Microsoft (R) Windows Debugger Version 6.2.8400.0 X86
Copyright (c) Microsoft Corporation. All rights reserved.

Loading Dump File [C:\dump\MEMORY.DMP]
Kernel Summary Dump File: Only kernel address space is available

Symbol search path is: srv*
Executable search path is:
Windows 7 Kernel Version 7600 MP (8 procs) Free x64
Product: LanManNt, suite: TerminalServer SingleUserTS
Built by: 7600.16385.amd64fre.win7_rtm.090713-1255
Machine Name:
Kernel base = 0xfffff800`0185e000 PsLoadedModuleList = 0xfffff800`01a9be50
Debug session time: Mon Jul 16 14:24:49.415 2012 (UTC + 8:00)
System Uptime: 283 days 3:55:02.586
Loading Kernel Symbols
...............................................................
................................................................
....................
Loading User Symbols

Loading unloaded module list
..................................................
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck CA, {1, fffffa800be97440, fffffa800c237440, 0}

Probably caused by : usbhub.sys

Followup: MachineOwner
---------

4: kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************

PNP_DETECTED_FATAL_ERROR (ca)
PnP encountered a severe error, either as a result of a problem in a driver or
a problem in PnP itself. The first argument describes the nature of the
problem, the second argument is the address of the PDO. The other arguments
vary depending on argument 1.
Arguments:
Arg1: 0000000000000001, Duplicate PDO
A specific instance of a driver has enumerated multiple PDOs with
identical device id and unique ids.
Arg2: fffffa800be97440, Newly reported PDO.
Arg3: fffffa800c237440, PDO of which it is a duplicate.
Arg4: 0000000000000000

Debugging Details:
------------------

BUGCHECK_STR: 0xCA_1

DEVICE_OBJECT: fffffa800be97440

DRIVER_OBJECT: fffffa8005456b50

IMAGE_NAME: usbhub.sys

DEBUG_FLR_IMAGE_TIMESTAMP: 4a5bcc2d

MODULE_NAME: usbhub

FAULTING_MODULE: fffff88004524000 usbhub

DEFAULT_BUCKET_ID: WIN7_DRIVER_FAULT

PROCESS_NAME: System

CURRENT_IRQL: 0

LOCK_ADDRESS: fffff80001ad2400 -- (!locks fffff80001ad2400)

Resource @ nt!PiEngineLock (0xfffff80001ad2400) Exclusively owned
Contention Count = 176
Threads: fffffa80036cd680-01<*>
1 total locks, 1 locks currently held

PNP_TRIAGE:
Lock address : 0xfffff80001ad2400
Thread Count : 1
Thread address: 0xfffffa80036cd680
Thread wait : 0x5d7a082e

LAST_CONTROL_TRANSFER: from fffff80001cbb117 to fffff800018cff00

STACK_TEXT:
fffff880`0219e778 fffff800`01cbb117 : 00000000`000000ca 00000000`00000001 fffffa80`0be97440 fffffa80`0c237440 : nt!KeBugCheckEx
fffff880`0219e780 fffff800`01cbbef8 : fffffa80`03ea3290 fffffa80`14f13010 fffffa80`03ea3290 00000000`00000001 : nt!PiProcessNewDeviceNode+0x587
fffff880`0219e950 fffff800`01cbc438 : fffff800`01acfd80 00000000`00000000 00000000`00000001 fffff800`01b3c71c : nt!PipProcessDevNodeTree+0x2e8
fffff880`0219ebc0 fffff800`019d0347 : 00000001`00000003 00000000`00000000 00000000`00000001 00000000`00000000 : nt!PiProcessReenumeration+0x98
fffff880`0219ec10 fffff800`018dd161 : fffff800`019d0020 fffff800`01bc9501 fffffa80`036cd600 fffffa80`036cd680 : nt!PnpDeviceActionWorker+0x327
fffff880`0219ecb0 fffff800`01b73166 : 00000000`00000000 fffffa80`036cd680 00000000`00000080 fffffa80`036c0040 : nt!ExpWorkerThread+0x111
fffff880`0219ed40 fffff800`018ae486 : fffff880`01f3c180 fffffa80`036cd680 fffff880`01f470c0 00000000`00000000 : nt!PspSystemThreadStartup+0x5a
fffff880`0219ed80 00000000`00000000 : fffff880`0219f000 fffff880`02199000 fffff880`0219e9f0 00000000`00000000 : nt!KiStartSystemThread+0x16

