pnp tests failed in usbscan.sys


W

woodhead99

hi,
I'm doing winqual tests on our usb device. the device driver
is usbscan.sys, provided and signed by MS. i did a seperate test
outside the DTM studio, with pnptest.exe, and always ended up with
BSOD when executing TestRebalance--->failrestart. The dump file
indicates usbscan tries to free a memory block with wrong tag.
Anyone have some ideas? Is the test path not a requirement in
the standard submission, and i can ignore it?
woodhead
 
Ad

Advertisements

W

woodhead99

here is a dump analysis by windbg:

kd> !analyze -v
*******************************************************************************
*
*
* Bugcheck
Analysis *
*
*
*******************************************************************************

BAD_POOL_CALLER (c2)
The current thread is making a bad pool request. Typically this is at
a bad IRQL level or double freeing the same allocation, etc.
Arguments:
Arg1: 00000007, Attempt to free pool which was already freed
Arg2: 00000cd4, (reserved)
Arg3: 02110008, Memory contents of the pool block
Arg4: 856c81d8, Address of the block of pool being deallocated

Debugging Details:
------------------


POOL_ADDRESS: 856c81d8 Nonpaged pool

FREED_POOL_TAG: STIU

BUGCHECK_STR: 0xc2_7_STIU

DEFAULT_BUCKET_ID: DRIVER_FAULT

LAST_CONTROL_TRANSFER: from 80544e86 to 804f9aef

STACK_TEXT:
f7a40a64 80544e86 000000c2 00000007 00000cd4 nt!KeBugCheckEx+0x1b
f7a40ab4 80545277 856c81d8 00000000 f7a40ae4 nt!ExFreePoolWithTag
+0x2a0
f7a40ac4 f28bcb77 856c81d8 85851838 856190e8 nt!ExFreePool+0xf
f7a40ae4 804eefe3 8579b630 00000001 85760b60 usbscan!USPnp+0x247
f7a40af4 f79055a5 85760b60 f7a40b1c f7905a00 nt!IopfCallDriver+0x31
WARNING: Stack unwind information not available. Following frames may
be wrong.
f7a40b00 f7905a00 85760aa8 8566e618 8566e618 pnpfiltr+0x5a5
f7a40b1c f790756d 85760aa8 8566e618 8566e73c pnpfiltr+0xa00
f7a40b34 804eefe3 85760aa8 8566e618 f7a40bc0 pnpfiltr+0x256d
f7a40b44 80588021 85b41030 85b41030 00000002 nt!IopfCallDriver+0x31
f7a40b70 80588145 85760aa8 f7a40b9c 00000000 nt!IopSynchronousCall
+0xb7
f7a40bc4 804f6d12 85b41030 00000002 00000000 nt!IopRemoveDevice+0x93
f7a40bec 80589c56 e3049fc8 0000000a e102c800 nt!
IopRemoveLockedDeviceNode+0x160
f7a40c04 80589cbd 857010a8 00000002 e102c800 nt!
IopDeleteLockedDeviceNode+0x34
f7a40c38 80589d61 85b41030 0202c800 00000002 nt!
IopDeleteLockedDeviceNodes+0x3f
f7a40c68 80589e6d 85239230 00000000 85760c20 nt!IopDelayedRemoveWorker
+0x4b
f7a40c80 804f44f1 85b41030 00000001 e325db50 nt!
IopChainDereferenceComplete+0xd9
f7a40cac 8058fba6 852426a8 00000001 00000000 nt!
IopNotifyPnpWhenChainDereferenced+0xa1
f7a40d34 8058fbf0 f7a40d70 806d1778 e325db50 nt!
PiProcessQueryRemoveAndEject+0x9e4
f7a40d50 8058fd49 f7a40d70 85237d00 8055b3fc nt!
PiProcessTargetDeviceEvent+0x2a
f7a40d74 80534fe6 85237d00 00000000 85bb6020 nt!PiWalkDeviceList+0xfd
f7a40dac 805c5cce 85237d00 00000000 00000000 nt!ExpWorkerThread+0x100
f7a40ddc 805421c2 80534ee6 00000001 00000000 nt!PspSystemThreadStartup
+0x34
00000000 00000000 00000000 00000000 00000000 nt!KiThreadStartup+0x16


FOLLOWUP_IP:
usbscan!USPnp+247
f28bcb77 832600 and dword ptr [esi],0x0

SYMBOL_STACK_INDEX: 3

FOLLOWUP_NAME: MachineOwner

SYMBOL_NAME: usbscan!USPnp+247

MODULE_NAME: usbscan

IMAGE_NAME: usbscan.sys

DEBUG_FLR_IMAGE_TIMESTAMP: 41107b14

STACK_COMMAND: kb

FAILURE_BUCKET_ID: 0xc2_7_STIU_usbscan!USPnp+247

BUCKET_ID: 0xc2_7_STIU_usbscan!USPnp+247

Followup: MachineOwner
---------
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Top