WdfDriverCreate causes a bug check 0x7E?
in [Device Drivers]
|
Prev: filter driver for monitor
Next: DPInst and DIfx usage
From: Leafbanana on 12 Jan 2010 04:34 Hi guys, I'm just starting learning about WDF and trying to port my WDM driver to a KMDF version. My driver is a class upper filter driver for the Image class which plays some video effects for video devices, such as webcams. So I first installed my WHQL'ed driver (WDM version) on Windows7 32bit system, and then replaced the .SYS file with the new KMDF version driver. The KMDF version driver is quite simple, I just want it pass all IOCTL IRPs down to function driver. If that works, it will be a good beginning for me. But the system crashed when I pluged a webcam. The debug information shows it should be caused by calling WdfDriverCreate function. ==========The following is my DriverEntry function================== #pragma INITCODE extern "C" NTSTATUS DriverEntry(PDRIVER_OBJECT DriverObject, PUNICODE_STRING RegistryPath) { WDF_DRIVER_CONFIG Config; WDF_DRIVER_CONFIG_INIT(&Config, DeviceAdd); DbgPrint("1\n"); WdfDriverCreate(DriverObject, RegistryPath, WDF_NO_OBJECT_ATTRIBUTES, &Config, WDF_NO_HANDLE); DbgPrint("2\n"); return STATUS_SUCCESS; } ==================================================================== =========The following is the DriverEntry in the .COD file========== PUBLIC _DriverEntry@8 EXTRN _DbgPrint:PROC ; COMDAT ??_C@_02NNLOPPJJ@2?6?$AA(a)PBOPGDP@ ; File c:\winddk\7600.16385.0\inc\wdf\kmdf\1.9\wdfdriver.h INIT$s SEGMENT ??_C@_02NNLOPPJJ@2?6?$AA(a)PBOPGDP@ DB '2', 0aH, 00H ; ?? ::PBOPGDP::`string' INIT$s ENDS ; COMDAT ??_C@_02NPPIEBMA@1?6?$AA(a)PBOPGDP@ INIT$s SEGMENT ??_C@_02NPPIEBMA@1?6?$AA(a)PBOPGDP@ DB '1', 0aH, 00H ; ?? ::PBOPGDP::`string' ; Function compile flags: /Ogtpy ; File d:\trunk\src\filter.cpp INIT$s ENDS ; COMDAT _DriverEntry@8 INIT SEGMENT _Config$ = -20 ; size = 20 _DriverObject$ = 8 ; size = 4 _RegistryPath$ = 12 ; size = 4 _DriverEntry@8 PROC ; COMDAT ; 44 : { 00000 83 ec 14 sub esp, 20 ; 00000014H ; 45 : WDF_DRIVER_CONFIG Config; ; 46 : ; 47 : WDF_DRIVER_CONFIG_INIT(&Config, DeviceAdd); 00003 33 c0 xor eax, eax 00005 89 04 24 mov DWORD PTR _Config$[esp+20], eax 00008 89 44 24 04 mov DWORD PTR _Config$[esp+24], eax ; 48 : ; 49 : DbgPrint("1\n"); 0000c 68 00 00 00 00 push OFFSET ??_C@_02NPPIEBMA@1?6?$AA(a)PBOPGDP@ 00011 89 44 24 0c mov DWORD PTR _Config$[esp+32], eax 00015 89 44 24 10 mov DWORD PTR _Config$[esp+36], eax 00019 89 44 24 14 mov DWORD PTR _Config$[esp+40], eax 0001d c7 44 24 04 14 00 00 00 mov DWORD PTR _Config$[esp+24], 20 ; 00000014H 00025 c7 44 24 08 00 00 00 00 mov DWORD PTR _Config$[esp+28], OFFSET ?DeviceAdd@@YGJPAUWDFDRIVER__@@PAUWDFDEVICE_INIT@@@Z ; DeviceAdd 0002d e8 00 00 00 00 call _DbgPrint ; 50 : ; 51 : WdfDriverCreate(DriverObject, RegistryPath, WDF_NO_OBJECT_ATTRIBUTES, &Config, WDF_NO_HANDLE); 00032 8b 4c 24 20 mov ecx, DWORD PTR _RegistryPath$[esp+20] 00036 8b 54 24 1c mov edx, DWORD PTR _DriverObject$[esp+20] 0003a 83 c4 04 add esp, 4 0003d 6a 00 push 0 0003f 8d 44 24 04 lea eax, DWORD PTR _Config$[esp+24] 00043 50 push eax 00044 a1 00 00 00 00 mov eax, DWORD PTR _WdfDriverGlobals 00049 6a 00 push 0 0004b 51 push ecx 0004c 52 push edx 0004d 50 push eax 0004e ff 15 d0 01 00 00 call DWORD PTR _WdfFunctions+464 ; 52 : ; 53 : DbgPrint("2\n"); 00054 68 00 00 00 00 push OFFSET ??_C@_02NNLOPPJJ@2?6?