Hi OSR,
I am developing a file system driver. I am using an infinite automation test suite for stress testing. This test tool executes 40 test applications( read write etc.) simultaneously and will wait till all thread complete their operations. Once completed it again executes those 40 applications and so on. After 10 hrs. of testing, it throws below exception to winDbg. Driver verifier is on. I tried using procmon to see which API is causing this error but nothing found out of this exercise. Please have a look on below details. If you do not find anything , please let me know the way I should debug it. Any comment on it would be a great help and thanks in advance.
OSR Addict,
~Suresh
*** An Access Violation occurred in rundll32.exe shell32.dll,Activate_RunDLL:
The instruction at 74755A0F tried to read from an invalid address, 00A50004
*** enter .exr 0007F448 for the exception record
*** enter .cxr 0007F464 for the context
*** then kb to get the faulting stack
Break instruction exception - code 80000003 (first chance)
ntdll!DbgBreakPoint:
001b:7c90120e cc int 3
1: kd> .exr 0007F448
ExceptionAddress: 74755a0f (MSCTF!TF_RunInputCPL+0x00004930)
ExceptionCode: c0000005 (Access violation)
ExceptionFlags: 00000000
NumberParameters: 2
Parameter[0]: 00000000
Parameter[1]: 00a50004
Attempt to read from address 00a50004
1: kd> .cxr 0007F464
eax=00a10000 ebx=7476300c ecx=00002000 edx=00a50004 esi=0000200a edi=00015dd0
eip=74755a0f esp=0007f730 ebp=0007f738 iopl=0 nv up ei ng nz ac pe cy
cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00010297
MSCTF!TF_RunInputCPL+0x4930:
001b:74755a0f 8b3a mov edi,dword ptr [edx] ds:0023:00a50004=???
1: kd> kb
*** Stack trace for last set context - .thread/.cxr resets it
ChildEBP RetAddr Args to Child
WARNING: Stack unwind information not available. Following frames may be wrong.
0007f738 74725e75 00015e9c 00000000 000994b0 MSCTF!TF_RunInputCPL+0x4930
0007f774 74725eb9 00015e9c 00000000 000994b0 MSCTF!DllGetClassObject+0x1aa2
0007f78c 74724733 000994b0 00000003 00050003 MSCTF!DllGetClassObject+0x1ae6
0007f7c8 74730929 00000003 00050003 0007f898 MSCTF!DllGetClassObject+0x360
0007f7fc 74730e7c 00015e9c 00000003 00050003 MSCTF!TF_DllDetachInOther+0x1647
0007f838 7e431923 00000003 004c06c8 0007f898 MSCTF!TF_UninitSystem+0x49b
0007f86c 7e44f8e7 00050003 004c06c8 0007f898 USER32!UnhookWinEvent+0x77
0007f8a0 7c90e453 0007f8b0 0000007c 0000007c USER32!InsertMenuItemA+0x1d7
0007f8a0 805016ec 0007f8b0 0000007c 0000007c ntdll!KiUserCallbackDispatcher+0x13
b5e57714 805a1d39 b5e57864 b5e57868 b5e57838 nt!KiCallUserMode+0x4
b5e57770 bf90cd10 0000002a b5e5789c 0000007c nt!KeUserModeCallback+0x87
b5e57ab8 bf852268 00050003 004c06c8 b5e57c14 win32k!PATHOBJ_bEnumClipLines+0x784
b5e57af0 bf83c702 74730e2e 00000003 004c06c8 win32k!EngMultiByteToWideChar+0x29a8
b5e57b68 bf83c8d5 03665a88 00000003 004c06c8 win32k!EngCreateBitmap+0x483a
b5e57b84 bf83db56 00000003 004c06c8 00000002 win32k!EngCreateBitmap+0x4a0d
b5e57c6c bf834ab7 00000080 00000000 bc69eec0 win32k!EngCreateBitmap+0x5c8e
b5e57d20 8054161c 00000080 b5e57cec b5e57ce0 win32k!EngLockSurface+0xf98
b5e57d20 7c90e4f4 00000080 b5e57cec b5e57ce0 nt!KiFastCallEntry+0xfc
0007f8a0 7c90e453 0007f8b0 0000007c 0000007c ntdll!KiFastSystemCallRet
0007f928 7e42e389 7e42e34f 00000080 0007fe50 ntdll!KiUserCallbackDispatcher+0x13