Bluescreen for bugcheck 0x00000133 in Windows 8.1

So I am running into an issue where my computer has started repeatedly crashing due to bugcheck 0x00000133 errors. I found the following thread, but I have neither Symantec or NVidia on my system:


http://answers.microsoft.com/en-us/windows/forum/windows_8-performance/blue-screen-for-bugcheck-0x00000133-windows-8-64/5512ff65-3819-429e-9975-9f9ec39b419d


I've included all the information requested in the previous thread though at this skydrive link: http://sdrv.ms/IbXHFw


It includes:

- Administrative event logs

- C:/Windows/Minidump

- Memory.dmp

- Msinfo32


There's also a zip file in there with everything excluding Memory.dmp for easier downloading.


The minidump is only from an automatic minidump. I've switched it to small dump (256k) and will upload those results if it crashes again.


Any help would be appreciated!

Mike

 

Question Info


Last updated September 12, 2018 Views 42,410 Applies to:
Answer
Hi Mike,

The attached DMP file is of the DPC_WATCHDOG_VIOLATION (133) bug check.

This bug check indicates that the DPC watchdog executed, either because it detected a single long-running deferred procedure call (DPC), or because the system spent a prolonged time at an interrupt request level (IRQL) of DISPATCH_LEVEL or above.

If we take a look at the call stack (warning, it's quite large):

6: kd> kv
Child-SP          RetAddr           : Args to Child                                                           : Call Site
ffffd000`210ffe38 fffff801`1fb74fc2 : 00000000`00000133 00000000`00000001 00000000`00001e00 00000000`00000000 : nt!KeBugCheckEx
ffffd000`210ffe40 fffff801`1fa5781b : fffff801`1fca8e00 ffffd000`210c7180 00000000`00000f43 ffffd000`20eb0c80 : nt! ?? ::FNODOBFM::`string'+0x13e32
ffffd000`210ffed0 fffff801`1fbd6393 : ffffe000`00401700 ffffd000`210c7180 fffff801`00400a02 fffff800`01728410 : nt!KiUpdateRunTime+0x57
ffffd000`210fff10 fffff801`2018af85 : 00000000`00000002 fffff800`01728410 00000000`00000000 00000000`00000002 : nt!KeClockInterruptNotify+0xe3
ffffd000`210fff40 fffff801`1fa99343 : ffffd000`21ed3ec0 fffff801`1fb05cd3 ffffd000`00000000 00000000`00000000 : hal!HalpTimerClockIpiRoutine+0x15
ffffd000`210fff70 fffff801`1fb5212a : ffffe000`00401700 fffff800`01728410 00000000`00000000 00000000`00000002 : nt!KiCallInterruptServiceRoutine+0xa3
ffffd000`210fffb0 fffff801`1fb5250f : fffff800`01728410 00000000`74a295a9 fffff800`01728410 00001f80`00a80280 : nt!KiInterruptSubDispatchNoLockNoEtw+0xea (TrapFrame @ ffffd000`210ffe70)
ffffd000`21ed3e40 fffff801`1fa97e03 : 00000000`00000001 00000000`00010008 ffffe000`05ea2ee0 ffffe000`031b6f20 : nt!KiInterruptDispatchLBControl+0x11f (TrapFrame @ ffffd000`21ed3e40)
ffffd000`21ed3fd0 fffff801`1fa97dc2 : 00000000`00000002 ffffe000`06750570 ffffe000`05afe060 00000000`00000000 : nt!KxWaitForSpinLockAndAcquire+0x23
ffffd000`21ed4000 fffff800`016f4ef4 : 00000000`00000002 ffffd000`210c7180 ffffe000`03a8e880 00000000`5874624e : nt!KeAcquireSpinLockRaiseToDpc+0x32
ffffd000`21ed4030 fffff801`1faaaf08 : ffffe000`06750570 ffffd000`21ed4139 ffffe000`06750500 ffffd000`21ed4b00 : netbt!TdiSendDatagramCompletion+0x174
ffffd000`21ed4090 fffff800`016c7add : ffffe000`026d2b50 fffff800`00aa1002 00000000`00000030 00000001`42786454 : nt!IopfCompleteRequest+0x438
ffffd000`21ed41a0 fffff800`00ccc242 : 00000000`00000000 ffffe000`00ad14e0 00000000`00000000 ffffe000`054a37e8 : tdx!TdxMessageTlRequestComplete+0xed
ffffd000`21ed41f0 fffff800`00749224 : 00000000`00000000 00000000`00000001 00000000`00000000 00000000`00000001 : tcpip!UdpSendMessagesDatagramsComplete+0xe2
ffffd000`21ed4250 fffff800`00d1e5bb : ffffe000`05801070 ffffe000`05afba01 00000000`00000000 ffffe000`00ad12d0 : NETIO!NetioDereferenceNetBufferListChain+0xe4
ffffd000`21ed4310 fffff800`00a971b5 : 00000000`00000000 ffffd000`21ed43a9 00000000`00000001 fffff800`00000000 : tcpip!FlSendNetBufferListChainComplete+0x5b
ffffd000`21ed4340 fffff800`00a9678b : ffffe000`03eed1a0 ffffe000`00ad12d0 ffffe000`00000001 fffff800`00a9ec01 : ndis!ndisMSendCompleteNetBufferListsInternal+0x135
ffffd000`21ed4410 fffff800`01aa3cb6 : ffffe000`03eed1a0 ffffe000`009d6030 ffffe000`009d6030 00000000`00000000 : ndis!NdisMSendNetBufferListsComplete+0x2bb
ffffd000`21ed4580 fffff800`00a971b5 : ffffe000`03ee8000 ffffe000`00000001 ffffe000`0310ec02 ffffe000`009d6030 : NdisImPlatform!implatSendNetBufferListsComplete+0x18a
ffffd000`21ed4600 fffff800`00a9678b : ffffe000`059351a0 ffffe000`009d6030 ffffe000`00000001 fffff800`00a9ec01 : ndis!ndisMSendCompleteNetBufferListsInternal+0x135
ffffd000`21ed46d0 fffff800`02c490c2 : ffffe000`059351a0 ffffe000`009d6030 ffffe000`05ae52c0 00000000`00000000 : ndis!NdisMSendNetBufferListsComplete+0x2bb
ffffd000`21ed4840 fffff800`02c47dc6 : ffffe000`009d6190 ffffe000`01d7bad0 ffffe000`01d7bad0 ffffe000`05ae52c0 : Hamdrv+0x30c2
ffffd000`21ed4880 fffff800`00b23e58 : 00000000`00000001 ffffd000`21ed4b80 00000000`00000000 ffffe000`01d7bb02 : Hamdrv+0x1dc6
ffffd000`21ed48e0 fffff801`1fda9995 : 00000000`00000001 00000000`00000000 00000000`00000000 00000000`00000000 : ndis!ndisDummyIrpHandler+0x88
ffffd000`21ed4910 fffff801`1fb5c4b3 : 00000000`00000000 ffffd000`21ed4ad8 00000000`00000000 00000000`00fb6d00 : nt!NtReadFile+0x7d5
ffffd000`21ed4a90 00007ffc`75d565da : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x13 (TrapFrame @ ffffd000`21ed4b00)
00000000`0147fcf8 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x00007ffc`75d565da


