- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
We have received multiple crashes from our customers since March 2016, all of the crashes were reported from Microsoft Surface Pro 4 with same pattern, as following:
ChildEBP RetAddr
0b52f9e0 62d582e1 0x42d94a0
0b52fa1c 62d5cc30 SensorsApi!CSensorV2::DataCallback+0x1aa
0b52fa28 65eed409 SensorsApi!CSensorV2::s_DataCallback+0x10
0b52fabc 75743744 SensorsNativeApi_V2!NativeSensorCollectionNotifThread+0x389
0b52fad0 77a59e54 kernel32+0x13744
0b52fb18 77a59e1f ntdll+0x59e54
0b52fb28 00000000 ntdll+0x59e1f
We then purchased a Microsoft Surface Pro 4 and debugged into the deep details, it seems it's caused by our software loading the Intel AVStream 2500 camera, which then loading the camera plugin IntelCameraPlugin64.dll, which then creating thread and loading SensersApi. It's seems the sensorsAPI callback was not handled correctly, and crashed.
All of the crashes we received use the same version of IntelCameraPlugin64.dll, which is 1.0.0.1. Hopefully Intel can soon release a driver update to fix this problem.
==========================================
Here are the call statcks. Thread #30 is main thread, which loads IntelCameraPlugin64.dll, which then creates thread #42. Thread # 42 is a background thread which loads SensorsApi.
30 Id: 1a4c.1a6c Suspend: 1 Teb: 00387000 Unfrozen
# ChildEBP RetAddr
00 0018c380 75e8a4fa ntdll!NtWaitForMultipleObjects+0xc
01 0018c514 73c4c47b KERNELBASE!WaitForMultipleObjectsEx+0x10a
02 0018c57c 75c598ac USER32!MsgWaitForMultipleObjectsEx+0x17b
03 0018c5b4 75c58e36 combase!CCliModalLoop::BlockFn(void ** ahEvent = 0x0018c5d4, unsigned long cEvents = 1, unsigned long * lpdwSignaled = 0x0018c5ec)+0x11c
04 0018c5f8 75c58d68 combase!ModalLoop(class CSyncClientCall * pClientCall = 0x0b55b770)+0xa7
05 0018c614 75c8054e combase!ClassicSTAThreadDispatchCrossApartmentCall(struct tagRPCOLEMESSAGE * pMessage = 0x0018c8b0, class OXIDEntry * pOXIDEntry = 0x007a18d8, class CSyncClientCall * pClientCall = 0x0b55b770)+0x48
06 (Inline) -------- combase!CSyncClientCall::SwitchAptAndDispatchCall+0x11f
07 0018c730 75c7fbc2 combase!CSyncClientCall::SendReceive2(struct tagRPCOLEMESSAGE * pMessage = 0x0018c8b0, unsigned long * pstatus = 0x0018c878)+0x34e
08 (Inline) -------- combase!SyncClientCallRetryContext::SendReceiveWithRetry+0x2f
09 (Inline) -------- combase!CSyncClientCall::SendReceiveInRetryContext+0x2f
0a (Inline) -------- combase!ClassicSTAThreadSendReceive+0x24a
0b 0018c854 75c1bd8b combase!CSyncClientCall::SendReceive(struct tagRPCOLEMESSAGE * pMessage = 0x0018c8b0, unsigned long * pulStatus = 0x0018c878)+0x362
0c (Inline) -------- combase!CClientChannel::SendReceive+0xbb
0d 0018c880 76129799 combase!NdrExtpProxySendReceive(void * pThis = 0x0b55b9dc, struct _MIDL_STUB_MESSAGE * pStubMsg = 0x0018c8dc)+0x11b
0e 0018c898 761036fe RPCRT4!NdrpProxySendReceive+0x29
0f 0018cccc 75c1c914 RPCRT4!NdrClientCall2+0x39e
10 0018ccec 75cf528f combase!ObjectStublessClient(void * ParamAddress = 0x0018cd04, long Method = 0n4)+0x74
11 0018ccfc 75cbc4c1 combase!ObjectStubless(void)+0xf