$AA(a)PBOPGDP@ 00059 e8 00 00 00 00 call _DbgPrint ; 54 : ; 55 : return STATUS_SUCCESS; 0005e 33 c0 xor eax, eax ; 56 : } 00060 83 c4 18 add esp, 24 ; 00000018H 00063 c2 08 00 ret 8 _DriverEntry@8 ENDP INIT ENDS ==================================================================== =============The following is debug info by WinDbg================== 0: kd> !analyze -v ******************************************************************************* * * * Bugcheck Analysis * * * ******************************************************************************* SYSTEM_THREAD_EXCEPTION_NOT_HANDLED (7e) This is a very common bugcheck. Usually the exception address pinpoints the driver/function that caused the problem. Always note this address as well as the link date of the driver/image that contains this address. Arguments: Arg1: c0000005, The exception code that was not handled Arg2: 00000000, The address that the exception occurred at Arg3: 8b30f5a4, Exception Record Address Arg4: 8b30f180, Context Record Address Debugging Details: ------------------ ***** Kernel symbols are WRONG. Please fix symbols to do analysis. ************************************************************************* *** *** *** *** *** Your debugger is not using the correct symbols *** *** *** *** In order for this command to work properly, your symbol path *** *** must point to .pdb files that have full type information. *** *** *** *** Certain .pdb files (such as the public OS symbols) do not *** *** contain the required information. Contact the group that *** *** provided you with these symbols if you need this command to *** *** work. *** *** *** *** Type referenced: nt!_KPRCB *** *** *** ************************************************************************* ************************************************************************* *** *** *** *** *** Your debugger is not using the correct symbols *** *** *** *** In order for this command to work properly, your symbol path *** *** must point to .pdb files that have full type information. *** *** *** *** Certain .pdb files (such as the public OS symbols) do not *** *** contain the required information. Contact the group that *** *** provided you with these symbols if you need this command to *** *** work. *** *** *** *** Type referenced: nt!_KPRCB *** *** *** ************************************************************************* ************************************************************************* *** *** *** *** *** Your debugger is not using the correct symbols *** *** *** *** In order for this command to work properly, your symbol path *** *** must point to .pdb files that have full type information. *** *** *** *** Certain .pdb files (such as the public OS symbols) do not *** *** contain the required information. Contact the group that *** *** provided you with these symbols if you need this command to *** *** work. *** *** *** *** Type referenced: nt!_KPRCB *** *** *** ************************************************************************* ADDITIONAL_DEBUG_TEXT: Use '!findthebuild' command to search for the target build information. If the build information is available, run '!findthebuild -s ; .reload' to set symbol path and load symbols. FAULTING_MODULE: 83c40000 nt DEBUG_FLR_IMAGE_TIMESTAMP: 4b4c3a7b EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - "0x%08lx" FAULTING_IP: +13a 00000000 ?? ??? EXCEPTION_RECORD: 8b30f5a4 -- (.exr 0xffffffff8b30f5a4) ExceptionAddress: 00000000 ExceptionCode: c0000005 (Access violation) ExceptionFlags: 00000000 NumberParameters: 2 Parameter[0]: 00000008 Parameter[1]: 00000000 Attempt to execute non-executable address 00000000 CONTEXT: 8b30f180 -- (.cxr 0xffffffff8b30f180) eax=00000000 ebx=00000000 ecx=86fc5000 edx=86d89e40 esi=86d89e40 edi=86fc5000 eip=00000000 esp=8b30f66c ebp=8b30f87c iopl=0 nv up ei ng nz na pe nc cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00010286 00000000 ?? ??? Resetting default scope DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT BUGCHECK_STR: 0x7E CURRENT_IRQL: 0 LAST_CONTROL_TRANSFER: from 9497f8b4 to 00000000 STACK_TEXT: WARNING: Frame IP not in any known module. Following frames may be wrong. 