Bugcheck 0x8E in Fltmgr.sys

Hi,

My driver which does raw i/o against an unformatted partition worked
fine until I installed W2K3 SP1. It now crashes with the following :

Do I have to do something special for raw I/O on for W2K3 SP1?

Thanks in advance.

3: kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************

KERNEL_MODE_EXCEPTION_NOT_HANDLED (8e)
This is a very common bugcheck. Usually the exception address pinpoints
the driver/function that caused the problem. Always note this address
as well as the link date of the driver/image that contains this address.
Some common problems are exception code 0x80000003. This means a hard
coded breakpoint or assertion was hit, but this system was booted
/NODEBUG. This is not supposed to happen as developers should never have
hardcoded breakpoints in retail code, but …
If this happens, make sure a debugger gets connected, and the
system is booted /DEBUG. This will let us see why this breakpoint is
happening.
An exception code of 0x80000002 (STATUS_DATATYPE_MISALIGNMENT) indicates
that an unaligned data reference was encountered. The trap frame will
supply additional information.
Arguments:
Arg1: c0000005, The exception code that was not handled
Arg2: 8083f9cc, The address that the exception occurred at
Arg3: b90204d8, Trap Frame
Arg4: 00000000

Debugging Details:

EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - The instruction at “0x%08lx”
referenced memory at “0x%08lx”. The memory could not be “%s”.

FAULTING_IP:
nt!IofCallDriver+41
8083f9cc ff548638 call dword ptr [esi+eax*4+0x38]

TRAP_FRAME: b90204d8 – (.trap ffffffffb90204d8)
ErrCode = 00000000
eax=00000003 ebx=b840b1c0 ecx=89f8a400 edx=898de538 esi=4794e60b edi=89c52438
eip=8083f9cc esp=b902054c ebp=b9020558 iopl=0 nv up ei ng nz na pe nc
cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00010282
nt!IofCallDriver+0x41:
8083f9cc ff548638 call dword ptr [esi+eax*4+0x38] ds:0023:4794e64f=???
Resetting default scope

DEFAULT_BUCKET_ID: DRIVER_FAULT

BUGCHECK_STR: 0x8E

CURRENT_IRQL: 0

LAST_CONTROL_TRANSFER: from f7317c53 to 8083f9cc

STACK_TEXT:
b9020558 f7317c53 8a6fe990 8908aee0 88d53050 nt!IofCallDriver+0x41
b9020580 8083f9d0 89c52438 898de538 88edb5d8 fltmgr!FltpDispatch+0x6f
b9020594 b829285f 898de6a4 0000004d b825cf73 nt!IofCallDriver+0x45
<<<>>
b9020d00 80940844 00000078 00000000 00000000 nt!IopXxxControlFile+0x255
b9020d34 80834d3f 00000078 00000000 00000000 nt!NtDeviceIoControlFile+0x2a
b9020d34 7c82ed54 00000078 00000000 00000000 nt!KiFastCallEntry+0xfc
WARNING: Frame IP not in any known module. Following frames may be wrong.
0012f6b4 00000000 00000000 00000000 00000000 0x7c82ed54

FOLLOWUP_IP:
fltmgr!FltpDispatch+6f
f7317c53 e9df000000 jmp fltmgr!FltpDispatch+0x153 (f7317d37)

SYMBOL_STACK_INDEX: 1

FOLLOWUP_NAME: MachineOwner

SYMBOL_NAME: fltmgr!FltpDispatch+6f

MODULE_NAME: fltmgr

IMAGE_NAME: fltmgr.sys

DEBUG_FLR_IMAGE_TIMESTAMP: 42435ba1

STACK_COMMAND: .trap ffffffffb90204d8 ; kb

BUCKET_ID: 0x8E_fltmgr!FltpDispatch+6f

Followup: MachineOwner
---------

Raw IO should work fine. Are you saying this showed up with the actual
released version of Srv03 SP1? What version were you running your
minifilter on before? Would you be willing to send me a memory dump of
the issue?

Neal Christiansen
Microsoft File System Filter Group Lead
This posting is provided “AS IS” with no warranties, and confers no
Rights

-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Venu Joshi
Sent: Tuesday, April 05, 2005 10:44 PM
To: Windows File Systems Devs Interest List
Subject: [ntfsd] Bugcheck 0x8E in Fltmgr.sys

Hi,

My driver which does raw i/o against an unformatted partition worked
fine until I installed W2K3 SP1. It now crashes with the following :

Do I have to do something special for raw I/O on for W2K3 SP1?

Thanks in advance.

