Question
106 views

frequent blueScreen after Hibernating

Ferdinand_Haag asked on

Hi

Ive set up a new system on a new Workstation. After Installing VS2013 I get a blue Screen after every Hibernating process.

https://onedrive.live.com/redir?resid=E19771AA3F1F8989!16358&authkey=!AJkMNtF9tGGM0Qw&ithint=folder%2c.dmp

any Idea?

Greeds

1 person had this question

Abuse history


The answered status icon Answer
Patrick Barker replied on

Thanks very much, this confirmed what I was suspicious of!

DRIVER_VERIFIER_DETECTED_VIOLATION (c4)

This is the general bug check code for fatal errors found by Driver Verifier.

2: kd> k
Child-SP          RetAddr           Call Site
ffffd000`2689b7b8 fffff801`71658258 nt!KeBugCheckEx
ffffd000`2689b7c0 fffff801`7164982f VerifierExt!SLIC_abort+0x5c
ffffd000`2689b800 fffff801`7164986b VerifierExt!SLIC_PoRequestPowerIrp_entry_RequestedPowerIrp+0x23
ffffd000`2689b830 fffff803`3bef3096 VerifierExt!PoRequestPowerIrp_wrapper+0x3b
ffffd000`2689b870 fffff801`73a0889c nt!VerifierPoRequestPowerIrp+0x1e
ffffd000`2689b8b0 00000000`00000020 avmaura+0x889c
ffffd000`2689b8b8 fffff801`73a0c350 0x20
ffffd000`2689b8c0 00000000`00000001 avmaura+0xc350
ffffd000`2689b8c8 00000000`00000000 0x1

avmaura.sys is the AVM Remote USB Architecture driver. Please uninstall this software/remove any AVM devices ASAP.

Regards,

Patrick

Debugger/Reverse Engineer.
1 person found this helpful

Abuse history


The answered status icon Answer
Patrick Barker replied on

Hi,

All of the attached DMP files are of the PAGE_FAULT_IN_NONPAGED_AREA (50) bug check.

This indicates that invalid system memory has been referenced.

Bug check 0x50 usually occurs after the installation of faulty hardware or in the event of failure of installed hardware (usually related to defective RAM, be it main memory, L2 RAM cache, or video RAM).

Another common cause is the installation of a faulty system service.

Antivirus software can also trigger this error, as can a corrupted NTFS volume.

There's various network related routines on the stack, and I am curious if something is causing NETBIOS conflicts that's 3rd party. With that said, please enable Driver Verifier:

Driver Verifier:

What is Driver Verifier?

Driver Verifier monitors Windows kernel-mode drivers, graphics drivers, and even 3rd party drivers to detect illegal function calls or actions that might corrupt the system. Driver Verifier can subject the Windows drivers to a variety of stresses and tests to find improper behavior.

Essentially, if there's a 3rd party driver believed to be causing the issues at hand, enabling Driver Verifier will help us see which specific driver is causing the problem.

Before enabling Driver Verifier, it is recommended to create a System Restore Point:

Vista - START | type rstrui - create a restore point
Windows 7 - START | type create | select "Create a Restore Point"
Windows 8/8.1 - http://www.eightforums.com/tutorials/4690-restore-point-create-windows-8-a.html

How to enable Driver Verifier:

Start > type "verifier" without the quotes > Select the following options -

1. Select - "Create custom settings (for code developers)"
2. Select - "Select individual settings from a full list"
3. Check the following boxes -
- Special Pool
- Pool Tracking
- Force IRQL Checking
- Deadlock Detection
- Security Checks (Windows 7 & 8/8.1)
- DDI compliance checking (Windows 8/8.1)
- Miscellaneous Checks
4. Select  - "Select driver names from a list"
5. Click on the "Provider" tab. This will sort all of the drivers by the provider.
6. Check EVERY box that is NOT provided by Microsoft / Microsoft Corporation.
7. Click on Finish.
8. Restart.

Important information regarding Driver Verifier:

- If Driver Verifier finds a violation, the system will BSOD. To expand on this a bit more for the interested, specifically what Driver Verifier actually does is it looks for any driver making illegal function calls, causing memory leaks, etc. When and/if this happens, system corruption occurs if allowed to continue. When Driver Verifier is enabled per my instructions above, it is monitoring all 3rd party drivers (as we have it set that way) and when it catches a driver attempting to do this, it will quickly flag that driver as being a troublemaker, and bring down the system safely before any corruption can occur.

- After enabling Driver Verifier and restarting the system, depending on the culprit, if for example the driver is on start-up, you may not be able to get back into normal Windows because Driver Verifier will detect it in violation almost straight away, and as stated above, that will cause / force a BSOD.

If this happens, do not panic, do the following:

- Boot into Safe Mode by repeatedly tapping the F8 key during boot-up.

- Once in Safe Mode - Start > Search > type "cmd" without the quotes.

- To turn off Driver Verifier, type in cmd "verifier /reset" without the quotes.
・    Restart and boot into normal Windows.

If your OS became corrupt or you cannot boot into Windows after disabling verifier via Safe Mode:

- Boot into Safe Mode by repeatedly tapping the F8 key during boot-up.

- Once in Safe Mode - Start > type "system restore" without the quotes.

- Choose the restore point you created earlier.

-- Note that Safe Mode for Windows 8/8.1 is a bit different, and you may need to try different methods: 5 Ways to Boot into Safe Mode in Windows 8 & Windows 8.1

How long should I keep Driver Verifier enabled for?

I recommend keeping it enabled for at least 24 hours. If you don't BSOD by then, disable Driver Verifier. I will usually say whether or not I'd like for you to keep it enabled any longer.

My system BSOD'd with Driver Verifier enabled, where can I find the crash dumps?

- If you have the system set to generate Small Memory Dumps, they will be located in %systemroot%\Minidump.

- If you have the system set to generate Kernel-Memory Dumps, it will be located in %systemroot% and labeled MEMORY.DMP.

Any other questions can most likely be answered by this article:

http://support.microsoft.com/kb/244617

Regards,

Patrick

Debugger/Reverse Engineer.
1 person found this helpful

Abuse history


progress