Hello Everybody,
Why to i get IRQL_LESS_THAN_OR_EQUAL_TO in my call to KeWaitforSingleObject
on a thread Created with PsCreateSystemThread? I am trying to emulate the
code shown here in the SYSTEM THREADS section of walter ONEY’s Programming
the windows driver model.
Best Regards,
Rikki Tamayo
Not sure how this is related to PsCreateSystemThread, but certainly
IRQL_LESS_THAN_OR_EQUAL is an indication that you’re trying to wait when
you’re at an inappropriate level of IRQL.
Copied from DDK docs:
Callers of KeWaitForSingleObject must be running at IRQL <= DISPATCH_LEVEL
Mats
-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com]On Behalf Of Rikki
Sent: Thursday, July 08, 2004 9:30 AM
To: Windows System Software Devs Interest List
Subject: [ntdev] IRQL Error
Hello Everybody,
Why to i get IRQL_LESS_THAN_OR_EQUAL_TO in my call to KeWaitforSingleObject
on a thread Created with PsCreateSystemThread? I am trying to emulate the
code shown here in the SYSTEM THREADS section of walter ONEY’s Programming
the windows driver model.
Questions? First check the Kernel Driver FAQ at
http://www.osronline.com/article.cfm?id=256
You are currently subscribed to ntdev as: xxxxx@3dlabs.com
To unsubscribe send a blank email to xxxxx@lists.osr.com
I checked the IRQL KeIGetCurrentIrql returns 0 but the bugcheck says i am
running at irql 1c… how can i lower the IRQL to DPC level?
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of
xxxxx@3Dlabs.com
Sent: Thursday, July 08, 2004 4:54 PM
To: Windows System Software Devs Interest List
Subject: RE: [ntdev] IRQL Error
Not sure how this is related to PsCreateSystemThread, but certainly
IRQL_LESS_THAN_OR_EQUAL is an indication that you’re trying to wait when
you’re at an inappropriate level of IRQL.
Copied from DDK docs:
Callers of KeWaitForSingleObject must be running at IRQL <= DISPATCH_LEVEL
Mats
-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com]On Behalf Of Rikki
Sent: Thursday, July 08, 2004 9:30 AM
To: Windows System Software Devs Interest List
Subject: [ntdev] IRQL Error
Hello Everybody,
Why to i get IRQL_LESS_THAN_OR_EQUAL_TO in my call to KeWaitforSingleObject
on a thread Created with PsCreateSystemThread? I am trying to emulate the
code shown here in the SYSTEM THREADS section of walter ONEY’s Programming
the windows driver model.
Questions? First check the Kernel Driver FAQ at
http://www.osronline.com/article.cfm?id=256
You are currently subscribed to ntdev as: xxxxx@3dlabs.com
To unsubscribe send a blank email to xxxxx@lists.osr.com
Questions? First check the Kernel Driver FAQ at
http://www.osronline.com/article.cfm?id=256
You are currently subscribed to ntdev as: xxxxx@omron.com.ph
To unsubscribe send a blank email to xxxxx@lists.osr.com
Rikki,
Please collect the output from windbg’s analyze -v command after your
bugcheck and post it. In addition provide us with the exact code segment
that calls KeWaitForSingleObject. You have a bug in your code (obviously)
and without that information we can only guess at what you have done wrong.
Most likely this is simply a bad pointer value passed into
KeWaitForSingleObject.
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Rikki
Sent: Thursday, July 08, 2004 6:20 PM
To: Windows System Software Devs Interest List
Subject: RE: [ntdev] IRQL Error
I checked the IRQL KeIGetCurrentIrql returns 0 but the bugcheck says
i am running at irql 1c… how can i lower the IRQL to DPC level?
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of
xxxxx@3Dlabs.com
Sent: Thursday, July 08, 2004 4:54 PM
To: Windows System Software Devs Interest List
Subject: RE: [ntdev] IRQL Error
Not sure how this is related to PsCreateSystemThread, but certainly
IRQL_LESS_THAN_OR_EQUAL is an indication that you’re trying to wait when
you’re at an inappropriate level of IRQL.
