Firefox caused(?) Blue screen of Death
Hello,
I've experienced a blue screen of death on my machine as listed below, which seems to point that Firefox.exe is the starting point of the BSOD.
I had around 8 tabs open at the time of which 2-3 Twitch.tv channels, Private mode tabs with several websites with a variance of content-typed on them.
However, I had these open in the background while I was playing a game and at some point my computer just rebooted.
It hasn't happened another time (yet) and it is the first time I've had a BSOD for quite some time so it kind of scared me.
I had Hardware Acceleration turned on and Content Process limit was set to 8(Default).
The Nvidia drivers I have installed are: 451.67 (09-07-2020)
******************************************************************************* * * * Bugcheck Analysis * * * ******************************************************************************* SYSTEM_SERVICE_EXCEPTION (3b) An exception happened while executing a system service routine. Arguments: Arg1: 00000000c0000005, Exception code that caused the bugcheck Arg2: fffff802404d800c, Address of the instruction which caused the bugcheck Arg3: ffff8283464fef90, Address of the context record for the exception that caused the bugcheck Arg4: 0000000000000000, zero. Debugging Details: ------------------ KEY_VALUES_STRING: 1 Key : Analysis.CPU.Sec Value: 2 Key : Analysis.DebugAnalysisProvider.CPP Value: Create: 8007007e on MIYA Key : Analysis.DebugData Value: CreateObject Key : Analysis.DebugModel Value: CreateObject Key : Analysis.Elapsed.Sec Value: 2 Key : Analysis.Memory.CommitPeak.Mb Value: 78 Key : Analysis.System Value: CreateObject BUGCHECK_CODE: 3b BUGCHECK_P1: c0000005 BUGCHECK_P2: fffff802404d800c BUGCHECK_P3: ffff8283464fef90 BUGCHECK_P4: 0 CONTEXT: ffff8283464fef90 -- (.cxr 0xffff8283464fef90) rax=0000000000000000 rbx=ffffce0d5ea36080 rcx=fffffffffffffffd rdx=0000000000000000 rsi=ffffce0d5d3a4080 rdi=0000000000000000 rip=fffff802404d800c rsp=ffff8283464ff998 rbp=ffff8283464ffa80 r8=ffff95046faf9001 r9=000002016af88590 r10=fffff8024086e2e0 r11=00000000005a3c10 r12=0000020183abe000 r13=0000020183d14078 r14=ffff8283464ffa08 r15=0000000000000001 iopl=0 nv up ei ng nz na pe nc cs=0010 ss=0018 ds=002b es=002b fs=0053 gs=002b efl=00050282 nt!PsGetCurrentServerSilo+0x2c: fffff802`404d800c c3 ret Resetting default scope BLACKBOXBSD: 1 (!blackboxbsd) BLACKBOXNTFS: 1 (!blackboxntfs) BLACKBOXPNP: 1 (!blackboxpnp) BLACKBOXWINLOGON: 1 CUSTOMER_CRASH_COUNT: 1 '''PROCESS_NAME: firefox.exe''' STACK_TEXT: ffff8283`464ff998 fffff802`40870c4c : ffffce0d`5d3a4080 ffff8283`464ffa80 ffffce0d`5d3a4080 00000000`00000000 : nt!PsGetCurrentServerSilo+0x2c ffff8283`464ff9a0 fffff802`4086e304 : ffffce0d`5d3a4080 00000201`73938600 00000000`00000000 00000201`8fa00000 : nt!PsLookupThreadByThreadId+0x3c ffff8283`464ff9d0 fffff802`405ef475 : ffffce0d`5d3a4080 00000000`00000000 00000000`00000000 00000000`00000000 : nt!NtAlertThreadByThreadId+0x24 ffff8283`464ffa00 00007ff8`4810bb84 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x25 0000005f`fadff848 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x00007ff8`4810bb84 SYMBOL_NAME: nt!PsGetCurrentServerSilo+2c MODULE_NAME: nt IMAGE_NAME: ntkrnlmp.exe IMAGE_VERSION: 10.0.19041.388 STACK_COMMAND: .cxr 0xffff8283464fef90 ; kb BUCKET_ID_FUNC_OFFSET: 2c FAILURE_BUCKET_ID: 0x3B_c0000005_nt!PsGetCurrentServerSilo OS_VERSION: 10.0.19041.1 BUILDLAB_STR: vb_release OSPLATFORM_TYPE: x64 OSNAME: Windows 10 FAILURE_ID_HASH: {ca3838bc-6517-b4b6-f083-461080433ddb} Followup: MachineOwner ---------
Novain'i cor-el t@
All Replies (4)
Can't seem to find the edit button to add a rectification: Nvidia drivers installed: 451.48 (24-06-2020)
Just got a second BSOD and again Firefox.exe is named as process.
