BSOD , Driver fault . need help with analysis.

[manjubn64]

Hello Team,

I see following error with !analyze -v
need some help on how to dig deeper into the issue and find out what is happening
: kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************

SYSTEM_SERVICE_EXCEPTION (3b)
An exception happened while executing a system service routine.
Arguments:
Arg1: 00000000c0000005, Exception code that caused the bugcheck
Arg2: fffff800dd9b3587, Address of the instruction which caused the bugcheck
Arg3: ffffd0002a5bb710, Address of the context record for the exception that caused the bugcheck
Arg4: 0000000000000000, zero.

Debugging Details:
------------------

*** WARNING: Unable to verify timestamp for HPEDpHsmX64.sys
fffff8038a0abe58: Unable to get Flags value from nt!KdVersionBlock
GetUlongPtrFromAddress: unable to read from fffff8038a168308

KEY_VALUES_STRING: 1

Key : Analysis.CPU.Sec
Value: 4

Key : Analysis.DebugAnalysisProvider.CPP
Value: Create: 8007007e on IN-5CG0355GRV

Key : Analysis.DebugData
Value: CreateObject

Key : Analysis.DebugModel
Value: CreateObject

Key : Analysis.Elapsed.Sec
Value: 8

Key : Analysis.Memory.CommitPeak.Mb
Value: 71

Key : Analysis.System
Value: CreateObject


DUMP_FILE_ATTRIBUTES: 0x8
Kernel Generated Triage Dump

BUGCHECK_CODE: 3b

BUGCHECK_P1: c0000005

BUGCHECK_P2: fffff800dd9b3587

BUGCHECK_P3: ffffd0002a5bb710

BUGCHECK_P4: 0

CONTEXT: ffffd0002a5bb710 -- (.cxr 0xffffd0002a5bb710)
rax=0000000000000000 rbx=ffffe0004d9fbd58 rcx=0000000000000000
rdx=ffffd0002a5bc2a8 rsi=fffff800dd9b8c58 rdi=ffffd0002a5bc190
rip=fffff800dd9b3587 rsp=ffffd0002a5bc130 rbp=ffffe0004892f0c0
r8=0000000000000000 r9=0000000000000000 r10=fffff800dd200000
r11=0000000000000000 r12=0000000000000000 r13=ffffe0004c5fd710
r14=0000000000000000 r15=ffffe0004892f2e0
iopl=0 nv up ei pl zr na po nc
cs=0010 ss=0018 ds=002b es=002b fs=0053 gs=002b efl=00010246
HPEDpHsmX64+0x2587:
fffff800`dd9b3587 833846 cmp dword ptr [rax],46h ds:002b:00000000`00000000=????????
Resetting default scope

CUSTOMER_CRASH_COUNT: 1

PROCESS_NAME: loadsapr.exe

STACK_TEXT:
ffffd000`2a5bc130 00000000`00000001 : 00000000`00000003 00000000`00000000 ffffd000`22a11230 ffffe000`6d4e6f49 : HPEDpHsmX64+0x2587
ffffd000`2a5bc138 00000000`00000003 : 00000000`00000000 ffffd000`22a11230 ffffe000`6d4e6f49 00000000`00000009 : 0x1
ffffd000`2a5bc140 00000000`00000000 : ffffd000`22a11230 ffffe000`6d4e6f49 00000000`00000009 ffffc000`00000000 : 0x3


