Navigation
Install the app
How to install the app on iOS
Follow along with the video below to see how to install our site as a web app on your home screen.
Note: This feature may not be available in some browsers.
More options
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an alternative browser.
You should upgrade or use an alternative browser.
BSOD IRQL_NOT_LESS_OR_EQUAL ntoskrnl.exe+1509a0 - Windows 8.1 x64
- Thread starter tonyx1024
- Start date
· OS - Windows 8.1
· x64
· What was original installed OS on system? : win 8.1 pro
· Is the OS an OEM version (came pre-installed on system) or full retail version (YOU purchased it from retailer)? retail
· Age of system (hardware): 5 year
· Age of OS installation - have you re-installed the OS? : recent 2 month.
· CPU :i7-980x
· Video Card : two cards Nvidia GTX-460, Nvidia Quadro FX 580
· MotherBoard - (if NOT a laptop) ASUS Rampage III formula
· Power Supply - brand & wattage (if laptop, skip this one) TX 850 M
· System Manufacturer :Custom build.
· Laptop or Desktop? : Desktop
· x64
· What was original installed OS on system? : win 8.1 pro
· Is the OS an OEM version (came pre-installed on system) or full retail version (YOU purchased it from retailer)? retail
· Age of system (hardware): 5 year
· Age of OS installation - have you re-installed the OS? : recent 2 month.
· CPU :i7-980x
· Video Card : two cards Nvidia GTX-460, Nvidia Quadro FX 580
· MotherBoard - (if NOT a laptop) ASUS Rampage III formula
· Power Supply - brand & wattage (if laptop, skip this one) TX 850 M
· System Manufacturer :Custom build.
· Laptop or Desktop? : Desktop
Code:
2: kd> .bugcheck
Bugcheck code 0000000A
Arguments ffffd001`b377bdb0 00000000`00000002 00000000`00000000 fffff803`f629c580
Code:
2: kd> kv
Child-SP RetAddr : Args to Child : Call Site
ffffd001`b3773918 fffff803`f63634e9 : 00000000`0000000a ffffd001`b377bdb0 00000000`00000002 00000000`00000000 : nt!KeBugCheckEx
ffffd001`b3773920 fffff803`f6361d3a : 00000000`00000000 00000000`07e4aeec ffffe000`af5c9100 fffff960`0037f33d : nt!KiBugCheckDispatch+0x69
ffffd001`b3773a60 fffff803`f629c580 : fffff803`f635a8af 00000001`00000000 00000000`54c60249 000002a8`000004dc : nt!KiPageFault+0x23a (TrapFrame @ ffffd001`b3773a60)
ffffd001`b3773bf8 fffff803`f635a8af : 00000001`00000000 00000000`54c60249 000002a8`000004dc 00000000`00000438 : nt!KiCheckForSListAddress
ffffd001`b3773c00 fffff803`f635cb45 : 00000000`00000020 fffff803`f6359287 ffffe000`ab06f080 fffff901`45afe4a0 : nt!KiDispatchInterrupt+0xf
ffffd001`b3773c30 fffff803`f6359287 : ffffe000`ab06f080 fffff901`45afe4a0 00000000`00000001 00000000`07e40000 : nt!KiDpcInterruptBypass+0x25
ffffd001`b3773c40 00000000`77745807 : 00000000`7773f5b1 00000000`07e06f8c 00000000`00000000 00000000`07e06f6c : nt!KiInterruptDispatchLBControl+0x197 (TrapFrame @ ffffd001`b3773c40)
00000000`0541e208 00000000`7773f5b1 : 00000000`07e06f8c 00000000`00000000 00000000`07e06f6c 00000000`0541e268 : 0x77745807
00000000`0541e210 00000000`07e06f8c : 00000000`00000000 00000000`07e06f6c 00000000`0541e268 00000001`00000000 : 0x7773f5b1
00000000`0541e218 00000000`00000000 : 00000000`07e06f6c 00000000`0541e268 00000001`00000000 00000000`54c60249 : 0x7e06f8c
Code:
2: kd> .trap ffffd001`b3773a60
NOTE: The trap frame does not contain all registers.
Some register values may be zeroed or incorrect.
rax=ffffe000ab06f000 rbx=0000000000000000 rcx=ffffd001b3773c40
rdx=0000059b00000001 rsi=0000000000000000 rdi=0000000000000000
rip=fffff803f629c580 rsp=ffffd001b3773bf8 rbp=ffffd001b3773cc0
r8=0000000000010dd7 r9=0000000000000000 r10=ffffd001a7340180
r11=000000000000022b r12=0000000000000000 r13=0000000000000000
r14=0000000000000000 r15=0000000000000000
iopl=0 nv up ei ng nz na po nc
nt!KiCheckForSListAddress:
fffff803`f629c580 0fb78170010000 movzx eax,word ptr [rcx+170h] ds:ffffd001`b3773db0=0033Copying the contents of the value stored at address rcx + 170 to eax and zero extending it. We go off the fails on the KiCheckForSListAddress function, which is undocumented.
