帮忙分析下dump文件

mdcire 2016-12-07 06:43:03
使用ndis6.0的lwf驱动,在某一台机器(Win7 32位)上运行一段时间后就会蓝屏,出现了好几次,高手帮忙分析下dump文件吧,万分感谢。
0: kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************

DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1)
An attempt was made to access a pageable (or completely invalid) address at an
interrupt request level (IRQL) that is too high. This is usually
caused by drivers using improper addresses.
If kernel debugger is available get stack backtrace.
Arguments:
Arg1: c8000000, memory referenced
Arg2: 00000002, IRQL
Arg3: 00000001, value 0 = read operation, 1 = write operation
Arg4: 95a97bf8, address which referenced memory

Debugging Details:
------------------


DUMP_CLASS: 1

DUMP_QUALIFIER: 400

BUILD_VERSION_STRING: 7601.23572.x86fre.win7sp1_ldr.161011-0600

SYSTEM_MANUFACTURER: Dell Inc.

SYSTEM_PRODUCT_NAME: OptiPlex 380

BIOS_VENDOR: Dell Inc.

BIOS_VERSION: A07

BIOS_DATE: 06/13/2012

BASEBOARD_MANUFACTURER: Dell Inc.

BASEBOARD_PRODUCT: 0HN7XN

BASEBOARD_VERSION: A01

DUMP_TYPE: 2

BUGCHECK_P1: ffffffffc8000000

BUGCHECK_P2: 2

BUGCHECK_P3: 1

BUGCHECK_P4: ffffffff95a97bf8

WRITE_ADDRESS: GetPointerFromAddress: unable to read from 85fbc850
Unable to get MmSystemRangeStart
c8000000

CURRENT_IRQL: 2

FAULTING_IP:
ndislwf+4bf8
95a97bf8 8907 mov dword ptr [edi],eax

CPU_COUNT: 2

CPU_MHZ: bb0

CPU_VENDOR: GenuineIntel

CPU_FAMILY: 6

CPU_MODEL: 17

CPU_STEPPING: a

CPU_MICROCODE: 6,17,a,0 (F,M,S,R) SIG: A0B'00000000 (cache) A0B'00000000 (init)

CUSTOMER_CRASH_COUNT: 1

DEFAULT_BUCKET_ID: WIN7_DRIVER_FAULT

BUGCHECK_STR: 0xD1

PROCESS_NAME: NTSC.exe

ANALYSIS_SESSION_HOST: DUMING-PC

ANALYSIS_SESSION_TIME: 12-07-2016 18:29:53.0120

ANALYSIS_VERSION: 10.0.10586.567 amd64fre

TRAP_FRAME: 8dd4ae94 -- (.trap 0xffffffff8dd4ae94)
ErrCode = 00000002
eax=fbcb4000 ebx=c7f61035 ecx=00000004 edx=c7fcd779 esi=0000b028 edi=c8000000
eip=95a97bf8 esp=8dd4af08 ebp=8dd4af14 iopl=0 nv up ei pl nz na pe nc
cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00010206
ndislwf+0x4bf8:
95a97bf8 8907 mov dword ptr [edi],eax ds:0023:c8000000=????????
Resetting default scope

