Multiple BSOD while playing Blizzard games

Roberta · Apr 24, 2014

I have been working with Dell support to resolve these problems. They've asked me to do another Windows reinstall. However, I stumbled onto your site and thought maybe someone here will have some ideas. I'm not sure how much computer knowledge is required to use this site so I'll say up front I don't have much.

The BSOD have only occurred while playing Blizzard games (WoW, Diablo, Hearthstone)

When I try to run the PERFMON (following the instructions), I receive the following message:
An error occured while attempting to generate the report. The operator or administrator has refused the request.

· OS - Windows 8.1
· x64
· Original Windows 8.0
· OEM version
· 1 year
· Refreshed in March
· Intel(R) Core(TM)i7-4770 CPU @ 3.40GHz 3.40 GHz
· Video Card - nVidia GeForce GTX660
· MotherBoard- Dell?
· Power Supply - (I'm not sure how to find this out)
· System Manufacturer Dell
· Exact model number XPS8700
· Desktop

Patrick · Apr 24, 2014

Hi,

We have many different bug checks:

KMODE_EXCEPTION_NOT_HANDLED (1e)

This indicates that a kernel-mode program generated an exception which the error handler did not catch.

Code:

BugCheck 1E, {ffffffffc0000005, fffff8025cabb644, 0, 1b540d43}

Code:

5: kd> ln fffff8025cabb644
(fffff802`5cabb340)   nt!PpmIdleExecuteTransition+0x304   |  (fffff802`5cabba10)   nt!PpmTestAndLockProcessors

^^ The exception occurred in nt!PpmIdleExecuteTransition.

Code:

5: kd> k
Child-SP          RetAddr           Call Site
ffffd001`a08e9778 fffff802`5cbe06d6 nt!KeBugCheckEx
ffffd001`a08e9780 fffff802`5cb604ed nt!KiFatalExceptionHandler+0x22
ffffd001`a08e97c0 fffff802`5caea105 nt!RtlpExecuteHandlerForException+0xd
ffffd001`a08e97f0 fffff802`5cae8fbf nt!RtlDispatchException+0x1a5
ffffd001`a08e9ec0 fffff802`5cb64bc2 nt!KiDispatchException+0x61f
ffffd001`a08ea5b0 fffff802`5cb63314 nt!KiExceptionDispatch+0xc2
ffffd001`a08ea790 fffff802`5cabb644 nt!KiPageFault+0x214
ffffd001`a08ea920 fffff802`5cabb18a nt!PpmIdleExecuteTransition+0x304
ffffd001`a08eab10 fffff802`5cb5cabc nt!PoIdle+0x27a
ffffd001`a08eac60 00000000`00000000 nt!KiIdleLoop+0x2c

It looks like processor #5 called into a pagefault while attempting to transition from an idle state. As this is only a minidump, we cannot dump the other call stacks from the other processors to determine what may have caused this to occur.

SYSTEM_THREAD_EXCEPTION_NOT_HANDLED_M (1000007e)

This indicates that a system thread generated an exception which the error handler did not catch.

Code:

BugCheck 1000007E, {ffffffffc0000005, fffff801e616bdcf, ffffd000245a3608, ffffd000245a2e10}

^^ The 1st parameter of the bug check is 0xc0000005 which indicates an access violation occurred.

Code:

4: kd> .exr 0xffffd000245a3608
ExceptionAddress: fffff801e616bdcf (nt!KiSwapContext+0x000000000000000f)
   ExceptionCode: c0000005 (Access violation)

^^ The violation occurred in nt!KiSwapContext.

Code:

4: kd> k
Child-SP          RetAddr           Call Site
ffffd000`245a3848 fffff801`e606bd1e nt!KiSwapContext+0xf
ffffd000`245a3988 fffff801`e606b779 nt!KiSwapThread+0x14e
ffffd000`245a3a28 fffff801`e607bdfa nt!KiCommitThreadWait+0x129
ffffd000`245a3aa8 00000000`00000032 nt!KeWaitForSingleObject+0x22a
ffffd000`245a3b38 fffff801`c72fa5ed 0x32
ffffd000`245a3b40 fffff801`c951433c ndis!NdisMSleep+0x59
ffffd000`245a3bc0 ffffe000`21dab030 athw8x+0x26033c
ffffd000`245a3bc8 fffff801`00000010 0xffffe000`21dab030
ffffd000`245a3bd0 ffffe000`00000008 0xfffff801`00000010
ffffd000`245a3bd8 ffffe000`21d63040 0xffffe000`00000008
ffffd000`245a3be0 ffffe000`21d9f030 0xffffe000`21d63040
ffffd000`245a3be8 ffffe000`1ca72040 0xffffe000`21d9f030
ffffd000`245a3bf0 00000000`00000000 0xffffe000`1ca72040

athw8x.sys (Atheros Wireless LAN driver) called the ndis!NdisMSleep function which delayed the execution of the caller for a given interval in microseconds, and it looks like a deadlock may have occurred.

