Q1. In my upper class filter driver (myfltr.sys) I 'm splitting irps in smaller irps and sending the small irps down the stack to the next driver. Everything was working as expected but when I enabled driver verifier I got the following message. This happened long after the system has booted and vista was up and running for almost 6-7 hours. Then I got a sample code from somewhere which has a comment saying “the IoMarkIrpPending (originalIrp) must be called before sending the smaller irps to the next driver in the stack otherwise we may have problems while completing the originalIrp in the completion routine of the smaller irps”. I did that and I’m not getting that error anymore. But I don’t understand why and also is it correct thing to do? Help.
***********************************************************************
* THIS VALIDATION BUG IS FATAL AND WILL CAUSE THE VERIFIER TO HALT *
* WINDOWS (BUGCHECK) WHEN THE MACHINE IS NOT UNDER A KERNEL DEBUGGER! *
***********************************************************************
WDM DRIVER ERROR: [myfltr.sys @ 0x82786E10] An IRP dispatch handler has
returned without passing down or completing this Irp or
someone forgot to return STATUS_PENDING. (Irp = 84E53AE8
).
IRP_MJ_READ
[DevObj=8607B5B8, FileObject=00000000, Parameters=00008000 00000000 9E446000 00000018]
http://www.microsoft.com/hwdq/bc/default.asp?os=6.0.6000&major=0xc9&minor=0x226&lang=0x9
Break, Ignore, Zap, Remove, Disable all (bizrd)? b
Breaking in… (press g to return to assert menu)
Break instruction exception - code 80000003 (first chance)
nt!DbgBreakPoint:
818578ce cc int 3
1: kd> kb
ChildEBP RetAddr Args to Child
a2660648 81ad6293 a26606eb 87215f18 8506d548 nt!DbgBreakPoint
a26608f0 81ad6192 00000226 a2660900 a26609e8 nt!VfBugcheckThrowException+0xeb
a26609d0 81ad75b6 00000226 00000041 82786e10 nt!VfBugcheckThrowIoException+0x11b
a2660a04 81ad5f72 87215f7c 84e53ae8 a2660a34 nt!IovpCallDriver2+0x33e
a2660a14 81ace68e 87215f7c 84e53c70 8607b7c8 nt!VfAfterCallDriver+0x110
a2660a34 81827e86 81ae02e0 84e53c94 8607b7c8 nt!IovCallDriver+0x25f
a2660a48 81ae02e0 84e53ae8 8607b5b8 84e3a3c8 nt!IofCallDriver+0x1b
a2660a60 81ace681 8607b670 84e53ae8 34346000 nt!ViFilterDispatchGeneric+0x5e
a2660a84 81827e86 818b06e7 84e53ae8 8607b5b8 nt!IovCallDriver+0x252
a2660a98 818b06e7 8062e6f5 00000000 00000000 nt!IofCallDriver+0x1b
a2660a9c 8062e6f5 00000000 00000000 84e53ae8 nt!IoCallDriverStackSafe+0x5
a2660ac0 81ace681 85de16a0 84e53ae8 84e53cb8 volmgr!VmReadWrite+0x1b7
a2660ae4 81827e86 818b06e7 84e53cdc 85de16a0 nt!IovCallDriver+0x252
a2660af8 818b06e7 827c1329 00000000 00000000 nt!IofCallDriver+0x1b
a2660afc 827c1329 00000000 00000000 00000000 nt!IoCallDriverStackSafe+0x5
a2660b14 827c1b17 86256b88 84e53ae8 8187629f fvevol!RequestPassThrough+0x3f
a2660b2c 827c0153 86256b88 84e53ae8 84e53ae8 fvevol!FveFilterRead+0x23
a2660b50 81ace681 86256ad0 84e53ae8 00000000 fvevol!FveFilterRundownRead+0x11b
a2660b74 81827e86 818b06e7 00000000 86256ad0 nt!IovCallDriver+0x252
a2660b88 818b06e7 827e3ac2 00000000 00000000 nt!IofCallDriver+0x1b
Q2. I keep getting this random assertion failure and is not reproducible every time I re-start my machine.