SYMBOL_NAME: HPEDpHsmX64+2587

MODULE_NAME: HPEDpHsmX64

IMAGE_NAME: HPEDpHsmX64.sys

STACK_COMMAND: .cxr 0xffffd0002a5bb710 ; kb

BUCKET_ID_FUNC_OFFSET: 2587

FAILURE_BUCKET_ID: 0x3B_c0000005_HPEDpHsmX64!unknown_function

OS_VERSION: 8.1.9600.19846

BUILDLAB_STR: winblue_ltsb_escrow

OSPLATFORM_TYPE: x64

OSNAME: Windows 8.1

FAILURE_ID_HASH: {3238b1ad-c7a8-9dd2-2a88-e7b2caf24391}

Followup: MachineOwner
---------

1: kd> !dpx
No export dpx found
1: kd> .load C:\Users\mbn4\OneDrive - DXC Production\old laptop\temp\Symbols\EXT\PDE v11.3\x64\winext\pdel.dll
The call to LoadLibrary(C:\Users\mbn4\OneDrive - DXC Production\old laptop\temp\Symbols\EXT\PDE v11.3\x64\winext\pdel.dll) failed, Win32 error 0n126
"The specified module could not be found."
Please check your debugger configuration and/or network access.
1: kd> .load C:\Users\mbn4\OneDrive - DXC Production\old laptop\temp\Symbols\EXT\PDE v11.3\x64\winext\pde.dll
=========================================================================================
PDE v11.3 - Copyright 2017 Andrew Richards
=========================================================================================
1: kd> k
# Child-SP RetAddr Call Site
00 ffffd000`2a5bae58 fffff803`89f69769 nt!KeBugCheckEx
01 ffffd000`2a5bae60 fffff803`89f68e7c nt!KiBugCheckDispatch+0x69
02 ffffd000`2a5bafa0 fffff803`89f6206d nt!KiSystemServiceHandler+0x7c
03 ffffd000`2a5bafe0 fffff803`89e9f515 nt!RtlpExecuteHandlerForException+0xd
04 ffffd000`2a5bb010 fffff803`89ef2cc9 nt!RtlDispatchException+0x1a5
05 ffffd000`2a5bb6e0 fffff803`89f69842 nt!KiDispatchException+0x18d
06 ffffd000`2a5bbdc0 fffff803`89f66c82 nt!KiExceptionDispatch+0xc2
07 ffffd000`2a5bbfa0 fffff800`dd9b3587 nt!KiPageFault+0x402
*** WARNING: Unable to verify timestamp for HPEDpHsmX64.sys
08 ffffd000`2a5bc130 00000000`00000001 HPEDpHsmX64+0x2587
09 ffffd000`2a5bc138 00000000`00000003 0x1
0a ffffd000`2a5bc140 00000000`00000000 0x3
1: kd> !dpx
Start memory scan : 0xffffd0002a5bae58 ($csp)
End memory scan : 0xffffd0002a5bd000 (Kernel Stack Base)