SYSTEM_SERVICE_EXCEPTION (3b)

This indicates that an exception happened while executing a routine that transitions from non-privileged code to privileged code.

This error has been linked to excessive paged pool usage and may occur due to user-mode graphics drivers crossing over and passing bad data to the kernel code.

Code:

BugCheck 3B, {c0000005, fffff8035ac5569a, ffffd000285eafc0, 0}

Code:

3: kd> ln fffff8035ac5569a
(fffff803`5ac555cc)   nt!NtCreateEvent+0xce   |  (fffff803`5ac55804)   nt!ObInsertObjectEx

^^ The exception occurred in nt!NtCreateEvent, which is a routine that creates an event object, sets the initial state of the event to the specified value, and opens a handle to the object with the specified desired access.

IRQL_NOT_LESS_OR_EQUAL (a)

This indicates that Microsoft Windows or a kernel-mode driver accessed paged memory at DISPATCH_LEVEL or above.

This bug check is issued if paged memory (or invalid memory) is accessed when the IRQL is too high. The error that generates this bug check usually occurs after the installation of a faulty device driver, system service, or BIOS.

Code:

2: kd> k
Child-SP          RetAddr           Call Site
ffffd001`42de99c8 fffff801`21965ae9 nt!KeBugCheckEx
ffffd001`42de99d0 fffff801`2196433a nt!KiBugCheckDispatch+0x69
ffffd001`42de9b10 fffff801`218bd47f nt!KiPageFault+0x23a
ffffd001`42de9ca0 fffff801`218ba678 nt!KeAccumulateTicks+0x14f
ffffd001`42de9d30 fffff801`21f9767f nt!KeClockInterruptNotify+0x788
ffffd001`42de9f40 fffff801`218d5363 hal!HalpTimerClockInterrupt+0x4f
ffffd001`42de9f70 fffff801`2195b42a nt!KiCallInterruptServiceRoutine+0xa3
ffffd001`42de9fb0 fffff801`2195b80f nt!KiInterruptSubDispatchNoLockNoEtw+0xea
ffffd001`43d7d7d0 00000000`00000000 nt!KiInterruptDispatchLBControl+0x11f

^^ Processor #2 receives a clock interrupt notifcation, accumulates the ticks, and then calls into a pagefault.

Code:

FAILURE_ID_HASH_STRING:  km:ip_misaligned

^^ Misaligned instruction pointer.

KERNEL_SECURITY_CHECK_FAILURE (139)

This bug check indicates that the kernel has detected the corruption of a critical data structure.

Code:

BugCheck 139, {3, ffffd00023148160, ffffd000231480b8, 0}

^^ The first parameter of the bug check is 3, which indicates a LIST_ENTRY corruption occurred. This type of bug check can be difficult to track down and indicates that an inconsistency has been introduced into a doubly-linked list (detected when an individual list entry element is added to or removed from the list).

Code:

5: kd> k
Child-SP          RetAddr           Call Site
ffffd000`23147e38 fffff803`0c3e2ae9 nt!KeBugCheckEx
ffffd000`23147e40 fffff803`0c3e2e10 nt!KiBugCheckDispatch+0x69
ffffd000`23147f80 fffff803`0c3e2034 nt!KiFastFailDispatch+0xd0
ffffd000`23148160 fffff802`00982987 nt!KiRaiseSecurityCheckFailure+0xf4
ffffd000`231482f0 fffff802`00922855 dxgkrnl!DXGDEVICE::TerminateAllocations+0x5f2f7
ffffd000`23148390 fffff802`00922354 dxgkrnl!DXGDEVICE::DestroyAllocationInternal+0x12d
ffffd000`231483e0 fffff802`00921c11 dxgkrnl!DxgkDestroyAllocationInternal+0x264
ffffd000`231486d0 fffff803`0c3e27b3 dxgkrnl!DxgkDestroyAllocation+0x301
ffffd000`23148b00 00000000`7760741a nt!KiSystemServiceCopyEnd+0x13
00000000`1bafe828 00000000`00000000 0x7760741a

^^ Various DirectX Kernel routines.

PAGE_FAULT_IN_NONPAGED_AREA (50)

This indicates that invalid system memory has been referenced.

Bug check 0x50 usually occurs after the installation of faulty hardware or in the event of failure of installed hardware (usually related to defective RAM, be it main memory, L2 RAM cache, or video RAM).

Another common cause is the installation of a faulty system service.

Antivirus software can also trigger this error, as can a corrupted NTFS volume.

Code:

MODULE_NAME: hardware

FAILURE_BUCKET_ID:  IP_MISALIGNED

BUCKET_ID:  IP_MISALIGNED

^^ Once again we can see a misaligned instruction pointer.

Code:

BugCheck 50, {ffffffffffffff8d, 1, fffff8002a5d37ba, 0}

^^ Address ffffffffffffff8d was written to by the instruction at address fffff8002a5d37ba.