DRIVER_OVERRAN_STACK_BUFFER (f7) A driver has overrun a stack-based buffer. This overrun could potentially allow a malicious user to gain control of this machine. DESCRIPTION A driver overran a stack-based buffer (or local variable) in a way that would have overwritten the function's return address and jumped back to an arbitrary address when the function returned. This is the classic "buffer overrun" hacking attack and the system has been brought down to prevent a malicious user from gaining complete control of it. Do a kb to get a stack backtrace -- the last routine on the stack before the buffer overrun handlers and bugcheck call is the one that overran its local variable(s). Arguments: Arg1: 00001814857ef790, Actual security check cookie from the stack Arg2: 0000cd688ce2dac5, Expected security check cookie Arg3: ffff3297731d253a, Complement of the expected security check cookie Arg4: 0000000000000000, zero
Debugging Details:
KEY_VALUES_STRING: 1
Key : Analysis.CPU.Sec Value: 2
Key : Analysis.DebugAnalysisProvider.CPP Value: Create: 8007007e on MIYA
Key : Analysis.DebugData Value: CreateObject
Key : Analysis.DebugModel Value: CreateObject
Key : Analysis.Elapsed.Sec Value: 50
Key : Analysis.Memory.CommitPeak.Mb Value: 78
Key : Analysis.System Value: CreateObject
BUGCHECK_CODE: f7
BUGCHECK_P1: 1814857ef790
BUGCHECK_P2: cd688ce2dac5
BUGCHECK_P3: ffff3297731d253a
BUGCHECK_P4: 0
SECURITY_COOKIE: Expected 0000cd688ce2dac5 found 00001814857ef790
BLACKBOXBSD: 1 (!blackboxbsd)
BLACKBOXNTFS: 1 (!blackboxntfs)
BLACKBOXPNP: 1 (!blackboxpnp)
BLACKBOXWINLOGON: 1
CUSTOMER_CRASH_COUNT: 1
PROCESS_NAME: firefox.exe
STACK_TEXT: ffff868e`857ee568 fffff806`0a0bcfc5 : 00000000`000000f7 00001814`857ef790 0000cd68`8ce2dac5 ffff3297`731d253a : nt!KeBugCheckEx ffff868e`857ee570 fffff806`09fbea4e : ffff868e`857eeb80 fffff806`09e331ef fffff806`09cce508 00000000`00000000 : nt!_report_gsfailure+0x25 ffff868e`857ee5b0 fffff806`09fbe9e3 : ffff868e`857ee680 00000000`00000000 ffff868e`857eebb8 ffff868e`857eeb90 : nt!_GSHandlerCheckCommon+0x5a ffff868e`857ee5e0 fffff806`09fe6a1f : fffff806`09fbe9d0 00000000`00000000 00000000`00000000 00000000`00000000 : nt!