LAST_CONTROL_TRANSFER: from 95a97bf8 to 85e9006f

STACK_TEXT:
8dd4ae94 95a97bf8 badb0d00 c7fcd779 000001ff nt!KiTrap0E+0x1b3
WARNING: Stack unwind information not available. Following frames may be wrong.
8dd4af14 95a97a80 c7f61008 0000002d c7f94008 ndislwf+0x4bf8
8dd4af44 95a9d6b2 c7f61008 00000800 8dd4af98 ndislwf+0x4a80
8dd4af9c 95a9c09f 89ad1620 006835a0 c96811f8 ndislwf+0xa6b2
8dd4afec 8bd1be94 c96811f8 c96835a0 00000000 ndislwf+0x909f
8dd4b038 8bd195fe 027b40e0 8dd4b058 00000001 ndis!ndisMIndicatePacketsToNetBufferLists+0xea
8dd4b060 8bd1a467 897b40e0 004b6ae4 c7e43c00 ndis!ndisMLoopbackPacketX+0xfe
8dd4b088 8bd1a32a 8dd4b0a8 8dd4b0a8 00000000 ndis!ndisMSendPacketsXToMiniport+0xa4
8dd4b0f0 8bcb24ef 897b40e0 c7e43c18 00000000 ndis!ndisMSendNetBufferListsToPackets+0x84
8dd4b110 8bcb245f c7e43c18 c7e43c18 00000000 ndis!ndisFilterSendNetBufferLists+0x87
8dd4b128 95a9dbe8 89ad1008 c7e43c18 00000000 ndis!NdisFSendNetBufferLists+0x38
8dd4b144 95a9ba06 89ad1008 c7e43c18 00000000 ndislwf+0xabe8
8dd4b17c 8bcb24ef 00000000 8a63f288 00000000 ndislwf+0x8a06
8dd4b19c 8bcb245f 8a63f288 8a63f288 00000000 ndis!ndisFilterSendNetBufferLists+0x87
8dd4b1b4 95a68c20 89ad2c48 8a63f288 00000000 ndis!NdisFSendNetBufferLists+0x38
8dd4b230 8bcb262f 89ad2a20 8a63f288 00000000 pacer!PcFilterSendNetBufferLists+0x256
8dd4b25c 8bd16bad 897b40e0 8a63f288 00000000 ndis!ndisSendNBLToFilter+0xf2
8dd4b28c 8be8b77b 89ad5008 8a63f288 00000000 ndis!NdisSendNetBufferLists+0x162
8dd4b2d8 8beae1f4 89ad3950 00000000 00000000 tcpip!FlSendPackets+0x416
8dd4b32c 8bead280 8bf11ec0 00000000 00000000 tcpip!IppFragmentPackets+0x2e2
8dd4b364 8be8a853 8bf11ec0 88a19d54 88a19df0 tcpip!IppDispatchSendPacketHelper+0x266
8dd4b404 8be8b33e 00a19d54 00000000 c9715008 tcpip!IppPacketizeDatagrams+0x8d6
8dd4b484 8be88438 00000000 00000004 8bf11ec0 tcpip!IppSendDatagramsCommon+0x67f
8dd4b4a4 8be90d37 88a0d100 8dd4b530 00000000 tcpip!IpNlpSendDatagrams+0x4b
8dd4b680 8be88af0 00000000 00000000 8a45f4a8 tcpip!UdpSendMessagesOnPathCreation+0x7c0
8dd4b784 8be88c9c 88a0d130 00d4b874 00000000 tcpip!UdpSendMessages+0x595
8dd4b798 85ed8be5 8dd4b828 a53d2e09 00000000 tcpip!UdpTlProviderSendMessagesCalloutRoutine+0x13
8dd4b800 8be90e74 8be88c89 8dd4b828 00000000 nt!KeExpandKernelStackAndCalloutEx+0x132
8dd4b840 929819c2 8a45f4a8 8dd4b874 c9645008 tcpip!UdpTlProviderSendMessages+0x67
8dd4b858 929a127f ca574800 8dd4b874 ca574800 afd!AfdTLSendMessages+0x27
8dd4b8b0 929a18e2 ca574800 c9645008 1f4db92c afd!AfdTLFastDgramSend+0x7d
8dd4b920 929913e1 ca574800 8dd4b9dc 00000008 afd!AfdFastDatagramSend+0x5d3
8dd4ba98 956dc13d c9f45301 00000001 0016ee60 afd!AfdFastIoDeviceControl+0x3dc
8dd4bb40 860816dd c9f453b8 00000001 0016ee60 360AntiHacker+0x413d
8dd4bc08 860c8ab0 00000f94 000003cc 00000000 nt!IopXxxControlFile+0x3ef
8dd4bc74 85e1dba9 00010022 89e19400 8dd4bcc4 nt!NtDeviceIoControlFile+0x2a
8dd4bd04 85e8cdb6 00000f94 000003cc 00000000 hal!KfLowerIrql+0x61
8dd4bd04 77a66c74 00000f94 000003cc 00000000 nt!KiSystemServicePostCall
0016ef1c 00000000 00000000 00000000 00000000 0x77a66c74


STACK_COMMAND: kb

THREAD_SHA1_HASH_MOD_FUNC: 9a53d370306b2230f89e27abadb5d71b90433cca

THREAD_SHA1_HASH_MOD_FUNC_OFFSET: 7ec25259ab6f0a9bfc0301a2ed7b5ee41c3e806c

THREAD_SHA1_HASH_MOD: a22634f0cf372b6554fe11a3bc36415697e105a9

FOLLOWUP_IP:
ndislwf+4bf8
95a97bf8 8907 mov dword ptr [edi],eax

FAULT_INSTR_CODE: d1030789

SYMBOL_STACK_INDEX: 1

SYMBOL_NAME: ndislwf+4bf8

FOLLOWUP_NAME: MachineOwner

MODULE_NAME: ndislwf

IMAGE_NAME: ndislwf.sys

DEBUG_FLR_IMAGE_TIMESTAMP: 58354701

FAILURE_BUCKET_ID: 0xD1_ndislwf+4bf8

BUCKET_ID: 0xD1_ndislwf+4bf8

PRIMARY_PROBLEM_CLASS: 0xD1_ndislwf+4bf8

TARGET_TIME: 2016-12-07T08:28:34.000Z

OSBUILD: 7601

OSSERVICEPACK: 1000

SERVICEPACK_NUMBER: 0

OS_REVISION: 0

SUITE_MASK: 272

PRODUCT_TYPE: 1

OSPLATFORM_TYPE: x86

OSNAME: Windows 7

OSEDITION: Windows 7 WinNt (Service Pack 1) TerminalServer SingleUserTS

OS_LOCALE:

USER_LCID: 0

OSBUILD_TIMESTAMP: 2016-10-11 22:52:36

BUILDDATESTAMP_STR: 161011-0600

BUILDLAB_STR: win7sp1_ldr

BUILDOSVER_STR: 6.1.7601.23572.x86fre.win7sp1_ldr.161011-0600

ANALYSIS_SESSION_ELAPSED_TIME: 8a7

ANALYSIS_SOURCE: KM

FAILURE_ID_HASH_STRING: km:0xd1_ndislwf+4bf8

FAILURE_ID_HASH: {595d8d66-f9cc-c58e-a528-5714bca43127}

Followup: MachineOwner
...全文
515 回复 打赏 收藏 转发到动态 举报
写回复
用AI写文章
回复
切换为时间正序
请发表友善的回复…
发表回复

21,595

社区成员

发帖
与我相关
我的任务
社区描述
硬件/嵌入开发 驱动开发/核心开发
社区管理员
  • 驱动开发/核心开发社区
加入社区
  • 近7日
  • 近30日
  • 至今
社区公告
暂无公告

试试用AI创作助手写篇文章吧