I recently bluescreened (System_Service_Exception blaming ntoskrnl and nvlddmkm) immediately after another, potentially unrelated bluescreen (Reference_By_Pointer, which blames ntoskrnl and occurred after closing out of Yakuza 0 using Alt + F4), and I'd just like some help looking into these debug files to see what was at fault.
***
SYSTEM_SERVICE_EXCEPTION (3b)
An exception happened while executing a system service routine.
Arguments:
Arg1: 00000000c0000005, Exception code that caused the bugcheck
Arg2: fffff800705f128e, Address of the instruction which caused the bugcheck
Arg3: ffff8608ec9c5df0, Address of the context record for the exception that caused the bugcheck
Arg4: 0000000000000000, zero.
Debugging Details:
------------------
KEY_VALUES_STRING: 1
Key : Analysis.CPU.Sec
Value: 6
Key : Analysis.DebugAnalysisProvider.CPP
Value: Create: 8007007e on DESKTOP-TESBBSR
Key : Analysis.DebugData
Value: CreateObject
Key : Analysis.DebugModel
Value: CreateObject
Key : Analysis.Elapsed.Sec
Value: 19
Key : Analysis.Memory.CommitPeak.Mb
Value: 70
Key : Analysis.System
Value: CreateObject
ADDITIONAL_XML: 1
BUGCHECK_CODE: 3b
BUGCHECK_P1: c0000005
BUGCHECK_P2: fffff800705f128e
BUGCHECK_P3: ffff8608ec9c5df0
BUGCHECK_P4: 0
CONTEXT: ffff8608ec9c5df0 -- (.cxr 0xffff8608ec9c5df0)
rax=01d5e7cb7d714cc4 rbx=ffffa40bf74fd400 rcx=ffff9080916bcb80
rdx=0000000000000d48 rsi=0000000000000000 rdi=01d5e7cb7d714cc4
rip=fffff800705f128e rsp=ffff8608ec9c67e0 rbp=0000000000000d48
r8=01d5e7cb7d7117a4 r9=ffff9080916bcb80 r10=0000fffff800705e
r11=ffff8608ec9c6a18 r12=ffff8608ec9c6918 r13=0000000000000000
r14=0000000000000000 r15=ffffa40c0b391080
iopl=0 nv up ei pl nz na pe nc
cs=0010 ss=0018 ds=002b es=002b fs=0053 gs=002b efl=00050202
nt!ObpReferenceObjectByHandleWithTag+0xfe:
fffff800
Resetting default scope
CUSTOMER_CRASH_COUNT: 1
PROCESS_NAME: nvcontainer.exe
STACK_TEXT:
ffff8608
ffff8608
ffff8608
ffff8608
ffff8608
ffff8608
00000019
SYMBOL_NAME: nt!ObfDereferenceObjectWithTag+1bccbe
MODULE_NAME: nt
IMAGE_NAME: ntkrnlmp.exe
IMAGE_VERSION: 10.0.18362.657
STACK_COMMAND: .thread ; .cxr ; kb
BUCKET_ID_FUNC_OFFSET: 1bccbe
FAILURE_BUCKET_ID: 0x18_CORRUPT_REF_COUNT_nt!ObfDereferenceObjectWithTag
OS_VERSION: 10.0.18362.1
BUILDLAB_STR: 19h1_release
OSPLATFORM_TYPE: x64
OSNAME: Windows 10
FAILURE_ID_HASH: {fa6b3516-71cb-1e92-b987-b8bebd3458ac}
Followup: MachineOwner
---------
- *
- Bugcheck Analysis *
- *
SYSTEM_SERVICE_EXCEPTION (3b)
An exception happened while executing a system service routine.
Arguments:
Arg1: 00000000c0000005, Exception code that caused the bugcheck
Arg2: fffff800705f128e, Address of the instruction which caused the bugcheck
Arg3: ffff8608ec9c5df0, Address of the context record for the exception that caused the bugcheck
Arg4: 0000000000000000, zero.
