Getting BSOD on WdfObjectDelete() of WdfDeviceMiniportCreate() object

Hi

This is my first post here and i am new to Windows device driver programming.

I am creating and unloading a WDF device in NDIS miniport driver to be able to query an interface created by lower WDF based bus driver’s PDO as below

DriverEntry() {

…

WDF_DRIVER_CONFIG_INIT(&config, WDF_NO_EVENT_CALLBACK);

config.DriverInitFlags |= WdfDriverInitNoDispatchOverride;

status = WdfDriverCreate((PDRIVER_OBJECT)DriverObject, (PCUNICODE_STRING)RegistryPath, WDF_NO_OBJECT_ATTRIBUTES, &config, &hWdfDriver);

…

Status = NdisMRegisterMiniportDriver(
DriverObject,
RegistryPath,
&GlobalData,
&MPChar,
&NdisDriverHandle);

…

}

MPInitializeEx() {

…

NdisMGetDeviceProperty(
MiniportAdapterHandle,
&Adapter->Pdo,
&Adapter->Fdo,
&Adapter->NextDeviceObject,
&ResourcesRaw,
&ResourcesTranslated);

WDF_OBJECT_ATTRIBUTES_INIT_CONTEXT_TYPE(&fdoAttributes, WDF_DEVICE_INFO);

status = WdfDeviceMiniportCreate(WdfGetDriver(), &fdoAttributes, &Adapter->Fdo, &Adapter->NextDeviceObject, &Adapter->Pdo, &Adapter->hWdfDevice);

status = WdfFdoQueryForInterface((WDFDEVICE)(Adapter->hWdfDevice),
&GUID_TOASTER_INTERFACE_STANDARD,
(PINTERFACE)&ToasterInterface,
sizeof(TOASTER_INTERFACE_STANDARD),
1,
NULL); // InterfaceSpecific Data

…

}

MPHaltEx() {

…

NICFreeAdapter(Adapter);

…

}

NICFreeAdapter() {

…
if (Adapter->hWdfDevice) {
WdfObjectDelete(Adapter->hWdfDevice); //WdfObjectDelete method deletes a framework object and its child objects.
Adapter->hWdfDevice = NULL;
}

//
// Finally free the memory for adapter context.
//
NdisFreeMemory(Adapter->UnalignedAdapterBuffer, Adapter->UnalignedAdapterBufferSize, 0);

…

}

DriverUnload(() {

…

WdfDriverMiniportUnload(WdfGetDriver());

//
// Clean up all globals that were allocated in DriverEntry
//

ASSERT(IsListEmpty(&GlobalData.AdapterList));

if (GlobalData.Flags & fGLOBAL_MINIPORT_REGISTERED)
{
//
// Since DriverEntry has successfully called NdisMRegisterMiniportDriver,
// NdisMDeregisterMiniportDriver must be called to release NDIS’s per-driver
// resources.
//
DbgPrint(“Calling NdisMDeregisterMiniportDriver…\n”);
NdisMDeregisterMiniportDriver(NdisDriverHandle);
}

…

}

Things related to framework driver and device creation & interface query are working well but on driver uninstallation/disabling from device manager i get BSOD/system crash with Reference_By_Pointer error.

I have followed the NDIS virtual miniport and Toaster Bus samples. Also verified the framework object creation and unloading in usbnwifi sample but still am getting the system crash on driver unload. Any help would be appreciated.

Post the output of !analyze -v

d

Bent from my phone

From: xxxxx@yahoo.co.inmailto:xxxxx
Sent: ?1/?2/?2015 12:40 AM
To: Windows System Software Devs Interest Listmailto:xxxxx
Subject: [ntdev] Getting BSOD on WdfObjectDelete() of WdfDeviceMiniportCreate() object

Hi

This is my first post here and i am new to Windows device driver programming.

I am creating and unloading a WDF device in NDIS miniport driver to be able to query an interface created by lower WDF based bus driver’s PDO as below

DriverEntry() {

…

WDF_DRIVER_CONFIG_INIT(&config, WDF_NO_EVENT_CALLBACK);

config.DriverInitFlags |= WdfDriverInitNoDispatchOverride;

status = WdfDriverCreate((PDRIVER_OBJECT)DriverObject, (PCUNICODE_STRING)RegistryPath, WDF_NO_OBJECT_ATTRIBUTES, &config, &hWdfDriver);

…

Status = NdisMRegisterMiniportDriver(
DriverObject,
RegistryPath,
&GlobalData,
&MPChar,
&NdisDriverHandle);

…

}

MPInitializeEx() {

…

NdisMGetDeviceProperty(
MiniportAdapterHandle,
&Adapter->Pdo,
&Adapter->Fdo,
&Adapter->NextDeviceObject,
&ResourcesRaw,
&ResourcesTranslated);

WDF_OBJECT_ATTRIBUTES_INIT_CONTEXT_TYPE(&fdoAttributes, WDF_DEVICE_INFO);

status = WdfDeviceMiniportCreate(WdfGetDriver(), &fdoAttributes, &Adapter->Fdo, &Adapter->NextDeviceObject, &Adapter->Pdo, &Adapter->hWdfDevice);

status = WdfFdoQueryForInterface((WDFDEVICE)(Adapter->hWdfDevice),
&GUID_TOASTER_INTERFACE_STANDARD,
(PINTERFACE)&ToasterInterface,
sizeof(TOASTER_INTERFACE_STANDARD),
1,
NULL); // InterfaceSpecific Data

…

}

MPHaltEx() {

…

NICFreeAdapter(Adapter);

…

}

NICFreeAdapter() {

…
if (Adapter->hWdfDevice) {
WdfObjectDelete(Adapter->hWdfDevice); //WdfObjectDelete method deletes a framework object and its child objects.
Adapter->hWdfDevice = NULL;
}

//
// Finally free the memory for adapter context.
//
NdisFreeMemory(Adapter->UnalignedAdapterBuffer, Adapter->UnalignedAdapterBufferSize, 0);

…

}

DriverUnload(() {

…

WdfDriverMiniportUnload(WdfGetDriver());

//
// Clean up all globals that were allocated in DriverEntry
//

ASSERT(IsListEmpty(&GlobalData.AdapterList));

if (GlobalData.Flags & fGLOBAL_MINIPORT_REGISTERED)
{
//
// Since DriverEntry has successfully called NdisMRegisterMiniportDriver,
// NdisMDeregisterMiniportDriver must be called to release NDIS’s per-driver
// resources.
//
DbgPrint(“Calling NdisMDeregisterMiniportDriver…\n”);
NdisMDeregisterMiniportDriver(NdisDriverHandle);
}

…

}

Things related to framework driver and device creation & interface query are working well but on driver uninstallation/disabling from device manager i get BSOD/system crash with Reference_By_Pointer error.

I have followed the NDIS virtual miniport and Toaster Bus samples. Also verified the framework object creation and unloading in usbnwifi sample but still am getting the system crash on driver unload. Any help would be appreciated.