12 0018cd2c 75cbc250 combase!CProcessActivator::CCICallback(unsigned long dwContext = 1, struct IUnknown * pUnkOuter = 0x00000000, class ActivationPropertiesIn * pActIn = 0x0018d0d0, struct IActivationPropertiesIn * pInActProperties = 0x0018d2a4, struct IActivationPropertiesOut ** ppOutActProperties = 0x0018d948)+0xa1
13 0018cd50 75cbc2e7 combase!CProcessActivator::AttemptActivation(class ActivationPropertiesIn * pActIn = 0x0018d0d0, struct IUnknown * pUnkOuter = 0x00000000, struct IActivationPropertiesIn * pInActProperties = 0x0018d2a4, struct IActivationPropertiesOut ** ppOutActProperties = 0x0018d948, <function> * pfnCtxActCallback = 0x75cfedd0, unsigned long dwContext = 1)+0x40
14 0018cd90 75cbc777 combase!CProcessActivator::ActivateByContext(class ActivationPropertiesIn * pActIn = 0x0018d0d0, struct IUnknown * pUnkOuter = 0x00000000, struct IActivationPropertiesIn * pInActProperties = 0x0018d2a4, struct IActivationPropertiesOut ** ppOutActProperties = 0x0018d948, <function> * pfnCtxActCallback = 0x75cfedd0)+0x77
15 0018cdc0 75cb62da combase!CProcessActivator::CreateInstance(struct IUnknown * pUnkOuter = 0x00000000, struct IActivationPropertiesIn * pInActProperties = 0x0018d2a4, struct IActivationPropertiesOut ** ppOutActProperties = 0x0018d948)+0x67
16 0018ce0c 75cb929d combase!ActivationPropertiesIn::DelegateCreateInstance(struct IUnknown * pUnkOuter = 0x00000000, struct IActivationPropertiesOut ** ppActPropsOut = 0x0018d948)+0xba
17 0018d070 75cb62ba combase!CClientContextActivator::CreateInstance(struct IUnknown * pUnkOuter = 0x00000000, struct IActivationPropertiesIn * pInActProperties = 0x0018d2a4, struct IActivationPropertiesOut ** ppOutActProperties = 0x0018d948)+0xfd
18 0018d0bc 75c91186 combase!ActivationPropertiesIn::DelegateCreateInstance(struct IUnknown * pUnkOuter = 0x00000000, struct IActivationPropertiesOut ** ppActPropsOut = 0x0018d948)+0x9a
19 0018da40 75c903f9 combase!ICoCreateInstanceEx(struct _GUID * OriginalClsid = <Value unavailable error>, struct IUnknown * punkOuter = 0x00000000, unsigned long dwClsCtx = 1, struct _COSERVERINFO * pServerInfo = 0x00000000, unsigned long dwCount = 1, unsigned long dwActvFlags = 0, struct tagMULTI_QI * pResults = 0x0018dab0, class ActivationPropertiesIn * pActIn = 0x0018d0d0)+0xc46
1a 0018da8c 75c9026a combase!CComActivator::DoCreateInstance(struct _GUID * Clsid = 0x6627e9c0 {77A1C827-FCD2-4689-8915-9D613CC5FA3E}, struct IUnknown * punkOuter = 0x00000000, unsigned long dwClsCtx = 1, struct _COSERVERINFO * pServerInfo = 0x00000000, unsigned long dwCount = 1, struct tagMULTI_QI * pResults = 0x0018dab0, class ActivationPropertiesIn * pActIn = 0x00000000)+0x149
1b (Inline) -------- combase!CoCreateInstanceEx+0x105
1c 0018dac4 6619ef22 combase!CoCreateInstance(struct _GUID * rclsid = 0x6627e9c0 {77A1C827-FCD2-4689-8915-9D613CC5FA3E}, struct IUnknown * pUnkOuter = 0x00000000, unsigned long dwContext = 1, struct _GUID * riid = 0x662847f4 {BD77DB67-45A8-42DC-8D00-6DCF15F8377A}, void ** ppv = 0x0b557868)+0x13a
WARNING: Stack unwind information not available. Following frames may be wrong.
