Q
Quentin Liedtke
My XPe solution runs in an environment that may have its power cut
unexpectedly and this is what seems to cause the BSoD (after 10-15
power cycles it BSoD's).
The stop parameters are (0x00000001, 0xc000017d, 0x00000004,
0xf7aeebb8).
--> unicode string at 0xf7aeebb8 is "\SystemRoot\System32\Config\"
- The build runs on a 20Gb HDD
- The drive has two partitions: one for OS (3.91 GB) and one for Data
(13.67 Gb).
- EWF is enabled using a Disk overlay (977 MB partition).
So I'd like to know what I need to do to my image to stop it from
getting these BSoD's?
Quentin.
PS> I have attached the data from KD in case there is some other
information in there that I have missed.
===============================================================
*******************************************************************************
*
*
* Bugcheck Analysis
*
*
*
*******************************************************************************
Use !analyze -v to get detailed debugging information.
BugCheck 73, {1, c000017d, 4, f7aeebb8}
*** ERROR: Module load completed but symbols could not be loaded for
smss.exe
Probably caused by : ntoskrnl.exe ( nt!CmpInitializeHiveList+2b1 )
Followup: MachineOwner
---------
nt!RtlpBreakWithStatusInstruction:
804e8592 cc int 3
kd> !analyze -v
*******************************************************************************
*
*
* Bugcheck Analysis
*
*
*
*******************************************************************************
CONFIG_LIST_FAILED (73)
Indicates that one of the core system hives cannot be linked in the
registry tree. The hive is valid, it was loaded OK. Examine the 2nd
bugcheck argument to see why the hive could not be linked in the
registry tree.
This can be either SAM, SECURITY, SOFTWARE or DEFAULT. One common
reason
for this to happen is if you are out of disk space on the system drive
(in which case param 2 is 0xC000017D - STATUS_NO_LOG_SPACE) or an
attempt
to allocate pool has failed (in which case param 2 is 0xC000009A -
STATUS_INSUFFICIENT_RESOURCES). Other status codes must be individually
investigated.
Arguments:
Arg1: 00000001, 1
Arg2: c000017d, Indicates the NT status code that tripped Windows into
thinking that it had failed to load the hive.
Arg3: 00000004, Index of hive in hivelist
Arg4: f7aeebb8, Pointer to UNICODE_STRING containing filename of hive
Debugging Details:
------------------
DEFAULT_BUCKET_ID: DRIVER_FAULT
BUGCHECK_STR: 0x73
PROCESS_NAME: smss.exe
LAST_CONTROL_TRANSFER: from 80537273 to 804e8592
STACK_TEXT:
f7aee728 80537273 00000003 f7aeea84 00000000
nt!RtlpBreakWithStatusInstruction
f7aee774 80537d46 00000003 00800014 00000060
nt!KiBugCheckDebugBreak+0x19
f7aeeb54 80538336 00000073 00000001 c000017d nt!KeBugCheck2+0x574
f7aeeb74 8060ff1e 00000073 00000001 c000017d nt!KeBugCheckEx+0x1b
f7aeecc4 805bb5db 805a4835 f7aeecdc 805bdb46
nt!CmpInitializeHiveList+0x2b1
f7aeecd0 805bdb46 00000000 f7aeece8 804e37ec nt!CmpCmdInit+0x53
f7aeecdc 804e37ec 00000000 f7aeed64 804e1dfd
nt!NtInitializeRegistry+0xba
f7aeecdc 804e1dfd 00000000 f7aeed64 804e1dfd nt!KiFastCallEntry+0xf8
f7aeed58 804e37ec 00000000 0015fecc 7c90eb94
nt!ZwInitializeRegistry+0x11
f7aeed58 7c90eb94 00000000 0015fecc 7c90eb94 nt!KiFastCallEntry+0xf8
0015fe50 7c90db11 48588d10 00000000 00000000 ntdll!KiFastSystemCallRet
0015fe54 48588d10 00000000 00000000 7c9012d6
ntdll!NtInitializeRegistry+0xc
WARNING: Stack unwind information not available. Following frames may
be wrong.
0015fecc 48588f27 0015ff6c 00000005 00000000 smss+0x8d10
0015ff18 48589bfc 0015ff6c 0015ff64 00000005 smss+0x8f27
0015ffa8 4858ad97 00000001 00162340 00162348 smss+0x9bfc
0015fff4 00000000 7ffdc000 000000c8 000001d7 smss+0xad97
STACK_COMMAND: kb
FOLLOWUP_IP:
nt!CmpInitializeHiveList+2b1
8060ff1e cc int 3
SYMBOL_STACK_INDEX: 4
SYMBOL_NAME: nt!CmpInitializeHiveList+2b1
FOLLOWUP_NAME: MachineOwner
MODULE_NAME: nt
IMAGE_NAME: ntoskrnl.exe
DEBUG_FLR_IMAGE_TIMESTAMP: 42251106
FAILURE_BUCKET_ID: 0x73_nt!CmpInitializeHiveList+2b1
BUCKET_ID: 0x73_nt!CmpInitializeHiveList+2b1
Followup: MachineOwner
---------
unexpectedly and this is what seems to cause the BSoD (after 10-15
power cycles it BSoD's).
