Random BSODs when waking from sleep and other


  1. johnymrazko
    Posts : 1
    Slovenská republika
       New #1

    Random BSODs when waking from sleep and other


    Hi

    my PC is getting random BSODs , dumps and info in attached zip file. Happened few times when trying to wake computer from sleep, then randomly when browsing or playing games. All drivers should be updated to latest and I ran memtest and diskcheck with no errors.

    I also ran windbg and captured some of analysis


    Code:
    Microsoft (R) Windows Debugger Version 6.3.9600.17336 AMD64
Copyright (c) Microsoft Corporation. All rights reserved.


Loading Dump File [C:\Windows\MEMORY.DMP]
Kernel Summary Dump File: Only kernel address space is available


************* Symbol Path validation summary **************
Response                         Time (ms)     Location
Deferred                                       SRV*C:\Windows\symbol_cache*http://msdl.microsoft.com/download/symbols
Symbol search path is: SRV*C:\Windows\symbol_cache*http://msdl.microsoft.com/download/symbols
Executable search path is: 
Windows 7 Kernel Version 7601 (Service Pack 1) MP (8 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 7601.23915.amd64fre.win7sp1_ldr.170913-0600
Machine Name:
Kernel base = 0xfffff800`03068000 PsLoadedModuleList = 0xfffff800`032aa750
Debug session time: Sat Nov 25 09:24:23.500 2017 (UTC + 1:00)
System Uptime: 0 days 0:33:56.514
Loading Kernel Symbols
...............................................................
................................................................
.....................................
Loading User Symbols
PEB is paged out (Peb.Ldr = 000007ff`fffd4018).  Type ".hh dbgerr001" for details
Loading unloaded module list
........
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck A, {1002000000, 2, 0, fffff800030e4a82}

*** ERROR: Module load completed but symbols could not be loaded for Ntfs.sys
Probably caused by : ntkrnlmp.exe ( nt!KiProcessExpiredTimerList+72 )

Followup: MachineOwner
---------

4: kd> !analyze -v
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

IRQL_NOT_LESS_OR_EQUAL (a)
An attempt was made to access a pageable (or completely invalid) address at an
interrupt request level (IRQL) that is too high.  This is usually
caused by drivers using improper addresses.
If a kernel debugger is available get the stack backtrace.
Arguments:
Arg1: 0000001002000000, memory referenced
Arg2: 0000000000000002, IRQL
Arg3: 0000000000000000, bitfield :
	bit 0 : value 0 = read operation, 1 = write operation
	bit 3 : value 0 = not an execute operation, 1 = execute operation (only on chips which support this level of status)
Arg4: fffff800030e4a82, address which referenced memory

Debugging Details:
------------------


READ_ADDRESS:  0000001002000000 

CURRENT_IRQL:  2

FAULTING_IP: 
nt!KiProcessExpiredTimerList+72
fffff800`030e4a82 803818          cmp     byte ptr [rax],18h

DEFAULT_BUCKET_ID:  WIN7_DRIVER_FAULT

BUGCHECK_STR:  0xA

PROCESS_NAME:  svchost.exe

ANALYSIS_VERSION: 6.3.9600.17336 (debuggers(dbg).150226-1500) amd64fre

DPC_STACK_BASE:  FFFFF8800324DFB0

TRAP_FRAME:  fffff8800324d680 -- (.trap 0xfffff8800324d680)
NOTE: The trap frame does not contain all registers.
Some register values may be zeroed or incorrect.
rax=0000001002000000 rbx=0000000000000000 rcx=000000000b6e7103
rdx=fffffa800c187c80 rsi=0000000000000000 rdi=0000000000000000
rip=fffff800030e4a82 rsp=fffff8800324d810 rbp=000000000001fdef
 r8=0000000000000008  r9=0000000000000000 r10=fffff80003068000
r11=fffffa800c67fe01 r12=0000000000000000 r13=0000000000000000
r14=0000000000000000 r15=0000000000000000
iopl=0         nv up ei pl nz na po nc
nt!KiProcessExpiredTimerList+0x72:
fffff800`030e4a82 803818          cmp     byte ptr [rax],18h ds:00000010`02000000=??
Resetting default scope