—
NTDEV is sponsored by OSR

Visit the list at: http://www.osronline.com/showlists.cfm?list=ntdev

OSR is HIRING!! See http://www.osr.com/careers

For our schedule of WDF, WDM, debugging and other seminars visit:
http://www.osr.com/seminars

To unsubscribe, visit the List Server section of OSR Online at http://www.osronline.com/page.cfm?name=ListServer</mailto:xxxxx></mailto:xxxxx>

I donot have expertise to connect a debugger and execute the command. But i am getting crash minidumps which i can open in WinDbg and also load symbol file from Visual Studio project folder and then run
!analyze -v

Here is the output
######################################################################################################

Microsoft (R) Windows Debugger Version 6.3.9600.17029 AMD64
Copyright (c) Microsoft Corporation. All rights reserved.

Loading Dump File [D:\workfolders\noel\NDIS Virtual Miniport Driver\C++\620\x64\Win7Debug\010215-19702-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available

************* Symbol Path validation summary **************
Response Time (ms) Location
OK .

************* Symbol Path validation summary **************
Response Time (ms) Location
OK .
Symbol search path is: .
Executable search path is: .
Unable to load image ntoskrnl.exe, Win32 error 0n2
*** WARNING: Unable to verify timestamp for ntoskrnl.exe
*** ERROR: Module load completed but symbols could not be loaded for ntoskrnl.exe
Windows 7 Kernel Version 7601 (Service Pack 1) MP (8 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS
Machine Name:
Kernel base = 0xfffff80003c68000 PsLoadedModuleList = 0xfffff80003eab6d0
Debug session time: Fri Jan 2 22:04:30.097 2015 (UTC + 5:30)
System Uptime: 0 days 0:10:16.909
Unable to load image ntoskrnl.exe, Win32 error 0n2
*** WARNING: Unable to verify timestamp for ntoskrnl.exe
*** ERROR: Module load completed but symbols could not be loaded for ntoskrnl.exe
Loading Kernel Symbols
…
…
…
Loading User Symbols
Loading unloaded module list
…

************* Symbol Loading Error Summary **************
Module name Error
ntoskrnl The system cannot find the file specified

You can troubleshoot most symbol related issues by turning on symbol loading diagnostics (!sym noisy) and repeating the command that caused symbols to be loaded.
You should also verify that your symbol search path (.sympath) is correct.
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck 1000007E, {ffffffffc0000005, fffff80003ce6e88, fffff88003b85e98, fffff88003b856f0}

***** Kernel symbols are WRONG. Please fix symbols to do analysis.

*************************************************************************
*** ***
*** ***
*** Either you specified an unqualified symbol, or your debugger ***
*** doesn’t have full symbol information. Unqualified symbol ***
*** resolution is turned off by default. Please either specify a ***
*** fully qualified symbol module!symbolname, or enable resolution ***
*** of unqualified symbols by typing “.symopt- 100”. Note that ***
*** enabling unqualified symbol resolution with network symbol ***
*** server shares in the symbol path may cause the debugger to ***
*** appear to hang for long periods of time when an incorrect ***
*** symbol name is typed or the network symbol server is down. ***
*** ***
*** For some commands to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!_KPRCB ***
*** ***
*************************************************************************
*************************************************************************
*** ***
*** ***
*** Either you specified an unqualified symbol, or your debugger ***
*** doesn’t have full symbol information. Unqualified symbol ***
*** resolution is turned off by default. Please either specify a ***
*** fully qualified symbol module!symbolname, or enable resolution ***
*** of unqualified symbols by typing “.symopt- 100”. Note that ***
*** enabling unqualified symbol resolution with network symbol ***
*** server shares in the symbol path may cause the debugger to ***
*** appear to hang for long periods of time when an incorrect ***
*** symbol name is typed or the network symbol server is down. ***
*** ***
*** For some commands to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!KPRCB ***
*** ***
*************************************************************************
*************************************************************************
*** ***
*** ***
*** Either you specified an unqualified symbol, or your debugger ***
*** doesn’t have full symbol information. Unqualified symbol ***
*** resolution is turned off by default. Please either specify a ***
*** fully qualified symbol module!symbolname, or enable resolution ***
*** of unqualified symbols by typing “.symopt- 100”. Note that ***
*** enabling unqualified symbol resolution with network symbol ***
*** server shares in the symbol path may cause the debugger to ***
*** appear to hang for long periods of time when an incorrect ***
*** symbol name is typed or the network symbol server is down. ***
*** ***
*** For some commands to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!_KPRCB ***
*** ***
*************************************************************************
*************************************************************************
*** ***
*** ***
*** Either you specified an unqualified symbol, or your debugger ***
*** doesn’t have full symbol information. Unqualified symbol ***
*** resolution is turned off by default. Please either specify a ***
*** fully qualified symbol module!symbolname, or enable resolution ***
*** of unqualified symbols by typing “.symopt- 100”. Note that ***
*** enabling unqualified symbol resolution with network symbol ***
*** server shares in the symbol path may cause the debugger to ***
*** appear to hang for long periods of time when an incorrect ***
*** symbol name is typed or the network symbol server is down. ***
*** ***
*** For some commands to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!KPRCB ***
*** ***
*************************************************************************
*************************************************************************
*** ***
*** ***
*** Either you specified an unqualified symbol, or your debugger ***
*** doesn’t have full symbol information. Unqualified symbol ***
*** resolution is turned off by default. Please either specify a ***
*** fully qualified symbol module!symbolname, or enable resolution ***
*** of unqualified symbols by typing “.symopt- 100”. Note that ***
*** enabling unqualified symbol resolution with network symbol ***
*** server shares in the symbol path may cause the debugger to ***
*** appear to hang for long periods of time when an incorrect ***
*** symbol name is typed or the network symbol server is down. ***
*** ***
*** For some commands to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!_KPRCB ***
*** ***
*************************************************************************
*************************************************************************
*** ***
*** ***
*** Either you specified an unqualified symbol, or your debugger ***
*** doesn’t have full symbol information. Unqualified symbol ***
*** resolution is turned off by default. Please either specify a ***
*** fully qualified symbol module!symbolname, or enable resolution ***
*** of unqualified symbols by typing “.symopt- 100”. Note that ***
*** enabling unqualified symbol resolution with network symbol ***
*** server shares in the symbol path may cause the debugger to ***
*** appear to hang for long periods of time when an incorrect ***
*** symbol name is typed or the network symbol server is down. ***
*** ***
*** For some commands to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!_KPRCB ***
*** ***
*************************************************************************
*************************************************************************
*** ***
*** ***
*** Either you specified an unqualified symbol, or your debugger ***
*** doesn’t have full symbol information. Unqualified symbol ***
*** resolution is turned off by default. Please either specify a ***
*** fully qualified symbol module!symbolname, or enable resolution ***
*** of unqualified symbols by typing “.symopt- 100”. Note that ***
*** enabling unqualified symbol resolution with network symbol ***
*** server shares in the symbol path may cause the debugger to ***
*** appear to hang for long periods of time when an incorrect ***
*** symbol name is typed or the network symbol server is down. ***
*** ***
*** For some commands to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!_KPRCB ***
*** ***
*************************************************************************
*************************************************************************
*** ***
*** ***
*** Either you specified an unqualified symbol, or your debugger ***
*** doesn’t have full symbol information. Unqualified symbol ***
*** resolution is turned off by default. Please either specify a ***
*** fully qualified symbol module!symbolname, or enable resolution ***
*** of unqualified symbols by typing “.symopt- 100”. Note that ***
*** enabling unqualified symbol resolution with network symbol ***
*** server shares in the symbol path may cause the debugger to ***
*** appear to hang for long periods of time when an incorrect ***
*** symbol name is typed or the network symbol server is down. ***
*** ***
*** For some commands to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!_KPRCB ***
*** ***
*************************************************************************
Probably caused by : ntoskrnl.exe ( nt+7ee88 )