8b30f668 9497f8b4 00000000 86d89e40 86fc5000 0x0 8b30f87c 83deafe7 00000000 00000001 8b30f8a4 CtClsFlt+0x128b4 8b30f928 83e2fdbd 83552e38 00000001 83552e1c nt!IoClearDependency+0x27be 8b30f960 83e380a2 00000007 8b30fa2c c0000034 nt!IoGetDeviceProperty+0xdd1 8b30f9cc 83de8265 40000000 80000668 8b30fa48 nt!RtlQueryRegistryValues+0x31d 8b30faa8 83de7876 86c045c0 8b30fcd0 86927390 nt!IoWMIRegistrationControl+0xea6 8b30fca4 83de161a 86919b00 86927390 8b30fcd0 nt!IoWMIRegistrationControl+0x4b7 8b30fcd8 83c53f7c 83da3e80 85258d48 83d7a5bc nt!IoDeleteSymbolicLink+0xe8b 8b30fd00 83cadf2b 00000000 00000000 85258d48 nt!IoInitializeRemoveLockEx+0x5b1 8b30fd50 83e4e66d 00000001 9f2f4d40 00000000 nt!KeInsertQueueDpc+0x382 8b30fd90 83d000d9 83cade1e 00000001 00000000 nt!PsCreateSystemThread+0x19a 00000000 00000000 00000000 00000000 00000000 nt!wcsupr+0x13a FOLLOWUP_IP: CtClsFlt+128b4 9497f8b4 68d0f89794 push offset CtClsFlt+0x128d0 (9497f8d0) SYMBOL_STACK_INDEX: 1 SYMBOL_NAME: CtClsFlt+128b4 FOLLOWUP_NAME: MachineOwner MODULE_NAME: CtClsFlt IMAGE_NAME: CtClsFlt.sys STACK_COMMAND: .cxr 0xffffffff8b30f180 ; kb BUCKET_ID: WRONG_SYMBOLS Followup: MachineOwner --------- ==================================================================== Can anybody tell me what's my problem here? Thanks very much in advance!
From: Scott Noone on 12 Jan 2010 08:28 Your call to WdfDriverCreate is resulting in a call to a NULL pointer, so I'd say that your binding to KMDF is messed up for some reason. >My driver is a class upper filter driver for the Image class How did you install this? Installing a class filter is tricky, try reading this article and see if it helps: http://www.osronline.com/article.cfm?id=446 You can also refer to the nonpnp sample in the WDK for an updated source code example (that article is four years old at this point). -scott -- Scott Noone Consulting Associate OSR Open Systems Resources, Inc. http://www.osronline.com "Leafbanana" <Leafbanana(a)discussions.microsoft.com> wrote in message news:C4C68259-ECEB-4FF0-BDD6-89B07C4736D4(a)microsoft.com... > Hi guys, > > I'm just starting learning about WDF and trying to port my WDM driver to a > KMDF version. My driver is a class upper filter driver for the Image class > which > > plays some video effects for video devices, such as webcams. So I first > installed my WHQL'ed driver (WDM version) on Windows7 32bit system, and > then > replaced > > the .SYS file with the new KMDF version driver. The KMDF version driver is > quite simple, I just want it pass all IOCTL IRPs down to function driver. > If > that > > works, it will be a good beginning for me. > > But the system crashed when I pluged a webcam. The debug information shows > it should be caused by calling WdfDriverCreate function. > > ==========The following is my DriverEntry function================== > #pragma INITCODE > extern "C" NTSTATUS DriverEntry(PDRIVER_OBJECT DriverObject, > PUNICODE_STRING > RegistryPath) > { > WDF_DRIVER_CONFIG Config; > > WDF_DRIVER_CONFIG_INIT(&Config, DeviceAdd); > > DbgPrint("1\n"); > > WdfDriverCreate(DriverObject, RegistryPath, WDF_NO_OBJECT_ATTRIBUTES, > &Config, WDF_NO_HANDLE); > > DbgPrint("2\n"); > > return STATUS_SUCCESS; > } > ==================================================================== > > =========The following is the DriverEntry in the .COD file========== > > PUBLIC _DriverEntry@8 > EXTRN _DbgPrint:PROC > ; COMDAT ??_C@_02NNLOPPJJ@2?6?$AA(a)PBOPGDP@ > ; File c:\winddk\7600.16385.0\inc\wdf\kmdf\1.9\wdfdriver.h > INIT$s SEGMENT > ??_C@_02NNLOPPJJ@2?6?$AA(a)PBOPGDP@ DB '2', 0aH, 00H ; ?? > ::PBOPGDP::`string' > INIT$s ENDS > ; COMDAT ??_C@_02NPPIEBMA@1?6?$AA(a)PBOPGDP@ > INIT$s SEGMENT > ??_C@_02NPPIEBMA@1?6?