Hello,
I am trying to send async notifications to user mode applications through the WMIEvents from the storport miniport driver
And have encountered Blue screen while doing this in DPC routine of the miniport driver.
I am using StorportNotification for sending WMIEvents as shown in Below Code
VOID WmiNotifyAsyncEvent(
In PXXX_DEVICE_EXTENSION pAE,
In PXXX_SRB_EXTENSION pSrbExt
)
{
if (pSrbExt->pSrb != NULL)
{
#if (NTDDI_VERSION > NTDDI_WIN7)
PSTORAGE_REQUEST_BLOCK pSrb = pSrbExt->pSrb;
UCHAR PathId = SrbGetPathId((void*)pSrb);
UCHAR TargetId = SrbGetTargetId((void*)pSrb);
UCHAR Lun = SrbGetLun((void*)pSrb);
#else
PSCSI_REQUEST_BLOCK pSrb = pSrbExt->pSrb;
UCHAR PathId = pSrb->PathId;
UCHAR TargetId = pSrb->TargetId;
UCHAR Lun = pSrb->Lun;
#endif
PWNODE_EVENT_ITEM pWMIEventItem = &(pAE->wmiEventItem);
PVOID pAdapterDeviceObject = NULL;
PVOID pPhysicalDeviceObject = NULL;
PVOID pLowerDeviceObject = NULL;
LARGE_INTEGER currentTime;
ULONG status = StorPortGetDeviceObjects(pAE, &pAdapterDeviceObject, &pPhysicalDeviceObject, &pLowerDeviceObject);
if (status == STOR_STATUS_SUCCESS)
{
KeQuerySystemTime(¤tTime);
pWMIEventItem->WnodeHeader.BufferSize = sizeof(WNODE_EVENT_ITEM);
pWMIEventItem->WnodeHeader.ProviderId = IoWMIDeviceObjectToProviderId((PDEVICE_OBJECT)pAdapterDeviceObject);
pWMIEventItem->WnodeHeader.TimeStamp = currentTime;
pWMIEventItem->WnodeHeader.Guid = XXXX_AsyncEvent_GUID;
pWMIEventItem->WnodeHeader.ClientContext = 2;
pWMIEventItem->WnodeHeader.Flags = WNODE_FLAG_SINGLE_ITEM | WNODE_FLAG_EVENT_ITEM;
StorPortNotification(WMIEvent, pAE, pWMIEventItem, PathId, TargetId, Lun);
}
}
}
Is there something i am doing wrong here?
Since there is very less documentation on WMI implementation in storport miniport driver and none of them with usage of StorportNotification for sending WMI events, i am not able to figure out the problem here.
Please help me in analysing this issue.
Below is the crash report
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1)
An attempt was made to access a pageable (or completely invalid) address at an
interrupt request level (IRQL) that is too high. This is usually
caused by drivers using improper addresses.
If kernel debugger is available get stack backtrace.
Arguments:
Arg1: 0000000000000000, memory referenced
Arg2: 0000000000000002, IRQL
Arg3: 0000000000000000, value 0 = read operation, 1 = write operation
Arg4: fffff80012c248c0, address which referenced memory
Debugging Details:
READ_ADDRESS: unable to get nt!MmNonPagedPoolStart
unable to get nt!MmSizeOfNonPagedPoolInBytes
0000000000000000
CURRENT_IRQL: 2
FAULTING_IP:
storport!StorPortGetLogicalUnit+c
fffff800`12c248c0 488b08 mov rcx,qword ptr [rax]
DEFAULT_BUCKET_ID: WIN8_DRIVER_FAULT
BUGCHECK_STR: AV
PROCESS_NAME: System
ANALYSIS_VERSION: 6.3.9600.17336 (debuggers(dbg).150226-1500) amd64fre
DPC_STACK_BASE: FFFFF8001F8FCFB0
TRAP_FRAME: fffff8001f8f45f0 – (.trap 0xfffff8001f8f45f0)
NOTE: The trap frame does not contain all registers.
