Friday, July 25th 2014, 10:58am UTC+2

You are not logged in.

  • Login

Dear visitor, you are currently not logged in. Login or Register as a new user .

1

Friday, April 9th 2010, 11:37pm

Sending Virus to sleep causes BSOD

This one is pretty annoying and it happens on some kind of regular basis.... it's always the same situation, it happens when sending the virus to sleep while the VSTi is loaded in an active Cubase arrangement. Cubase then starts working a little and wham, DRIVER_UNLOADED_WITHOUT_CANCELLING_PENDING_OPERATIONS, caused by vtimidi.sys.

Anyone else encountering this problem?

Cubase Studio 4.5.2
Virus VSTi 3.3.5.02
Windows 7 Ultimate x64

Quoted

Windows 7 Kernel Version 7600 MP (2 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 7600.16385.amd64fre.win7_rtm.090713-1255
Machine Name:
Kernel base = 0xfffff800`03807000 PsLoadedModuleList = 0xfffff800`03a44e50
Debug session time: Fri Apr 9 23:12:30.735 2010 (GMT+2)
System Uptime: 0 days 0:43:24.577
Loading Kernel Symbols
...............................................................
................................................................
......................
Loading User Symbols
Loading unloaded module list
.......
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck CE, {fffff8800872ca23, 8, fffff8800872ca23, 0}

Probably caused by : vtimidi.sys ( vtimidi+3a23 )

Followup: MachineOwner
---------

0: kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************

DRIVER_UNLOADED_WITHOUT_CANCELLING_PENDING_OPERATIONS (ce)
A driver unloaded without cancelling timers, DPCs, worker threads, etc.
The broken driver's name is displayed on the screen.
Arguments:
Arg1: fffff8800872ca23, memory referenced
Arg2: 0000000000000008, value 0 = read operation, 1 = write operation
Arg3: fffff8800872ca23, If non-zero, the instruction address which referenced the bad memory
address.
Arg4: 0000000000000000, Mm internal code.

Debugging Details:
------------------


WRITE_ADDRESS: GetPointerFromAddress: unable to read from fffff80003aaf0e0
fffff8800872ca23

FAULTING_IP:
vtimidi+3a23
fffff880`0872ca23 ?? ???

CUSTOMER_CRASH_COUNT: 1

DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT

BUGCHECK_STR: 0xCE

PROCESS_NAME: System

CURRENT_IRQL: 0

TRAP_FRAME: fffff880062ffb80 -- (.trap 0xfffff880062ffb80)
NOTE: The trap frame does not contain all registers.
Some register values may be zeroed or incorrect.
rax=0000000000000000 rbx=0000000000000000 rcx=fffff880062ffc60
rdx=0000000000187000 rsi=0000000000000000 rdi=0000000000000000
rip=fffff8800872ca23 rsp=fffff880062ffd10 rbp=0000000000000080
r8=fffffa80036e8628 r9=0000000000000000 r10=fffffffffffffffe
r11=fffff800039f1e00 r12=0000000000000000 r13=0000000000000000
r14=0000000000000000 r15=0000000000000000
iopl=0 nv up ei ng nz na po nc
<Unloaded_vtimidi.sys>+0x3a23:
fffff880`0872ca23 ?? ???
Resetting default scope

IP_MODULE_UNLOADED:
vtimidi+3a23
fffff880`0872ca23 ?? ???

LAST_CONTROL_TRANSFER: from fffff800038f81e4 to fffff80003878f00

STACK_TEXT:
fffff880`062ffa18 fffff800`038f81e4 : 00000000`00000050 fffff880`0872ca23 00000000`00000008 fffff880`062ffb80 : nt!KeBugCheckEx
fffff880`062ffa20 fffff800`03876fee : 00000000`00000008 fffffa80`03dd8b60 00000000`00000000 00000000`00000000 : nt! ?? ::FNODOBFM::`string'+0x42907
fffff880`062ffb80 fffff880`0872ca23 : fffffa80`058e1660 00000000`00000000 fffffa80`03dd8b00 fffffa80`058e1768 : nt!KiPageFault+0x16e
fffff880`062ffd10 fffffa80`058e1660 : 00000000`00000000 fffffa80`03dd8b00 fffffa80`058e1768 fffffa80`03cd97e0 : <Unloaded_vtimidi.sys>+0x3a23
fffff880`062ffd18 00000000`00000000 : fffffa80`03dd8b00 fffffa80`058e1768 fffffa80`03cd97e0 fffff800`03b1c166 : 0xfffffa80`058e1660


STACK_COMMAND: kb

FOLLOWUP_IP:
vtimidi+3a23
fffff880`0872ca23 ?? ???

SYMBOL_STACK_INDEX: 3

SYMBOL_NAME: vtimidi+3a23

FOLLOWUP_NAME: MachineOwner

MODULE_NAME: vtimidi

IMAGE_NAME: vtimidi.sys

DEBUG_FLR_IMAGE_TIMESTAMP: 0

FAILURE_BUCKET_ID: X64_0xCE_vtimidi+3a23

BUCKET_ID: X64_0xCE_vtimidi+3a23

Followup: MachineOwner