Login
[x]
Log in using an account from:
Fedora Account System
Red Hat Associate
Red Hat Customer
Or login using a Red Hat Bugzilla account
Forgot Password
Login:
Hide Forgot
Create an Account
Red Hat Bugzilla – Attachment 915321 Details for
Bug 705014
win03-64 guest bsod by i8042prt.sys driver
[?]
New
Simple Search
Advanced Search
My Links
Browse
Requests
Reports
Current State
Search
Tabular reports
Graphical reports
Duplicates
Other Reports
User Changes
Plotly Reports
Bug Status
Bug Severity
Non-Defaults
|
Product Dashboard
Help
Page Help!
Bug Writing Guidelines
What's new
Browser Support Policy
5.0.4.rh83 Release notes
FAQ
Guides index
User guide
Web Services
Contact
Legal
This site requires JavaScript to be enabled to function correctly, please enable it.
Comment
comment_3795103.txt (text/plain), 113.96 KB, created by
Arkady Frenkel
on 2011-06-06 13:14:52 UTC
(
hide
)
Description:
Comment
Filename:
MIME Type:
Creator:
Arkady Frenkel
Created:
2011-06-06 13:14:52 UTC
Size:
113.96 KB
patch
obsolete
>Here the analysis of this crash: > >Microsoft (R) Windows Debugger Version 6.11.0001.404 X86 > >Copyright (c) Microsoft Corporation. All rights reserved. > > > > > >Loading Dump File [Z:\public\afrenkel\MEMORY.DMP] > >Kernel Summary Dump File: Only kernel address space is available > > > >Symbol search path is: C:\dev\internal-kvm-guest-drivers-windows\NetKVM\wlh\objchk_wlh_x86\i386;SRV*C:\websymbols*http://msdl.microsoft.com/download/symbols > >Executable search path is: C:\dev\internal-kvm-guest-drivers-windows\NetKVM\wlh\objchk_wlh_x86\i386 > >Windows Server 2003 Kernel Version 3790 (Service Pack 2) MP (4 procs) Free x64 > >Product: Server, suite: Enterprise TerminalServer SingleUserTS > >Built by: 3790.srv03_sp2_gdr.101019-0340 > >Machine Name: > >Kernel base = 0xfffff800`01000000 PsLoadedModuleList = 0xfffff800`011d4140 > >Debug session time: Fri May 13 17:56:02.364 2011 (GMT+3) > >System Uptime: 0 days 0:07:09.708 > >Loading Kernel Symbols > >............................................................... > >........................................ > >Loading User Symbols > > > >Loading unloaded module list > >.... > >******************************************************************************* > >* * > >* Bugcheck Analysis * > >* * > >******************************************************************************* > > > >Use !analyze -v to get detailed debugging information. > > > >BugCheck D1, {fffffadfc7a56e70, 2, 8, fffffadfc7a56e70} > > > >Probably caused by : i8042prt.sys ( i8042prt!I8xPower+0 ) > > > >Followup: MachineOwner > >--------- > > > >3: kd> !analyze -v > >******************************************************************************* > >* * > >* Bugcheck Analysis * > >* * > >******************************************************************************* > > > >DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1) > >An attempt was made to access a pageable (or completely invalid) address at an > >interrupt request level (IRQL) that is too high. This is usually > >caused by drivers using improper addresses. > >If kernel debugger is available get stack backtrace. > >Arguments: > >Arg1: fffffadfc7a56e70, memory referenced > >Arg2: 0000000000000002, IRQL > >Arg3: 0000000000000008, value 0 = read operation, 1 = write operation > >Arg4: fffffadfc7a56e70, address which referenced memory > > > >Debugging Details: > >------------------ > > > > > >READ_ADDRESS: fffffadfc7a56e70 > > > >CURRENT_IRQL: 2 > > > >FAULTING_IP: > >i8042prt!I8xPower+0 > >fffffadf`c7a56e70 4883ec38 sub rsp,38h > > > >DEFAULT_BUCKET_ID: DRIVER_FAULT > > > >BUGCHECK_STR: 0xD1 > > > >PROCESS_NAME: System > > > >TRAP_FRAME: fffffadfc8c789c0 -- (.trap 0xfffffadfc8c789c0) > >NOTE: The trap frame does not contain all registers. > >Some register values may be zeroed or incorrect. > >rax=fffffadfce474e70 rbx=0000000000000000 rcx=fffffadfcdca6a10 > >rdx=fffffadfcdca7990 rsi=0000000000000000 rdi=0000000000000000 > >rip=fffffadfc7a56e70 rsp=fffffadfc8c78b58 rbp=0000000000000002 > > r8=0000000000000016 r9=fffffadfcdca6a10 r10=fffffadfce8f5401 > >r11=fffffadfc888b180 r12=0000000000000000 r13=0000000000000000 > >r14=0000000000000000 r15=0000000000000000 > >iopl=0 nv up ei ng nz na pe nc > >i8042prt!I8xPower: > >fffffadf`c7a56e70 4883ec38 sub rsp,38h > >Resetting default scope > > > >LAST_CONTROL_TRANSFER: from fffff8000102e5b4 to fffff8000102e890 > > > >FAILED_INSTRUCTION_ADDRESS: > >i8042prt!I8xPower+0 > >fffffadf`c7a56e70 4883ec38 sub rsp,38h > > > >STACK_TEXT: > >fffffadf`c8c78838 fffff800`0102e5b4 : 00000000`0000000a fffffadf`c7a56e70 00000000`00000002 00000000`00000008 : nt!KeBugCheckEx > >fffffadf`c8c78840 fffff800`0102d547 : 00000000`00000002 fffffadf`c83a87c0 00000000`00000000 fffffadf`cddfcac0 : nt!KiBugCheckDispatch+0x74 > >fffffadf`c8c789c0 fffffadf`c7a56e70 : fffff800`013da8b4 fffffadf`ce2d08e8 fffffadf`ce2d08e8 fffffadf`ce2d0970 : nt!KiPageFault+0x207 > >fffffadf`c8c78b58 fffff800`013da8b4 : fffffadf`ce2d08e8 fffffadf`ce2d08e8 fffffadf`ce2d0970 fffffadf`ce2d0450 : i8042prt!I8xPower > >fffffadf`c8c78b60 fffff800`013dad76 : fffffadf`ce2d0701 00000000`00000000 fffffadf`ce2d0718 00000000`00000002 : nt!PopWaitForSystemPowerIrp+0x37a > >fffffadf`c8c78be0 fffff800`013da186 : 00000000`00000001 00000000`00000005 00000000`00000000 fffffadf`ce2d0450 : nt!PopSleepDeviceList+0x16f > >fffffadf`c8c78c10 fffff800`013d5a3a : 00000000`00000000 fffff800`013d5760 00000000`00000000 fffff800`011cd9c0 : nt!PopSetDevicesSystemState+0x318 > >fffffadf`c8c78c80 fffff800`010375ca : 00000000`00000000 fffff800`011d1340 fffffadf`ce8d57a0 fffff800`011cd9c0 : nt!PopGracefulShutdown+0x2da > >fffffadf`c8c78d00 fffff800`0124a972 : fffffadf`ce8d57a0 00000000`00000080 fffffadf`ce8d57a0 fffffadf`c8893680 : nt!ExpWorkerThread+0x13b > >fffffadf`c8c78d70 fffff800`01020226 : fffffadf`c888b180 fffffadf`ce8d57a0 fffffadf`c8893680 00000000`00000000 : nt!PspSystemThreadStartup+0x3e > >fffffadf`c8c78dd0 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiStartSystemThread+0x16 > > > > > >STACK_COMMAND: kb > > > >FOLLOWUP_IP: > >i8042prt!I8xPower+0 > >fffffadf`c7a56e70 4883ec38 sub rsp,38h > > > >SYMBOL_STACK_INDEX: 3 > > > >SYMBOL_NAME: i8042prt!I8xPower+0 > > > >FOLLOWUP_NAME: MachineOwner > > > >MODULE_NAME: i8042prt > > > >IMAGE_NAME: i8042prt.sys > > > >DEBUG_FLR_IMAGE_TIMESTAMP: 45d69a8c > > > >FAILURE_BUCKET_ID: X64_0xD1_CODE_AV_BAD_IP_i8042prt!I8xPower+0 > > > >BUCKET_ID: X64_0xD1_CODE_AV_BAD_IP_i8042prt!I8xPower+0 > > > >Followup: MachineOwner > >--------- > > >BSOD happened in i8042prt.sys, first opcode in I8xPower function (power dispatch routine of the driver), because call of the function >happen on DISPATH_LEVEL(2) but function code is pagable and can't be executed on this level but on the passive only. > >This routine called from worker thread ExpWorkerThread(), but before the call to I8xPower() the level was changed already to DISPATH_LEVEL >and not returned back to PASSIVE_LEVEL. This thread run on the processor 3 (the first one for AMD) in 4 CPU machine. >Because BSOD happened on the first command of the i8042prt!I8xPower ( i8042prt!I8xPower+0 ) the return address in nt!KiPageFault line is >exact address of that opcode. > >Additionally we will see later that TRAP_FRAME show: >rax=fffffadfce474e70 is driver object of i8042prt.sys. > >Two parameters for the function are >rcx=fffffadfcdca6a10 is mouse device object and >rdx=fffffadfcdca7990 is IRP when BSOD happened. > >Those two parameters are standard for any dispatch routine and >From http://read.pudn.com/downloads170/sourcecode/windows/vxd/788080/pnpi8042/pnp.c__.htm (undocumented source) possible to see >that in the lines 1293-1297 >NTSTATUS >I8xPower ( > IN PDEVICE_OBJECT DeviceObject, > IN PIRP Irp > ) > >Stack of the thread caused BSOD show that it's workitem. >Next !exqueue command show the existing work item threads in the system. > >3: kd> !exqueue > >Dumping ExWorkerQueue: FFFFF800011CD9C0 > > > >**** Critical WorkQueue( current = 1 maximum = 4 ) > >THREAD fffffadfce8d7a40 Cid 0004.0010 Teb: 0000000000000000 Win32Thread: 0000000000000000 WAIT > >THREAD fffffadfce8d75f0 Cid 0004.0014 Teb: 0000000000000000 Win32Thread: 0000000000000000 WAIT > >THREAD fffffadfce8d71a0 Cid 0004.0018 Teb: 0000000000000000 Win32Thread: 0000000000000000 WAIT > >THREAD fffffadfce8d6040 Cid 0004.001c Teb: 0000000000000000 Win32Thread: 0000000000000000 WAIT > >THREAD fffffadfce8d6bf0 Cid 0004.0020 Teb: 0000000000000000 Win32Thread: 0000000000000000 WAIT > >THREAD fffffadfce8d67a0 Cid 0004.0024 Teb: 0000000000000000 Win32Thread: 0000000000000000 WAIT > >THREAD fffffadfce8d5040 Cid 0004.0028 Teb: 0000000000000000 Win32Thread: 0000000000000000 WAIT > >THREAD fffffadfce8d5bf0 Cid 0004.002c Teb: 0000000000000000 Win32Thread: 0000000000000000 WAIT > >THREAD fffffadfce8d57a0 Cid 0004.0030 Teb: 0000000000000000 Win32Thread: 0000000000000000 RUNNING on processor 3 > >THREAD fffffadfce8d4040 Cid 0004.0034 Teb: 0000000000000000 Win32Thread: 0000000000000000 WAIT > > > >**** Delayed WorkQueue( current = 0 maximum = 4 ) > >THREAD fffffadfce8d4bf0 Cid 0004.0038 Teb: 0000000000000000 Win32Thread: 0000000000000000 WAIT > >THREAD fffffadfce8d47a0 Cid 0004.003c Teb: 0000000000000000 Win32Thread: 0000000000000000 WAIT > >THREAD fffffadfce8d3040 Cid 0004.0040 Teb: 0000000000000000 Win32Thread: 0000000000000000 WAIT > >THREAD fffffadfce8d3bf0 Cid 0004.0044 Teb: 0000000000000000 Win32Thread: 0000000000000000 WAIT > >THREAD fffffadfce8d37a0 Cid 0004.0048 Teb: 0000000000000000 Win32Thread: 0000000000000000 WAIT > >THREAD fffffadfce8d2040 Cid 0004.004c Teb: 0000000000000000 Win32Thread: 0000000000000000 WAIT > >THREAD fffffadfce8d2bf0 Cid 0004.0050 Teb: 0000000000000000 Win32Thread: 0000000000000000 WAIT > > > >**** HyperCritical WorkQueue( current = 0 maximum = 4 ) > >THREAD fffffadfce8d27a0 Cid 0004.0054 Teb: 0000000000000000 Win32Thread: 0000000000000000 WAIT > > > >The thread fffffadfce8d57a0 running on the processor is the one which caused BSOD. > > >Lm command show that, there are no virtio-win drivers at all in the system. > > >3: kd> lm > >start end module name > >fffff800`00800000 fffff800`0085e000 hal (deferred) > >fffff800`01000000 fffff800`01497000 nt (pdb symbols) c:\websymbols\ntkrnlmp.pdb\CF6A1D28362E4610946B4EBA29A3CFAE2\ntkrnlmp.pdb > >fffff97f`ff000000 fffff97f`ff467000 win32k (deferred) > >fffff97f`ff467000 fffff97f`ff48f000 dxg (deferred) > >fffff97f`ff48f000 fffff97f`ff4b1000 qxldd (deferred) > >fffffadf`c632d000 fffffadf`c6365000 kmixer (deferred) > >fffffadf`c6365000 fffffadf`c637f000 swmidi (deferred) > >fffffadf`c637f000 fffffadf`c63b4000 aec (deferred) > >fffffadf`c63b4000 fffffadf`c63df000 sysaudio (deferred) > >fffffadf`c649d000 fffffadf`c64db000 RDPWD (deferred) > >fffffadf`c7179000 fffffadf`c71a6000 dump_atapi (deferred) > >fffffadf`c71a6000 fffffadf`c71c7000 Cdfs (deferred) > >fffffadf`c72ad000 fffffadf`c72c2000 HIDCLASS (deferred) > >fffffadf`c72c2000 fffffadf`c738f000 mrxsmb (deferred) > >fffffadf`c738f000 fffffadf`c73e0000 rdbss (deferred) > >fffffadf`c73e0000 fffffadf`c742d000 afd (deferred) > >fffffadf`c7473000 fffffadf`c74cd000 netbt (deferred) > >fffffadf`c74cd000 fffffadf`c750b000 ipnat (deferred) > >fffffadf`c750b000 fffffadf`c7604000 tcpip (deferred) > >fffffadf`c7604000 fffffadf`c761a000 msgpc (deferred) > >fffffadf`c761a000 fffffadf`c7645000 ipsec (deferred) > >fffffadf`c7645000 fffffadf`c7659000 Npfs (deferred) > >fffffadf`c7679000 fffffadf`c7699000 usbhub (deferred) > >fffffadf`c7699000 fffffadf`c76ad000 NDProxy (deferred) > >fffffadf`c76f3000 fffffadf`c771f000 update (deferred) > >fffffadf`c771f000 fffffadf`c7735000 termdd (deferred) > >fffffadf`c774a000 fffffadf`c77a1000 rdpdr (deferred) > >fffffadf`c77b1000 fffffadf`c77bf000 TDTCP (deferred) > >fffffadf`c7811000 fffffadf`c781d000 ndisuio (deferred) > >fffffadf`c7841000 fffffadf`c7864000 raspptp (deferred) > >fffffadf`c7864000 fffffadf`c7878000 raspppoe (deferred) > >fffffadf`c7878000 fffffadf`c78a4000 ndiswan (deferred) > >fffffadf`c78a4000 fffffadf`c78ca000 rasl2tp (deferred) > >fffffadf`c78ca000 fffffadf`c7913000 ks (deferred) > >fffffadf`c7913000 fffffadf`c7953000 portcls (deferred) > >fffffadf`c7953000 fffffadf`c7983000 ac97intc (deferred) > >fffffadf`c7983000 fffffadf`c79a6000 VIDEOPRT (deferred) > >fffffadf`c79a6000 fffffadf`c79e0000 USBPORT (deferred) > >fffffadf`c79e0000 fffffadf`c79fb000 cdrom (deferred) > >fffffadf`c79fb000 fffffadf`c7a1e000 serial (deferred) > >fffffadf`c7a1e000 fffffadf`c7a43000 parport (deferred) > >fffffadf`c7a43000 fffffadf`c7a60000 i8042prt (pdb symbols) c:\websymbols\i8042prt.pdb\314CD03D6DC94BD69E1B4D83954B670D2\i8042prt.pdb > >fffffadf`c8025000 fffffadf`c8059000 Mup (deferred) > >fffffadf`c8059000 fffffadf`c80bf000 NDIS (deferred) > >fffffadf`c80bf000 fffffadf`c81c4000 Ntfs (deferred) > >fffffadf`c81c4000 fffffadf`c81f8000 KSecDD (deferred) > >fffffadf`c81f8000 fffffadf`c8236000 fltMgr (deferred) > >fffffadf`c8236000 fffffadf`c8253000 CLASSPNP (deferred) > >fffffadf`c8253000 fffffadf`c8268000 disk (deferred) > >fffffadf`c8268000 fffffadf`c8295000 atapi (deferred) > >fffffadf`c8295000 fffffadf`c82e0000 volsnap (deferred) > >fffffadf`c82e0000 fffffadf`c8327000 dmio (deferred) > >fffffadf`c8327000 fffffadf`c8367000 ftdisk (deferred) > >fffffadf`c8367000 fffffadf`c837d000 MountMgr (deferred) > >fffffadf`c837d000 fffffadf`c839e000 pci (deferred) > >fffffadf`c839e000 fffffadf`c83f2000 ACPI (deferred) > >fffffadf`c84f3000 fffffadf`c8504000 Dfs (deferred) > >fffffadf`c8519000 fffffadf`c852b000 intelppm (deferred) > >fffffadf`c852c000 fffffadf`c853f000 RTL39A64 (deferred) > >fffffadf`c853f000 fffffadf`c8551000 wanarp (deferred) > >fffffadf`c8552000 