How to prevent cyclic error/reset on an early boot driver

In non-boot drivers one can prevent a cyclic error to occur (say we get a fatal error that resets the machine) by means of setting a Registry variable.
Just by looking at the Registry variable status we can conclude that the previous start of the driver was successful or not.

However, in boot mode drivers writing in Registry variables may not be useful because writing in the Registry may not end in a write to disk. So when the machine restarts there is nothing in the Registry.

I wonder how people controls this type of problem. If you have a boot driver, that starts early in the boot process, how you protect the system agains a cyclic failure that might happen ?

Inaki.

You don’t fail J

Seriously - whenever I hear someone asking how they handle odd condition X that happens when their driver crashes the machine it sends up warning flags for me. If your driver is crashing enough that you think this is a problem you should put your resources into finding the bugs rather than into working around them (which often just leads to more bugs)

In this case there’s really nothing you can do. You can’t write to the drive during early boot. Short of modifying the BIOS to provide some scratch space you can write to which would tell it to halt during the subsequent boot this won’t really help.

-p

From: xxxxx@lists.osr.com [mailto:xxxxx@lists.osr.com] On Behalf Of I?aki Castillo
Sent: Friday, February 09, 2007 8:59 AM
To: Windows System Software Devs Interest List
Subject: [ntdev] How to prevent cyclic error/reset on an early boot driver

In non-boot drivers one can prevent a cyclic error to occur (say we get a fatal error that resets the machine) by means of setting a Registry variable.

Just by looking at the Registry variable status we can conclude that the previous start of the driver was successful or not.

However, in boot mode drivers writing in Registry variables may not be useful because writing in the Registry may not end in a write to disk. So when the machine restarts there is nothing in the Registry.

I wonder how people controls this type of problem. If you have a boot driver, that starts early in the boot process, how you protect the system agains a cyclic failure that might happen ?

Inaki.

Questions? First check the Kernel Driver FAQ at http://www.osronline.com/article.cfm?id=256

To unsubscribe, visit the List Server section of OSR Online at http://www.osronline.com/page.cfm?name=ListServer

Ghost or its equivalent for worst case scenarios. Although it is painful to
set up, and slow, automated OS install systems and tools are not a bad thing
to have sitting around your test lab.

Once you have a known good version of your boot load driver you can always
have a second boot partition for the test system and just brute force copy
the known good version back.

From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of I?aki Castillo
Sent: Friday, February 09, 2007 11:59 AM
To: Windows System Software Devs Interest List
Subject: [ntdev] How to prevent cyclic error/reset on an early boot driver

In non-boot drivers one can prevent a cyclic error to occur (say we get a
fatal error that resets the machine) by means of setting a Registry
variable.

Just by looking at the Registry variable status we can conclude that the
previous start of the driver was successful or not.

However, in boot mode drivers writing in Registry variables may not be
useful because writing in the Registry may not end in a write to disk. So
when the machine restarts there is nothing in the Registry.

I wonder how people controls this type of problem. If you have a boot
driver, that starts early in the boot process, how you protect the system
agains a cyclic failure that might happen ?

Inaki.

Questions? First check the Kernel Driver FAQ at
http://www.osronline.com/article.cfm?id=256

To unsubscribe, visit the List Server section of OSR Online at
http://www.osronline.com/page.cfm?name=ListServer

Also, if your driver is not required for boot (i.e. just required to be
loaded at boot to work), then create a second harware profile without your
driver. That way you can choose at boot time to bypass your driver.

–
Don Burn (MVP, Windows DDK)
Windows 2k/XP/2k3 Filesystem and Driver Consulting
http://www.windrvr.com
Remove StopSpam from the email to reply

“Mark Roddy” wrote in message news:xxxxx@ntdev…
Ghost or its equivalent for worst case scenarios. Although it is painful to
set up, and slow, automated OS install systems and tools are not a bad
thing
to have sitting around your test lab.

Once you have a known good version of your boot load driver you can always
have a second boot partition for the test system and just brute force copy
the known good version back.