Followup: MachineOwner

6: kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************

SYSTEM_THREAD_EXCEPTION_NOT_HANDLED_M (1000007e)
This is a very common bugcheck. Usually the exception address pinpoints
the driver/function that caused the problem. Always note this address
as well as the link date of the driver/image that contains this address.
Some common problems are exception code 0x80000003. This means a hard
coded breakpoint or assertion was hit, but this system was booted
/NODEBUG. This is not supposed to happen as developers should never have
hardcoded breakpoints in retail code, but …
If this happens, make sure a debugger gets connected, and the
system is booted /DEBUG. This will let us see why this breakpoint is
happening.
Arguments:
Arg1: ffffffffc0000005, The exception code that was not handled
Arg2: fffff80003ce6e88, The address that the exception occurred at
Arg3: fffff88003b85e98, Exception Record Address
Arg4: fffff88003b856f0, Context Record Address

Debugging Details:

***** Kernel symbols are WRONG. Please fix symbols to do analysis.

*************************************************************************
*** ***
*** ***
*** Either you specified an unqualified symbol, or your debugger ***
*** doesn’t have full symbol information. Unqualified symbol ***
*** resolution is turned off by default. Please either specify a ***
*** fully qualified symbol module!symbolname, or enable resolution ***
*** of unqualified symbols by typing “.symopt- 100”. Note that ***
*** enabling unqualified symbol resolution with network symbol ***
*** server shares in the symbol path may cause the debugger to ***
*** appear to hang for long periods of time when an incorrect ***
*** symbol name is typed or the network symbol server is down. ***
*** ***
*** For some commands to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!_KPRCB ***
*** ***
*************************************************************************
*************************************************************************
*** ***
*** ***
*** Either you specified an unqualified symbol, or your debugger ***
*** doesn’t have full symbol information. Unqualified symbol ***
*** resolution is turned off by default. Please either specify a ***
*** fully qualified symbol module!symbolname, or enable resolution ***
*** of unqualified symbols by typing “.symopt- 100”. Note that ***
*** enabling unqualified symbol resolution with network symbol ***
*** server shares in the symbol path may cause the debugger to ***
*** appear to hang for long periods of time when an incorrect ***
*** symbol name is typed or the network symbol server is down. ***
*** ***
*** For some commands to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!KPRCB ***
*** ***
*************************************************************************
*************************************************************************
*** ***
*** ***
*** Either you specified an unqualified symbol, or your debugger ***
*** doesn’t have full symbol information. Unqualified symbol ***
*** resolution is turned off by default. Please either specify a ***
*** fully qualified symbol module!symbolname, or enable resolution ***
*** of unqualified symbols by typing “.symopt- 100”. Note that ***
*** enabling unqualified symbol resolution with network symbol ***
*** server shares in the symbol path may cause the debugger to ***
*** appear to hang for long periods of time when an incorrect ***
*** symbol name is typed or the network symbol server is down. ***
*** ***
*** For some commands to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!_KPRCB ***
*** ***
*************************************************************************
*************************************************************************
*** ***
*** ***
*** Either you specified an unqualified symbol, or your debugger ***
*** doesn’t have full symbol information. Unqualified symbol ***
*** resolution is turned off by default. Please either specify a ***
*** fully qualified symbol module!symbolname, or enable resolution ***
*** of unqualified symbols by typing “.symopt- 100”. Note that ***
*** enabling unqualified symbol resolution with network symbol ***
*** server shares in the symbol path may cause the debugger to ***
*** appear to hang for long periods of time when an incorrect ***
*** symbol name is typed or the network symbol server is down. ***
*** ***
*** For some commands to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!KPRCB ***
*** ***
*************************************************************************
*************************************************************************
*** ***
*** ***
*** Either you specified an unqualified symbol, or your debugger ***
*** doesn’t have full symbol information. Unqualified symbol ***
*** resolution is turned off by default. Please either specify a ***
*** fully qualified symbol module!symbolname, or enable resolution ***
*** of unqualified symbols by typing “.symopt- 100”. Note that ***
*** enabling unqualified symbol resolution with network symbol ***
*** server shares in the symbol path may cause the debugger to ***
*** appear to hang for long periods of time when an incorrect ***
*** symbol name is typed or the network symbol server is down. ***
*** ***
*** For some commands to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!_KPRCB ***
*** ***
*************************************************************************
*************************************************************************
*** ***
*** ***
*** Either you specified an unqualified symbol, or your debugger ***
*** doesn’t have full symbol information. Unqualified symbol ***
*** resolution is turned off by default. Please either specify a ***
*** fully qualified symbol module!symbolname, or enable resolution ***
*** of unqualified symbols by typing “.symopt- 100”. Note that ***
*** enabling unqualified symbol resolution with network symbol ***
*** server shares in the symbol path may cause the debugger to ***
*** appear to hang for long periods of time when an incorrect ***
*** symbol name is typed or the network symbol server is down. ***
*** ***
*** For some commands to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!_KPRCB ***
*** ***
*************************************************************************
*************************************************************************
*** ***
*** ***
*** Either you specified an unqualified symbol, or your debugger ***
*** doesn’t have full symbol information. Unqualified symbol ***
*** resolution is turned off by default. Please either specify a ***
*** fully qualified symbol module!symbolname, or enable resolution ***
*** of unqualified symbols by typing “.symopt- 100”. Note that ***
*** enabling unqualified symbol resolution with network symbol ***
*** server shares in the symbol path may cause the debugger to ***
*** appear to hang for long periods of time when an incorrect ***
*** symbol name is typed or the network symbol server is down. ***
*** ***
*** For some commands to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!_KPRCB ***
*** ***
*************************************************************************
*************************************************************************
*** ***
*** ***
*** Either you specified an unqualified symbol, or your debugger ***
*** doesn’t have full symbol information. Unqualified symbol ***
*** resolution is turned off by default. Please either specify a ***
*** fully qualified symbol module!symbolname, or enable resolution ***
*** of unqualified symbols by typing “.symopt- 100”. Note that ***
*** enabling unqualified symbol resolution with network symbol ***
*** server shares in the symbol path may cause the debugger to ***
*** appear to hang for long periods of time when an incorrect ***
*** symbol name is typed or the network symbol server is down. ***
*** ***
*** For some commands to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!_KPRCB ***
*** ***
*************************************************************************

ADDITIONAL_DEBUG_TEXT:
You can run ‘.symfix; .reload’ to try to fix the symbol path and load symbols.