rsp : 0xffffd0002a5bae58 : 0xfffff80389f69769 : nt!KiBugCheckDispatch+0x69
0xffffd0002a5bae58 : 0xfffff80389f69769 : nt!KiBugCheckDispatch+0x69
0xffffd0002a5bae88 : 0xfffff80389ede36f : nt!EtwpTraceFileName+0xb7
0xffffd0002a5baf58 : 0xfffff800dd206db5 : fltmgr!FltpGetFileNameInformation+0x4a5
0xffffd0002a5baf88 : 0xfffff80389f693e3 : nt!KiSystemServiceCopyEnd+0x13
0xffffd0002a5baf98 : 0xfffff80389f68e7c : nt!KiSystemServiceHandler+0x7c
0xffffd0002a5bafb8 : 0xfffff8038a29e5d5 : nt!IopCreateFile+0x825
0xffffd0002a5bafd0 : 0xfffff80389f693e3 : nt!KiSystemServiceCopyEnd+0x13
0xffffd0002a5bafd8 : 0xfffff80389f6206d : nt!RtlpExecuteHandlerForException+0xd
0xffffd0002a5bb000 : 0xffffd0002a5bb090 : 0xfffff80389f693e3 : nt!KiSystemServiceCopyEnd+0x13
0xffffd0002a5bb008 : 0xfffff80389e9f515 : nt!RtlDispatchException+0x1a5
0xffffd0002a5bb018 : 0xfffff80389e19000 : "nt!_guard_check_icall_fptr <PERF> (nt+0x0)"
0xffffd0002a5bb060 : 0xfffff80389e19000 : "nt!_guard_check_icall_fptr <PERF> (nt+0x0)"
0xffffd0002a5bb088 : 0xfffff800df164a03 : fileinfo!FIStreamGetInfo+0xe3
0xffffd0002a5bb090 : 0xfffff80389f693e3 : nt!KiSystemServiceCopyEnd+0x13
0xffffd0002a5bb098 : 0xfffff80389e19000 : "nt!_guard_check_icall_fptr <PERF> (nt+0x0)"
0xffffd0002a5bb0a0 : 0xfffff8038a12c428 : "nt!BcpCursor <PERF> (nt+0x313428)"
0xffffd0002a5bb0c0 : 0xfffff80389f68e00 : nt!KiSystemServiceHandler
0xffffd0002a5bb288 : 0xfffff80389e4bb7d : nt!EtwpReserveTraceBuffer+0xd9
0xffffd0002a5bb2b8 : 0xfffff80389e854e1 : nt!RtlCopyUnicodeString+0x45
0xffffd0002a5bb3a0 : 0xffffd0002a5bb5e8 : 0xfffff800dd200000 : "fltmgr!FltpProcessIrpCtrlStackProfiler <PERF> (fltmgr+0x0)"
0xffffd0002a5bb3a8 : 0xffffd0002a5bb648 : 0xfffff80389e19000 : "nt!_guard_check_icall_fptr <PERF> (nt+0x0)"
0xffffd0002a5bb3d8 : 0xfffff80389e8039d : nt!SepAccessCheck+0x2ed
0xffffd0002a5bb3f8 : 0xfffff800dd6a6b00 : Ntfs!NtfsCleanupIrpContext+0x140
0xffffd0002a5bb408 : 0xffffd0002a5bb610 : 0xfffff800dd2283f8 : "fltmgr!FltpVerifierFlags <PERF> (fltmgr+0x283f8)"
0xffffd0002a5bb440 : 0xffffd0002a5bb648 : 0xfffff80389e19000 : "nt!_guard_check_icall_fptr <PERF> (nt+0x0)"
0xffffd0002a5bb468 : 0xffffd0002a5bb610 : 0xfffff800dd2283f8 : "fltmgr!FltpVerifierFlags <PERF> (fltmgr+0x283f8)"
0xffffd0002a5bb490 : 0xffffd0002a5bb648 : 0xfffff80389e19000 : "nt!_guard_check_icall_fptr <PERF> (nt+0x0)"
0xffffd0002a5bb4a8 : 0xfffff80389e4bb7d : nt!EtwpReserveTraceBuffer+0xd9
0xffffd0002a5bb528 : 0xffffd0002a5bb660 : 0xfffff8038a139598 : "nt!BcpCursor <PERF> (nt+0x320598)"
0xffffd0002a5bb538 : 0xfffff80389e7fa30 : nt!SeAccessCheckWithHint+0x400
0xffffd0002a5bb578 : 0xfffff8038a46bee0 : nt!IopFileMapping
0xffffd0002a5bb588 : 0xfffff80389e46801 : nt!IopfCompleteRequest+0xc71
0xffffd0002a5bb5a8 : 0xfffff80389ee7510 : nt!KiOpFetchBytes+0x30
0xffffd0002a5bb5b8 : 0xfffff800dd202e80 : fltmgr!FltpLegacyProcessingAfterPreCallbacksCompleted
0xffffd0002a5bb5c0 : 0xfffff8038a2a6119 : nt!ObpLookupObjectName+0xbc9
0xffffd0002a5bb5c8 : 0xfffff800dd9b1000 : HPEDpHsmX64