From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Iñaki Castillo
Sent: Friday, February 09, 2007 11:59 AM
To: Windows System Software Devs Interest List
Subject: [ntdev] How to prevent cyclic error/reset on an early boot driver

In non-boot drivers one can prevent a cyclic error to occur (say we get a
fatal error that resets the machine) by means of setting a Registry
variable.

Just by looking at the Registry variable status we can conclude that the
previous start of the driver was successful or not.

However, in boot mode drivers writing in Registry variables may not be
useful because writing in the Registry may not end in a write to disk. So
when the machine restarts there is nothing in the Registry.

I wonder how people controls this type of problem. If you have a boot
driver, that starts early in the boot process, how you protect the system
agains a cyclic failure that might happen ?

Inaki.

—
Questions? First check the Kernel Driver FAQ at
http://www.osronline.com/article.cfm?id=256

To unsubscribe, visit the List Server section of OSR Online at
http://www.osronline.com/page.cfm?name=ListServer

In fact if it is not required to boot then why is it a boot load driver?

-----Original Message-----
From: xxxxx@lists.osr.com [mailto:bounce-277870-
xxxxx@lists.osr.com] On Behalf Of Don Burn
Sent: Friday, February 09, 2007 1:15 PM
To: Windows System Software Devs Interest List
Subject: Re:[ntdev] How to prevent cyclic error/reset on an early boot
driver

Also, if your driver is not required for boot (i.e. just required to be
loaded at boot to work), then create a second harware profile without
your
driver. That way you can choose at boot time to bypass your driver.

–
Don Burn (MVP, Windows DDK)
Windows 2k/XP/2k3 Filesystem and Driver Consulting
http://www.windrvr.com
Remove StopSpam from the email to reply

“Mark Roddy” wrote in message
> news:xxxxx@ntdev…
> Ghost or its equivalent for worst case scenarios. Although it is
> painful to
> set up, and slow, automated OS install systems and tools are not a bad
> thing
> to have sitting around your test lab.
>
>
>
> Once you have a known good version of your boot load driver you can
> always
> have a second boot partition for the test system and just brute force
> copy
> the known good version back.
>
>
>
> From: xxxxx@lists.osr.com
> [mailto:xxxxx@lists.osr.com] On Behalf Of I?aki Castillo
> Sent: Friday, February 09, 2007 11:59 AM
> To: Windows System Software Devs Interest List
> Subject: [ntdev] How to prevent cyclic error/reset on an early boot
> driver
>
>
>
> In non-boot drivers one can prevent a cyclic error to occur (say we get
> a
> fatal error that resets the machine) by means of setting a Registry
> variable.
>
> Just by looking at the Registry variable status we can conclude that
> the
> previous start of the driver was successful or not.
>
> However, in boot mode drivers writing in Registry variables may not be
> useful because writing in the Registry may not end in a write to disk.
> So
> when the machine restarts there is nothing in the Registry.
>
> I wonder how people controls this type of problem. If you have a boot
> driver, that starts early in the boot process, how you protect the
> system
> agains a cyclic failure that might happen ?
>
> Inaki.
>
>
>
>
>
>
> —
> Questions? First check the Kernel Driver FAQ at
> http://www.osronline.com/article.cfm?id=256
>
> To unsubscribe, visit the List Server section of OSR Online at
> http://www.osronline.com/page.cfm?name=ListServer
>
>
>
>
> —
> Questions? First check the Kernel Driver FAQ at
> http://www.osronline.com/article.cfm?id=256
>
> To unsubscribe, visit the List Server section of OSR Online at
> http://www.osronline.com/page.cfm?name=ListServer

Plenty of drivers need to be boot load, I have worked on filters for the
disk that perform a desired action (such as locking out certain actions)
which does not impact boot, but need to be there as part of the boot stack.
Also, I have worked on drivers that will be required for boot and want to
be setup at boot time for testing, but which on the test machine are not
part of the primary boot path.