Assertion failure - code c0000420 (first chance)
nt!KeUpdateRunTime+0x248:
818285bd cd2c int 2Ch
0: kd> !analyze -v
Connected to Windows Vista 6000 x86 compatible target, ptr64 FALSE
Loading Kernel Symbols
…
Loading User Symbols
Loading unloaded module list
…
ERROR: Module load completed but symbols could not be loaded for spldr.sys
****************************************************************************
*
Bugcheck Analysis
*
*******************************************************************************
Unknown bugcheck code (0)
Unknown bugcheck description
Arguments:
Arg1: 00000000
Arg2: 00000000
Arg3: 00000000
Arg4: 00000000
Debugging Details:
------------------
PROCESS_NAME: System
FAULTING_IP:
nt!KeUpdateRunTime+248
818285bd cd2c int 2Ch
EXCEPTION_RECORD: ffffffff – (.exr 0xffffffffffffffff)
.exr 0xffffffffffffffff
ExceptionAddress: 818285bd (nt!KeUpdateRunTime+0x00000248)
ExceptionCode: c0000420 (Assertion failure)
ExceptionFlags: 00000000
NumberParameters: 0
ERROR_CODE: (NTSTATUS) 0xc0000420 -
DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT
BUGCHECK_STR: 0x0
CURRENT_IRQL: 1c
LAST_CONTROL_TRANSFER: from 8189056d to 818285bd
STACK_TEXT:
80606bb4 8189056d 016d2d02 000000d1 80606c4c nt!KeUpdateRunTime+0x248
80606bb4 8185edc2 016d2d02 000000d1 80606c4c nt!KeUpdateSystemTime+0xed
80606c34 8185f25d 80606c84 80606c6c 00000001 nt!FindNodeOrParent+0x2
80606c4c 8185f238 8441eb28 80606c84 80606c6c nt!RtlLookupElementGenericTableFullAvl+0x16
80606c64 8186d6e5 8441eb28 80606c84 000002d0 nt!RtlLookupElementGenericTableAvl+0x18
80606c90 81adde34 81ae8320 867684d8 000002d0 nt!VfAvlLookupTreeNode+0x6b
80606cb4 818789ee 867684d8 80606d2c 818e8030 nt!VfCheckForLookaside+0x3b
80606cc0 818e8030 867684d8 000002d0 0c3f76cb nt!ExpCheckForLookaside+0x19
80606d2c 82406ec2 867684e0 00000000 80606d50 nt!ExFreePoolWithTag+0x4c6
80606d3c 824068a6 860770d0 867684e0 00000000 crcdisk!FreePool+0x34
80606d50 82406b43 860770d0 867684e0 000035c0 crcdisk!FreeDeferredCheckSumEntry+0x12
80606d74 82406d01 867684e0 023f76cb 000035c0 crcdisk!VerifyOrStoreSectorCheckSum+0x293
80606da4 8240621a 0000003b a0d4cf00 0c3f7690 crcdisk!VerifyCheckSum+0xa9
80606de0 82406570 000770d0 0000b800 80606e9c crcdisk!CompleteXfer+0x16a
80606df4 81acec69 86077018 a0d4cf00 8672b950 crcdisk!CrcScsiReadCompletion+0x20
80606e2c 818acb3b 86077018 a0d4cf00 80606e9c nt!IovpLocalCompletionRoutine+0xcc
80606e64 81aceb53 00000000 a0d4cf00 a0d4cf00 nt!IopfCompleteRequest+0x13d
80606ed4 8179d2b1 8672b764 867a2008 80606f04 nt!IovCompleteRequest+0x11c
80606ee4 8179dc94 84d12c68 a0d4cf00 8672b764 ataport!IdeCompleteScsiIrp+0x31
80606f04 8179afc4 84d12c68 00000000 80606f34 ataport!IdeCommonCrbCompletion+0x44
80606f14 8179fe21 8566c0e0 867a2008 867a2008 ataport!IdeTranslateCompletedRequest+0x26
80606f34 817a0057 8566c0e0 867a2008 818f4820 ataport!IdeProcessCompletedRequests+0x121
80606f88 818a93ae 8566c09c 8566c028 00000000 ataport!IdePortCompletionDpc+0xab
80606ff4 81890d8d 83198c40 00905a4d 00000003 nt!KiRetireDpcList+0x147
80606ff8 83198c40 00905a4d 00000003 00000004 nt!KiDispatchInterrupt+0x3d
WARNING: Frame IP not in any known module. Following frames may be wrong.
80606ffc 00905a4d 00000003 00000004 0000ffff 0x83198c40
80607000 00000000 00000004 0000ffff 000000b8 0x905a4d
STACK_COMMAND: kb
FOLLOWUP_IP:
crcdisk!FreePool+34
82406ec2 5d pop ebp
SYMBOL_STACK_INDEX: 9
SYMBOL_NAME: crcdisk!FreePool+34
FOLLOWUP_NAME: MachineOwner
MODULE_NAME: crcdisk
IMAGE_NAME: crcdisk.sys
DEBUG_FLR_IMAGE_TIMESTAMP: 4549b1cb
FAILURE_BUCKET_ID: 0x0_VRF_crcdisk!FreePool+34
BUCKET_ID: 0x0_VRF_crcdisk!FreePool+34
Followup: MachineOwner
---------
Thanks.