1d 0018db10 6615d1e4 IntelCameraPlugin!DllInstall+0x174d2
1e 0018db48 66167a24 IntelCameraPlugin!SkyCamAIC::GetAICVersion+0x1d94
1f 0018db90 6617ccef IntelCameraPlugin!SkyCamAIC::GetAICVersion+0xc5d4
20 0018de60 6617c9ab IntelCameraPlugin!SkyCamAIC::GetAICVersion+0x2189f
21 0018dea0 6618ad5d IntelCameraPlugin!SkyCamAIC::GetAICVersion+0x2155b
22 0018ded8 6618b1e5 IntelCameraPlugin!DllInstall+0x330d
23 0018df08 6618b0f4 IntelCameraPlugin!DllInstall+0x3795
24 0018df14 66157dbb IntelCameraPlugin!DllInstall+0x36a4
25 0018df28 75cbd490 IntelCameraPlugin!ia_me_corner_init+0x543b
26 0018dfa8 75cb62b3 combase!CServerContextActivator::CreateInstance(struct IUnknown * pUnkOuter = 0x0534f414, struct IActivationPropertiesIn * pInActProperties = 0x0018e5f4, struct IActivationPropertiesOut ** ppOutActProperties = 0x0018ec98)+0x1a0
27 0018dff4 75cbbf92 combase!ActivationPropertiesIn::DelegateCreateInstance(struct IUnknown * pUnkOuter = 0x0534f414, struct IActivationPropertiesOut ** ppActPropsOut = 0x0018ec98)+0x93
28 0018e04c 75cbc485 combase!CApartmentActivator::CreateInstance(struct IUnknown * pUnkOuter = 0x0534f414, struct IActivationPropertiesIn * pInActProperties = 0x0018e5f4, struct IActivationPropertiesOut ** ppOutActProperties = 0x0018ec98)+0xa2
29 0018e07c 75cbc250 combase!CProcessActivator::CCICallback(unsigned long dwContext = 1, struct IUnknown * pUnkOuter = 0x0534f414, class ActivationPropertiesIn * pActIn = 0x0018e420, struct IActivationPropertiesIn * pInActProperties = 0x0018e5f4, struct IActivationPropertiesOut ** ppOutActProperties = 0x0018ec98)+0x65
2a 0018e0a0 75cbc2e7 combase!CProcessActivator::AttemptActivation(class ActivationPropertiesIn * pActIn = 0x0018e420, struct IUnknown * pUnkOuter = 0x0534f414, struct IActivationPropertiesIn * pInActProperties = 0x0018e5f4, struct IActivationPropertiesOut ** ppOutActProperties = 0x0018ec98, <function> * pfnCtxActCallback = 0x75cfedd0, unsigned long dwContext = 1)+0x40
2b 0018e0e0 75cbc777 combase!CProcessActivator::ActivateByContext(class ActivationPropertiesIn * pActIn = 0x0018e420, struct IUnknown * pUnkOuter = 0x0534f414, struct IActivationPropertiesIn * pInActProperties = 0x0018e5f4, struct IActivationPropertiesOut ** ppOutActProperties = 0x0018ec98, <function> * pfnCtxActCallback = 0x75cfedd0)+0x77
2c 0018e110 75cb62da combase!CProcessActivator::CreateInstance(struct IUnknown * pUnkOuter = 0x0534f414, struct IActivationPropertiesIn * pInActProperties = 0x0018e5f4, struct IActivationPropertiesOut ** ppOutActProperties = 0x0018ec98)+0x67