$AA(a)PBOPGDP@ DB '1', 0aH, 00H ; ?? > ::PBOPGDP::`string' > ; Function compile flags: /Ogtpy > ; File d:\trunk\src\filter.cpp > INIT$s ENDS > ; COMDAT _DriverEntry@8 > INIT SEGMENT > _Config$ = -20 ; size = 20 > _DriverObject$ = 8 ; size = 4 > _RegistryPath$ = 12 ; size = 4 > _DriverEntry@8 PROC ; COMDAT > > ; 44 : { > > 00000 83 ec 14 sub esp, 20 ; 00000014H > > ; 45 : WDF_DRIVER_CONFIG Config; > ; 46 : > ; 47 : WDF_DRIVER_CONFIG_INIT(&Config, DeviceAdd); > > 00003 33 c0 xor eax, eax > 00005 89 04 24 mov DWORD PTR _Config$[esp+20], eax > 00008 89 44 24 04 mov DWORD PTR _Config$[esp+24], eax > > ; 48 : > ; 49 : DbgPrint("1\n"); > > 0000c 68 00 00 00 00 push OFFSET ??_C@_02NPPIEBMA@1?6?$AA(a)PBOPGDP@ > 00011 89 44 24 0c mov DWORD PTR _Config$[esp+32], eax > 00015 89 44 24 10 mov DWORD PTR _Config$[esp+36], eax > 00019 89 44 24 14 mov DWORD PTR _Config$[esp+40], eax > 0001d c7 44 24 04 14 > 00 00 00 mov DWORD PTR _Config$[esp+24], 20 ; 00000014H > 00025 c7 44 24 08 00 > 00 00 00 mov DWORD PTR _Config$[esp+28], OFFSET > ?DeviceAdd@@YGJPAUWDFDRIVER__@@PAUWDFDEVICE_INIT@@@Z ; DeviceAdd > 0002d e8 00 00 00 00 call _DbgPrint > > ; 50 : > ; 51 : WdfDriverCreate(DriverObject, RegistryPath, > WDF_NO_OBJECT_ATTRIBUTES, &Config, WDF_NO_HANDLE); > > 00032 8b 4c 24 20 mov ecx, DWORD PTR _RegistryPath$[esp+20] > 00036 8b 54 24 1c mov edx, DWORD PTR _DriverObject$[esp+20] > 0003a 83 c4 04 add esp, 4 > 0003d 6a 00 push 0 > 0003f 8d 44 24 04 lea eax, DWORD PTR _Config$[esp+24] > 00043 50 push eax > 00044 a1 00 00 00 00 mov eax, DWORD PTR _WdfDriverGlobals > 00049 6a 00 push 0 > 0004b 51 push ecx > 0004c 52 push edx > 0004d 50 push eax > 0004e ff 15 d0 01 00 > 00 call DWORD PTR _WdfFunctions+464 > > ; 52 : > ; 53 : DbgPrint("2\n"); > > 00054 68 00 00 00 00 push OFFSET ??_C@_02NNLOPPJJ@2?6?$AA(a)PBOPGDP@ > 00059 e8 00 00 00 00 call _DbgPrint > > ; 54 : > ; 55 : return STATUS_SUCCESS; > > 0005e 33 c0 xor eax, eax > > ; 56 : } > > 00060 83 c4 18 add esp, 24 ; 00000018H > 00063 c2 08 00 ret 8 > _DriverEntry@8 ENDP > INIT ENDS > ==================================================================== > > =============The following is debug info by WinDbg================== > 0: kd> !analyze -v > ******************************************************************************* > * > * > * Bugcheck Analysis > * > * > * > ******************************************************************************* > > SYSTEM_THREAD_EXCEPTION_NOT_HANDLED (7e) > This is a very common bugcheck. Usually the exception address pinpoints > the driver/function that caused the problem. Always note this address > as well as the link date of the driver/image that contains this address. > Arguments: > Arg1: c0000005, The exception code that was not handled > Arg2: 00000000, The address that the exception occurred at > Arg3: 8b30f5a4, Exception Record Address > Arg4: 8b30f180, Context Record Address > > Debugging Details: > ------------------ > > ***** Kernel symbols are WRONG. Please fix symbols to do analysis. > > ************************************************************************* > *** *** > *** *** > *** Your debugger is not using the correct symbols *** > *** *** > *** In order for this command to work properly, your symbol path *** > *** must point to .pdb files that have full type information. *** > *** *** > *** Certain .pdb files (such as the public OS symbols) do not *** > *** contain the required information. Contact the group that *** > *** provided you with these symbols if you need this command to *** > *** work. *** > *** *** > *** Type referenced: nt!