Dear All,
I complied and installed Bluetooth Echo L2CAP Profile Driver (BthEchoSampleSrv.sys) from below mentioned link.
https://code.msdn.microsoft.com/windowshardware/Bluetooth-Echo-Sample-6f0a62d6
It installed and i am able to test the functionality.
But when i try to uninstall this driver from device manager i get BSOD every time.
Below is the crash dump from windbg.
Has anyone face this issue and if yes how do i resolve this issue?
Microsoft (R) Windows Debugger Version 6.3.9600.16384 AMD64
Copyright (c) Microsoft Corporation. All rights reserved.
Loading Dump File [C:\Windows\MEMORY.DMP]
Kernel Bitmap Dump File: Only kernel address space is available
************* Symbol Path validation summary **************
Response Time (ms) Location
Deferred symsrv*symsrv.dll*d:\localsymbols*http://msdl.microsoft.com/download/symbols
Symbol search path is: symsrv*symsrv.dll*d:\localsymbols*http://msdl.microsoft.com/download/symbols
Executable search path is:
Windows 8 Kernel Version 9600 MP (4 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 9600.16404.amd64fre.winblue_gdr.130913-2141
Machine Name:
Kernel base = 0xfffff802ea009000 PsLoadedModuleList = 0xfffff802
ea2cd990
Debug session time: Wed Feb 4 12:13:31.642 2015 (UTC + 5:30)
System Uptime: 0 days 0:10:02.450
Loading Kernel Symbols
…
…
…
Loading User Symbols
Loading unloaded module list
…
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
Use !analyze -v to get detailed debugging information.
BugCheck C4, {dd, fffff80002fb44d3, fffff80002fab000, ffffe00003c757e0}
Probably caused by : BthEchoSampleSrv.sys ( BthEchoSampleSrv!WppInitKm+4b )
Followup: MachineOwner
3: kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
DRIVER_VERIFIER_DETECTED_VIOLATION (c4)
A device driver attempting to corrupt the system has been caught. This is
because the driver was specified in the registry as being suspect (by the
administrator) and the kernel has enabled substantial checking of this driver.
If the driver attempts to corrupt the system, bugchecks 0xC4, 0xC1 and 0xA will
be among the most commonly seen crashes.
Arguments:
Arg1: 00000000000000dd, Unloading driver that forgot to call EtwUnregister.
Arg2: fffff80002fb44d3, Address where the culprit driver called EtwRegister.
Arg3: fffff80002fab000, Start address of the culprit driver.
Arg4: ffffe00003c757e0, Address of the leaked ETW_REG_ENTRY structure.
Debugging Details:
OVERLAPPED_MODULE: Address regions for ‘BthEchoSampleSrv’ and ‘mfeavfk01.sys’ overlap
BUGCHECK_STR: 0xc4_dd
IMAGE_NAME: BthEchoSampleSrv.sys
DEBUG_FLR_IMAGE_TIMESTAMP: 54d1beff
MODULE_NAME: BthEchoSampleSrv
FAULTING_MODULE: fffff80002fab000 BthEchoSampleSrv
FAULTING_IP:
BthEchoSampleSrv!WppInitKm+4b [d:\winbt\org-l2cap-driver\c++\bthsrv\sys\x64\win8.1release\driver.tmh @ 1725]
fffff800`02fb44d3 488b5b10 mov rbx,qword ptr [rbx+10h]
FOLLOWUP_IP:
BthEchoSampleSrv!WppInitKm+4b [d:\winbt\org-l2cap-driver\c++\bthsrv\sys\x64\win8.1release\driver.tmh @ 1725]
fffff800`02fb44d3 488b5b10 mov rbx,qword ptr [rbx+10h]
DEFAULT_BUCKET_ID: WIN8_DRIVER_FAULT
PROCESS_NAME: System
CURRENT_IRQL: 2
ANALYSIS_VERSION: 6.3.9600.16384 (debuggers(dbg).130821-1623) amd64fre
LAST_CONTROL_TRANSFER: from fffff802ea6756a8 to fffff802ea156ca0
STACK_TEXT:
ffffd0002089b488 fffff802
ea6756a8 : 00000000000000c4 00000000
000000dd fffff80002fb44d3 fffff800
02fab000 : nt!KeBugCheckEx
ffffd0002089b490 fffff802
ea67989c : fffff80002fab000 ffffe000
0475ae40 0000000000000015 00000000
ffffffff : nt!VerifierBugCheckIfAppropriate+0x3c
ffffd0002089b4d0 fffff802
ea1b1cd5 : 0000000000000000 ffffe000
