Analyzing USB events in Windows tracing. RRS feed

  • Question

  • I am trying to debug an issue with some USB devices not always detected by a Windows 10 machine.

    When it is not detected the following does not help

    • Turn the device on and offf
    • Remove the USB3 cable on the device side and plug it in again
    • Remove the USB3 cable on the computer side and plug it in the same port again

    The following help

    • Removing the USB3 cable on the computer side and plug it into another USB port
    • Going into the device manager and disable the USB controller and enable it again
    • Plug in any other USB3 device into any other of the USB3 ports on the computer.

    To debug it I created a filter, and it was running on the system.

    logman create trace -n usbtrace -o %SystemRoot%\tracing\usbtrace.etl -nb 128 640 -bs 128
    logman update trace -n usbtrace -p Microsoft-Windows-USB-USBXHCI (Default,PartialDataBusTrace,StateMachine)
    logman update trace -n usbtrace -p Microsoft-Windows-USB-UCX (Default,PartialDataBusTrace,StateMachine)
    logman update trace -n usbtrace -p Microsoft-Windows-USB-USBHUB3 (Default,PartialDataBusTrace,StateMachine)
    logman update trace -n usbtrace -p Microsoft-Windows-USB-USBPORT
    logman update trace -n usbtrace -p Microsoft-Windows-USB-USBHUB
    logman update trace -n usbtrace -p Microsoft-Windows-Kernel-IoTrace 0 2
    logman start -n usbtrace

    With this I got a log, where when it works, it starts with a USBHUB3 State Machine event (Event ID 110), there is missing when it does not detect the device. See below. (Todo - add image of log when account is verified)

    Next I need to understand what is causing the fid_Event 2034 as visible in the above image, so I was trying to get the symbol (pdb) for the usbhub3.sys. This fails though as it seems to be missing on the microsoft symbol server.

    C:\>"C:\Program Files (x86)\Windows Kits\10\Debuggers\x64\symchk.exe" c:\windows\system32\drivers\USBHUB3.sys /s SRV*C:\Symbols*http://msdl.microsoft.com/downloads/symbols
    SYMCHK: USBHUB3.SYS          FAILED  - usbhub3.pdb mismatched or not found
    SYMCHK: FAILED files = 1
    SYMCHK: PASSED + IGNORED files = 0

    So my questions is how do I investigate what causes this error. E.g. how do I use the trace log better so I can say what causes the issue?

    Thursday, March 12, 2020 11:15 AM