0xffffd0002a5bb5d8 : 0xfffff800dd200000 : "fltmgr!FltpProcessIrpCtrlStackProfiler <PERF> (fltmgr+0x0)"
0xffffd0002a5bb5e0 : 0xfffff800dd2270d8 : "fltmgr!FltpVerifierFlags <PERF> (fltmgr+0x270d8)"
0xffffd0002a5bb5e8 : 0xfffff800dd200000 : "fltmgr!FltpProcessIrpCtrlStackProfiler <PERF> (fltmgr+0x0)"
0xffffd0002a5bb5f0 : 0xfffff800dd227138 : "fltmgr!FltpVerifierFlags <PERF> (fltmgr+0x27138)"
0xffffd0002a5bb5f8 : 0xfffff800dd200000 : "fltmgr!FltpProcessIrpCtrlStackProfiler <PERF> (fltmgr+0x0)"
0xffffd0002a5bb600 : 0xfffff800dd2270b4 : "fltmgr!FltpVerifierFlags <PERF> (fltmgr+0x270b4)"
0xffffd0002a5bb608 : 0xfffff800dd200000 : "fltmgr!FltpProcessIrpCtrlStackProfiler <PERF> (fltmgr+0x0)"
0xffffd0002a5bb610 : 0xfffff800dd2283f8 : "fltmgr!FltpVerifierFlags <PERF> (fltmgr+0x283f8)"
0xffffd0002a5bb618 : 0xfffff80389e19000 : "nt!_guard_check_icall_fptr <PERF> (nt+0x0)"
0xffffd0002a5bb620 : 0xfffff8038a13c1b4 : "nt!BcpCursor <PERF> (nt+0x3231b4)"
0xffffd0002a5bb628 : 0xfffff80389e19000 : "nt!_guard_check_icall_fptr <PERF> (nt+0x0)"
0xffffd0002a5bb630 : 0xfffff8038a141aa0 : "nt!BcpCursor <PERF> (nt+0x328aa0)"
0xffffd0002a5bb638 : 0xfffff80389e19000 : "nt!_guard_check_icall_fptr <PERF> (nt+0x0)"
0xffffd0002a5bb640 : 0xfffff8038a13c0b8 : "nt!BcpCursor <PERF> (nt+0x3230b8)"
0xffffd0002a5bb648 : 0xfffff80389e19000 : "nt!_guard_check_icall_fptr <PERF> (nt+0x0)"
0xffffd0002a5bb650 : 0xfffff8038a141914 : "nt!BcpCursor <PERF> (nt+0x328914)"
0xffffd0002a5bb658 : 0xfffff80389e19000 : "nt!_guard_check_icall_fptr <PERF> (nt+0x0)"
0xffffd0002a5bb660 : 0xfffff8038a139598 : "nt!BcpCursor <PERF> (nt+0x320598)"
0xffffd0002a5bb668 : 0xfffff80389e19000 : "nt!_guard_check_icall_fptr <PERF> (nt+0x0)"
0xffffd0002a5bb670 : 0xfffff8038a12c428 : "nt!BcpCursor <PERF> (nt+0x313428)"
0xffffd0002a5bb6d8 : 0xfffff80389ef2cc9 : nt!KiDispatchException+0x18d
0xffffd0002a5bb708 : 0xfffff8038a46be00 : nt!GUID_MOF_RESOURCE_ADDED_NOTIFICATION
0xffffd0002a5bb728 : 0xfffff80389e52ab0 : nt!SepTokenFromAccessInformation+0x120
0xffffd0002a5bb768 : 0xfffff800deb8af08 : luafv!LuafvEcpType
0xffffd0002a5bb7d8 : 0xfffff800dd200000 : "fltmgr!FltpProcessIrpCtrlStackProfiler <PERF> (fltmgr+0x0)"
0xffffd0002a5bb8b0 : 0x0064007200610048 : !du "Harddisk\Device\"
0xffffd0002a5bb8b8 : 0x006b007300690064 : !du "disk\Device\"
0xffffd0002a5bb8c0 : 0x007600650044005c : !du "\Device\"
0xffffd0002a5bbb48 : 0xfffff80389e84fa5 : nt!MiGetPteFromCopyList+0x3a5
0xffffd0002a5bbb78 : 0xfffff80389e84940 : nt!MiGetPteMappingPair+0x58
0xffffd0002a5bbba8 : 0xfffff80389e685f3 : nt!RtlGetExtendedContextLength+0x1f
0xffffd0002a5bbc98 : 0xfffff80389effbfc : nt!MiIsFaultPteIntact+0x20
0xffffd0002a5bbcb8 : 0xfffff80389e81f3d : nt!MiAddLockedPageChargeForModifiedPage+0x35
0xffffd0002a5bbce8 : 0xfffff800deb9d000 : luafv!LuafvQueryShortNameFromGlobal+0x118
0xffffd0002a5bbcf8 : 0xfffff8038a160ec0 : nt!MmSystemPtesWs
0xffffd0002a5bbd18 : 0xfffff80389e8946e : nt!MiAllocateWsle+0x1fe
0xffffd0002a5bbd48 : 0xfffff80389e8516c : nt!MiFreeInPageSupportBlock+0x84
0xffffd0002a5bbdb0 : 0xffffd0002a5bc020 : !du "\Device\"
