Hey all,
This is a new problem that hasn’t happened to me before. When I call one of the synchronization routines, like KeWaitForSingleObject
, KeDelayExecutionThread
, while debugging, WinDbg breaks and shows KiSwapContext
threw an access violation.
Access violation - code c0000005 (!!! second chance !!!)
nt!KiSwapContext+0xf:
fffff800`021c81ff 0f29742430 movaps xmmword ptr [rsp+30h],xmm6
The actual driver code goes along something like this:
/*This is DriverEntry */
_disable();
// Do stuff with no interrupts here
_enable();
KIRQL old = KeRaiseIrqlToDpcLevel();
//Do stuff with IRQL DISPATCH_LEVEL
KeLowerIrql(PASSIVE_LEVEL)
KeWaitForSingleObject(threadObject, Executive, KernelMode, FALSE, NULL);
If anyone knows why the last line is causing access violations within KiSwapContext
, that’d be great.