_GSHandlerCheck+0x13 ffff868e`857ee610 fffff806`09e32fd7 : ffff868e`857eeb80 00000000`00000000 ffff868e`857eed90 fffff806`09e2c1de : nt!RtlpExecuteHandlerForException+0xf ffff868e`857ee640 fffff806`09e7b246 : ffff868e`857ef558 ffff868e`857ef290 ffff868e`857ef558 00000000`00000000 : nt!RtlDispatchException+0x297 ffff868e`857eed60 fffff806`09fefb6c : 00000000`00000000 00000000`00000000 00000000`00000000 fffff806`09fe48e6 : nt!KiDispatchException+0x186 ffff868e`857ef420 fffff806`09fea0a9 : 00000000`00000001 ffffa48d`3366d180 00000000`00000002 ffffcb81`8fe40180 : nt!KiExceptionDispatch+0x12c ffff868e`857ef600 fffff806`09e2c1de : ffffa48d`2fd7d001 00000000`00000000 ffffa48d`2fd7d000 ffffffff`ffffffff : nt!KiInvalidOpcodeFault+0x329 ffff868e`857ef790 ffff9e9a`84d9aaf0 : ffffa48d`00000000 00000000`00000000 ffffffff`fff0bdc0 ffffffff`ffffffff : nt!MiIdentifyPfn+0x23e ffff868e`857ef850 ffffa48d`00000000 : 00000000`00000000 ffffffff`fff0bdc0 ffffffff`ffffffff ffffffff`ffffffff : 0xffff9e9a`84d9aaf0 ffff868e`857ef858 00000000`00000000 : ffffffff`fff0bdc0 ffffffff`ffffffff ffffffff`ffffffff 00000000`00000000 : 0xffffa48d`00000000
SYMBOL_NAME: nt!_report_gsfailure+25
MODULE_NAME: nt
IMAGE_NAME: ntkrnlmp.exe
IMAGE_VERSION: 10.0.19041.388
STACK_COMMAND: .thread ; .cxr ; kb
BUCKET_ID_FUNC_OFFSET: 25
FAILURE_BUCKET_ID: 0xF7_MISSING_GSFRAME_nt!_report_gsfailure
OS_VERSION: 10.0.19041.1
BUILDLAB_STR: vb_release
OSPLATFORM_TYPE: x64
OSNAME: Windows 10
FAILURE_ID_HASH: {82d2c1b5-b0cb-60a5-9a5d-78c8c4284f84}
Followup: MachineOwner
Just got a 2nd BSOD:
- *
- Bugcheck Analysis *
- *
DRIVER_OVERRAN_STACK_BUFFER (f7) A driver has overrun a stack-based buffer. This overrun could potentially allow a malicious user to gain control of this machine. DESCRIPTION A driver overran a stack-based buffer (or local variable) in a way that would have overwritten the function's return address and jumped back to an arbitrary address when the function returned. This is the classic "buffer overrun" hacking attack and the system has been brought down to prevent a malicious user from gaining complete control of it. Do a kb to get a stack backtrace -- the last routine on the stack before the buffer overrun handlers and bugcheck call is the one that overran its local variable(s). Arguments: Arg1: 00001814857ef790, Actual security check cookie from the stack Arg2: 0000cd688ce2dac5, Expected security check cookie Arg3: ffff3297731d253a, Complement of the expected security check cookie Arg4: 0000000000000000, zero
Debugging Details:
KEY_VALUES_STRING: 1
Key : Analysis.CPU.Sec Value: 2 Key : Analysis.DebugAnalysisProvider.CPP Value: Create: 8007007e on MIYA Key : Analysis.DebugData Value: CreateObject Key : Analysis.DebugModel Value: CreateObject Key : Analysis.Elapsed.Sec Value: 50 Key : Analysis.Memory.CommitPeak.Mb Value: 78 Key : Analysis.System Value: CreateObject