Copied from DDK docs:
Callers of KeWaitForSingleObject must be running at IRQL <=
DISPATCH_LEVEL
Mats
-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com]On Behalf Of Rikki
Sent: Thursday, July 08, 2004 9:30 AM
To: Windows System Software Devs Interest List
Subject: [ntdev] IRQL Error
Hello Everybody,
Why to i get IRQL_LESS_THAN_OR_EQUAL_TO in my call to
KeWaitforSingleObject on a thread Created with PsCreateSystemThread? I am
trying to emulate the code shown here in the SYSTEM THREADS section of
walter ONEY’s Programming the windows driver model.
Questions? First check the Kernel Driver FAQ at
http://www.osronline.com/article.cfm?id=256
You are currently subscribed to ntdev as:
xxxxx@3dlabs.com
To unsubscribe send a blank email to
xxxxx@lists.osr.com
Questions? First check the Kernel Driver FAQ at
http://www.osronline.com/article.cfm?id=256
Questions? First check the Kernel Driver FAQ at
http://www.osronline.com/article.cfm?id=256
You are currently subscribed to ntdev as: xxxxx@hollistech.com
To unsubscribe send a blank email to xxxxx@lists.osr.com
From ntddk.h for W2K:
#define SYNCH_LEVEL (IPI_LEVEL-1) // synchronization level
and:
#define IPI_LEVEL 29 // Interprocessor interrupt level
(note SYNCH_LEVEL is now IPI_LEVEL-2 in W2K3).
When something goes wrong inside KeWaitForSingeObject, it does so at
SYNCH_LEVEL because that is the IRQL at which the system synchronization
to the dispatcher objects is done. My guess is that you’re passing a
bogus dispatcher header into KeWaitForSingleObject. The page fault
(KiTrap0E on x86) handler checks the IRQL, finds it is >= DISPATCH_LEVEL
and bug checks. But the real error is the bad memory address that
caused the page fault in the first place.
This has NOTHING to do with it being a system worker thread.
Regards,
Tony
Tony Mason
Consulting Partner
OSR Open Systems Resources, Inc.
http://www.osr.com
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Rikki
Sent: Thursday, July 08, 2004 6:20 PM
To: ntdev redirect
Subject: RE: [ntdev] IRQL Error
I checked the IRQL KeIGetCurrentIrql returns 0 but the bugcheck says i
am running at irql 1c… how can i lower the IRQL to DPC level?
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of
xxxxx@3Dlabs.com
Sent: Thursday, July 08, 2004 4:54 PM
To: Windows System Software Devs Interest List
Subject: RE: [ntdev] IRQL Error
Not sure how this is related to PsCreateSystemThread, but certainly
IRQL_LESS_THAN_OR_EQUAL is an indication that you’re trying to wait when
you’re at an inappropriate level of IRQL.
Copied from DDK docs:
Callers of KeWaitForSingleObject must be running at IRQL <=
DISPATCH_LEVEL
Mats
-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com]On Behalf Of Rikki
Sent: Thursday, July 08, 2004 9:30 AM
To: Windows System Software Devs Interest List
Subject: [ntdev] IRQL Error
Hello Everybody,
Why to i get IRQL_LESS_THAN_OR_EQUAL_TO in my call to
KeWaitforSingleObject on a thread Created with PsCreateSystemThread? I
am trying to emulate the code shown here in the SYSTEM THREADS section
of walter ONEY’s Programming the windows driver model.
Questions? First check the Kernel Driver FAQ at
http://www.osronline.com/article.cfm?id=256
You are currently subscribed to ntdev as:
xxxxx@3dlabs.com
To unsubscribe send a blank email to
xxxxx@lists.osr.com
Questions? First check the Kernel Driver FAQ at
http://www.osronline.com/article.cfm?id=256
You are currently subscribed to ntdev as: xxxxx@omron.com.ph
To unsubscribe send a blank email to xxxxx@lists.osr.com —
Questions? First check the Kernel Driver FAQ at
http://www.osronline.com/article.cfm?id=256
You are currently subscribed to ntdev as: xxxxx@osr.com
To unsubscribe send a blank email to xxxxx@lists.osr.com
Here is the bugcheck for the error I am encountering
****************************************************************************
***
*
*
* Bugcheck Analysis
*
*
*
****************************************************************************
***
IRQL_NOT_LESS_OR_EQUAL (a)
An attempt was made to access a pageable (or completely invalid) address at
an
interrupt request level (IRQL) that is too high. This is usually
caused by drivers using improper addresses.
