|
初步看到stack信息来看,可能与tdi接口层的第三方软件有关,但是根据dump如下信息,没有思路找出那个驱动导致的,请张老师提供分析思路,谢谢。
Loading User Symbols
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
Use !analyze -v to get detailed debugging information.
BugCheck D1, {dcff5b9c, 2, 0, 96ecdb52}
Probably caused by : tcpip.sys ( tcpip!TcpCompleteClientReceiveRequest+1c )
Followup: MachineOwner
---------
0: kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1)
An attempt was made to access a pageable (or completely invalid) address at an
interrupt request level (IRQL) that is too high. This is usually
caused by drivers using improper addresses.
If kernel debugger is available get stack backtrace.
Arguments:
Arg1: dcff5b9c, memory referenced
Arg2: 00000002, IRQL
Arg3: 00000000, value 0 = read operation, 1 = write operation
Arg4: 96ecdb52, address which referenced memory
Debugging Details:
------------------
READ_ADDRESS: GetPointerFromAddress: unable to read from 81976718
Unable to read MiSystemVaType memory at 81956160
dcff5b9c
CURRENT_IRQL: 2
FAULTING_IP:
+5d262faf02bedb38
96ecdb52 ?? ???
CUSTOMER_CRASH_COUNT: 1
DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT
BUGCHECK_STR: 0xD1
TRAP_FRAME: bc5cb2fc -- (.trap 0xffffffffbc5cb2fc)
ErrCode = 00000000
eax=dce0100c ebx=818b23dc ecx=00000013 edx=00000c10 esi=001f4980 edi=00000212
eip=96ecdb52 esp=bc5cb370 ebp=00000013 iopl=0 nv up ei ng nz na po nc
cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00010282
96ecdb52 ?? ???
Resetting default scope
LAST_CONTROL_TRANSFER: from 96ecdb52 to 8185482b
STACK_TEXT:
bc5cb2fc 96ecdb52 badb0d00 00000c10 84ca7030 nt!KiTrap0E+0x2cf
WARNING: Frame IP not in any known module. Following frames may be wrong.
bc5cb36c 84994158 96ecf65b 00000c10 b26f10e8 0x96ecdb52
bc5cb394 81876c73 859b3240 850c1008 e1adec98 0x84994158
bc5cb3f4 8c279bfe 020c1048 00000000 00000013 nt!IopfCompleteRequest+0x128
bc5cb46c 8c26e76e c76aa4a0 00000000 bc00aa88 tcpip!TcpCompleteClientReceiveRequest+0x1c
bc5cb5c0 8c288060 bc00aa88 00000000 bc00ab80 tcpip!TcpSatisfyReceiveRequests+0x59f
bc5cb65c 8c2889dd bc00aa88 bc00ab80 bc5cb698 tcpip!TcpDeliverDataToClient+0x79
bc5cb6b0 8c28d6e9 bc00aa88 bc00ab80 87335828 tcpip!TcpDeliverReceive+0x96
bc5cb700 8c28c926 bc00aa88 bc5cb724 bc5cb75c tcpip!TcpTcbFastDatagram+0x304
bc5cb768 8c28cd2c 8550c428 bc00aa88 005cb7dc tcpip!TcpTcbReceive+0x142
bc5cb7d0 8c27bebd 851cfd30 85546000 00000000 tcpip!TcpMatchReceive+0x237
bc5cb820 8c27bc1f 8550c428 85546000 0000c2f9 tcpip!TcpPreValidatedReceive+0x293
bc5cb83c 8c2815ef 8550c428 85546000 bc5cb878 tcpip!TcpReceive+0x2d
bc5cb84c 8c2b3914 bc5cb860 c000023e 00000000 tcpip!TcpNlClientReceiveDatagrams+0x12
bc5cb878 8c2b36d7 8c313f88 bc5cb8cc c000023e tcpip!IppDeliverListToProtocol+0x49
bc5cb898 8c2b33ac 8c313d98 00000006 bc5cb8cc tcpip!IppProcessDeliverList+0x2a
bc5cb8f0 8c2b0feb 8c313d98 00000006 00000000 tcpip!IppReceiveHeaderBatch+0x1f2
bc5cb984 8c2aff7c 85edf938 00000000 00000001 tcpip!IpFlcReceivePackets+0xbe5
bc5cba00 8c2b00ed 85ee64c8 87335828 00000000 tcpip!FlpReceiveNonPreValidatedNetBufferListChain+0x746
bc5cba34 8189e0ea 87335828 923f776f 85506510 tcpip!FlReceiveNetBufferListChainCalloutRoutine+0x11e
bc5cba9c 8c2b0175 8c2affcf bc5cbac4 00000000 nt!KeExpandKernelStackAndCalloutEx+0x132