fffffadf`c8564000 netbios (deferred) > >fffffadf`c8565000 fffffadf`c8577000 Fips (deferred) > >fffffadf`c87fb000 fffffadf`c8805000 kdcom (deferred) > >fffffadf`c880b000 fffffadf`c8814000 BOOTVID (deferred) > >fffffadf`c881b000 fffffadf`c8824000 WMILIB (deferred) > >fffffadf`c882b000 fffffadf`c8834000 isapnp (deferred) > >fffffadf`c883b000 fffffadf`c884b000 PCIIDEX (deferred) > >fffffadf`c884b000 fffffadf`c885b000 PartMgr (deferred) > >fffffadf`c885b000 fffffadf`c8866000 crcdisk (deferred) > >fffffadf`c889b000 fffffadf`c88a5000 mnmdd (deferred) > >fffffadf`c88cb000 fffffadf`c88d8000 Msfs (deferred) > >fffffadf`c88eb000 fffffadf`c88f5000 ndistapi (deferred) > >fffffadf`c88fb000 fffffadf`c890a000 TDI (deferred) > >fffffadf`c890b000 fffffadf`c8917000 serenum (deferred) > >fffffadf`c891b000 fffffadf`c8925000 mouhid (deferred) > >fffffadf`c892b000 fffffadf`c8939000 fdc (deferred) > >fffffadf`c894b000 fffffadf`c8958000 ptilink (deferred) > >fffffadf`c895b000 fffffadf`c8965000 Fs_Rec (deferred) > >fffffadf`c896b000 fffffadf`c8975200 HIDPARSE (deferred) > >fffffadf`c899b000 fffffadf`c89a6000 raspti (deferred) > >fffffadf`c89ab000 fffffadf`c89b8000 mssmbios (deferred) > >fffffadf`c89bb000 fffffadf`c89c5000 rasacd (deferred) > >fffffadf`c89cb000 fffffadf`c89d6000 secdrv (deferred) > >fffffadf`c89db000 fffffadf`c89e5000 hidusb (deferred) > >fffffadf`c89fb000 fffffadf`c8a04000 watchdog (deferred) > >fffffadf`c8a0b000 fffffadf`c8a19000 kbdclass (deferred) > >fffffadf`c8a1b000 fffffadf`c8a29000 vga (deferred) > >fffffadf`c8a2b000 fffffadf`c8a37000 Dxapi (deferred) > >fffffadf`c8a3b000 fffffadf`c8a44000 dump_WMILIB (deferred) > >fffffadf`c8a4b000 fffffadf`c8a55000 RDPCDD (deferred) > >fffffadf`c8a5b000 fffffadf`c8a68000 mouclass (deferred) > >fffffadf`c8a6b000 fffffadf`c8a73000 intelide (deferred) > >fffffadf`c8a73000 fffffadf`c8a7af00 usbuhci (deferred) > >fffffadf`c8a7b000 fffffadf`c8a83000 qxl (deferred) > >fffffadf`c8a83000 fffffadf`c8a8b000 audstub (deferred) > >fffffadf`c8a93000 fffffadf`c8a9b000 Null (deferred) > >fffffadf`c8aab000 fffffadf`c8ab3000 CdaC15BA (deferred) > >fffffadf`c8ab3000 fffffadf`c8abb000 CdaD10BA (deferred) > >fffffadf`c8bfb000 fffffadf`c8c02000 dmload (deferred) > >fffffadf`c8d44000 fffffadf`c8d49e80 ksthunk (deferred) > >fffffadf`c8dc9000 fffffadf`c8dd0000 Beep (deferred) > >fffffadf`c8f8f000 fffffadf`c8f91800 splitter (deferred) > >fffffadf`c8faf000 fffffadf`c8fb0400 swenum (deferred) > >fffffadf`c8fb5000 fffffadf`c8fb6d80 USBD (deferred) > > > >Unloaded modules: > >fffffadf`c6aa3000 fffffadf`c6b6f000 srv.sys > >fffffadf`c72ab000 fffffadf`c72c2000 imapi.sys > >fffffadf`c73ca000 fffffadf`c73e0000 redbook.sys > >fffffadf`c898b000 fffffadf`c8994000 Sfloppy.SYS > > >Next irql, pcr and prcb command show current states of 4 processors in the system >3: kd> !irql 0 > >Debugger saved IRQL for processor 0x0 -- 0 (LOW_LEVEL) > > >3: kd> !irql 1 > >Debugger saved IRQL for processor 0x1 -- 0 (LOW_LEVEL) > > >3: kd> !irql 2 > >Debugger saved IRQL for processor 0x2 -- 0 (LOW_LEVEL) > > >3: kd> !irql 3 > >Debugger saved IRQL for processor 0x3 -- 2 (DISPATCH_LEVEL) > > > >3: kd> !pcr 3 > >KPCR for Processor 3 at fffffadfc888b000: > > Major 1 Minor 1 > > NtTib.ExceptionList: fffffadfc8893b00 > > NtTib.StackBase: fffffadfc888d600 > > NtTib.StackLimit: 0000000000000000 > > NtTib.SubSystemTib: fffffadfc888b000 > > NtTib.Version: 00000000c888b180 > > NtTib.UserPointer: fffffadfc888b7f0 > > NtTib.SelfTib: 000007fffff74000 > > > > SelfPcr: 0000000000000000 > > Prcb: fffffadfc888b180 > > Irql: 0000000000000000 > > IRR: 0000000000000000 > > IDR: 0000000000000000 > > InterruptMode: 0000000000000000 > > IDT: 0000000000000000 > > GDT: 0000000000000000 > > TSS: 0000000000000000 > > > > CurrentThread: fffffadfce8d57a0 > > NextThread: 0000000000000000 > > IdleThread: fffffadfc8893680 > > > > DpcQueue: 0xfffffadfc83d5ec0 0xfffffadfc83a8cd0 [Normal] ACPI!ACPIDevicePowerDpc > > > >3: kd> !pcr 0 > >KPCR for Processor 0 at fffff800011b0000: > > Major 1 Minor 1 > > NtTib.ExceptionList: fffff800004e7000 > > NtTib.StackBase: fffff800004e8070 > > NtTib.StackLimit: 0000000000000000 > > NtTib.SubSystemTib: fffff800011b0000 > > NtTib.Version: 00000000011b0180 > > NtTib.UserPointer: fffff800011b07f0 > > NtTib.SelfTib: 000007fffff74000 > > > > SelfPcr: 0000000000000000 > > Prcb: fffff800011b0180 > > Irql: 0000000000000000 > > IRR: 0000000000000000 > > IDR: 0000000000000000 > > InterruptMode: 0000000000000000 > > IDT: 0000000000000000 > > GDT: 0000000000000000 > > TSS: 0000000000000000 > > > > CurrentThread: fffff800011b4500 > > NextThread: 0000000000000000 > > IdleThread: fffff800011b4500 > > > > DpcQueue: > > >3: kd> !prcb 3 > >PRCB for Processor 3 at fffffadfc888b180: > >Current IRQL -- 2 > >Threads-- Current fffffadfce8d57a0 Next 0000000000000000 Idle fffffadfc8893680 > >Number 3 SetMember 8 > >Interrupt Count -- 0000fd37 > >Times -- Dpc 00000002 Interrupt 0000021c > > Kernel 00006972 User 0000015c > > >3: kd> !thread > >THREAD fffffadfce8d57a0 Cid 0004.0030 Teb: 0000000000000000 Win32Thread: 0000000000000000 RUNNING on processor 3 > >Not impersonating > >DeviceMap fffffa8000003530 > >Owning Process fffffadfce8d9040 Image: System > >Attached Process N/A Image: N/A > >Wait Start TickCount 27501 Ticks: 0 > >Context Switch Count 1580 > >UserTime 00:00:00.000 > >KernelTime 00:00:03.656 > >Start Address nt!ExpWorkerThread (0xfffff800010039f0) > >Stack Init fffffadfc8c78e00 Current fffffadfc8c783c0 > >Base fffffadfc8c79000 Limit fffffadfc8c73000 Call 0 > >Priority 13 BasePriority 13 PriorityDecrement 0 > >Child-SP RetAddr : Args to Child : Call Site > >fffffadf`c8c78838 fffff800`0102e5b4 : 00000000`0000000a fffffadf`c7a56e70 00000000`00000002 00000000`00000008 : nt!KeBugCheckEx > >fffffadf`c8c78840 fffff800`0102d547 : 00000000`00000002 fffffadf`c83a87c0 00000000`00000000 fffffadf`cddfcac0 : nt!KiBugCheckDispatch+0x74 > >fffffadf`c8c789c0 fffffadf`c7a56e70 : fffff800`013da8b4 fffffadf`ce2d08e8 fffffadf`ce2d08e8 fffffadf`ce2d0970 : nt!KiPageFault+0x207 (TrapFrame @ fffffadf`c8c789c0) > >fffffadf`c8c78b58 fffff800`013da8b4 : fffffadf`ce2d08e8 fffffadf`ce2d08e8 fffffadf`ce2d0970 fffffadf`ce2d0450 : i8042prt!I8xPower > >fffffadf`c8c78b60 fffff800`013dad76 : fffffadf`ce2d0701 00000000`00000000 fffffadf`ce2d0718 00000000`00000002 : nt!PopWaitForSystemPowerIrp+0x37a > >fffffadf`c8c78be0 fffff800`013da186 : 00000000`00000001 00000000`00000005 00000000`00000000 fffffadf`ce2d0450 : nt!PopSleepDeviceList+0x16f > >fffffadf`c8c78c10 fffff800`013d5a3a : 00000000`00000000 fffff800`013d5760 00000000`00000000 fffff800`011cd9c0 : nt!PopSetDevicesSystemState+0x318 > >fffffadf`c8c78c80 fffff800`010375ca : 00000000`00000000 fffff800`011d1340 fffffadf`ce8d57a0 fffff800`011cd9c0 : nt!PopGracefulShutdown+0x2da > >fffffadf`c8c78d00 fffff800`0124a972 : fffffadf`ce8d57a0 00000000`00000080 fffffadf`ce8d57a0 fffffadf`c8893680 : nt!ExpWorkerThread+0x13b > >fffffadf`c8c78d70 fffff800`01020226 : fffffadf`c888b180 fffffadf`ce8d57a0 fffffadf`c8893680 00000000`00000000 : nt!PspSystemThreadStartup+0x3e > >fffffadf`c8c78dd0 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiStartSystemThread+0x16 > > > >3: kd> !prcb 2 > >PRCB for Processor 2 at fffffadfc887b180: > >Current IRQL -- 0 > >Threads-- Current fffffadfc8883680 Next 0000000000000000 Idle fffffadfc8883680 > >Number 2 SetMember 4 > >Interrupt Count -- 000100c0 > >Times -- Dpc 00000000 Interrupt 000001fd > > Kernel 00006a94 User 00000042 > > > >3: kd> .thread fffffadfc8883680 > >*** ERROR: Module load completed but symbols could not be loaded for intelppm.sys > >Implicit thread is now fffffadf`c8883680 > > > >3: kd> !thread fffffadfc8883680 > >THREAD fffffadfc8883680 Cid 0000.0000 Teb: 0000000000000000 Win32Thread: 0000000000000000 RUNNING on processor 2 > >Not impersonating > >Owning Process fffff800011b4940 Image: Idle > >Attached Process N/A Image: N/A > >Wait Start TickCount 27449 Ticks: 52 (0:00:00:00.812) > >Context Switch Count 9700 > >UserTime 00:00:00.000 > >KernelTime 00:06:53.906 > >Stack Init fffffadfc8c24de0 Current fffffadfc8c24d70 > >Base fffffadfc8c24fe0 Limit fffffadfc8c1efe0 Call 0 > >Priority 16 BasePriority 0 PriorityDecrement 0 > >Child-SP RetAddr : Args to Child : Call Site > >fffffadf`c8c24d48 fffffadf`c851c759 : fffff800`011b4940 fffffadf`ce8d37a0 00000000`00000000 fffffadf`cddfc740 : intelppm+0x3b42 > >fffffadf`c8c24d50 fffff800`0103190c : fffffadf`c887d600 fffff800`011b4901 fffffadf`c887d450 00000000`00000000 : intelppm+0x3759 > >fffffadf`c8c24d80 fffff800`01067b1e : fffffadf`c887b180 fffffadf`c887b180 fffffadf`c8883680 fffffadf`ce8d37a0 : nt!PopProcessorIdle+0x114 > >fffffadf`c8c24db0 fffff800`014151d1 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiIdleLoop+0x1e > >fffffadf`c8c24de0 00000000`fffffadf : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemStartup+0x1bf > >fffffadf`c887d640 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00680000`00000000 : 0xfffffadf > > > >3: kd> !prcb 1 > >PRCB for Processor 1 at fffffadfc886b180: > >Current IRQL -- 0 > >Threads-- Current fffffadfc8873680 Next 0000000000000000 Idle fffffadfc8873680 > >Number 1 SetMember 2 > >Interrupt Count -- 00010829 > >Times -- Dpc 00000002 Interrupt 0000015d > > Kernel 000069a4 User 0000013c > > > >3: kd> .thread fffffadfc8873680 > >Implicit thread is now fffffadf`c8873680 > > > >3: kd> !thread fffffadfc8873680 > >THREAD fffffadfc8873680 Cid 0000.0000 Teb: 0000000000000000 Win32Thread: 0000000000000000 RUNNING on processor 1 > >Not impersonating > >Owning Process fffff800011b4940 Image: Idle > >Attached Process N/A Image: N/A > >Wait Start TickCount 27321 Ticks: 180 (0:00:00:02.812) > >Context Switch Count 41560 > >UserTime 00:00:00.000 > >KernelTime 00:06:48.468 > >Stack Init fffffadfc8c16de0 Current fffffadfc8c16d70 > >Base fffffadfc8c16fe0 Limit fffffadfc8c10fe0 Call 0 > >Priority 16 BasePriority 0 PriorityDecrement 0 > >Child-SP RetAddr : Args to Child : Call Site > >fffffadf`c8c16d48 fffffadf`c851c759 : fffff800`011b4940 fffffadf`ce8d5bf0 fffffadf`c8c16d70 fffffadf`cddfc740 : intelppm+0x3b42 > >fffffadf`c8c16d50 fffff800`0103190c : fffffadf`c886d600 fffff800`011b4901 fffffadf`c886d450 00000000`00000000 : intelppm+0x3759 > >fffffadf`c8c16d80 fffff800`01067b1e : fffffadf`c886b180 fffffadf`c886b180 fffffadf`c8873680 fffffadf`ce8d5bf0 : nt!PopProcessorIdle+0x114 > >fffffadf`c8c16db0 fffff800`014151d1 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiIdleLoop+0x1e > >fffffadf`c8c16de0 00000000`fffffadf : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemStartup+0x1bf > >fffffadf`c886d640 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00680000`00000000 : 0xfffffadf > > > >3: kd> !prcb 0 > >PRCB for Processor 0 at fffff800011b0180: > >Current IRQL -- 0 > >Threads-- Current fffff800011b4500 Next 0000000000000000 Idle fffff800011b4500 > >Number 0 SetMember 1 > >Interrupt Count -- 0000fe89 > >Times -- Dpc 00000002 Interrupt 0000016c > > Kernel 00006b10 User 0000005d > > > >3: kd> .thread fffff800011b4500 > >Implicit thread is now fffff800`011b4500 > > > >3: kd> !thread fffff800011b4500 > >THREAD fffff800011b4500 Cid 0000.0000 Teb: 0000000000000000 Win32Thread: 0000000000000000 RUNNING on processor 0 > >Not impersonating > >Owning Process fffff800011b4940 Image: Idle > >Attached Process N/A Image: N/A > >Wait Start TickCount 27257 Ticks: 244 (0:00:00:03.812) > >Context Switch Count 11857 > >UserTime 00:00:00.000 > >KernelTime 00:06:51.265 > >Stack Init fffff800004eee00 Current fffff800004eed90 > >Base fffff800004ef000 Limit fffff800004e9000 Call 0 > >Priority 16 BasePriority 0 PriorityDecrement 0 > >Child-SP RetAddr : Args to Child : Call Site > >fffff800`004eed68 fffffadf`c851c759 : fffff800`011b4940 fffffadf`ce8ba520 fffff800`004eed90 fffffadf`cddfc740 : intelppm+0x3b42 > >fffff800`004eed70 fffff800`0103190c : fffff800`004e8000 fffff800`011b4901 fffff800`011b2450 00000000`0005ffd4 : intelppm+0x3759 > >fffff800`004eeda0 fffff800`01067b1e : fffff800`011b0180 fffff800`011b0180 fffff800`011b4500 fffffadf`ce8ba520 : nt!PopProcessorIdle+0x114 > >fffff800`004eedd0 fffff800`014151d1 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiIdleLoop+0x1e > >fffff800`004eee00 00000000`fffff800 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemStartup+0x1bf > >fffff800`004e80b0 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00680000`00000000 : 0xfffff800 > > >All threads running on the processors 0,1,2 are idle process threads. > >Next command is to show states of all devices in the system. We are interested in device with ServiceName - "i8042prt". > > >3: kd> !devnode 0 1 > >Dumping IopRootDeviceNode (= 0xfffffadfce8fb7b0) > >DevNode 0xfffffadfce8fb7b0 for PDO 0xfffffadfce8fb9b0 > > InstancePath is "HTREE\ROOT\0" > > State = DeviceNodeStarted (0x308) > > Previous State = DeviceNodeEnumerateCompletion (0x30d) > > DevNode 0xfffffadfcde05010 for PDO 0xfffffadfce8fb5f0 > > InstancePath is "Root\ACPI_HAL\0000" > > State = DeviceNodeStarted (0x308) > > Previous State = DeviceNodeEnumerateCompletion (0x30d) > > DevNode 0xfffffadfcde01870 for PDO 0xfffffadfcde01480 > > InstancePath is "ACPI_HAL\PNP0C08\0" > > ServiceName is "ACPI" > > State = DeviceNodeStarted (0x308) > > Previous State = DeviceNodeEnumerateCompletion (0x30d) > > DevNode 0xfffffadfce8e0e40 for PDO 0xfffffadfce8e4330 > > InstancePath is "ACPI\GenuineIntel_-_EM64T_Family_6_Model_6\_0" > > ServiceName is "intelppm" > > State = DeviceNodeStarted (0x308) > > Previous State = DeviceNodeEnumerateCompletion (0x30d) > > DevNode 0xfffffadfce8e14e0 for PDO 0xfffffadfce8e2470 > > InstancePath is "ACPI\GenuineIntel_-_EM64T_Family_6_Model_6\_1" > > ServiceName is "intelppm" > > State = DeviceNodeStarted (0x308) > > Previous State = DeviceNodeEnumerateCompletion (0x30d) > > DevNode 0xfffffadfce8e1310 for PDO 0xfffffadfce8e2dd0 > > InstancePath is "ACPI\GenuineIntel_-_EM64T_Family_6_Model_6\_2" > > ServiceName is "intelppm" > > State = DeviceNodeStarted (0x308) > > Previous State = DeviceNodeEnumerateCompletion (0x30d) > > DevNode 0xfffffadfce8e1140 for PDO 0xfffffadfce8e2bd0 > > InstancePath is "ACPI\GenuineIntel_-_EM64T_Family_6_Model_6\_3" > > ServiceName is "intelppm" > > State = DeviceNodeStarted (0x308) > > Previous State = DeviceNodeEnumerateCompletion (0x30d) > > DevNode 0xfffffadfce775b00 for PDO 0xfffffadfce8e29d0 > > InstancePath is "ACPI\PNP0A03\1" > > ServiceName is "pci" > > State = DeviceNodeStarted (0x308) > > Previous State = DeviceNodeEnumerateCompletion (0x30d) > > DevNode 0xfffffadfce66b010 for PDO 0xfffffadfcdd8b060 > > InstancePath is "PCI\VEN_8086&DEV_1237&SUBSYS_00000000&REV_02\3&13c0b0c5&0&00" > > State = DeviceNodeStarted (0x308) > > Previous State = DeviceNodeEnumerateCompletion (0x30d) > > DevNode 0xfffffadfce66be40 for PDO 0xfffffadfcdd8bd40 > > InstancePath is "PCI\VEN_8086&DEV_7000&SUBSYS_00000000&REV_00\3&13c0b0c5&0&08" > > ServiceName is "isapnp" > > State = DeviceNodeStarted (0x308) > > Previous State = DeviceNodeEnumerateCompletion (0x30d) > > DevNode 0xfffffadfce8dec40 for PDO 0xfffffadfce8f58f0 > > InstancePath is "ACPI\PNP0B00\4&2c5a7332&0" > > State = DeviceNodeStarted (0x308) > > Previous State = DeviceNodeEnumerateCompletion (0x30d) > > DevNode 0xfffffadfce8dea70 for PDO 0xfffffadfce8f56f0 > > InstancePath is "ACPI\PNP0303\4&2c5a7332&0" > > ServiceName is "i8042prt" > > TargetDeviceNotify List - f 0xfffffa800057d320 b 0xfffffa800057d320 > > State = DeviceNodeStarted (0x308) > > Previous State = DeviceNodeEnumerateCompletion (0x30d) > > DevNode 0xfffffadfce8de8a0 for PDO 0xfffffadfce8f54f0 > > InstancePath is "ACPI\PNP0F13\4&2c5a7332&0" > > ServiceName is "i8042prt" > > TargetDeviceNotify List - f 0xfffffa8000d59f10 b 0xfffffa8000d59f10 > > State = DeviceNodeStarted (0x308) > > Previous State = DeviceNodeEnumerateCompletion (0x30d) > > DevNode 0xfffffadfce8de6d0 for PDO 0xfffffadfce8f52f0 > > InstancePath is "ACPI\PNP0700\4&2c5a7332&0" > > ServiceName is "fdc" > > State = DeviceNodeStarted (0x308) > > Previous State = DeviceNodeEnumerateCompletion (0x30d) > > DevNode 0xfffffadfce8de500 for PDO 0xfffffadfce8de060 > > InstancePath is "ACPI\PNP0400\4&2c5a7332&0" > > ServiceName is "Parport" > > State = DeviceNodeStarted (0x308) > > Previous State = DeviceNodeEnumerateCompletion (0x30d) > > DevNode 0xfffffadfcdb02a20 for PDO 0xfffffadfce281080 > > InstancePath is "LPTENUM\MicrosoftRawPort\5&34a37e9f&0&LPT1" > > State = DeviceNodeStarted (0x308) > > Previous State = DeviceNodeEnumerateCompletion (0x30d) > > DevNode 0xfffffadfce8de330 for PDO 0xfffffadfce8dee60 > > InstancePath is "ACPI\PNP0501\1" > > ServiceName is "Serial" > > State = DeviceNodeStarted (0x308) > > Previous State = DeviceNodeEnumerateCompletion (0x30d) > > DevNode 0xfffffadfce66bc70 for PDO 0xfffffadfcdd8ba20 > > InstancePath is "PCI\VEN_8086&DEV_7010&SUBSYS_11001AF4&REV_00\3&13c0b0c5&0&09" > > ServiceName is "intelide" > > State = DeviceNodeStarted (0x308) > > Previous State = DeviceNodeEnumerateCompletion (0x30d) > > DevNode 0xfffffadfce8ddb00 for PDO 0xfffffadfce8dfa00 > > InstancePath is "PCIIDE\IDEChannel\4&3084357f&0&0" > > ServiceName is "atapi" > > State = DeviceNodeStarted (0x308) > > Previous State = DeviceNodeEnumerateCompletion (0x30d) > > DevNode 0xfffffadfce8e0550 for PDO 0xfffffadfce4f8060 > > InstancePath is "IDE\DiskQEMU_HARDDISK___________________________0.9.1___\4d51303030302031202020202020202020202020" > > ServiceName is "disk" > > State = DeviceNodeStarted (0x308) > > Previous State = DeviceNodeEnumerateCompletion (0x30d) > > DevNode 0xfffffadfce64bb30 for PDO 0xfffffadfce8ddd20 > > InstancePath is "PCIIDE\IDEChannel\4&3084357f&0&1" > > ServiceName is "atapi" > > State = DeviceNodeStarted (0x308) > > Previous State = DeviceNodeEnumerateCompletion (0x30d) > > DevNode 0xfffffadfce8e0760 for PDO 0xfffffadfce668c30 > > InstancePath is "IDE\CdRomQEMU_QEMU_DVD-ROM_______________________0.9.____\4d51303030302033202020202020202020202020" > > ServiceName is "cdrom" > > TargetDeviceNotify List - f 0xfffffa800063f180 b 0xfffffa8000550560 > > State = DeviceNodeStarted (0x308) > > Previous State = DeviceNodeEnumerateCompletion (0x30d) > > DevNode 0xfffffadfce66baa0 for PDO 0xfffffadfcdd8b700 > > InstancePath is "PCI\VEN_8086&DEV_7020&SUBSYS_11001AF4&REV_01\3&13c0b0c5&0&0A" > > ServiceName is "usbuhci" > > State = DeviceNodeStarted (0x308) > > Previous State = DeviceNodeEnumerateCompletion (0x30d) > > DevNode 0xfffffadfce24ce40 for PDO 0xfffffadfce24c060 > > InstancePath is "USB\ROOT_HUB\4&192d568&0" > > ServiceName is "usbhub" > > State = DeviceNodeStarted (0x308) > > Previous State = DeviceNodeEnumerateCompletion (0x30d) > > DevNode 0xfffffadfcdb46d00 for PDO 0xfffffadfce339060 > > InstancePath is "USB\Vid_0627&Pid_0001\1" > > ServiceName is "HidUsb" > > State = DeviceNodeStarted (0x308) > > Previous State = DeviceNodeEnumerateCompletion (0x30d) > > DevNode 0xfffffadfcdbfde40 for PDO 0xfffffadfce00bb90 > > InstancePath is "HID\Vid_0627&Pid_0001\6&1cfc9ec5&0&0000" > > ServiceName is "mouhid" > > TargetDeviceNotify List - f 0xfffffa800057de10 b 0xfffffa800057de10 > > State = DeviceNodeStarted (0x308) > > Previous State = DeviceNodeEnumerateCompletion (0x30d) > > DevNode 0xfffffadfce66b8d0 for PDO 0xfffffadfcdd8b3e0 > > InstancePath is "PCI\VEN_1B36&DEV_0105&SUBSYS_11001AF4&REV_01\3&13c0b0c5&0&10" > > State = DeviceNodeInitialized (0x302) > > Previous State = DeviceNodeUninitialized (0x301) > > Problem = CM_PROB_NOT_CONFIGURED > > DevNode 0xfffffadfce66b700 for PDO 0xfffffadfce62b060 > > InstancePath is "PCI\VEN_1B36&DEV_0100&SUBSYS_11001AF4&REV_01\3&13c0b0c5&0&18" > > ServiceName is "qxl" > > State = DeviceNodeStarted (0x308) > > Previous State = DeviceNodeEnumerateCompletion (0x30d) > > DevNode 0xfffffadfce66b530 for PDO 0xfffffadfce62bd40 > > InstancePath is "PCI\VEN_10EC&DEV_8139&SUBSYS_11001AF4&REV_20\3&13c0b0c5&0&20" > > ServiceName is "rtl8139" > > State = DeviceNodeStarted (0x308) > > Previous State = DeviceNodeEnumerateCompletion (0x30d) > > DevNode 0xfffffadfce66b360 for PDO 0xfffffadfce62b8a0 > > InstancePath is "PCI\VEN_8086&DEV_2415&SUBSYS_00008086&REV_01\3&13c0b0c5&0&28" > > ServiceName is "ac97intc" > > State = DeviceNodeStarted (0x308) > > Previous State = DeviceNodeEnumerateCompletion (0x30d) > > DevNode 0xfffffadfce775930 for PDO 0xfffffadfce8e1700 > > InstancePath is "ACPI\FixedButton\2&daba3ff&0" > > State = DeviceNodeStarted (0x308) > > Previous State = DeviceNodeEnumerateCompletion (0x30d) > > DevNode 0xfffffadfcde05b00 for PDO 0xfffffadfcde05d20 > > InstancePath is "Root\dmio\0000" > > ServiceName is "dmio" > > State = DeviceNodeStarted (0x308) > > Previous State = DeviceNodeEnumerateCompletion (0x30d) > > DevNode 0xfffffadfcde05720 for PDO 0xfffffadfcde05940 > > InstancePath is "Root\ftdisk\0000" > > ServiceName is "ftdisk" > > State = DeviceNodeStarted (0x308) > > Previous State = DeviceNodeEnumerateCompletion (0x30d) > > DevNode 0xfffffadfcddf8e40 for PDO 0xfffffadfcdd89920 > > InstancePath is "STORAGE\Volume\1&30a96598&0&Signature5EAE5EAEOffset7E00Length4FF196400" > > ServiceName is "volsnap" > > TargetDeviceNotify List - f 0xfffffa80003a04e0 b 0xfffffa80003afd40 > > State = DeviceNodeStarted (0x308) > > Previous State = DeviceNodeEnumerateCompletion (0x30d) > > DevNode 0xfffffadfcde05340 for PDO 0xfffffadfcde05560 > > InstancePath is "Root\LEGACY_AFD\0000" > > ServiceName is "AFD" > > State = DeviceNodeStarted (0x308) > > Previous State = DeviceNodeEnumerateCompletion (0x30d) > > DevNode 0xfffffadfce774e40 for PDO 0xfffffadfce774060 > > InstancePath is "Root\LEGACY_BEEP\0000" > > ServiceName is "Beep" > > State = DeviceNodeStarted (0x308) > > Previous State = DeviceNodeEnumerateCompletion (0x30d) > > DevNode 0xfffffadfce774a60 for PDO 0xfffffadfce774c80 > > InstancePath is "Root\LEGACY_CDAC15BA\0000" > > ServiceName is "CdaC15BA" > > State = DeviceNodeStarted (0x308) > > Previous State = DeviceNodeEnumerateCompletion (0x30d) > > DevNode 0xfffffadfce774680 for PDO 0xfffffadfce7748a0 > > InstancePath is "Root\LEGACY_CDAD10BA\0000" > > ServiceName is "CdaD10BA" > > State = DeviceNodeStarted (0x308) > > Previous State = DeviceNodeEnumerateCompletion (0x30d) > > DevNode 0xfffffadfce7742a0 for PDO 0xfffffadfce7744c0 > > InstancePath is "Root\LEGACY_CRCDISK\0000" > > ServiceName is "crcdisk" > > State = DeviceNodeStarted (0x308) > > Previous State = DeviceNodeEnumerateCompletion (0x30d) > > DevNode 0xfffffadfce8fae40 for PDO 0xfffffadfce8fa060 > > InstancePath is "Root\LEGACY_DMBOOT\0000" > > ServiceName is "dmboot" > > State = DeviceNodeStarted (0x308) > > Previous State = DeviceNodeEnumerateCompletion (0x30d) > > DevNode 0xfffffadfce8faa60 for PDO 0xfffffadfce8fac80 > > InstancePath is "Root\LEGACY_DMLOAD\0000" > > ServiceName is "dmload" > > State = DeviceNodeStarted (0x308) > > Previous State = DeviceNodeEnumerateCompletion (0x30d) > > DevNode 0xfffffadfce8fa680 for PDO 0xfffffadfce8fa8a0 > > InstancePath is "Root\LEGACY_FIPS\0000" > > ServiceName is "Fips" > > State = DeviceNodeStarted (0x308) > > Previous State = DeviceNodeEnumerateCompletion (0x30d) > > DevNode 0xfffffadfce8fa2a0 for PDO 0xfffffadfce8fa4c0 > > InstancePath is "Root\LEGACY_GPC\0000" > > ServiceName is "Gpc" > > State = DeviceNodeStarted (0x308) > > Previous State = DeviceNodeEnumerateCompletion (0x30d) > > DevNode 0xfffffadfcde04e40 for PDO 0xfffffadfcde04060 > > InstancePath is "Root\LEGACY_IPNAT\0000" > > ServiceName is "IpNat" > > State = DeviceNodeStarted (0x308) > > Previous State = DeviceNodeEnumerateCompletion (0x30d) > > DevNode 0xfffffadfcde04a60 for PDO 0xfffffadfcde04c80 > > InstancePath is "Root\LEGACY_IPSEC\0000" > > ServiceName is "IPSec" > > State = DeviceNodeStarted (0x308) > > Previous State = DeviceNodeEnumerateCompletion (0x30d) > > DevNode 0xfffffadfcde04680 for PDO 0xfffffadfcde048a0 > > InstancePath is "Root\LEGACY_KSECDD\0000" > > ServiceName is "ksecdd" > > State = DeviceNodeStarted (0x308) > > Previous State = DeviceNodeEnumerateCompletion (0x30d) > > DevNode 0xfffffadfcde042a0 for PDO 0xfffffadfcde044c0 > > InstancePath is "Root\LEGACY_MNMDD\0000" > > ServiceName is "mnmdd" > > State = DeviceNodeStarted (0x308) > > Previous State = DeviceNodeEnumerateCompletion (0x30d) > > DevNode 0xfffffadfce773e40 for PDO 0xfffffadfce773060 > > InstancePath is "Root\LEGACY_MOUNTMGR\0000" > > ServiceName is "mountmgr" > > State = DeviceNodeStarted (0x308) > > Previous State = DeviceNodeEnumerateCompletion (0x30d) > > DevNode 0xfffffadfce773a60 for PDO 0xfffffadfce773c80 > > InstancePath is "Root\LEGACY_NDIS\0000" > > ServiceName is "NDIS" > > State = DeviceNodeStarted (0x308) > > Previous State = DeviceNodeEnumerateCompletion (0x30d) > > DevNode 0xfffffadfce773680 for PDO 0xfffffadfce7738a0 > > InstancePath is "Root\LEGACY_NDISTAPI\0000" > > ServiceName is "NdisTapi" > > State = DeviceNodeStarted (0x308) > > Previous State = DeviceNodeEnumerateCompletion (0x30d) > > DevNode 0xfffffadfce7732a0 for PDO 0xfffffadfce7734c0 > > InstancePath is "Root\LEGACY_NDISUIO\0000" > > ServiceName is "Ndisuio" > > State = DeviceNodeStarted (0x308) > > Previous State = DeviceNodeEnumerateCompletion (0x30d) > > DevNode 0xfffffadfce8f9e40 for PDO 0xfffffadfce8f9060 > > InstancePath is "Root\LEGACY_NDPROXY\0000" > > ServiceName is "NDProxy" > > State = DeviceNodeStarted (0x308) > > Previous State = DeviceNodeEnumerateCompletion (0x30d) > > DevNode 0xfffffadfce8f9a60 for PDO 0xfffffadfce8f9c80 > > InstancePath is "Root\LEGACY_NETBT\0000" > > ServiceName is "NetBT" > > State = DeviceNodeStarted (0x308) > > Previous State = DeviceNodeEnumerateCompletion (0x30d) > > DevNode 0xfffffadfce8f9680 for PDO 0xfffffadfce8f98a0 > > InstancePath is "Root\LEGACY_NULL\0000" > > ServiceName is "Null" > > State = DeviceNodeStarted (0x308) > > Previous State = DeviceNodeEnumerateCompletion (0x30d) > > DevNode 0xfffffadfce8f92a0 for PDO 0xfffffadfce8f94c0 > > InstancePath is "Root\LEGACY_PARTMGR\0000" > > ServiceName is "PartMgr" > > State = DeviceNodeStarted (0x308) > > Previous State = DeviceNodeEnumerateCompletion (0x30d) > > DevNode 0xfffffadfcde03e40 for PDO 0xfffffadfcde03060 > > InstancePath is "Root\LEGACY_RASACD\0000" > > ServiceName is "RasAcd" > > State = DeviceNodeStarted (0x308) > > Previous State = DeviceNodeEnumerateCompletion (0x30d) > > DevNode 0xfffffadfcde03a60 for PDO 0xfffffadfcde03c80 > > InstancePath is "Root\LEGACY_RDPCDD\0000" > > ServiceName is "RDPCDD" > > State = DeviceNodeStarted (0x308) > > Previous State = DeviceNodeEnumerateCompletion (0x30d) > > DevNode 0xfffffadfcde03680 for PDO 0xfffffadfcde038a0 > > InstancePath is "Root\LEGACY_RDPWD\0000" > > ServiceName is "RDPWD" > > State = DeviceNodeStarted (0x308) > > Previous State = DeviceNodeEnumerateCompletion (0x30d) > > DevNode 0xfffffadfcde032a0 for PDO 0xfffffadfcde034c0 > > InstancePath is "Root\LEGACY_SECDRV\0000" > > ServiceName is "Secdrv" > > State = DeviceNodeStarted (0x308) > > Previous State = DeviceNodeEnumerateCompletion (0x30d) > > DevNode 0xfffffadfce772e40 for PDO 0xfffffadfce772060 > > InstancePath is "Root\LEGACY_TCPIP\0000" > > ServiceName is "Tcpip" > > State = DeviceNodeStarted (0x308) > > Previous State = DeviceNodeEnumerateCompletion (0x30d) > > DevNode 0xfffffadfce772a60 for PDO 0xfffffadfce772c80 > > InstancePath is "Root\LEGACY_TDTCP\0000" > > ServiceName is "TDTCP" > > State = DeviceNodeStarted (0x308) > > Previous State = DeviceNodeEnumerateCompletion (0x30d) > > DevNode 0xfffffadfce772680 for PDO 0xfffffadfce7728a0 > > InstancePath is "Root\LEGACY_VGASAVE\0000" > > ServiceName is "VgaSave" > > State = DeviceNodeStarted (0x308) > > Previous State = DeviceNodeEnumerateCompletion (0x30d) > > DevNode 0xfffffadfce7722a0 for PDO 0xfffffadfce7724c0 > > InstancePath is "Root\LEGACY_VOLSNAP\0000" > > ServiceName is "VolSnap" > > State = DeviceNodeStarted (0x308) > > Previous State = DeviceNodeEnumerateCompletion (0x30d) > > DevNode 0xfffffadfce8f8e40 for PDO 0xfffffadfce8f8060 > > InstancePath is "Root\LEGACY_WANARP\0000" > > ServiceName is "Wanarp" > > State = DeviceNodeStarted (0x308) > > Previous State = DeviceNodeEnumerateCompletion (0x30d) > > DevNode 0xfffffadfce8f8a60 for PDO 0xfffffadfce8f8c80 > > InstancePath is "Root\MEDIA\MS_MMACM" > > ServiceName is "audstub" > > State = DeviceNodeStarted (0x308) > > Previous State = DeviceNodeEnumerateCompletion (0x30d) > > DevNode 0xfffffadfce8f8680 for PDO 0xfffffadfce8f88a0 > > InstancePath is "Root\MEDIA\MS_MMDRV" > > ServiceName is "audstub" > > State = DeviceNodeStarted (0x308) > > Previous State = DeviceNodeEnumerateCompletion (0x30d) > > DevNode 0xfffffadfce8f82a0 for PDO 0xfffffadfce8f84c0 > > InstancePath is "Root\MEDIA\MS_MMMCI" > > ServiceName is "audstub" > > State = DeviceNodeStarted (0x308) > > Previous State = DeviceNodeEnumerateCompletion (0x30d) > > DevNode 0xfffffadfcde02e40 for PDO 0xfffffadfcde02060 > > InstancePath is "Root\MEDIA\MS_MMVCD" > > ServiceName is "audstub" > > State = DeviceNodeStarted (0x308) > > Previous State = DeviceNodeEnumerateCompletion (0x30d) > > DevNode 0xfffffadfcde02a60 for PDO 0xfffffadfcde02c80 > > InstancePath is "Root\MEDIA\MS_MMVID" > > ServiceName is "audstub" > > State = DeviceNodeStarted (0x308) > > Previous State = DeviceNodeEnumerateCompletion (0x30d) > > DevNode 0xfffffadfcde02680 for PDO 0xfffffadfcde028a0 > > InstancePath is "Root\MS_L2TPMINIPORT\0000" > > ServiceName is "Rasl2tp" > > State = DeviceNodeStarted (0x308) > > Previous State = DeviceNodeEnumerateCompletion (0x30d) > > DevNode 0xfffffadfcde022a0 for PDO 0xfffffadfcde024c0 > > InstancePath is "Root\MS_NDISWANIP\0000" > > ServiceName is "NdisWan" > > State = DeviceNodeStarted (0x308) > > Previous State = DeviceNodeEnumerateCompletion (0x30d) > > DevNode 0xfffffadfce771e40 for PDO 0xfffffadfce771060 > > InstancePath is "Root\MS_PPPOEMINIPORT\0000" > > ServiceName is "RasPppoe" > > State = DeviceNodeStarted (0x308) > > Previous State = DeviceNodeEnumerateCompletion (0x30d) > > DevNode 0xfffffadfce771a60 for PDO 0xfffffadfce771c80 > > InstancePath is "Root\MS_PPTPMINIPORT\0000" > > ServiceName is "PptpMiniport" > > State = DeviceNodeStarted (0x308) > > Previous State = DeviceNodeEnumerateCompletion (0x30d) > > DevNode 0xfffffadfce771680 for PDO 0xfffffadfce7718a0 > > InstancePath is "Root\MS_PTIMINIPORT\0000" > > ServiceName is "Raspti" > > State = DeviceNodeStarted (0x308) > > Previous State = DeviceNodeEnumerateCompletion (0x30d) > > DevNode 0xfffffadfce7712a0 for PDO 0xfffffadfce7714c0 > > InstancePath is "Root\RDPDR\0000" > > ServiceName is "rdpdr" > > State = DeviceNodeStarted (0x308) > > Previous State = DeviceNodeEnumerateCompletion (0x30d) > > DevNode 0xfffffadfce8f7e40 for PDO 0xfffffadfce8f7060 > > InstancePath is "Root\RDP_KBD\0000" > > ServiceName is "TermDD" > > TargetDeviceNotify List - f 0xfffffa8000d533b0 b 0xfffffa8000d533b0 > > State = DeviceNodeStarted (0x308) > > Previous State = DeviceNodeEnumerateCompletion (0x30d) > > DevNode 0xfffffadfce8f7a60 for PDO 0xfffffadfce8f7c80 > > InstancePath is "Root\RDP_MOU\0000" > > ServiceName is "TermDD" > > TargetDeviceNotify List - f 0xfffffa8000579270 b 0xfffffa8000579270 > > State = DeviceNodeStarted (0x308) > > Previous State = DeviceNodeEnumerateCompletion (0x30d) > > DevNode 0xfffffadfce8f7680 for PDO 0xfffffadfce8f78a0 > > InstancePath is "Root\SYSTEM\0000" > > ServiceName is "swenum" > > State = DeviceNodeStarted (0x308) > > Previous State = DeviceNodeEnumerateCompletion (0x30d) > > DevNode 0xfffffadfcd6369f0 for PDO 0xfffffadfcdbbba90 > > InstancePath is "SW\{a7c7a5b0-5af3-11d1-9ced-00a024bf0407}\{9B365890-165F-11D0-A195-0020AFD156E4}" > > ServiceName is "sysaudio" > > State = DeviceNodeStarted (0x308) > > Previous State = DeviceNodeEnumerateCompletion (0x30d) > > DevNode 0xfffffadfcdbbe9a0 for PDO 0xfffffadfcdbbebc0 > > InstancePath is "SW\{2f412ab5-ed3a-4590-ab24-b0ce2aa77d3c}\{9B365890-165F-11D0-A195-0020AFD156E4}" > > ServiceName is "splitter" > > State = DeviceNodeStarted (0x308) > > Previous State = DeviceNodeEnumerateCompletion (0x30d) > > DevNode 0xfffffadfcdb656d0 for PDO 0xfffffadfcdb658f0 > > InstancePath is "SW\{4245ff73-1db4-11d2-86e4-98ae20524153}\{9B365890-165F-11D0-A195-0020AFD156E4}" > > ServiceName is "aec" > > State = DeviceNodeStarted (0x308) > > Previous State = DeviceNodeEnumerateCompletion (0x30d) > > DevNode 0xfffffadfce37d6b0 for PDO 0xfffffadfce330550 > > InstancePath is "SW\{6c1b9f60-c0a9-11d0-96d8-00aa0051e51d}\{9B365890-165F-11D0-A195-0020AFD156E4}" > > ServiceName is "swmidi" > > State = DeviceNodeStarted (0x308) > > Previous State = DeviceNodeEnumerateCompletion (0x30d) > > DevNode 0xfffffadfcdf12010 for PDO 0xfffffadfce2f59b0 > > InstancePath is "SW\{b7eafdc0-a680-11d0-96d8-00aa0051e51d}\{9B365890-165F-11D0-A195-0020AFD156E4}" > > ServiceName is "kmixer" > > State = DeviceNodeStarted (0x308) > > Previous State = DeviceNodeEnumerateCompletion (0x30d) > > DevNode 0xfffffadfce8f72a0 for PDO 0xfffffadfce8f74c0 > > InstancePath is "Root\SYSTEM\0001" > > ServiceName is "update" > > State = DeviceNodeStarted (0x308) > > Previous State = DeviceNodeEnumerateCompletion (0x30d) > > DevNode 0xfffffadfcde01e40 for PDO 0xfffffadfcde01060 > > InstancePath is "Root\SYSTEM\0002" > > ServiceName is "mssmbios" > > State = DeviceNodeStarted (0x308) > > Previous State = DeviceNodeEnumerateCompletion (0x30d) > >So devnodes we are interested in are : > > DevNode 0xfffffadfce8dea70 for PDO 0xfffffadfce8f56f0 > > InstancePath is "ACPI\PNP0303\4&2c5a7332&0" > > ServiceName is "i8042prt" > > TargetDeviceNotify List - f 0xfffffa800057d320 b 0xfffffa800057d320 > > State = DeviceNodeStarted (0x308) > > Previous State = DeviceNodeEnumerateCompletion (0x30d) >and > > DevNode 0xfffffadfce8de8a0 for PDO 0xfffffadfce8f54f0 > > InstancePath is "ACPI\PNP0F13\4&2c5a7332&0" > > ServiceName is "i8042prt" > > TargetDeviceNotify List - f 0xfffffa8000d59f10 b 0xfffffa8000d59f10 > > State = DeviceNodeStarted (0x308) > > Previous State = DeviceNodeEnumerateCompletion (0x30d) > > > > >3: kd> !devnode 0xfffffadfce8dea70 > >DevNode 0xfffffadfce8dea70 for PDO 0xfffffadfce8f56f0 > > Parent 0xfffffadfce66be40 Sibling 0xfffffadfce8de8a0 Child 0000000000 > > InstancePath is "ACPI\PNP0303\4&2c5a7332&0" > > ServiceName is "i8042prt" > > TargetDeviceNotify List - f 0xfffffa800057d320 b 0xfffffa800057d320 > > State = DeviceNodeStarted (0x308) > > Previous State = DeviceNodeEnumerateCompletion (0x30d) > > StateHistory[07] = DeviceNodeEnumerateCompletion (0x30d) > > StateHistory[06] = DeviceNodeStarted (0x308) > > StateHistory[05] = DeviceNodeStartPostWork (0x307) > > StateHistory[04] = DeviceNodeStartCompletion (0x306) > > StateHistory[03] = DeviceNodeResourcesAssigned (0x304) > > StateHistory[02] = DeviceNodeDriversAdded (0x303) > > StateHistory[01] = DeviceNodeInitialized (0x302) > > StateHistory[00] = DeviceNodeUninitialized (0x301) > > StateHistory[19] = Unknown State (0x0) > > StateHistory[18] = Unknown State (0x0) > > StateHistory[17] = Unknown State (0x0) > > StateHistory[16] = Unknown State (0x0) > > StateHistory[15] = Unknown State (0x0) > > StateHistory[14] = Unknown State (0x0) > > StateHistory[13] = Unknown State (0x0) > > StateHistory[12] = Unknown State (0x0) > > StateHistory[11] = Unknown State (0x0) > > StateHistory[10] = Unknown State (0x0) > > StateHistory[09] = Unknown State (0x0) > > StateHistory[08] = Unknown State (0x0) > > Flags (0x000000f0) DNF_ENUMERATED, DNF_IDS_QUERIED, > > DNF_HAS_BOOT_CONFIG, DNF_BOOT_CONFIG_RESERVED > > UserFlags (0x00000008) DNUF_NOT_DISABLEABLE > > CapabilityFlags (0x00000080) SilentInstall > > DisableableDepends = 1 (including self) > > >3: kd> !devnode 0xfffffadfce8de8a0 > >DevNode 0xfffffadfce8de8a0 for PDO 0xfffffadfce8f54f0 > > Parent 0xfffffadfce66be40 Sibling 0xfffffadfce8de6d0 Child 0000000000 > > InstancePath is "ACPI\PNP0F13\4&2c5a7332&0" > > ServiceName is "i8042prt" > > TargetDeviceNotify List - f 0xfffffa8000d59f10 b 0xfffffa8000d59f10 > > State = DeviceNodeStarted (0x308) > > Previous State = DeviceNodeEnumerateCompletion (0x30d) > > StateHistory[07] = DeviceNodeEnumerateCompletion (0x30d) > > StateHistory[06] = DeviceNodeStarted (0x308) > > StateHistory[05] = DeviceNodeStartPostWork (0x307) > > StateHistory[04] = DeviceNodeStartCompletion (0x306) > > StateHistory[03] = DeviceNodeResourcesAssigned (0x304) > > StateHistory[02] = DeviceNodeDriversAdded (0x303) > > StateHistory[01] = DeviceNodeInitialized (0x302) > > StateHistory[00] = DeviceNodeUninitialized (0x301) > > StateHistory[19] = Unknown State (0x0) > > StateHistory[18] = Unknown State (0x0) > > StateHistory[17] = Unknown State (0x0) > > StateHistory[16] = Unknown State (0x0) > > StateHistory[15] = Unknown State (0x0) > > StateHistory[14] = Unknown State (0x0) > > StateHistory[13] = Unknown State (0x0) > > StateHistory[12] = Unknown State (0x0) > > StateHistory[11] = Unknown State (0x0) > > StateHistory[10] = Unknown State (0x0) > > StateHistory[09] = Unknown State (0x0) > > StateHistory[08] = Unknown State (0x0) > > Flags (0x000000f0) DNF_ENUMERATED, DNF_IDS_QUERIED, > > DNF_HAS_BOOT_CONFIG, DNF_BOOT_CONFIG_RESERVED > > UserFlags (0x00000008) DNUF_NOT_DISABLEABLE > > CapabilityFlags (0x00000080) SilentInstall > > DisableableDepends = 1 (including self) > >To check device's stack we have to use !devstack command with PDO of each device. > > >3: kd> !devstack 0xfffffadfce8f56f0 > > !DevObj !DrvObj !DevExt ObjectName > > fffffadfce4753e0 \Driver\Kbdclass fffffadfce475530 KeyboardClass0 > > fffffadfce493980 \Driver\i8042prt fffffadfce493ad0 > >> fffffadfce8f56f0 \Driver\ACPI fffffadfce8e3280 00000042 > >!DevNode fffffadfce8dea70 : > > DeviceInst is "ACPI\PNP0303\4&2c5a7332&0" > > ServiceName is "i8042prt" > > >3: kd> !devstack 0xfffffadfce8f54f0 > > !DevObj !DrvObj !DevExt ObjectName > > fffffadfce4743f0 \Driver\Mouclass fffffadfce474540 PointerClass0 > > fffffadfcdca6a10 \Driver\i8042prt fffffadfcdca6b60 > >> fffffadfce8f54f0 \Driver\ACPI fffffadfcddfcdb0 00000043 > >!DevNode fffffadfce8de8a0 : > > DeviceInst is "ACPI\PNP0F13\4&2c5a7332&0" > > ServiceName is "i8042prt" > >Device stack in both cases have no additional filter drivers in it. > > >Another way to check info about interested devices is to use !drvobj command. > > >3: kd> !drvobj \Driver\i8042prt > >Driver object (fffffadfce474e70) is for: > > \Driver\i8042prt > >Driver Extension List: (id , addr) > > > >Device Object list: > >fffffadfcdca6a10 fffffadfce493980 > > > >3: kd> !devobj fffffadfcdca6a10 > >Device object (fffffadfcdca6a10) is for: > > \Driver\i8042prt DriverObject fffffadfce474e70 > >Current Irp 00000000 RefCount 0 Type 00000027 Flags 00002004 > >DevExt fffffadfcdca6b60 DevObjExt fffffadfcdca6fa8 > >ExtensionFlags (0000000000) > >AttachedDevice (Upper) fffffadfce4743f0 \Driver\Mouclass > >AttachedTo (Lower) fffffadfce8f54f0 \Driver\ACPI > >Device queue is not busy. > > > >3: kd> !devobj fffffadfce493980 > >Device object (fffffadfce493980) is for: > > \Driver\i8042prt DriverObject fffffadfce474e70 > >Current Irp 00000000 RefCount 0 Type 00000027 Flags 00002004 > >DevExt fffffadfce493ad0 DevObjExt fffffadfce493f18 > >ExtensionFlags (0000000000) > >AttachedDevice (Upper) fffffadfce4753e0 \Driver\Kbdclass > >AttachedTo (Lower) fffffadfce8f56f0 \Driver\ACPI > >Device queue is not busy. > > >As we know that BSOD happened in power dispatch routine of the driver we can use !podev, !poaction, !poreqlist commands to find additional info >connected to the power treatment. > > >3: kd> !podev fffffadf`cdca6a10 > >Device object is for: > > DriverObject ce474e70 > >Current Irp 00000000 RefCount 0 Type 00000000 AttachedDev fffffadfce4743f0 DevFlags 00002004 DO_POWER_PAGABLE > >Device queue is not busy. > >Device Object Extension: fffffadfcdca6fa8: > >PowerFlags: 00000400 =>SystemState=0 DeviceState=0 dvact > >Dope: 00000000: > > > >3: kd> !podev fffffadf`ce493980 > >Device object is for: > > DriverObject ce474e70 > >Current Irp 00000000 RefCount 0 Type 00000000 AttachedDev fffffadfce4753e0 DevFlags 00002004 DO_POWER_PAGABLE > >Device queue is not busy. > >Device Object Extension: fffffadfce493f18: > >PowerFlags: 00000400 =>SystemState=0 DeviceState=0 dvact > >Dope: 00000000: > > > >For both devices ( PS2 keyboard and mouse ) set ( in the AddDevice() ) flag DO_POWER_PAGABLE as !podev shows. >The flag tell the I/O Manager to run power functions of the driver on PASSIVE_LEVEL only. > >From http://read.pudn.com/downloads170/sourcecode/windows/vxd/788080/pnpi8042/pnp.c__.htm ( undocumented sources from >http://www.pudn.com/downloads170/sourcecode/windows/vxd/detail788080.html ) possible to see >the line 167 > device->Flags |= DO_POWER_PAGABLE; > >in the I8xAddDevice() routine. >In addition from lines 23-33 in the same source, possible to see from that function >I8xPower is paged function so have to be called on the PASSIVE_LEVEL only. > >#ifdef ALLOC_PRAGMA >#pragma alloc_text(PAGE, I8xAddDevice) >#pragma alloc_text(PAGE, I8xFilterResourceRequirements) >#pragma alloc_text(PAGE, I8xFindPortCallout) >#pragma alloc_text(PAGE, I8xManuallyRemoveDevice) >#pragma alloc_text(PAGE, I8xPnP) >#pragma