This is dieing jn the middle of your read function
rzfilter!RzFilter_EvtIoRead+2e6 [e:\work\heidi\rig\overlay\rzfilter\rzioctrl.c @ 565]
fffff880`014b2166 488b542450 mov rdx,qword ptr [rsp+50h]
rsp=rsp=fffff88005ce2770
My guess is that fffff88005ce2770 is a piece if pagable memory, either on the stack of your struct
d
debt from my phone
From: xxxxx@hotmail.com
Sent: 3/29/2012 12:44 AM
To: Windows System Software Devs Interest List
Subject: RE:[ntdev] BSOD when calling WdfRequestForwardToIoQueue
Forget to attach the output of the command !analyze -v
0: kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1)
An attempt was made to access a pageable (or completely invalid) address at an
interrupt request level (IRQL) that is too high. This is usually
caused by drivers using improper addresses.
If kernel debugger is available get stack backtrace.
Arguments:
Arg1: fffff880014b2166, memory referenced
Arg2: 0000000000000002, IRQL
Arg3: 0000000000000008, value 0 = read operation, 1 = write operation
Arg4: fffff880014b2166, address which referenced memory
Debugging Details:
READ_ADDRESS: GetPointerFromAddress: unable to read from fffff80002ebb0e0
fffff880014b2166
CURRENT_IRQL: 2
FAULTING_IP:
rzfilter!RzFilter_EvtIoRead+2e6 [e:\work\heidi\rig\overlay\rzfilter\rzioctrl.c @ 565]
fffff880`014b2166 488b542450 mov rdx,qword ptr [rsp+50h]
CUSTOMER_CRASH_COUNT: 1
DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT
BUGCHECK_STR: 0xD1
PROCESS_NAME: RazerMain.exe
DEVICE_OBJECT: fffffa8003ffff20
TRAP_FRAME: fffff88005ce25e0 – (.trap 0xfffff88005ce25e0)
NOTE: The trap frame does not contain all registers.
Some register values may be zeroed or incorrect.
rax=0000000000000000 rbx=0000000000000000 rcx=fffffa800385c800
rdx=0000057ffc7a3802 rsi=0000000000000000 rdi=0000000000000000
rip=fffff880014b2166 rsp=fffff88005ce2770 rbp=0000057ffc79afd8
r8=0000000000000000 r9=0000000000000000 r10=fffffa80027d3990
r11=0000000000000002 r12=0000000000000000 r13=0000000000000000
r14=0000000000000000 r15=0000000000000000
iopl=0 nv up ei pl zr na po nc
rzfilter!RzFilter_EvtIoRead+0x2e6:
fffff880014b2166 488b542450 mov rdx,qword ptr [rsp+50h] ss:0018:fffff880
05ce27c0=fffffa800385c390
Resetting default scope
LAST_CONTROL_TRANSFER: from fffff80002c84469 to fffff80002c84f00
FAILED_INSTRUCTION_ADDRESS:
rzfilter!RzFilter_EvtIoRead+2e6 [e:\work\heidi\rig\overlay\rzfilter\rzioctrl.c @ 565]
fffff880`014b2166 488b542450 mov rdx,qword ptr [rsp+50h]
STACK_TEXT:
fffff88005ce2498 fffff800
02c84469 : 000000000000000a fffff880
014b2166 0000000000000002 00000000
00000008 : nt!KeBugCheckEx
fffff88005ce24a0 fffff800
02c830e0 : fffff68000036978 fffffa80
0432cc80 ffffffffffffffff 00000000
00000001 : nt!KiBugCheckDispatch+0x69
fffff88005ce25e0 fffff880
014b2166 : 0000057ffc7a3858 fffff800
02c31a8f fffff70001080000 fffffa80
0388c320 : nt!KiPageFault+0x260
fffff88005ce2770 fffff880
00f1ed43 : 0000057ffc79afd8 0000057f
fbcd3378 0000000000000010 fffffa80
008a5ca0 : rzfilter!RzFilter_EvtIoRead+0x2e6 [e:\work\heidi\rig\overlay\rzfilter\rzioctrl.c @ 565]
fffff88005ce2800 fffff880
00f1e99f : 0000000000000000 fffffa80
0432cc80 fffffa8003865020 fffffa80
03865020 : Wdf01000!FxIoQueue::DispatchRequestToDriver+0x26b
fffff88005ce2880 fffff880
00f1df98 : 0000000000000000 00000000
00000000 0000000000000000 fffffa80
0432cdd2 : Wdf01000!FxIoQueue::DispatchEvents+0x4df
fffff88005ce28f0 fffff880
00f23558 : fffffa800413d500 fffffa80
0432cc80 fffffa800413d4d0 fffffa80
0432cc80 : Wdf01000!FxIoQueue::QueueRequest+0x2bc
fffff88005ce2960 fffff880
00f0d245 : fffffa800432cc80 00000000
00000000 fffffa8003ffff20 00000000
00000000 : Wdf01000!FxPkgIo::Dispatch+0x37c
fffff88005ce29e0 fffff800
02f98929 : 0000000000000000 fffffa80
03ffff20 0000000000000000 fffffa80
0413d4d0 : Wdf01000!FxDevice::Dispatch+0xa9
fffff88005ce2a10 fffff800
02fa0143 : fffffa8003ffff20 00000000
00000000 fffffa8003ffff20 fffff800
02dfde80 : nt!IopSynchronousServiceTail+0xf9
fffff88005ce2a80 fffff800
02c84153 : 0000000000000000 00000000
000003f4 0000000000000001 00000000
05e2fea8 : nt!NtReadFile+0x631
fffff88005ce2b70 00000000
744c2dd9 : 0000000000000000 00000000
00000000 0000000000000000 00000000
00000000 : nt!KiSystemServiceCopyEnd+0x13
000000000569eee8 00000000
00000000 : 0000000000000000 00000000
00000000 0000000000000000 00000000
00000000 : 0x744c2dd9
STACK_COMMAND: kb
FOLLOWUP_IP:
rzfilter!RzFilter_EvtIoRead+2e6 [e:\work\heidi\rig\overlay\rzfilter\rzioctrl.c @ 565]
fffff880`014b2166 488b542450 mov rdx,qword ptr [rsp+50h]
SYMBOL_STACK_INDEX: 3
SYMBOL_NAME: rzfilter!RzFilter_EvtIoRead+2e6
FOLLOWUP_NAME: MachineOwner
MODULE_NAME: rzfilter
IMAGE_NAME: rzfilter.sys
DEBUG_FLR_IMAGE_TIMESTAMP: 4f73c4ff
FAILURE_BUCKET_ID: X64_0xD1_CODE_AV_BAD_IP_rzfilter!RzFilter_EvtIoRead+2e6
BUCKET_ID: X64_0xD1_CODE_AV_BAD_IP_rzfilter!RzFilter_EvtIoRead+2e6
Followup: MachineOwner
NTDEV is sponsored by OSR
For our schedule of WDF, WDM, debugging and other seminars visit:
http://www.osr.com/seminars
To unsubscribe, visit the List Server section of OSR Online at http://www.osronline.com/page.cfm?name=ListServer