_KPRCB *** > *** *** > ************************************************************************* > ************************************************************************* > *** *** > *** *** > *** Your debugger is not using the correct symbols *** > *** *** > *** In order for this command to work properly, your symbol path *** > *** must point to .pdb files that have full type information. *** > *** *** > *** Certain .pdb files (such as the public OS symbols) do not *** > *** contain the required information. Contact the group that *** > *** provided you with these symbols if you need this command to *** > *** work. *** > *** *** > *** Type referenced: nt!_KPRCB *** > *** *** > ************************************************************************* > ************************************************************************* > *** *** > *** *** > *** Your debugger is not using the correct symbols *** > *** *** > *** In order for this command to work properly, your symbol path *** > *** must point to .pdb files that have full type information. *** > *** *** > *** Certain .pdb files (such as the public OS symbols) do not *** > *** contain the required information. Contact the group that *** > *** provided you with these symbols if you need this command to *** > *** work. *** > *** *** > *** Type referenced: nt!_KPRCB *** > *** *** > ************************************************************************* > > ADDITIONAL_DEBUG_TEXT: > Use '!findthebuild' command to search for the target build information. > If the build information is available, run '!findthebuild -s ; .reload' to > set symbol path and load symbols. > > FAULTING_MODULE: 83c40000 nt > > DEBUG_FLR_IMAGE_TIMESTAMP: 4b4c3a7b > > EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - "0x%08lx" > > FAULTING_IP: > +13a > 00000000 ?? ??? > > EXCEPTION_RECORD: 8b30f5a4 -- (.exr 0xffffffff8b30f5a4) > ExceptionAddress: 00000000 > ExceptionCode: c0000005 (Access violation) > ExceptionFlags: 00000000 > NumberParameters: 2 > Parameter[0]: 00000008 > Parameter[1]: 00000000 > Attempt to execute non-executable address 00000000 > > CONTEXT: 8b30f180 -- (.cxr 0xffffffff8b30f180) > eax=00000000 ebx=00000000 ecx=86fc5000 edx=86d89e40 esi=86d89e40 > edi=86fc5000 > eip=00000000 esp=8b30f66c ebp=8b30f87c iopl=0 nv up ei ng nz na pe > nc > cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 > efl=00010286 > 00000000 ?? ??? > Resetting default scope > > DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT > > BUGCHECK_STR: 0x7E > > CURRENT_IRQL: 0 > > LAST_CONTROL_TRANSFER: from 9497f8b4 to 00000000 > > STACK_TEXT: > WARNING: Frame IP not in any known module. Following frames may be wrong. > 8b30f668 9497f8b4 00000000 86d89e40 86fc5000 0x0 > 8b30f87c 83deafe7 00000000 00000001 8b30f8a4 CtClsFlt+0x128b4 > 8b30f928 83e2fdbd 83552e38 00000001 83552e1c nt!IoClearDependency+0x27be > 8b30f960 83e380a2 00000007 8b30fa2c c0000034 nt!IoGetDeviceProperty+0xdd1 > 8b30f9cc 83de8265 40000000 80000668 8b30fa48 > nt!RtlQueryRegistryValues+0x31d > 8b30faa8 83de7876 86c045c0 8b30fcd0 86927390 > nt!IoWMIRegistrationControl+0xea6 > 8b30fca4 83de161a 86919b00 86927390 8b30fcd0 > nt!IoWMIRegistrationControl+0x4b7 > 8b30fcd8 83c53f7c 83da3e80 85258d48 83d7a5bc nt!IoDeleteSymbolicLink+0xe8b > 8b30fd00 83cadf2b 00000000 00000000 85258d48 > nt!IoInitializeRemoveLockEx+0x5b1 > 8b30fd50 83e4e66d 00000001 9f2f4d40 00000000 nt!KeInsertQueueDpc+0x382 > 8b30fd90 83d000d9 83cade1e 00000001 00000000 nt!PsCreateSystemThread+0x19a > 00000000 00000000 00000000 00000000 00000000 nt!wcsupr+0x13a > > > FOLLOWUP_IP: > CtClsFlt+128b4 > 9497f8b4 68d0f89794 push offset CtClsFlt+0x128d0 (9497f8d0) > > SYMBOL_STACK_INDEX: 1 > > SYMBOL_NAME: CtClsFlt+128b4 > > FOLLOWUP_NAME: MachineOwner > > MODULE_NAME: CtClsFlt > > IMAGE_NAME: CtClsFlt.sys > > STACK_COMMAND: .cxr 0xffffffff8b30f180 ; kb > > BUCKET_ID: WRONG_SYMBOLS > > Followup: MachineOwner > --------- > ==================================================================== > > Can anybody tell me what's my problem here? Thanks very much in advance!