LAST_CONTROL_TRANSFER:  from fffff800030d83a9 to fffff800030d8e00

STACK_TEXT:  
fffff880`0324d538 fffff800`030d83a9 : 00000000`0000000a 00000010`02000000 00000000`00000002 00000000`00000000 : nt!KeBugCheckEx
fffff880`0324d540 fffff800`030d7020 : 00000000`00000000 00000000`00000001 fffff880`0324d6e0 fffffa80`09dfdef0 : nt!KiBugCheckDispatch+0x69
fffff880`0324d680 fffff800`030e4a82 : fffffa80`09dfdef0 fffffa80`0dbf3888 fffffa80`0dbf3888 00000000`00000102 : nt!KiPageFault+0x260
fffff880`0324d810 fffff800`030e49be : 00000004`bddb7f69 fffff880`0324de88 00000000`0001fdef fffff880`009b7368 : nt!KiProcessExpiredTimerList+0x72
fffff880`0324de60 fffff800`030e46ec : fffff880`009b31ea 00000000`0001fdef fffff880`00f14fc0 00000000`000000e8 : nt!KiTimerExpiration+0x1be
fffff880`0324df00 fffff800`030db825 : 00000000`00000000 fffffa80`0bff9770 00000000`00000000 fffff800`03207580 : nt!KiRetireDpcList+0x1bc
fffff880`0324dfb0 fffff800`030db63c : fffffa80`0ccb7cf0 fffffa80`00000001 00000000`00000000 00000000`00000000 : nt!KyRetireDpcList+0x5
fffff880`064d7f90 fffff800`0312499c : fffffa80`078f9998 fffff880`009b3180 fffff880`009b3180 00000000`00000000 : nt!KiDispatchInterruptContinue
fffff880`064d7fc0 fffff800`030dcd8a : 00000000`00000000 00000000`0000029c fffffa80`0b6b0f20 ffffffff`800009f8 : nt!KiDpcInterrupt+0xcc
fffff880`064d8150 fffff880`01004903 : fffff880`00000000 fffff880`00000000 fffffa80`0bff9700 fffff800`030e56f8 : nt!KeSetEvent+0xea
fffff880`064d81c0 fffff800`030dc0e1 : 00000000`000003f0 fffff880`02e7970f fffffa80`0cc29010 00000000`00000000 : fltmgr!FltpSynchronizedOperationCompletion+0x13
fffff880`064d81f0 fffff880`0146148c : fffffa80`0ccb7cf0 00000000`00000001 00000000`00000000 00000000`00000000 : nt!IopfCompleteRequest+0x341
fffff880`064d82e0 fffff880`014f77b8 : fffffa80`0ccb7cf0 00000000`00000000 00000000`00000000 fffffa80`0b0ba820 : Ntfs+0x1148c
fffff880`064d8320 fffff880`01002bcf : fffffa80`07233030 fffffa80`0b0ba820 00000000`00000000 00000000`00000000 : Ntfs+0xa77b8
fffff880`064d84d0 fffff880`010222b9 : fffffa80`0b0ba820 fffffa80`0722f010 fffffa80`0b0ba800 fffffa80`0713fa30 : fltmgr!FltpLegacyProcessingAfterPreCallbacksCompleted+0x24f
fffff880`064d8560 fffff800`033de2bb : 00000000`00000005 00000000`00000840 fffffa80`0b623f20 00000000`00000000 : fltmgr!FltpCreate+0x2a9
fffff880`064d8610 fffff800`033d9dde : fffffa80`07115cd0 00000000`00000000 fffffa80`0e14ab10 fffff880`064d8801 : nt!IopParseDevice+0x14e2
fffff880`064d8770 fffff800`033da8c6 : 00000000`00000000 fffff880`064d88f0 fffff880`00000840 fffffa80`06a1fa30 : nt!ObpLookupObjectName+0x784
fffff880`064d8870 fffff800`033dc6bc : 00000000`00000000 00000000`00000000 00000000`00000001 00000000`00000000 : nt!ObOpenObjectByName+0x306
fffff880`064d8940 fffff800`033c57a8 : 00000000`0188f410 00000000`00100021 00000000`0188f498 00000000`0188f4c8 : nt!IopCreateFile+0x2bc
fffff880`064d89e0 fffff800`030d8093 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!NtOpenFile+0x58
fffff880`064d8a70 00000000`77adc06a : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x13
00000000`0188f3b8 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x77adc06a


STACK_COMMAND:  kb

FOLLOWUP_IP: 
nt!KiProcessExpiredTimerList+72
fffff800`030e4a82 803818          cmp     byte ptr [rax],18h