STACK_COMMAND: kb

FOLLOWUP_NAME: MachineOwner

FAILURE_BUCKET_ID: X64_0xCA_1_IMAGE_usbhub.sys

BUCKET_ID: X64_0xCA_1_IMAGE_usbhub.sys

Followup: MachineOwner
---------

4: kd> !devobj fffffa800be97440 f
Device object (fffffa800be97440) is for:
USBPDO-10 \Driver\usbhub DriverObject fffffa8005456b50
Current Irp 00000000 RefCount 0 Type 00000022 Flags 00003040
Dacl fffff9a100064f51 DevExt fffffa800be97590 DevObjExt fffffa800be97f90 DevNode fffffa8014f13010
ExtensionFlags (0x00000810) DOE_START_PENDING, DOE_DEFAULT_SD_PRESENT
Characteristics (0000000000)
Device queue is not busy.
4: kd> !drvobj fffffa8005456b50 f
Driver object (fffffa8005456b50) is for:
\Driver\usbhub
Driver Extension List: (id , addr)

Device Object list:
fffffa800be97440 fffffa8014e13440 fffffa800c237440 fffffa80055e7060
fffffa800559b060 fffffa8005480050 fffffa8005478050 fffffa8005470050
fffffa8005468050 fffffa8005460050 fffffa8005458050

DriverEntry: fffff88004571064 usbhub!GsDriverEntry
DriverStartIo: 00000000
DriverUnload: fffff8800454a5ec usbhub!UsbhDriverUnload
AddDevice: fffff8800454a70c usbhub!UsbhAddDevice

Dispatch routines:
[00] IRP_MJ_CREATE fffff88004525f60 usbhub!UsbhGenDispatch
[01] IRP_MJ_CREATE_NAMED_PIPE fffff800018b665c nt!IopInvalidDeviceRequest
[02] IRP_MJ_CLOSE fffff88004525f60 usbhub!UsbhGenDispatch
[03] IRP_MJ_READ fffff800018b665c nt!IopInvalidDeviceRequest
[04] IRP_MJ_WRITE fffff800018b665c nt!IopInvalidDeviceRequest
[05] IRP_MJ_QUERY_INFORMATION fffff800018b665c nt!IopInvalidDeviceRequest
[06] IRP_MJ_SET_INFORMATION fffff800018b665c nt!IopInvalidDeviceRequest
[07] IRP_MJ_QUERY_EA fffff800018b665c nt!IopInvalidDeviceRequest
[08] IRP_MJ_SET_EA fffff800018b665c nt!IopInvalidDeviceRequest
[09] IRP_MJ_FLUSH_BUFFERS fffff800018b665c nt!IopInvalidDeviceRequest
[0a] IRP_MJ_QUERY_VOLUME_INFORMATION fffff800018b665c nt!IopInvalidDeviceRequest
[0b] IRP_MJ_SET_VOLUME_INFORMATION fffff800018b665c nt!IopInvalidDeviceRequest
[0c] IRP_MJ_DIRECTORY_CONTROL fffff800018b665c nt!IopInvalidDeviceRequest
[0d] IRP_MJ_FILE_SYSTEM_CONTROL fffff800018b665c nt!IopInvalidDeviceRequest
[0e] IRP_MJ_DEVICE_CONTROL fffff88004525f60 usbhub!UsbhGenDispatch
[0f] IRP_MJ_INTERNAL_DEVICE_CONTROL fffff88004525f60 usbhub!UsbhGenDispatch
[10] IRP_MJ_SHUTDOWN fffff8800454b454 usbhub!UsbhDeviceShutdown
[11] IRP_MJ_LOCK_CONTROL fffff800018b665c nt!IopInvalidDeviceRequest
[12] IRP_MJ_CLEANUP fffff800018b665c nt!IopInvalidDeviceRequest
[13] IRP_MJ_CREATE_MAILSLOT fffff800018b665c nt!IopInvalidDeviceRequest
[14] IRP_MJ_QUERY_SECURITY fffff800018b665c nt!IopInvalidDeviceRequest
[15] IRP_MJ_SET_SECURITY fffff800018b665c nt!IopInvalidDeviceRequest
[16] IRP_MJ_POWER fffff88004525f60 usbhub!UsbhGenDispatch
[17] IRP_MJ_SYSTEM_CONTROL fffff88004525f60 usbhub!UsbhGenDispatch
[18] IRP_MJ_DEVICE_CHANGE fffff800018b665c nt!IopInvalidDeviceRequest
[19] IRP_MJ_QUERY_QUOTA fffff800018b665c nt!IopInvalidDeviceRequest
[1a] IRP_MJ_SET_QUOTA fffff800018b665c nt!IopInvalidDeviceRequest
[1b] IRP_MJ_PNP fffff88004525f60 usbhub!UsbhGenDispatch