If a kernel debugger is available get the stack backtrace.
Arguments:
Arg1: 00000000, memory referenced
Arg2: 0000001c, IRQL
Arg3: 00000001, value 0 = read operation, 1 = write operation
Arg4: 8043aa0c, address which referenced memory
WRITE_ADDRESS: 00000000
CURRENT_IRQL: 1c
FAULTING_IP:
nt!KeWaitForSingleObject+159
8043aa0c 8939 mov [ecx],edi
DEFAULT_BUCKET_ID: DRIVER_FAULT
BUGCHECK_STR: 0xA
LAST_CONTROL_TRANSFER: from 80438523 to 8049df08
STACK_TEXT:
bc3d85e8 80438523 00000003 bc3d8630 00000000
nt!RtlpBreakWithStatusInstruction
bc3d8618 80438b01 00000003 00000000 8043aa0c nt!KiBugCheckDebugBreak+0x31
bc3d89a0 804b54c0 00000000 00000000 0000001c nt!KeBugCheckEx+0x37b
bc3d89a0 8043aa0c 00000000 00000000 0000001c nt!KiTrap0E+0x2a4
bc3d8a50 bc034fb8 812a68d0 00000000 00000000 nt!KeWaitForSingleObject+0x159
bc3d8a90 eb799460 812980d8 81298020 812a4008 toaster!SC_CardTracking+0x98
[e:\pcscv2\srcref\toaster\func\featured1\scard.c @ 803]
bc3d8bb8 bc0385ab 00000000 812a4000 00000000
SMCLIB!SmartcardDeviceControl+0x48a
bc3d8bd4 bc038797 81298020 812a4008 00000000
toaster!ToasterDispatchIoctl+0x4b
[e:\pcscv2\srcref\toaster\func\featured1\toaster.c @ 1216]
bc3d8bfc 80424606 81298020 812a4008 812a4008 toaster!ToasterDispatchIO+0xf7
[e:\pcscv2\srcref\toaster\func\featured1\toaster.c @ 1319]
bc3d8c14 80526410 812a409c 00000000 812a4008 nt!IopfCallDriver+0x4f
bc3d8c28 80527528 81298020 812a4008 81317868
nt!IopSynchronousServiceTail+0x94
bc3d8cf4 8051c7ca 000000bc 00000110 00000000 nt!IopXxxControlFile+0x610
bc3d8d28 804b19ba 000000bc 00000110 00000000 nt!NtDeviceIoControlFile+0x28
bc3d8d28 77f7869b 000000bc 00000110 00000000 nt!KiSystemService+0x10a
009efe24 77e5b556 000000bc 00000110 00000000 ntdll!NtDeviceIoControlFile+0xb
009efe88 0100f2bb 000000bc 00310028 00000000 KERNEL32!DeviceIoControl+0x7a
009effb4 77e5d4a3 00000003 00000000 00000028 SCardSvr!MonitorReader+0x24b
009effec 00000000 0100f070 00274c38 00000000 KERNEL32!BaseThreadStart+0x52
FOLLOWUP_IP:
toaster!SC_CardTracking+98 [e:\pcscv2\srcref\toaster\func\featured1\scard.c
@ 803]
bc034fb8 8945e0 mov [ebp-0x20],eax
FOLLOWUP_NAME: MachineOwner
SYMBOL_NAME: toaster!SC_CardTracking+98
MODULE_NAME: toaster
IMAGE_NAME: toaster.sys
DEBUG_FLR_IMAGE_TIMESTAMP: 40edcdcb
STACK_COMMAND: kb
BUCKET_ID: 0xA_W_toaster!SC_CardTracking+98
-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Mark Roddy
Sent: Friday, July 09, 2004 6:33 AM
To: Windows System Software Devs Interest List
Subject: RE: [ntdev] IRQL Error
Rikki,
Please collect the output from windbg’s analyze -v command after your
bugcheck and post it. In addition provide us with the exact code segment
that calls KeWaitForSingleObject. You have a bug in your code (obviously)
and without that information we can only guess at what you have done wrong.
