Debugger issue

livix07

Well-Known Member
Code:
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck C8, {20002, fffff801e3a01010, ffffd78e10437460, 0}

*** WARNING: Unable to verify timestamp for ndisrfl.sys
*** ERROR: Module load completed but symbols could not be loaded for ndisrfl.sys
Probably caused by : ndisrfl.sys ( ndisrfl+5619 )

Followup:     MachineOwner
Hi,
try updating the above driver mentioned in the probable cause:

ndisrfl.sys: Intel Technology Access Filter Driver
Download Intel® Technology Access
Why does WinDBG give a different output on my computer:

Code:
..................................................
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck C8, {20002, fffff801e3a01010, ffffd78e10437460, 0}

*** WARNING: Unable to verify timestamp for ndis.sys
*** ERROR: Module load completed but symbols could not be loaded for ndis.sys
Probably caused by : ndis.sys ( ndis+5a76d )

Followup:     MachineOwner
 

kemical

Windows Forum Admin
Staff member
Premium Supporter
Perhaps you need to download debugger symbols, not sure.
 

Josephur

Windows Forum Admin
Staff member
Premium Supporter
It debugged for me, had to use 32 bit debugger however.

Code:
2: kd> !analyze -v
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

IRQL_UNEXPECTED_VALUE (c8)
The processor's IRQL is not what it should be at this time.  This is
usually caused by a lower level routine changing IRQL for some period
and not restoring IRQL at the end of that period (eg acquires spinlock
but doesn't release it).
        if UniqueValue is 0 or 1
            2 = APC->KernelRoutine
            3 = APC
            4 = APC->NormalRoutine
Arguments:
Arg1: 0000000000020002, (Current IRQL << 16) | (Expected IRQL << 8) | UniqueValue
Arg2: fffff801e3a01010
Arg3: ffffd78e10437460
Arg4: 0000000000000000

Debugging Details:
------------------


DUMP_CLASS: 1

DUMP_QUALIFIER: 400

BUILD_VERSION_STRING:  10.0.17134.165 (WinBuild.160101.0800)

SYSTEM_MANUFACTURER:  MSI

SYSTEM_PRODUCT_NAME:  MS-7977

SYSTEM_SKU:  Default string

SYSTEM_VERSION:  1.0

BIOS_VENDOR:  American Megatrends Inc.

BIOS_VERSION:  1.90

BIOS_DATE:  05/11/2016

BASEBOARD_MANUFACTURER:  MSI

BASEBOARD_PRODUCT:  Z170A GAMING M5 (MS-7977)

BASEBOARD_VERSION:  1.0

DUMP_TYPE:  2

DUMP_FILE_ATTRIBUTES: 0x8
  Kernel Generated Triage Dump

BUGCHECK_P1: 20002

BUGCHECK_P2: fffff801e3a01010

BUGCHECK_P3: ffffd78e10437460

BUGCHECK_P4: 0

CPU_COUNT: 8

CPU_MHZ: d50

CPU_VENDOR:  GenuineIntel

CPU_FAMILY: 6

CPU_MODEL: 5e

CPU_STEPPING: 3

CPU_MICROCODE: 6,5e,3,0 (F,M,S,R)  SIG: BE'00000000 (cache) BE'00000000 (init)

CUSTOMER_CRASH_COUNT:  1

DEFAULT_BUCKET_ID:  WIN8_DRIVER_FAULT

BUGCHECK_STR:  0xC8

PROCESS_NAME:  IntelTechnolog

CURRENT_IRQL:  2

ANALYSIS_SESSION_HOST:  NEMESIS

ANALYSIS_SESSION_TIME:  07-20-2018 13:37:22.0066

ANALYSIS_VERSION: 10.0.16299.15 x86fre

LAST_CONTROL_TRANSFER:  from fffff80314e727dd to fffff80314e3a430

STACK_TEXT: 
ffffd78e`10437358 fffff803`14e727dd : 00000000`000000c8 00000000`00020002 fffff801`e3a01010 ffffd78e`10437460 : nt!KeBugCheckEx
ffffd78e`10437360 fffff803`14cfa0cd : fffff801`e3a01010 ffffd78e`10437460 ffff800a`f7656520 00000000`00000000 : nt!KeExpandKernelStackAndCalloutInternal+0x1786fd
ffffd78e`104373c0 fffff801`e3a5a76d : 1a000004`1480c867 00000000`00000000 00000000`00000000 fffffd3f`feb59d40 : nt!KeExpandKernelStackAndCalloutEx+0x1d
ffffd78e`10437400 fffff801`e3a2b18e : 00000000`00000000 ffff800a`f7656520 00000000`00000001 00000000`00000000 : ndis!NdisIsStatusIndicationCloneable+0x124d
ffffd78e`104374d0 fffff801`e3a086df : ffff800a`9c98ec60 ffff800a`f7656520 ffffd78e`00000000 ffff800a`00000001 : ndis!NdisGetDeviceReservedExtension+0x5e8e
ffffd78e`104375a0 fffff801`e5395619 : ffff800a`9d1c9010 ffff800a`b10c05d0 ffff800a`f6b84580 ffff800a`9bc58960 : ndis!NdisFIndicateReceiveNetBufferLists+0x3f
ffffd78e`104375e0 ffff800a`9d1c9010 : ffff800a`b10c05d0 ffff800a`f6b84580 ffff800a`9bc58960 00000000`00000000 : ndisrfl+0x5619
ffffd78e`104375e8 ffff800a`b10c05d0 : ffff800a`f6b84580 ffff800a`9bc58960 00000000`00000000 ffff800a`f6b84580 : 0xffff800a`9d1c9010
ffffd78e`104375f0 ffff800a`f6b84580 : ffff800a`9bc58960 00000000`00000000 ffff800a`f6b84580 00000000`00000000 : 0xffff800a`b10c05d0
ffffd78e`104375f8 ffff800a`9bc58960 : 00000000`00000000 ffff800a`f6b84580 00000000`00000000 fffff801`e539294b : 0xffff800a`f6b84580
ffffd78e`10437600 00000000`00000000 : ffff800a`f6b84580 00000000`00000000 fffff801`e539294b ffff800a`9bc58960 : 0xffff800a`9bc58960


