Windows System Software -- Consulting, Training, Development -- Unique Expertise, Guaranteed Results

Home NTDEV

Before Posting...

Please check out the Community Guidelines in the Announcements and Administration Category.

More Info on Driver Writing and Debugging


The free OSR Learning Library has more than 50 articles on a wide variety of topics about writing and debugging device drivers and Minifilters. From introductory level to advanced. All the articles have been recently reviewed and updated, and are written using the clear and definitive style you've come to expect from OSR over the years.


Check out The OSR Learning Library at: https://www.osr.com/osr-learning-library/


Assistance debugging deadlock

tuple_cattuple_cat Member Posts: 44
edited December 2023 in NTDEV

I need some help debugging this deadlock. I would like to have general help but I am also wondering specifically about the call to KeWaitForSingleObject for thread ffffd50f38c4e040.

ffff8109`c62d8290 fffff809`25392ff2     : ffffd50f`345e0d00 00000000`00000000 ffffd50f`3dc63b00 00000000`00000000 : nt!KeWaitForSingleObject+0x233
ffff8109`c62d8380 fffff809`253bc3c6     : ffffd50f`3f4e51a0 ffffd50f`3dc63bc8 00000000`00000001 ffffd50f`441bfe00 : usbaudio!USBHwStopMIDIPipe+0x1a6

It seems that this thread is waiting for something with address ffffd50f3f4e51a0. If I do !locks ffffd50f3f4e51a0` I don't get any information.

Below is all info that I have looked at so far.

3: kd> !locks
**** DUMP OF ALL RESOURCE OBJECTS ****
KD: Scanning for held locks..

Resource @ nt!IopDeviceTreeLock (0xfffff8032a059b20)    Shared 1 owning threads
    Contention Count = 117
     Threads: ffffd50f38c4e040-01<*> 
KD: Scanning for held locks.

Resource @ nt!PiEngineLock (0xfffff8032a059c20)    Exclusively owned
    Contention Count = 1839
    NumberOfExclusiveWaiters = 1
     Threads: ffffd50f38c4e040-01<*> 

     Threads Waiting On Exclusive Access:
              ffffd50f3b66d040       
KD: Scanning for held 
39566 total locks, 2 locks currently held

-------------------------

3: kd> !locks -v fffff8032a059b20

Resource @ nt!IopDeviceTreeLock (0xfffff8032a059b20)    Shared 1 owning threads
    Contention Count = 117
     Threads: ffffd50f38c4e040-01<*> 