bc5cbad8 8c11018d 85ee6402 87335800 00000000 tcpip!FlReceiveNetBufferListChain+0x7c
bc5cbb10 8c0fe670 85dcb4c0 87335828 00000000 ndis!ndisMIndicateNetBufferListsToOpen+0x188
bc5cbb38 8c0fe5e7 00000000 85c0b0e0 85c0b0e0 ndis!ndisIndicateSortedNetBufferLists+0x4a
bc5cbcb4 8c0c6b02 85c0b0e0 00000000 00000000 ndis!ndisMDispatchReceiveNetBufferLists+0x129
bc5cbce8 8c0c6c12 00000002 87335828 85c0bd8c ndis!ndisDoPeriodicReceivesIndication+0x125
bc5cbd10 8c0c6976 850103e0 00000000 84ca7030 ndis!ndisPeriodicReceivesWorker+0x5b
bc5cbd50 81a1cad1 00000000 923f7063 00000000 ndis!ndisReceiveWorkerThread+0xeb
bc5cbd90 818ce239 8c0c688b 00000000 00000000 nt!PspSystemThreadStartup+0x9e
00000000 00000000 00000000 00000000 00000000 nt!KiThreadStartup+0x19
STACK_COMMAND: kb
FOLLOWUP_IP:
tcpip!TcpCompleteClientReceiveRequest+1c
8c279bfe 8b4510 mov eax,dword ptr [ebp+10h]
SYMBOL_STACK_INDEX: 4
SYMBOL_NAME: tcpip!TcpCompleteClientReceiveRequest+1c
FOLLOWUP_NAME: MachineOwner
MODULE_NAME: tcpip
IMAGE_NAME: tcpip.sys
DEBUG_FLR_IMAGE_TIMESTAMP: 4f756aff
FAILURE_BUCKET_ID: 0xD1_tcpip!TcpCompleteClientReceiveRequest+1c
BUCKET_ID: 0xD1_tcpip!TcpCompleteClientReceiveRequest+1c
Followup: MachineOwner
---------
0: kd> lm
start end module name
816a2000 816aa000 kdcom (deferred)
8180e000 81c1e000 nt (pdb symbols) d:\dump\ntkrpamp.pdb\FF3B78F7823245CEB7AA9BF77047B22C2\ntkrpamp.pdb
81c1e000 81c55000 hal (deferred)
81e00000 81e0e000 WDFLDR (deferred)
81e11000 81e89000 mcupdate_GenuineIntel (deferred)
81e89000 81e9a000 PSHED (deferred)
81e9a000 81ea2000 BOOTVID (deferred)
81ea2000 81ee4000 CLFS (deferred)
81ee4000 81f8f000 CI (deferred)
81f8f000 82000000 Wdf01000 (deferred)
8bc20000 8bc35000 xenpci (deferred)
8bc35000 8bc7d000 ACPI (deferred)
8bc7d000 8bc86000 WMILIB (deferred)
8bc86000 8bc8e000 msisadrv (deferred)
8bc8e000 8bcb8000 pci (deferred)
8bcb8000 8bcc3000 vdrvroot (deferred)
8bcc3000 8bcd4000 partmgr (deferred)
8bcd4000 8bce4000 volmgr (deferred)
8bce4000 8bd2f000 volmgrx (deferred)
8bd2f000 8bd36000 intelide (deferred)
8bd36000 8bd44000 PCIIDEX (deferred)
8bd44000 8bd4d000 xenvbd (deferred)
8bd4d000 8bd94000 storport (deferred)
8bd94000 8bdaa000 mountmgr (deferred)
8bdaa000 8bdb3000 atapi (deferred)
8bdb3000 8bdd6000 ataport (deferred)
8bdd6000 8bddf000 amdxata (deferred)
8be28000 8be5c000 fltmgr (deferred)
8be5c000 8be6d000 fileinfo (deferred)
8be6d000 8bf9c000 Ntfs (deferred)
8bf9c000 8bfc7000 msrpc (deferred)
8bfc7000 8bfda000 ksecdd (deferred)
8bfda000 8bfff000 CLASSPNP (deferred)
8c000000 8c032000 fvevol (deferred)
8c034000 8c091000 cng (deferred)
8c091000 8c09f000 pcw (deferred)
8c09f000 8c0a8000 Fs_Rec (deferred)
8c0a8000 8c15f000 ndis (pdb symbols) d:\dump\ndis.pdb\A445ECC2161F497081DA301D4F6F13BB2\ndis.pdb
8c15f000 8c19d000 NETIO (deferred)
8c19d000 8c1c2000 ksecpkg (deferred)
8c1c2000 8c1ef000 rdyboost (deferred)
8c200000 8c210000 mup (deferred)
8c210000 8c218000 hwpolicy (deferred)
8c218000 8c229000 disk (deferred)
8c229000 8c373000 tcpip (pdb symbols) d:\dump\tcpip.pdb\49DC4FA05F484849B923CEAF2D9D71442\tcpip.pdb
8c373000 8c3a4000 fwpkclnt (deferred)
8c3a4000 8c3ac380 vmstorfl (deferred)
8c3ad000 8c3ec000 volsnap (deferred)
8c3ec000 8c3f4000 spldr (deferred)
|