THREAD_SHA1_HASH_MOD_FUNC:  055b6a724acca365988e2c6b6da8d347e6922266

THREAD_SHA1_HASH_MOD_FUNC_OFFSET:  073351a6e89caf3a7eba71708aa60cecfb34c31a

THREAD_SHA1_HASH_MOD:  d36b1a7cfe3c60986ddd0d0efe2780c076af4dfd

FOLLOWUP_IP:
ndisrfl+5619
fffff801`e5395619 ??              ???

SYMBOL_STACK_INDEX:  6

SYMBOL_NAME:  ndisrfl+5619

FOLLOWUP_NAME:  MachineOwner

MODULE_NAME: ndisrfl

IMAGE_NAME:  ndisrfl.sys

DEBUG_FLR_IMAGE_TIMESTAMP:  559eaa0f

STACK_COMMAND:  .thread ; .cxr ; kb

BUCKET_ID_FUNC_OFFSET:  5619

FAILURE_BUCKET_ID:  0xC8_ndisrfl!unknown_function

BUCKET_ID:  0xC8_ndisrfl!unknown_function

PRIMARY_PROBLEM_CLASS:  0xC8_ndisrfl!unknown_function

TARGET_TIME:  2018-07-20T06:35:06.000Z

OSBUILD:  17134

OSSERVICEPACK:  165

SERVICEPACK_NUMBER: 0

OS_REVISION: 0

SUITE_MASK:  784

PRODUCT_TYPE:  1

OSPLATFORM_TYPE:  x64

OSNAME:  Windows 10

OSEDITION:  Windows 10 WinNt TerminalServer SingleUserTS Personal

OS_LOCALE: 

USER_LCID:  0

OSBUILD_TIMESTAMP:  2018-07-06 02:57:56

BUILDDATESTAMP_STR:  160101.0800

BUILDLAB_STR:  WinBuild

BUILDOSVER_STR:  10.0.17134.165

ANALYSIS_SESSION_ELAPSED_TIME:  540

ANALYSIS_SOURCE:  KM

FAILURE_ID_HASH_STRING:  km:0xc8_ndisrfl!unknown_function

FAILURE_ID_HASH:  {20302235-0de7-f870-5df6-1f3817b4dc0e}

Followup:     MachineOwner
---------
 

kemical

Windows Forum Admin
Staff member
Premium Supporter
This isn't really the best place to discuss your debugger as it's someone else's thread. Best thing to do is open a new thread or visit sysnative.com and read a few of the guides they have on debugging.
 

livix07

Well-Known Member
This isn't really the best place to discuss your debugger as it's someone else's thread. Best thing to do is open a new thread or visit sysnative.com and read a few of the guides they have on debugging.
I posted it here because it is related to his problem. It is his .dmp file. Anyway you can remove my post.
 

Neemobeer

Windows Forum Team
Staff member
If you're using the MS symbol server it appears there is an issue on the sym serv. You may need to manually download and install the symbols.

SYMSRV: UNC: d:\symbols\ndis.pdb\4DF9FE7F2D73B4E46FD12A45015B834A1\ndis.pdb - path not found
SYMSRV: UNC: d:\symbols\ndis.pdb\4DF9FE7F2D73B4E46FD12A45015B834A1\ndis.pd_ - path not found
SYMSRV: UNC: d:\symbols\ndis.pdb\4DF9FE7F2D73B4E46FD12A45015B834A1\file.ptr - path not found
SYMSRV: HTTPGET: /download/symbols/ndis.pdb/4DF9FE7F2D73B4E46FD12A45015B834A1/ndis.pdb

SYMSRV: HttpQueryInfo: 801901f8 - HTTP_STATUS_GATEWAY_TIMEOUT
SYMSRV: RESULT: 0x801901F8
 

kemical

Windows Forum Admin
Staff member
Premium Supporter
I always grab mine manually.

I then keep the Symbol file folder backed up (this now runs to the tune of 25GB or so).
 
Top