From: Doron Holan [MSFT] on 12 Jan 2010 13:30 1) you should fix your symbols, especially for ntoskrnl.exe 2) what does your sources file look like? that is what helps with properly binding to KMDF d -- This posting is provided "AS IS" with no warranties, and confers no rights. "Leafbanana" <Leafbanana(a)discussions.microsoft.com> wrote in message news:C4C68259-ECEB-4FF0-BDD6-89B07C4736D4(a)microsoft.com... > Hi guys, > > I'm just starting learning about WDF and trying to port my WDM driver to a > KMDF version. My driver is a class upper filter driver for the Image class > which > > plays some video effects for video devices, such as webcams. So I first > installed my WHQL'ed driver (WDM version) on Windows7 32bit system, and > then > replaced > > the .SYS file with the new KMDF version driver. The KMDF version driver is > quite simple, I just want it pass all IOCTL IRPs down to function driver. > If > that > > works, it will be a good beginning for me. > > But the system crashed when I pluged a webcam. The debug information shows > it should be caused by calling WdfDriverCreate function. > > ==========The following is my DriverEntry function================== > #pragma INITCODE > extern "C" NTSTATUS DriverEntry(PDRIVER_OBJECT DriverObject, > PUNICODE_STRING > RegistryPath) > { > WDF_DRIVER_CONFIG Config; > > WDF_DRIVER_CONFIG_INIT(&Config, DeviceAdd); > > DbgPrint("1\n"); > > WdfDriverCreate(DriverObject, RegistryPath, WDF_NO_OBJECT_ATTRIBUTES, > &Config, WDF_NO_HANDLE); > > DbgPrint("2\n"); > > return STATUS_SUCCESS; > } > ==================================================================== > > =========The following is the DriverEntry in the .COD file========== > > PUBLIC _DriverEntry@8 > EXTRN _DbgPrint:PROC > ; COMDAT ??_C@_02NNLOPPJJ@2?6?$AA(a)PBOPGDP@ > ; File c:\winddk\7600.16385.0\inc\wdf\kmdf\1.9\wdfdriver.h > INIT$s SEGMENT > ??_C@_02NNLOPPJJ@2?6?$AA(a)PBOPGDP@ DB '2', 0aH, 00H ; ?? > ::PBOPGDP::`string' > INIT$s ENDS > ; COMDAT ??_C@_02NPPIEBMA@1?6?$AA(a)PBOPGDP@ > INIT$s SEGMENT > ??_C@_02NPPIEBMA@1?6?$AA(a)PBOPGDP@ DB '1', 0aH, 00H ; ?? > ::PBOPGDP::`string' > ; Function compile flags: /Ogtpy > ; File d:\trunk\src\filter.cpp > INIT$s ENDS > ; COMDAT _DriverEntry@8 > INIT SEGMENT > _Config$ = -20 ; size = 20 > _DriverObject$ = 8 ; size = 4 > _RegistryPath$ = 12 ; size = 4 > _DriverEntry@8 PROC ; COMDAT > > ; 44 : { > > 00000 83 ec 14 sub esp, 20 ; 00000014H > > ; 45 : WDF_DRIVER_CONFIG Config; > ; 46 : > ; 47 : WDF_DRIVER_CONFIG_INIT(&Config, DeviceAdd); > > 00003 33 c0 xor eax, eax > 00005 89 04 24 mov DWORD PTR _Config$[esp+20], eax > 00008 89 44 24 04 mov DWORD PTR _Config$[esp+24], eax > > ; 48 : > ; 49 : DbgPrint("1\n"); > > 0000c 68 00 00 00 00 push OFFSET ??_C@_02NPPIEBMA@1?6?$AA(a)PBOPGDP@ > 00011 89 44 24 0c mov DWORD PTR _Config$[esp+32], eax > 00015 89 44 24 10 mov DWORD PTR _Config$[esp+36], eax > 00019 89 44 24 14 mov DWORD PTR _Config$[esp+40], eax > 0001d c7 44 24 04 14 > 00 00 00 mov DWORD PTR _Config$[esp+24], 20 ; 00000014H > 00025 c7 44 24 08 00 > 00 00 00 mov DWORD PTR _Config$[esp+28], OFFSET > ?DeviceAdd@@YGJPAUWDFDRIVER__@@PAUWDFDEVICE_INIT@@@Z ; DeviceAdd > 0002d e8 00 00 00 00 call _DbgPrint > > ; 50 : > ; 51 : WdfDriverCreate(DriverObject, RegistryPath, > WDF_NO_OBJECT_ATTRIBUTES, &Config, WDF_NO_HANDLE); > > 00032 8b 4c 24 20 mov ecx, DWORD PTR _RegistryPath$[esp+20] > 00036 8b 54 24 1c mov edx, DWORD PTR _DriverObject$[esp+20] > 0003a 83 c4 04 add esp, 4 > 0003d 6a 00 push 0 > 0003f 8d 44 24 04 lea eax, DWORD PTR _Config$[esp+24] > 00043 50 push eax > 00044 a1 00 00 00 00 mov eax, DWORD PTR _WdfDriverGlobals > 00049 6a 00 push 0 > 0004b 51 push ecx > 0004c 52 push edx > 0004d 50 push eax > 0004e ff 15 d0 01 00 > 00 call DWORD PTR _WdfFunctions+464 > > ; 52 : > ; 53 : DbgPrint("2\n"); > > 00054 68 00 00 00 00 push OFFSET ??