Code:
2: kd> !pte rcx
VA ffffd001b3773c40
PXE at FFFFF6FB7DBEDD00 PPE at FFFFF6FB7DBA0030 PDE at FFFFF6FB74006CD8 PTE at FFFFF6E800D9BB98
contains 00000000005EB863 contains 000000000097D863 contains 00000001FC967863 contains 80000002735D3963
GetUlongFromAddress: unable to read from fffff803f656a104
pfn 5eb ---DA--KWEV pfn 97d ---DA--KWEV pfn 1fc967 ---DA--KWEV pfn 2735d3 -G-DA--KWEVrcx is valid, there it's likely the pte contents of eax's register are bad.
Not much to work with here, so can you please enable verifier and give us a kernel-dump?
Driver Verifier:
What is Driver Verifier?
Driver Verifier monitors Windows kernel-mode drivers, graphics drivers, and even 3rd party drivers to detect illegal function calls or actions that might corrupt the system. Driver Verifier can subject the Windows drivers to a variety of stresses and tests to find improper behavior.
Essentially, if there's a 3rd party driver believed to be causing the issues at hand, enabling Driver Verifier will help us see which specific driver is causing the problem.
Before enabling Driver Verifier, it is recommended to create a System Restore Point:
Vista - START | type rstrui - create a restore point
Windows 7 - START | type create | select "Create a Restore Point"
Windows 8/8.1 - Restore Point - Create in Windows 8
How to enable Driver Verifier:
Start > type "verifier" without the quotes > Select the following options -
1. Select - "Create custom settings (for code developers)"
2. Select - "Select individual settings from a full list"
3. Check the following boxes -
- Special Pool
- Pool Tracking
- Force IRQL Checking
- Deadlock Detection
- Security Checks (only on Windows 7 & 8/8.1)
- DDI compliance checking (only on Windows 8/8.1)
- Miscellaneous Checks
4. Select - "Select driver names from a list"
5. Click on the "Provider" tab. This will sort all of the drivers by the provider.
6. Check EVERY box that is NOT provided by Microsoft / Microsoft Corporation.
7. Click on Finish.
8. Restart.
Important information regarding Driver Verifier:
- Perhaps the most important which I will now clarify as this has been misunderstood often, enabling Driver Verifier by itself is not! a solution, but instead a diagnostic utility. It will tell us if a driver is causing your issues, but again it will not outright solve your issues.
- If Driver Verifier finds a violation, the system will BSOD. To expand on this a bit more for the interested, specifically what Driver Verifier actually does is it looks for any driver making illegal function calls, causing memory leaks, etc. When and/if this happens, system corruption occurs if allowed to continue. When Driver Verifier is enabled per my instructions above, it is monitoring all 3rd party drivers (as we have it set that way) and when it catches a driver attempting to do this, it will quickly flag that driver as being a troublemaker, and bring down the system safely before any corruption can occur.
- After enabling Driver Verifier and restarting the system, depending on the culprit, if for example the driver is on start-up, you may not be able to get back into normal Windows because Driver Verifier will detect it in violation almost straight away, and as stated above, that will cause / force a BSOD.
If this happens, do not panic, do the following:
- Boot into Safe Mode by repeatedly tapping the F8 key during boot-up.
- Once in Safe Mode - Start > Search > type "cmd" without the quotes.
- To turn off Driver Verifier, type in cmd "verifier /reset" without the quotes.
- Restart and boot into normal Windows.
If your OS became corrupt or you cannot boot into Windows after disabling verifier via Safe Mode:
- Boot into Safe Mode by repeatedly tapping the F8 key during boot-up.
- Once in Safe Mode - Start > type "system restore" without the quotes.
- Choose the restore point you created earlier.
-- Note that Safe Mode for Windows 8/8.1 is a bit different, and you may need to try different methods: 5 Ways to Boot into Safe Mode in Windows 8 & Windows 8.1
How long should I keep Driver Verifier enabled for?
I recommend keeping it enabled for at least 24 hours. If you don't BSOD by then, disable Driver Verifier. I will usually say whether or not I'd like for you to keep it enabled any longer.
My system BSOD'd with Driver Verifier enabled, where can I find the crash dumps?
- If you have the system set to generate Small Memory Dumps, they will be located in %systemroot%\Minidump.
- If you have the system set to generate Kernel Memory Dumps, it will be located in %systemroot% and labeled MEMORY.DMP.
Any other questions can most likely be answered by this article:
Using Driver Verifier to identify issues with Windows drivers for advanced users
Windows key + Pause key. This should bring up System. Click Advanced System Settings on the left > Advanced > Startup and Recovery > Settings > System Failure > ensure there is a check mark next to 'Write an event to the system log'. Ensure that Kernel Memory Dump is set and that C:\Windows is its path. After the system crashes with verifier enabled, upload it 3rd party (OneDrive or Google Drive, etc) and paste the link here.
Be sure to zip it up so it's compressed, please.
Has Sysnative Forums helped you? Please consider donating to help us support the site!