Debugging Details:
------------------
KEY_VALUES_STRING: 1
Key : Analysis.CPU.Sec
Value: 6
Key : Analysis.DebugAnalysisProvider.CPP
Value: Create: 8007007e on DESKTOP-TESBBSR
Key : Analysis.DebugData
Value: CreateObject
Key : Analysis.DebugModel
Value: CreateObject
Key : Analysis.Elapsed.Sec
Value: 19
Key : Analysis.Memory.CommitPeak.Mb
Value: 70
Key : Analysis.System
Value: CreateObject
ADDITIONAL_XML: 1
BUGCHECK_CODE: 3b
BUGCHECK_P1: c0000005
BUGCHECK_P2: fffff800705f128e
BUGCHECK_P3: ffff8608ec9c5df0
BUGCHECK_P4: 0
CONTEXT: ffff8608ec9c5df0 -- (.cxr 0xffff8608ec9c5df0)
rax=01d5e7cb7d714cc4 rbx=ffffa40bf74fd400 rcx=ffff9080916bcb80
rdx=0000000000000d48 rsi=0000000000000000 rdi=01d5e7cb7d714cc4
rip=fffff800705f128e rsp=ffff8608ec9c67e0 rbp=0000000000000d48
r8=01d5e7cb7d7117a4 r9=ffff9080916bcb80 r10=0000fffff800705e
r11=ffff8608ec9c6a18 r12=ffff8608ec9c6918 r13=0000000000000000
r14=0000000000000000 r15=ffffa40c0b391080
iopl=0 nv up ei pl nz na pe nc
cs=0010 ss=0018 ds=002b es=002b fs=0053 gs=002b efl=00050202
nt!ObpReferenceObjectByHandleWithTag+0xfe:
fffff800
705f128e 488b08 mov rcx,qword ptr [rax] ds:002b:01d5e7cb
7d714cc4=????????????????Resetting default scope
CUSTOMER_CRASH_COUNT: 1
PROCESS_NAME: nvcontainer.exe
STACK_TEXT:
ffff8608
ec9c67e0 fffff800
705f117e : ffffa40bf75b9080 00000000
00000000 ffffa40bf74fd400 ffffa40c
00000001 : nt!ObpReferenceObjectByHandleWithTag+0xfeffff8608
ec9c6870 fffff800
7003aa01 : 0000000000000001 ffffcb80
6c186180 0000000000000000 00000000
00000000 : nt!ObReferenceObjectByHandle+0x2effff8608
ec9c68c0 fffff800
705e8ae2 : 0000000000000d48 ffff8608
00000000 ffffa40c00000000 00000000
00000000 : nt!IopReferenceFileObject+0x31ffff8608
ec9c6900 fffff800
705e8966 : a40c08fde5304aab 00000000
00000d44 0000000000000000 00000000
00000000 : nt!IopXxxControlFile+0x162ffff8608
ec9c6a20 fffff800
701d2e18 : 0000000000000001 00000000
00000001 0000000000000000 ffff8608
ec9c6a00 : nt!NtDeviceIoControlFile+0x56ffff8608
ec9c6a90 00007ffa
1761c1a4 : 0000000000000000 00000000
00000000 0000000000000000 00000000
00000000 : nt!KiSystemServiceCopyEnd+0x2800000019
6d1ff658 00000000
00000000 : 0000000000000000 00000000
00000000 0000000000000000 00000000
00000000 : 0x00007ffa1761c1a4
SYMBOL_NAME: nt!ObpReferenceObjectByHandleWithTag+fe
MODULE_NAME: nt
IMAGE_NAME: ntkrnlmp.exe
IMAGE_VERSION: 10.0.18362.657
STACK_COMMAND: .cxr 0xffff8608ec9c5df0 ; kb
BUCKET_ID_FUNC_OFFSET: fe
FAILURE_BUCKET_ID: 0x3B_c0000005_nt!ObpReferenceObjectByHandleWithTag
OS_VERSION: 10.0.18362.1
BUILDLAB_STR: 19h1_release
OSPLATFORM_TYPE: x64
OSNAME: Windows 10
FAILURE_ID_HASH: {3d4819ec-af64-be43-ac98-a6e960db3861}
Followup: MachineOwner
---------[/SPOILER]
[SPOILER="Reference_By_Pointer Dump"]*******************************************************************************
[LIST]
[*]*
[*]Bugcheck Analysis *
[*]*
[/LIST]
*******************************************************************************
REFERENCE_BY_POINTER (18)
Arguments:
Arg1: ffff98863fab02a0, Object type of the object whose reference count is being lowered
Arg2: ffff988662399600, Object whose reference count is being lowered
Arg3: 0000000000000001, Reserved
Arg4: 000000f000000000, Reserved
The reference count of an object is illegal for the current state of the object.