MODULE_NAME: nt

FAULTING_MODULE: fffff80003c68000 nt

DEBUG_FLR_IMAGE_TIMESTAMP: 521ea035

EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x%08lx referenced memory at 0x%08lx. The memory could not be %s.

FAULTING_IP:
nt+7ee88
fffff800`03ce6e88 ff9698000000 call qword ptr [rsi+98h]

EXCEPTION_RECORD: fffff88003b85e98 – (.exr 0xfffff88003b85e98)
ExceptionAddress: fffff80003ce6e88 (nt+0x000000000007ee88)
ExceptionCode: c0000005 (Access violation)
ExceptionFlags: 00000000
NumberParameters: 2
Parameter[0]: 0000000000000000
Parameter[1]: 0000000000000098
Attempt to read from address 0000000000000098

CONTEXT: fffff88003b856f0 – (.cxr 0xfffff88003b856f0;r)
rax=fffffa802006d050 rbx=0000000000000000 rcx=fffffa802006d058
rdx=0000000000000002 rsi=0000000000000000 rdi=fffffa802006d028
rip=fffff80003ce6e88 rsp=fffff88003b860d0 rbp=fffffa802005e600
r8=0000000000000000 r9=0000000000000000 r10=0000000000000000
r11=fffff88003917180 r12=fffff880010dec70 r13=0000000000000001
r14=fffffa802005e660 r15=0000000000000000
iopl=0 nv up ei pl zr na po nc
cs=0010 ss=0018 ds=002b es=002b fs=0053 gs=002b efl=00010246
nt+0x7ee88:
fffff80003ce6e88 ff9698000000 call qword ptr [rsi+98h] ds:002b:0000000000000098=???
Last set context:
rax=fffffa802006d050 rbx=0000000000000000 rcx=fffffa802006d058
rdx=0000000000000002 rsi=0000000000000000 rdi=fffffa802006d028
rip=fffff80003ce6e88 rsp=fffff88003b860d0 rbp=fffffa802005e600
r8=0000000000000000 r9=0000000000000000 r10=0000000000000000
r11=fffff88003917180 r12=fffff880010dec70 r13=0000000000000001
r14=fffffa802005e660 r15=0000000000000000
iopl=0 nv up ei pl zr na po nc
cs=0010 ss=0018 ds=002b es=002b fs=0053 gs=002b efl=00010246
nt+0x7ee88:
fffff80003ce6e88 ff9698000000 call qword ptr [rsi+98h] ds:002b:0000000000000098=???
Resetting default scope

CUSTOMER_CRASH_COUNT: 1

DEFAULT_BUCKET_ID: WIN7_DRIVER_FAULT

BUGCHECK_STR: 0x7E

CURRENT_IRQL: 0

ANALYSIS_VERSION: 6.3.9600.17029 (debuggers(dbg).140219-1702) amd64fre

LAST_CONTROL_TRANSFER: from 0000000000000000 to fffff80003ce6e88

STACK_TEXT:
fffff88003b860d0 0000000000000000 : fffff88003b86100 fffff88003917180 fffff880010dec70 0000000000000000 : nt+0x7ee88

FOLLOWUP_IP:
nt+7ee88
fffff800`03ce6e88 ff9698000000 call qword ptr [rsi+98h]

SYMBOL_STACK_INDEX: 0

SYMBOL_NAME: nt+7ee88

FOLLOWUP_NAME: MachineOwner

IMAGE_NAME: ntoskrnl.exe

STACK_COMMAND: .cxr 0xfffff88003b856f0 ; kb

BUCKET_ID: WRONG_SYMBOLS

FAILURE_BUCKET_ID: WRONG_SYMBOLS

ANALYSIS_SOURCE: KM

FAILURE_ID_HASH_STRING: km:wrong_symbols

FAILURE_ID_HASH: {70b057e8-2462-896f-28e7-ac72d4d365f8}

Followup: MachineOwner

######################################################################################################

I have used kernel minidump and SymbolPath , ImagePath (instructed here http://msdn.microsoft.com/en-in/library/windows/hardware/ff538042(v=vs.85).aspx)
as the location where my driver files (.sys, .inf, .pdb etc) are built by Visual Studio 2013

Kindly help since i have already spent 4 working days in my company debugging this!

just for additional information

when i try the Wdf device object creation(WdfDeviceMiniportCreate) and deletion(WdfObjectDelete) in NDIS miniport driver sample(purely virtual), it still crashes on driver unload.

I managed to get the kernel dump in another driver with more free disk space. i have analysed it with Windbg specifying the symbol, source code, and image file path

Loading Dump File [D:\MEMORY.DMP]
Kernel Summary Dump File: Only kernel address space is available

************* Symbol Path validation summary **************
Response Time (ms) Location
OK D:\workfolders\noel\NDIS Virtual Miniport Driver\C++\620\x64\Win7Debug

************* Symbol Path validation summary **************
Response Time (ms) Location
OK D:\workfolders\noel\NDIS Virtual Miniport Driver\C++\620\x64\Win7Debug
Symbol search path is: D:\workfolders\noel\NDIS Virtual Miniport Driver\C++\620\x64\Win7Debug
Executable search path is: D:\workfolders\noel\NDIS Virtual Miniport Driver\C++\620\x64\Win7Debug
*** ERROR: Symbol file could not be found. Defaulted to export symbols for ntkrnlmp.exe -
Windows 7 Kernel Version 7601 (Service Pack 1) MP (8 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 7601.18247.amd64fre.win7sp1_gdr.130828-1532
Machine Name:
Kernel base = 0xfffff80003c18000 PsLoadedModuleList = 0xfffff80003e5b6d0
Debug session time: Fri Jan 2 22:51:08.304 2015 (UTC + 5:30)
System Uptime: 0 days 0:05:23.116
*** ERROR: Symbol file could not be found. Defaulted to export symbols for ntkrnlmp.exe -
Loading Kernel Symbols
…
…
…
Loading User Symbols

Loading unloaded module list
…

************* Symbol Loading Error Summary **************
Module name Error
ntkrnlmp The system cannot find the file specified

You can troubleshoot most symbol related issues by turning on symbol loading diagnostics (!sym noisy) and repeating the command that caused symbols to be loaded.
You should also verify that your symbol search path (.sympath) is correct.
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck 18, {0, fffffa8022669398, 2, ffffffffffffffff}

*** ERROR: Module load completed but symbols could not be loaded for Wdf01000.sys
*** ERROR: Symbol file could not be found. Defaulted to export symbols for ndis.sys -
***** Kernel symbols are WRONG. Please fix symbols to do analysis.