alloc_text(PAGE, I8xPower) >#pragma alloc_text(PAGE, I8xRegisterDeviceInterface) >#pragma alloc_text(PAGE, I8xRemovePort) >#pragma alloc_text(PAGE, I8xSendIrpSynchronously) >#endif > >Additional four non-paged functions ( those have to be called on DISPATCH_LEVEL only ) in pnp.c are: >I8xPnPComplete >I8xSetPowerFlag >I8xCheckPowerFlag >I8xPowerUpToD0Complete > >3: kd> !poaction > >PopAction: fffff800011cc5c0 > > State..........: 3 - Set System State > > Updates........: 0 SHUTDOWN-set > > Action.........: ShutdownReset > > Lightest State.: Shutdown > > Flags..........: c0000004 OverrideApps|DisableWakes|Critical > > Irp minor......: SetPower > > System State...: Shutdown > > Hiber Context..: 0000000000000000 > > > >Device State fffffadfce2d0450 > > Irp minor......: SetPower > > System State...: Shutdown > > Worker thread..: fffffadfce8d57a0 > > Status.........: 0 > > Waking.........: FALSE > > Cancelled......: FALSE > > Ignore errors..: TRUE > > Ignore not imp.: TRUE > > Wait any.......: FALSE > > Wait all.......: FALSE > > Present Irp Q..: > > > >Order: > >Level 7 (fffffadfce2d0818) 0/19 Paged, Root-Enum > >Level 5 (fffffadfce2d0718) 11/14 Paged, PnP > > WaitSleep: > > fffffadfce3f0350: fffffadfce24ce40 \Driver\usbhub \Device\00000050 > > fffffadfcdb6b840: fffffadfcdb46d00 \Driver\hidusb \Device\_HID00000000 > >Level 4 (fffffadfce2d0698) 0/1 Paged, PnP, Video > > ReadySleep: > > fffffadfcdba50e0: fffffadfce66b700 \Driver\qxl \Device\Video0 > >Level 3 (fffffadfce2d0618) 0/35 Non-Paged, Root-Enum > > WaitSleep: > > fffffadfce3d96b0: fffffadfcde05720 \Driver\Ftdisk \Device\FtControl > > ReadySleep: > > fffffadfcdc75c40: fffffadfcde05b00 \Driver\dmio \Device\DmControl\DmPnP > > fffffadfcdc74010: fffffadfcddf8e40 \Driver\VolSnap > > fffffadfcdc0d2f0: fffffadfcde05340 \Driver\PnpManager \Device\00000004 > > fffffadfce353e90: fffffadfce774e40 \Driver\PnpManager \Device\00000005 > > fffffadfce450b50: fffffadfce774a60 \Driver\PnpManager \Device\00000006 > > fffffadfce30cc90: fffffadfce774680 \Driver\PnpManager \Device\00000007 > > fffffadfce3562e0: fffffadfce7742a0 \Driver\PnpManager \Device\00000008 > > fffffadfcd686010: fffffadfce8fae40 \Driver\PnpManager \Device\00000009 > > fffffadfce383a90: fffffadfce8faa60 \Driver\PnpManager \Device\0000000a > > fffffadfcdc261c0: fffffadfce8fa680 \Driver\PnpManager \Device\0000000b > > fffffadfcdd292e0: fffffadfce8fa2a0 \Driver\PnpManager \Device\0000000c > > fffffadfce414070: fffffadfcde04e40 \Driver\PnpManager \Device\0000000d > > fffffadfcdf44480: fffffadfcde04a60 \Driver\PnpManager \Device\0000000e > > fffffadfcdf440b0: fffffadfcde04680 \Driver\PnpManager \Device\0000000f > > fffffadfce44d4a0: fffffadfcde042a0 \Driver\PnpManager \Device\00000010 > > fffffadfce3d7bc0: fffffadfce773e40 \Driver\PnpManager \Device\00000011 > > fffffadfce4915f0: fffffadfce773a60 \Driver\PnpManager \Device\00000012 > > fffffadfce3bd890: fffffadfce773680 \Driver\PnpManager \Device\00000013 > > fffffadfcd6a0fb0: fffffadfce7732a0 \Driver\PnpManager \Device\00000014 > > fffffadfcdd29220: fffffadfce8f9e40 \Driver\PnpManager \Device\00000015 > > fffffadfcd6a06d0: fffffadfce8f9a60 \Driver\PnpManager \Device\00000016 > > fffffadfce33b720: fffffadfce8f9680 \Driver\PnpManager \Device\00000017 > > fffffadfcdf363f0: fffffadfce8f92a0 \Driver\PnpManager \Device\00000018 > > fffffadfce2ff3a0: fffffadfcde03e40 \Driver\PnpManager \Device\00000019 > > fffffadfcdb49730: fffffadfcde03a60 \Driver\PnpManager \Device\0000001a > > fffffadfce308170: fffffadfcde03680 \Driver\PnpManager \Device\0000001b > > fffffadfce43d010: fffffadfcde032a0 \Driver\PnpManager \Device\0000001c > > fffffadfce490950: fffffadfce772e40 \Driver\PnpManager \Device\0000001d > > fffffadfce490890: fffffadfce772a60 \Driver\PnpManager \Device\0000001e > > fffffadfce3c8b60: fffffadfce772680 \Driver\PnpManager \Device\0000001f > > fffffadfce429700: fffffadfce7722a0 \Driver\PnpManager \Device\00000020 > > fffffadfcdc4f690: fffffadfce8f8e40 \Driver\PnpManager \Device\00000021 > > fffffadfce418260: fffffadfce7712a0 \Driver\rdpdr \Device\RdpDrDvMgr > > fffffadfce3d0f20: fffffadfcde01e40 \Driver\mssmbios > >Level 1 (fffffadfce2d0518) 0/15 Non-Paged, PnP > > WaitSleep: > > fffffadfce3d1c70: fffffadfcde05010 \Driver\ACPI_HAL > > fffffadfcdca93d0: fffffadfcde01870 \Driver\ACPI > > fffffadfce34e060: fffffadfce775b00 \Driver\PCI > > fffffadfcdb4fca0: fffffadfce66baa0 \Driver\usbuhci \Device\USBFDO-0 > > fffffadfcdc01480: fffffadfce66bc70 \Driver\IntelIde \Device\Ide\PciIde0 > > fffffadfce3a1090: fffffadfce8ddb00 \Driver\atapi \Device\Ide\IdePort0 > > fffffadfce307390: fffffadfce66be40 \Driver\isapnp > > fffffadfce4240c0: fffffadfce8de500 \Driver\Parport \Device\ParallelPort0 > > ReadySleep: > > fffffadfcdc29400: fffffadfce775930 \Driver\ACPI \Device\00000039 > > fffffadfcd632a50: fffffadfce66b8d0 \Driver\ACPI \Device\0000003f > > fffffadfcdc65090: fffffadfce8e0550 \Driver\PartMgr > > fffffadfcd9ef830: fffffadfcdb02a20 \Driver\Parport \Device\Parallel0 > > fffffadfcdc4e080: fffffadfce8dec40 \Driver\ACPI \Device\00000041 > > fffffadfce374ae0: fffffadfce66b010 \Driver\PCI \Device\NTPNP_PCI0000 > > fffffadfcdc8c010: fffffadfce64bb30 \Driver\atapi \Device\Ide\IdePort1 > > > >Pending irps: > > Irp: fffffadfce419010 Notify 00000000 > > Irp: fffffadfcdba3cf0 Notify 00000000 > > Irp: fffffadfcd63b2e0 Notify 00000000 > > Irp: fffffadfcdc4ca70 Notify 00000000 > > Irp: fffffadfcdbd8cf0 Notify 00000000 > > Irp: fffffadfce36a6f0 Notify 00000000 > > Irp: fffffadfce2cf390 Notify 00000000 > > Irp: fffffadfcdb856b0 Notify 00000000 > > Irp: fffffadfcdb743d0 Notify 00000000 > > > >Completed irps: > > Irp: fffffadfcdc53010 Notify 00000000 > > Irp: fffffadfce2be010 Notify 00000000 > > > > > >3: kd> !irp fffffadfce2be010 > >Irp is active with 3 stacks 4 is current (= 0xfffffadfce2be1b8) > > No Mdl: No System Buffer: Thread 00000000: Irp is completed. Pending has been returned > > cmd flg cl Device File Completion-Context > > [ 0, 0] 0 0 00000000 00000000 00000000-00000000 > > > > Args: 00000000 00000000 00000000 00000000 > > [ 16, 0] 0 0 fffffadfce668c30 00000000 fffffadfc8240100-00000000 > > \Driver\atapi CLASSPNP!ClasspStartNextPowerIrpCompletion > > Args: 00000000 00000000 00000000 00000005 > > [ 16, 0] 0 0 fffffadfce48c060 00000000 fffff800013db360-fffffadfce2d0a78 > > \Driver\Cdrom nt!PopCompleteSystemPowerIrp > > Args: 00000000 00000000 00000000 00000005 > > >3: kd> !irp fffffadfcdc53010 > >Irp is active with 3 stacks 4 is current (= 0xfffffadfcdc531b8) > > No Mdl: No System Buffer: Thread 00000000: Irp is completed. Pending has been returned > > cmd flg cl Device File Completion-Context > > [ 0, 0] 0 0 00000000 00000000 00000000-00000000 > > > > Args: 00000000 00000000 00000000 00000000 > > [ 0, 0] 0 0 00000000 00000000 00000000-00000000 > > > > Args: 00000000 00000000 00000000 00000000 > > [ 16, 0] 0 0 fffffadfce62bd40 00000000 fffff800013db360-fffffadfce2d09c8 > > \Driver\PCI nt!PopCompleteSystemPowerIrp > > Args: 00000000 00000000 00000000 00000005 > > >3: kd> !irp fffffadfce419010 > >Irp is active with 7 stacks 7 is current (= 0xfffffadfce419290) > > No Mdl: No System Buffer: Thread 00000000: Irp stack trace. > > cmd flg cl Device File Completion-Context > > [ 0, 0] 0 0 00000000 00000000 00000000-00000000 > > > > Args: 00000000 00000000 00000000 00000000 > > [ 0, 0] 0 0 00000000 00000000 00000000-00000000 > > > > Args: 00000000 00000000 00000000 00000000 > > [ 0, 0] 0 0 00000000 00000000 00000000-00000000 > > > > Args: 00000000 00000000 00000000 00000000 > > [ 0, 0] 0 0 00000000 00000000 00000000-00000000 > > > > Args: 00000000 00000000 00000000 00000000 > > [ 0, 0] 0 0 00000000 00000000 00000000-00000000 > > > > Args: 00000000 00000000 00000000 00000000 > > [ 0, 0] 0 0 00000000 00000000 00000000-00000000 > > > > Args: 00000000 00000000 00000000 00000000 > >>[ 16, 2] 0 e1 fffffadfce3b0060 00000000 fffff800013db360-fffffadfce2d0a20 Success Error Cancel pending > > \Driver\Mouclass nt!PopCompleteSystemPowerIrp > > Args: 00000000 00000000 00000006 00000005 > > >3: kd> !irp fffffadfcdba3cf0 > >Irp is active with 7 stacks 6 is current (= 0xfffffadfcdba3f28) > > No Mdl: No System Buffer: Thread 00000000: Irp stack trace. Pending has been returned > > cmd flg cl Device File Completion-Context > > [ 0, 0] 0 0 00000000 00000000 00000000-00000000 > > > > Args: 00000000 00000000 00000000 00000000 > > [ 0, 0] 0 0 00000000 00000000 00000000-00000000 > > > > Args: 00000000 00000000 00000000 00000000 > > [ 0, 0] 0 0 00000000 00000000 00000000-00000000 > > > > Args: 00000000 00000000 00000000 00000000 > > [ 0, 0] 0 0 00000000 00000000 00000000-00000000 > > > > Args: 00000000 00000000 00000000 00000000 > > [ 16, 0] 0 0 fffffadfce8dee60 00000000 fffffadfc7a02980-00000000 > > \Driver\ACPI serial!SerialFinishSystemPower > > Args: 00000000 00000000 00000000 00000005 > >>[ 16, 2] 0 1 fffffadfce48f290 00000000 00000000-00000000 pending > > \Driver\Serial > > Args: 00000000 00000000 00000006 00000005 > > [ 16, 2] 0 e1 fffffadfce419c40 00000000 fffff800013db360-fffffadfce2d0ad0 Success Error Cancel pending > > \Driver\serenum nt!PopCompleteSystemPowerIrp > > Args: 00000000 00000000 00000006 00000005 > >3: kd> !irp fffffadfcd63b2e0 > >Irp is active with 6 stacks 6 is current (= 0xfffffadfcd63b518) > > No Mdl: No System Buffer: Thread 00000000: Irp stack trace. > > cmd flg cl Device File Completion-Context > > [ 0, 0] 0 0 00000000 00000000 00000000-00000000 > > > > Args: 00000000 00000000 00000000 00000000 > > [ 0, 0] 0 0 00000000 00000000 00000000-00000000 > > > > Args: 00000000 00000000 00000000 00000000 > > [ 0, 0] 0 0 00000000 00000000 00000000-00000000 > > > > Args: 00000000 00000000 00000000 00000000 > > [ 0, 0] 0 0 00000000 00000000 00000000-00000000 > > > > Args: 00000000 00000000 00000000 00000000 > > [ 0, 0] 0 0 00000000 00000000 00000000-00000000 > > > > Args: 00000000 00000000 00000000 00000000 > >>[ 16, 2] 0 e1 fffffadfce487490 00000000 fffff800013db360-fffffadfce2d0b28 Success Error Cancel pending > > \Driver\Fdc nt!PopCompleteSystemPowerIrp > > Args: 00000000 00000000 00000006 00000005 > >3: kd> !irp fffffadfcdc4ca70 > >Irp is active with 7 stacks 7 is current (= 0xfffffadfcdc4ccf0) > > No Mdl: No System Buffer: Thread 00000000: Irp stack trace. > > cmd flg cl Device File Completion-Context > > [ 0, 0] 0 0 00000000 00000000 00000000-00000000 > > > > Args: 00000000 00000000 00000000 00000000 > > [ 0, 0] 0 0 00000000 00000000 00000000-00000000 > > > > Args: 00000000 00000000 00000000 00000000 > > [ 0, 0] 0 0 00000000 00000000 00000000-00000000 > > > > Args: 00000000 00000000 00000000 00000000 > > [ 0, 0] 0 0 00000000 00000000 00000000-00000000 > > > > Args: 00000000 00000000 00000000 00000000 > > [ 0, 0] 0 0 00000000 00000000 00000000-00000000 > > > > Args: 00000000 00000000 00000000 00000000 > > [ 0, 0] 0 0 00000000 00000000 00000000-00000000 > > > > Args: 00000000 00000000 00000000 00000000 > >>[ 16, 2] 0 e1 fffffadfce4743f0 00000000 fffff800013db360-fffffadfce2d0b80 Success Error Cancel pending > > \Driver\Mouclass nt!PopCompleteSystemPowerIrp > > Args: 00000000 00000000 00000006 00000005 > > >3: kd> !irp fffffadfcdbd8cf0 > >Irp is active with 7 stacks 7 is current (= 0xfffffadfcdbd8f70) > > No Mdl: No System Buffer: Thread 00000000: Irp stack trace. > > cmd flg cl Device File Completion-Context > > [ 0, 0] 0 0 00000000 00000000 00000000-00000000 > > > > Args: 00000000 00000000 00000000 00000000 > > [ 0, 0] 0 0 00000000 00000000 00000000-00000000 > > > > Args: 00000000 00000000 00000000 00000000 > > [ 0, 0] 0 0 00000000 00000000 00000000-00000000 > > > > Args: 00000000 00000000 00000000 00000000 > > [ 0, 0] 0 0 00000000 00000000 00000000-00000000 > > > > Args: 00000000 00000000 00000000 00000000 > > [ 0, 0] 0 0 00000000 00000000 00000000-00000000 > > > > Args: 00000000 00000000 00000000 00000000 > > [ 0, 0] 0 0 00000000 00000000 00000000-00000000 > > > > Args: 00000000 00000000 00000000 00000000 > >>[ 16, 2] 0 e1 fffffadfce4753e0 00000000 fffff800013db360-fffffadfce2d0bd8 Success Error Cancel pending > > \Driver\Kbdclass nt!PopCompleteSystemPowerIrp > > Args: 00000000 00000000 00000006 00000005 > > >3: kd> !irp fffffadfce36a6f0 > >Irp is active with 2 stacks 2 is current (= 0xfffffadfce36a808) > > No Mdl: No System Buffer: Thread 00000000: Irp stack trace. Pending has been returned > > cmd flg cl Device File Completion-Context > > [ 16, 0] 0 0 fffffadfce8e2bd0 00000000 fffffadfc8525260-00000000 > > \Driver\ACPI*** ERROR: Module load completed but symbols could not be loaded for intelppm.sys > > intelppm > > Args: 00000000 00000000 00000000 00000005 > >>[ 16, 2] 0 e1 fffffadfce52c040 00000000 fffff800013db360-fffffadfce2d0c30 Success Error Cancel pending > > \Driver\intelppm nt!PopCompleteSystemPowerIrp > > Args: 00000000 00000000 00000006 00000005 > > >3: kd> !irp fffffadfce2cf390 > >Irp is active with 2 stacks 2 is current (= 0xfffffadfce2cf4a8) > > No Mdl: No System Buffer: Thread 00000000: Irp stack trace. Pending has been returned > > cmd flg cl Device File Completion-Context > > [ 16, 0] 0 0 fffffadfce8e2dd0 00000000 fffffadfc8525260-00000000 > > \Driver\ACPI intelppm > > Args: 00000000 00000000 00000000 00000005 > >>[ 16, 2] 0 e1 fffffadfcdd12040 00000000 fffff800013db360-fffffadfce2d0c88 Success Error Cancel pending > > \Driver\intelppm nt!PopCompleteSystemPowerIrp > > Args: 00000000 00000000 00000006 00000005 > > >3: kd> !irp fffffadfcdb856b0 > >Irp is active with 2 stacks 2 is current (= 0xfffffadfcdb857c8) > > No Mdl: No System Buffer: Thread 00000000: Irp stack trace. Pending has been returned > > cmd flg cl Device File Completion-Context > > [ 16, 0] 0 0 fffffadfce8e2470 00000000 fffffadfc8525260-00000000 > > \Driver\ACPI intelppm > > Args: 00000000 00000000 00000000 00000005 > >>[ 16, 2] 0 e1 fffffadfce523040 00000000 fffff800013db360-fffffadfce2d0ce0 Success Error Cancel pending > > \Driver\intelppm nt!PopCompleteSystemPowerIrp > > Args: 00000000 00000000 00000006 00000005 > > >3: kd> !irp fffffadfcdb856b0 > >Irp is active with 2 stacks 2 is current (= 0xfffffadfcdb857c8) > > No Mdl: No System Buffer: Thread 00000000: Irp stack trace. Pending has been returned > > cmd flg cl Device File Completion-Context > > [ 16, 0] 0 0 fffffadfce8e2470 00000000 fffffadfc8525260-00000000 > > \Driver\ACPI intelppm > > Args: 00000000 00000000 00000000 00000005 > >>[ 16, 2] 0 e1 fffffadfce523040 00000000 fffff800013db360-fffffadfce2d0ce0 Success Error Cancel pending > > \Driver\intelppm nt!PopCompleteSystemPowerIrp > > Args: 00000000 00000000 00000006 00000005 > > >3: kd> !irp fffffadfcdb743d0 > >Irp is active with 2 stacks 2 is current (= 0xfffffadfcdb744e8) > > No Mdl: No System Buffer: Thread 00000000: Irp stack trace. Pending has been returned > > cmd flg cl Device File Completion-Context > > [ 16, 0] 0 0 fffffadfce8e4330 00000000 fffffadfc8525260-00000000 > > \Driver\ACPI intelppm > > Args: 00000000 00000000 00000000 00000005 > >>[ 16, 2] 0 e1 fffffadfce538040 00000000 fffff800013db360-fffffadfce2d0d38 Success Error Cancel pending > > \Driver\intelppm nt!PopCompleteSystemPowerIrp > > Args: 00000000 00000000 00000006 00000005 > >Possible to see from !irp fffffadfce419010 and !irp fffffadfcdbd8cf0 that \Driver\Mouclass and >\Driver\Kbdclass both wait for completion of the irp. > > >3: kd> !poreqlist > >All active Power Irps from PoRequestPowerIrp > >PopReqestedPowerIrpList > >FieldOffset = 0019451800000008 > >Irp fffffadfcdb51630 DevObj 0000000000000000: Could not read device object or _DEVICE_OBJECT not found > > Ctx 00000002 Wait Wake S1 [blocked] > >Irp fffffadfce313010 DevObj fffffadfce8f52f0 \Driver\ACPI Ctx 00000003 Set Power D3 ShutdownType 5 > >Irp fffffadfcdca7990 DevObj fffffadfcdca6a10 \Driver\i8042prt Ctx 00000003 Set Power D3 ShutdownType 5 > >Irp fffffadfcdeff010 DevObj 0000000000000000: Could not read device object or _DEVICE_OBJECT not found > > Ctx 00000002 [blocked] > >Irp fffffadfce3353e0 DevObj 0000000000000000: Could not read device object or _DEVICE_OBJECT not found > > Ctx 00000002 [blocked] > >Irp fffffadfce34abb0 DevObj 0000000000000000: Could not read device object or _DEVICE_OBJECT not found > > Ctx 00000002 [blocked] > >Irp fffffadfcdbab010 DevObj 0000000000000000: Could not read device object or _DEVICE_OBJECT not found > > Ctx 00000002 [blocked] > >Irp fffffadfcdcf5010 DevObj 0000000000000000: Could not read device object or _DEVICE_OBJECT not found > > Ctx 00000002 [blocked] > >Irp fffffadfcdecbc60 DevObj 0000000000000000: Could not read device object or _DEVICE_OBJECT not found > > Ctx 00000002 [blocked] > > >3: kd> !irp fffffadfcdca7990 > >Irp is active with 9 stacks 7 is current (= 0xfffffadfcdca7c10) > > No Mdl: No System Buffer: Thread 00000000: Irp stack trace. > > cmd flg cl Device File Completion-Context > > [ 0, 0] 0 0 00000000 00000000 00000000-00000000 > > > > Args: 00000000 00000000 00000000 00000000 > > [ 0, 0] 0 0 00000000 00000000 00000000-00000000 > > > > Args: 00000000 00000000 00000000 00000000 > > [ 0, 0] 0 0 00000000 00000000 00000000-00000000 > > > > Args: 00000000 00000000 00000000 00000000 > > [ 0, 0] 0 0 00000000 00000000 00000000-00000000 > > > > Args: 00000000 00000000 00000000 00000000 > > [ 0, 0] 0 0 00000000 00000000 00000000-00000000 > > > > Args: 00000000 00000000 00000000 00000000 > > [ 0, 0] 0 0 00000000 00000000 00000000-00000000 > > > > Args: 00000000 00000000 00000000 00000000 > >>[ 16, 2] 0 e1 fffffadfcdca6a10 00000000 fffff80001114540-fffffadfc8a5e170 Success Error Cancel pending > > \Driver\i8042prt nt!PopCompleteRequestIrp > > Args: 00000003 00000001 00000004 00000005 > > [ 0, 0] 0 0 fffffadfce4743f0 00000000 00000000-00000000 > > \Driver\Mouclass > > Args: fffffadfce4743f0 00000002 00000004 fffffadfcdc4ca70 > > [ 0, 0] 0 0 00000000 00000000 00000000-00000000 > > > > Args: fffffadfcdeff328 fffffadfce3132e0 fffffadfcdca7990 00000000 > > >!poreqlist show exactly irp fffffadfcdca7990 have to be treated when BSOD happen >The same we see during !analyze -v command when TRAME_FRAME registers printed >with rdx=fffffadfcdca7990 which is second parameter to the function. > >Let's start to check the code of PopWaitForSystemPowerIrp() which caused BSOD. >Just remember that return address from I8xPower() function when BSOD happened is fffff800`013da8b4 >fffffadf`c8c78b58 fffff800`013da8b4 : fffffadf`ce2d08e8 fffffadf`ce2d08e8 fffffadf`ce2d0970 fffffadf`ce2d0450 : i8042prt!I8xPower >We'll see that it's next opcode after line: >ffff800`013da8af e8fc93d3ff call nt!PopPassivePowerCall (fffff800`01113cb0) >So inside that function call to I8xPower() happened. > > >3: kd> x nt!PopWaitForSystemPowerIrp > >fffff800`013da540 nt!PopWaitForSystemPowerIrp = <no type information> > >3: kd> uf nt!PopWaitForSystemPowerIrp > >Flow analysis was incomplete, some code may be missing > >nt!PopWaitForSystemPowerIrp: > >fffff800`013da540 88542410 mov byte ptr [rsp+10h],dl > >fffff800`013da544 488bc4 mov rax,rsp > >fffff800`013da547 4883ec78 sub rsp,78h > >fffff800`013da54b 48896820 mov qword ptr [rax+20h],rbp > >fffff800`013da54f 488978f0 mov qword ptr [rax-10h],rdi > >fffff800`013da553 488bf9 mov rdi,rcx > >fffff800`013da556 32c9 xor cl,cl > >fffff800`013da558 4c8960e8 mov qword ptr [rax-18h],r12 > >fffff800`013da55c 4c8970d8 mov qword ptr [rax-28h],r14 > >fffff800`013da560 888c2480000000 mov byte ptr [rsp+80h],cl > >fffff800`013da567 450f20c6 mov r14,cr8 > >fffff800`013da56b bd02000000 mov ebp,2 > >fffff800`013da570 440f22c5 mov cr8,rbp > >fffff800`013da574 f0480fba6f2000 lock bts qword ptr [rdi+20h],0 > >fffff800`013da57b 730d jae nt!PopWaitForSystemPowerIrp+0x4a (fffff800`013da58a) > > > >nt!PopWaitForSystemPowerIrp+0x3d: > >fffff800`013da57d 488d4f20 lea rcx,[rdi+20h] > >fffff800`013da581 e86ad7c5ff call nt!KxWaitForSpinLockAndAcquire (fffff800`01037cf0) > >fffff800`013da586 32c9 xor cl,cl > >fffff800`013da588 eb03 jmp nt!PopWaitForSystemPowerIrp+0x4d (fffff800`013da58d) > > > >nt!PopWaitForSystemPowerIrp+0x4a: > >fffff800`013da58a 0faee8 lfence > > > >nt!PopWaitForSystemPowerIrp+0x4d: > >fffff800`013da58d 4c897c2448 mov qword ptr [rsp+48h],r15 > >fffff800`013da592 48899c2490000000 mov qword ptr [rsp+90h],rbx > >fffff800`013da59a 41bf01000000 mov r15d,1 > >fffff800`013da5a0 4889742470 mov qword ptr [rsp+70h],rsi > >fffff800`013da5a5 4533c0 xor r8d,r8d > >fffff800`013da5a8 458d5704 lea r10d,[r15+4] > >fffff800`013da5ac 4c896c2458 mov qword ptr [rsp+58h],r13 > > > >nt!PopWaitForSystemPowerIrp+0x71: > >fffff800`013da5b1 418bc7 mov eax,r15d > >fffff800`013da5b4 ffc8 dec eax > >fffff800`013da5b6 0f8496030000 je nt!PopWaitForSystemPowerIrp+0x418 (fffff800`013da952) > > > >nt!PopWaitForSystemPowerIrp+0x7c: > >fffff800`013da5bc ffc8 dec eax > >fffff800`013da5be 0f8464020000 je nt!PopWaitForSystemPowerIrp+0x2ec (fffff800`013da828) > > > >nt!PopWaitForSystemPowerIrp+0x84: > >fffff800`013da5c4 ffc8 dec eax > >fffff800`013da5c6 0f8475010000 je nt!PopWaitForSystemPowerIrp+0x203 (fffff800`013da741) > > > >nt!PopWaitForSystemPowerIrp+0x8c: > >fffff800`013da5cc ffc8 dec eax > >fffff800`013da5ce 0f85f6040000 jne nt!PopWaitForSystemPowerIrp+0x596 (fffff800`013daaca) > > > >nt!PopWaitForSystemPowerIrp+0x94: > >fffff800`013da5d4 84d2 test dl,dl > >fffff800`013da5d6 7508 jne nt!PopWaitForSystemPowerIrp+0xa0 (fffff800`013da5e0) > > > >nt!PopWaitForSystemPowerIrp+0x98: > >fffff800`013da5d8 84c9 test cl,cl > >fffff800`013da5da 0f8534050000 jne nt!PopWaitForSystemPowerIrp+0x5e0 (fffff800`013dab14) > > > >nt!PopWaitForSystemPowerIrp+0xa0: > >fffff800`013da5e0 488d9f88040000 lea rbx,[rdi+488h] > >fffff800`013da5e7 48391b cmp qword ptr [rbx],rbx > >fffff800`013da5ea 0f8424050000 je nt!PopWaitForSystemPowerIrp+0x5e0 (fffff800`013dab14) > > > >nt!PopWaitForSystemPowerIrp+0xb0: > >fffff800`013da5f0 84d2 test dl,dl > >fffff800`013da5f2 c6875d04000001 mov byte ptr [rdi+45Dh],1 > >fffff800`013da5f9 4489470c mov dword ptr [rdi+0Ch],r8d > >fffff800`013da5fd 0f94c0 sete al > >fffff800`013da600 88875c040000 mov byte ptr [rdi+45Ch],al > >fffff800`013da606 f04883672000 lock and qword ptr [rdi+20h],0 > >fffff800`013da60c 410fb6c6 movzx eax,r14b > >fffff800`013da610 440f22c0 mov cr8,rax > >fffff800`013da614 80bf5904000000 cmp byte ptr [rdi+459h],0 > >fffff800`013da61b b81e000000 mov eax,1Eh > >fffff800`013da620 488d4f08 lea rcx,[rdi+8] > >fffff800`013da624 490f45c2 cmovne rax,r10 > >fffff800`013da628 4533c9 xor r9d,r9d > >fffff800`013da62b 4533c0 xor r8d,r8d > >fffff800`013da62e 418bd2 mov edx,r10d > >fffff800`013da631 4869c0806967ff imul rax,rax,0FFFFFFFFFF676980h > >fffff800`013da638 4889442430 mov qword ptr [rsp+30h],rax > >fffff800`013da63d 488d442430 lea rax,[rsp+30h] > >fffff800`013da642 4889442420 mov qword ptr [rsp+20h],rax > >fffff800`013da647 e884d9c4ff call nt!KeWaitForSingleObject (fffff800`01027fd0) > >fffff800`013da64c 448bd8 mov r11d,eax > >fffff800`013da64f 450f20c1 mov r9,cr8 > >fffff800`013da653 440f22c5 mov cr8,rbp > >fffff800`013da657 f0480fba6f2000 lock bts qword ptr [rdi+20h],0 > >fffff800`013da65e 730b jae nt!PopWaitForSystemPowerIrp+0x12b (fffff800`013da66b) > > > >nt!PopWaitForSystemPowerIrp+0x120: > >fffff800`013da660 488d4f20 lea rcx,[rdi+20h] > >fffff800`013da664 e887d6c5ff call nt!KxWaitForSpinLockAndAcquire (fffff800`01037cf0) > >fffff800`013da669 eb03 jmp nt!PopWaitForSystemPowerIrp+0x12e (fffff800`013da66e) > > > >nt!PopWaitForSystemPowerIrp+0x12b: > >fffff800`013da66b 0faee8 lfence > > > >nt!PopWaitForSystemPowerIrp+0x12e: > >fffff800`013da66e 4181fb02010000 cmp r11d,102h > >fffff800`013da675 458af1 mov r14b,r9b > >fffff800`013da678 c6875d04000000 mov byte ptr [rdi+45Dh],0 > >fffff800`013da67f c6875c04000000 mov byte ptr [rdi+45Ch],0 > >fffff800`013da686 0f8593000000 jne nt!PopWaitForSystemPowerIrp+0x1e1 (fffff800`013da71f) > > > >nt!PopWaitForSystemPowerIrp+0x14c: > >fffff800`013da68c 488b13 mov rdx,qword ptr [rbx] > >fffff800`013da68f 483bd3 cmp rdx,rbx > >fffff800`013da692 7429 je nt!PopWaitForSystemPowerIrp+0x17e (fffff800`013da6bd) > > > >nt!PopWaitForSystemPowerIrp+0x154: > >fffff800`013da694 4c8d87a8040000 lea r8,[rdi+4A8h] > >fffff800`013da69b 6690 xchg ax,ax > >fffff800`013da69d 6690 xchg ax,ax > > > >nt!PopWaitForSystemPowerIrp+0x160: > >fffff800`013da69f 498b4008 mov rax,qword ptr [r8+8] > >fffff800`013da6a3 488d4a20 lea rcx,[rdx+20h] > >fffff800`013da6a7 4c8901 mov qword ptr [rcx],r8 > >fffff800`013da6aa 48894108 mov qword ptr [rcx+8],rax > >fffff800`013da6ae 488908 mov qword ptr [rax],rcx > >fffff800`013da6b1 49894808 mov qword ptr [r8+8],rcx > >fffff800`013da6b5 488b12 mov rdx,qword ptr [rdx] > >fffff800`013da6b8 483bd3 cmp rdx,rbx > >fffff800`013da6bb 75e2 jne nt!PopWaitForSystemPowerIrp+0x160 (fffff800`013da69f) > > > >nt!PopWaitForSystemPowerIrp+0x17e: > >fffff800`013da6bd f04883672000 lock and qword ptr [rdi+20h],0 > >fffff800`013da6c3 410fb6c1 movzx eax,r9b > >fffff800`013da6c7 440f22c0 mov cr8,rax > >fffff800`013da6cb 488db7a8040000 lea rsi,[rdi+4A8h] > >fffff800`013da6d2 488b1e mov rbx,qword ptr [rsi] > >fffff800`013da6d5 483bde cmp rbx,rsi > >fffff800`013da6d8 741c je nt!PopWaitForSystemPowerIrp+0x1b8 (fffff800`013da6f6) > > > >nt!PopWaitForSystemPowerIrp+0x19b: > >fffff800`013da6da 6690 xchg ax,ax > >fffff800`013da6dc 6690 xchg ax,ax > > > >nt!PopWaitForSystemPowerIrp+0x1a0: > >fffff800`013da6de 488d53c8 lea rdx,[rbx-38h] > >fffff800`013da6e2 488d0df7040000 lea rcx,[nt!`string' (fffff800`013dabe0)] > >fffff800`013da6e9 e8a20f0000 call nt!PopDumpSystemIrp (fffff800`013db690) > >fffff800`013da6ee 488b1b mov rbx,qword ptr [rbx] > >fffff800`013da6f1 483bde cmp rbx,rsi > >fffff800`013da6f4 75e8 jne nt!PopWaitForSystemPowerIrp+0x1a0 (fffff800`013da6de) > > > >nt!PopWaitForSystemPowerIrp+0x1b8: > >fffff800`013da6f6 440f20c2 mov rdx,cr8 > >fffff800`013da6fa 440f22c5 mov cr8,rbp > >fffff800`013da6fe f0480fba6f2000 lock bts qword ptr [rdi+20h],0 > >fffff800`013da705 730b jae nt!PopWaitForSystemPowerIrp+0x1d4 (fffff800`013da712) > > > >nt!PopWaitForSystemPowerIrp+0x1c9: > >fffff800`013da707 488d4f20 lea rcx,[rdi+20h] > >fffff800`013da70b e8e0d5c5ff call nt!KxWaitForSpinLockAndAcquire (fffff800`01037cf0) > >fffff800`013da710 eb03 jmp nt!PopWaitForSystemPowerIrp+0x1d7 (fffff800`013da715) > > > >nt!PopWaitForSystemPowerIrp+0x1d4: > >fffff800`013da712 0faee8 lfence > > > >nt!PopWaitForSystemPowerIrp+0x1d7: > >fffff800`013da715 448af2 mov r14b,dl > >fffff800`013da718 48897608 mov qword ptr [rsi+8],rsi > >fffff800`013da71c 488936 mov qword ptr [rsi],rsi > > > >nt!PopWaitForSystemPowerIrp+0x1e1: > >fffff800`013da71f 0fb68c2480000000 movzx ecx,byte ptr [rsp+80h] > >fffff800`013da727 0fb6942488000000 movzx edx,byte ptr [rsp+88h] > >fffff800`013da72f 41bf01000000 mov r15d,1 > >fffff800`013da735 458d5704 lea r10d,[r15+4] > >fffff800`013da739 4533c0 xor r8d,r8d > >fffff800`013da73c e970feffff jmp nt!PopWaitForSystemPowerIrp+0x71 (fffff800`013da5b1) > > > >nt!PopWaitForSystemPowerIrp+0x203: > >fffff800`013da741 83bf4804000000 cmp dword ptr [rdi+448h],0 > >fffff800`013da748 41bf04000000 mov r15d,4 > >fffff800`013da74e 0f8d5dfeffff jge nt!PopWaitForSystemPowerIrp+0x71 (fffff800`013da5b1) > > > >nt!PopWaitForSystemPowerIrp+0x216: > >fffff800`013da754 80bf5904000000 cmp byte ptr [rdi+459h],0 > >fffff800`013da75b 0f8550feffff jne nt!PopWaitForSystemPowerIrp+0x71 (fffff800`013da5b1) > > > >nt!PopWaitForSystemPowerIrp+0x223: > >fffff800`013da761 80bf5804000000 cmp byte ptr [rdi+458h],0 > >fffff800`013da768 0f8543feffff jne