0xffffd0002a5bbdb8 : 0xfffff80389f69842 : nt!KiExceptionDispatch+0xc2
0xffffd0002a5bbde8 : 0xfffff80389ffe5a4 : nt!MiResolvePageTablePage+0x180
0xffffd0002a5bbe98 : 0xfffff80389e644be : nt!MmAccessFault+0x71e
0xffffd0002a5bbf90 : 0xffffd0002a5bc020 : !du "\Device\"
0xffffd0002a5bbf98 : 0xfffff80389f66c82 : nt!KiPageFault+0x402
0xffffd0002a5bbfa0 : 0xfffff800dd9b8c58 : Trap @ ffffd0002a5bbfa0
0xffffd0002a5bbfc0 : 0xfffff8038a160ec0 : nt!MmSystemPtesWs
0xffffd0002a5bbff8 : 0xfffff800dd200000 : "fltmgr!FltpProcessIrpCtrlStackProfiler <PERF> (fltmgr+0x0)"
0xffffd0002a5bc010 : 0x0064007200610048 : !du "Harddisk\Device\"
0xffffd0002a5bc018 : 0x006b007300690064 : !du "disk\Device\"
0xffffd0002a5bc020 : 0x007600650044005c : !du "\Device\"
0xffffd0002a5bc088 : 0xfffff800deb8af08 : luafv!LuafvEcpType
0xffffd0002a5bc0a8 : 0xfffff800deb9bee4 : luafv!LuafvCleanUpEcp
0xffffd0002a5bc0b8 : 0xfffff8038a274767 : nt!FsRtlAllocateExtraCreateParameter+0x53
0xffffd0002a5bc0c8 : 0xfffff800deb8af08 : luafv!LuafvEcpType
0xffffd0002a5bc0e8 : 0xfffff8038a0a748e : nt!ExAllocatePoolWithTag+0x89e
0xffffd0002a5bc1b8 : 0xfffff800deb9d13b : luafv!LuafvReparse+0xb3
0xffffd0002a5bc1e8 : 0x004d00500048002e : !du ".HPManifest"
0xffffd0002a5bc1f0 : 0x00660069006e0061 : !du "anifest"
0xffffd0002a5bc258 : 0xfffff800dd203ab7 : fltmgr!FltpPerformPostCallbacks+0x2d7
0xffffd0002a5bc288 : 0xfffff800dd20488e : fltmgr!FltpLinkCompletionNodeToInstance+0x10e
0xffffd0002a5bc328 : 0xfffff800dd20441d : fltmgr!FltpPassThroughCompletionWorker+0x7d
0xffffd0002a5bc398 : 0xfffff800dd203504 : fltmgr!FltpLegacyProcessingAfterPreCallbacksCompleted+0x684
0xffffd0002a5bc3d0 : 0xfffff800dd224010 : fltmgr!WPP_GLOBAL_Control
0xffffd0002a5bc408 : 0xfffff800dd202d0c : fltmgr!FltpPassThroughInternal+0x8c
0xffffd0002a5bc418 : 0xfffff800dd224010 : fltmgr!WPP_GLOBAL_Control
0xffffd0002a5bc438 : 0xfffff800dd22b349 : fltmgr!FltpCreate+0x339
0xffffd0002a5bc478 : 0xfffff800dd203f22 : !du "$Volume"
0xffffd0002a5bc4e8 : 0xfffff8038a1fd689 : nt!IopParseDevice+0x6c9
0xffffd0002a5bc5e8 : 0xfffff80389e7f61e : nt!SeAccessCheck+0x5e
0xffffd0002a5bc628 : 0xfffff8038a1f1762 : nt!ObpLookupDirectoryUsingHash+0x272
0xffffd0002a5bc6d0 : 0xfffff8038a1fcfc0 : nt!IopParseDevice
0xffffd0002a5bc6d8 : 0xfffff8038a2a5d0e : nt!ObpLookupObjectName+0x7be
0xffffd0002a5bc778 : 0xfffff8038a1fa955 : nt!ObpCaptureObjectCreateInformation+0x1c5
0xffffd0002a5bc818 : 0xfffff8038a1fa093 : nt!ObOpenObjectByName+0x1e3
0xffffd0002a5bc878 : 0xfffff80389e823da : nt!MiLockProtoPoolPage+0x22a
0xffffd0002a5bc8c8 : 0xffffd0002a5bca88 : 0xfffff80389f693e3 : nt!KiSystemServiceCopyEnd+0x13
0xffffd0002a5bc948 : 0xfffff8038a29e5d5 : nt!IopCreateFile+0x825
0xffffd0002a5bc9c8 : 0xfffff80389e79510 : nt!UNLOCK_WORKING_SET+0x30
0xffffd0002a5bc9f8 : 0xfffff8038a1a09c4 : nt!NtCreateFile+0x78
0xffffd0002a5bca88 : 0xfffff80389f693e3 : nt!KiSystemServiceCopyEnd+0x13
0xffffd0002a5bcaf8 : 0xfffff80389f66cc5 : nt!KiPageFault+0x445
0xffffd0002a5bcb00 : 0x0000000075795030 : Trap @ ffffd0002a5bcb00

