Tracing driver causing WATCHDOG BSOD - crash dump has "zeroed stack"


  1. Stilez
    Posts : 1
    8.1 + 10
       New #1

    Tracing driver causing WATCHDOG BSOD - crash dump has "zeroed stack"


    Short version - I'm fairly sure this is the standard DPC_WATCHDOG bugcheck, but I'm having trouble pinning down the responsible driver, because the crash dump has a zeroed stack. The dps info suggests it's a network driver issue but I don't know where to go from here, or if I need a non-zeroed stack to do more.

    >>> !analyse -v

    BUCKET_ID: ZEROED_STACK_0x133
    PRIMARY_PROBLEM_CLASS: ZEROED_STACK
    FAILURE_BUCKET_ID: ZEROED_STACK_0x133

    >>> !thread

    GetPointerFromAddress: unable to read from fffff80200d67000
    THREAD ffffe001388d3080 Cid 5d08.64f0 Teb: 00007ff7be483000 Win32Thread: fffff90144579b50 RUNNING on processor 0
    IRP List:
    Unable to read nt!_IRP @ ffffe0014a401b90
    Not impersonating
    GetUlongFromAddress: unable to read from fffff80200cb4b00
    Owning Process ffffe0014fe75080 Image: vmware-vmx.exe
    Attached Process N/A Image: N/A
    fffff78000000000: Unable to get shared data
    ...
    Base ffffd0003cd63000 Limit ffffd0003cd5d000 Call 0000000000000000
    Priority 10 BasePriority 8 PriorityDecrement 0 IoPriority 2 PagePriority 5
    Child-SP RetAddr : Args to Child : Call Site
    fffff802`027d2c88 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KeBugCheckEx

    >>> dps ffffd0003cd5d000 ffffd0003cd63000
    (I've left out all lines with hex addresses and nothing else)