–
Don Burn (MVP, Windows DDK)
Windows 2k/XP/2k3 Filesystem and Driver Consulting
http://www.windrvr.com
Remove StopSpam from the email to reply

“Mark Roddy” wrote in message news:xxxxx@ntdev…
In fact if it is not required to boot then why is it a boot load driver?

> -----Original Message-----
> From: xxxxx@lists.osr.com [mailto:bounce-277870-
> xxxxx@lists.osr.com] On Behalf Of Don Burn
> Sent: Friday, February 09, 2007 1:15 PM
> To: Windows System Software Devs Interest List
> Subject: Re:[ntdev] How to prevent cyclic error/reset on an early boot
> driver
>
> Also, if your driver is not required for boot (i.e. just required to be
> loaded at boot to work), then create a second harware profile without
> your
> driver. That way you can choose at boot time to bypass your driver.
>
>
> –
> Don Burn (MVP, Windows DDK)
> Windows 2k/XP/2k3 Filesystem and Driver Consulting
> http://www.windrvr.com
> Remove StopSpam from the email to reply
>
>
>
> “Mark Roddy” wrote in message
> news:xxxxx@ntdev…
> Ghost or its equivalent for worst case scenarios. Although it is
> painful to
> set up, and slow, automated OS install systems and tools are not a bad
> thing
> to have sitting around your test lab.
>
>
>
> Once you have a known good version of your boot load driver you can
> always
> have a second boot partition for the test system and just brute force
> copy
> the known good version back.
>
>
>
> From: xxxxx@lists.osr.com
> [mailto:xxxxx@lists.osr.com] On Behalf Of Iñaki Castillo
> Sent: Friday, February 09, 2007 11:59 AM
> To: Windows System Software Devs Interest List
> Subject: [ntdev] How to prevent cyclic error/reset on an early boot
> driver
>
>
>
> In non-boot drivers one can prevent a cyclic error to occur (say we get
> a
> fatal error that resets the machine) by means of setting a Registry
> variable.
>
> Just by looking at the Registry variable status we can conclude that
> the
> previous start of the driver was successful or not.
>
> However, in boot mode drivers writing in Registry variables may not be
> useful because writing in the Registry may not end in a write to disk.
> So
> when the machine restarts there is nothing in the Registry.
>
> I wonder how people controls this type of problem. If you have a boot
> driver, that starts early in the boot process, how you protect the
> system
> agains a cyclic failure that might happen ?
>
> Inaki.
>
>
>
>
>
>
> —
> Questions? First check the Kernel Driver FAQ at
> http://www.osronline.com/article.cfm?id=256
>
> To unsubscribe, visit the List Server section of OSR Online at
> http://www.osronline.com/page.cfm?name=ListServer
>
>
>
>
> —
> Questions? First check the Kernel Driver FAQ at
> http://www.osronline.com/article.cfm?id=256
>
> To unsubscribe, visit the List Server section of OSR Online at
> http://www.osronline.com/page.cfm?name=ListServer

Well that is the point, all of those drivers can be tested outside of the
boot path. Once they are reliable, they can then be made boot load drivers.

-----Original Message-----
From: xxxxx@lists.osr.com [mailto:bounce-277876-
xxxxx@lists.osr.com] On Behalf Of Don Burn
Sent: Friday, February 09, 2007 2:06 PM
To: Windows System Software Devs Interest List
Subject: Re:[ntdev] How to prevent cyclic error/reset on an early boot
driver

Plenty of drivers need to be boot load, I have worked on filters for
the
disk that perform a desired action (such as locking out certain
actions)
which does not impact boot, but need to be there as part of the boot
stack.
Also, I have worked on drivers that will be required for boot and want
to
be setup at boot time for testing, but which on the test machine are
not
part of the primary boot path.