BUGCHECK_CODE: f7
BUGCHECK_P1: 1814857ef790
BUGCHECK_P2: cd688ce2dac5
BUGCHECK_P3: ffff3297731d253a
BUGCHECK_P4: 0
SECURITY_COOKIE: Expected 0000cd688ce2dac5 found 00001814857ef790
BLACKBOXBSD: 1 (!blackboxbsd)
BLACKBOXNTFS: 1 (!blackboxntfs)
BLACKBOXPNP: 1 (!blackboxpnp)
BLACKBOXWINLOGON: 1
CUSTOMER_CRASH_COUNT: 1
PROCESS_NAME: firefox.exe
STACK_TEXT: ffff868e`857ee568 fffff806`0a0bcfc5 : 00000000`000000f7 00001814`857ef790 0000cd68`8ce2dac5 ffff3297`731d253a : nt!KeBugCheckEx ffff868e`857ee570 fffff806`09fbea4e : ffff868e`857eeb80 fffff806`09e331ef fffff806`09cce508 00000000`00000000 : nt!_report_gsfailure+0x25 ffff868e`857ee5b0 fffff806`09fbe9e3 : ffff868e`857ee680 00000000`00000000 ffff868e`857eebb8 ffff868e`857eeb90 : nt!_GSHandlerCheckCommon+0x5a ffff868e`857ee5e0 fffff806`09fe6a1f : fffff806`09fbe9d0 00000000`00000000 00000000`00000000 00000000`00000000 : nt!_GSHandlerCheck+0x13 ffff868e`857ee610 fffff806`09e32fd7 : ffff868e`857eeb80 00000000`00000000 ffff868e`857eed90 fffff806`09e2c1de : nt!RtlpExecuteHandlerForException+0xf ffff868e`857ee640 fffff806`09e7b246 : ffff868e`857ef558 ffff868e`857ef290 ffff868e`857ef558 00000000`00000000 : nt!RtlDispatchException+0x297 ffff868e`857eed60 fffff806`09fefb6c : 00000000`00000000 00000000`00000000 00000000`00000000 fffff806`09fe48e6 : nt!KiDispatchException+0x186 ffff868e`857ef420 fffff806`09fea0a9 : 00000000`00000001 ffffa48d`3366d180 00000000`00000002 ffffcb81`8fe40180 : nt!KiExceptionDispatch+0x12c ffff868e`857ef600 fffff806`09e2c1de : ffffa48d`2fd7d001 00000000`00000000 ffffa48d`2fd7d000 ffffffff`ffffffff : nt!KiInvalidOpcodeFault+0x329 ffff868e`857ef790 ffff9e9a`84d9aaf0 : ffffa48d`00000000 00000000`00000000 ffffffff`fff0bdc0 ffffffff`ffffffff : nt!MiIdentifyPfn+0x23e ffff868e`857ef850 ffffa48d`00000000 : 00000000`00000000 ffffffff`fff0bdc0 ffffffff`ffffffff ffffffff`ffffffff : 0xffff9e9a`84d9aaf0 ffff868e`857ef858 00000000`00000000 : ffffffff`fff0bdc0 ffffffff`ffffffff ffffffff`ffffffff 00000000`00000000 : 0xffffa48d`00000000
SYMBOL_NAME: nt!_report_gsfailure+25
MODULE_NAME: nt
IMAGE_NAME: ntkrnlmp.exe
IMAGE_VERSION: 10.0.19041.388
STACK_COMMAND: .thread ; .cxr ; kb
BUCKET_ID_FUNC_OFFSET: 25
FAILURE_BUCKET_ID: 0xF7_MISSING_GSFRAME_nt!_report_gsfailure
OS_VERSION: 10.0.19041.1
BUILDLAB_STR: vb_release
OSPLATFORM_TYPE: x64
OSNAME: Windows 10
FAILURE_ID_HASH: {82d2c1b5-b0cb-60a5-9a5d-78c8c4284f84}
Followup: MachineOwner
Just got a 2nd BSOD today and again Firefox.exe is named.