SYMBOL_STACK_INDEX:  3

SYMBOL_NAME:  nt!KiProcessExpiredTimerList+72

FOLLOWUP_NAME:  MachineOwner

MODULE_NAME: nt

IMAGE_NAME:  ntkrnlmp.exe

DEBUG_FLR_IMAGE_TIMESTAMP:  59b946d1

IMAGE_VERSION:  6.1.7601.23915

FAILURE_BUCKET_ID:  X64_0xA_nt!KiProcessExpiredTimerList+72

BUCKET_ID:  X64_0xA_nt!KiProcessExpiredTimerList+72

ANALYSIS_SOURCE:  KM

FAILURE_ID_HASH_STRING:  km:x64_0xa_nt!kiprocessexpiredtimerlist+72

FAILURE_ID_HASH:  {7384a8b8-ab8d-15fa-8c4d-f12bcbd789b8}

Followup: MachineOwner
---------


Microsoft (R) Windows Debugger Version 6.3.9600.17336 AMD64
Copyright (c) Microsoft Corporation. All rights reserved.


Loading Dump File [C:\Windows\MEMORY.DMP]
Kernel Summary Dump File: Only kernel address space is available


************* Symbol Path validation summary **************
Response                         Time (ms)     Location
Deferred                                       SRV*C:\Windows\symbol_cache*http://msdl.microsoft.com/download/symbols
Symbol search path is: SRV*C:\Windows\symbol_cache*http://msdl.microsoft.com/download/symbols
Executable search path is: 
Windows 7 Kernel Version 7601 (Service Pack 1) MP (8 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 7601.23915.amd64fre.win7sp1_ldr.170913-0600
Machine Name:
Kernel base = 0xfffff800`03052000 PsLoadedModuleList = 0xfffff800`03294750
Debug session time: Sun Dec  3 15:52:59.521 2017 (UTC + 1:00)
System Uptime: 0 days 2:54:22.489
Loading Kernel Symbols
...............................................................
................................................................
................................
Loading User Symbols
PEB is paged out (Peb.Ldr = 000007ff`fffde018).  Type ".hh dbgerr001" for details
Loading unloaded module list
.....
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck 1A, {5003, fffff90000812000, 36dd, 32d10000659e}

Probably caused by : win32k.sys ( win32k!memset+80 )

Followup: MachineOwner
---------

5: kd> !analyze -v
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

MEMORY_MANAGEMENT (1a)
    # Any other values for parameter 1 must be individually examined.
Arguments:
Arg1: 0000000000005003, The subtype of the bugcheck.
Arg2: fffff90000812000
Arg3: 00000000000036dd
Arg4: 000032d10000659e

Debugging Details:
------------------


BUGCHECK_STR:  0x1a_5003

DEFAULT_BUCKET_ID:  WIN7_DRIVER_FAULT

PROCESS_NAME:  E_IATIHAE.EXE

CURRENT_IRQL:  0

ANALYSIS_VERSION: 6.3.9600.17336 (debuggers(dbg).150226-1500) amd64fre

TRAP_FRAME:  fffff8800a3c4660 -- (.trap 0xfffff8800a3c4660)
NOTE: The trap frame does not contain all registers.
Some register values may be zeroed or incorrect.
rax=fffff900c282a000 rbx=0000000000000000 rcx=fffff900c2830000
rdx=0000000000000000 rsi=0000000000000000 rdi=0000000000000000
rip=fffff960001570d0 rsp=fffff8800a3c47f8 rbp=fffff900c0226578
 r8=0000000000000038  r9=0000000000000338 r10=0000000000000034
r11=0000000000000000 r12=0000000000000000 r13=0000000000000000
r14=0000000000000000 r15=0000000000000000
iopl=0         nv up ei pl nz na pe nc
win32k!memset+0x80:
fffff960`001570d0 488911          mov     qword ptr [rcx],rdx ds:fffff900`c2830000=????????????????
Resetting default scope