Code:

0: kd> r cr2
Last set context:
cr2=ffffffffffffff8d

^^ The 1st parameter address was stored in cr2 prior to calling the page fault handler.

Code:

0: kd> !pte ffffffffffffff8d
                                           VA ffffffffffffff8d
PXE at FFFFF6FB7DBEDFF8    PPE at FFFFF6FB7DBFFFF8    PDE at FFFFF6FB7FFFFFF8    PTE at FFFFF6FFFFFFFFF8
contains 000000000139F063  contains 00000000013A0063  contains 0000000000ECF063  contains 0000000000000000
GetUlongFromAddress: unable to read from fffff8002a7c8104
pfn 139f      ---DA--KWEV  pfn 13a0      ---DA--KWEV  pfn ecf       ---DA--KWEV  not valid

^^ We can see from the above that the address ffffffffffffff8dis indeed invalid. With this said, why did ffffffffffffff8dattempt to write to fffff8002a5d37ba?

Code:

0: kd> kv
Child-SP          RetAddr           : Args to Child                                                           : Call Site
ffffd000`215362e8 fffff800`2a5f90e7 : 00000000`00000050 ffffffff`ffffff8d 00000000`00000001 ffffd000`215364d0 : nt!KeBugCheckEx
ffffd000`215362f0 fffff800`2a4db9c9 : 00000000`00000001 ffffe000`10b21880 ffffd000`215364d0 ffffe000`10b21880 : nt! ?? ::FNODOBFM::`string'+0x20c37
ffffd000`21536390 fffff800`2a5d222f : 00000000`00000001 ffffe000`10b21880 ffffe000`00000000 ffffd000`215364d0 : nt!MmAccessFault+0x7a9
ffffd000`215364d0 fffff800`2a5d37ba : ffffe000`10b21880 ffffd000`21536888 ffffd000`21536678 ffffd000`21536750 : nt!KiPageFault+0x12f (TrapFrame @ ffffd000`215364d0)
ffffd000`21536660 fffff800`2a5cbc00 : fffff960`001a42d1 ffffffff`00000001 00000000`00000800 00000000`00000002 : nt!KiSystemServiceCopyEnd+0x1a (TrapFrame @ ffffd000`215366d0)
ffffd000`21536868 fffff960`001a42d1 : ffffffff`00000001 00000000`00000800 00000000`00000002 00000000`00000001 : nt!KiServiceLinkage
ffffd000`21536870 fffff960`001953b6 : ffffe000`10f105a0 00000000`00000000 ffffd000`215369f9 00000000`00000224 : win32k!CTokenManager::ProcessTokens+0x119
ffffd000`21536960 fffff960`0019527f : 00000000`00000000 00000000`00000000 00000000`00000000 000000d5`4999f900 : win32k!CTokenManager::TokenThread+0xea
ffffd000`21536a60 fffff800`2a5d37b3 : ffffe000`10b21880 00000000`00000000 00000000`00000020 00000000`00000000 : win32k!NtTokenManagerThread+0xf7
ffffd000`21536b00 00007ffb`96880e4a : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x13 (TrapFrame @ ffffd000`21536b00)
000000d5`4999f988 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x00007ffb`96880e4a

Code:

0: kd> .trap ffffd000`215364d0
NOTE: The trap frame does not contain all registers.
Some register values may be zeroed or incorrect.
rax=0000000000000002 rbx=0000000000000000 rcx=c7cc9aca2e690000
rdx=ffffe00010d909b0 rsi=0000000000000000 rdi=0000000000000000
rip=fffff8002a5d37ba rsp=ffffd00021536660 rbp=ffffd00021536750
 r8=ffffe00010d909b0  r9=00000000000007ff r10=fffff8002a75ae80
r11=ffffd00021536650 r12=0000000000000000 r13=0000000000000000
r14=0000000000000000 r15=0000000000000000
iopl=0         nv up ei pl zr na po nc
nt!KiSystemServiceCopyEnd+0x1a:
fffff800`2a5d37ba 00488b          add     byte ptr [rax-75h],cl ds:ffffffff`ffffff8d=??

^^ On the instruction we failed on, address fffff800`2a5d37ba deferenced rax where rax is 0000000000000002. All of this would result in a memory write to the address ffffffff`ffffff8d.