     THREAD ffffd50f38c4e040  Cid 0004.01f4  Teb: 0000000000000000 Win32Thread: 0000000000000000 WAIT: (Executive) KernelMode Non-Alertable
         ffffd50f345e0d00  NotificationEvent
     IRP List:
         ffffd50f409feab0: (0006,0550) Flags: 40000000  Mdl: 00000000
     Not impersonating
     DeviceMap                 ffffaa0f102467e0
     Owning Process            ffffd50f30eac040       Image:         System
     Attached Process          N/A            Image:         N/A
     Wait Start TickCount      919275         Ticks: 42240 (0:00:11:00.000)
     Context Switch Count      64312          IdealProcessor: 3             
     UserTime                  00:00:00.000
     KernelTime                00:00:03.203
     Win32 Start Address nt!ExpWorkerThread (0xfffff803296d95b0)
     Stack Init ffff8109c62d8c90 Current ffff8109c62d7fc0
     Base ffff8109c62d9000 Limit ffff8109c62d3000 Call 0000000000000000
     Priority 13 BasePriority 12 PriorityDecrement 16 IoPriority 2 PagePriority 5
     Child-SP          RetAddr               Call Site
     ffff8109`c62d8000 fffff803`29656330     nt!KiSwapContext+0x76
     ffff8109`c62d8140 fffff803`2965585f     nt!KiSwapThread+0x500
     ffff8109`c62d81f0 fffff803`29655103     nt!KiCommitThreadWait+0x14f
     ffff8109`c62d8290 fffff809`25392ff2     nt!KeWaitForSingleObject+0x233
     ffff8109`c62d8380 fffff809`253bc3c6     usbaudio!USBHwStopMIDIPipe+0x1a6
     ffff8109`c62d83c0 fffff809`253ba60a     usbaudio!USBHwStopAllMIDIPipes+0x42
     ffff8109`c62d83f0 fffff809`253ba6b9     usbaudio!USBDeviceStop+0x3a
     ffff8109`c62d8430 fffff809`253b136c     usbaudio!USBDeviceSurpriseRemove+0x9
     ffff8109`c62d8460 fffff809`27266ba3     usbaudio!DeviceSurpriseRemoval+0x20c
     ffff8109`c62d84b0 fffff809`2725d5cb     ks!CKsDevice::DispatchPnp+0x2e3
     ffff8109`c62d8520 fffff809`253b19e3     ks!KsDispatchIrp+0xfb
     ffff8109`c62d8550 fffff803`29785867     usbaudio!UsbAudioIrpDispatcher+0x143
     ffff8109`c62d8590 fffff803`29ddcf1a     nt!IopfCallDriver+0x53
     ffff8109`c62d85d0 fffff803`29842189     nt!IovCallDriver+0x266
     ffff8109`c62d8610 fffff809`252916bf     nt!IofCallDriver+0x1f74e9
     ffff8109`c62d8650 fffff809`25291023     ksthunk!CKernelFilterDevice::DispatchIrp+0x23b
     ffff8109`c62d86b0 fffff803`29785867     ksthunk!CKernelFilterDevice::DispatchIrpBridge+0x13
     ffff8109`c62d86e0 fffff803`29ddcf1a     nt!IopfCallDriver+0x53
     ffff8109`c62d8720 fffff803`29842189     nt!IovCallDriver+0x266
     ffff8109`c62d8760 fffff803`29a864b4     nt!IofCallDriver+0x1f74e9
     ffff8109`c62d87a0 fffff803`29b5e0c8     nt!IopSynchronousCall+0xf8
     ffff8109`c62d8810 fffff803`29b5ba18     nt!IopRemoveDevice+0x108
     ffff8109`c62d88c0 fffff803`29b5dcc4     nt!PnpSurpriseRemoveLockedDeviceNode+0xb0
     ffff8109`c62d8920 fffff803`29b5d9bf     nt!PnpDeleteLockedDeviceNode+0x88
     ffff8109`c62d8960 fffff803`29b5c10a     nt!PnpDeleteLockedDeviceNodes+0xf7
     ffff8109`c62d89e0 fffff803`29b5280b     nt!PnpProcessQueryRemoveAndEject+0x1da
     ffff8109`c62d8ac0 fffff803`29ab69de     nt!PnpProcessTargetDeviceEvent+0xeb
     ffff8109`c62d8af0 fffff803`296d96b5     nt!PnpDeviceEventWorker+0x2ce
     ffff8109`c62d8b70 fffff803`2971c8e5     nt!ExpWorkerThread+0x105
     ffff8109`c62d8c10 fffff803`2981b4b8     nt!PspSystemThreadStartup+0x55
     ffff8109`c62d8c60 00000000`00000000     nt!KiStartSystemThread+0x28


1 total locks

Comments

  • tuple_cattuple_cat Member Posts: 44
    3: kd> !locks -v 0xfffff8032a059c20
    
    Resource @ nt!PiEngineLock (0xfffff8032a059c20)    Exclusively owned
        Contention Count = 1839
        NumberOfExclusiveWaiters = 1
         Threads: ffffd50f38c4e040-01<*> 
    