2d 0018e15c 75cb929d combase!ActivationPropertiesIn::DelegateCreateInstance(struct IUnknown * pUnkOuter = 0x0534f414, struct IActivationPropertiesOut ** ppActPropsOut = 0x0018ec98)+0xba
2e 0018e3c0 75cb62ba combase!CClientContextActivator::CreateInstance(struct IUnknown * pUnkOuter = 0x0534f414, struct IActivationPropertiesIn * pInActProperties = 0x0018e5f4, struct IActivationPropertiesOut ** ppOutActProperties = 0x0018ec98)+0xfd
2f 0018e40c 75c91186 combase!ActivationPropertiesIn::DelegateCreateInstance(struct IUnknown * pUnkOuter = 0x0534f414, struct IActivationPropertiesOut ** ppActPropsOut = 0x0018ec98)+0x9a
30 0018ed90 75c903f9 combase!ICoCreateInstanceEx(struct _GUID * OriginalClsid = <Value unavailable error>, struct IUnknown * punkOuter = 0x0534f414, unsigned long dwClsCtx = 0x401, struct _COSERVERINFO * pServerInfo = 0x00000000, unsigned long dwCount = 1, unsigned long dwActvFlags = 0, struct tagMULTI_QI * pResults = 0x0018edfc, class ActivationPropertiesIn * pActIn = 0x0018e420)+0xc46
31 0018edd8 75c9026a combase!CComActivator::DoCreateInstance(struct _GUID * Clsid = 0x053517d0 {FEB9695C-C7DF-4D40-8019-00FA047288FF}, struct IUnknown * punkOuter = 0x0534f414, unsigned long dwClsCtx = 0x401, struct _COSERVERINFO * pServerInfo = 0x00000000, unsigned long dwCount = 1, struct tagMULTI_QI * pResults = 0x0018edfc, class ActivationPropertiesIn * pActIn = 0x00000000)+0x149
32 (Inline) -------- combase!CoCreateInstanceEx+0x105
33 0018ee10 66a5d1ad combase!CoCreateInstance(struct _GUID * rclsid = 0x053517d0 {FEB9695C-C7DF-4D40-8019-00FA047288FF}, struct IUnknown * pUnkOuter = 0x0534f414, unsigned long dwContext = 0x401, struct _GUID * riid = 0x66a41df0 {00000000-0000-0000-C000-000000000046}, void ** ppv = 0x053517e0)+0x13a
34 0018ee40 66a5d859 ksproxy!AddAggregateObject+0xb1
35 0018eee8 66a4a58d ksproxy!AggregateSets+0x1ba
36 0018ef6c 69276986 ksproxy!CKsProxy::Load+0x3cd
37 0018f018 69def5ac devenum!CDeviceMoniker::BindToObject+0x216
38 ...... ignored
# 42 Id: 1a4c.1688 Suspend: 1 Teb: 003a8000 Unfrozen
# ChildEBP RetAddr
00 0bf1e3f0 76f117f9 ntdll!NtMapViewOfSection+0xc
01 0bf1e450 76f113a6 ntdll!LdrpMapViewOfSection+0x76
02 0bf1e4a0 76f112d3 ntdll!LdrpMapImage+0x40
03 0bf1e4c0 76f12ad2 ntdll!LdrpMapDllWithSectionHandle+0x20
04 0bf1e518 76f3450f ntdll!LdrpMapDllNtFileName+0xde
05 0bf1e64c 76f11bed ntdll!LdrpMapDllFullPath+0x9a
06 0bf1e698 76f2e2f9 ntdll!LdrpProcessWork+0xf1
07 0bf1e6e0 76f2adfe ntdll!LdrpLoadDllInternal+0xdb
08 0bf1e82c 76f2e739 ntdll!LdrpLoadDll+0x92
09 0bf1e8b0 75e7e9e8 ntdll!LdrLoadDll+0xd9
0a 0bf1e8f4 75cbdcf5 KERNELBASE!LoadLibraryExW+0x138