Most likely this is simply a bad pointer value passed into
KeWaitForSingleObject.
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Rikki
Sent: Thursday, July 08, 2004 6:20 PM
To: Windows System Software Devs Interest List
Subject: RE: [ntdev] IRQL Error
I checked the IRQL KeIGetCurrentIrql returns 0 but the bugcheck says
i am running at irql 1c… how can i lower the IRQL to DPC level?
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of
xxxxx@3Dlabs.com
Sent: Thursday, July 08, 2004 4:54 PM
To: Windows System Software Devs Interest List
Subject: RE: [ntdev] IRQL Error
Not sure how this is related to PsCreateSystemThread, but certainly
IRQL_LESS_THAN_OR_EQUAL is an indication that you’re trying to wait when
you’re at an inappropriate level of IRQL.
Copied from DDK docs:
Callers of KeWaitForSingleObject must be running at IRQL <=
DISPATCH_LEVEL
Mats
-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com]On Behalf Of Rikki
Sent: Thursday, July 08, 2004 9:30 AM
To: Windows System Software Devs Interest List
Subject: [ntdev] IRQL Error
Hello Everybody,
Why to i get IRQL_LESS_THAN_OR_EQUAL_TO in my call to
KeWaitforSingleObject on a thread Created with PsCreateSystemThread? I am
trying to emulate the code shown here in the SYSTEM THREADS section of
walter ONEY’s Programming the windows driver model.
Questions? First check the Kernel Driver FAQ at
http://www.osronline.com/article.cfm?id=256
You are currently subscribed to ntdev as:
xxxxx@3dlabs.com
To unsubscribe send a blank email to
xxxxx@lists.osr.com
Questions? First check the Kernel Driver FAQ at
http://www.osronline.com/article.cfm?id=256
Questions? First check the Kernel Driver FAQ at
http://www.osronline.com/article.cfm?id=256
You are currently subscribed to ntdev as: xxxxx@hollistech.com
To unsubscribe send a blank email to
xxxxx@lists.osr.com
Questions? First check the Kernel Driver FAQ at
http://www.osronline.com/article.cfm?id=256
You are currently subscribed to ntdev as: xxxxx@omron.com.ph To
unsubscribe send a blank email to xxxxx@lists.osr.com
Obviously, you passed a null-pointer to KeWaitForSingleObject. Furthermore,
that IRQL is also weird. So high???
Anyway, I’m sure it’s easy to fix this bug by putting a breakpoint at
KeWaitForSingleObject in you source code. This will help you to find out
which parameter is wrong.
Regards,
Ray Yang
xxxxx@ybwork.com
----- Original Message -----
From: “Rikki”
To: “Windows System Software Devs Interest List”
Sent: Friday, July 09, 2004 7:00 AM
Subject: RE: [ntdev] IRQL Error
> Here is the bugcheck for the error I am encountering
>
>
>
*************************************************************************
>
> *
> *
> * Bugcheck Analysis
> *
> *
> *
>
*************************************************************************
>
>
> IRQL_NOT_LESS_OR_EQUAL (a)
> An attempt was made to access a pageable (or completely invalid) address
at
> an
> interrupt request level (IRQL) that is too high. This is usually
> caused by drivers using improper addresses.
> If a kernel debugger is available get the stack backtrace.
