000000000000000
iopl=0 nv up ei pl nz na pe cy
nt!KeSetEvent+0x148:
fffff803`b9d36848 488b00 mov rax,qword ptr [rax] ds:00000000`00000000=????????????????
Resetting default scope
LAST_CONTROL_TRANSFER: from fffff803b9e24469 to fffff803b9e11c50
STACK_TEXT:
ffffc401`0c3d3848 fffff803`b9e24469 : 00000000`0000000a 00000000`00000000 00000000`00000002 00000000`00000000 : nt!KeBugCheckEx
ffffc401`0c3d3850 fffff803`b9e20b19 : 00000000`00000000 ffffd786`ca2e6220 ffffd786`406a0088 00000000`00000000 : nt!KiBugCheckDispatch+0x69
ffffc401`0c3d3990 fffff803`b9d36848 : ffffd786`c6a984b8 ffffc401`0bde0180 b38bb90f`832884bc ffffffff`00000000 : nt!KiPageFault+0x519
ffffc401`0c3d3b20 fffff800`0604ec54 : ffffd786`cac63580 ffffd786`c7fec1a0 fffff800`06013b18 00000000`00000001 : nt!KeSetEvent+0x148
ffffc401`0c3d3bb0 fffff800`05f9e163 : ffffd786`cac636d8 00000000`00000080 fffff800`06013b18 ffffd786`cac636d8 : ndis!ndisMQueuedFinishClose+0xfcf4
ffffc401`0c3d3be0 fffff803`b9ca9e67 : ffffd786`c7533040 fffff800`05f9e0b0 00000000`003cd6cf ffffd786`c7533040 : ndis!ndisWorkerThread+0xb3
ffffc401`0c3d3c10 fffff803`b9e19306 : fffff803`b751b180 ffffd786`c7533040 fffff803`b9ca9e20 00000000`00000000 : nt!PspSystemThreadStartup+0x47
ffffc401`0c3d3c60 00000000`00000000 : ffffc401`0c3d4000 ffffc401`0c3ce000 00000000`00000000 00000000`00000000 : nt!KiStartSystemThread+0x16
THREAD_SHA1_HASH_MOD_FUNC: acbcdb67ce271c2dd8688f7e4e670fc8d9360cbd
THREAD_SHA1_HASH_MOD_FUNC_OFFSET: 6631f25f3ed555514b4db19fd7146ea5fcf4ec6a
THREAD_SHA1_HASH_MOD: 5ee4fabcad46869b59358bb90170cb3afb106988
FOLLOWUP_IP:
ndis!ndisMQueuedFinishClose+fcf4
fffff800`0604ec54 90 nop
FAULT_INSTR_CODE: 344e990
SYMBOL_STACK_INDEX: 4
SYMBOL_NAME: ndis!ndisMQueuedFinishClose+fcf4
FOLLOWUP_NAME: MachineOwner
MODULE_NAME: ndis
IMAGE_NAME: ndis.sys
DEBUG_FLR_IMAGE_TIMESTAMP: 0
STACK_COMMAND: .thread ; .cxr ; kb
BUCKET_ID_FUNC_OFFSET: fcf4
FAILURE_BUCKET_ID: AV_ndis!ndisMQueuedFinishClose
BUCKET_ID: AV_ndis!ndisMQueuedFinishClose
PRIMARY_PROBLEM_CLASS: AV_ndis!ndisMQueuedFinishClose
TARGET_TIME: 2018-06-08T12:29:55.000Z
OSBUILD: 15063
OSSERVICEPACK: 850
SERVICEPACK_NUMBER: 0
OS_REVISION: 0
SUITE_MASK: 272
PRODUCT_TYPE: 1
OSPLATFORM_TYPE: x64
OSNAME: Windows 10
OSEDITION: Windows 10 WinNt TerminalServer SingleUserTS
OS_LOCALE:
USER_LCID: 0
OSBUILD_TIMESTAMP: 2018-01-01 01:25:45
BUILDDATESTAMP_STR: 170317-1834
BUILDLAB_STR: rs2_release
BUILDOSVER_STR: 10.0.15063.0.amd64fre.rs2_release.170317-1834
ANALYSIS_SESSION_ELAPSED_TIME: f19
ANALYSIS_SOURCE: KM
FAILURE_ID_HASH_STRING: km:av_ndis!ndismqueuedfinishclose
FAILURE_ID_HASH: {85234de8-b4f2-5d39-3723-921a48410bd9}
Followup: MachineOwner
---------