0007cc30 0000000000000001 ffffe000
04f60e10 : nt!ViTargetRemovingCheckEtwWmi+0x70
ffffd0002089b510 fffff802
ea667060 : fffff802ea2b2d50 fffff802
ea2b2d50 ffffe0000475ae40 00000000
00000000 : nt! ?? ::FNODOBFM::string'+0x4ab45 ffffd000
2089b5a0 fffff802ea4da6c2 : 00000000
00000000 ffffe0000475ae40 ffffc000
0d32d7d0 ffffe000021d67b0 : nt!VfDriverUnloadImage+0x34 ffffd000
2089b5d0 fffff802ea4da62c : 00000000
00000000 ffffe0000475ae40 ffffe000
021d67b0 ffffe000021d67b0 : nt!MiUnloadSystemImage+0x7e ffffd000
2089b650 fffff802ea4da574 : 00000000
00000000 ffffe00000185dc0 ffffe000
021d67b0 ffffe00076697244 : nt!MmUnloadSystemImage+0x20 ffffd000
2089b680 fffff802ea3a8cb8 : 00000000
00000000 ffffe000021d67b0 ffffe000
00185dc0 ffffe000021c1550 : nt!IopDeleteDriver+0x40 ffffd000
2089b6c0 fffff802ea06915f : 00000000
00000000 ffffe000021c1550 ffffe000
021d67b0 ffffe000021c1520 : nt!ObpRemoveObjectRoutine+0x64 ffffd000
2089b720 fffff802ea48e147 : ffffe000
021c1550 ffffe00000185f20 ffffd000
2089b650 ffffe00000000004 : nt!ObfDereferenceObject+0x8f ffffd000
2089b760 fffff802ea3a8cb8 : ffffcf80
03720fd0 0000000000000030 ffffe000
0503f080 ffffe00002082930 : nt!IopDeleteDevice+0x47 ffffd000
2089b790 fffff802ea06915f : 00000000
00000000 0000000000000000 ffffe000
021c1550 ffffe00002082920 : nt!ObpRemoveObjectRoutine+0x64 ffffd000
2089b7f0 fffff802ea0f2395 : ffffe000
0503fd30 ffffe0000b2aaeb0 ffffe000
0502d360 0000000000000001 : nt!ObfDereferenceObject+0x8f ffffd000
2089b830 fffff802ea490af9 : ffffe000
0503f080 ffffe0000503fd30 ffffc000
0d816350 ffffe0000503f080 : nt!PnpRemoveLockedDeviceNode+0x245 ffffd000
2089b890 fffff802ea490a72 : 00000000
00000000 ffffc0000d816350 ffffe000
0503fd30 000000003f051397 : nt!PnpDeleteLockedDeviceNode+0x4d ffffd000
2089b8d0 fffff802ea48fc7f : ffffe000
0503f080 ffffd00000000002 00000000
00000000 0000000000000000 : nt!PnpDeleteLockedDeviceNodes+0x9a ffffd000
2089b950 fffff802ea4341fd : ffffc000
0d1f8600 0000000000000001 ffffc000
00000000 ffffe000ffffffff : nt!PnpProcessQueryRemoveAndEject+0x4ef ffffd000
2089bab0 fffff802ea434537 : ffffc000
0d1f86d0 0000000000000000 00000000
00000000 fffff802ea434218 : nt!PnpProcessTargetDeviceEvent+0x9d ffffd000
2089baf0 fffff802ea04365d : fffff802
ea434218 ffffc0000d8299d0 ffffd000
2089bbd0 ffffe00002194be0 : nt!PnpDeviceEventWorker+0x31f ffffd000
2089bb50 fffff802ea0ecc80 : 00000000
00000000 ffffe00001a02040 ffffe000
01a02040 ffffe0000008f040 : nt!ExpWorkerThread+0x2b5 ffffd000
2089bc00 fffff802ea15d2c6 : fffff802
ea2f7180 ffffe00001a02040 fffff802
ea34fa80 0000000000000000 : nt!PspSystemThreadStartup+0x58 ffffd000
2089bc60 0000000000000000 : ffffd000
2089c000 ffffd00020896000 00000000
00000000 00000000`00000000 : nt!KiStartSystemThread+0x16
STACK_COMMAND: .bugcheck ; kb
FAULTING_SOURCE_LINE: d:\winbt\org-l2cap-driver\c++\bthsrv\sys\x64\win8.1release\driver.tmh
FAULTING_SOURCE_FILE: d:\winbt\org-l2cap-driver\c++\bthsrv\sys\x64\win8.1release\driver.tmh
FAULTING_SOURCE_LINE_NUMBER: 1725
FAULTING_SOURCE_CODE:
1721: if (!NT_SUCCESS(Status)) {
1722: WppDebug(0,(“EtwRegisterClassicProvider Status = %d, ControlBlock = %p.\n”, Status, WppReg));
1723: }
1724:
1725: WppReg = WppReg->Next;
1726: }
1727:
1728: } else if (WppTraceWinXP == WPPTraceSuite) {
1729:
1730:
SYMBOL_NAME: BthEchoSampleSrv!WppInitKm+4b
FOLLOWUP_NAME: MachineOwner
BUCKET_ID_FUNC_OFFSET: 4b
FAILURE_BUCKET_ID: 0xc4_dd_VRF_BthEchoSampleSrv!WppInitKm
BUCKET_ID: 0xc4_dd_VRF_BthEchoSampleSrv!WppInitKm
ANALYSIS_SOURCE: KM
FAILURE_ID_HASH_STRING: km:0xc4_dd_vrf_bthechosamplesrv!wppinitkm
FAILURE_ID_HASH: {ecb13fdf-a6f3-62cf-2684-89b3b82c1455}