What caused the BSOD?

Collapse
X
Collapse
 
  • Page of 1
  • Time
  • Show
Clear All
new posts
Previous template Next
  • Gibon378
    Gibon378
    • Nov 2022
    • 13
    • Poland
    #1

    What caused the BSOD?

    Hello there!
    I was doing some usual stuff, browsing the internet, listening to music, coding, etc. and my computer froze. It looked like the website couldn't process the request (logging into the account, there was the loading symbol) and it took a few seconds, then my computer totally froze except for the mouse cursor. It lasted for about a minute and I got the BSOD. It happened yesterday and today (just now).

    I managed to get the MEMORY.DMP content, but I don't really understand it. Could somebody help me?

    Code:
    ************* Preparing the environment for Debugger Extensions Gallery repositories **************
  ExtensionRepository : Implicit
  UseExperimentalFeatureForNugetShare : false
  AllowNugetExeUpdate : false
  AllowNugetMSCredentialProviderInstall : false
  AllowParallelInitializationOfLocalRepositories : true

  -- Configuring repositories
   ----> Repository : LocalInstalled, Enabled: true
   ----> Repository : UserExtensions, Enabled: true

>>>>>>>>>>>>> Preparing the environment for Debugger Extensions Gallery repositories completed, duration 0.000 seconds

************* Waiting for Debugger Extensions Gallery to Initialize **************

>>>>>>>>>>>>> Waiting for Debugger Extensions Gallery to Initialize completed, duration 0.031 seconds
  ----> Repository : UserExtensions, Enabled: true, Packages count: 0
  ----> Repository : LocalInstalled, Enabled: true, Packages count: 36

Microsoft (R) Windows Debugger Version 10.0.25877.1004 AMD64
Copyright (c) Microsoft Corporation. All rights reserved.


Loading Dump File [C:\Users\gibek\Desktop\MEMORY.DMP]
Kernel Bitmap Dump File: Kernel address space is available, User address space may not be available.

Symbol search path is: srv*
Executable search path is: 
Windows 10 Kernel Version 19041 MP (12 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS
Edition build lab: 19041.1.amd64fre.vb_release.191206-1406
Kernel base = 0xfffff801`0f400000 PsLoadedModuleList = 0xfffff801`1002a2d0
Debug session time: Fri Jun 23 13:43:07.580 2023 (UTC + 2:00)
System Uptime: 1 days 0:56:08.524
Loading Kernel Symbols
...............................................................
................................................................
..........................................................
Loading User Symbols
PEB address is NULL !
Loading unloaded module list
..................................................
For analysis of this file, run !analyze -v
nt!KeBugCheckEx:
fffff801`0f7fc030 48894c2408   mov   qword ptr [rsp+8],rcx ss:fffffd85`8aec8c80=000000000000003b
11: kd> !analyze -v
*******************************************************************************
*                                       *
*            Bugcheck Analysis                  *
*                                       *
*******************************************************************************

SYSTEM_SERVICE_EXCEPTION (3b)
An exception happened while executing a system service routine.
Arguments:
Arg1: 00000000c0000006, Exception code that caused the BugCheck
Arg2: fffff8010fa9f3c2, Address of the instruction which caused the BugCheck
Arg3: fffffd858aec9580, Address of the context record for the exception that caused the BugCheck
Arg4: 0000000000000000, zero.

Debugging Details:
------------------

*************************************************************************
***                                  ***
***                                  ***
***  Either you specified an unqualified symbol, or your debugger  ***
***  doesn't have full symbol information. Unqualified symbol   ***
***  resolution is turned off by default. Please either specify a  ***
***  fully qualified symbol module!symbolname, or enable resolution ***
***  of unqualified symbols by typing ".symopt- 100". Note that   ***
***  enabling unqualified symbol resolution with network symbol   ***
***  server shares in the symbol path may cause the debugger to   ***
***  appear to hang for long periods of time when an incorrect   ***
***  symbol name is typed or the network symbol server is down.   ***
***                                  ***
***  For some commands to work properly, your symbol path      ***
***  must point to .pdb files that have full type information.   ***
***                                  ***
***  Certain .pdb files (such as the public OS symbols) do not   ***
***  contain the required information. Contact the group that   ***
***  provided you with these symbols if you need this command to  ***
***  work.                             ***
***                                  ***
***  Type referenced: ExceptionRecord                ***
***                                  ***
*************************************************************************
*************************************************************************
***                                  ***
***                                  ***
***  (The same message as the one above)  ***
***                                  ***
***                                  ***                            ***
***                                  ***
***  Type referenced: ContextRecord                 ***
***                                  ***
*************************************************************************
*************************************************************************
***                                  ***
***                                  ***
***  (The same message as the one above)  ***
***                                  ***                            ***
***                                  ***
***  Type referenced: ExceptionRecord                ***
***                                  ***
*************************************************************************
*************************************************************************
***                                  ***
***                                  ***
***  (The same message as the one above)  ***
***                                  ***                            ***
***                                  ***
***  Type referenced: ContextRecord                 ***
***                                  ***
*************************************************************************