–
Don Burn (MVP, Windows DDK)
Windows 2k/XP/2k3 Filesystem and Driver Consulting
http://www.windrvr.com
Remove StopSpam from the email to reply

“Mark Roddy” wrote in message
> news:xxxxx@ntdev…
> In fact if it is not required to boot then why is it a boot load
> driver?
>
> > -----Original Message-----
> > From: xxxxx@lists.osr.com [mailto:bounce-277870-
> > xxxxx@lists.osr.com] On Behalf Of Don Burn
> > Sent: Friday, February 09, 2007 1:15 PM
> > To: Windows System Software Devs Interest List
> > Subject: Re:[ntdev] How to prevent cyclic error/reset on an early
> boot
> > driver
> >
> > Also, if your driver is not required for boot (i.e. just required to
> be
> > loaded at boot to work), then create a second harware profile without
> > your
> > driver. That way you can choose at boot time to bypass your driver.
> >
> >
> > –
> > Don Burn (MVP, Windows DDK)
> > Windows 2k/XP/2k3 Filesystem and Driver Consulting
> > http://www.windrvr.com
> > Remove StopSpam from the email to reply
> >
> >
> >
> > “Mark Roddy” wrote in message
> > news:xxxxx@ntdev…
> > Ghost or its equivalent for worst case scenarios. Although it is
> > painful to
> > set up, and slow, automated OS install systems and tools are not a
> bad
> > thing
> > to have sitting around your test lab.
> >
> >
> >
> > Once you have a known good version of your boot load driver you can
> > always
> > have a second boot partition for the test system and just brute force
> > copy
> > the known good version back.
> >
> >
> >
> > From: xxxxx@lists.osr.com
> > [mailto:xxxxx@lists.osr.com] On Behalf Of I?aki Castillo
> > Sent: Friday, February 09, 2007 11:59 AM
> > To: Windows System Software Devs Interest List
> > Subject: [ntdev] How to prevent cyclic error/reset on an early boot
> > driver
> >
> >
> >
> > In non-boot drivers one can prevent a cyclic error to occur (say we
> get
> > a
> > fatal error that resets the machine) by means of setting a Registry
> > variable.
> >
> > Just by looking at the Registry variable status we can conclude that
> > the
> > previous start of the driver was successful or not.
> >
> > However, in boot mode drivers writing in Registry variables may not
> be
> > useful because writing in the Registry may not end in a write to
> disk.
> > So
> > when the machine restarts there is nothing in the Registry.
> >
> > I wonder how people controls this type of problem. If you have a boot
> > driver, that starts early in the boot process, how you protect the
> > system
> > agains a cyclic failure that might happen ?
> >
> > Inaki.
> >
> >
> >
> >
> >
> >
> > —
> > Questions? First check the Kernel Driver FAQ at
> > http://www.osronline.com/article.cfm?id=256
> >
> > To unsubscribe, visit the List Server section of OSR Online at
> > http://www.osronline.com/page.cfm?name=ListServer
> >
> >
> >
> >
> > —
> > Questions? First check the Kernel Driver FAQ at
> > http://www.osronline.com/article.cfm?id=256
> >
> > To unsubscribe, visit the List Server section of OSR Online at
> > http://www.osronline.com/page.cfm?name=ListServer
>
>
>
>
>
> —
> Questions? First check the Kernel Driver FAQ at
> http://www.osronline.com/article.cfm?id=256
>
> To unsubscribe, visit the List Server section of OSR Online at
> http://www.osronline.com/page.cfm?name=ListServer

>I wonder how people controls this type of problem. If you have a boot driver,
that

starts early in the boot process, how you protect the system agains a cyclic
failure that might happen ?

With WinDbg connected:

• request initial breakpoint
• use !dh to dump the image file header of the offending driver
• add the image base to entry point address
• disassemble there to ensure this is a function prolog
• use “a” (assemble) and enter
  mov eax, 0xc0000001
  ret 8
• then continue execution

The offending driver’s DriverEntry will be failed (by your patch), and it will
no more offend.

–
Maxim Shatskih, Windows DDK MVP
StorageCraft Corporation
xxxxx@storagecraft.com
http://www.storagecraft.com

You could read the value from the registry that contained the boot.ini
options. A magic value I believe shows up there if the system has failed
boot before. This doesn?t say YOUR driver was the cause of the boot failure,
just that a boot started and didn?t reach some milestone in the boot
process.