We can see a slew of network related calls being made.... NETIO, ndis, tcpip, etc. With this said, we are likely dealing with something causing network related conflicts. I have bolded what I am interested in.

So at the very bottom (you read bottom to top) we can see two Hamdrv.sys calls, which is in regards to the LogMeIn Hamachi Virtual Network Adapter. At this specific time of crash, were you doing anything remotely? If not, it may be on startup likely and it just made a call.

I would actually for temporary troubleshooting purposes recommend going ahead and removing the LogMeIn software. You can use Teamviewer or something as a replacement in the meantime if you truly need remote software at this very moment.

---------------------------------------------------------------

If you're still crashing after the above, let's go ahead and enable Driver Verifer:

Driver Verifier:

What is Driver Verifier?

Driver Verifier is included in Windows 8, 7, Windows Server 2008 R2, Windows Vista, Windows Server 2008, Windows 2000, Windows XP, and Windows Server 2003 to promote stability and reliability; you can use this tool to troubleshoot driver issues. Windows kernel-mode components can cause system corruption or system failures as a result of an improperly written driver, such as an earlier version of a Windows Driver Model (WDM) driver.

Essentially, if there's a 3rd party driver believed to be at issue, enabling Driver Verifier will help flush out the rogue driver if it detects a violation.

Before enabling Driver Verifier, it is recommended to create a System Restore Point:

Vista - START | type rstrui - create a restore point
Windows 7 - START | type create | select "Create a Restore Point"
Windows 8 - http://www.eightforums.com/tutorials/4690-restore-point-create-windows-8-a.html

How to enable Driver Verifier:

Start > type "verifier" without the quotes > Select the following options -

1. Select - "Create custom settings (for code developers)"
2. Select - "Select individual settings from a full list"
3. Check the following boxes -
- Special Pool
- Pool Tracking
- Force IRQL Checking
- Deadlock Detection
- Security Checks (Windows 7 & 8)
- DDI compliance checking (Windows 8)
- Miscellaneous Checks
4. Select  - "Select driver names from a list"
5. Click on the "Provider" tab. This will sort all of the drivers by the provider.
6. Check EVERY box that is [B]NOT[/B] provided by Microsoft / Microsoft Corporation.
7. Click on Finish.
8. Restart.

Important information regarding Driver Verifier:

- If Driver Verifier finds a violation, the system will BSOD.

- After enabling Driver Verifier and restarting the system, depending on the culprit, if for example the driver is on start-up, you may not be able to get back into normal Windows because Driver Verifier will flag it, and as stated above, that will cause / force a BSOD.

If this happens, do not panic, do the following:

- Boot into Safe Mode by repeatedly tapping the F8 key during boot-up.

- Once in Safe Mode - Start > type "system restore" without the quotes.

- Choose the restore point you created earlier.
If you did not set up a restore point, do not worry, you can still disable Driver Verifier to get back into normal Windows:

- Start > Search > type "cmd" without the quotes.

- To turn off Driver Verifier, type in cmd "verifier /reset" without the quotes.
・    Restart and boot into normal Windows.

How long should I keep Driver Verifier enabled for?

It varies, many experts and analysts have different recommendations. Personally, I recommend keeping it enabled for at least 24 hours. If you don't BSOD by then, disable Driver Verifier.

My system BSOD'd, where can I find the crash dumps?

They will be located in %systemroot%\Minidump

Any other questions can most likely be answered by this article:
http://support.microsoft.com/kb/244617

Regards,

Patrick
Debugger/Reverse Engineer.

1 person was helped by this reply

·

Did this solve your problem?

Sorry this didn't help.

Great! Thanks for marking this as the answer.

How satisfied are you with this reply?

Thanks for your feedback, it helps us improve the site.

How satisfied are you with this response?

Thanks for your feedback.