_C@_02NNLOPPJJ@2?6?$AA(a)PBOPGDP@ > 00059 e8 00 00 00 00 call _DbgPrint > > ; 54 : > ; 55 : return STATUS_SUCCESS; > > 0005e 33 c0 xor eax, eax > > ; 56 : } > > 00060 83 c4 18 add esp, 24 ; 00000018H > 00063 c2 08 00 ret 8 > _DriverEntry@8 ENDP > INIT ENDS > ==================================================================== > > =============The following is debug info by WinDbg================== > 0: kd> !analyze -v > ******************************************************************************* > * > * > * Bugcheck Analysis > * > * > * > ******************************************************************************* > > SYSTEM_THREAD_EXCEPTION_NOT_HANDLED (7e) > This is a very common bugcheck. Usually the exception address pinpoints > the driver/function that caused the problem. Always note this address > as well as the link date of the driver/image that contains this address. > Arguments: > Arg1: c0000005, The exception code that was not handled > Arg2: 00000000, The address that the exception occurred at > Arg3: 8b30f5a4, Exception Record Address > Arg4: 8b30f180, Context Record Address > > Debugging Details: > ------------------ > > ***** Kernel symbols are WRONG. Please fix symbols to do analysis. > > ************************************************************************* > *** *** > *** *** > *** Your debugger is not using the correct symbols *** > *** *** > *** In order for this command to work properly, your symbol path *** > *** must point to .pdb files that have full type information. *** > *** *** > *** Certain .pdb files (such as the public OS symbols) do not *** > *** contain the required information. Contact the group that *** > *** provided you with these symbols if you need this command to *** > *** work. *** > *** *** > *** Type referenced: nt!_KPRCB *** > *** *** > ************************************************************************* > ************************************************************************* > *** *** > *** *** > *** Your debugger is not using the correct symbols *** > *** *** > *** In order for this command to work properly, your symbol path *** > *** must point to .pdb files that have full type information. *** > *** *** > *** Certain .pdb files (such as the public OS symbols) do not *** > *** contain the required information. Contact the group that *** > *** provided you with these symbols if you need this command to *** > *** work. *** > *** *** > *** Type referenced: nt!_KPRCB *** > *** *** > ************************************************************************* > ************************************************************************* > *** *** > *** *** > *** Your debugger is not using the correct symbols *** > *** *** > *** In order for this command to work properly, your symbol path *** > *** must point to .pdb files that have full type information. *** > *** *** > *** Certain .pdb files (such as the public OS symbols) do not *** > *** contain the required information. Contact the group that *** > *** provided you with these symbols if you need this command to *** > *** work. *** > *** *** > *** Type referenced: nt!