KEY_VALUES_STRING: 1

  Key : Analysis.CPU.mSec
  Value: 4921

  Key : Analysis.Elapsed.mSec
  Value: 4928

  Key : Analysis.IO.Other.Mb
  Value: 12

  Key : Analysis.IO.Read.Mb
  Value: 2

  Key : Analysis.IO.Write.Mb
  Value: 18

  Key : Analysis.Init.CPU.mSec
  Value: 811

  Key : Analysis.Init.Elapsed.mSec
  Value: 91073

  Key : Analysis.Memory.CommitPeak.Mb
  Value: 133

  Key : Bugcheck.Code.KiBugCheckData
  Value: 0x3b

  Key : Bugcheck.Code.LegacyAPI
  Value: 0x3b

  Key : Failure.Bucket
  Value: 0x3B_C0000006_nt!HvpGetCellPaged

  Key : Failure.Hash
  Value: {68f3db38-ae8e-4bae-c37a-85819946495f}

  Key : Hypervisor.Enlightenments.Value
  Value: 0

  Key : Hypervisor.Enlightenments.ValueHex
  Value: 0

  Key : Hypervisor.Flags.AnyHypervisorPresent
  Value: 0

  Key : Hypervisor.Flags.ApicEnlightened
  Value: 0

  Key : Hypervisor.Flags.ApicVirtualizationAvailable
  Value: 1

  Key : Hypervisor.Flags.AsyncMemoryHint
  Value: 0

  Key : Hypervisor.Flags.CoreSchedulerRequested
  Value: 0

  Key : Hypervisor.Flags.CpuManager
  Value: 0

  Key : Hypervisor.Flags.DeprecateAutoEoi
  Value: 0

  Key : Hypervisor.Flags.DynamicCpuDisabled
  Value: 0

  Key : Hypervisor.Flags.Epf
  Value: 0

  Key : Hypervisor.Flags.ExtendedProcessorMasks
  Value: 0

  Key : Hypervisor.Flags.HardwareMbecAvailable
  Value: 0

  Key : Hypervisor.Flags.MaxBankNumber
  Value: 0

  Key : Hypervisor.Flags.MemoryZeroingControl
  Value: 0

  Key : Hypervisor.Flags.NoExtendedRangeFlush
  Value: 0

  Key : Hypervisor.Flags.NoNonArchCoreSharing
  Value: 0

  Key : Hypervisor.Flags.Phase0InitDone
  Value: 0

  Key : Hypervisor.Flags.PowerSchedulerQos
  Value: 0

  Key : Hypervisor.Flags.RootScheduler
  Value: 0

  Key : Hypervisor.Flags.SynicAvailable
  Value: 0

  Key : Hypervisor.Flags.UseQpcBias
  Value: 0

  Key : Hypervisor.Flags.Value
  Value: 16777216

  Key : Hypervisor.Flags.ValueHex
  Value: 1000000

  Key : Hypervisor.Flags.VpAssistPage
  Value: 0

  Key : Hypervisor.Flags.VsmAvailable
  Value: 0

  Key : Hypervisor.RootFlags.AccessStats
  Value: 0

  Key : Hypervisor.RootFlags.CrashdumpEnlightened
  Value: 0

  Key : Hypervisor.RootFlags.CreateVirtualProcessor
  Value: 0

  Key : Hypervisor.RootFlags.DisableHyperthreading
  Value: 0

  Key : Hypervisor.RootFlags.HostTimelineSync
  Value: 0

  Key : Hypervisor.RootFlags.HypervisorDebuggingEnabled
  Value: 0

  Key : Hypervisor.RootFlags.IsHyperV
  Value: 0

  Key : Hypervisor.RootFlags.LivedumpEnlightened
  Value: 0

  Key : Hypervisor.RootFlags.MapDeviceInterrupt
  Value: 0

  Key : Hypervisor.RootFlags.MceEnlightened
  Value: 0

  Key : Hypervisor.RootFlags.Nested
  Value: 0

  Key : Hypervisor.RootFlags.StartLogicalProcessor
  Value: 0

  Key : Hypervisor.RootFlags.Value
  Value: 0

  Key : Hypervisor.RootFlags.ValueHex
  Value: 0

  Key : SecureKernel.HalpHvciEnabled
  Value: 0

  Key : WER.OS.Branch
  Value: vb_release

  Key : WER.OS.Version
  Value: 10.0.19041.1


BUGCHECK_CODE: 3b

BUGCHECK_P1: c0000006

BUGCHECK_P2: fffff8010fa9f3c2

BUGCHECK_P3: fffffd858aec9580