1: kd> .trap ffffd0002a5bcb00;knL
NOTE: The trap frame does not contain all registers.
Some register values may be zeroed or incorrect.
rax=0000000000000000 rbx=0000000000000000 rcx=0000000000000000
rdx=0000000000000000 rsi=0000000000000000 rdi=0000000000000000
rip=00007ffcde330c5a rsp=0000000000a3e1e8 rbp=0000000000b3fbe8
r8=0000000000000000 r9=0000000000000000 r10=0000000000000000
r11=0000000000000000 r12=0000000000000000 r13=0000000000000000
r14=0000000000000000 r15=0000000000000000
iopl=0 nv up ei pl nz na po nc
0033:00007ffc`de330c5a ?? ???
*** Stack trace for last set context - .thread/.cxr resets it
# Child-SP RetAddr Call Site
00 00000000`00a3e1e8 00000000`00000000 0x00007ffc`de330c5a
1: kd> !thread
THREAD ffffe0004dada080 Cid 0864.1fb0 Teb: 000000007ec1c000 Win32Thread: fffff901441a2b50 RUNNING on processor 1
IRP List:
Unable to read nt!_IRP @ ffffe0004c5fd710
Not impersonating
GetUlongFromAddress: unable to read from fffff8038a0b4b70
Owning Process ffffe0004dbe3900 Image: loadsapr.exe
Attached Process N/A Image: N/A
fffff78000000000: Unable to get shared data
Wait Start TickCount 3435498
Context Switch Count 15 IdealProcessor: 0
ReadMemory error: Cannot get nt!KeMaximumIncrement value.
UserTime 00:00:00.000
KernelTime 00:00:00.000
Win32 Start Address 0x00000000008fe48e
Stack Init ffffd0002a5bcc90 Current ffffd00029e93840
Base ffffd0002a5bd000 Limit ffffd0002a5b7000 Call 0000000000000000
Priority 9 BasePriority 8 PriorityDecrement 0 IoPriority 2 PagePriority 5
Child-SP RetAddr : Args to Child : Call Site
ffffd000`2a5bae58 fffff803`89f69769 : 00000000`0000003b 00000000`c0000005 fffff800`dd9b3587 ffffd000`2a5bb710 : nt!KeBugCheckEx
ffffd000`2a5bae60 fffff803`89f68e7c : ffffd000`2a5bbef8 ffffd000`2a5bb710 ffffd000`2a5bcb00 fffff803`8a29e5d5 : nt!KiBugCheckDispatch+0x69
ffffd000`2a5bafa0 fffff803`89f6206d : ffffd000`2a5bb710 00000000`00000000 ffffd000`2a5bbef8 ffffd000`2a5bb110 : nt!KiSystemServiceHandler+0x7c
ffffd000`2a5bafe0 fffff803`89e9f515 : 00000000`00000001 fffff803`89e19000 ffffd000`2a5bbe01 fffff800`00000000 : nt!RtlpExecuteHandlerForException+0xd
ffffd000`2a5bb010 fffff803`89ef2cc9 : ffffd000`2a5bbef8 ffffd000`2a5bbc10 ffffd000`2a5bbef8 ffffd000`2a5bc190 : nt!RtlDispatchException+0x1a5
ffffd000`2a5bb6e0 fffff803`89f69842 : 00000000`00000000 ffffd000`2a5bbe58 00000000`00000000 00000000`00000000 : nt!KiDispatchException+0x18d
ffffd000`2a5bbdc0 fffff803`89f66c82 : fffff800`dd9b8c58 ffffe000`4dada000 00000000`00000000 00000000`00000000 : nt!KiExceptionDispatch+0xc2
ffffd000`2a5bbfa0 fffff800`dd9b3587 : 00000000`00000001 00000000`00000003 00000000`00000000 ffffd000`22a11230 : nt!KiPageFault+0x402 (TrapFrame @ ffffd000`2a5bbfa0)
ffffd000`2a5bc130 00000000`00000001 : 00000000`00000003 00000000`00000000 ffffd000`22a11230 ffffe000`6d4e6f49 : HPEDpHsmX64+0x2587
ffffd000`2a5bc138 00000000`00000003 : 00000000`00000000 ffffd000`22a11230 ffffe000`6d4e6f49 00000000`00000009 : 0x1
ffffd000`2a5bc140 00000000`00000000 : ffffd000`22a11230 ffffe000`6d4e6f49 00000000`00000009 ffffc000`00000000 : 0x3