Some register values may be zeroed or incorrect.
rax=0000000000000000 rbx=0000000000000000 rcx=ffffe00150fde1a0
rdx=ffffe00152005b00 rsi=0000000000000000 rdi=0000000000000000
rip=fffff80012c248c0 rsp=fffff8001f8f4780 rbp=ffffe00150fde050
r8=0000000000000000 r9=0000000000000000 r10=ffffe00150fde710
r11=fffff8001f8f4a90 r12=0000000000000000 r13=0000000000000000
r14=0000000000000000 r15=0000000000000000
iopl=0 nv up ei pl zr na po nc
storport!StorPortGetLogicalUnit+0xc:
fffff80012c248c0 488b08 mov rcx,qword ptr [rax] ds:0000000000000000=???
Resetting default scope
LAST_CONTROL_TRANSFER: from fffff8001dfe53b2 to fffff8001df58890
STACK_TEXT:
fffff8001f8f3cf8 fffff8001dfe53b2 : fffff6fb7dbf0000 fffff6fb7dbedf80 fffff25359bf609f fffff8001dfe5d26 : nt!DbgBreakPointWithStatus
fffff8001f8f3d00 fffff8001dfe5085 : fffff80000000004 fffff8001e0e2000 000000000000000a 000000000000000a : nt!KiBugCheckDebugBreak+0x12
fffff8001f8f3d60 fffff8001df51da4 : 0000000000000000 0000000000000000 0000000000000000 0000000000000000 : nt!KeBugCheck2+0xc6d
fffff8001f8f4470 fffff8001df5d7e9 : 000000000000000a 0000000000000000 0000000000000002 0000000000000000 : nt!KeBugCheckEx+0x104
fffff8001f8f44b0 fffff8001df5c03a : 0000000000000000 0000000000000000 ffffe001506fa200 fffff8001df5aea2 : nt!KiBugCheckDispatch+0x69
fffff8001f8f45f0 fffff80012c248c0 : 0000000000000010 0000000000000311 fffff8001f8f47a0 0000000000000018 : nt!KiPageFault+0x23a
fffff8001f8f4780 fffff80012c2dd56 : 0000000000000010 0000000000000384 fffff8001f8f47d0 0000000000000018 : storport!StorPortGetLogicalUnit+0xc
fffff8001f8f47b0 fffff80012c06400 : 0000000000000000 ffffe00150fde050 ffffe00150fde6b0 fffff8001d24075f : storport!RaidAdapterWmiDeferredRoutine+0x42
fffff8001f8f47e0 fffff8001dea7c00 : ffffe00150fe2d58 fffff8001e106f00 fffff8001f8f4910 fffff8001f8f4ac0 : storport!RaidProcessDeferredItemsWorker+0x50
fffff8001f8f4810 fffff8001dea6eb7 : 0000000000000000 00000000003464b8 fffff8001e104180 fffff8001e104180 : nt!KiExecuteAllDpcs+0x1b0
fffff8001f8f4960 fffff8001df557ea : fffff8001e104180 fffff8001e104180 fffff8001e15da00 ffffe00154917080 : nt!KiRetireDpcList+0xd7
fffff8001f8f4be0 0000000000000000 : fffff8001f8f5000 fffff8001f8ee000 0000000000000000 0000000000000000 : nt!KiIdleLoop+0x5a
STACK_COMMAND: kb
FOLLOWUP_IP:
storport!StorPortGetLogicalUnit+c
fffff800`12c248c0 488b08 mov rcx,qword ptr [rax]
SYMBOL_STACK_INDEX: 6
SYMBOL_NAME: storport!StorPortGetLogicalUnit+c
FOLLOWUP_NAME: MachineOwner
MODULE_NAME: storport
IMAGE_NAME: storport.sys
DEBUG_FLR_IMAGE_TIMESTAMP: 5423822b
BUCKET_ID_FUNC_OFFSET: c
FAILURE_BUCKET_ID: AV_storport!StorPortGetLogicalUnit
BUCKET_ID: AV_storport!StorPortGetLogicalUnit
ANALYSIS_SOURCE: KM
FAILURE_ID_HASH_STRING: km:av_storport!storportgetlogicalunit
FAILURE_ID_HASH: {c5c5e153-e90e-6823-3b9e-a03dabaff16e}
Followup: MachineOwner
Thanks
Sashank