Each time a driver uses a pointer to an object the driver calls a kernel routine
to increment the reference count of the object. When the driver is done with the
pointer the driver calls another kernel routine to decrement the reference count.
Drivers must match calls to the increment and decrement routines. This bugcheck
can occur because an object's reference count goes to zero while there are still
open handles to the object, in which case the fourth parameter indicates the number
of opened handles. It may also occur when the object's reference count drops below zero
whether or not there are open handles to the object, and in that case the fourth parameter
contains the actual value of the pointer references count.
Debugging Details:
------------------
KEY_VALUES_STRING: 1
Key : Analysis.CPU.Sec
Value: 3
Key : Analysis.DebugAnalysisProvider.CPP
Value: Create: 8007007e on DESKTOP-TESBBSR
Key : Analysis.DebugData
Value: CreateObject
Key : Analysis.DebugModel
Value: CreateObject
Key : Analysis.Elapsed.Sec
Value: 5
Key : Analysis.Memory.CommitPeak.Mb
Value: 68
Key : Analysis.System
Value: CreateObject
ADDITIONAL_XML: 1
BUGCHECK_CODE: 18
BUGCHECK_P1: ffff98863fab02a0
BUGCHECK_P2: ffff988662399600
BUGCHECK_P3: 1
BUGCHECK_P4: f000000000
CUSTOMER_CRASH_COUNT: 1
PROCESS_NAME: Yakuza0.exe
STACK_TEXT:
ffffb484
642ad908 fffff8057bbf759e : 00000000
00000018 ffff98863fab02a0 ffff9886
62399600 0000000000000001 : nt!KeBugCheckEx
ffffb484
642ad910 fffff8057bfec5f7 : 00000000
ffff8003 ffff9886623995d0 ffff9886
623995d0 ffffcb88d0715dc0 : nt!ObfDereferenceObjectWithTag+0x1bccbe
ffffb484
642ad950 fffff8057bff18ee : 00000000
00000b68 ffffb484642adb00 ffffb484
00000002 ffffb484642ada00 : nt!ObCloseHandleTableEntry+0x2c7
ffffb484
642ada90 fffff8057bbd2e18 : ffff9886
5118e080 000000000014f4a8 ffffb484
642adb80 fffffffffa0a1f00 : nt!NtClose+0xde
ffffb484
642adb00 00007ff8a99fc2a4 : 00000000
00000000 0000000000000000 00000000
00000000 0000000000000000 : nt!KiSystemServiceCopyEnd+0x28
00000000
0014f4e8 0000000000000000 : 00000000
00000000 0000000000000000 00000000
00000000 0000000000000000 : 0x00007ff8
a99fc2a4SYMBOL_NAME: nt!ObfDereferenceObjectWithTag+1bccbe
MODULE_NAME: nt
IMAGE_NAME: ntkrnlmp.exe
IMAGE_VERSION: 10.0.18362.657
STACK_COMMAND: .thread ; .cxr ; kb
BUCKET_ID_FUNC_OFFSET: 1bccbe
FAILURE_BUCKET_ID: 0x18_CORRUPT_REF_COUNT_nt!ObfDereferenceObjectWithTag
OS_VERSION: 10.0.18362.1
BUILDLAB_STR: 19h1_release
OSPLATFORM_TYPE: x64
OSNAME: Windows 10
FAILURE_ID_HASH: {fa6b3516-71cb-1e92-b987-b8bebd3458ac}
Followup: MachineOwner
---------