0b 0bf1e918 75cbdc2d combase!LoadLibraryWithLogging(wchar_t * pwszFileName = 0x0bf1e9a0 "C:\windows\System32\SensorsApi.dll", unsigned long dwFlags = 0x2008, struct HINSTANCE__ ** phMod = 0x0bf1e970)+0x1b
0c 0bf1e93c 75cbd9ce combase!CClassCache::CDllPathEntry::LoadDll(struct DLL_INSTANTIATION_PROPERTIES * dip = 0x0bf1e9a0, <function> ** pfnGetClassObject = 0x0bf1e964, <function> ** pfnGetActivationFactory = 0x0bf1e96c, <function> ** pfnDllCanUnload = 0x0bf1e968, struct HINSTANCE__ ** hDll = 0x0bf1e970)+0xc3
0d 0bf1e97c 75cbcf55 combase!CClassCache::CDllPathEntry::Create(struct DLL_INSTANTIATION_PROPERTIES * dip = 0x0bf1e9a0, bool makeValidInCurrentApartment = false, class CClassCache::CDllPathEntry ** pDPE = 0x0bf1e99c)+0x3c
0e 0bf1ebcc 75c9295b combase!CClassCache::CClassEntry::CreateDllClassEntry(unsigned long dwContext = 1, struct ACTIVATION_PROPERTIES * ap = 0x0bf1ef44, class CClassCache::CDllClassEntry ** pDCE = 0x0bf1ec34)+0xeb
0f 0bf1eefc 75cbd87a combase!CClassCache::GetClassObjectActivator(unsigned long dwContext = 1, struct ACTIVATION_PROPERTIES * ap = 0x0bf1ef44, class CClassCache::IMiniMoniker ** ppIM = 0x0bf1ef24)+0x85b
10 0bf1ef30 75cbd41c combase!CClassCache::GetClassObject(struct ACTIVATION_PROPERTIES * ap = 0x0bf1ef44)+0x30
11 (Inline) -------- combase!CCGetClassObject+0x4c
12 0bf1efa0 75cb62b3 combase!CServerContextActivator::CreateInstance(struct IUnknown * pUnkOuter = 0x00000000, struct IActivationPropertiesIn * pInActProperties = 0x0018d2a4, struct IActivationPropertiesOut ** ppOutActProperties = 0x0b55da80)+0x12c
13 0bf1efec 75cbbf92 combase!ActivationPropertiesIn::DelegateCreateInstance(struct IUnknown * pUnkOuter = 0x00000000, struct IActivationPropertiesOut ** ppActPropsOut = 0x0b55da80)+0x93
14 0bf1f044 761379ac combase!CApartmentActivator::CreateInstance(struct IUnknown * pUnkOuter = 0x00000000, struct IActivationPropertiesIn * pInActProperties = 0x0018d2a4, struct IActivationPropertiesOut ** ppOutActProperties = 0x0b55da80)+0xa2
15 0bf1f068 76103dc4 RPCRT4!Invoke+0x34
16 0bf1f4a8 75c1c359 RPCRT4!NdrStubCall2+0x3c4
17 0bf1f4f4 75c76906 combase!CStdStubBuffer_Invoke(struct IRpcStubBuffer * This = 0x0b55d428, struct tagRPCOLEMESSAGE * prpcmsg = 0x0b55b864, struct IRpcChannelBuffer * pRpcChannelBuffer = 0x007a2044)+0x99
18 (Inline) -------- combase!InvokeStubWithExceptionPolicyAndTracing::__l7::<lambda_adf5d6ba83bff890864fd80ca2bbf1eb>::operator()+0x1c