Code:

0: kd> !pte ffffffff`ffffff8d
                                           VA ffffffffffffff8d
PXE at FFFFF6FB7DBEDFF8    PPE at FFFFF6FB7DBFFFF8    PDE at FFFFF6FB7FFFFFF8    PTE at FFFFF6FFFFFFFFF8
contains 000000000139F063  contains 00000000013A0063  contains 0000000000ECF063  contains 0000000000000000
pfn 139f      ---DA--KWEV  pfn 13a0      ---DA--KWEV  pfn ecf       ---DA--KWEV  not valid

Code:

0: kd> dd ffffffff`ffffff8d
ffffffff`ffffff8d  ???????? ???????? ???????? ????????
ffffffff`ffffff9d  ???????? ???????? ???????? ????????
ffffffff`ffffffad  ???????? ???????? ???????? ????????
ffffffff`ffffffbd  ???????? ???????? ???????? ????????
ffffffff`ffffffcd  ???????? ???????? ???????? ????????
ffffffff`ffffffdd  ???????? ???????? ???????? ????????
ffffffff`ffffffed  ???????? ???????? ???????? ????????
ffffffff`fffffffd  ???????? ???????? ???????? ????????

Right, so the code wanted to write to ffffffff`ffffff8d which as we can see above is a completely invalid address. The 1st parameter and cr2 note we also fail writing to the same exact address.

1. Remove and replace McAfee with Windows 8's built-in Windows Defender for temporary troubleshooting purposes as it may be causing conflicts:

McAfee removal - How to uninstall or reinstall supported McAfee products using the Consumer Products Removal tool (MCPR)

Windows Defender (how to turn on after removal) - Windows Defender - Turn On or Off in Windows 8

2. If the above fails, you likely have faulty RAM (or another form of hardware). Please run Memtest for NO LESS than ~8 passes (several hours):

Memtest86+:

Download Memtest86+ here:

Memtest86+ - Advanced Memory Diagnostic Tool

Which should I download?

You can either download the pre-compiled ISO that you would burn to a CD and then boot from the CD, or you can download the auto-installer for the USB key. What this will do is format your USB drive, make it a bootable device, and then install the necessary files. Both do the same job, it's just up to you which you choose, or which you have available (whether it's CD or USB).

Do note that some older generation motherboards do not support USB-based booting, therefore your only option is CD (or Floppy if you really wanted to).

How Memtest works:

Memtest86 writes a series of test patterns to most memory addresses, reads back the data written, and compares it for errors.

The default pass does 9 different tests, varying in access patterns and test data. A tenth test, bit fade, is selectable from the menu. It writes all memory with zeroes, then sleeps for 90 minutes before checking to see if bits have changed (perhaps because of refresh problems). This is repeated with all ones for a total time of 3 hours per pass.

Many chipsets can report RAM speeds and timings via SPD (Serial Presence Detect) or EPP (Enhanced Performance Profiles), and some even support changing the expected memory speed. If the expected memory speed is overclocked, Memtest86 can test that memory performance is error-free with these faster settings.

Some hardware is able to report the "PAT status" (PAT: enabled or PAT: disabled). This is a reference to Intel Performance acceleration technology; there may be BIOS settings which affect this aspect of memory timing.

This information, if available to the program, can be displayed via a menu option.

Any other questions, they can most likely be answered by reading this great guide here:

FAQ : please read before posting

Regards,

Patrick

Roberta · Apr 25, 2014

Thank you for the advice, Patrick. I followed both steps:

1. Removed and replaced McAfee with Windows 8's built-in Windows Defender. The BSODS continued both while playing a game.
2. Ran Memtest for NO LESS than ~8 passes. I ran this overnight and it completed 8 passes with no errors found.

Are there any other things I can do to try to isolate the problem? I appreciate any direction you can provide.

Cheers,

Roberta

Patrick · Apr 25, 2014

Faulty processor/motherboard, possibly.

If you could do two things, please:

1. Enable Driver Verifier:

Driver Verifier:

What is Driver Verifier?

Driver Verifier is included in Windows 8/8.1, 7, Windows Server 2008 R2, Windows Vista, Windows Server 2008, Windows 2000, Windows XP, and Windows Server 2003 to promote stability and reliability; you can use this tool to troubleshoot driver issues. Windows kernel-mode components can cause system corruption or system failures as a result of an improperly written driver, such as an earlier version of a Windows Driver Model (WDM) driver.

Essentially, if there's a 3rd party driver believed to be at issue, enabling Driver Verifier will help flush out the rogue driver if it detects a violation.

Before enabling Driver Verifier, it is recommended to create a System Restore Point:

Vista - START | type rstrui - create a restore point
Windows 7 - START | type create | select "Create a Restore Point"
Windows 8/8.1 - Restore Point - Create in Windows 8

How to enable Driver Verifier:

Start > type "verifier" without the quotes > Select the following options -

1. Select - "Create custom settings (for code developers)"
2. Select - "Select individual settings from a full list"
3. Check the following boxes -
- Special Pool
- Pool Tracking
- Force IRQL Checking
- Deadlock Detection
- Security Checks (Windows 7 & 8)
- DDI compliance checking (Windows 8)
- Miscellaneous Checks
4. Select - "Select driver names from a list"
5. Click on the "Provider" tab. This will sort all of the drivers by the provider.
6. Check EVERY box that is NOT provided by Microsoft / Microsoft Corporation.
7. Click on Finish.
8. Restart.