LAST_CONTROL_TRANSFER:  from fffff80003130a0b to fffff800030c2e00

STACK_TEXT:  
fffff880`0a3c42f8 fffff800`03130a0b : 00000000`0000001a 00000000`00005003 fffff900`00812000 00000000`000036dd : nt!KeBugCheckEx
fffff880`0a3c4300 fffff800`030e0d8e : 00000000`00000001 fffff900`c2830000 fffff880`0a3c4660 fffff6fc`80614180 : nt! ?? ::FNODOBFM::`string'+0x27cef
fffff880`0a3c43f0 fffff800`030d0abb : 00000000`00000000 00000000`00000204 fffffa80`12302060 00000000`00001084 : nt!MiDispatchFault+0x8ce
fffff880`0a3c4500 fffff800`030c0f2e : 00000000`00000001 fffff900`c2830000 fffffa80`12419e00 fffff900`c282a000 : nt!MmAccessFault+0xe1b
fffff880`0a3c4660 fffff960`001570d0 : fffff960`00145e82 fffff880`00000000 00000000`00000000 00000000`00000000 : nt!KiPageFault+0x16e
fffff880`0a3c47f8 fffff960`00145e82 : fffff880`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : win32k!memset+0x80
fffff880`0a3c4800 fffff960`00147546 : fffff880`0a3c48c0 fffff880`0a3c49a0 fffff900`c0226578 00000000`00000001 : win32k!AllocateObject+0xf2
fffff880`0a3c4840 fffff960`0011db20 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : win32k!SURFMEM::bCreateDIB+0x39a
fffff880`0a3c4930 fffff960`0011d68f : 00000028`000001e0 fffff900`c3576630 00000000`01080030 00000000`000001e0 : win32k!hsurfCreateCompatibleSurface+0x3c4
fffff880`0a3c4a00 fffff800`030c2093 : fffffa80`12302060 fffff880`0a3c4b60 00000000`000001e0 000007fe`db9d1be0 : win32k!GreCreateCompatibleBitmap+0x25f
fffff880`0a3c4ae0 000007fe`fef92e0a : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x13
00000000`0024e1b8 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x000007fe`fef92e0a


STACK_COMMAND:  kb

FOLLOWUP_IP: 
win32k!memset+80
fffff960`001570d0 488911          mov     qword ptr [rcx],rdx

SYMBOL_STACK_INDEX:  5

SYMBOL_NAME:  win32k!memset+80

FOLLOWUP_NAME:  MachineOwner

MODULE_NAME: win32k

IMAGE_NAME:  win32k.sys

DEBUG_FLR_IMAGE_TIMESTAMP:  5a0e642f

IMAGE_VERSION:  6.1.7601.23963

FAILURE_BUCKET_ID:  X64_0x1a_5003_win32k!memset+80

BUCKET_ID:  X64_0x1a_5003_win32k!memset+80

ANALYSIS_SOURCE:  KM

FAILURE_ID_HASH_STRING:  km:x64_0x1a_5003_win32k!memset+80

FAILURE_ID_HASH:  {299262f4-3598-668c-30bf-f5ee54f49842}

Followup: MachineOwner
---------


    Will be grateful for any advice

    Thanks
    Last edited by Brink; 03 Dec 2017 at 15:34. Reason: code box
      My Computer
    Quote Quote

  3. axe0
    Posts : 7,050
    Windows 10 Pro
       New #2

    Please don't create threads at multiple forums for the same problem.
      My Computer
    Quote Quote

 

  Related Discussions
Receiving DRIVER_POWER_STATE_FAILURE Bug Check Code: 0x0000009f with Crash Address ntoskrnl.exe+74200 and ntoskrnl.exe+735c0 while working in Excel or waking the computer from sleep or the display being off. Video card and Bios are up to date. Required files attached. Let me know if you need...
System: Fresh Windows 7 x64 Installation (in Dualboot with Win10) I have a few missing drivers (notably Ethernet driver (Realtek FE family, can't install the driver because INF file does not support installation and when pointing Windows Driver installation wizard to the location where the...
BSODs after waking from sleep
in BSOD Help and Support

My self-built PC gives me BSODs immediately or soon after waking from sleep, but not regularly. It can happen twice in a week and then not happen for maybe two months, but it does keep happening. I use it every day and put it to sleep every night and occasionally during the day. I generally don't...
I've recently upgraded my computer and so far, the path has been full of nasty surprises. The system is stable, at least it was with my initial AMD HD7950, but that card had a defective fan so I opted for another graphics card. The build with this card was fully stable. Anyways, for a few...
Like the title says, I often get BSODs while randomly using my computer. It's never anything high stress, but it does happen more often when I put my computer to sleep and then turn it on. EDIT: I also managed to take a picture of the error, if that helps at all.
Our Sites
Site Links
About Us
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

 © Designer Media Ltd
All times are GMT -5. The time now is 13:25.
Find Us