BUGCHECK_P4: 0

FILE_IN_CAB: MEMORY.DMP

CONTEXT: fffffd858aec9580 -- (.cxr 0xfffffd858aec9580)
rax=0000000000000000 rbx=fffffd858aec9fd0 rcx=0000000000000007
rdx=00000000008533f0 rsi=ffffc206944c6730 rdi=ffffb204a18de000
rip=fffff8010fa9f3c2 rsp=fffffd858aec9f88 rbp=fffffd858aeca089
 r8=000000000000001c r9=ffffc206945e7540 r10=00000268f3ee43f0
r11=00000000000003f0 r12=0000000000010275 r13=fffffd858aeca230
r14=0000000000000080 r15=00000268f3ed6afc
iopl=0     nv up ei pl nz na po nc
cs=0010 ss=0018 ds=002b es=002b fs=0053 gs=002b       efl=00050206
nt!HvpGetCellPaged+0xa2:
fffff801`0fa9f3c2 418b02     mov   eax,dword ptr [r10] ds:002b:00000268`f3ee43f0=????????
Resetting default scope

BLACKBOXBSD: 1 (!blackboxbsd)


BLACKBOXNTFS: 1 (!blackboxntfs)


BLACKBOXPNP: 1 (!blackboxpnp)


BLACKBOXWINLOGON: 1

PROCESS_NAME: Registry

STACK_TEXT: 
fffffd85`8aec9f88 fffff801`0fa7229f   : 00000000`00000000 ffffb204`a18de000 fffffd85`8aeca940 00000000`00000000 : nt!HvpGetCellPaged+0xa2
fffffd85`8aec9f90 fffff801`0fa79ae0   : 00000001`ffffffff 00000000`fa176dee 00000000`00000080 00000000`00000000 : nt!CmpDoCompareKeyName+0x3f
fffffd85`8aec9fd0 fffff801`0fa1a709   : ffffb204`ac7bb060 00000000`0000000b fffffd85`8aeca1d0 fffffd85`8aeca250 : nt!CmpWalkOneLevel+0x700
fffffd85`8aeca0d0 fffff801`0fa19c23   : 00000000`0000001c fffffd85`8aeca420 fffffd85`8aeca3d8 ffffc206`98d5a4a0 : nt!CmpDoParseKey+0x849
fffffd85`8aeca370 fffff801`0fa152ee   : fffff801`0fa19901 00000000`00000000 ffffc206`98d5a4a0 00000000`6d4e6201 : nt!CmpParseKey+0x2c3
fffffd85`8aeca510 fffff801`0fa0cfba   : ffffc206`98d5a400 fffffd85`8aeca778 00000000`00000040 ffffc206`8b3030c0 : nt!ObpLookupObjectName+0x3fe
fffffd85`8aeca6e0 fffff801`0fa0cd9c   : 00000000`00000000 00000000`00000000 00000000`00000000 ffffc206`8b3030c0 : nt!ObOpenObjectByNameEx+0x1fa
fffffd85`8aeca810 fffff801`0fa0c8b1   : 00000000`02abe828 fffffd85`8aecab80 00000000`00000001 fffff801`0f6211fe : nt!ObOpenObjectByName+0x5c
fffffd85`8aeca860 fffff801`0fa0c5df   : 00000000`02abeca8 00000000`02abecb8 00000000`00000000 00000000`00000001 : nt!CmOpenKey+0x2c1
fffffd85`8aecaac0 fffff801`0f80f7f8   : 00000000`00000000 fffffd85`8aecab80 fffffd85`8aecab80 00000000`02abecb8 : nt!NtOpenKeyEx+0xf
fffffd85`8aecab00 00007fff`d784f4c4   : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x28
00000000`02abe7c8 00000000`00000000   : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x00007fff`d784f4c4


SYMBOL_NAME: nt!HvpGetCellPaged+a2

MODULE_NAME: nt

IMAGE_NAME: ntkrnlmp.exe

STACK_COMMAND: .cxr 0xfffffd858aec9580 ; kb

BUCKET_ID_FUNC_OFFSET: a2

FAILURE_BUCKET_ID: 0x3B_C0000006_nt!HvpGetCellPaged

OS_VERSION: 10.0.19041.1

BUILDLAB_STR: vb_release

OSPLATFORM_TYPE: x64

OSNAME: Windows 10

FAILURE_ID_HASH: {68f3db38-ae8e-4bae-c37a-85819946495f}

Followup:   MachineOwner
---------
    Last edited by SMDFlea; 06-23-2023, 08:09 AM. Reason: CODE box
    Tags: None
    • Per Hansson
      Super Moderator
      • Jul 2005
      • 5895
      • Sweden
      #2
      Re: What caused the BSOD?