Important information regarding Driver Verifier:

- If Driver Verifier finds a violation, the system will BSOD. To expand on this a bit more for the interested, specifically what Driver Verifier actually does is it looks for any driver making illegal function calls, causing memory leaks, etc. When and/if this happens, system corruption occurs if allowed to continue. When Driver Verifier is enabled, it is monitoring all 3rd party drivers (as we have it set that way) and when it catches a driver attempting to do this, it will quickly flag that driver as being a troublemaker, and bring down the system safely before any corruption can occur.

- After enabling Driver Verifier and restarting the system, depending on the culprit, if for example the driver is on start-up, you may not be able to get back into normal Windows because Driver Verifier will detect it in violation almost straight away, and as stated above, that will cause / force a BSOD.

If this happens, do not panic, do the following:

- Boot into Safe Mode by repeatedly tapping the F8 key during boot-up.

- Once in Safe Mode - Start > Search > type "cmd" without the quotes.

- To turn off Driver Verifier, type in cmd "verifier /reset" without the quotes.
・ Restart and boot into normal Windows.

If your OS became corrupt or you cannot boot into Windows after disabling verifier via Safe Mode:

- Boot into Safe Mode by repeatedly tapping the F8 key during boot-up.

- Once in Safe Mode - Start > type "system restore" without the quotes.

- Choose the restore point you created earlier.

-- Note that Safe Mode for Windows 8/8.1 is a bit different, and you may need to try different methods: 5 Ways to Boot into Safe Mode in Windows 8 & Windows 8.1

How long should I keep Driver Verifier enabled for?

I recommend keeping it enabled for at least 24 hours. If you don't BSOD by then, disable Driver Verifier. I will usually say whether or not I'd like for you to keep it enabled any longer.

My system BSOD'd with Driver Verifier enabled, where can I find the crash dumps?

They will be located in %systemroot%\Minidump

Any other questions can most likely be answered by this article:
Using Driver Verifier to identify issues with Windows drivers for advanced users

2. After the system crashes with verifier enabled, upload a kernel-dump to Onedrive, Dropbox, etc, and paste the link here. Kernel-dumps are located at C:\Windows and named MEMORY.DMP. If there is nothing there, you may need to enable generation of them - Creating a Kernel-Mode Dump File (Windows Debuggers)

Regards,

Patrick

Roberta · Apr 25, 2014

Hello again,

I had started running Verifier yesterday so I assume it recorded my BSODs yesterday & this morning. I uploaded the file (I hope I did that right - it seems awfully large). The link is:

https://onedrive.live.com/redir?res...174&authkey=!AHpI1WQk2otLjIM&ithint=file,.zip

Thanks for your attention,

R.

Patrick · Apr 25, 2014

Thanks very much for the kernel-dump!

It's an 0x1E bug check as we've seen above, however it's verifier enabled this time, of course. Despite being verifier enabled, it failed to catch any 3rd party drivers misbehaving, so that's another sign of hardware at foul play.

Code:

4: kd> kv
Child-SP          RetAddr           : Args to Child                                                           : Call Site
ffffd000`a62ac6b8 fffff803`38ff56d6 : 00000000`0000001e ffffffff`c0000005 fffff803`38ebbab9 00000000`00000000 : nt!KeBugCheckEx
ffffd000`a62ac6c0 fffff803`38f754ed : ffffd000`a62ace30 00000000`00000000 ffffd000`a62ad628 ffffd000`a62ac830 : nt!KiFatalExceptionHandler+0x22
ffffd000`a62ac700 fffff803`38eff105 : 00000000`00000001 fffff803`38e1a000 ffffd000`a62ad600 00000000`00000000 : nt!RtlpExecuteHandlerForException+0xd
ffffd000`a62ac730 fffff803`38efdfbf : ffffd000`a62ad628 ffffd000`a62ad330 ffffd000`a62ad628 00000000`000000cf : nt!RtlDispatchException+0x1a5
ffffd000`a62ace00 fffff803`38f79bc2 : ffffd000`aac82f00 fffff801`92da816c 00000000`00000001 00000000`00000000 : nt!KiDispatchException+0x61f
ffffd000`a62ad4f0 fffff803`38f780fe : ffffe000`e0f0ba20 ffffd000`00000001 ffff078e`00000003 00000000`00000000 : nt!KiExceptionDispatch+0xc2
ffffd000`a62ad6d0 fffff803`38ebbab9 : ffffd000`a6380180 ffffe000`e6b29880 ffff4fd3`c45b645f fffff803`38ed1950 : nt!KiGeneralProtectionFault+0xfe (TrapFrame @ ffffd000`a62ad6d0)
ffffd000`a62ad860 fffff803`38e73bb2 : ffffd000`a7de8b78 ffffd000`a62adab0 ffffe000`e23449f0 ffffd000`a6283180 : nt!KiDeferredReadyThread+0x6b9
ffffd000`a62ad9b0 fffff803`38f71aea : ffffd000`a6283180 ffffd000`a6283180 ffffd000`a628f3c0 ffffe000`e6b29880 : nt!KiRetireDpcList+0x892
ffffd000`a62adc60 00000000`00000000 : ffffd000`a62ae000 ffffd000`a62a8000 00000000`00000000 00000000`00000000 : nt!KiIdleLoop+0x5a

