Incorrect (?) buffer displayed by !wdfmemory

Hi Guys,

Together with my colleague we have found a puzzling behaviour of
!wdfkd.wdfmemory. Namely, !wdfmemory seems to be returning incorrect
pointer to its internal buffer. Pointer returned by the command
returns is the pointer to the wdfobject rather than the buffer
associated with the object:

kd> !wdfmemory 0x740839b0

WDFMEMORY 0x740839b0: Buffer 0x8bf7c648, Length 0x12 (18) bytes
allocated from WDFLOOKASIDE 0xfffffff8

kd> !wdfhandle 0x740839b0

Dumping WDFHANDLE 0x740839b0

Handle type is WDFMEMORY
Refcount: 1
Contexts:


!wdfobject 0x8bf7c648

WdfMemoryGetBuffer returns 0x8bf7c688 as the pointer to the buffer.
This is 0x40 bytes after the beginning of wdfobject, so I guess one
can always use this calculation to find out the real pointer of the
buffer (if one is using KMDF 1.9 on x86, that is).

One way or another it looks to be a bug in the extension, unless we
were doing something wrong here (in which case I would appreciate if
someone could point this out to us). If this is a bug then I hope that
the above will somehow be noticed by the extension maintainer and
fixed in a future release.

Both windbg 6.11.0001.404 and 6.12.0002.633 exhibit the same problem.

Kind regards,
Rafal

What about the version of wdfkd that is the wdk?

-----Original Message-----
From: xxxxx@lists.osr.com [mailto:xxxxx@lists.osr.com] On Behalf Of Rafal Zwierz
Sent: Friday, February 25, 2011 6:44 AM
To: Kernel Debugging Interest List
Subject: [windbg] Incorrect (?) buffer displayed by !wdfmemory

Hi Guys,

Together with my colleague we have found a puzzling behaviour of !wdfkd.wdfmemory. Namely, !wdfmemory seems to be returning incorrect pointer to its internal buffer. Pointer returned by the command returns is the pointer to the wdfobject rather than the buffer associated with the object:

kd> !wdfmemory 0x740839b0

WDFMEMORY 0x740839b0: Buffer 0x8bf7c648, Length 0x12 (18) bytes
allocated from WDFLOOKASIDE 0xfffffff8

kd> !wdfhandle 0x740839b0

Dumping WDFHANDLE 0x740839b0

Handle type is WDFMEMORY
Refcount: 1
Contexts:


!wdfobject 0x8bf7c648

WdfMemoryGetBuffer returns 0x8bf7c688 as the pointer to the buffer.
This is 0x40 bytes after the beginning of wdfobject, so I guess one can always use this calculation to find out the real pointer of the buffer (if one is using KMDF 1.9 on x86, that is).

One way or another it looks to be a bug in the extension, unless we were doing something wrong here (in which case I would appreciate if someone could point this out to us). If this is a bug then I hope that the above will somehow be noticed by the extension maintainer and fixed in a future release.

Both windbg 6.11.0001.404 and 6.12.0002.633 exhibit the same problem.

Kind regards,
Rafal


WINDBG is sponsored by OSR

For our schedule of WDF, WDM, debugging and other seminars visit:
http://www.osr.com/seminars

To unsubscribe, visit the List Server section of OSR Online at http://www.osronline.com/page.cfm?name=ListServer

Hi Doron,

wdfkd from both WinDDK\7600.16385.0 and c:\WinDDK\7600.16385.1 show
the same problem (this time tried only with windbg 6.11.0001.404):


kd> .chain

Extension DLL chain:
c:\WinDDK\7600.16385.0\bin\amd64\wdfkd.dll: image 6.1.7600.16385,
API 1.0.0, built Tue Jul 14 01:05:10 2009
[path: c:\WinDDK\7600.16385.0\bin\amd64\wdfkd.dll]

kd> !wdfmemory 0x76184bd0

WDFMEMORY 0x76184bd0: Buffer 0x89e7b428, Length 0x12 (18) bytes
allocated from WDFLOOKASIDE 0xfffffff8

kd> !wdfhandle 0x76184bd0

Dumping WDFHANDLE 0x76184bd0

Handle type is WDFMEMORY
Refcount: 1
Contexts:


!wdfobject 0x89e7b428

----------------------------------------------------------------
kd> .chain

Extension DLL chain:
c:\WinDDK\7600.16385.1\bin\amd64\wdfkd.dll: image 6.1.7600.16385,
API 1.0.0, built Tue Feb 09 04:56:55 2010
[path: c:\WinDDK\7600.16385.1\bin\amd64\wdfkd.dll]


kd> !wdfmemory 0x76184bd0

WDFMEMORY 0x76184bd0: Buffer 0x89e7b428, Length 0x12 (18) bytes
allocated from WDFLOOKASIDE 0xfffffff8

kd> !wdfhandle 0x76184bd0

Dumping WDFHANDLE 0x76184bd0
=============================
Handle type is WDFMEMORY
Refcount: 1
Contexts:


!wdfobject 0x89e7b428

----------------------------------------------------------------

Best wishes,
Rafal

On 25 February 2011 16:00, Doron Holan wrote:
> What about the version of wdfkd that is the wdk?
>
> -----Original Message-----
> From: xxxxx@lists.osr.com [mailto:xxxxx@lists.osr.com] On Behalf Of Rafal Zwierz
> Sent: Friday, February 25, 2011 6:44 AM
> To: Kernel Debugging Interest List
> Subject: [windbg] Incorrect (?) buffer displayed by !wdfmemory
>
> Hi Guys,
>
> Together with my colleague we have found a puzzling behaviour of !wdfkd.wdfmemory. Namely, !wdfmemory seems to be returning incorrect pointer to its internal buffer. Pointer returned by the command returns is the pointer to the wdfobject rather than the buffer associated with the object:
>
> kd> !wdfmemory 0x740839b0
>
> WDFMEMORY 0x740839b0: ?Buffer 0x8bf7c648, Length 0x12 (18) bytes
> ? ? ? ? ?allocated from WDFLOOKASIDE 0xfffffff8
>
> kd> !wdfhandle 0x740839b0
>
> Dumping WDFHANDLE 0x740839b0
> =============================
> Handle type is WDFMEMORY
> Refcount: 1
> Contexts:
> ? ?
>
> !wdfobject 0x8bf7c648
>
> WdfMemoryGetBuffer returns 0x8bf7c688 as the pointer to the buffer.
> This is 0x40 bytes after the beginning of wdfobject, so I guess one can always use this calculation to find out the real pointer of the buffer (if one is using KMDF 1.9 on x86, that is).
>
> One way or another it looks to be a bug in the extension, unless we were doing something wrong here (in which case I would appreciate if someone could point this out to us). If this is a bug then I hope that the above will somehow be noticed by the extension maintainer and fixed in a future release.
>
> Both windbg 6.11.0001.404 and 6.12.0002.633 exhibit the same problem.
>
> Kind regards,
> Rafal
>
> —
> WINDBG is sponsored by OSR
>
> For our schedule of WDF, WDM, debugging and other seminars visit:
> http://www.osr.com/seminars
>
> To unsubscribe, visit the List Server section of OSR Online at http://www.osronline.com/page.cfm?name=ListServer
>
>
> —
> WINDBG is sponsored by OSR
>
> For our schedule of WDF, WDM, debugging and other seminars visit:
> http://www.osr.com/seminars
>
> To unsubscribe, visit the List Server section of OSR Online at http://www.osronline.com/page.cfm?name=ListServer
>