nt!PopWaitForSystemPowerIrp+0x71 (fffff800`013da5b1) > > > >nt!PopWaitForSystemPowerIrp+0x230: > >fffff800`013da76e 4c8d8f88040000 lea r9,[rdi+488h] > >fffff800`013da775 c6875904000001 mov byte ptr [rdi+459h],1 > >fffff800`013da77c 498b11 mov rdx,qword ptr [r9] > >fffff800`013da77f 493bd1 cmp rdx,r9 > >fffff800`013da782 7427 je nt!PopWaitForSystemPowerIrp+0x26e (fffff800`013da7ab) > > > >nt!PopWaitForSystemPowerIrp+0x246: > >fffff800`013da784 4c8d87a8040000 lea r8,[rdi+4A8h] > >fffff800`013da78b 6690 xchg ax,ax > > > >nt!PopWaitForSystemPowerIrp+0x250: > >fffff800`013da78d 498b4008 mov rax,qword ptr [r8+8] > >fffff800`013da791 488d4a20 lea rcx,[rdx+20h] > >fffff800`013da795 4c8901 mov qword ptr [rcx],r8 > >fffff800`013da798 48894108 mov qword ptr [rcx+8],rax > >fffff800`013da79c 488908 mov qword ptr [rax],rcx > >fffff800`013da79f 49894808 mov qword ptr [r8+8],rcx > >fffff800`013da7a3 488b12 mov rdx,qword ptr [rdx] > >fffff800`013da7a6 493bd1 cmp rdx,r9 > >fffff800`013da7a9 75e2 jne nt!PopWaitForSystemPowerIrp+0x250 (fffff800`013da78d) > > > >nt!PopWaitForSystemPowerIrp+0x26e: > >fffff800`013da7ab f04883672000 lock and qword ptr [rdi+20h],0 > >fffff800`013da7b1 410fb6c6 movzx eax,r14b > >fffff800`013da7b5 440f22c0 mov cr8,rax > >fffff800`013da7b9 488db7a8040000 lea rsi,[rdi+4A8h] > >fffff800`013da7c0 488b1e mov rbx,qword ptr [rsi] > >fffff800`013da7c3 483bde cmp rbx,rsi > >fffff800`013da7c6 741b je nt!PopWaitForSystemPowerIrp+0x2a7 (fffff800`013da7e3) > > > >nt!PopWaitForSystemPowerIrp+0x28b: > >fffff800`013da7c8 6690 xchg ax,ax > >fffff800`013da7ca 6690 xchg ax,ax > > > >nt!PopWaitForSystemPowerIrp+0x290: > >fffff800`013da7cc 488b4bd0 mov rcx,qword ptr [rbx-30h] > >fffff800`013da7d0 e8bb03c4ff call nt!IoCancelIrp (fffff800`0101ab90) > >fffff800`013da7d5 488b1b mov rbx,qword ptr [rbx] > >fffff800`013da7d8 483bde cmp rbx,rsi > >fffff800`013da7db 75ef jne nt!PopWaitForSystemPowerIrp+0x290 (fffff800`013da7cc) > > > >nt!PopWaitForSystemPowerIrp+0x2a1: > >fffff800`013da7dd 41ba05000000 mov r10d,5 > > > >nt!PopWaitForSystemPowerIrp+0x2a7: > >fffff800`013da7e3 440f20c2 mov rdx,cr8 > >fffff800`013da7e7 440f22c5 mov cr8,rbp > >fffff800`013da7eb f0480fba6f2000 lock bts qword ptr [rdi+20h],0 > >fffff800`013da7f2 730b jae nt!PopWaitForSystemPowerIrp+0x2c3 (fffff800`013da7ff) > > > >nt!PopWaitForSystemPowerIrp+0x2b8: > >fffff800`013da7f4 488d4f20 lea rcx,[rdi+20h] > >fffff800`013da7f8 e8f3d4c5ff call nt!KxWaitForSpinLockAndAcquire (fffff800`01037cf0) > >fffff800`013da7fd eb03 jmp nt!PopWaitForSystemPowerIrp+0x2c6 (fffff800`013da802) > > > >nt!PopWaitForSystemPowerIrp+0x2c3: > >fffff800`013da7ff 0faee8 lfence > > > >nt!PopWaitForSystemPowerIrp+0x2c6: > >fffff800`013da802 8a8c2480000000 mov cl,byte ptr [rsp+80h] > >fffff800`013da809 448af2 mov r14b,dl > >fffff800`013da80c 8a942488000000 mov dl,byte ptr [rsp+88h] > >fffff800`013da813 48897608 mov qword ptr [rsi+8],rsi > >fffff800`013da817 488936 mov qword ptr [rsi],rsi > >fffff800`013da81a 41bf01000000 mov r15d,1 > >fffff800`013da820 4533c0 xor r8d,r8d > >fffff800`013da823 e989fdffff jmp nt!PopWaitForSystemPowerIrp+0x71 (fffff800`013da5b1) > > > >nt!PopWaitForSystemPowerIrp+0x2ec: > >fffff800`013da828 f605d16cdfff02 test byte ptr [nt!PopCallSystemState (fffff800`011d1500)],2 > >fffff800`013da82f 41bf03000000 mov r15d,3 > >fffff800`013da835 0f8576fdffff jne nt!PopWaitForSystemPowerIrp+0x71 (fffff800`013da5b1) > > > >nt!PopWaitForSystemPowerIrp+0x2ff: > >fffff800`013da83b f04883672000 lock and qword ptr [rdi+20h],0 > >fffff800`013da841 410fb6c6 movzx eax,r14b > >fffff800`013da845 440f22c0 mov cr8,rax > >fffff800`013da849 450f20c0 mov r8,cr8 > >fffff800`013da84d 440f22c5 mov cr8,rbp > >fffff800`013da851 f0480fba2d156bdfff00 lock bts qword ptr [nt!PopWorkerLock (fffff800`011d1370)],0 > >fffff800`013da85b 730e jae nt!PopWaitForSystemPowerIrp+0x32f (fffff800`013da86b) > > > >nt!PopWaitForSystemPowerIrp+0x321: > >fffff800`013da85d 488d0d0c6bdfff lea rcx,[nt!PopWorkerLock (fffff800`011d1370)] > >fffff800`013da864 e887d4c5ff call nt!KxWaitForSpinLockAndAcquire (fffff800`01037cf0) > >fffff800`013da869 eb03 jmp nt!PopWaitForSystemPowerIrp+0x332 (fffff800`013da86e) > > > >nt!PopWaitForSystemPowerIrp+0x32f: > >fffff800`013da86b 0faee8 lfence > > > >nt!PopWaitForSystemPowerIrp+0x332: > >fffff800`013da86e 488b15731ddfff mov rdx,qword ptr [nt!PopAction+0x28 (fffff800`011cc5e8)] > >fffff800`013da875 4885d2 test rdx,rdx > >fffff800`013da878 7478 je nt!PopWaitForSystemPowerIrp+0x3b8 (fffff800`013da8f2) > > > >nt!PopWaitForSystemPowerIrp+0x33e: > >fffff800`013da87a 4881c260040000 add rdx,460h > >fffff800`013da881 483912 cmp qword ptr [rdx],rdx > >fffff800`013da884 746c je nt!PopWaitForSystemPowerIrp+0x3b8 (fffff800`013da8f2) > > > >nt!PopWaitForSystemPowerIrp+0x34a: > >fffff800`013da886 6690 xchg ax,ax > >fffff800`013da888 6690 xchg ax,ax > > > >nt!PopWaitForSystemPowerIrp+0x350: > >fffff800`013da88a 488b0a mov rcx,qword ptr [rdx] > >fffff800`013da88d 488b01 mov rax,qword ptr [rcx] > >fffff800`013da890 488902 mov qword ptr [rdx],rax > >fffff800`013da893 48895008 mov qword ptr [rax+8],rdx > >fffff800`013da897 f0488325d06adfff00 lock and qword ptr [nt!PopWorkerLock (fffff800`011d1370)],0 > >fffff800`013da8a0 410fb6c0 movzx eax,r8b > >fffff800`013da8a4 440f22c0 mov cr8,rax > >fffff800`013da8a8 4881c158ffffff add rcx,0FFFFFFFFFFFFFF58h > >fffff800`013da8af e8fc93d3ff call nt!PopPassivePowerCall (fffff800`01113cb0) > >fffff800`013da8b4 450f20c0 mov r8,cr8 <-----!!!!!!!!!---return address from I8xPower() function when BSOD happened > >fffff800`013da8b8 440f22c5 mov cr8,rbp > >fffff800`013da8bc f0480fba2daa6adfff00 lock bts qword ptr [nt!PopWorkerLock (fffff800`011d1370)],0 > >fffff800`013da8c6 730e jae nt!PopWaitForSystemPowerIrp+0x39c (fffff800`013da8d6) > > > >nt!PopWaitForSystemPowerIrp+0x38e: > >fffff800`013da8c8 488d0da16adfff lea rcx,[nt!PopWorkerLock (fffff800`011d1370)] > >fffff800`013da8cf e81cd4c5ff call nt!KxWaitForSpinLockAndAcquire (fffff800`01037cf0) > >fffff800`013da8d4 eb03 jmp nt!PopWaitForSystemPowerIrp+0x39f (fffff800`013da8d9) > > > >nt!PopWaitForSystemPowerIrp+0x39c: > >fffff800`013da8d6 0faee8 lfence > > > >nt!PopWaitForSystemPowerIrp+0x39f: > >fffff800`013da8d9 488b15081ddfff mov rdx,qword ptr [nt!PopAction+0x28 (fffff800`011cc5e8)] > >fffff800`013da8e0 4881c260040000 add rdx,460h > >fffff800`013da8e7 483912 cmp qword ptr [rdx],rdx > >fffff800`013da8ea 759e jne nt!PopWaitForSystemPowerIrp+0x350 (fffff800`013da88a) > > > >nt!PopWaitForSystemPowerIrp+0x3b2: > >fffff800`013da8ec 41ba05000000 mov r10d,5 > > > >nt!PopWaitForSystemPowerIrp+0x3b8: > >fffff800`013da8f2 f0488325756adfff00 lock and qword ptr [nt!PopWorkerLock (fffff800`011d1370)],0 > >fffff800`013da8fb 410fb6c0 movzx eax,r8b > >fffff800`013da8ff 440f22c0 mov cr8,rax > >fffff800`013da903 440f20c2 mov rdx,cr8 > >fffff800`013da907 440f22c5 mov cr8,rbp > >fffff800`013da90b f0480fba6f2000 lock bts qword ptr [rdi+20h],0 > >fffff800`013da912 7322 jae nt!PopWaitForSystemPowerIrp+0x3fc (fffff800`013da936) > > > >nt!PopWaitForSystemPowerIrp+0x3da: > >fffff800`013da914 488d4f20 lea rcx,[rdi+20h] > >fffff800`013da918 e8d3d3c5ff call nt!KxWaitForSpinLockAndAcquire (fffff800`01037cf0) > >fffff800`013da91d 8a8c2480000000 mov cl,byte ptr [rsp+80h] > >fffff800`013da924 448af2 mov r14b,dl > >fffff800`013da927 8a942488000000 mov dl,byte ptr [rsp+88h] > >fffff800`013da92e 4533c0 xor r8d,r8d > >fffff800`013da931 e97bfcffff jmp nt!PopWaitForSystemPowerIrp+0x71 (fffff800`013da5b1) > > > >nt!PopWaitForSystemPowerIrp+0x3fc: > >fffff800`013da936 0faee8 lfence > >fffff800`013da939 8a8c2480000000 mov cl,byte ptr [rsp+80h] > >fffff800`013da940 448af2 mov r14b,dl > >fffff800`013da943 8a942488000000 mov dl,byte ptr [rsp+88h] > >fffff800`013da94a 4533c0 xor r8d,r8d > >fffff800`013da94d e95ffcffff jmp nt!PopWaitForSystemPowerIrp+0x71 (fffff800`013da5b1) > > > >nt!PopWaitForSystemPowerIrp+0x418: > >fffff800`013da952 488d9f98040000 lea rbx,[rdi+498h] > >fffff800`013da959 448bfd mov r15d,ebp > >fffff800`013da95c 48391b cmp qword ptr [rbx],rbx > >fffff800`013da95f 0f844cfcffff je nt!PopWaitForSystemPowerIrp+0x71 (fffff800`013da5b1) > > > >nt!PopWaitForSystemPowerIrp+0x42b: > >fffff800`013da965 c684248000000001 mov byte ptr [rsp+80h],1 > >fffff800`013da96d 90 nop > >fffff800`013da96e 6690 xchg ax,ax > >fffff800`013da970 6690 xchg ax,ax > >fffff800`013da972 6690 xchg ax,ax > > > >nt!PopWaitForSystemPowerIrp+0x440: > >fffff800`013da974 488b13 mov rdx,qword ptr [rbx] > >fffff800`013da977 488b4208 mov rax,qword ptr [rdx+8] > >fffff800`013da97b 488b0a mov rcx,qword ptr [rdx] > >fffff800`013da97e 488d72d8 lea rsi,[rdx-28h] > >fffff800`013da982 488908 mov qword ptr [rax],rcx > >fffff800`013da985 48894108 mov qword ptr [rcx+8],rax > >fffff800`013da989 488b6e10 mov rbp,qword ptr [rsi+10h] > >fffff800`013da98d 4c8b6e08 mov r13,qword ptr [rsi+8] > >fffff800`013da991 4c894628 mov qword ptr [rsi+28h],r8 > >fffff800`013da995 488b4510 mov rax,qword ptr [rbp+10h] > >fffff800`013da999 488b8838010000 mov rcx,qword ptr [rax+138h] > >fffff800`013da9a0 0fba611008 bt dword ptr [rcx+10h],8 > >fffff800`013da9a5 0f82ba010000 jb nt!PopWaitForSystemPowerIrp+0x631 (fffff800`013dab65) > > > >nt!PopWaitForSystemPowerIrp+0x477: > >fffff800`013da9ab 488b4520 mov rax,qword ptr [rbp+20h] > >fffff800`013da9af 488b8838010000 mov rcx,qword ptr [rax+138h] > >fffff800`013da9b6 0fba611008 bt dword ptr [rcx+10h],8 > >fffff800`013da9bb 0f82a4010000 jb nt!PopWaitForSystemPowerIrp+0x631 (fffff800`013dab65) > > > >nt!PopWaitForSystemPowerIrp+0x48d: > >fffff800`013da9c1 418b4530 mov eax,dword ptr [r13+30h] > >fffff800`013da9c5 85c0 test eax,eax > >fffff800`013da9c7 7931 jns nt!PopWaitForSystemPowerIrp+0x4c6 (fffff800`013da9fa) > > > >nt!PopWaitForSystemPowerIrp+0x495: > >fffff800`013da9c9 80bf5a04000000 cmp byte ptr [rdi+45Ah],0 > >fffff800`013da9d0 7528 jne nt!PopWaitForSystemPowerIrp+0x4c6 (fffff800`013da9fa) > > > >nt!PopWaitForSystemPowerIrp+0x49e: > >fffff800`013da9d2 3d200100c0 cmp eax,0C0000120h > >fffff800`013da9d7 7421 je nt!PopWaitForSystemPowerIrp+0x4c6 (fffff800`013da9fa) > > > >nt!PopWaitForSystemPowerIrp+0x4a5: > >fffff800`013da9d9 3dbb0000c0 cmp eax,0C00000BBh > >fffff800`013da9de 0f85a4000000 jne nt!PopWaitForSystemPowerIrp+0x554 (fffff800`013daa88) > > > >nt!PopWaitForSystemPowerIrp+0x4b0: > >fffff800`013da9e4 80bf5b04000000 cmp byte ptr [rdi+45Bh],0 > >fffff800`013da9eb 750d jne nt!PopWaitForSystemPowerIrp+0x4c6 (fffff800`013da9fa) > > > >nt!PopWaitForSystemPowerIrp+0x4b9: > >fffff800`013da9ed f605442cddff10 test byte ptr [nt!PopSimulate (fffff800`011ad638)],10h > >fffff800`013da9f4 0f848e000000 je nt!PopWaitForSystemPowerIrp+0x554 (fffff800`013daa88) > > > >nt!PopWaitForSystemPowerIrp+0x4c6: > >fffff800`013da9fa 85c0 test eax,eax > >fffff800`013da9fc 7964 jns nt!PopWaitForSystemPowerIrp+0x52e (fffff800`013daa62) > > > >nt!PopWaitForSystemPowerIrp+0x4ca: > >fffff800`013da9fe 80bf5a04000000 cmp byte ptr [rdi+45Ah],0 > >fffff800`013daa05 755b jne nt!PopWaitForSystemPowerIrp+0x52e (fffff800`013daa62) > > > >nt!PopWaitForSystemPowerIrp+0x4d3: > >fffff800`013daa07 3d200100c0 cmp eax,0C0000120h > >fffff800`013daa0c 7454 je nt!PopWaitForSystemPowerIrp+0x52e (fffff800`013daa62) > > > >nt!PopWaitForSystemPowerIrp+0x4da: > >fffff800`013daa0e 3dbb0000c0 cmp eax,0C00000BBh > >fffff800`013daa13 7509 jne nt!PopWaitForSystemPowerIrp+0x4ea (fffff800`013daa1e) > > > >nt!PopWaitForSystemPowerIrp+0x4e1: > >fffff800`013daa15 80bf5b04000000 cmp byte ptr [rdi+45Bh],0 > >fffff800`013daa1c 7544 jne nt!PopWaitForSystemPowerIrp+0x52e (fffff800`013daa62) > > > >nt!PopWaitForSystemPowerIrp+0x4ea: > >fffff800`013daa1e f04883672000 lock and qword ptr [rdi+20h],0 > >fffff800`013daa24 410fb6c6 movzx eax,r14b > >fffff800`013daa28 440f22c0 mov cr8,rax > >fffff800`013daa2c 488d0dbd010000 lea rcx,[nt!