Code:

4: kd> .trap ffffd000`a62ad6d0
NOTE: The trap frame does not contain all registers.
Some register values may be zeroed or incorrect.
rax=00000000000000cf rbx=0000000000000000 rcx=fffff803390bd200
rdx=0000000000000000 rsi=0000000000000000 rdi=0000000000000000
rip=fffff80338ebbab9 rsp=ffffd000a62ad860 rbp=ffffd000a62ad960
 r8=0000000000000008  r9=fffff80338e1a000 r10=00000000000000ff
r11=0000000000000000 r12=0000000000000000 r13=0000000000000000
r14=0000000000000000 r15=0000000000000000
iopl=0         nv up ei pl nz na po nc
nt!KiDeferredReadyThread+0x6b9:
fffff803`38ebbab9 418b8f50580000  mov     ecx,dword ptr [r15+5850h] ds:00000000`00005850=????????

Code:

4: kd> u @rip
nt!KiDeferredReadyThread+0x6b9:
fffff803`38ebbab9 418b8f50580000  mov     ecx,dword ptr [r15+5850h]
fffff803`38ebbac0 4138942450060000 cmp     byte ptr [r12+650h],dl
fffff803`38ebbac8 751a            jne     nt!KiDeferredReadyThread+0x6e4 (fffff803`38ebbae4) <--- Jump if not zero.
fffff803`38ebbaca 498b8718580000  mov     rax,qword ptr [r15+5818h]
fffff803`38ebbad1 4985842448060000 test    qword ptr [r12+648h],rax
fffff803`38ebbad9 7409            je      nt!KiDeferredReadyThread+0x6e4 (fffff803`38ebbae4) <--- Jump
fffff803`38ebbadb 410fb68c2451060000 movzx ecx,byte ptr [r12+651h]
fffff803`38ebbae4 48d3cf          ror     rdi,cl

The nt!KiDeferredReadyThread function readies a thread for execution and attempts to dispatch the thread for execution by either assigning the thread to an idle processor or preempting another lower priority thread. So, with this said, let's go ahead and take a look at what the other processors are doing, and why this was never handled.

Code:

0: kd> kv
Child-SP          RetAddr           : Args to Child                                                           : Call Site
fffff803`3ab5d8e8 fffff801`92da81f7 : 00000000`00000000 ffffe000`e69b70a0 fffff803`3ab5da20 fffff803`39100180 : intelppm!MWaitIdle+0x18
fffff803`3ab5d8f0 fffff803`38ed071a : fffff803`39100180 fffff803`3ab5da00 00000003`94082c21 ffffe000`e53d80e0 : intelppm!AcpiCStateIdleExecute+0x17
fffff803`3ab5d920 fffff803`38ed018a : fffff803`39100180 fffff803`3ab5db4c fffff803`3ab5db50 fffff803`3ab5db58 : nt!PpmIdleExecuteTransition+0x3da
fffff803`3ab5db10 fffff803`38f71abc : fffff803`39100180 fffff803`39100180 fffff803`39167a00 ffffd000`00000000 : nt!PoIdle+0x27a
fffff803`3ab5dc60 00000000`00000000 : fffff803`3ab5e000 fffff803`3ab58000 00000000`00000000 00000000`00000000 : nt!KiIdleLoop+0x2c

^^ Processor 0 was sleeping.

Code:

1: kd> kv
Child-SP          RetAddr           : Args to Child                                                           : Call Site
ffffd000`a61bf8e8 fffff801`92da81f7 : 00000000`00000000 ffffe000`e69ef010 ffffd000`a61bfa20 ffffd000`a6195180 : intelppm!MWaitIdle+0x18
ffffd000`a61bf8f0 fffff803`38ed071a : ffffd000`a6195180 ffffd000`a61bfa00 00000003`9407ae9b ffffe000`e53d80e0 : intelppm!AcpiCStateIdleExecute+0x17
ffffd000`a61bf920 fffff803`38ed018a : ffffd000`a6195180 ffffd000`a61bfb4c ffffd000`a61bfb50 ffffd000`a61bfb58 : nt!PpmIdleExecuteTransition+0x3da
ffffd000`a61bfb10 fffff803`38f71abc : ffffd000`a6195180 ffffd000`a6195180 ffffd000`a61a13c0 00000000`0002dff5 : nt!PoIdle+0x27a
ffffd000`a61bfc60 00000000`00000000 : ffffd000`a61c0000 ffffd000`a61ba000 00000000`00000000 00000000`00000000 : nt!KiIdleLoop+0x2c

^^ Processor 1 was sleeping.