    ffffd000`3cd60ae8 fffff801`01b083ca tcpip!TcpSetSockOptTcb+0x23a
    ffffd000`3cd60de8 fffff801`01b0810a tcpip!TcpTlConnectionIoControlEndpoint+0x4a
    ffffd000`3cd60e08 fffff801`02ab73f1 tdx!DbgTdxDereferenceConnection+0xa1
    ffffd000`3cd60e48 fffff801`02ab8192 tdx!TdxIssueIoControlRequest+0x352
    ffffd000`3cd60ec0 fffff801`02ab5770 tdx!TdxSynchronousTlIoRequestComplete
    ffffd000`3cd60f20 fffff802`00d08180 nt!KiInitialPCR+0x180
    ffffd000`3cd60f28 fffff802`00aa4e7f nt!IopfCompleteRequest+0x97f
    ffffd000`3cd60f58 fffff801`02ab52da tdx!TdxTcpSetInformationEx+0x11a
    ffffd000`3cd60f98 fffff802`00ca8d06 nt!ExAllocatePoolWithTag+0x2b6
    ffffd000`3cd61008 fffff802`00a3e2b5 nt!IopAllocateIrpPrivate+0x165
    ffffd000`3cd61048 fffff801`02b1e010 netbt!WPP_GLOBAL_Control
    ffffd000`3cd61068 fffff801`02ab5171 tdx!TdxTdiDispatchDeviceControl+0x81
    ffffd000`3cd61080 fffff802`00d08180 nt!KiInitialPCR+0x180
    ffffd000`3cd61088 fffff802`00aa4e7f nt!IopfCompleteRequest+0x97f
    ffffd000`3cd610c0 fffff801`02b1e010 netbt!WPP_GLOBAL_Control
    ffffd000`3cd61120 fffff801`02b1e010 netbt!WPP_GLOBAL_Control
    ffffd000`3cd61138 fffff801`02af2387 netbt!SetTcpInfo+0x9b
    ffffd000`3cd61178 fffff801`02af2162 netbt!NbtDereferenceLowerConnection+0x36
    ffffd000`3cd611a8 fffff801`02b1e010 netbt!WPP_GLOBAL_Control
    ffffd000`3cd611c8 fffff801`02aec610 netbt!NTIoComplete+0x60
    ffffd000`3cd61208 fffff801`02b230c0 netbt!DispatchIoctls+0xb0
    ffffd000`3cd61280 fffff802`00d08ca0 nt!KiInitialPCR+0xca0
    ffffd000`3cd61288 fffff802`00ca8d06 nt!ExAllocatePoolWithTag+0x2b6
    ffffd000`3cd61298 fffff801`02aec4ac netbt!NBT_DEREFERENCE_DEVICE+0x5c
    ffffd000`3cd612e8 fffff801`02b2393b netbt!NbtDispatchDevCtrl+0x9b
    ffffd000`3cd61318 fffff802`00ea5bc7 nt!IopSynchronousServiceTail+0x4b7
    ffffd000`3cd61358 fffff802`00a98a31 nt!SepNormalAccessCheck+0x231
    ffffd000`3cd61388 fffff802`00a3e2b5 nt!IopAllocateIrpPrivate+0x165
    ffffd000`3cd613c8 fffff802`00ab6e9e nt!MmCreateKernelStack+0x8e
    ffffd000`3cd61438 fffff802`00ab6bde nt!KeExpandKernelStackAndCalloutInternal+0x4be
    ffffd000`3cd61528 fffff801`01b11bb6 tcpip!TcpTlConnectionSend+0x76
    ffffd000`3cd61530 fffff801`01b118d0 tcpip!TcpTlConnectionSendCalloutRoutine
    ffffd000`3cd61548 fffff801`016658c0 NETIO!NsiDefaultSecurityDescriptor
    ffffd000`3cd61558 fffff801`02ab73f1 tdx!DbgTdxDereferenceConnection+0xa1
    ffffd000`3cd61598 fffff801`02ab7c33 tdx!TdxSendConnection+0x1a7
    ffffd000`3cd615c8 fffff801`01b378ee tcpip!TcpGetTcbConnectionObject+0x1fe
    ffffd000`3cd615d8 fffff801`01b15852 tcpip!IpNlpReferenceLocalAddress+0x31e
    ffffd000`3cd61620 fffff801`02ab7d30 tdx!TdxSendConnectionTlRequestComplete
    ffffd000`3cd61688 fffff801`02ab770e tdx!TdxTdiDispatchInternalDeviceControl+0x316e
    ffffd000`3cd616a8 fffff801`02aec4ac netbt!NBT_DEREFERENCE_DEVICE+0x5c
    ffffd000`3cd616c8 fffff801`02aec532 netbt!NBT_REFERENCE_DEVICE+0x62
    ffffd000`3cd616f8 fffff801`02af2947 netbt!NTSend+0x23b
    ffffd000`3cd61748 fffff801`02af2975 netbt!NbtDispatchInternalCtrl+0x20f5
    ffffd000`3cd61760 fffff801`0463c010 mrxsmb!WPP_GLOBAL_Control
    ffffd000`3cd61788 fffff801`016074d2 NETIO!NsipAccessCheck+0x216
    ffffd000`3cd617c8 fffff801`04614c75 mrxsmb!RxCeSubmitAsynchronousTdiRequest+0x6d
    ffffd000`3cd61808 fffff801`046151c2 mrxsmb!RxTdiSend+0x242
    ffffd000`3cd61848 fffff801`01c9ab18 tcpip!TcpNsiInterfaceDispatch
    ffffd000`3cd61888 fffff801`04643775 mrxsmb!RxCeSend+0x535
    ffffd000`3cd61938 fffff802`00d08180 nt!KiInitialPCR+0x180
    ffffd000`3cd61988 fffff801`0160a4b7 NETIO!NsiGetAllParameters+0x8f
    ffffd000`3cd619d8 fffff801`046437d8 mrxsmb!VctSend+0x48
    ffffd000`3cd61a28 fffff801`04605d2f mrxsmb!SmbCseSubmitBufferContext+0x37f
    ffffd000`3cd61b58 fffff801`01a9b51e mrxsmb20!Smb2Read_Start+0x1ae
    ffffd000`3cd61b98 fffff801`04607700 mrxsmb!SmbCeWaitForActiveObject+0x20