`string' (fffff800`013dabf0)] > >fffff800`013daa33 488bd6 mov rdx,rsi > >fffff800`013daa36 e8550c0000 call nt!PopDumpSystemIrp (fffff800`013db690) > >fffff800`013daa3b 440f20c2 mov rdx,cr8 > >fffff800`013daa3f b802000000 mov eax,2 > >fffff800`013daa44 440f22c0 mov cr8,rax > >fffff800`013daa48 f0480fba6f2000 lock bts qword ptr [rdi+20h],0 > >fffff800`013daa4f 730b jae nt!PopWaitForSystemPowerIrp+0x528 (fffff800`013daa5c) > > > >nt!PopWaitForSystemPowerIrp+0x51d: > >fffff800`013daa51 488d4f20 lea rcx,[rdi+20h] > >fffff800`013daa55 e896d2c5ff call nt!KxWaitForSpinLockAndAcquire (fffff800`01037cf0) > >fffff800`013daa5a eb03 jmp nt!PopWaitForSystemPowerIrp+0x52b (fffff800`013daa5f) > > > >nt!PopWaitForSystemPowerIrp+0x528: > >fffff800`013daa5c 0faee8 lfence > > > >nt!PopWaitForSystemPowerIrp+0x52b: > >fffff800`013daa5f 448af2 mov r14b,dl > > > >nt!PopWaitForSystemPowerIrp+0x52e: > >fffff800`013daa62 498bcd mov rcx,r13 > >fffff800`013daa65 e81615c6ff call nt!IoFreeIrp (fffff800`0103bf80) > >fffff800`013daa6a 4533c0 xor r8d,r8d > >fffff800`013daa6d 4c894608 mov qword ptr [rsi+8],r8 > >fffff800`013daa71 4c894610 mov qword ptr [rsi+10h],r8 > >fffff800`013daa75 488b8770040000 mov rax,qword ptr [rdi+470h] > >fffff800`013daa7c 488906 mov qword ptr [rsi],rax > >fffff800`013daa7f 4889b770040000 mov qword ptr [rdi+470h],rsi > >fffff800`013daa86 eb1d jmp nt!PopWaitForSystemPowerIrp+0x571 (fffff800`013daaa5) > > > >nt!PopWaitForSystemPowerIrp+0x554: > >fffff800`013daa88 488d4e48 lea rcx,[rsi+48h] > >fffff800`013daa8c 488d97b8040000 lea rdx,[rdi+4B8h] > >fffff800`013daa93 488b4208 mov rax,qword ptr [rdx+8] > >fffff800`013daa97 488911 mov qword ptr [rcx],rdx > >fffff800`013daa9a 48894108 mov qword ptr [rcx+8],rax > >fffff800`013daa9e 488908 mov qword ptr [rax],rcx > >fffff800`013daaa1 48894a08 mov qword ptr [rdx+8],rcx > > > >nt!PopWaitForSystemPowerIrp+0x571: > >fffff800`013daaa5 48391b cmp qword ptr [rbx],rbx > >fffff800`013daaa8 0f85c6feffff jne nt!PopWaitForSystemPowerIrp+0x440 (fffff800`013da974) > > > >nt!PopWaitForSystemPowerIrp+0x57a: > >fffff800`013daaae 8a8c2480000000 mov cl,byte ptr [rsp+80h] > >fffff800`013daab5 8a942488000000 mov dl,byte ptr [rsp+88h] > >fffff800`013daabc bd02000000 mov ebp,2 > >fffff800`013daac1 448d5503 lea r10d,[rbp+3] > >fffff800`013daac5 e9e7faffff jmp nt!PopWaitForSystemPowerIrp+0x71 (fffff800`013da5b1) > > > >nt!PopWaitForSystemPowerIrp+0x596: > >fffff800`013daaca 4585ff test r15d,r15d > >fffff800`013daacd 0f85defaffff jne nt!PopWaitForSystemPowerIrp+0x71 (fffff800`013da5b1) > > > >nt!PopWaitForSystemPowerIrp+0x59f: > >fffff800`013daad3 f04883672000 lock and qword ptr [rdi+20h],0 > >fffff800`013daad9 410fb6c6 movzx eax,r14b > >fffff800`013daadd 440f22c0 mov cr8,rax > >fffff800`013daae1 4c8b7c2448 mov r15,qword ptr [rsp+48h] > >fffff800`013daae6 4c8b742450 mov r14,qword ptr [rsp+50h] > >fffff800`013daaeb 4c8b6c2458 mov r13,qword ptr [rsp+58h] > >fffff800`013daaf0 4c8b642460 mov r12,qword ptr [rsp+60h] > >fffff800`013daaf5 488b7c2468 mov rdi,qword ptr [rsp+68h] > >fffff800`013daafa 488b742470 mov rsi,qword ptr [rsp+70h] > >fffff800`013daaff 488bac2498000000 mov rbp,qword ptr [rsp+98h] > >fffff800`013dab07 488b9c2490000000 mov rbx,qword ptr [rsp+90h] > >fffff800`013dab0f 4883c478 add rsp,78h > >fffff800`013dab13 c3 ret > > > >nt!PopWaitForSystemPowerIrp+0x5e0: > >fffff800`013dab14 4883bf7004000000 cmp qword ptr [rdi+470h],0 > >fffff800`013dab1c 75b5 jne nt!PopWaitForSystemPowerIrp+0x59f (fffff800`013daad3) > > > >nt!PopWaitForSystemPowerIrp+0x5ea: > >fffff800`013dab1e 488d87b8040000 lea rax,[rdi+4B8h] > >fffff800`013dab25 483900 cmp qword ptr [rax],rax > >fffff800`013dab28 74a9 je nt!PopWaitForSystemPowerIrp+0x59f (fffff800`013daad3) > > > >nt!PopWaitForSystemPowerIrp+0x5f6: > >fffff800`013dab2a 488b87c0040000 mov rax,qword ptr [rdi+4C0h] > >fffff800`013dab31 488b08 mov rcx,qword ptr [rax] > >fffff800`013dab34 488d50b8 lea rdx,[rax-48h] > >fffff800`013dab38 488b4008 mov rax,qword ptr [rax+8] > >fffff800`013dab3c 488908 mov qword ptr [rax],rcx > >fffff800`013dab3f 48894108 mov qword ptr [rcx+8],rax > >fffff800`013dab43 4c894248 mov qword ptr [rdx+48h],r8 > >fffff800`013dab47 4c894208 mov qword ptr [rdx+8],r8 > >fffff800`013dab4b 4c894210 mov qword ptr [rdx+10h],r8 > >fffff800`013dab4f 488b8770040000 mov rax,qword ptr [rdi+470h] > >fffff800`013dab56 488902 mov qword ptr [rdx],rax > >fffff800`013dab59 48899770040000 mov qword ptr [rdi+470h],rdx > >fffff800`013dab60 e96effffff jmp nt!PopWaitForSystemPowerIrp+0x59f (fffff800`013daad3) > > > >nt!PopWaitForSystemPowerIrp+0x631: > >fffff800`013dab65 488b5d20 mov rbx,qword ptr [rbp+20h] > >fffff800`013dab69 f04883672000 lock and qword ptr [rdi+20h],0 > >fffff800`013dab6f 410fb6c6 movzx eax,r14b > >fffff800`013dab73 440f22c0 mov cr8,rax > >fffff800`013dab77 488d0d82000000 lea rcx,[nt!`string' (fffff800`013dac00)] > >fffff800`013dab7e 488bd6 mov rdx,rsi > >fffff800`013dab81 e80a0b0000 call nt!PopDumpSystemIrp (fffff800`013db690) > >fffff800`013dab86 33ff xor edi,edi > >fffff800`013dab88 4533c9 xor r9d,r9d > >fffff800`013dab8b 4c8bc3 mov r8,rbx > >fffff800`013dab8e 33d2 xor edx,edx > >fffff800`013dab90 33c9 xor ecx,ecx > >fffff800`013dab92 48897c2428 mov qword ptr [rsp+28h],rdi > >fffff800`013dab97 48897c2420 mov qword ptr [rsp+20h],rdi > >fffff800`013dab9c e88fbfd3ff call nt!PopInternalAddToDumpFile (fffff800`01116b30) > >fffff800`013daba1 4c8b4510 mov r8,qword ptr [rbp+10h] > >fffff800`013daba5 4533c9 xor r9d,r9d > >fffff800`013daba8 33d2 xor edx,edx > >fffff800`013dabaa 33c9 xor ecx,ecx > >fffff800`013dabac 48897c2428 mov qword ptr [rsp+28h],rdi > >fffff800`013dabb1 48897c2420 mov qword ptr [rsp+20h],rdi > >fffff800`013dabb6 e875bfd3ff call nt!PopInternalAddToDumpFile (fffff800`01116b30) > >fffff800`013dabbb 4c8b4d10 mov r9,qword ptr [rbp+10h] > >fffff800`013dabbf 448d4702 lea r8d,[rdi+2] > >fffff800`013dabc3 ba00050000 mov edx,500h > >fffff800`013dabc8 b99f000000 mov ecx,9Fh > >fffff800`013dabcd 48895c2420 mov qword ptr [rsp+20h],rbx > >fffff800`013dabd2 e8b93cc5ff call nt!KeBugCheckEx (fffff800`0102e890) > >fffff800`013dabd7 cc int 3 > >fffff800`013dabd8 90 nop > >fffff800`013dabd9 90 nop > >fffff800`013dabda 90 nop > >fffff800`013dabdb 90 nop > >fffff800`013dabdc 90 nop > >fffff800`013dabdd 90 nop > >fffff800`013dabde 90 nop > >fffff800`013dabdf 90 nop > >fffff800`013dabe0 57 push rdi > > > >3: kd> x nt!PopPassivePowerCall > >fffff800`01113cb0 nt!PopPassivePowerCall = <no type information> > >3: kd> uf nt!PopPassivePowerCall > >Flow analysis was incomplete, some code may be missing > >nt!PopPassivePowerCall: > >fffff800`01113cb0 4883ec28 sub rsp,28h > >fffff800`01113cb4 488b91b8000000 mov rdx,qword ptr [rcx+0B8h] > >fffff800`01113cbb 488b053ee90900 mov rax,qword ptr [nt!pIofCallDriver (fffff800`011b2600)] > >fffff800`01113cc2 4885c0 test rax,rax > >fffff800`01113cc5 4c8b4ae0 mov r9,qword ptr [rdx-20h] > >fffff800`01113cc9 7410 je nt!PopPassivePowerCall+0x2b (fffff800`01113cdb) > > > >nt!PopPassivePowerCall+0x1b: > >fffff800`01113ccb 488bd1 mov rdx,rcx > >fffff800`01113cce 4533c0 xor r8d,r8d > >fffff800`01113cd1 498bc9 mov rcx,r9 > >fffff800`01113cd4 4883c428 add rsp,28h > >fffff800`01113cd8 48ffe0 jmp rax > > > >nt!PopPassivePowerCall+0x2b: > >fffff800`01113cdb fe4943 dec byte ptr [rcx+43h] > >fffff800`01113cde 80794300 cmp byte ptr [rcx+43h],0 > >fffff800`01113ce2 7f13 jg nt!PopPassivePowerCall+0x47 (fffff800`01113cf7) > > > >nt!PopPassivePowerCall+0x34: > >fffff800`01113ce4 4533c9 xor r9d,r9d > >fffff800`01113ce7 488bd1 mov rdx,rcx > >fffff800`01113cea 4533c0 xor r8d,r8d > >fffff800`01113ced 418d4935 lea ecx,[r9+35h] > >fffff800`01113cf1 e86aabf1ff call nt!KiBugCheck3 (fffff800`0102e860) > >fffff800`01113cf6 cc int 3 > > > >nt!PopPassivePowerCall+0x47: > >fffff800`01113cf7 488d42b8 lea rax,[rdx-48h] > >fffff800`01113cfb 488bd1 mov rdx,rcx > >fffff800`01113cfe 488981b8000000 mov qword ptr [rcx+0B8h],rax > >fffff800`01113d05 440fb600 movzx r8d,byte ptr [rax] > >fffff800`01113d09 4c894828 mov qword ptr [rax+28h],r9 > >fffff800`01113d0d 498b4108 mov rax,qword ptr [r9+8] > >fffff800`01113d11 498bc9 mov rcx,r9 > >fffff800`01113d14 4883c428 add rsp,28h > >fffff800`01113d18 4aff64c070 jmp qword ptr [rax+r8*8+70h] > > > > > >nt!PopPassivePowerCall call nt!pIofCallDriver in the line > >fffff800`01113cd8 48ffe0 jmp rax > >To call in advance dispatch routines of the drivers for power treatment where IRQL have to be lowered to passive level > >but that didn't happen in this case and cause BSOD in advance. > > > >Let's see that IRQL before call to nt!PopPassivePowerCall was DISPATCH_LEVEL(2). > > > >Next is extracted code around BSOD happened and it's self-sufficient( no other jumps to this code except from above ). > >I numereted opcode lines to reference them in advance. > > > >nt!PopWaitForSystemPowerIrp+0x2ff: > > 1) fffff800`013da83b f04883672000 lock and qword ptr [rdi+20h],0 > > 2) fffff800`013da841 410fb6c6 movzx eax,r14b > > 3) fffff800`013da845 440f22c0 mov cr8,rax > > 4) fffff800`013da849 450f20c0 mov r8,cr8 > > 5) fffff800`013da84d 440f22c5 mov cr8,rbp > > 6) fffff800`013da851 f0480fba2d156bdfff00 lock bts qword ptr [nt!PopWorkerLock (fffff800`011d1370)],0 > > 7) fffff800`013da85b 730e jae nt!PopWaitForSystemPowerIrp+0x32f (fffff800`013da86b) > > > >nt!PopWaitForSystemPowerIrp+0x321: > > 8) fffff800`013da85d 488d0d0c6bdfff lea rcx,[nt!PopWorkerLock (fffff800`011d1370)] > > 9) fffff800`013da864 e887d4c5ff call nt!KxWaitForSpinLockAndAcquire (fffff800`01037cf0) > >10) fffff800`013da869 eb03 jmp nt!PopWaitForSystemPowerIrp+0x332 (fffff800`013da86e) > > > >nt!PopWaitForSystemPowerIrp+0x32f: > >11) fffff800`013da86b 0faee8 lfence > > > >nt!PopWaitForSystemPowerIrp+0x332: > >12) fffff800`013da86e 488b15731ddfff mov rdx,qword ptr [nt!PopAction+0x28 (fffff800`011cc5e8)] > >13) fffff800`013da875 4885d2 test rdx,rdx > >14) fffff800`013da878 7478 je nt!PopWaitForSystemPowerIrp+0x3b8 (fffff800`013da8f2) > > > >nt!PopWaitForSystemPowerIrp+0x33e: > >15) fffff800`013da87a 4881c260040000 add rdx,460h > >16) fffff800`013da881 483912 cmp qword ptr [rdx],rdx > >17) fffff800`013da884 746c je nt!PopWaitForSystemPowerIrp+0x3b8 (fffff800`013da8f2) > > > >nt!PopWaitForSystemPowerIrp+0x34a: > >18) fffff800`013da886 6690 xchg ax,ax > >19) fffff800`013da888 6690 xchg ax,ax > > > >nt!PopWaitForSystemPowerIrp+0x350: > >20) fffff800`013da88a 488b0a mov rcx,qword ptr [rdx] > >21) fffff800`013da88d 488b01 mov rax,qword ptr [rcx] > >22) fffff800`013da890 488902 mov qword ptr [rdx],rax > >23) fffff800`013da893 48895008 mov qword ptr [rax+8],rdx > >24) fffff800`013da897 f0488325d06adfff00 lock and qword ptr [nt!PopWorkerLock (fffff800`011d1370)],0 > >25) fffff800`013da8a0 410fb6c0 movzx eax,r8b > >26) fffff800`013da8a4 440f22c0 mov cr8,rax > >27) fffff800`013da8a8 4881c158ffffff add rcx,0FFFFFFFFFFFFFF58h > >28) fffff800`013da8af e8fc93d3ff call nt!PopPassivePowerCall (fffff800`01113cb0) > >29) fffff800`013da8b4 450f20c0 mov r8,cr8 <-----!!!!!!!!!---return address from I8xPower() function when BSOD happened > >30) fffff800`013da8b8 440f22c5 mov cr8,rbp > >31) fffff800`013da8bc f0480fba2daa6adfff00 lock bts qword ptr [nt!PopWorkerLock (fffff800`011d1370)],0 > >32) fffff800`013da8c6 730e jae nt!PopWaitForSystemPowerIrp+0x39c (fffff800`013da8d6) > > > >nt!PopWaitForSystemPowerIrp+0x38e: > >33) fffff800`013da8c8 488d0da16adfff lea rcx,[nt!PopWorkerLock (fffff800`011d1370)] > >34) fffff800`013da8cf e81cd4c5ff call nt!KxWaitForSpinLockAndAcquire (fffff800`01037cf0) > >35) fffff800`013da8d4 eb03 jmp nt!PopWaitForSystemPowerIrp+0x39f (fffff800`013da8d9) > > > >nt!PopWaitForSystemPowerIrp+0x39c: > >36) fffff800`013da8d6 0faee8 lfence > > > >nt!PopWaitForSystemPowerIrp+0x39f: > >37) fffff800`013da8d9 488b15081ddfff mov rdx,qword ptr [nt!PopAction+0x28 (fffff800`011cc5e8)] > >38) fffff800`013da8e0 4881c260040000 add rdx,460h > >39) fffff800`013da8e7 483912 cmp qword ptr [rdx],rdx > >40) fffff800`013da8ea 759e jne nt!PopWaitForSystemPowerIrp+0x350 (fffff800`013da88a) > > > >Summary of the analysis: >------------------------- > >The BSOD happen when I/O Manager called on the first instruction of the I8xPower function - Power dispatch function of the i8042prt.sys >driver the one in charge of PS-2 keyboard and mouse. In this case that was mouse device which cause BSOD. There are no virtio drivers in the >system caused BSOD. There is two 3-party drivers, as Vadim mentioned ( ) but they are not in the stacks of both PS-2 keyboard and mouse. >!devstack command show standard stack keyboard device and the same for mouse device ) > fffffadfce4743f0 \Driver\Mouclass fffffadfce474540 PointerClass0 > > fffffadfcdca6a10 \Driver\i8042prt fffffadfcdca6b60 > >> fffffadfce8f54f0 \Driver\ACPI fffffadfcddfcdb0 00000043 > > > >The thread cause BSOD is worker thread which have to be called on PASSIVE_LEVEL(0) by definition. But during execution IRQL level changed to >DISPATCH_LEVEL(2), possible to see that from !prcb 3 command before, !pcr command show the IRQL level as passive for that processor/thread, >and didn't returned back as needed before I8xPower() call. > >Possible to re-interpret interesting us assembly code ( lines 6-9 ) into C code: >wdm.h define KeAcquireSpinLock as: > >#define KeAcquireSpinLock(SpinLock, OldIrql) \ > > *(OldIrql) = KeAcquireSpinLockRaiseToDpc(SpinLock) > > > >KeAcquireSpinLockRaiseToDpc(SpinLock) just raise the level to DPC, so next code ( lines 6-9 ): > > > > 6) fffff800`013da851 f0480fba2d156bdfff00 lock bts qword ptr [nt!PopWorkerLock (fffff800`011d1370)],0 > > 7) fffff800`013da85b 730e jae nt!PopWaitForSystemPowerIrp+0x32f (fffff800`013da86b) > > > >nt!PopWaitForSystemPowerIrp+0x321: > > 8) fffff800`013da85d 488d0d0c6bdfff lea rcx,[nt!PopWorkerLock (fffff800`011d1370)] > > 9) fffff800`013da864 e887d4c5ff call nt!KxWaitForSpinLockAndAcquire (fffff800`01037cf0) > > > >possible to describe as KfAcquireSpinLock() function which do real work to acquire the spinlock and have to be executed on >DISPATCH_LEVEL. > > >__forceinline > >VOID > >KfAcquireSpinLock ( > >__inout PKSPIN_LOCK SpinLock > >) > >{ > > if (InterlockedBitTestAndSet64 ((LONG64 *) SpinLock, 0)) > > KxWaitForSpinLockAndAcquire (SpinLock); > >} > > >From the lines 8 and 9 possible to see, that PopWorkerLock is SpinLock pointer, so all the code from > >line 1 have to be done at DISPATCH_LEVEL, because the code just check if PopWorkerLock spinlock free ( line 6 ) and > >go to to call PopPassivePowerCall() function where BSOD happen. If PopWorkerLock spinlock busy the code > >call nKxWaitForSpinLockAndAcquire function which is wait for PopWorkerLock to be released and acquire it in advance. > >Power dispatch function in the driver defined as paged in the driver and OTOH > >AddDevice() function in the driver set flag DO_POWER_PAGABLE for it's devices ( just seen in !poaction ). > >That mean that I/O Manager have to call power dispatch routine of the driver only on the PASSIVE_LEVEL and not > >DISPATCH_LEVEL. So I/O Manager had to lower the level to passive, but didn't do that so BSOD happen exactly > >when power dispatch function called ( on the first opcode ) to treat power IRP when device went to D3 ( turn-off ) on reboot. >Obviously that MSFT bug and possible to send the bug to Microsoft, but this function exist in the Oses, prior to > >Vista/Server 2008 Oses and not exist in current Oses.
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=915321">View the attachment on a separate page</a>.</b>
View Attachment As Raw
Actions:
View
Attachments on
bug 705014
:
499120
|
499122
|
499123
|
499971
| 915321