*************************************************************************
*** ***
*** ***
*** Either you specified an unqualified symbol, or your debugger ***
*** doesn’t have full symbol information. Unqualified symbol ***
*** resolution is turned off by default. Please either specify a ***
*** fully qualified symbol module!symbolname, or enable resolution ***
*** of unqualified symbols by typing “.symopt- 100”. Note that ***
*** enabling unqualified symbol resolution with network symbol ***
*** server shares in the symbol path may cause the debugger to ***
*** appear to hang for long periods of time when an incorrect ***
*** symbol name is typed or the network symbol server is down. ***
*** ***
*** For some commands to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!_KPRCB ***
*** ***
*************************************************************************
*************************************************************************
*** ***
*** ***
*** Either you specified an unqualified symbol, or your debugger ***
*** doesn’t have full symbol information. Unqualified symbol ***
*** resolution is turned off by default. Please either specify a ***
*** fully qualified symbol module!symbolname, or enable resolution ***
*** of unqualified symbols by typing “.symopt- 100”. Note that ***
*** enabling unqualified symbol resolution with network symbol ***
*** server shares in the symbol path may cause the debugger to ***
*** appear to hang for long periods of time when an incorrect ***
*** symbol name is typed or the network symbol server is down. ***
*** ***
*** For some commands to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!KPRCB ***
*** ***
*************************************************************************
*************************************************************************
*** ***
*** ***
*** Either you specified an unqualified symbol, or your debugger ***
*** doesn’t have full symbol information. Unqualified symbol ***
*** resolution is turned off by default. Please either specify a ***
*** fully qualified symbol module!symbolname, or enable resolution ***
*** of unqualified symbols by typing “.symopt- 100”. Note that ***
*** enabling unqualified symbol resolution with network symbol ***
*** server shares in the symbol path may cause the debugger to ***
*** appear to hang for long periods of time when an incorrect ***
*** symbol name is typed or the network symbol server is down. ***
*** ***
*** For some commands to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!_KPRCB ***
*** ***
*************************************************************************
*************************************************************************
*** ***
*** ***
*** Either you specified an unqualified symbol, or your debugger ***
*** doesn’t have full symbol information. Unqualified symbol ***
*** resolution is turned off by default. Please either specify a ***
*** fully qualified symbol module!symbolname, or enable resolution ***
*** of unqualified symbols by typing “.symopt- 100”. Note that ***
*** enabling unqualified symbol resolution with network symbol ***
*** server shares in the symbol path may cause the debugger to ***
*** appear to hang for long periods of time when an incorrect ***
*** symbol name is typed or the network symbol server is down. ***
*** ***
*** For some commands to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!KPRCB ***
*** ***
*************************************************************************
*************************************************************************
*** ***
*** ***
*** Either you specified an unqualified symbol, or your debugger ***
*** doesn’t have full symbol information. Unqualified symbol ***
*** resolution is turned off by default. Please either specify a ***
*** fully qualified symbol module!symbolname, or enable resolution ***
*** of unqualified symbols by typing “.symopt- 100”. Note that ***
*** enabling unqualified symbol resolution with network symbol ***
*** server shares in the symbol path may cause the debugger to ***
*** appear to hang for long periods of time when an incorrect ***
*** symbol name is typed or the network symbol server is down. ***
*** ***
*** For some commands to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!_KPRCB ***
*** ***
*************************************************************************
*************************************************************************
*** ***
*** ***
*** Either you specified an unqualified symbol, or your debugger ***
*** doesn’t have full symbol information. Unqualified symbol ***
*** resolution is turned off by default. Please either specify a ***
*** fully qualified symbol module!symbolname, or enable resolution ***
*** of unqualified symbols by typing “.symopt- 100”. Note that ***
*** enabling unqualified symbol resolution with network symbol ***
*** server shares in the symbol path may cause the debugger to ***
*** appear to hang for long periods of time when an incorrect ***
*** symbol name is typed or the network symbol server is down. ***
*** ***
*** For some commands to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!_KPRCB ***
*** ***
*************************************************************************
*************************************************************************
*** ***
*** ***
*** Either you specified an unqualified symbol, or your debugger ***
*** doesn’t have full symbol information. Unqualified symbol ***
*** resolution is turned off by default. Please either specify a ***
*** fully qualified symbol module!symbolname, or enable resolution ***
*** of unqualified symbols by typing “.symopt- 100”. Note that ***
*** enabling unqualified symbol resolution with network symbol ***
*** server shares in the symbol path may cause the debugger to ***
*** appear to hang for long periods of time when an incorrect ***
*** symbol name is typed or the network symbol server is down. ***
*** ***
*** For some commands to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!_MMPTE ***
*** ***
*************************************************************************
*************************************************************************
*** ***
*** ***
*** Either you specified an unqualified symbol, or your debugger ***
*** doesn’t have full symbol information. Unqualified symbol ***
*** resolution is turned off by default. Please either specify a ***
*** fully qualified symbol module!symbolname, or enable resolution ***
*** of unqualified symbols by typing “.symopt- 100”. Note that ***
*** enabling unqualified symbol resolution with network symbol ***
*** server shares in the symbol path may cause the debugger to ***
*** appear to hang for long periods of time when an incorrect ***
*** symbol name is typed or the network symbol server is down. ***
*** ***
*** For some commands to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!_MMPTE ***
*** ***
*************************************************************************
*************************************************************************
*** ***
*** ***
*** Either you specified an unqualified symbol, or your debugger ***
*** doesn’t have full symbol information. Unqualified symbol ***
*** resolution is turned off by default. Please either specify a ***
*** fully qualified symbol module!symbolname, or enable resolution ***
*** of unqualified symbols by typing “.symopt- 100”. Note that ***
*** enabling unqualified symbol resolution with network symbol ***
*** server shares in the symbol path may cause the debugger to ***
*** appear to hang for long periods of time when an incorrect ***
*** symbol name is typed or the network symbol server is down. ***
*** ***
*** For some commands to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!_MMPTE ***
*** ***
*************************************************************************
*************************************************************************
*** ***
*** ***
*** Either you specified an unqualified symbol, or your debugger ***
*** doesn’t have full symbol information. Unqualified symbol ***
*** resolution is turned off by default. Please either specify a ***
*** fully qualified symbol module!symbolname, or enable resolution ***
*** of unqualified symbols by typing “.symopt- 100”. Note that ***
*** enabling unqualified symbol resolution with network symbol ***
*** server shares in the symbol path may cause the debugger to ***
*** appear to hang for long periods of time when an incorrect ***
*** symbol name is typed or the network symbol server is down. ***
*** ***
*** For some commands to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!_KPRCB ***
*** ***
*************************************************************************
*************************************************************************
*** ***
*** ***
*** Either you specified an unqualified symbol, or your debugger ***
*** doesn’t have full symbol information. Unqualified symbol ***
*** resolution is turned off by default. Please either specify a ***
*** fully qualified symbol module!symbolname, or enable resolution ***
*** of unqualified symbols by typing “.symopt- 100”. Note that ***
*** enabling unqualified symbol resolution with network symbol ***
*** server shares in the symbol path may cause the debugger to ***
*** appear to hang for long periods of time when an incorrect ***
*** symbol name is typed or the network symbol server is down. ***
*** ***
*** For some commands to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!_KPRCB ***
*** ***
*************************************************************************
Probably caused by : netvmini620.sys ( netvmini620!WdfObjectDelete+36 )

Followup: MachineOwner

6: kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************

REFERENCE_BY_POINTER (18)
Arguments:
Arg1: 0000000000000000, Object type of the object whose reference count is being lowered
Arg2: fffffa8022669398, Object whose reference count is being lowered
Arg3: 0000000000000002, Reserved
Arg4: ffffffffffffffff, Reserved
The reference count of an object is illegal for the current state of the object.
Each time a driver uses a pointer to an object the driver calls a kernel routine
to increment the reference count of the object. When the driver is done with the
pointer the driver calls another kernel routine to decrement the reference count.
Drivers must match calls to the increment and decrement routines. This bugcheck
can occur because an object’s reference count goes to zero while there are still
open handles to the object, in which case the fourth parameter indicates the number
of opened handles. It may also occur when the object?s reference count drops below zero
whether or not there are open handles to the object, and in that case the fourth parameter
contains the actual value of the pointer references count.