    ffffd000`3cd61ba8 fffff801`0460a701 mrxsmb!SmbCseFinalizeBufferContext+0x121
    ffffd000`3cd61bf0 fffff801`0463c010 mrxsmb!WPP_GLOBAL_Control
    ffffd000`3cd61c28 fffff801`04607226 mrxsmb!SmbCeInitiateExchange+0xa2b
    ffffd000`3cd61c88 fffff801`0460a1b9 mrxsmb!SmbCeInitializeExchange+0x369
    ffffd000`3cd61d08 fffff801`01ac6648 mrxsmb20!MRxSmb2Read+0xe4
    ffffd000`3cd61d48 fffff801`01abcd10 mrxsmb20!ReadDispatch
    ffffd000`3cd61d58 fffff801`0283a035 rdbss!RxLowIoSubmit+0x165
    ffffd000`3cd61d70 fffff801`0463cc80 mrxsmb!MRxSmbDispatch
    ffffd000`3cd61db8 fffff801`02845fa8 rdbss!RxLowIoReadShell+0xa0
    ffffd000`3cd61dd8 fffff801`02826010 rdbss!WPP_GLOBAL_Control
    ffffd000`3cd61df8 fffff802`0119d69a hal!HalpApicRequestInterrupt+0xea
    ffffd000`3cd61e50 fffff802`00d08180 nt!KiInitialPCR+0x180
    ffffd000`3cd61e68 fffff802`0119cff2 hal!HalRequestSoftwareInterrupt+0xd3
    ffffd000`3cd61e78 fffff802`011eb800 hal!HalpKInterruptHeap+0x800
    ffffd000`3cd61ee8 fffff801`01544a38 fltmgr!GetContextFromStreamList+0x168
    ffffd000`3cd61ef8 fffff802`00a86721 nt!IoGetStackLimits+0x15
    ffffd000`3cd61f00 fffff801`02844da0 rdbss!RxCommonRead
    ffffd000`3cd61f28 fffff801`02802895 rdbss!RxFsdCommonDispatch+0x10a5
    ffffd000`3cd61f48 fffff801`02826c80 rdbss!RxActiveContexts+0x80
    ffffd000`3cd61f58 fffff801`01547cf2 fltmgr!FltGetStreamContext+0x42
    ffffd000`3cd61fe0 fffff801`0281dbd0 rdbss!RxFsdDispatchVector
    ffffd000`3cd61ff8 fffff802`00b5c136 nt!KiSwapContext+0x76
    ffffd000`3cd62008 fffff801`02844da0 rdbss!RxCommonRead
    ffffd000`3cd62018 fffff801`02812270 rdbss!RxCancelRoutine
    ffffd000`3cd620a8 fffff802`00b5ab94 nt!KiInterruptDispatchLBControl+0x1a4
    ffffd000`3cd62100 fffff802`00a0b000 nt!_guard_check_icall_fptr <PERF> (nt+0x0)
    ffffd000`3cd62108 fffff802`00d08ca0 nt!KiInitialPCR+0xca0
    ffffd000`3cd62218 fffff802`00b90b59 nt! ?? ::FNODOBFM::`string'+0x27389
    ffffd000`3cd62248 fffff802`00d08180 nt!KiInitialPCR+0x180
    ffffd000`3cd62288 fffff802`00d08180 nt!KiInitialPCR+0x180
    ffffd000`3cd622e8 fffff802`00a71a81 nt!MiWaitForInPageComplete+0x27d
    ffffd000`3cd62358 fffff802`00ca8274 nt!ExFreePoolWithTag+0x274
    ffffd000`3cd62398 fffff802`00a9c0d6 nt!KiDeliverApc+0x166
    ffffd000`3cd62418 fffff802`00adee57 nt!KiCheckForKernelApcDelivery+0x23
    ffffd000`3cd62448 fffff802`00a35eaa nt!MmWaitForCacheManagerPrefetch+0xa6
    ffffd000`3cd62488 fffff802`00a6464d nt!CcFetchDataForRead+0xe5
    ffffd000`3cd624d8 fffff802`00db81f7 nt!CcMapAndCopyFromCache+0xc7
    ffffd000`3cd62518 fffff801`01f17306 mup!MupFastIoCheckIfPossible+0x7e
    ffffd000`3cd62568 fffff802`00a643fe nt!CcCopyReadEx+0x106
    ffffd000`3cd625d8 fffff802`00ea028f nt!CcCopyRead+0x23
    ffffd000`3cd62628 fffff802`00fb1ffb nt!CcFastCopyRead+0x2b
    ffffd000`3cd62678 fffff801`028462dd rdbss!RxFastCopyRead+0x2fd
    ffffd000`3cd626f8 fffff801`02803183 rdbss!RxIsThisTheTopLevelIrp+0x13
    ffffd000`3cd62718 fffff801`02826010 rdbss!WPP_GLOBAL_Control
    ffffd000`3cd62728 fffff801`02846750 rdbss!RxFastIoRead+0x120
    ffffd000`3cd62768 fffff801`01f0d501 mup!MupiUncProviderCompletion+0x41
    ffffd000`3cd62778 fffff801`01542215 fltmgr!FltpPerformPreCallbacks+0x475
    ffffd000`3cd627c8 fffff801`01f1739c mup!MupFastIoRead+0x80
    ffffd000`3cd62828 fffff801`01544f62 fltmgr!FltpPerformFastIoCall+0xc2
    ffffd000`3cd62830 fffff801`01f13840 mup!MupiFastIoDispatch
    ffffd000`3cd62888 fffff801`015457d6 fltmgr!FltpPassThroughFastIo+0x165
    ffffd000`3cd628e8 fffff801`0156c3af fltmgr!FltpFastIoRead+0x14f
    ffffd000`3cd62970 fffff801`0156c260 fltmgr!FltpFastIoRead
    ffffd000`3cd62998 fffff802`00da71c7 nt!NtReadFile+0x3f7
    ffffd000`3cd62a88 fffff802`00b64ab3 nt!KiSystemServiceCopyEnd+0x13
    ffffd000`3cd62af8 fffff802`00b64ab3 nt!KiSystemServiceCopyEnd+0x13
    ffffd000`3cd62ff8 00000000`00000000
    ffffd000`3cd63000 ????????`????????