For development use, I often make a driver test this registry value for a
flag that means to fail my DriverEntry. Then if I make a build that crashes
on boot, it?s easy to just select a boot entry that has the flag set and my
driver is bypassed on this boot. I don?t know if all this maps into
Vista/Longhorn but assume boot config parameters can somehow be accessible
to drivers.

It?s MUCH nicer to do development on a non boot driver, as you can just use
.kdfiles to automatically load your latest build. When your driver is
getting really stable, you can then shift to uglier boot load driver start.

Of course the REAL answer is if your driver isn?t really stable it should
not be a boot load driver (or even a non-boot load driver).

• Jan

From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of I?aki Castillo
Sent: Friday, February 09, 2007 8:59 AM
To: Windows System Software Devs Interest List
Subject: [ntdev] How to prevent cyclic error/reset on an early boot driver

In non-boot drivers one can prevent a cyclic error to occur (say we get a
fatal error that resets the machine) by means of setting a Registry
variable.

Just by looking at the Registry variable status we can conclude that the
previous start of the driver was successful or not.

However, in boot mode drivers writing in Registry variables may not be
useful because writing in the Registry may not end in a write to disk. So
when the machine restarts there is nothing in the Registry.

I wonder how people controls this type of problem. If you have a boot
driver, that starts early in the boot process, how you protect the system
agains a cyclic failure that might happen ?

The magic value isn’t in the registry - it’s in a data file on disk which you can’t access from the driver.

If the issue is just “how to get my system booting again” then the answer is probably to check whether the system is loading in safe mode and have your driver either (a) not start at all (if it’s a function or bus driver) or (b) not add itself to the device stack during AddDevice (if it’s a filter).

Or you boot to your safe build and go disable your driver.

-p

From: xxxxx@lists.osr.com [mailto:xxxxx@lists.osr.com] On Behalf Of Jan Bottorff
Sent: Saturday, February 10, 2007 12:14 AM
To: Windows System Software Devs Interest List
Subject: RE: [ntdev] How to prevent cyclic error/reset on an early boot driver

You could read the value from the registry that contained the boot.ini options. A magic value I believe shows up there if the system has failed boot before. This doesn’t say YOUR driver was the cause of the boot failure, just that a boot started and didn’t reach some milestone in the boot process.

For development use, I often make a driver test this registry value for a flag that means to fail my DriverEntry. Then if I make a build that crashes on boot, it’s easy to just select a boot entry that has the flag set and my driver is bypassed on this boot. I don’t know if all this maps into Vista/Longhorn but assume boot config parameters can somehow be accessible to drivers.

It’s MUCH nicer to do development on a non boot driver, as you can just use .kdfiles to automatically load your latest build. When your driver is getting really stable, you can then shift to uglier boot load driver start.

Of course the REAL answer is if your driver isn’t really stable it should not be a boot load driver (or even a non-boot load driver).

• Jan

From: xxxxx@lists.osr.com [mailto:xxxxx@lists.osr.com] On Behalf Of I?aki Castillo
Sent: Friday, February 09, 2007 8:59 AM
To: Windows System Software Devs Interest List
Subject: [ntdev] How to prevent cyclic error/reset on an early boot driver

In non-boot drivers one can prevent a cyclic error to occur (say we get a fatal error that resets the machine) by means of setting a Registry variable.

Just by looking at the Registry variable status we can conclude that the previous start of the driver was successful or not.

However, in boot mode drivers writing in Registry variables may not be useful because writing in the Registry may not end in a write to disk. So when the machine restarts there is nothing in the Registry.

I wonder how people controls this type of problem. If you have a boot driver, that starts early in the boot process, how you protect the system agains a cyclic failure that might happen ?

Questions? First check the Kernel Driver FAQ at http://www.osronline.com/article.cfm?id=256

To unsubscribe, visit the List Server section of OSR Online at http://www.osronline.com/page.cfm?name=ListServer