19 0bf1f548 75c78ae7 combase!ObjectMethodExceptionHandlingAction<<lambda_adf5d6ba83bff890864fd80ca2bbf1eb> >(class InvokeStubWithExceptionPolicyAndTracing::__l7::<lambda_adf5d6ba83bff890864fd80ca2bbf1eb> action = class InvokeStubWithExceptionPolicyAndTracing::__l7::<lambda_adf5d6ba83bff890864fd80ca2bbf1eb>, struct ObjectMethodExceptionHandlingInfo * pExceptionHandlingInfo = 0x0bf1f5b8, struct ExceptionHandlingResult * pExceptionHandlingResult = 0x0bf1f57c)+0x76
1a (Inline) -------- combase!InvokeStubWithExceptionPolicyAndTracing+0x8e
1b 0bf1f66c 75c7dd91 combase!DefaultStubInvoke(bool bIsAsyncBeginMethod = false, struct IServerCall * pServerCall = 0x0b55d92c, struct IRpcChannelBuffer * pChannel = 0x007a2044, struct IRpcStubBuffer * pStub = 0x0b55d428, unsigned long * pdwFault = 0x0bf1f7f8)+0x207
1c (Inline) -------- combase!SyncStubCall::Invoke+0x22
1d (Inline) -------- combase!SyncServerCall::StubInvoke+0x22
1e (Inline) -------- combase!StubInvoke+0x1d7
1f 0bf1f7ac 75c81e21 combase!ServerCall::ContextInvoke(struct tagRPCOLEMESSAGE * pMessage = 0x0b55b864, struct IRpcStubBuffer * pStub = 0x0b55d428, class CServerChannel * pChannel = 0x007a2044, struct tagIPIDEntry * pIPIDEntry = 0x007a3d00, unsigned long * pdwFault = 0x0bf1f7f8)+0x381
20 (Inline) -------- combase!CServerChannel::ContextInvoke+0x8d
21 (Inline) -------- combase!DefaultInvokeInApartment+0xa5
22 0bf1f8a4 75c7ae45 combase!AppInvoke(class ServerCall * pServerCall = 0x0b55d918, class CServerChannel * pChannel = 0x007a2044, struct IRpcStubBuffer * pStub = 0x0b55d428, void * pv = 0x75d985e8, void * pStubBuffer = 0x0b55d9f8, struct tagIPIDEntry * pIPIDEntry = 0x007a3d00, union WireLocalThis * pLocalb = 0x0b55d9b8)+0x981
23 0bf1fc5c 75c5e363 combase!ComInvokeWithLockAndIPID(class ServerCall * pServerCall = 0x0b55d918, struct tagIPIDEntry * pIPIDEntry = 0x007a3d00, bool * pbCallerResponsibleForRequestMessageCleanup = 0x0bf1fccb)+0x625
24 0bf1fcb0 75c5e1d1 combase!ComInvoke(class ServerCall * pServerCall = 0x0b55d918, bool * pbCallerResponsibleForRequestMessageCleanup = 0x0bf1fccb)+0x124
25 0bf1fcd0 75c5e0fc combase!ThreadDispatch(class ServerCall * pServerCall = 0x0b55d918)+0xa2
26 0bf1fce4 75c5b8fd combase!ThreadDispatchThreadProc(void * param = 0x0b55d918)+0x1c
27 0bf1fd14 75ce760f combase!CRpcThread::WorkerLoop(void)+0x3e
28 0bf1fd24 76e138f4 combase!CRpcThreadCache::RpcWorkerThreadEntry(void * param = 0x0b559e88)+0x1f
29 0bf1fd38 76f45de3 KERNEL32!BaseThreadInitThunk+0x24
2a 0bf1fd80 76f45dae ntdll!__RtlUserThreadStart+0x2f
2b 0bf1fd90 00000000 ntdll!_RtlUserThreadStart+0x1b
Link Copied
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
merged to post 1.

- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page