    (Debugger Version 10.0.15063.468 AMD64)

    The actual crash occurred on the *host* when I was trialling Win 10 in a Vmware workstation 12.5.7 VM (Win 8.1 x64 host). That's strange to me, because I'd expect the VM not host to crash due to a Win 10 issue. However it clearly is related to the Win 10 VM, since none of the non-virtual drivers have had issues with WATCHDOG before now, and circumstantially that's all that was being used at the time and the bugcheck process was a VMX.

    Where do I go from here to narrow this down or to get a proper crash dump with a usable stack?

    Other relevant info:

    The host SATA drivers include IAStorA 12.9.4.1000, but they've been checked and given the all-clear at win-raid.com (a specialist SATA controller modding site that I'd trust on Intel RST compatibility issues). The VM had access to a single VMDK (no physical disks), a default network controller which was disconnected at boot, and a mapped disk which couldn't actually be accessed because the network controller was disabled. So I already suspect a network driver issue, which would match the output from dps.

    The bugcheck was a crash on the physical host, not the VM, and I'm not sure what to make of that either. The installer was a hash checked MSDN 1703 (March update) ISO. Crash dumps on the host are set to "Kernel memory dump", because a full dump of in-use memory would be ~ 40GB in most cases. There's nothing "strange" installed, and the VM had been in use without trouble for several hours, including software installs and other file access. The crash seemed to happen when I opened an Explorer or a save-as dialog, again this would trigger network driver activity. I could install 10 on a bare host HDD but I would like to trace this, so I'm not left wondering if it's waiting to happen again in daily use.
    Last edited by Stilez; 06 Jul 2017 at 07:48.
      My Computer
    Quote Quote

  3. zbook
    Posts : 41,460
    windows 10 professional version 1607 build 14393.969 64 bit
       New #2

    Please see the posting instructions to create a zip: BSOD - Posting Instructions - Windows 10 Forums
      My Computer
    Quote Quote

 

  Related Discussions
I ran into a problem with the Avast firewall blocking connections to my wifi hotspot. While trying out the suggested solutions I got BSOD "DPC Watchdog Violation" and then after a restarting and trying to connect again I got...
Hello. I'm in Windows 10 build SO 18363.476 and since that update a new error comes up: Kernel Event Tracing- error 3-The "ReadyBoot" session has stopped due to the following error: 0xC0000188 The first time the error comes up... it cause...
Bsod after installing paragon hfs4win driver. Wont boot into any mode, including safe mode. Only have the troubleshoot menu and the command prompt. Unfortunately i cant restore my system either. i get an error about 15 minutes after i start that...
I read somewhere if a dump file isn't created it's not a BSOD. I get this error surfing web or installing things. It is a newly built computer. I re-seated RAM and Video Card to test.
BSOD "KERNEL SECURITY CHECK" Dump provided
in BSOD Crashes and Debugging

Hello! After i installed BlueStacks Android Emulator i started to experience BSODs, i am not sure if it is Avast or BlueStacks fault. Would be awesome if someone experienced with that stuff could check these dumps and give an advise or tip.
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

 © Designer Media Ltd
All times are GMT -5. The time now is 12:08.
Find Us




Windows 10 Forums