         THREAD ffffd50f38c4e040  Cid 0004.01f4  Teb: 0000000000000000 Win32Thread: 0000000000000000 WAIT: (Executive) KernelMode Non-Alertable
             ffffd50f345e0d00  NotificationEvent
         IRP List:
             ffffd50f409feab0: (0006,0550) Flags: 40000000  Mdl: 00000000
         Not impersonating
         DeviceMap                 ffffaa0f102467e0
         Owning Process            ffffd50f30eac040       Image:         System
         Attached Process          N/A            Image:         N/A
         Wait Start TickCount      919275         Ticks: 42240 (0:00:11:00.000)
         Context Switch Count      64312          IdealProcessor: 3             
         UserTime                  00:00:00.000
         KernelTime                00:00:03.203
         Win32 Start Address nt!ExpWorkerThread (0xfffff803296d95b0)
         Stack Init ffff8109c62d8c90 Current ffff8109c62d7fc0
         Base ffff8109c62d9000 Limit ffff8109c62d3000 Call 0000000000000000
         Priority 13 BasePriority 12 PriorityDecrement 16 IoPriority 2 PagePriority 5
         Child-SP          RetAddr               Call Site
         ffff8109`c62d8000 fffff803`29656330     nt!KiSwapContext+0x76
         ffff8109`c62d8140 fffff803`2965585f     nt!KiSwapThread+0x500
         ffff8109`c62d81f0 fffff803`29655103     nt!KiCommitThreadWait+0x14f
         ffff8109`c62d8290 fffff809`25392ff2     nt!KeWaitForSingleObject+0x233
         ffff8109`c62d8380 fffff809`253bc3c6     usbaudio!USBHwStopMIDIPipe+0x1a6
         ffff8109`c62d83c0 fffff809`253ba60a     usbaudio!USBHwStopAllMIDIPipes+0x42
         ffff8109`c62d83f0 fffff809`253ba6b9     usbaudio!USBDeviceStop+0x3a
         ffff8109`c62d8430 fffff809`253b136c     usbaudio!USBDeviceSurpriseRemove+0x9
         ffff8109`c62d8460 fffff809`27266ba3     usbaudio!DeviceSurpriseRemoval+0x20c
         ffff8109`c62d84b0 fffff809`2725d5cb     ks!CKsDevice::DispatchPnp+0x2e3
         ffff8109`c62d8520 fffff809`253b19e3     ks!KsDispatchIrp+0xfb
         ffff8109`c62d8550 fffff803`29785867     usbaudio!UsbAudioIrpDispatcher+0x143
         ffff8109`c62d8590 fffff803`29ddcf1a     nt!IopfCallDriver+0x53
         ffff8109`c62d85d0 fffff803`29842189     nt!IovCallDriver+0x266
         ffff8109`c62d8610 fffff809`252916bf     nt!IofCallDriver+0x1f74e9
         ffff8109`c62d8650 fffff809`25291023     ksthunk!CKernelFilterDevice::DispatchIrp+0x23b
         ffff8109`c62d86b0 fffff803`29785867     ksthunk!CKernelFilterDevice::DispatchIrpBridge+0x13
         ffff8109`c62d86e0 fffff803`29ddcf1a     nt!IopfCallDriver+0x53
         ffff8109`c62d8720 fffff803`29842189     nt!IovCallDriver+0x266
         ffff8109`c62d8760 fffff803`29a864b4     nt!IofCallDriver+0x1f74e9
         ffff8109`c62d87a0 fffff803`29b5e0c8     nt!IopSynchronousCall+0xf8
         ffff8109`c62d8810 fffff803`29b5ba18     nt!IopRemoveDevice+0x108
         ffff8109`c62d88c0 fffff803`29b5dcc4     nt!PnpSurpriseRemoveLockedDeviceNode+0xb0
         ffff8109`c62d8920 fffff803`29b5d9bf     nt!PnpDeleteLockedDeviceNode+0x88
         ffff8109`c62d8960 fffff803`29b5c10a     nt!PnpDeleteLockedDeviceNodes+0xf7
         ffff8109`c62d89e0 fffff803`29b5280b     nt!PnpProcessQueryRemoveAndEject+0x1da
         ffff8109`c62d8ac0 fffff803`29ab69de     nt!PnpProcessTargetDeviceEvent+0xeb
         ffff8109`c62d8af0 fffff803`296d96b5     nt!PnpDeviceEventWorker+0x2ce
         ffff8109`c62d8b70 fffff803`2971c8e5     nt!ExpWorkerThread+0x105
         ffff8109`c62d8c10 fffff803`2981b4b8     nt!PspSystemThreadStartup+0x55
         ffff8109`c62d8c60 00000000`00000000     nt!KiStartSystemThread+0x28
    
    
    
         Threads Waiting On Exclusive Access:
                  ffffd50f3b66d040       
    1 total locks
    