> Arguments:
> Arg1: 00000000, memory referenced
> Arg2: 0000001c, IRQL
> Arg3: 00000001, value 0 = read operation, 1 = write operation
> Arg4: 8043aa0c, address which referenced memory
>
> Debugging Details:
> ------------------
>
>
> WRITE_ADDRESS: 00000000
>
> CURRENT_IRQL: 1c
>
> FAULTING_IP:
> nt!KeWaitForSingleObject+159
> 8043aa0c 8939 mov [ecx],edi
>
> DEFAULT_BUCKET_ID: DRIVER_FAULT
>
> BUGCHECK_STR: 0xA
>
> LAST_CONTROL_TRANSFER: from 80438523 to 8049df08
>
> STACK_TEXT:
> bc3d85e8 80438523 00000003 bc3d8630 00000000
> nt!RtlpBreakWithStatusInstruction
> bc3d8618 80438b01 00000003 00000000 8043aa0c nt!KiBugCheckDebugBreak+0x31
> bc3d89a0 804b54c0 00000000 00000000 0000001c nt!KeBugCheckEx+0x37b
> bc3d89a0 8043aa0c 00000000 00000000 0000001c nt!KiTrap0E+0x2a4
> bc3d8a50 bc034fb8 812a68d0 00000000 00000000
nt!KeWaitForSingleObject+0x159
> bc3d8a90 eb799460 812980d8 81298020 812a4008 toaster!SC_CardTracking+0x98
> [e:\pcscv2\srcref\toaster\func\featured1\scard.c @ 803]
> bc3d8bb8 bc0385ab 00000000 812a4000 00000000
> SMCLIB!SmartcardDeviceControl+0x48a
> bc3d8bd4 bc038797 81298020 812a4008 00000000
> toaster!ToasterDispatchIoctl+0x4b
> [e:\pcscv2\srcref\toaster\func\featured1\toaster.c @ 1216]
> bc3d8bfc 80424606 81298020 812a4008 812a4008
toaster!ToasterDispatchIO+0xf7
> [e:\pcscv2\srcref\toaster\func\featured1\toaster.c @ 1319]
> bc3d8c14 80526410 812a409c 00000000 812a4008 nt!IopfCallDriver+0x4f
> bc3d8c28 80527528 81298020 812a4008 81317868
> nt!IopSynchronousServiceTail+0x94
> bc3d8cf4 8051c7ca 000000bc 00000110 00000000 nt!IopXxxControlFile+0x610
> bc3d8d28 804b19ba 000000bc 00000110 00000000 nt!NtDeviceIoControlFile+0x28
> bc3d8d28 77f7869b 000000bc 00000110 00000000 nt!KiSystemService+0x10a
> 009efe24 77e5b556 000000bc 00000110 00000000
ntdll!NtDeviceIoControlFile+0xb
> 009efe88 0100f2bb 000000bc 00310028 00000000 KERNEL32!DeviceIoControl+0x7a
> 009effb4 77e5d4a3 00000003 00000000 00000028 SCardSvr!MonitorReader+0x24b
> 009effec 00000000 0100f070 00274c38 00000000 KERNEL32!BaseThreadStart+0x52
>
>
> FOLLOWUP_IP:
> toaster!SC_CardTracking+98
[e:\pcscv2\srcref\toaster\func\featured1\scard.c
> @ 803]
> bc034fb8 8945e0 mov [ebp-0x20],eax
>
> FOLLOWUP_NAME: MachineOwner
>
> SYMBOL_NAME: toaster!SC_CardTracking+98
>
> MODULE_NAME: toaster
>
> IMAGE_NAME: toaster.sys
>
> DEBUG_FLR_IMAGE_TIMESTAMP: 40edcdcb
>
> STACK_COMMAND: kb
>
> BUCKET_ID: 0xA_W_toaster!SC_CardTracking+98
>
> Followup: MachineOwner
> ---------
>
>
> -----Original Message-----
> From: xxxxx@lists.osr.com
> [mailto:xxxxx@lists.osr.com] On Behalf Of Mark Roddy
> Sent: Friday, July 09, 2004 6:33 AM
> To: Windows System Software Devs Interest List
> Subject: RE: [ntdev] IRQL Error
>
> Rikki,
>
> Please collect the output from windbg’s analyze -v command after your
> bugcheck and post it. In addition provide us with the exact code segment
> that calls KeWaitForSingleObject. You have a bug in your code (obviously)
> and without that information we can only guess at what you have done
wrong.
> Most likely this is simply a bad pointer value passed into
> KeWaitForSingleObject.
>
>
>
>
> From: xxxxx@lists.osr.com
> [mailto:xxxxx@lists.osr.com] On Behalf Of Rikki
> Sent: Thursday, July 08, 2004 6:20 PM
> To: Windows System Software Devs Interest List
> Subject: RE: [ntdev] IRQL Error
>
>
> I checked the IRQL KeIGetCurrentIrql returns 0 but the bugcheck says
> i am running at irql 1c… how can i lower the IRQL to DPC level?