Debugging Details:

***** Kernel symbols are WRONG. Please fix symbols to do analysis.

*************************************************************************
*** ***
*** ***
*** Either you specified an unqualified symbol, or your debugger ***
*** doesn’t have full symbol information. Unqualified symbol ***
*** resolution is turned off by default. Please either specify a ***
*** fully qualified symbol module!symbolname, or enable resolution ***
*** of unqualified symbols by typing “.symopt- 100”. Note that ***
*** enabling unqualified symbol resolution with network symbol ***
*** server shares in the symbol path may cause the debugger to ***
*** appear to hang for long periods of time when an incorrect ***
*** symbol name is typed or the network symbol server is down. ***
*** ***
*** For some commands to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!_KPRCB ***
*** ***
*************************************************************************
*************************************************************************
*** ***
*** ***
*** Either you specified an unqualified symbol, or your debugger ***
*** doesn’t have full symbol information. Unqualified symbol ***
*** resolution is turned off by default. Please either specify a ***
*** fully qualified symbol module!symbolname, or enable resolution ***
*** of unqualified symbols by typing “.symopt- 100”. Note that ***
*** enabling unqualified symbol resolution with network symbol ***
*** server shares in the symbol path may cause the debugger to ***
*** appear to hang for long periods of time when an incorrect ***
*** symbol name is typed or the network symbol server is down. ***
*** ***
*** For some commands to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!KPRCB ***
*** ***
*************************************************************************
*************************************************************************
*** ***
*** ***
*** Either you specified an unqualified symbol, or your debugger ***
*** doesn’t have full symbol information. Unqualified symbol ***
*** resolution is turned off by default. Please either specify a ***
*** fully qualified symbol module!symbolname, or enable resolution ***
*** of unqualified symbols by typing “.symopt- 100”. Note that ***
*** enabling unqualified symbol resolution with network symbol ***
*** server shares in the symbol path may cause the debugger to ***
*** appear to hang for long periods of time when an incorrect ***
*** symbol name is typed or the network symbol server is down. ***
*** ***
*** For some commands to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!_KPRCB ***
*** ***
*************************************************************************
*************************************************************************
*** ***
*** ***
*** Either you specified an unqualified symbol, or your debugger ***
*** doesn’t have full symbol information. Unqualified symbol ***
*** resolution is turned off by default. Please either specify a ***
*** fully qualified symbol module!symbolname, or enable resolution ***
*** of unqualified symbols by typing “.symopt- 100”. Note that ***
*** enabling unqualified symbol resolution with network symbol ***
*** server shares in the symbol path may cause the debugger to ***
*** appear to hang for long periods of time when an incorrect ***
*** symbol name is typed or the network symbol server is down. ***
*** ***
*** For some commands to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!KPRCB ***
*** ***
*************************************************************************
*************************************************************************
*** ***
*** ***
*** Either you specified an unqualified symbol, or your debugger ***
*** doesn’t have full symbol information. Unqualified symbol ***
*** resolution is turned off by default. Please either specify a ***
*** fully qualified symbol module!symbolname, or enable resolution ***
*** of unqualified symbols by typing “.symopt- 100”. Note that ***
*** enabling unqualified symbol resolution with network symbol ***
*** server shares in the symbol path may cause the debugger to ***
*** appear to hang for long periods of time when an incorrect ***
*** symbol name is typed or the network symbol server is down. ***
*** ***
*** For some commands to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!_KPRCB ***
*** ***
*************************************************************************
*************************************************************************
*** ***
*** ***
*** Either you specified an unqualified symbol, or your debugger ***
*** doesn’t have full symbol information. Unqualified symbol ***
*** resolution is turned off by default. Please either specify a ***
*** fully qualified symbol module!symbolname, or enable resolution ***
*** of unqualified symbols by typing “.symopt- 100”. Note that ***
*** enabling unqualified symbol resolution with network symbol ***
*** server shares in the symbol path may cause the debugger to ***
*** appear to hang for long periods of time when an incorrect ***
*** symbol name is typed or the network symbol server is down. ***
*** ***
*** For some commands to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!_KPRCB ***
*** ***
*************************************************************************
*************************************************************************
*** ***
*** ***
*** Either you specified an unqualified symbol, or your debugger ***
*** doesn’t have full symbol information. Unqualified symbol ***
*** resolution is turned off by default. Please either specify a ***
*** fully qualified symbol module!symbolname, or enable resolution ***
*** of unqualified symbols by typing “.symopt- 100”. Note that ***
*** enabling unqualified symbol resolution with network symbol ***
*** server shares in the symbol path may cause the debugger to ***
*** appear to hang for long periods of time when an incorrect ***
*** symbol name is typed or the network symbol server is down. ***
*** ***
*** For some commands to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!_MMPTE ***
*** ***
*************************************************************************
*************************************************************************
*** ***
*** ***
*** Either you specified an unqualified symbol, or your debugger ***
*** doesn’t have full symbol information. Unqualified symbol ***
*** resolution is turned off by default. Please either specify a ***
*** fully qualified symbol module!symbolname, or enable resolution ***
*** of unqualified symbols by typing “.symopt- 100”. Note that ***
*** enabling unqualified symbol resolution with network symbol ***
*** server shares in the symbol path may cause the debugger to ***
*** appear to hang for long periods of time when an incorrect ***
*** symbol name is typed or the network symbol server is down. ***
*** ***
*** For some commands to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!_MMPTE ***
*** ***
*************************************************************************
*************************************************************************
*** ***
*** ***
*** Either you specified an unqualified symbol, or your debugger ***
*** doesn’t have full symbol information. Unqualified symbol ***
*** resolution is turned off by default. Please either specify a ***
*** fully qualified symbol module!symbolname, or enable resolution ***
*** of unqualified symbols by typing “.symopt- 100”. Note that ***
*** enabling unqualified symbol resolution with network symbol ***
*** server shares in the symbol path may cause the debugger to ***
*** appear to hang for long periods of time when an incorrect ***
*** symbol name is typed or the network symbol server is down. ***
*** ***
*** For some commands to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!_MMPTE ***
*** ***
*************************************************************************
*************************************************************************
*** ***
*** ***
*** Either you specified an unqualified symbol, or your debugger ***
*** doesn’t have full symbol information. Unqualified symbol ***
*** resolution is turned off by default. Please either specify a ***
*** fully qualified symbol module!symbolname, or enable resolution ***
*** of unqualified symbols by typing “.symopt- 100”. Note that ***
*** enabling unqualified symbol resolution with network symbol ***
*** server shares in the symbol path may cause the debugger to ***
*** appear to hang for long periods of time when an incorrect ***
*** symbol name is typed or the network symbol server is down. ***
*** ***
*** For some commands to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!_KPRCB ***
*** ***
*************************************************************************
*************************************************************************
*** ***
*** ***
*** Either you specified an unqualified symbol, or your debugger ***
*** doesn’t have full symbol information. Unqualified symbol ***
*** resolution is turned off by default. Please either specify a ***
*** fully qualified symbol module!symbolname, or enable resolution ***
*** of unqualified symbols by typing “.symopt- 100”. Note that ***
*** enabling unqualified symbol resolution with network symbol ***
*** server shares in the symbol path may cause the debugger to ***
*** appear to hang for long periods of time when an incorrect ***
*** symbol name is typed or the network symbol server is down. ***
*** ***
*** For some commands to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!_KPRCB ***
*** ***
*************************************************************************