    
  • tuple_cattuple_cat Member Posts: 44
    3: kd> !thread ffffd50f38c4e040 
    THREAD ffffd50f38c4e040  Cid 0004.01f4  Teb: 0000000000000000 Win32Thread: 0000000000000000 WAIT: (Executive) KernelMode Non-Alertable
        ffffd50f345e0d00  NotificationEvent
    IRP List:
        ffffd50f409feab0: (0006,0550) Flags: 40000000  Mdl: 00000000
    Not impersonating
    DeviceMap                 ffffaa0f102467e0
    Owning Process            ffffd50f30eac040       Image:         System
    Attached Process          N/A            Image:         N/A
    Wait Start TickCount      919275         Ticks: 42240 (0:00:11:00.000)
    Context Switch Count      64312          IdealProcessor: 3             
    UserTime                  00:00:00.000
    KernelTime                00:00:03.203
    Win32 Start Address nt!ExpWorkerThread (0xfffff803296d95b0)
    Stack Init ffff8109c62d8c90 Current ffff8109c62d7fc0
    Base ffff8109c62d9000 Limit ffff8109c62d3000 Call 0000000000000000
    Priority 13 BasePriority 12 PriorityDecrement 16 IoPriority 2 PagePriority 5
    Child-SP          RetAddr               : Args to Child                                                           : Call Site
    ffff8109`c62d8000 fffff803`29656330     : fffff803`27dad180 fffff803`ffffffff ffffd50f`30e8c090 fffff803`299b79bf : nt!KiSwapContext+0x76
    ffff8109`c62d8140 fffff803`2965585f     : ffffd50f`00000000 00000000`00000003 ffff8109`c62d8300 ffffd50f`00000000 : nt!KiSwapThread+0x500
    ffff8109`c62d81f0 fffff803`29655103     : fffff803`00000000 fffff809`00000000 00000000`00000000 ffffd50f`38c4e180 : nt!KiCommitThreadWait+0x14f
    ffff8109`c62d8290 fffff809`25392ff2     : ffffd50f`345e0d00 00000000`00000000 ffffd50f`3dc63b00 00000000`00000000 : nt!KeWaitForSingleObject+0x233
    ffff8109`c62d8380 fffff809`253bc3c6     : ffffd50f`3f4e51a0 ffffd50f`3dc63bc8 00000000`00000001 ffffd50f`441bfe00 : usbaudio!USBHwStopMIDIPipe+0x1a6
    ffff8109`c62d83c0 fffff809`253ba60a     : 00000000`00000000 ffffd50f`441bfd40 ffffd50f`3dc63bc8 ffffd50f`00000001 : usbaudio!USBHwStopAllMIDIPipes+0x42
    ffff8109`c62d83f0 fffff809`253ba6b9     : 00000000`00000000 00000000`00000000 ffffd50f`400c1be0 00000000`00000000 : usbaudio!USBDeviceStop+0x3a
    ffff8109`c62d8430 fffff809`253b136c     : 00000000`00000000 ffffd50f`409feee0 ffffd50f`400c1be0 ffffd50f`3dc63bc8 : usbaudio!USBDeviceSurpriseRemove+0x9
    ffff8109`c62d8460 fffff809`27266ba3     : ffffd50f`409feab0 ffffd50f`409feee0 ffffd50f`48e03c50 ffffd50f`48e03c50 : usbaudio!DeviceSurpriseRemoval+0x20c
    ffff8109`c62d84b0 fffff809`2725d5cb     : ffffd50f`400c1be0 ffffd50f`48e03c50 00000000`00000000 ffffad7d`6c200000 : ks!CKsDevice::DispatchPnp+0x2e3
    ffff8109`c62d8520 fffff809`253b19e3     : ffffd50f`409feab0 ffffd50f`400c1be0 ffffd50f`409feee0 00000000`00000000 : ks!KsDispatchIrp+0xfb
    ffff8109`c62d8550 fffff803`29785867     : ffffd50f`409feab0 00000000`00000000 ffffd50f`48e03c50 ffffd50f`00000000 : usbaudio!UsbAudioIrpDispatcher+0x143