 

[philc43]

Hello @manjubn64 and welcome to Sysnative

We will need to know a bit more about your system - please review and follow the instructions below:

Blue Screen of Death (BSOD) Posting Instructions - Windows 10, 8.1, 8, 7 + Vista

 

[manjubn64]

Thank you Phil,

will try to capture the info.
since it is production box, it may take some time. any specific info if you are looking for i can get it .

 

[philc43]

The key thing is to run the BSOD Log Collector and provide the zip file that is created.

 

[manjubn64]

Phil,

logs are attached,

thank you
Manju

 

[x BlueRobot]

5: kd> knL
 # Child-SP          RetAddr           Call Site
00 ffffd000`a8878e58 fffff800`04fc2769 nt!KeBugCheckEx
01 ffffd000`a8878e60 fffff800`04fc1e7c nt!KiBugCheckDispatch+0x69
02 ffffd000`a8878fa0 fffff800`04fbb06d nt!KiSystemServiceHandler+0x7c
03 ffffd000`a8878fe0 fffff800`04ef8515 nt!RtlpExecuteHandlerForException+0xd
04 ffffd000`a8879010 fffff800`04f4bcc9 nt!RtlDispatchException+0x1a5
05 ffffd000`a88796e0 fffff800`04fc2842 nt!KiDispatchException+0x18d
06 ffffd000`a8879dc0 fffff800`04fbfc82 nt!KiExceptionDispatch+0xc2
07 ffffd000`a8879fa0 fffff800`6bfed587 nt!KiPageFault+0x402 << Illegal page fault
08 ffffd000`a887a130 00000000`00000001 HPEDpHsmX64+0x2587
09 ffffd000`a887a138 00000000`00000003 0x1
0a ffffd000`a887a140 00000000`00000000 0x3

The crash was caused by a unhandled page fault. The page fault could not be resolved since the driver was using a null pointer.