_KPRCB *** > *** *** > ************************************************************************* > > ADDITIONAL_DEBUG_TEXT: > Use '!findthebuild' command to search for the target build information. > If the build information is available, run '!findthebuild -s ; .reload' to > set symbol path and load symbols. > > FAULTING_MODULE: 83c40000 nt > > DEBUG_FLR_IMAGE_TIMESTAMP: 4b4c3a7b > > EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - "0x%08lx" > > FAULTING_IP: > +13a > 00000000 ?? ??? > > EXCEPTION_RECORD: 8b30f5a4 -- (.exr 0xffffffff8b30f5a4) > ExceptionAddress: 00000000 > ExceptionCode: c0000005 (Access violation) > ExceptionFlags: 00000000 > NumberParameters: 2 > Parameter[0]: 00000008 > Parameter[1]: 00000000 > Attempt to execute non-executable address 00000000 > > CONTEXT: 8b30f180 -- (.cxr 0xffffffff8b30f180) > eax=00000000 ebx=00000000 ecx=86fc5000 edx=86d89e40 esi=86d89e40 > edi=86fc5000 > eip=00000000 esp=8b30f66c ebp=8b30f87c iopl=0 nv up ei ng nz na pe > nc > cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 > efl=00010286 > 00000000 ?? ??? > Resetting default scope > > DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT > > BUGCHECK_STR: 0x7E > > CURRENT_IRQL: 0 > > LAST_CONTROL_TRANSFER: from 9497f8b4 to 00000000 > > STACK_TEXT: > WARNING: Frame IP not in any known module. Following frames may be wrong. > 8b30f668 9497f8b4 00000000 86d89e40 86fc5000 0x0 > 8b30f87c 83deafe7 00000000 00000001 8b30f8a4 CtClsFlt+0x128b4 > 8b30f928 83e2fdbd 83552e38 00000001 83552e1c nt!IoClearDependency+0x27be > 8b30f960 83e380a2 00000007 8b30fa2c c0000034 nt!IoGetDeviceProperty+0xdd1 > 8b30f9cc 83de8265 40000000 80000668 8b30fa48 > nt!RtlQueryRegistryValues+0x31d > 8b30faa8 83de7876 86c045c0 8b30fcd0 86927390 > nt!IoWMIRegistrationControl+0xea6 > 8b30fca4 83de161a 86919b00 86927390 8b30fcd0 > nt!IoWMIRegistrationControl+0x4b7 > 8b30fcd8 83c53f7c 83da3e80 85258d48 83d7a5bc nt!IoDeleteSymbolicLink+0xe8b > 8b30fd00 83cadf2b 00000000 00000000 85258d48 > nt!IoInitializeRemoveLockEx+0x5b1 > 8b30fd50 83e4e66d 00000001 9f2f4d40 00000000 nt!KeInsertQueueDpc+0x382 > 8b30fd90 83d000d9 83cade1e 00000001 00000000 nt!PsCreateSystemThread+0x19a > 00000000 00000000 00000000 00000000 00000000 nt!wcsupr+0x13a > > > FOLLOWUP_IP: > CtClsFlt+128b4 > 9497f8b4 68d0f89794 push offset CtClsFlt+0x128d0 (9497f8d0) > > SYMBOL_STACK_INDEX: 1 > > SYMBOL_NAME: CtClsFlt+128b4 > > FOLLOWUP_NAME: MachineOwner > > MODULE_NAME: CtClsFlt > > IMAGE_NAME: CtClsFlt.sys > > STACK_COMMAND: .cxr 0xffffffff8b30f180 ; kb > > BUCKET_ID: WRONG_SYMBOLS > > Followup: MachineOwner > --------- > ==================================================================== > > Can anybody tell me what's my problem here? Thanks very much in advance!
From: Maxim S. Shatskih on 12 Jan 2010 14:44 > *** Your debugger is not using the correct symbols *** Fix this first by using .symfix (MS symbol server). -- Maxim S. Shatskih Windows DDK MVP maxim(a)storagecraft.com http://www.storagecraft.com
|
Pages: 1 Prev: filter driver for monitor Next: DPInst and DIfx usage |