I have such a problem with the blue screen. Trying to run Aorus Engine, a blue screen is displayed with error code 0x3B referencing the gdrv.sys driver (driver from GIGABYTE APPCenter). Like everything is clear, however, I wanted to debug the memory dump. The problem is that the system does not create memory dumps. I saw similar problems there, however, it looked like the creation of the memory dump hung at a certain percentage (0%, 50% etc.). And my system doesn't even try to create such a dump. There is info on the blue screen that "The computer has encountered a problem and needs to be shut down. You can now restart it." There is not even a message that "the memory dump is being created" or something. How do you force the system to finally create a memory dump?
BSoD 0x3B - system doesn't create dump files
- Thread starter MrPepka
- Start date
Sysnative Windows Update
Inactive
- Oct 9, 2014
- 741
Is your system configured correctly?
BSODs but no Dump Files? - Windows Crashes and Blue Screen of Death (BSOD) Help and Support
BSODs but no Dump Files? - Windows Crashes and Blue Screen of Death (BSOD) Help and Support
Sysnative Windows Update
Inactive
- Oct 9, 2014
- 741
Anything like CCleaner running in the background?
I don't have any CCleaner programs to clean my computer. And in the event log, except the entry that the system was shut down without first clean shutdown, there is nothing else. But I found out that for some reason the memory dump driver is not loaded on the system. So how do you load it?
Another option: Why does Windows 10 not create a dump file?
One of the instructions is to turn off the page file and reboot, turn it back to system managed and reboot.
Maybe this will also help: Dump Filter Drivers
One of the instructions is to turn off the page file and reboot, turn it back to system managed and reboot.
Maybe this will also help: Dump Filter Drivers
Not generating a dump happens for one of a few common reasons:
1. A process crashes (lsass or csrss) that controls access to the security subsystem, meaning permissions checking fails, and crasdump cannot write due to lacking permissions to write to the paging file (where memory sump data is written).
2. The system memory committed at time of a system crash is larger than the paging file's size when the crash occurs, resulting in a hung or failed dump write to disk.
3. A driver or process that is "boot critical" or hooks kernel APIs crashes or hangs during the bugcheck, thus causing a crash of the crash, and no dump is written.
There could be others, but those are the most common I've run into over the last 15 years or so, and in that order of most common to less common.
1. A process crashes (lsass or csrss) that controls access to the security subsystem, meaning permissions checking fails, and crasdump cannot write due to lacking permissions to write to the paging file (where memory sump data is written).
2. The system memory committed at time of a system crash is larger than the paging file's size when the crash occurs, resulting in a hung or failed dump write to disk.
3. A driver or process that is "boot critical" or hooks kernel APIs crashes or hangs during the bugcheck, thus causing a crash of the crash, and no dump is written.
There could be others, but those are the most common I've run into over the last 15 years or so, and in that order of most common to less common.
My reason is that the system doesn't load the driver responsible for generating memory dumps, but I don't know how to fix it. I checked all possible variants and the only thing that doesn't match is that the crash dump driver is unloaded
sfc /scannow Plus the DISM options too. DISM /Online /Cleanup-Image /RestoreHealth followed again by the sfc /scannow again.
I also read where the hiberfil.sys can stop a dump if corrupted.
You can try the powercfg -h off command to turn that off.
I also read where the hiberfil.sys can stop a dump if corrupted.
You can try the powercfg -h off command to turn that off.
Also checked and that's not it. If you have Windows 10, check in Driver Verifier (you do not need to turn it on, just enter Driver Verifier Manager) and see in the loaded drivers whether you have the drivers crashdmp.sys and diskump.sys
Here is what I have. Win 10 1909 I'm not sure about the unknown part. It's listed in the DRT as:
| Source | Windows Update or 3rd party driver manufacturer, depending on the source driver |
Well then you are right. For me, these drivers are not on the list although the drivers themselves are in the system. And that's why memory dumps are probably not created because the drivers responsible for it do not work (the system does not load them). But how do these drivers load into the system?
- May 7, 2013
- 10,400
It's because those drivers are basically copies to ensure that a crash is able to be handled gracefully - What are these ghost drivers named dump_diskdump.sys and other dump_*.sys that didn't come from any file? | The Old New Thing
Good question. What version Windows are you on?
- May 7, 2013
- 10,400
Windows 10 Home 1903
Sorry, I should have quoted @MrPepka I was referring to him. Thank you for that link above.
Has Sysnative Forums helped you? Please consider donating to help us support the site!