- *
- Bugcheck Analysis *
- *
DRIVER_OVERRAN_STACK_BUFFER (f7) A driver has overrun a stack-based buffer. This overrun could potentially allow a malicious user to gain control of this machine. DESCRIPTION A driver overran a stack-based buffer (or local variable) in a way that would have overwritten the function's return address and jumped back to an arbitrary address when the function returned. This is the classic "buffer overrun" hacking attack and the system has been brought down to prevent a malicious user from gaining complete control of it. Do a kb to get a stack backtrace -- the last routine on the stack before the buffer overrun handlers and bugcheck call is the one that overran its local variable(s). Arguments: Arg1: 00001814857ef790, Actual security check cookie from the stack Arg2: 0000cd688ce2dac5, Expected security check cookie Arg3: ffff3297731d253a, Complement of the expected security check cookie Arg4: 0000000000000000, zero
Debugging Details:
KEY_VALUES_STRING: 1
Key : Analysis.CPU.Sec Value: 2 Key : Analysis.DebugAnalysisProvider.CPP Value: Create: 8007007e on MIYA Key : Analysis.DebugData Value: CreateObject Key : Analysis.DebugModel Value: CreateObject Key : Analysis.Elapsed.Sec Value: 50 Key : Analysis.Memory.CommitPeak.Mb Value: 78 Key : Analysis.System Value: CreateObject
BUGCHECK_CODE: f7
BUGCHECK_P1: 1814857ef790
BUGCHECK_P2: cd688ce2dac5
BUGCHECK_P3: ffff3297731d253a
BUGCHECK_P4: 0
SECURITY_COOKIE: Expected 0000cd688ce2dac5 found 00001814857ef790
BLACKBOXBSD: 1 (!blackboxbsd)
BLACKBOXNTFS: 1 (!blackboxntfs)
BLACKBOXPNP: 1 (!blackboxpnp)
BLACKBOXWINLOGON: 1
CUSTOMER_CRASH_COUNT: 1
PROCESS_NAME: firefox.exe
STACK_TEXT: ffff868e`857ee568 fffff806`0a0bcfc5 : 00000000`000000f7 00001814`857ef790 0000cd68`8ce2dac5 ffff3297`731d253a : nt!KeBugCheckEx ffff868e`857ee570 fffff806`09fbea4e : ffff868e`857eeb80 fffff806`09e331ef fffff806`09cce508 00000000`00000000 : nt!_report_gsfailure+0x25 ffff868e`857ee5b0 fffff806`09fbe9e3 : ffff868e`857ee680 00000000`00000000 ffff868e`857eebb8 ffff868e`857eeb90 : nt!_GSHandlerCheckCommon+0x5a ffff868e`857ee5e0 fffff806`09fe6a1f : fffff806`09fbe9d0 00000000`00000000 00000000`00000000 00000000`00000000 : nt!_GSHandlerCheck+0x13 ffff868e`857ee610 fffff806`09e32fd7 : ffff868e`857eeb80 00000000`00000000 ffff868e`857eed90 fffff806`09e2c1de : nt!RtlpExecuteHandlerForException+0xf ffff868e`857ee640 fffff806`09e7b246 : ffff868e`857ef558 ffff868e`857ef290 ffff868e`857ef558 00000000`00000000 : nt!RtlDispatchException+0x297 ffff868e`857eed60 fffff806`09fefb6c : 00000000`00000000 00000000`00000000 00000000`00000000 fffff806`09fe48e6 : nt!KiDispatchException+0x186 ffff868e`857ef420 fffff806`09fea0a9 : 00000000`00000001 ffffa48d`3366d180 00000000`00000002 ffffcb81`8fe40180 : nt!KiExceptionDispatch+0x12c ffff868e`857ef600 fffff806`09e2c1de : ffffa48d`2fd7d001 00000000`00000000 ffffa48d`2fd7d000 ffffffff`ffffffff : nt!KiInvalidOpcodeFault+0x329 ffff868e`857ef790 ffff9e9a`84d9aaf0 : ffffa48d`00000000 00000000`00000000 ffffffff`fff0bdc0 ffffffff`ffffffff : nt!MiIdentifyPfn+0x23e ffff868e`857ef850 ffffa48d`00000000 : 00000000`00000000 ffffffff`fff0bdc0 ffffffff`ffffffff ffffffff`ffffffff : 0xffff9e9a`84d9aaf0 ffff868e`857ef858 00000000`00000000 : ffffffff`fff0bdc0 ffffffff`ffffffff ffffffff`ffffffff 00000000`00000000 : 0xffffa48d`00000000
SYMBOL_NAME: nt!_report_gsfailure+25
MODULE_NAME: nt
IMAGE_NAME: ntkrnlmp.exe
IMAGE_VERSION: 10.0.19041.388
STACK_COMMAND: .thread ; .cxr ; kb
BUCKET_ID_FUNC_OFFSET: 25
FAILURE_BUCKET_ID: 0xF7_MISSING_GSFRAME_nt!_report_gsfailure
OS_VERSION: 10.0.19041.1
BUILDLAB_STR: vb_release
OSPLATFORM_TYPE: x64
OSNAME: Windows 10
FAILURE_ID_HASH: {82d2c1b5-b0cb-60a5-9a5d-78c8c4284f84}
Followup: MachineOwner