ADDITIONAL_DEBUG_TEXT:
You can run ‘.symfix; .reload’ to try to fix the symbol path and load symbols.

FAULTING_MODULE: fffff80003c18000 nt

DEBUG_FLR_IMAGE_TIMESTAMP: 54a6cf80

DEFAULT_BUCKET_ID: WIN7_DRIVER_FAULT

BUGCHECK_STR: 0x18

CURRENT_IRQL: 0

ANALYSIS_VERSION: 6.3.9600.17029 (debuggers(dbg).140219-1702) amd64fre

LAST_CONTROL_TRANSFER: from fffff80003c33e14 to fffff80003c8dbc0

STACK_TEXT:
fffff88003b7f0c8 fffff80003c33e14 : 0000000000000018 0000000000000000 fffffa8022669398 0000000000000002 : nt!KeBugCheckEx
fffff88003b7f0d0 fffff88000e69c6f : fffffa801a250000 fffffa8021c0bc00 fffffa801a250020 fffffa8021c0bc20 : nt!KeSetActualBasePriorityThread+0xfdc
fffff88003b7f130 fffff88000e0cb63 : fffffa8021c0bc00 fffffa801a250020 0000000000000006 fffffa8021c0bc00 : Wdf01000+0x69c6f
fffff88003b7f1a0 fffff88000e123f6 : fffffa8021c0bc00 0000000000000000 0000057fde3f4300 fffffa8019913e01 : Wdf01000+0xcb63
fffff88003b7f220 fffff88000e125ec : fffffa8021c0bc00 0000000000000000 0000000000000000 0000000000000000 : Wdf01000+0x123f6
fffff88003b7f280 fffff88000e1479f : fffffa8021c0bc00 0000000000000000 0000057fde3f43f8 fffffa801ffe9810 : Wdf01000+0x125ec
fffff88003b7f2e0 fffff88007bb7436 : fffffa8021c0bc00 0000000000000006 0000000000000000 0000000000000000 : Wdf01000+0x1479f
fffff88003b7f340 fffff88007bb68b1 : 0000057fde3f43f8 fffffa8022669380 000000006977444e 0000000000000500 : netvmini620!WdfObjectDelete+0x36 [c:\program files (x86)\windows kits\8.1\include\wdf\kmdf\1.11\wdfobject.h @ 725]
fffff88003b7f380 fffff88007bcbcdb : fffffa8022669380 000000000000002d 0000000000000065 0000000000000003 : netvmini620!NICFreeAdapter+0x431 [d:\workfolders\noel\ndis virtual miniport driver\c++\adapter.c @ 1906]
fffff88003b7f3e0 fffff88001cfad57 : fffffa8022669380 0000000000000000 fffffa802130f1a0 0000000000160500 : netvmini620!MPHaltEx+0x1bb [d:\workfolders\noel\ndis virtual miniport driver\c++\adapter.c @ 1041]
fffff88003b7f430 fffff88001cfb308 : fffffa802130f101 fffffa800000007e fffffa802012b3f0 fffffa801a3417c0 : ndis!NdisMRegisterMiniport+0x7b7
fffff88003b7f4d0 fffff88001cfed6c : fffffa802130f1a0 0000000000000000 fffff88000000000 fffff88001ca8100 : ndis!NdisMRegisterMiniport+0xd68
fffff88003b7f500 fffff88001c97bc2 : fffffa802130f1a0 fffffa802130f1a0 fffffa802012b3f0 fffffa80206aee10 : ndis!NdisDeregisterProtocol+0x173c
fffff88003b7f6a0 fffff88001d01b69 : 0000000000000000 fffffa802012b3f0 0000000000000000 fffffa802130f1a0 : ndis!NdisFDeregisterFilterDriver+0x1402
fffff88003b7f6e0 fffff80003efa121 : fffff8a0117fee00 fffffa802130f050 fffff88003b7f838 fffffa80206aee10 : ndis!NdisIMInitializeDeviceInstance+0x619
fffff88003b7f780 fffff8000407a3a1 : fffffa80206aee10 0000000000000000 fffffa8020b1fd90 0000000000000801 : nt!FsRtlNotifyVolumeEventEx+0x821
fffff88003b7f7f0 fffff80003d90063 : fffff8a0119fe730 fffff8a0119fe730 0000000000000015 0000000000000000 : nt!ExCreateCallback+0x13e1
fffff88003b7f8b0 fffff80004079ef4 : fffffa8020b1fd90 0000000000000000 0000000000000002 fffffa80206aee10 : nt!DbgSetDebugFilterState+0x1ba3
fffff88003b7f900 fffff8000407a000 : 0000000000000000 fffff8a011af2401 fffff8a011a9d5d0 ffffa57c754662e0 : nt!ExCreateCallback+0xf34
fffff88003b7f930 fffff8000410aee4 : 0000000000000002 0000000000000000 fffffa8020b1fd90 fffff8a000000000 : nt!ExCreateCallback+0x1040
fffff88003b7f9a0 fffff8000410b53c : fffff88000000000 fffffa8019aa9a00 fffffa801978a600 fffffa8000000000 : nt!KeStartDynamicProcessor+0x13e4
fffff88003b7fae0 fffff80003ff473e : 0000000000000000 fffffa8019aa9ad0 fffff8a011af24d0 0000000000000000 : nt!KeStartDynamicProcessor+0x1a3c
fffff88003b7fb10 fffff80003c97261 : fffff80003ef8f88 fffff8a011af24d0 fffff80003e332d8 fffff80003e332d8 : nt!PsDereferenceKernelStack+0x3f36e
fffff88003b7fb70 fffff80003f2a2ea : 0000000000000000 fffffa801978a660 0000000000000080 fffffa801973b350 : nt!KeReleaseInStackQueuedSpinLock+0x2f1
fffff88003b7fc00 fffff80003c7e8e6 : fffff88003989180 fffffa801978a660 fffff880039940c0 0000000000000000 : nt!PsCreateSystemThread+0x1e6
fffff88003b7fc40 0000000000000000 : fffff88003b80000 fffff88003b7a000 fffff88003b7f0e0 0000000000000000 : nt!KeInitializeSemaphore+0x25a

