What context are you in when you’re calling this routine (i.e. what is
HpArcHsmDeferredReadWriteCompletion and where is it called from)?
Can you get the Callback Data structure back in the debugger and check to
see if it’s still valid? What does !object on the file object say?
-scott
OSR
@OSRDrivers
wrote in message news:xxxxx@ntfsd…
Sorry for a very late reply as I have been debugging this issue.
On one occasion the debugger caught the access violation when there is a
call to FltGetStreamContext.
The same calls works for a number of copy operations and suddenly raises a
bug check.
Please let me know if you get any clues.
Thanks
2: kd> .exr -1
ExceptionAddress: 0000000000000000
ExceptionCode: c0000005 (Access violation)
ExceptionFlags: 00000000
NumberParameters: 2
Parameter[0]: 0000000000000008
Parameter[1]: 0000000000000000
Attempt to execute non-executable address 0000000000000000
2: kd> dps esp
ffffd000219b9af0 ffffe001
79061010
ffffd000219b9af8 ffffe001
78a1be70
ffffd000219b9b00 00000000
00000000
ffffd000219b9b08 ffffe001
78a1be78
ffffd000219b9b10 ffff2800
9974b849
ffffd000219b9b18 ffffe001
78831040
ffffd000219b9b20 ffffe001
78831040
ffffd000219b9b28 fffff800
b8e4594f
HPEDpHsmX64!HpArcHsmDeferredReadWriteCompletion+0xff
[f:\svn\storage_optimizer\storage_optimizer\trunk\filterdriverthreadpool\src\hparchsm.c
@ 3964]
ffffd000219b9b30 ffffe001
78a1be70
ffffd000219b9b38 ffffe001
7b04b880
ffffd000219b9b40 ffffe001
7b238070
ffffd000219b9b48 fffff802
87afe4e3 nt!ExInterlockedRemoveHeadList+0x4f
ffffd000219b9b50 00000000
00000001
ffffd000219b9b58 ffffe001
7d401ce0
ffffd000219b9b60 ffffe001
7b04a570
ffffd000219b9b68 00000000
b8000000
2: kd> !analyze -v
*******************************************************************************
*
*
* Bugcheck Analysis
*
*
*
*******************************************************************************
Unknown bugcheck code (0)
Unknown bugcheck description
Arguments:
Arg1: 0000000000000000
Arg2: 0000000000000000
Arg3: 0000000000000000
Arg4: 0000000000000000
Debugging Details:
BUGCHECK_P1: 0
BUGCHECK_P2: 0
BUGCHECK_P3: 0
BUGCHECK_P4: 0
PROCESS_NAME: System
FAULTING_IP:
+0
0010:00000000`00000000 ?? ???
ERROR_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x%08lx referenced
memory at 0x%08lx. The memory could not be %s.
EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x%08lx
referenced memory at 0x%08lx. The memory could not be %s.
EXCEPTION_PARAMETER1: 0000000000000008
EXCEPTION_PARAMETER2: 0000000000000000
WRITE_ADDRESS: 0000000000000000
FOLLOWUP_IP:
HPEDpHsmX64!HpArcHsmDeferredReadWriteCompletion+ff
[f:\svn\storage_optimizer\storage_optimizer\trunk\filterdriverthreadpool\src\hparchsm.c
@ 3964]
0010:fffff800`b8e4594f 89442450 mov dword ptr [rsp+50h],eax
FAILED_INSTRUCTION_ADDRESS:
+0
0010:00000000`00000000 ?? ???