      You should setup a symbol search path to get more useful information.
      "The one who says it cannot be done should never interrupt the one who is doing it."

        Comment

        • stormanimal83
          Senior Member
          • May 2014
          • 74
          • Germany
          #3
          Re: What caused the BSOD?

          often bsod is caused by faulty hardware as processor or ram but in your case here i think its a driver problem cause your computer doesn´t freeze complete as u got a mouse visible...

          check your drivers, do windows updates and u can also try to install language pack seperately again. could be that it has to do something with this...

            Comment

            • Gibon378
              Gibon378
              • Nov 2022
              • 13
              • Poland
              #4
              Re: What caused the BSOD?

              Originally posted by stormanimal83
              often bsod is caused by faulty hardware as processor or ram but in your case here i think its a driver problem cause your computer doesn´t freeze complete as u got a mouse visible...

              check your drivers, do windows updates and u can also try to install language pack seperately again. could be that it has to do something with this...
              My Windows is up to date (22H2) - in fact, I had an update a few days ago.
              Maybe it caused some driver issues.

              When I had the BSOD, the error code was 0xc000000e and the file was \Windows\system32\winload.exe.

              I think I will do as you wrote and check if there are any chipset updates.

                Comment

                Previous template Next

                Related Topics

                Collapse
                • guyandpit
                  Asus tuf fa507r BSOD
                  by guyandpit
                  Hi there! Need help! its been 2 months finding the cause of BSOD ntoskrnl and other error, this has water damaged before no power, i replaced sio and pwm control for gpu and cpu. It will boot 3 times in BSOD before succesfully boot in windows. I done stress on cpu, gpu and ram no errors found. Any opinion guys with same exprience? Thank you see attached bsod error
                  2 Photos
                  05-09-2025, 11:46 PM
                • alambrose
                  LG GRAM random bsod SOLVED
                  by alambrose
                  LG Gram 15Z980 picked up on Ebay for $200 (was sold as parts because no M2 drive and bios pw locked), but otherwise intact and working.

                  Threw a 500gb M2 in, and was able to install Windows. On Gram, Win activation is stored in the bios, so Windows was automatically activated. I still kept getting random bsod's. Also bought a pw and unlocked the bios.

                  Upgraded Windows to 11, still didn't solve the random & frequent bsod's. Cleaned & reseated all cables, RAM, etc... still getting frequent bsod's. Bought & installed a new stick of RAM, still getting frequent...
                  02-12-2023, 06:12 PM
                • alleotechno
                  HP Omen RTX2060 BSOD while nothing presure on CPU
                  by alleotechno
                  Details:
                  Model : Omen HP Laptop 15-DH0038TX
                  Serial Num : CND93433LW
                  Product ID : 7LJ89PA#UUF
                  Bios Version : AMI F.53 4/24/2024 (8600)
                  Laptop Input Voltage : 19.5Vdc | 10.3a
                  My Adapter Charger : Original HP 200Watt 19.5V | 10.3a

                  My laptop keep on blue screen after 10 second successfully windows loaded, BSOD while installing new windows and cannot windows update, if update ask me to perform to restart and the laptop will BSOD while installing the update.

                  The blue screen comes after nothing stress/pressures my CPU not GPU. I need to use...
                  02-04-2025, 10:37 PM
                • the Benninger
                  Vostro 14 3468 w BSOD KernelPower aleatory
                  by the Benninger
                  HI Folks, I have a problem randomly a BSOD screen appears in the event viewer indicates KernelPower failure, discard the source/memory and SSD, only the battery is in bad condition, it will be possible that the battery is causing this BSOD event , I mention it because the times he gave BSOD he happened to have the battery installed, and last Friday it ran all day without the battery installed and didn't generate any events
                  At the moment I am checking the mosfets and voltges in general everything seems to be perfect on the main board



                  Vostro 14 3468
                  CPU: Core...
                  04-29-2024, 08:54 AM
                • SuperAman
                  PNP transistor symbol?
                  by SuperAman
                  I have a question about PNP transistor symbol. Usually the emitter arrow pointing in the direction of the base is at top where the collector would be. I got asked on a test where the arrow is pointing toward the base but was in the spot of the collector. The answer choices was PNP or NPN and forward biased or reverse biased. So is it a PNP that is forward biased or reverse biased? Usually on the schematics for PNP the Emitter is on the top and collector is on the bottom....
                  04-14-2025, 06:11 PM
                • Loading...
                • No more items.
                Working...