5: kd> .cxr 0xffffd000a8879710
rax=0000000000000000 rbx=ffffe800147a4a98 rcx=0000000000000000
rdx=ffffd000a887a2a8 rsi=fffff8006bff2c58 rdi=ffffd000a887a190
rip=fffff8006bfed587 rsp=ffffd000a887a130 rbp=ffffe001581e5470
 r8=0000000000000000  r9=0000000000000000 r10=fffff8006b95f000
r11=0000000000000000 r12=0000000000000000 r13=ffffe0015c8c2370
r14=0000000000000000 r15=ffffe001581e5690
iopl=0         nv up ei pl zr na po nc
cs=0010  ss=0018  ds=002b  es=002b  fs=0053  gs=002b             efl=00010246
HPEDpHsmX64+0x2587:
fffff800`6bfed587 833846          cmp     dword ptr [rax],46h ds:002b:00000000`00000000=????????

Please ensure that you either remove or find a suitable update for your HPE Management software.

5: kd> lmvm HPEDpHsmX64
Browse full module list
start             end                 module name
fffff800`6bfeb000 fffff800`6bffd000   HPEDpHsmX64 T (no symbols)           
    Loaded symbol image file: HPEDpHsmX64.sys
    Image path: HPEDpHsmX64.sys
    Image name: HPEDpHsmX64.sys
    Browse all global symbols  functions  data
    Timestamp:        Tue May 16 05:44:34 2017 (591A83B2)
    CheckSum:         0001D4E2
    ImageSize:        00012000
    Translations:     0000.04b0 0000.04e4 0409.04b0 0409.04e4
    Information from resource tables:

 

[manjubn64]

thank you all

 

[zbook]

The logs displayed drive file system corruption.

If you can find some server downtime > run Chkdsk /r / v C:



Open administrative command prompt and type or copy and paste:
chkdsk /r /v
This may take hours to run so plan to run overnight.

C:\Windows\system32>chkdsk /r /v
The type of the file system is NTFS.
Cannot lock current drive.

Chkdsk cannot run because the volume is in use by another
process. Would you like to schedule this volume to be
checked the next time the system restarts? (Y/N)

Type: Y
reboot


Use the information in this link to find the chkdsk report in the event viewer.
Copy and paste into notepad > save to desktop > post into the thread using a one drive, drop box, or google drive share link:
Read Chkdsk Log in Event Viewer in Windows 10 Windows 10 Performance Maintenance Tutorials
Read Chkdsk Log in Event Viewer in Windows 10

Event[34747]:
  Log Name: System
  Source: Ntfs
  Date: 2021-01-14T23:34:25.407
  Event ID: 55
  Task: N/A
  Level: Error
  Opcode: Info
  Keyword: N/A
  User: S-1-5-18
  User Name: NT AUTHORITY\SYSTEM
  Computer: USDC1INFMSBK02P.apll.com
  Description:
A corruption was discovered in the file system structure on volume C:.

A corruption was found in a file system index structure.  The file reference number is 0x100000000637d.  The name of the file is "\Windows\WinSxS\Temp\PendingRenames".  The corrupted index attribute is ":$I30:$INDEX_ALLOCATION".

Event[8078]:
  Log Name: Application
  Source: Chkdsk
  Date: 2021-01-14T23:34:25.000
  Event ID: 26228
  Task: N/A
  Level: Information
  Opcode: Info
  Keyword: Classic
  User: N/A
  User Name: N/A
  Computer: USDC1INFMSBK02P.apll.com
  Description:
Chkdsk was executed in verify mode on a volume snapshot. 

Checking file system on \Device\HarddiskVolume2
Insufficient storage available to create either the shadow copy storage file or other shadow copy data.

A snapshot error occured while scanning this drive. Run an offline scan and fix.