This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(128, 8%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
Hello,
I have been trying to debug a driver issue which has been causing rampant crashes and blue screens on my Windows 11 machine.
Before I ran the Driver Verifier, I created a System Restore point.
I ran the Driver Verifier, and it has caused my machine to be stuck in a BSOD loop, and I think my Windows 11 environment is corrupted now.
I had a similar issue recently when I used Driver Verifier, but I was able to use System Restore to fix it.
However now when I do a System Restore my PC crashes and nothing changes.
On booting, I get a blue screen:
Stop code:IRQL_NOT_LESS_OR_EQUAL
What failed: ntoskrnl.exe
When it restarts, sometimes it blue screens again and I have seen a huge variety of Stop codes.
Then I get the Automatic Repair screen, with the message that "Windows couldn't load correctly".
When I press "Repair" it takes me to the Recovery screen, with three options:
When I press "Troubleshoot" I have the option to "Reset this PC".
Both options "Keep my Files" and "Remove everything" leads to it failing, and another blue screen.
I have followed all of the steps to try and stop the Driver Verifier, such as running:
verifier /reset
and
verifier /bootmode resetonbootfail
Driver Verifier seems to have stopped as far I can tell, however the crashing hasn't stopped.
As it currently stands, I am unable to reach the Desktop.
Any help would be greatly appreciated!
Thanks,
Josh.
Locked Question. This question was migrated from the Microsoft Support Community. You can vote on whether it's helpful, but you can't add comments or replies or follow the question.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(256, 10%, 34%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EIL%3C/text%3E%3C/svg%3E)
Unfortunately, both dumps are not generated by verifier. They have different BSOD code, so this may mean some hardware problem.
Memory test writes the found errors on the screen. Hang for many hours does not show any other indication. How long did you wait at 21 % before rebooting?
Did you check your RAM modes (voltage, frequency, timings) are in compliance with numbers in the motherboard?
Try to reduce RAM frequency to 2133 MHz, test modules one by one.
Also Igor,
As you mentioned, the Memory Test has been hanging on 21% for about 3 hours. I will let it keep running for now just to be certain.
What error does this indicate, and how should I proceed?
Please use driver verifier to gather additional information. https://support.microsoft.com/en-us/help/244617...
Run
verifier /standard /all /bootmode resetonbootfail
command, reboot PC and use it as usual (it will be slower). If blue screen happens please share memory dumps to OneDrive for analysis.
Run Windows memory diagnostic tool and switch it to extended mode when it starts (F1 key). Note, test hang at ~21% for more than 3-5 hours means memory error too.
Turn off XMP mode in BIOS if it is turned on.
And if your PC is locally assembled, please check your RAM modes (voltage, frequency, timings) are in compliance with numbers in the motherboard compatibility list for your RAM model.
Below I have attached the analysis of one of the DMP files. They all point at process "sppsvc.exe".
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
SYSTEM_SERVICE_EXCEPTION (3b)
An exception happened while executing a system service routine.
Arguments:
Arg1: 00000000c0000005, Exception code that caused the BugCheck
Arg2: fffff8037e6b147c, Address of the instruction which caused the BugCheck
Arg3: fffff58ef499f8f0, Address of the context record for the exception that caused the BugCheck
Arg4: 0000000000000000, zero.