    ffff8109`c62d8590 fffff803`29ddcf1a     : ffffd50f`409feab0 ffffd50f`48e03c50 ffffd50f`409feab0 ffff8109`c62d8648 : nt!IopfCallDriver+0x53
    ffff8109`c62d85d0 fffff803`29842189     : ffffd50f`409feab0 ffff8109`c62d86a0 ffffd50f`409feab0 ffffd50f`34a945b0 : nt!IovCallDriver+0x266
    ffff8109`c62d8610 fffff809`252916bf     : ffff8109`c62d86a8 ffffd50f`409feab0 ffffd50f`47ce0480 fffff803`29a864b4 : nt!IofCallDriver+0x1f74e9
    ffff8109`c62d8650 fffff809`25291023     : ffffd50f`409feab0 ffffd50f`48e04c70 ffffd50f`00000000 ffffd50f`34a94750 : ksthunk!CKernelFilterDevice::DispatchIrp+0x23b
    ffff8109`c62d86b0 fffff803`29785867     : ffffd50f`409fef70 fffff803`29de91ae ffffd50f`00000001 ffffd50f`00000000 : ksthunk!CKernelFilterDevice::DispatchIrpBridge+0x13
    ffff8109`c62d86e0 fffff803`29ddcf1a     : ffffd50f`409feab0 ffffd50f`48e04c70 ffffd50f`409feab0 fffff803`29de96c9 : nt!IopfCallDriver+0x53
    ffff8109`c62d8720 fffff803`29842189     : ffffd50f`48e04c70 00000000`00000000 ffffd50f`48e04c70 ffffd50f`34a94750 : nt!IovCallDriver+0x266
    ffff8109`c62d8760 fffff803`29a864b4     : 00000000`00000000 ffffd50f`48e04c70 ffff8109`c62d8850 00000000`00000000 : nt!IofCallDriver+0x1f74e9
    ffff8109`c62d87a0 fffff803`29b5e0c8     : 00000000`00000017 ffffd50f`3dc272c0 ffffd50f`45fe6cb0 ffffd50f`3dc272c0 : nt!IopSynchronousCall+0xf8
    ffff8109`c62d8810 fffff803`29b5ba18     : ffffaa0f`25d45770 00000000`00000000 00000000`0000030a 00000000`00000308 : nt!IopRemoveDevice+0x108
    ffff8109`c62d88c0 fffff803`29b5dcc4     : ffffd50f`45fe6cb0 00000000`00000000 00000000`00000000 fffff803`29b5dc0b : nt!PnpSurpriseRemoveLockedDeviceNode+0xb0
    ffff8109`c62d8920 fffff803`29b5d9bf     : ffffd50f`45fe6cb0 ffff8109`c62d89a0 00000000`00000000 fffff803`29b5d6f8 : nt!PnpDeleteLockedDeviceNode+0x88
    ffff8109`c62d8960 fffff803`29b5c10a     : ffffd50f`419d5060 00000008`00000002 00000000`00000000 00000000`00000000 : nt!PnpDeleteLockedDeviceNodes+0xf7
    ffff8109`c62d89e0 fffff803`29b5280b     : ffff8109`c62d8b20 ffffd50f`472e6c00 ffff8109`c62d8b00 ffffaa0f`00000008 : nt!PnpProcessQueryRemoveAndEject+0x1da
    ffff8109`c62d8ac0 fffff803`29ab69de     : ffffaa0f`25d45770 ffffaa0f`24fb7450 ffffd50f`30ea9c00 00000000`00000000 : nt!PnpProcessTargetDeviceEvent+0xeb
    ffff8109`c62d8af0 fffff803`296d96b5     : ffffd50f`38c4e040 ffffd50f`38c4e040 ffffd50f`30ea9cb0 ffffd50f`3d7b5c60 : nt!PnpDeviceEventWorker+0x2ce
    ffff8109`c62d8b70 fffff803`2971c8e5     : ffffd50f`38c4e040 00000000`00000080 ffffd50f`30eac040 fffff803`2965ca00 : nt!ExpWorkerThread+0x105
    ffff8109`c62d8c10 fffff803`2981b4b8     : ffffbd81`1fd00180 ffffd50f`38c4e040 fffff803`2971c890 ffff8109`c62d8c80 : nt!PspSystemThreadStartup+0x55
    ffff8109`c62d8c60 00000000`00000000     : ffff8109`c62d9000 ffff8109`c62d3000 00000000`00000000 00000000`00000000 : nt!KiStartSystemThread+0x28
    
