BSOD Windows 8.1

A

Afrikaners

Member
Joined
May 15, 2015
Posts
5
I followed the instructions however I experienced the following problems


1. I could not upload the file

upload error.JPG

2. Perfmon /Report never finished


OS - Windows 8.1, 8, 7, Vista ? : windows 8.1
· x86 (32-bit) or x64 ? :x64
· What was original installed OS on system? : Yes
· Is the OS an OEM version (came pre-installed on system) or full retail version (YOU purchased it from retailer)? : OEM
· Age of system (hardware) : < 1year
· Age of OS installation - have you re-installed the OS? : Original installation

· CPU
· Video Card
· MotherBoard - (if NOT a laptop)
· Power Supply - brand & wattage (if laptop, skip this one)

· System Manufacturer : Lenovo
· Exact model number (if laptop, check label on bottom) : yoga s1 - 20CD-CT0WW

· Laptop or Desktop? : laptop
 
The error is self-explanatory, your zip is a little larger than we allow.

Upload it to a website of your choice and paste the link here.
 
Code: 
0: kd> .bugcheck
Bugcheck code 0000009F
Arguments 00000000`00000003 ffffe001`fe403810 fffff802`a2245960 ffffe002`0c3db960

Code: 
0: kd> !irp ffffe0020c3db960
ffffe0020c3db960: Could not read Irp

Despite being an 0x3, this shows that this is likely not a simple driver blocking an IRP, but a lock. We can sort of confirm that by checking another 0x9F dump:

Code: 
1: kd> .bugcheck
Bugcheck code 0000009F
Arguments 00000000`00000004 00000000`0000012c ffffe001`cae61040 ffffd000`d7d1b980

0x4 parameter this time, so it's a lock.

This bug check cannot be debugged without a kernel dump, so we're going to do it this way:

1. Enable Driver Verifier to kill two birds with one stone:

Driver Verifier:

What is Driver Verifier?

Driver Verifier monitors Windows kernel-mode drivers, graphics drivers, and even 3rd party drivers to detect illegal function calls or actions that might corrupt the system. Driver Verifier can subject the Windows drivers to a variety of stresses and tests to find improper behavior.

Essentially, if there's a 3rd party driver believed to be causing the issues at hand, enabling Driver Verifier will help us see which specific driver is causing the problem.

Before enabling Driver Verifier, it is recommended to create a System Restore Point:

Vista - START | type rstrui - create a restore point
Windows 7 - START | type create | select "Create a Restore Point"
Windows 8/8.1 - Restore Point - Create in Windows 8

How to enable Driver Verifier:

Start > type "verifier" without the quotes > Select the following options -

1. Select - "Create custom settings (for code developers)"
2. Select - "Select individual settings from a full list"
3. Check the following boxes -
- Special Pool
- Pool Tracking
- Force IRQL Checking
- Deadlock Detection
- Security Checks (only on Windows 7 & 8/8.1)
- DDI compliance checking (only on Windows 8/8.1)
- Miscellaneous Checks
4. Select - "Select driver names from a list"
5. Click on the "Provider" tab. This will sort all of the drivers by the provider.
6. Check EVERY box that is NOT provided by Microsoft / Microsoft Corporation.
7. Click on Finish.
8. Restart.

Important information regarding Driver Verifier:

- Perhaps the most important which I will now clarify as this has been misunderstood often, enabling Driver Verifier by itself is not! a solution, but instead a diagnostic utility. It will tell us if a driver is causing your issues, but again it will not outright solve your issues.

- If Driver Verifier finds a violation, the system will BSOD. To expand on this a bit more for the interested, specifically what Driver Verifier actually does is it looks for any driver making illegal function calls, causing memory leaks, etc. When and/if this happens, system corruption occurs if allowed to continue. When Driver Verifier is enabled per my instructions above, it is monitoring all 3rd party drivers (as we have it set that way) and when it catches a driver attempting to do this, it will quickly flag that driver as being a troublemaker, and bring down the system safely before any corruption can occur.

- After enabling Driver Verifier and restarting the system, depending on the culprit, if for example the driver is on start-up, you may not be able to get back into normal Windows because Driver Verifier will detect it in violation almost straight away, and as stated above, that will cause / force a BSOD.

If this happens, do not panic, do the following:

- Boot into Safe Mode by repeatedly tapping the F8 key during boot-up.

- Once in Safe Mode - Start > Search > type "cmd" without the quotes.

- To turn off Driver Verifier, type in cmd "verifier /reset" without the quotes.

- Restart and boot into normal Windows.

If your OS became corrupt or you cannot boot into Windows after disabling verifier via Safe Mode:

- Boot into Safe Mode by repeatedly tapping the F8 key during boot-up.

- Once in Safe Mode - Start > type "system restore" without the quotes.

- Choose the restore point you created earlier.

-- Note that Safe Mode for Windows 8/8.1 is a bit different, and you may need to try different methods: 5 Ways to Boot into Safe Mode in Windows 8 & Windows 8.1

How long should I keep Driver Verifier enabled for?

I recommend keeping it enabled for at least 24 hours. If you don't BSOD by then, disable Driver Verifier. I will usually say whether or not I'd like for you to keep it enabled any longer.

My system BSOD'd with Driver Verifier enabled, where can I find the crash dumps?

- If you have the system set to generate Small Memory Dumps, they will be located in %systemroot%\Minidump.

- If you have the system set to generate Kernel Memory Dumps, it will be located in %systemroot% and labeled MEMORY.DMP.

Any other questions can most likely be answered by this article:

Using Driver Verifier to identify issues with Windows drivers for advanced users

2. Once #1 is done, wait for a crash, and when you crash, instead of uploading the newest dump from C:\Windows\Minidump, get it from C:\Windows (it's called MEMORY.DMP) instead. It's larger, because it contains the info we need.

Upload it and paste the link just like you did in your previous reply.
 
The dump file doesn't have much saved. The only indication is a network device object on the device stack for the IRP.
We'll need a Kernel dump from C:\Windows\memory.dmp

Update your network drivers if you haven't done so already.

Code: 
0: kd> !devstack ffffe001fe403810
  !DevObj           !DrvObj            !DevExt           ObjectName
  ffffe001fe500050  \Driver\NdisWan    ffffe001fe5001a0  InfoMask field not found for _OBJECT_HEADER at ffffe001fe500020

> ffffe001fe403810  \Driver\SoftwareDeviceffffc0006f8c4680  InfoMask field not found for _OBJECT_HEADER at ffffe001fe4037e0

0: kd> !drvobj ffffe001f8abae60
fffff802a0944e30: Unable to get value of ObpRootDirectoryObject
fffff802a0944e30: Unable to get value of ObpRootDirectoryObject
Driver object (ffffe001f8abae60) is for:
 \Driver\SoftwareDevice
Driver Extension List: (id , addr)

Device Object list:
ffffe00207f7caa0: Could not read device object
 
Have you checked the directory indicated by Jared?

The Kernel Memory Dump is stored here:

Code: 
C:\Windows\MEMORY.DMP

You will to copy the dump file into a zipped folder, and then upload to Dropbox.
 

Has Sysnative Forums helped you? Please consider donating to help us support the site!

Back
Top