BUGCHECK_STR: ACCESS_VIOLATION
CPU_COUNT: 8
CPU_MHZ: a28
CPU_VENDOR: GenuineIntel
CPU_FAMILY: 6
CPU_MODEL: 2d
CPU_STEPPING: 7
DEFAULT_BUCKET_ID: WIN8_DRIVER_FAULT
CURRENT_IRQL: 0
ANALYSIS_VERSION: 10.0.10240.9 amd64fre
IP_IN_FREE_BLOCK: 0
LAST_CONTROL_TRANSFER: from ffffe00179061010 to 0000000000000000
SYMBOL_ON_RAW_STACK: 1
STACK_ADDR_RAW_STACK_SYMBOL: ffffd000219b9b30
STACK_COMMAND: dps ffffd000219b9b30-0x20 ; kb
STACK_TEXT:
ffffd000219b9b10 ffff2800
9974b849
ffffd000219b9b18 ffffe001
78831040
ffffd000219b9b20 ffffe001
78831040
ffffd000219b9b28 fffff800
b8e4594f
HPEDpHsmX64!HpArcHsmDeferredReadWriteCompletion+0xff
[f:\svn\storage_optimizer\storage_optimizer\trunk\filterdriverthreadpool\src\hparchsm.c
@ 3964]
ffffd000219b9b30 ffffe001
78a1be70
ffffd000219b9b38 ffffe001
7b04b880
ffffd000219b9b40 ffffe001
7b238070
ffffd000219b9b48 fffff802
87afe4e3 nt!ExInterlockedRemoveHeadList+0x4f
ffffd000219b9b50 00000000
00000001
ffffd000219b9b58 ffffe001
7d401ce0
ffffd000219b9b60 ffffe001
7b04a570
ffffd000219b9b68 00000000
b8000000
ffffd000219b9b70 00000000
00000000
ffffd000219b9b78 00000000
00000000
ffffd000219b9b80 00000001
00000000
ffffd000219b9b88 ffffe001
7dffeab8
FAULTING_SOURCE_LINE:
f:\svn\storage_optimizer\storage_optimizer\trunk\filterdriverthreadpool\src\hparchsm.c
FAULTING_SOURCE_FILE:
f:\svn\storage_optimizer\storage_optimizer\trunk\filterdriverthreadpool\src\hparchsm.c
FAULTING_SOURCE_LINE_NUMBER: 3964
FAULTING_SOURCE_CODE:
3960: try
3961: {
3962:
3963: status = FltGetStreamContext(Instance, Data->Iopb->TargetFileObject,
3964: &pHpArcHsmContext);
3965: }
3966: except(BackgroundExceptionFilter1(GetExceptionCode(),
GetExceptionInformation()))
3967: {
3968: Data->IoStatus.Status =
STATUS_DISK_OPERATION_FAILED;//STATUS_ACCESS_DENIED;
3969: Data->IoStatus.Information = 0;
SYMBOL_NAME: HPEDpHsmX64!HpArcHsmDeferredReadWriteCompletion+ff
FOLLOWUP_NAME: MachineOwner
MODULE_NAME: HPEDpHsmX64
IMAGE_NAME: HPEDpHsmX64.sys
DEBUG_FLR_IMAGE_TIMESTAMP: 5821cc5f
BUCKET_ID_FUNC_OFFSET: ff
FAILURE_BUCKET_ID:
ACCESS_VIOLATION_NULL_IP_HPEDpHsmX64!HpArcHsmDeferredReadWriteCompletion
BUCKET_ID:
ACCESS_VIOLATION_NULL_IP_HPEDpHsmX64!HpArcHsmDeferredReadWriteCompletion
PRIMARY_PROBLEM_CLASS:
ACCESS_VIOLATION_NULL_IP_HPEDpHsmX64!HpArcHsmDeferredReadWriteCompletion
ANALYSIS_SOURCE: KM
FAILURE_ID_HASH_STRING:
km:access_violation_null_ip_hpedphsmx64!hparchsmdeferredreadwritecompletion
FAILURE_ID_HASH: {e1f42df5-5598-3f4c-2aad-37cd6a1e57b6}
Followup: MachineOwner
2: kd> kb
RetAddr : Args to Child
: Call Site
00 ffffe00179061010 : ffffe001
78a1be70 0000000000000000 ffffe001
78a1be78
ffff28009974b849 : 0x0 01 ffffe001
78a1be70 : 0000000000000000 ffffe001
78a1be78 ffff28009974b849 ffffe001
78831040 : 0xffffe00179061010 02 00000000
00000000 : ffffe00178a1be78 ffff2800
9974b849 ffffe00178831040 ffffe001
78831040 : 0xffffe001`78a1be70
register values
RSP ffffd000219b9af0
RBP 80
RIP 0