4: kd> lmvm usbhub
start end module name
fffff880`04524000 fffff880`0457e000 usbhub (pdb symbols) C:\Program Files\Windows Kits\8.0\Debuggers\x86\sym\usbhub.pdb\295DCA65F67B44BF8DD26C3B6D89A6F71\usbhub.pdb
Loaded symbol image file: usbhub.sys
Image path: \SystemRoot\system32\DRIVERS\usbhub.sys
Image name: usbhub.sys
Timestamp: Tue Jul 14 08:07:09 2009 (4A5BCC2D)
CheckSum: 0005BB10
ImageSize: 0005A000
Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4

-------------------
1.system32\drivers\ delete usbehci.sys usbhub.sys usbohci.sys usbport.sys
2. 设备管理器,卸载所有usb驱动
3.system32\drivers\ delete usbui.dll
4.restart pc

==========================================================

==========================================================

对2012/7/16 14:28产生的dump文件进行分析后,结果如下:

PNP_DETECTED_FATAL_ERROR (ca)
PnP encountered a severe error, either as a
result of a problem in a driver or
a problem in PnP itself.  The first argument
describes the nature of the
problem, the second argument is the address of
the PDO.  The other arguments
vary depending on argument 1.
Arguments:
Arg1: 0000000000000001, Duplicate PDO

A specific instance of a driver
has enumerated multiple PDOs with

identical device id and unique ids.

Arg2: fffffa800be97440, Newly reported PDO.

Arg3: fffffa800c237440, PDO of which it is a duplicate.

Arg4: 0000000000000000

Debugging Details:
------------------

BUGCHECK_STR:  0xCA_1

DEVICE_OBJECT:
fffffa800be97440

DRIVER_OBJECT: fffffa8005456b50

IMAGE_NAME:
 usbhub.sys

DEBUG_FLR_IMAGE_TIMESTAMP:  4a5bcc2d

MODULE_NAME:
usbhub

FAULTING_MODULE:
fffff88004524000 usbhub

DEFAULT_BUCKET_ID:  WIN7_DRIVER_FAULT

PROCESS_NAME:  System

CURRENT_IRQL:  0

LOCK_ADDRESS:  fffff80001ad2400 -- (!locks
fffff80001ad2400)

Resource @ nt!PiEngineLock (0xfffff80001ad2400)
   Exclusively owned
    Contention Count = 176
     Threads:
fffffa80036cd680-01<*> 
1 total locks, 1 locks currently held

PNP_TRIAGE: 
Lock address  : 0xfffff80001ad2400
Thread Count  : 1
Thread address: 0xfffffa80036cd680
Thread wait   : 0x5d7a082e

LAST_CONTROL_TRANSFER:  from
fffff80001cbb117 to fffff800018cff00

STACK_TEXT:  
fffff880`0219e778 fffff800`01cbb117 :
00000000`000000ca 00000000`00000001 fffffa80`0be97440 fffffa80`0c237440 :
nt!KeBugCheckEx
fffff880`0219e780 fffff800`01cbbef8 :
fffffa80`03ea3290 fffffa80`14f13010 fffffa80`03ea3290 00000000`00000001 :
nt!PiProcessNewDeviceNode+0x587
fffff880`0219e950 fffff800`01cbc438 :
fffff800`01acfd80 00000000`00000000 00000000`00000001 fffff800`01b3c71c :
nt!PipProcessDevNodeTree+0x2e8
fffff880`0219ebc0 fffff800`019d0347 :
00000001`00000003 00000000`00000000 00000000`00000001 00000000`00000000 :
nt!PiProcessReenumeration+0x98
fffff880`0219ec10 fffff800`018dd161 :
fffff800`019d0020 fffff800`01bc9501 fffffa80`036cd600 fffffa80`036cd680 :
nt!PnpDeviceActionWorker+0x327
fffff880`0219ecb0 fffff800`01b73166 :
00000000`00000000 fffffa80`036cd680 00000000`00000080 fffffa80`036c0040 :
nt!ExpWorkerThread+0x111
fffff880`0219ed40 fffff800`018ae486 :
fffff880`01f3c180 fffffa80`036cd680 fffff880`01f470c0 00000000`00000000 :
nt!PspSystemThreadStartup+0x5a
fffff880`0219ed80 00000000`00000000 :
fffff880`0219f000 fffff880`02199000 fffff880`0219e9f0 00000000`00000000 :
nt!KiStartSystemThread+0x16