STACK_COMMAND: kb

FOLLOWUP_IP:
netvmini620!WdfObjectDelete+36 [c:\program files (x86)\windows kits\8.1\include\wdf\kmdf\1.11\wdfobject.h @ 725]
fffff880`07bb7436 4883c438 add rsp,38h

FAULTING_SOURCE_LINE: c:\program files (x86)\windows kits\8.1\include\wdf\kmdf\1.11\wdfobject.h

FAULTING_SOURCE_FILE: c:\program files (x86)\windows kits\8.1\include\wdf\kmdf\1.11\wdfobject.h

FAULTING_SOURCE_LINE_NUMBER: 725

FAULTING_SOURCE_CODE:
721: WDFOBJECT Object
722: )
723: {
724: ((PFN_WDFOBJECTDELETE) WdfFunctions[WdfObjectDeleteTableIndex])(WdfDriverGlobals, Object);

725: }
726:
727: //
728: // WDF Function: WdfObjectQuery
729: //
730: typedef

SYMBOL_STACK_INDEX: 7

SYMBOL_NAME: netvmini620!WdfObjectDelete+36

FOLLOWUP_NAME: MachineOwner

MODULE_NAME: netvmini620

IMAGE_NAME: netvmini620.sys

BUCKET_ID: WRONG_SYMBOLS

FAILURE_BUCKET_ID: WRONG_SYMBOLS

ANALYSIS_SOURCE: KM

FAILURE_ID_HASH_STRING: km:wrong_symbols

FAILURE_ID_HASH: {70b057e8-2462-896f-28e7-ac72d4d365f8}

Followup: MachineOwner

On 02-Jan-2015 19:23, xxxxx@yahoo.co.in wrote:

just for additional information

when i try the Wdf device object creation(WdfDeviceMiniportCreate) and deletion(WdfObjectDelete) in NDIS miniport driver sample(purely virtual), it still crashes on driver unload.

From the documentation:

http://msdn.microsoft.com/en-us/library/windows/hardware/ff548734(v=vs.85).aspx

but in the usbnwifi sample (Mp_main.c) of WINDDK 7 they are calling WdfObjectDelete without WdfControlDeviceInitAllocate anywhere

You are allowed to manually delete a wdfdevice created by WdfDeviceMiniportCreate

d

Bent from my phone

From: xxxxx@yahoo.co.inmailto:xxxxx
Sent: ?1/?2/?2015 9:58 AM
To: Windows System Software Devs Interest Listmailto:xxxxx
Subject: RE:[ntdev] Getting BSOD on WdfObjectDelete() of WdfDeviceMiniportCreate() object

but in the usbnwifi sample (Mp_main.c) of WINDDK 7 they are calling WdfObjectDelete without WdfControlDeviceInitAllocate anywhere

—
NTDEV is sponsored by OSR

Visit the list at: http://www.osronline.com/showlists.cfm?list=ntdev

OSR is HIRING!! See http://www.osr.com/careers

For our schedule of WDF, WDM, debugging and other seminars visit:
http://www.osr.com/seminars

To unsubscribe, visit the List Server section of OSR Online at http://www.osronline.com/page.cfm?name=ListServer</mailto:xxxxx></mailto:xxxxx>

then is it the compiler tool or framework related problem ?

Most likely a mistake in the code, not the framework as this works for ndis wdf drivers in production.

d

Bent from my phone

From: xxxxx@yahoo.co.inmailto:xxxxx
Sent: ?1/?2/?2015 12:20 PM
To: Windows System Software Devs Interest Listmailto:xxxxx
Subject: RE:[ntdev] Getting BSOD on WdfObjectDelete() of WdfDeviceMiniportCreate() object

then is it the compiler tool or framework related problem ?

—
NTDEV is sponsored by OSR

Visit the list at: http://www.osronline.com/showlists.cfm?list=ntdev

OSR is HIRING!! See http://www.osr.com/careers

For our schedule of WDF, WDM, debugging and other seminars visit:
http://www.osr.com/seminars

To unsubscribe, visit the List Server section of OSR Online at http://www.osronline.com/page.cfm?name=ListServer</mailto:xxxxx></mailto:xxxxx>

thanks for the prompt response.
i will shortly upload the modified NDIS virtual miniport WDK sample which has ndis wdf code and also brief on how i am building it. This example can be tried and crash reproduced without any actual device.

I don’t think you are going to get others to do your dirty work. Learn to debug it yourself, this is just the first of many issues you will have to navigate through

d

Bent from my phone

From: xxxxx@yahoo.co.inmailto:xxxxx
Sent: ?1/?2/?2015 12:58 PM
To: Windows System Software Devs Interest Listmailto:xxxxx
Subject: RE:[ntdev] Getting BSOD on WdfObjectDelete() of WdfDeviceMiniportCreate() object

thanks for the prompt response.
i will shortly upload the modified NDIS virtual miniport WDK sample which has ndis wdf code and also brief on how i am building it. This example can be tried and crash reproduced without any actual device.

—
NTDEV is sponsored by OSR

Visit the list at: http://www.osronline.com/showlists.cfm?list=ntdev

OSR is HIRING!! See http://www.osr.com/careers

For our schedule of WDF, WDM, debugging and other seminars visit:
http://www.osr.com/seminars

To unsubscribe, visit the List Server section of OSR Online at http://www.osronline.com/page.cfm?name=ListServer</mailto:xxxxx></mailto:xxxxx>

Finally got it

status = WdfDeviceMiniportCreate(WdfGetDriver(), &fdoAttributes, &Adapter->Fdo, &Adapter->NextDeviceObject, &Adapter->Pdo, &Adapter->hWdfDevice);

should be

status = WdfDeviceMiniportCreate(WdfGetDriver(), &fdoAttributes, Adapter->Fdo, Adapter->NextDeviceObject, Adapter->Pdo, &Adapter->hWdfDevice);

I had disabled all warnings in VS 2013 and thought they were annoyance. Lesson learnt to go through all warnings before disabling them.

Also driver model settings are changed to KMDF 1 for my particular requirement.

Thanks

xxxxx@yahoo.co.in wrote:

I had disabled all warnings in VS 2013 and thought they were annoyance. Lesson learnt to go through all warnings before disabling them.

That’s not a professional solution. The compiler is your friend. Your
driver should compile warning free at /W4. The older WDKs turned on /W3
and /WX, to make warnings fatal.

–
Tim Roberts, xxxxx@probo.com
Providenza & Boekelheide, Inc.

i will make sure of that henceforth