>
>
>
> From: xxxxx@lists.osr.com
> [mailto:xxxxx@lists.osr.com] On Behalf Of
> xxxxx@3Dlabs.com
> Sent: Thursday, July 08, 2004 4:54 PM
> To: Windows System Software Devs Interest List
> Subject: RE: [ntdev] IRQL Error
>
>
> Not sure how this is related to PsCreateSystemThread, but certainly
> IRQL_LESS_THAN_OR_EQUAL is an indication that you’re trying to wait when
> you’re at an inappropriate level of IRQL.
>
> Copied from DDK docs:
> Callers of KeWaitForSingleObject must be running at IRQL <=
> DISPATCH_LEVEL
>
> Check the IRQL of the thread that is doing the waiting…
> –
> Mats
>
> -----Original Message-----
> From: xxxxx@lists.osr.com
> [mailto:xxxxx@lists.osr.com]On Behalf Of Rikki
> Sent: Thursday, July 08, 2004 9:30 AM
> To: Windows System Software Devs Interest List
> Subject: [ntdev] IRQL Error
>
>
> Hello Everybody,
>
> Why to i get IRQL_LESS_THAN_OR_EQUAL_TO in my call to
> KeWaitforSingleObject on a thread Created with PsCreateSystemThread? I am
> trying to emulate the code shown here in the SYSTEM THREADS section of
> walter ONEY’s Programming the windows driver model.
>
> Best Regards,
> Rikki Tamayo
> —
> Questions? First check the Kernel Driver FAQ at
> http://www.osronline.com/article.cfm?id=256
>
> You are currently subscribed to ntdev as:
> xxxxx@3dlabs.com
> To unsubscribe send a blank email to
> xxxxx@lists.osr.com
>
> —
> Questions? First check the Kernel Driver FAQ at
> http://www.osronline.com/article.cfm?id=256
>
> You are currently subscribed to ntdev as: xxxxx@omron.com.ph
> To unsubscribe send a blank email to
> xxxxx@lists.osr.com
> —
> Questions? First check the Kernel Driver FAQ at
> http://www.osronline.com/article.cfm?id=256
>
> You are currently subscribed to ntdev as: xxxxx@hollistech.com
> To unsubscribe send a blank email to
> xxxxx@lists.osr.com
>
>
>
>
>
>
> —
> Questions? First check the Kernel Driver FAQ at
> http://www.osronline.com/article.cfm?id=256
>
> You are currently subscribed to ntdev as: xxxxx@omron.com.ph To
> unsubscribe send a blank email to xxxxx@lists.osr.com
>
>
>
> —
> Questions? First check the Kernel Driver FAQ at
http://www.osronline.com/article.cfm?id=256
>
> You are currently subscribed to ntdev as: xxxxx@ybwork.com
> To unsubscribe send a blank email to xxxxx@lists.osr.com
>
Actually, this is a reasonable IRQL for KeWaitForSingleObject
(SYNCH_LEVEL) and the final error is a null pointer deref, but the call
to KeWaitForSingleObject shows a non-null first parameter. Thus, it is
more likely that the event is not initialized. If I had to guess, I
suspect you will find that ECX was just loaded from the first
parameters, now that value is being dereferenced and (unfortunately) ECX
= 0.
Regards,
Tony
Tony Mason
Consulting Partner
OSR Open Systems Resources, Inc.
http://www.osr.com
-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Ray Yang
Sent: Thursday, July 08, 2004 10:49 PM
To: ntdev redirect
Subject: Re: [ntdev] IRQL Error
Obviously, you passed a null-pointer to KeWaitForSingleObject.
Furthermore, that IRQL is also weird. So high???
Anyway, I’m sure it’s easy to fix this bug by putting a breakpoint at
KeWaitForSingleObject in you source code. This will help you to find out
which parameter is wrong.
Regards,
Ray Yang
xxxxx@ybwork.com
----- Original Message -----
From: “Rikki”
To: “Windows System Software Devs Interest List”
Sent: Friday, July 09, 2004 7:00 AM
Subject: RE: [ntdev] IRQL Error
> Here is the bugcheck for the error I am encountering
>
>
>
****
>
>
>
> * Bugcheck Analysis
>
>
>
>
*
>
>
> IRQL_NOT_LESS_OR_EQUAL (a)
> An attempt was made to access a pageable (or completely invalid)
address
at
> an
> interrupt request level (IRQL) that is too high. This is usually
> caused by drivers using improper addresses.