STACK_COMMAND:  kb

FOLLOWUP_NAME:  MachineOwner

FAILURE_BUCKET_ID:
 X64_0xCA_1_IMAGE_usbhub.sys

BUCKET_ID:  X64_0xCA_1_IMAGE_usbhub.sys

Followup: MachineOwner
---------

  由以上信息可以得知导致系统crush的原因为fffffa800be97440和fffffa800c237440发生了冲突,出错模块为 usbhub.sys,该文件为USB设备驱动程序文件。

 

4:
kd> ! devobj fffffa800be97440
Device object (fffffa800be97440) is for:
 USBPDO-10 \Driver\usbhub DriverObject fffffa8005456b50
Current Irp 00000000 RefCount 0 Type 00000022 Flags 00003040
Dacl fffff9a100064f51 DevExt fffffa800be97590 DevObjExt fffffa800be97f90 DevNode fffffa8014f13010 
ExtensionFlags (0x00000810)  DOE_START_PENDING, DOE_DEFAULT_SD_PRESENT
Characteristics (0000000000)  
Device queue is not busy.

4:
kd> ! devobj fffffa800c237440
Device object (fffffa800c237440) is for:
 USBPDO-7 \Driver\usbhub DriverObject fffffa8005456b50
Current Irp 00000000 RefCount 0 Type 00000022 Flags 00003040
Dacl fffff9a100064f51 DevExt fffffa800c237590 DevObjExt fffffa800c237f90 DevNode fffffa800a30a690 
ExtensionFlags (0x00000810)  DOE_START_PENDING, DOE_DEFAULT_SD_PRESENT
Characteristics (0000000000)  
Device queue is not busy.

由此处信息可以得知:

devobj fffffa800be97440
的DevNode为fffffa8014f13010

devobj fffffa800c237440 的DevNode为fffffa800a30a690

4: kd> dt _DEVICE_NODE fffffa8014f13010 instancepath

nt!_DEVICE_NODE

+0x028
InstancePath : _UNICODE_STRING

"USB\VID_04B3&PID_3025\5&12dde233&0&1"

4: kd> dt _DEVICE_NODE fffffa800a30a690 instancepath

nt!_DEVICE_NODE

+0x028
InstancePath : _UNICODE_STRING

"USB\VID_04B3&PID_3025\5&12dde233&0&1"

  由此处信息可以得知DevNode fffffa8014f13010
和fffffa800a30a690的实例路径均为USB\VID_04B3&PID_3025\5&12dde233&0&1。

  VID 代表厂商ID,VID_04B3 表示该USB设备芯片提供商为IBM; PID 代表型号ID, VID_04B3&PID_3025表示设备USB NetVista Full Width Keyboard,该设备的多个实例发生了冲突从而导致计算机蓝屏,该设备的驱动程序有bug,需要对驱动程序进行更新。

 

WinDbug之DUMP蓝屏分析的更多相关文章

  1. 【原创】FltSendMessage蓝屏分析

    INVALID_PROCESS_DETACH_ATTEMPT (6)Arguments:Arg1: 00000000Arg2: 00000000Arg3: 00000000Arg4: 00000000 ...

  2. 电脑蓝屏分析教程,附工具WinDbg(x86 x64)6.12.0002.633下载

    我们常常在使用电脑中,有时会碰到电脑蓝屏,我们经常束手无策,不知道为什么会蓝屏?有些蓝屏后自动重启能正常进入系统,那么我们就可以借助工具进行分析.而有些可能需要进入到安全模式或者pe系统才会正常,那么 ...

  3. 一次真实的蓝屏分析 ntkrnlmp.exe

    故事背景: 话说我一直都是远程公司的电脑,在我晚上11点敲代码敲得正爽的时候,被远程的主机挂掉了,毫无征兆的挂掉了,我特么还好有闲着没事就ctrl + s保存代码的习惯,要不然白敲了那么久,我以为是公 ...