3: kd> !analyze -v
************************************************************************
*******
*
*
* Bugcheck Analysis
*
*
*
************************************************************************
*******

KERNEL_MODE_EXCEPTION_NOT_HANDLED (8e)
This is a very common bugcheck. Usually the exception address pinpoints
the driver/function that caused the problem. Always note this address
as well as the link date of the driver/image that contains this address.
Some common problems are exception code 0x80000003. This means a hard
coded breakpoint or assertion was hit, but this system was booted
/NODEBUG. This is not supposed to happen as developers should never
have
hardcoded breakpoints in retail code, but …
If this happens, make sure a debugger gets connected, and the
system is booted /DEBUG. This will let us see why this breakpoint is
happening.
An exception code of 0x80000002 (STATUS_DATATYPE_MISALIGNMENT) indicates
that an unaligned data reference was encountered. The trap frame will
supply additional information.
Arguments:
Arg1: c0000005, The exception code that was not handled
Arg2: 8083f9cc, The address that the exception occurred at
Arg3: b90204d8, Trap Frame
Arg4: 00000000

Debugging Details:

EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - The instruction at “0x%08lx”
referenced memory at “0x%08lx”. The memory could not be “%s”.

FAULTING_IP:
nt!IofCallDriver+41
8083f9cc ff548638 call dword ptr [esi+eax*4+0x38]

TRAP_FRAME: b90204d8 – (.trap ffffffffb90204d8)
ErrCode = 00000000
eax=00000003 ebx=b840b1c0 ecx=89f8a400 edx=898de538 esi=4794e60b
edi=89c52438
eip=8083f9cc esp=b902054c ebp=b9020558 iopl=0 nv up ei ng nz na
pe nc
cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000
efl=00010282
nt!IofCallDriver+0x41:
8083f9cc ff548638 call dword ptr [esi+eax*4+0x38]
ds:0023:4794e64f=???
Resetting default scope

DEFAULT_BUCKET_ID: DRIVER_FAULT

BUGCHECK_STR: 0x8E

CURRENT_IRQL: 0

LAST_CONTROL_TRANSFER: from f7317c53 to 8083f9cc

STACK_TEXT:
b9020558 f7317c53 8a6fe990 8908aee0 88d53050 nt!IofCallDriver+0x41
b9020580 8083f9d0 89c52438 898de538 88edb5d8 fltmgr!FltpDispatch+0x6f
b9020594 b829285f 898de6a4 0000004d b825cf73 nt!IofCallDriver+0x45
<<<>>
b9020d00 80940844 00000078 00000000 00000000 nt!IopXxxControlFile+0x255
b9020d34 80834d3f 00000078 00000000 00000000
nt!NtDeviceIoControlFile+0x2a
b9020d34 7c82ed54 00000078 00000000 00000000 nt!KiFastCallEntry+0xfc
WARNING: Frame IP not in any known module. Following frames may be
wrong.
0012f6b4 00000000 00000000 00000000 00000000 0x7c82ed54

FOLLOWUP_IP:
fltmgr!FltpDispatch+6f
f7317c53 e9df000000 jmp fltmgr!FltpDispatch+0x153 (f7317d37)

SYMBOL_STACK_INDEX: 1

FOLLOWUP_NAME: MachineOwner

SYMBOL_NAME: fltmgr!FltpDispatch+6f

MODULE_NAME: fltmgr

IMAGE_NAME: fltmgr.sys

DEBUG_FLR_IMAGE_TIMESTAMP: 42435ba1

STACK_COMMAND: .trap ffffffffb90204d8 ; kb

BUCKET_ID: 0x8E_fltmgr!FltpDispatch+6f

Followup: MachineOwner
---------


Questions? First check the IFS FAQ at
https://www.osronline.com/article.cfm?id=17

You are currently subscribed to ntfsd as: xxxxx@windows.microsoft.com
To unsubscribe send a blank email to xxxxx@lists.osr.com

The same driver binary runs fine on w2k latest sp, xp, srv03 sp0. The
crash occurs only on srv03 sp1.

Will try to send the dump through our support channel.

Thanks

On Apr 5, 2005 11:02 PM, Neal Christiansen wrote:
> Raw IO should work fine. Are you saying this showed up with the actual
> released version of Srv03 SP1? What version were you running your
> minifilter on before? Would you be willing to send me a memory dump of
> the issue?
>
> Neal Christiansen
> Microsoft File System Filter Group Lead
> This posting is provided “AS IS” with no warranties, and confers no
> Rights
>
> -----Original Message-----
> From: xxxxx@lists.osr.com
> [mailto:xxxxx@lists.osr.com] On Behalf Of Venu Joshi
> Sent: Tuesday, April 05, 2005 10:44 PM
> To: Windows File Systems Devs Interest List
> Subject: [ntfsd] Bugcheck 0x8E in Fltmgr.sys
>
> Hi,
>
> My driver which does raw i/o against an unformatted partition worked
> fine until I installed W2K3 SP1. It now crashes with the following :
>
> Do I have to do something special for raw I/O on for W2K3 SP1?
>
> Thanks in advance.
>
> 3: kd> !analyze -v
> *****************************************************************
>