    
    -----------------------------------
    
    3: kd> !thread ffffd50f3b66d040
    THREAD ffffd50f3b66d040  Cid 0004.16c4  Teb: 0000000000000000 Win32Thread: 0000000000000000 WAIT: (WrResource) KernelMode Non-Alertable
        ffff8109c4ced800  SynchronizationEvent
    Not impersonating
    DeviceMap                 ffffaa0f102467e0
    Owning Process            ffffd50f30eac040       Image:         System
    Attached Process          N/A            Image:         N/A
    Wait Start TickCount      961429         Ticks: 86 (0:00:00:01.343)
    Context Switch Count      139163         IdealProcessor: 2             
    UserTime                  00:00:00.000
    KernelTime                00:00:06.281
    Win32 Start Address nt!ExpWorkerThread (0xfffff803296d95b0)
    Stack Init ffff8109c4cedc90 Current ffff8109c4ced360
    Base ffff8109c4cee000 Limit ffff8109c4ce8000 Call 0000000000000000
    Priority 13 BasePriority 13 PriorityDecrement 0 IoPriority 2 PagePriority 5
    Child-SP          RetAddr               : Args to Child                                                           : Call Site
    ffff8109`c4ced3a0 fffff803`29656330     : ffffbd81`00000009 00000000`ffffffff 00000000`00000000 ffffd50f`3b720158 : nt!KiSwapContext+0x76
    ffff8109`c4ced4e0 fffff803`2965585f     : ffffffff`00000e53 00000000`00000000 ffff8109`c4ced6a0 ffffd50f`00000000 : nt!KiSwapThread+0x500
    ffff8109`c4ced590 fffff803`29655103     : 00000000`00000019 00000000`00000000 00000000`00000000 ffffd50f`3b66d180 : nt!KiCommitThreadWait+0x14f
    ffff8109`c4ced630 fffff803`2965194d     : ffff8109`c4ced800 ffffd50f`0000001b fffff803`29778700 fffff803`00000000 : nt!KeWaitForSingleObject+0x233
    ffff8109`c4ced720 fffff803`2965b79e     : fffff803`2a059c20 ffff8109`c4ced7e8 ffffaa0f`00010224 fffff803`29778710 : nt!ExpWaitForResource+0x6d
    ffff8109`c4ced7a0 fffff803`29a8f336     : ffff8109`c4ced890 ffffd50f`348c2060 00000000`00000001 00000000`00000001 : nt!ExAcquireResourceExclusiveLite+0x1fe
    ffff8109`c4ced830 fffff803`29b5b6bf     : 00000000`00000000 ffffd50f`348c2060 00000000`00000000 fffff803`2a059b00 : nt!PpDevNodeLockTree+0xca
    ffff8109`c4ced860 fffff803`29b5bcf9     : ffffd50f`482d4510 00000000`00000001 ffffd50f`482d4510 00000000`00000000 : nt!PnpDelayedRemoveWorker+0x2f
    ffff8109`c4ced8a0 fffff803`29878528     : 00000000`00000000 ffffd50f`30ec66e0 ffffd50f`348c2060 00000000`000000ff : nt!PnpChainDereferenceComplete+0xfd
    ffff8109`c4ced8d0 fffff803`296499d2     : ffffd50f`348c2060 00000000`00000001 ffffbd81`1ffe6910 00000000`00000000 : nt!IopCompleteUnloadOrDelete+0x172ae8
    ffff8109`c4ced990 fffff803`29a57270     : ffffd50f`48f6c260 00000000`00000000 00000000`00000000 00000000`00000000 : nt!IopDecrementDeviceObjectRef+0x162
    ffff8109`c4ced9f0 fffff803`29a5a950     : ffffd50f`30ef9140 00000000`00000000 ffffd50f`48f6c230 00000000`00000000 : nt!IopDeleteFile+0x210
    ffff8109`c4ceda70 fffff803`29afd724     : 00000000`00000000 ffffd50f`48f6c230 fffff803`29afd520 ffffd50f`30ea9cb0 : nt!ObpRemoveObjectRoutine+0x80
    ffff8109`c4cedad0 fffff803`296d96b5     : ffffd50f`3b66d040 fffff803`29afd520 ffffd50f`30ea9cb0 fffff803`00000000 : nt!ObpProcessRemoveObjectQueue+0x204
    ffff8109`c4cedb70 fffff803`2971c8e5     : ffffd50f`3b66d040 00000000`00000080 ffffd50f`30eac040 c7c7c7c7`c7c7c700 : nt!ExpWorkerThread+0x105
    ffff8109`c4cedc10 fffff803`2981b4b8     : ffffbd81`1ffe6180 ffffd50f`3b66d040 fffff803`2971c890 c7c7c7c7`c7c7c7c7 : nt!PspSystemThreadStartup+0x55
    ffff8109`c4cedc60 00000000`00000000     : ffff8109`c4cee000 ffff8109`c4ce8000 00000000`00000000 00000000`00000000 : nt!KiStartSystemThread+0x28
    
  • Tim_RobertsTim_Roberts Member - All Emails Posts: 14,832

    How is YOUR driver involved in this? Usbaudio is trying to stop all activity on the MIDI endpoints in response to a surprise removal, and is apparently waiting for some unfinished activity on the pipe.

    Tim Roberts, [email protected]
    Software Wizard Emeritus

  • tuple_cattuple_cat Member Posts: 44
    edited December 2023

    The device (also developed by me) exposes some USB interfaces that requires a custom driver. The device also expose USB interfaces which implements class compliant MIDI. Maybe there is something that needs to be done in the device so that the pipe can shutdown?

  • tuple_cattuple_cat Member Posts: 44

    On the other hand there is nothing the device can do since it has been removed. I have an automatable USB switch and with that I can attach / detach the device many times. The above deadlock never happens with a device from another manufacturer.

  • Mark_RoddyMark_Roddy Member - All Emails Posts: 4,753

    It is generally the driver's responsibility to terminate all outstanding IO operations that it controls from the driver to the (now missing) device. Are you using WDF for your driver? That would make handling surprise remove correctly easier. It would also aid in debugging as you could easily see if your driver has outstanding requests for your device.

  • tuple_cattuple_cat Member Posts: 44

    Yes, I am using WDF.

    Could some outstanding IO in my driver, that uses the vendor interfaces in the device, cause a class compliant driver to hang?

  • Mark_RoddyMark_Roddy Member - All Emails Posts: 4,753
  • tuple_cattuple_cat Member Posts: 44
    edited February 1

    I did not have time to look at this for some time but I've been testing a bit more.