  4. 记一次Windows蓝屏分析

    大半夜收到此类信息,应该是让所有系统管理员最头大的事情了 首先我快速通过iDRAC,发现服务器发生了重启操作,并得到相关日志信息 通过Dell的官方解释,确定了该问题是OS层面的异常导致.打开Wind ...

  5. 【原创】FltGetFileNameInformation蓝屏分析

    FAULTING_IP: nt!SeCreateAccessStateEx+5b80564184 848788000000 test byte ptr [edi+88h],al TRAP_FRAME: ...

  6. 关闭win10 自动更新 及蓝屏解决办法

    "控制面板-管理工具-服务"(或在"此电脑"鼠标右键,点击"管理"),找到Windows Update项目后,将"启动类型&quo ...

  7. 记一次解决关机蓝屏 | MULTIPLE_IRP_COMPLETE_REQUESTS | klflt.sys

    已经解决蓝屏问题,原因是卡巴斯基安全软件驱动导致,需要卸载卡巴斯基安全软件,详细过程如下. 一.关机时蓝屏 Win10系统,在关机动画快结束时突然蓝屏,提示:你的设备遇到问题,需要重启,终止代码:MU ...

  8. Win 10 蓝屏,出现DRIVER_POWER_STATE_FAILURE的解决方法

    笔者个人笔记本电脑,用的是华硕的飞行堡垒FZ系列,上个月装了个Ubuntu的系统,之后换回Windows后,电脑疯狂蓝屏,错误代码只有这个DRIVER_POWER_STATE_FAILURE.一开始我 ...

  9. 蓝屏 Dump文件分析方法

    WinDbg使用有点麻烦,还要符号表什么的.试了下,感觉显示很乱,分析的也不够全面... 试试其他的吧!今天电脑蓝屏了,就使用其dump文件测试,如下: 1.首先,最详细的,要属Osr Online这 ...

随机推荐

  1. Azure SQL 数据库与新的数据库吞吐量单位

    在这一期中,Scott 与 Azure SQL 数据库性能首席项目经理主管 Tobias Ternstrom 一起详细阐释了新的数据库吞吐量单位 (Database Throughput Unit, ...

  2. 【大数加法】POJ-1503、NYOJ-103

    1503:Integer Inquiry 总时间限制:  1000ms 内存限制:  65536kB 描述 One of the first users of BIT's new supercompu ...

  3. 【Unity3D】自动寻路(Nav Mesh Agent组件)

    1.首先添加场景模型 2.为场景模型(寻路路径)添加NavMesh渲染,操作:Windows->Navigation->勾选Navigation Static选项->不勾选Gener ...

  4. JMeter使用jar进行压力测试

    最近需要对改造的redis缓存接口做压力测试,使用了开源压力测试工具JMeter,分享一下自己的使用经验,希望能对需要进行压力测试的开发同学有所帮助. JMeter介绍 JMeter是Apache软件 ...

  5. WeChat Official Account Admin Platform Message API Guide

    Keyword: WeChat Message API Text Image Location Link Event Music RichMedia Author: PondBay Studio[We ...

  6. bzoj 3884 上帝与集合的正确用法(递归,欧拉函数)

    [题目链接] http://www.lydsy.com/JudgeOnline/problem.php?id=3884 [题意] 求2^2^2… mod p [思路] 设p=2^k * q+(1/0) ...

  7. Designing Evolvable Web API with ASP.NET 随便读,随便记 “The Internet,the World Wide Web,and HTTP”

    1982年,诞生了 Internet; 1989年,诞生了World Wide Web . "World Wide Web"的构造为主要由 三部分构成: resources 资源 ...

  8. Activating Google Cloud Storage

    先决条件 你需要下面的内容: 1.一个Google账户,比如来自Gmail.如果你没有,请在Google account signup site注册. 2.一个新的或已经存在的Google Devel ...

  9. Codeforces Round #364 (Div.2) D:As Fast As Possible(模拟+推公式)

    题目链接:http://codeforces.com/contest/701/problem/D 题意: 给出n个学生和能载k个学生的车,速度分别为v1,v2,需要走一段旅程长为l,每个学生只能搭一次 ...

  10. HDU-4742 Pinball Game 3D 三维LIS

    题目链接:http://acm.hdu.edu.cn/showproblem.php?pid=4742 题意:求3维的LIS.. 用分治算法搞得,参考了cxlove的题解.. 首先按照x排序,然后每个 ...