Hi,
Sometime ago I asked a question about a problem with my KMDF USB driver
crashing the system when the device was removed in standby. I was asked to
post the stack trace of that crash.
I was not able to reproduce this problem on my test machine so i had to
reproduce it on my laptop.
When I did that the system did not break into the debugger on my other
machine (which I thought it was supposed to do) but I configured it to save
a kernel dump so I was able to analyze that.
I configured windbg to use the microsoft public symbol store, but it still
could not find the symbols for wdf01000.sys and usbhub.sys.
I am guessing with my limited crash dump knowledge that an exception is
generated in the usb hub driver which is never caught.
(see windbg analysis below)
Is there anything I can do to solve this problem or is this another case of
‘tough luck’
–
Kind regards,
Bruno van Dooren
xxxxx@hotmail.com
Remove only “_nos_pam”
kd> !analyze -v
*******************************************************************************
*
*
* Bugcheck Analysis
*
*
*
*******************************************************************************
SYSTEM_THREAD_EXCEPTION_NOT_HANDLED (7e)
This is a very common bugcheck. Usually the exception address pinpoints
the driver/function that caused the problem. Always note this address
as well as the link date of the driver/image that contains this address.
Arguments:
Arg1: c0000005, The exception code that was not handled
Arg2: f7813371, The address that the exception occurred at
Arg3: f7b369cc, Exception Record Address
Arg4: f7b366c8, Context Record Address
Debugging Details:
***** Kernel symbols are WRONG. Please fix symbols to do analysis.
*************************************************************************
*** ***
*** ***
*** Your debugger is not using the correct symbols ***
*** ***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!_KPRCB ***
*** ***
*************************************************************************
FAULTING_MODULE: 804d7000 nt
DEBUG_FLR_IMAGE_TIMESTAMP: 438e21be
EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - The instruction at “0x%08lx”
referenced memory at “0x%08lx”. The memory could not be “%s”.
FAULTING_IP:
usbhub+c371
f7813371 8908 mov [eax],ecx
EXCEPTION_RECORD: f7b369cc – (.exr fffffffff7b369cc)
ExceptionAddress: f7813371 (usbhub+0x0000c371)
ExceptionCode: c0000005 (Access violation)
ExceptionFlags: 00000000
NumberParameters: 2
Parameter[0]: 00000001
Parameter[1]: 00000107
Attempt to write to address 00000107
CONTEXT: f7b366c8 – (.cxr fffffffff7b366c8)
eax=00000107 ebx=82d60104 ecx=82e69f5c edx=82e69f5c esi=82e69ce8
edi=8293c3e8
eip=f7813371 esp=f7b36a94 ebp=f7b36aac iopl=0 nv up ei pl nz ac pe
cy
cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000
efl=00010213
usbhub+0xc371:
f7813371 8908 mov [eax],ecx
ds:0023:00000107=???
Resetting default scope
DEFAULT_BUCKET_ID: DRIVER_FAULT
BUGCHECK_STR: 0x7E
LAST_CONTROL_TRANSFER: from f78134b2 to f7813371
STACK_TEXT:
WARNING: Stack unwind information not available. Following frames may be
wrong.
f7b36aac f78134b2 82962cc0 00000100 8293c3e8 usbhub+0xc371
f7b36ac8 f7813727 8293c3e8 82962cc0 82962cc0 usbhub+0xc4b2
f7b36ae8 f780b97b 82962d78 82962cc0 00000002 usbhub+0xc727
f7b36b08 f78091d8 8293c3e8 82962cc0 f7b36b3c usbhub+0x497b
f7b36b18 804e37f7 8293c330 82962cc0 82962d78 usbhub+0x21d8
f7b36b3c 80507adf 82962d78 82962cc0 82962d94 nt!IofCallDriver+0x32
f7b36b5c ed4da316 8293c330 8293c518 82962d9c nt!PoCallDriver+0xa2
f7b36b7c ed4da3b9 f7b36bb8 8293ca00 ed4ec730 Wdf01000+0x52316
f7b36b90 ed4da3ee 82962d9c f7b36bbc ed4cd8d9 Wdf01000+0x523b9
f7b36b9c ed4cd8d9 8293ca00 f7b36bb8 00000000 Wdf01000+0x523ee
f7b36bbc ed4b8df7 82962cc0 f7b36be4 ed4b8eb6 Wdf01000+0x458d9
f7b36bc8 ed4b8eb6 8294d980 82962cc0 8055ff68 Wdf01000+0x30df7
f7b36be4 804e37f7 8294d980 82962cc0 82962d9c Wdf01000+0x30eb6
f7b36c08 80507adf 82962d9c 82962cc0 82962dc0 nt!IofCallDriver+0x32
f7b36c28 80507cb0 8294d980 8294da50 ed4ee1e8 nt!PoCallDriver+0xa2
f7b36c44 ed4d8e3b 8294d980 00000002 00000001 nt!PoRequestPowerIrp+0x106
f7b36c7c ed4d92f1 00000001 00000001 f7b36d04 Wdf01000+0x50e3b
f7b36c8c ed4d8594 8293ca00 ed4eda10 8293ca00 Wdf01000+0x512f1
f7b36d04 ed4d9127 0000052d 8293cb74 8293ca00 Wdf01000+0x50594
f7b36d2c ed4d95c6 806ed0b8 8293cb68 f7b36d58 Wdf01000+0x51127
f7b36d3c ed4d9be1 8293ca00 82c27c38 8294d980 Wdf01000+0x515c6
f7b36d58 ed4d9c7d f7b36d74 80563790 8294d980 Wdf01000+0x51be1
f7b36d60 80563790 8294d980 8293cb68 8056147c Wdf01000+0x51c7d
f7b36d74 804e426b 82c27c38 00000000 82fc43c8 nt!SeDeleteAccessState+0x3f2
f7b36dac 8057be15 82c27c38 00000000 00000000 nt!ExQueueWorkItem+0x104
f7b36ddc 804fa4da 804e4196 00000001 00000000 nt!PsCreateSystemThread+0x70
00000000 00000000 00000000 00000000 00000000 nt!KeInitializeTimer+0x107
FOLLOWUP_IP:
Wdf01000+52316
ed4da316 5f pop edi
FAULTING_SOURCE_CODE:
SYMBOL_STACK_INDEX: 7
FOLLOWUP_NAME: MachineOwner
SYMBOL_NAME: Wdf01000+52316
MODULE_NAME: Wdf01000
IMAGE_NAME: Wdf01000.sys
STACK_COMMAND: .cxr 0xfffffffff7b366c8 ; kb
BUCKET_ID: WRONG_SYMBOLS