> *
> *
> * Bugcheck Analysis
> *
> *
> *
> ***************************************************************
>

>
> KERNEL_MODE_EXCEPTION_NOT_HANDLED (8e)
> This is a very common bugcheck. Usually the exception address pinpoints
> the driver/function that caused the problem. Always note this address
> as well as the link date of the driver/image that contains this address.
> Some common problems are exception code 0x80000003. This means a hard
> coded breakpoint or assertion was hit, but this system was booted
> /NODEBUG. This is not supposed to happen as developers should never
> have
> hardcoded breakpoints in retail code, but …
> If this happens, make sure a debugger gets connected, and the
> system is booted /DEBUG. This will let us see why this breakpoint is
> happening.
> An exception code of 0x80000002 (STATUS_DATATYPE_MISALIGNMENT) indicates
> that an unaligned data reference was encountered. The trap frame will
> supply additional information.
> Arguments:
> Arg1: c0000005, The exception code that was not handled
> Arg2: 8083f9cc, The address that the exception occurred at
> Arg3: b90204d8, Trap Frame
> Arg4: 00000000
>
> Debugging Details:
> ------------------
>
> EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - The instruction at “0x%08lx”
> referenced memory at “0x%08lx”. The memory could not be “%s”.
>
> FAULTING_IP:
> nt!IofCallDriver+41
> 8083f9cc ff548638 call dword ptr [esi+eax
4+0x38]
>
> TRAP_FRAME: b90204d8 – (.trap ffffffffb90204d8)
> ErrCode = 00000000
> eax=00000003 ebx=b840b1c0 ecx=89f8a400 edx=898de538 esi=4794e60b
> edi=89c52438
> eip=8083f9cc esp=b902054c ebp=b9020558 iopl=0 nv up ei ng nz na
> pe nc
> cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000
> efl=00010282
> nt!IofCallDriver+0x41:
> 8083f9cc ff548638 call dword ptr [esi+eax
4+0x38]
> ds:0023:4794e64f=???
> Resetting default scope
>
> DEFAULT_BUCKET_ID: DRIVER_FAULT
>
> BUGCHECK_STR: 0x8E
>
> CURRENT_IRQL: 0
>
> LAST_CONTROL_TRANSFER: from f7317c53 to 8083f9cc
>
> STACK_TEXT:
> b9020558 f7317c53 8a6fe990 8908aee0 88d53050 nt!IofCallDriver+0x41
> b9020580 8083f9d0 89c52438 898de538 88edb5d8 fltmgr!FltpDispatch+0x6f
> b9020594 b829285f 898de6a4 0000004d b825cf73 nt!IofCallDriver+0x45
> <<<>>
> b9020d00 80940844 00000078 00000000 00000000 nt!IopXxxControlFile+0x255
> b9020d34 80834d3f 00000078 00000000 00000000
> nt!NtDeviceIoControlFile+0x2a
> b9020d34 7c82ed54 00000078 00000000 00000000 nt!KiFastCallEntry+0xfc
> WARNING: Frame IP not in any known module. Following frames may be
> wrong.
> 0012f6b4 00000000 00000000 00000000 00000000 0x7c82ed54
>
> FOLLOWUP_IP:
> fltmgr!FltpDispatch+6f
> f7317c53 e9df000000 jmp fltmgr!FltpDispatch+0x153 (f7317d37)
>
> SYMBOL_STACK_INDEX: 1
>
> FOLLOWUP_NAME: MachineOwner
>
> SYMBOL_NAME: fltmgr!FltpDispatch+6f
>
> MODULE_NAME: fltmgr
>
> IMAGE_NAME: fltmgr.sys
>
> DEBUG_FLR_IMAGE_TIMESTAMP: 42435ba1
>
> STACK_COMMAND: .trap ffffffffb90204d8 ; kb
>
> BUCKET_ID: 0x8E_fltmgr!FltpDispatch+6f
>
> Followup: MachineOwner
> ---------
>
> —
> Questions? First check the IFS FAQ at
> https://www.osronline.com/article.cfm?id=17
>
> You are currently subscribed to ntfsd as: xxxxx@windows.microsoft.com
> To unsubscribe send a blank email to xxxxx@lists.osr.com
>
> —
> Questions? First check the IFS FAQ at https://www.osronline.com/article.cfm?id=17
>
> You are currently subscribed to ntfsd as: unknown lmsubst tag argument: ‘’
> To unsubscribe send a blank email to xxxxx@lists.osr.com
>