Debugging Details:
------------------
KEY_VALUES_STRING: 1
Key : Analysis.CPU.mSec
Value: 921
Key : Analysis.Elapsed.mSec
Value: 3455
Key : Analysis.IO.Other.Mb
Value: 24
Key : Analysis.IO.Read.Mb
Value: 0
Key : Analysis.IO.Write.Mb
Value: 31
Key : Analysis.Init.CPU.mSec
Value: 296
Key : Analysis.Init.Elapsed.mSec
Value: 41140
Key : Analysis.Memory.CommitPeak.Mb
Value: 98
Key : Bugcheck.Code.LegacyAPI
Value: 0x3b
Key : Failure.Bucket
Value: AV_nt!RtlpUnwindPrologue
Key : Failure.Hash
Value: {95440a5f-e24c-ed5b-673e-409517bcf837}
Key : Hypervisor.Enlightenments.ValueHex
Value: 1417df84
Key : Hypervisor.Flags.AnyHypervisorPresent
Value: 1
Key : Hypervisor.Flags.ApicEnlightened
Value: 0
Key : Hypervisor.Flags.ApicVirtualizationAvailable
Value: 1
Key : Hypervisor.Flags.AsyncMemoryHint
Value: 0
Key : Hypervisor.Flags.CoreSchedulerRequested
Value: 0
Key : Hypervisor.Flags.CpuManager
Value: 1
Key : Hypervisor.Flags.DeprecateAutoEoi
Value: 1
Key : Hypervisor.Flags.DynamicCpuDisabled
Value: 1
Key : Hypervisor.Flags.Epf
Value: 0
Key : Hypervisor.Flags.ExtendedProcessorMasks
Value: 1
Key : Hypervisor.Flags.HardwareMbecAvailable
Value: 1
Key : Hypervisor.Flags.MaxBankNumber
Value: 0
Key : Hypervisor.Flags.MemoryZeroingControl
Value: 0
Key : Hypervisor.Flags.NoExtendedRangeFlush
Value: 0
Key : Hypervisor.Flags.NoNonArchCoreSharing
Value: 1
Key : Hypervisor.Flags.Phase0InitDone
Value: 1
Key : Hypervisor.Flags.PowerSchedulerQos
Value: 0
Key : Hypervisor.Flags.RootScheduler
Value: 0
Key : Hypervisor.Flags.SynicAvailable
Value: 1
Key : Hypervisor.Flags.UseQpcBias
Value: 0
Key : Hypervisor.Flags.Value
Value: 21631230
Key : Hypervisor.Flags.ValueHex
Value: 14a10fe
Key : Hypervisor.Flags.VpAssistPage
Value: 1
Key : Hypervisor.Flags.VsmAvailable
Value: 1
Key : Hypervisor.RootFlags.AccessStats
Value: 1
Key : Hypervisor.RootFlags.CrashdumpEnlightened
Value: 1
Key : Hypervisor.RootFlags.CreateVirtualProcessor
Value: 1
Key : Hypervisor.RootFlags.DisableHyperthreading
Value: 0
Key : Hypervisor.RootFlags.HostTimelineSync
Value: 1
Key : Hypervisor.RootFlags.HypervisorDebuggingEnabled
Value: 0
Key : Hypervisor.RootFlags.IsHyperV
Value: 1
Key : Hypervisor.RootFlags.LivedumpEnlightened
Value: 1
Key : Hypervisor.RootFlags.MapDeviceInterrupt
Value: 1
Key : Hypervisor.RootFlags.MceEnlightened
Value: 1
Key : Hypervisor.RootFlags.Nested
Value: 0
Key : Hypervisor.RootFlags.StartLogicalProcessor
Value: 1
Key : Hypervisor.RootFlags.Value
Value: 1015
Key : Hypervisor.RootFlags.ValueHex
Value: 3f7
Key : WER.OS.Branch
Value: ni_release
Key : WER.OS.Version
Value: 10.0.22621.1
BUGCHECK_CODE: 3b
BUGCHECK_P1: c0000005
BUGCHECK_P2: fffff8037e6b147c
BUGCHECK_P3: fffff58ef499f8f0
BUGCHECK_P4: 0
FILE_IN_CAB: 012424-8453-01.dmp
TAG_NOT_DEFINED_202b: *** Unknown TAG in analysis list 202b
CONTEXT: fffff58ef499f8f0 -- (.cxr 0xfffff58ef499f8f0)
rax=0000000000040246 rbx=0000000000000003 rcx=ffffa40e70c33040
rdx=fffff58ef49a1a10 rsi=fffff58ef49a0310 rdi=fffff8037e45eff8
rip=fffff8037e6b147c rsp=fffff58ef49a0310 rbp=fffff58ef49a0d10
r8=0000000000000003 r9=fffff58ef49a0738 r10=0000000000000003
r11=fffff8037e400000 r12=00007fffffff0000 r13=00007ffffffeffff
r14=fffff58ef49a06a0 r15=fffff8037eade79d
iopl=0 nv up ei pl nz na pe nc
cs=0010 ss=0018 ds=002b es=002b fs=0053 gs=002b efl=00050202
nt!RtlpUnwindPrologue+0x22c:
fffff803`7e6b147c 4a8994d080000000 mov qword ptr [rax+r10*8+80h],rdx ds:002b:00000000`000402de=????????????????