    The device that I am using can also be configured to only expose class compliant audio and midi interfaces. If I put the device in that mode and after some time of attaching and detaching the device, the sound settings shows the device as available, even if the device is unplugged. If I then detach and attach the mouse I get a deadlock detected in Windbg:

    Possible deadlock. Use !locks FFFFF80656252C40 to determine the resource owner
    Break instruction exception - code 80000003 (first chance)
    nt!ExpWaitForResource+0x1f25fa:
    fffff806`55a3ceda cc              int     3
    0: kd> !locks FFFFF80656252C40
    Resource @ nt!PiEngineLock (0xfffff80656252c40)    Exclusively owned
        Contention Count = 867
        NumberOfExclusiveWaiters = 1
         Threads: ffffb486b1981080-01<*> 
         Threads Waiting On Exclusive Access:
    1 total locks
    0: kd> !thread ffffb486b1981080
    THREAD ffffb486b1981080  Cid 0004.00ec  Teb: 0000000000000000 Win32Thread: 0000000000000000 WAIT: (Executive) KernelMode Non-Alertable
        ffffb486b97f4e70  NotificationEvent
    IRP List:
        ffffb486b564aab0: (0006,0550) Flags: 40000000  Mdl: 00000000
    Not impersonating
    DeviceMap                 ffffc983f9646420
    Owning Process            ffffb486b18cc040       Image:         System
    Attached Process          N/A            Image:         N/A
    Wait Start TickCount      148625         Ticks: 3059454 (0:13:16:43.968)
    Context Switch Count      38827          IdealProcessor: 2             
    UserTime                  00:00:00.000
    KernelTime                00:00:01.703
    Win32 Start Address nt!ExpWorkerThread (0xfffff806558d25b0)
    Stack Init ffffc8023c1cbc90 Current ffffc8023c1cafc0
    Base ffffc8023c1cc000 Limit ffffc8023c1c6000 Call 0000000000000000
    Priority 12 BasePriority 12 PriorityDecrement 0 IoPriority 2 PagePriority 5
    Child-SP          RetAddr               : Args to Child                                                           : Call Site
    ffffc802`3c1cb000 fffff806`5584f330     : ffffe780`3eb6c180 fffff806`ffffffff ffffb486`b188ff50 fffff806`55bb09bf : nt!KiSwapContext+0x76
    ffffc802`3c1cb140 fffff806`5584e85f     : ffffb486`00000003 00000000`00000002 ffffc802`3c1cb300 ffffb486`00000000 : nt!KiSwapThread+0x500
    ffffc802`3c1cb1f0 fffff806`5584e103     : fffff806`00000000 fffff80e`00000000 00000000`00000000 ffffb486`b19811c0 : nt!KiCommitThreadWait+0x14f
    ffffc802`3c1cb290 fffff80e`a1522ff2     : ffffb486`b97f4e70 00000000`00000000 ffffb486`bb6e6000 00000000`00000000 : nt!KeWaitForSingleObject+0x233
    ffffc802`3c1cb380 fffff80e`a154c3c6     : ffffb486`bbce55c0 ffffb486`bb6e60d8 00000000`00000001 ffffb486`bad03c50 : usbaudio!USBHwStopMIDIPipe+0x1a6
    ffffc802`3c1cb3c0 fffff80e`a154a60a     : 00000000`00000000 ffffb486`bad03b90 ffffb486`bb6e60d8 ffffb486`00000001 : usbaudio!USBHwStopAllMIDIPipes+0x42
    ffffc802`3c1cb3f0 fffff80e`a154a6b9     : 00000000`00000000 00000000`00000000 ffffb486`bc22dbe0 ffffffff`ffffffff : usbaudio!USBDeviceStop+0x3a
    ffffc802`3c1cb430 fffff80e`a154136c     : 00000000`00000000 ffffb486`b564aee0 ffffb486`bc22dbe0 ffffb486`bb6e60d8 : usbaudio!USBDeviceSurpriseRemove+0x9
    ffffc802`3c1cb460 fffff80e`7c546ba3     : ffffb486`b564aab0 ffffb486`b564aee0 ffffb486`bb78e650 ffffb486`bb78e650 : usbaudio!DeviceSurpriseRemoval+0x20c
    ffffc802`3c1cb4b0 fffff80e`7c53d5cb     : ffffb486`bc22dbe0 ffffb486`bb78e650 00000000`00000000 ffffd770`18000000 : ks!CKsDevice::DispatchPnp+0x2e3