Code:

2: kd> kv
Child-SP          RetAddr           : Args to Child                                                           : Call Site
ffffd000`aac6c8e8 fffff801`92da81f7 : 00000000`00000000 ffffe000`e69c9430 ffffd000`aac6ca20 ffffd000`aac42180 : intelppm!MWaitIdle+0x18
ffffd000`aac6c8f0 fffff803`38ed071a : ffffd000`aac42180 ffffd000`aac6ca00 00000003`9407e310 ffffe000`e53d80e0 : intelppm!AcpiCStateIdleExecute+0x17
ffffd000`aac6c920 fffff803`38ed018a : ffffd000`aac42180 ffffd000`aac6cb4c ffffd000`aac6cb50 ffffd000`aac6cb58 : nt!PpmIdleExecuteTransition+0x3da
ffffd000`aac6cb10 fffff803`38f71abc : ffffd000`aac42180 ffffd000`aac42180 ffffd000`aac4e3c0 00000000`00000002 : nt!PoIdle+0x27a
ffffd000`aac6cc60 00000000`00000000 : ffffd000`aac6d000 ffffd000`aac67000 00000000`00000000 00000000`00000000 : nt!KiIdleLoop+0x2c

^^ Processor 2 was sleeping.

Code:

3: kd> kv
Child-SP          RetAddr           : Args to Child                                                           : Call Site
ffffd000`aacbb8e8 fffff801`92da81f7 : 00000000`00000000 ffffe000`e69f3010 ffffd000`aacbba20 ffffd000`aac80180 : intelppm!MWaitIdle+0x18
ffffd000`aacbb8f0 fffff803`38ed071a : ffffd000`aac80180 ffffd000`aacbba00 00000003`94082b69 ffffe000`e53d80e0 : intelppm!AcpiCStateIdleExecute+0x17
ffffd000`aacbb920 fffff803`38ed018a : ffffd000`aac80180 ffffd000`aacbbb4c ffffd000`aacbbb50 ffffd000`aacbbb58 : nt!PpmIdleExecuteTransition+0x3da
ffffd000`aacbbb10 fffff803`38f71abc : ffffd000`aac80180 ffffd000`aac80180 ffffd000`aac8c3c0 7fffffff`ffffffff : nt!PoIdle+0x27a
ffffd000`aacbbc60 00000000`00000000 : ffffd000`aacbc000 ffffd000`aacb6000 00000000`00000000 00000000`00000000 : nt!KiIdleLoop+0x2c

^^ Processor 3 was sleeping.

Code:

5: kd> kv
Child-SP          RetAddr           : Args to Child                                                           : Call Site
ffffd000`a632a8e8 fffff801`92da81f7 : 00000000`00000000 ffffe000`e69f4010 ffffd000`a632aa20 ffffd000`a6300180 : intelppm!MWaitIdle+0x18
ffffd000`a632a8f0 fffff803`38ed071a : ffffd000`a6300180 ffffd000`a632aa00 00000003`94083325 ffffe000`e53d80e0 : intelppm!AcpiCStateIdleExecute+0x17
ffffd000`a632a920 fffff803`38ed018a : ffffd000`a6300180 ffffd000`a632ab4c ffffd000`a632ac10 ffffe000`e69f4010 : nt!PpmIdleExecuteTransition+0x3da
ffffd000`a632ab10 fffff803`38f71abc : ffffd000`a6300180 ffffd000`a6300180 ffffd000`a630c3c0 00000000`00000000 : nt!PoIdle+0x27a
ffffd000`a632ac60 00000000`00000000 : ffffd000`a632b000 ffffd000`a6325000 00000000`00000000 00000000`00000000 : nt!KiIdleLoop+0x2c

^^ Processor 5 was sleeping.

Code:

6: kd> kv
Child-SP          RetAddr           : Args to Child                                                           : Call Site
ffffd000`a63aa8e8 fffff801`92da81f7 : 00000000`00000000 ffffe000`e69d9010 ffffd000`a63aaa20 ffffd000`a6380180 : intelppm!MWaitIdle+0x18
ffffd000`a63aa8f0 fffff803`38ed071a : ffffd000`a6380180 ffffd000`a63aaa00 00000003`94081e0a ffffe000`e53d80e0 : intelppm!AcpiCStateIdleExecute+0x17
ffffd000`a63aa920 fffff803`38ed018a : ffffd000`a6380180 ffffd000`a63aab4c ffffd000`a63aab50 ffffd000`a63aab58 : nt!PpmIdleExecuteTransition+0x3da
ffffd000`a63aab10 fffff803`38f71abc : ffffd000`a6380180 ffffd000`a6380180 ffffd000`a638c3c0 00000000`00000000 : nt!PoIdle+0x27a
ffffd000`a63aac60 00000000`00000000 : ffffd000`a63ab000 ffffd000`a63a5000 00000000`00000000 00000000`00000000 : nt!KiIdleLoop+0x2c

^^ Processor 6 was sleeping.