Resetting default scope
BLACKBOXBSD: 1 (!blackboxbsd)
BLACKBOXNTFS: 1 (!blackboxntfs)
BLACKBOXPNP: 1 (!blackboxpnp)
BLACKBOXWINLOGON: 1
CUSTOMER_CRASH_COUNT: 1
PROCESS_NAME: sppsvc.exe
STACK_TEXT:
fffff58e`f49a0310 fffff803`7e6b0e88 : fffff803`7e400000 fffff803`7eade79d fffff58e`f49a19e0 fffff803`7e50e938 : nt!RtlpUnwindPrologue+0x22c
fffff58e`f49a03e0 fffff803`7e6b0d69 : fffff803`7eade79d fffff58e`f49a1a20 fffff803`7eade79d fffff803`7e50e938 : nt!RtlpxVirtualUnwind+0x108
fffff58e`f49a04a0 fffff803`7eb0c705 : fffff803`7eade79d fffff58e`f49a05f0 fffff58e`f49a1a20 00000000`00000000 : nt!RtlVirtualUnwind2+0x89
fffff58e`f49a0530 fffff803`7e820b7d : 00000000`00000000 00000000`00000001 00000000`00000001 00000000`00000002 : nt!PspGetSetContextInternal+0x315
fffff58e`f49a0bc0 fffff803`7eb720a5 : ffff800d`183f4a00 00000000`00000001 00000000`00000000 ffffa40e`70c33040 : nt!PspGetSetContextSpecialApc+0x6d
fffff58e`f49a0cd0 fffff803`7eae1ced : 0000007e`743fe6c0 ffff800d`18260610 00000000`0000002c 00000000`00000000 : nt!PspGetContextThreadInternal+0x111
fffff58e`f49a0f10 fffff803`7eae1b8c : 00000000`00000000 ffff800d`183f49d0 00000000`00000000 00000000`00000000 : nt!WbGetTrapFrame+0x55
fffff58e`f49a0f50 fffff803`7eae1351 : 00000000`00000001 fffff58e`f49a1aa0 00000000`0000002c ffff800d`1555a810 : nt!WbHeapExecuteCall+0xc0
fffff58e`f49a1150 fffff803`7eadeb1c : ffff800d`1555a810 0000007e`743fe6c0 ffff800d`18260610 00000000`00000000 : nt!WbDispatchOperation+0x121
fffff58e`f49a11b0 fffff803`7eade79d : 00000000`0000c2ac 00000000`00000000 00000218`d6cc7040 00007ffe`a976e640 : nt!ExpQuerySystemInformation+0x31c
fffff58e`f49a19e0 fffff803`7e82bbe5 : ffffa40e`70c30000 00007ffe`cd5db944 00000218`d6b202f0 ffffa40e`70817070 : nt!NtQuerySystemInformation+0x5d
fffff58e`f49a1a20 00000218`d60b1819 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x25
0000007e`743fe690 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x00000218`d60b1819
SYMBOL_NAME: nt!RtlpUnwindPrologue+22c
MODULE_NAME: nt
IMAGE_NAME: ntkrnlmp.exe
IMAGE_VERSION: 10.0.22621.2861
STACK_COMMAND: .cxr 0xfffff58ef499f8f0 ; kb
BUCKET_ID_FUNC_OFFSET: 22c
FAILURE_BUCKET_ID: AV_nt!RtlpUnwindPrologue
OS_VERSION: 10.0.22621.1
BUILDLAB_STR: ni_release
OSPLATFORM_TYPE: x64
OSNAME: Windows 10
FAILURE_ID_HASH: {95440a5f-e24c-ed5b-673e-409517bcf837}
Followup: MachineOwner
---------
Hi Joshua,
My name is Igor, it's a pleasure for me to help others and I'll try to help you.
Driver verifier could not corrupt the system but malfunctioning driver could do this.
Please boot from Windows installation media and try recovery steps described at https://support.microsoft.com/en-us/help/402603...
It these steps will not help, please copy memory minidumps to this media and use another PC to share them to OneDrive for analysis.