    ffffc802`3c1cb520 fffff80e`a15419e3     : ffffb486`b564aab0 ffffb486`bc22dbe0 ffffb486`b564aee0 00000000`00000000 : ks!KsDispatchIrp+0xfb
    ffffc802`3c1cb550 fffff806`5597e867     : ffffb486`b564aab0 00000000`00000000 ffffb486`bb78e650 ffffb486`00000000 : usbaudio!UsbAudioIrpDispatcher+0x143
    ffffc802`3c1cb590 fffff806`55fd5f1a     : ffffb486`b564aab0 ffffb486`bb78e650 ffffb486`b564aab0 ffffc802`3c1cb648 : nt!IopfCallDriver+0x53
    ffffc802`3c1cb5d0 fffff806`55a3b189     : ffffb486`b564aab0 ffffc802`3c1cb6a0 ffffb486`b564aab0 ffffb486`ba326d50 : nt!IovCallDriver+0x266
    ffffc802`3c1cb610 fffff80e`80c016bf     : ffffc802`3c1cb6a8 ffffb486`b564aab0 ffffb486`bbc41260 fffff806`55c7f4b4 : nt!IofCallDriver+0x1f74e9
    ffffc802`3c1cb650 fffff80e`80c01023     : ffffb486`b564aab0 ffffb486`ba8e72b0 ffffb486`00000000 ffffb486`ba329110 : ksthunk!CKernelFilterDevice::DispatchIrp+0x23b
    ffffc802`3c1cb6b0 fffff806`5597e867     : ffffb486`b564af70 fffff806`55fe21ae ffffb486`00000001 ffffb486`00000000 : ksthunk!CKernelFilterDevice::DispatchIrpBridge+0x13
    ffffc802`3c1cb6e0 fffff806`55fd5f1a     : ffffb486`b564aab0 ffffb486`ba8e72b0 ffffb486`b564aab0 fffff806`55fe26c9 : nt!IopfCallDriver+0x53
    ffffc802`3c1cb720 fffff806`55a3b189     : ffffb486`ba8e72b0 00000000`00000000 ffffb486`ba8e72b0 ffffb486`ba329110 : nt!IovCallDriver+0x266
    ffffc802`3c1cb760 fffff806`55c7f4b4     : 00000000`00000000 ffffb486`ba8e72b0 ffffc802`3c1cb850 00000000`00000000 : nt!IofCallDriver+0x1f74e9
    ffffc802`3c1cb7a0 fffff806`55d57128     : 00000000`00000017 ffffb486`bb906800 ffffb486`bb11ecc0 ffffb486`bb906800 : nt!IopSynchronousCall+0xf8
    ffffc802`3c1cb810 fffff806`55d54a78     : ffffc984`04f8a390 00000000`00000000 00000000`0000030a 00000000`00000308 : nt!IopRemoveDevice+0x108
    ffffc802`3c1cb8c0 fffff806`55d56d24     : ffffb486`bb11ecc0 00000000`00000000 00000000`00000000 fffff806`55d56c6b : nt!PnpSurpriseRemoveLockedDeviceNode+0xb0
    ffffc802`3c1cb920 fffff806`55d56a1f     : ffffb486`bb11ecc0 ffffc802`3c1cb9a0 00000000`00000000 fffff806`55d566b9 : nt!PnpDeleteLockedDeviceNode+0x88
    ffffc802`3c1cb960 fffff806`55d5516a     : ffffb486`bcc8a0a0 00000007`00000002 00000000`00000000 00000000`00000000 : nt!PnpDeleteLockedDeviceNodes+0xf7
    ffffc802`3c1cb9e0 fffff806`55d4b86b     : ffffc802`3c1cbb20 ffffb486`b9d43c00 ffffc802`3c1cbb00 ffffc984`00000007 : nt!PnpProcessQueryRemoveAndEject+0x1da
    ffffc802`3c1cbac0 fffff806`55caf9de     : ffffc984`04f8a390 ffffc984`024393f0 ffffb486`b18acc00 00000000`00000000 : nt!PnpProcessTargetDeviceEvent+0xeb
    ffffc802`3c1cbaf0 fffff806`558d26b5     : ffffb486`b1981080 ffffb486`b1981080 ffffb486`b18acce0 ffffb486`bb0f9c80 : nt!PnpDeviceEventWorker+0x2ce
    ffffc802`3c1cbb70 fffff806`559158e5     : ffffb486`b1981080 00000000`00000080 ffffb486`b18cc040 00000000`00000000 : nt!ExpWorkerThread+0x105
    ffffc802`3c1cbc10 fffff806`55a144b8     : ffffe780`3ede6180 ffffb486`b1981080 fffff806`55915890 00000000`00000000 : nt!PspSystemThreadStartup+0x55
    ffffc802`3c1cbc60 00000000`00000000     : ffffc802`3c1cc000 ffffc802`3c1c6000 00000000`00000000 00000000`00000000 : nt!KiStartSystemThread+0x28
    
Sign In or Register to comment.

Howdy, Stranger!

It looks like you're new here. Sign in or register to get started.

Upcoming OSR Seminars
OSR has suspended in-person seminars due to the Covid-19 outbreak. But, don't miss your training! Attend via the internet instead!
Kernel Debugging 13-17 May 2024 Live, Online
Developing Minifilters 1-5 Apr 2024 Live, Online
Internals & Software Drivers 11-15 Mar 2024 Live, Online
Writing WDF Drivers 20-24 May 2024 Live, Online