Code:

7: kd> kv
Child-SP          RetAddr           : Args to Child                                                           : Call Site
ffffd000`a61428e8 fffff801`92da81f7 : 00000000`00000000 ffffe000`e69f5010 ffffd000`a6142a20 ffffd000`a5fb3180 : intelppm!MWaitIdle+0x18
ffffd000`a61428f0 fffff803`38ed071a : ffffd000`a5fb3180 ffffd000`a6142a00 00000003`9407ded1 ffffe000`e53d80e0 : intelppm!AcpiCStateIdleExecute+0x17
ffffd000`a6142920 fffff803`38ed018a : ffffd000`a5fb3180 ffffd000`a6142b4c ffffd000`a6142b50 ffffd000`a6142b58 : nt!PpmIdleExecuteTransition+0x3da
ffffd000`a6142b10 fffff803`38f71abc : ffffd000`a5fb3180 ffffd000`a5fb3180 ffffd000`a5fbf3c0 00000000`00000000 : nt!PoIdle+0x27a
ffffd000`a6142c60 00000000`00000000 : ffffd000`a6143000 ffffd000`a613d000 00000000`00000000 00000000`00000000 : nt!KiIdleLoop+0x2c

^^ Processor 7 was sleeping.

So, all of your cores are sleeping except #4 which was trying to dispatch a thread for execution. It was never handled because all of your other cores were too busy sleeping and didn't bother to wake up to handle it.

The only other thing I can really see is that the nVidia video driver mentioned throughout the raw stack, but this may have nothing to do with your cores not bothering to wake up.

Code:

ffffd000`a62aab78  fffff801`9226fe5b nvlddmkm+0x1ebe5b
ffffd000`a62aab80  ffffe000`e0e88000
ffffd000`a62aab88  fffff801`92270152 nvlddmkm+0x1ec152
ffffd000`a62aab90  00000000`00000000
ffffd000`a62aabb8  fffff801`92270152 nvlddmkm+0x1ec152
ffffd000`a62aabe0  00000000`0010a48c
ffffd000`a62aabe8  fffff801`92296fd0 nvlddmkm+0x212fd0
ffffd000`a62aabf0  ffffe000`e0e88000
ffffd000`a62aac18  fffff801`9224fb14 nvlddmkm+0x1cbb14
ffffd000`a62aac20  00000000`00000000
ffffd000`a62aac40  00000000`00000074
ffffd000`a62aac48  fffff801`9229bdb5 nvlddmkm+0x217db5
ffffd000`a62aac50  ffffd000`a62ab780
ffffd000`a62aacb0  00000000`00000074
ffffd000`a62aacb8  fffff801`9244fc6f nvlddmkm+0x3cbc6f
ffffd000`a62aacc0  00000000`00000000
ffffd000`a62aacf0  ffffe000`e0e88000
ffffd000`a62aacf8  fffff801`9244fd4a nvlddmkm+0x3cbd4a

1. Ensure you have the latest video card drivers. If you are already on the latest video card drivers, uninstall and install a version or a few versions behind the latest to ensure it's not a latest driver only issue. If you have already experimented with the latest video card driver and many previous versions, please give the beta driver for your card a try.

2. If the above fails, I am going to say we have a faulty CPU that needs to be replaced. This looks like a Dell machine, so you are going to have to probably hassle with Dell for a bit before they replace it.

Regards,

Patrick

Roberta · Apr 26, 2014

Hello again,

Just an update - I'm in the process of following the latest steps you outlined:

1. I played around with various video drivers before but that did not resolve the problem. I hadn't tried the beta driver though but I have it installed now. I used this tool to remove all the old NVidia stuff: Display Driver Uninstaller Download version 12.6.2 to remove all the files left behind from those earlier experiments. I was able to play for a bit last night without a BSOD and will try to get more time online this weekend. I'll post an update to let you know if this solves my problem.

Patrick, thank you so much for all your help. You've been amazingly patient!

Cheers!

R.

Patrick · Apr 26, 2014

My pleasure, thanks very much for the updates! I look forward to your next one.

Regards,

Patrick

Roberta · Apr 27, 2014

Good morning!

Unfortunately, the beta driver for the graphics card didn't correct the problem. I've emailed Dell support and linked this forum thread for their review. Hopefully, they'll suggest something other than another reinstall.

Once again, thank you so much!

Cheers!

Patrick · Apr 27, 2014

My pleasure, best of luck with Dell!

Regards,

Patrick

Search

Search

Multiple BSOD while playing Blizzard games

Roberta

Member

Attachments

Patrick

Sysnative Staff

Roberta

Member

Patrick

Sysnative Staff

Roberta

Member

Patrick

Sysnative Staff

Roberta

Member

Patrick

Sysnative Staff

Roberta

Member

Patrick

Sysnative Staff