The stop parameters are (0x00000001, 0xc000017d, 0x00000004,
0xf7aeebb8).
--> unicode string at 0xf7aeebb8 is "\SystemRoot\System32\Config\"
- The build runs on a 20Gb HDD
- The drive has two partitions: one for OS (3.91 GB) and one for Data
(13.67 Gb).
- EWF is enabled using a Disk overlay (977 MB partition).
So I'd like to know what I need to do to my image to stop it from
getting these BSoD's?
Quentin.
PS> I have attached the data from KD in case there is some other
information in there that I have missed.
===============================================================
*******************************************************************************
*
*
* Bugcheck Analysis
*
*
*
*******************************************************************************
Use !analyze -v to get detailed debugging information.
BugCheck 73, {1, c000017d, 4, f7aeebb8}
*** ERROR: Module load completed but symbols could not be loaded for
smss.exe
Probably caused by : ntoskrnl.exe ( nt!CmpInitializeHiveList+2b1 )
Followup: MachineOwner
---------
nt!RtlpBreakWithStatusInstruction:
804e8592 cc int 3
kd> !analyze -v
*******************************************************************************
*
*
* Bugcheck Analysis
*
*
*
*******************************************************************************
CONFIG_LIST_FAILED (73)
Indicates that one of the core system hives cannot be linked in the
registry tree. The hive is valid, it was loaded OK. Examine the 2nd
bugcheck argument to see why the hive could not be linked in the
registry tree.
This can be either SAM, SECURITY, SOFTWARE or DEFAULT. One common
reason
for this to happen is if you are out of disk space on the system drive
(in which case param 2 is 0xC000017D - STATUS_NO_LOG_SPACE) or an
attempt
to allocate pool has failed (in which case param 2 is 0xC000009A -
STATUS_INSUFFICIENT_RESOURCES). Other status codes must be individually
investigated.
Arguments:
Arg1: 00000001, 1
Arg2: c000017d, Indicates the NT status code that tripped Windows into
thinking that it had failed to load the hive.
Arg3: 00000004, Index of hive in hivelist
Arg4: f7aeebb8, Pointer to UNICODE_STRING containing filename of hive
Debugging Details:
------------------
DEFAULT_BUCKET_ID: DRIVER_FAULT
BUGCHECK_STR: 0x73
PROCESS_NAME: smss.exe
LAST_CONTROL_TRANSFER: from 80537273 to 804e8592
STACK_TEXT:
f7aee728 80537273 00000003 f7aeea84 00000000
nt!RtlpBreakWithStatusInstruction
f7aee774 80537d46 00000003 00800014 00000060
nt!KiBugCheckDebugBreak+0x19
f7aeeb54 80538336 00000073 00000001 c000017d nt!KeBugCheck2+0x574
f7aeeb74 8060ff1e 00000073 00000001 c000017d nt!KeBugCheckEx+0x1b
f7aeecc4 805bb5db 805a4835 f7aeecdc 805bdb46
nt!CmpInitializeHiveList+0x2b1
f7aeecd0 805bdb46 00000000 f7aeece8 804e37ec nt!CmpCmdInit+0x53
f7aeecdc 804e37ec 00000000 f7aeed64 804e1dfd
nt!NtInitializeRegistry+0xba
f7aeecdc 804e1dfd 00000000 f7aeed64 804e1dfd nt!KiFastCallEntry+0xf8
f7aeed58 804e37ec 00000000 0015fecc 7c90eb94
nt!ZwInitializeRegistry+0x11
f7aeed58 7c90eb94 00000000 0015fecc 7c90eb94 nt!KiFastCallEntry+0xf8
0015fe50 7c90db11 48588d10 00000000 00000000 ntdll!KiFastSystemCallRet
0015fe54 48588d10 00000000 00000000 7c9012d6
ntdll!NtInitializeRegistry+0xc
WARNING: Stack unwind information not available. Following frames may
be wrong.
0015fecc 48588f27 0015ff6c 00000005 00000000 smss+0x8d10
0015ff18 48589bfc 0015ff6c 0015ff64 00000005 smss+0x8f27
0015ffa8 4858ad97 00000001 00162340 00162348 smss+0x9bfc
0015fff4 00000000 7ffdc000 000000c8 000001d7 smss+0xad97
STACK_COMMAND: kb
FOLLOWUP_IP:
nt!CmpInitializeHiveList+2b1
8060ff1e cc int 3
SYMBOL_STACK_INDEX: 4
SYMBOL_NAME: nt!CmpInitializeHiveList+2b1
FOLLOWUP_NAME: MachineOwner
MODULE_NAME: nt
IMAGE_NAME: ntoskrnl.exe
DEBUG_FLR_IMAGE_TIMESTAMP: 42251106
FAILURE_BUCKET_ID: 0x73_nt!CmpInitializeHiveList+2b1
BUCKET_ID: 0x73_nt!CmpInitializeHiveList+2b1
Followup: MachineOwner
---------