> If a kernel debugger is available get the stack backtrace.
> Arguments:
> Arg1: 00000000, memory referenced
> Arg2: 0000001c, IRQL
> Arg3: 00000001, value 0 = read operation, 1 = write operation
> Arg4: 8043aa0c, address which referenced memory
>
> Debugging Details:
> ------------------
>
>
> WRITE_ADDRESS: 00000000
>
> CURRENT_IRQL: 1c
>
> FAULTING_IP:
> nt!KeWaitForSingleObject+159
> 8043aa0c 8939 mov [ecx],edi
>
> DEFAULT_BUCKET_ID: DRIVER_FAULT
>
> BUGCHECK_STR: 0xA
>
> LAST_CONTROL_TRANSFER: from 80438523 to 8049df08
>
> STACK_TEXT:
> bc3d85e8 80438523 00000003 bc3d8630 00000000
> nt!RtlpBreakWithStatusInstruction
> bc3d8618 80438b01 00000003 00000000 8043aa0c
nt!KiBugCheckDebugBreak+0x31
> bc3d89a0 804b54c0 00000000 00000000 0000001c nt!KeBugCheckEx+0x37b
> bc3d89a0 8043aa0c 00000000 00000000 0000001c nt!KiTrap0E+0x2a4
> bc3d8a50 bc034fb8 812a68d0 00000000 00000000
nt!KeWaitForSingleObject+0x159
> bc3d8a90 eb799460 812980d8 81298020 812a4008
toaster!SC_CardTracking+0x98
> [e:\pcscv2\srcref\toaster\func\featured1\scard.c @ 803]
> bc3d8bb8 bc0385ab 00000000 812a4000 00000000
> SMCLIB!SmartcardDeviceControl+0x48a
> bc3d8bd4 bc038797 81298020 812a4008 00000000
> toaster!ToasterDispatchIoctl+0x4b
> [e:\pcscv2\srcref\toaster\func\featured1\toaster.c @ 1216]
> bc3d8bfc 80424606 81298020 812a4008 812a4008
toaster!ToasterDispatchIO+0xf7
> [e:\pcscv2\srcref\toaster\func\featured1\toaster.c @ 1319]
> bc3d8c14 80526410 812a409c 00000000 812a4008 nt!IopfCallDriver+0x4f
> bc3d8c28 80527528 81298020 812a4008 81317868
> nt!IopSynchronousServiceTail+0x94
> bc3d8cf4 8051c7ca 000000bc 00000110 00000000
nt!IopXxxControlFile+0x610
> bc3d8d28 804b19ba 000000bc 00000110 00000000
nt!NtDeviceIoControlFile+0x28
> bc3d8d28 77f7869b 000000bc 00000110 00000000 nt!KiSystemService+0x10a
> 009efe24 77e5b556 000000bc 00000110 00000000
ntdll!NtDeviceIoControlFile+0xb
> 009efe88 0100f2bb 000000bc 00310028 00000000
KERNEL32!DeviceIoControl+0x7a
> 009effb4 77e5d4a3 00000003 00000000 00000028
SCardSvr!MonitorReader+0x24b
> 009effec 00000000 0100f070 00274c38 00000000
KERNEL32!BaseThreadStart+0x52
>
>
> FOLLOWUP_IP:
> toaster!SC_CardTracking+98
[e:\pcscv2\srcref\toaster\func\featured1\scard.c
> @ 803]
> bc034fb8 8945e0 mov [ebp-0x20],eax
>
> FOLLOWUP_NAME: MachineOwner
>
> SYMBOL_NAME: toaster!SC_CardTracking+98
>
> MODULE_NAME: toaster
>
> IMAGE_NAME: toaster.sys
>
> DEBUG_FLR_IMAGE_TIMESTAMP: 40edcdcb
>
> STACK_COMMAND: kb
>
> BUCKET_ID: 0xA_W_toaster!SC_CardTracking+98
>
> Followup: MachineOwner
> ---------
>
>
> -----Original Message-----
> From: xxxxx@lists.osr.com
> [mailto:xxxxx@lists.osr.com] On Behalf Of Mark Roddy
> Sent: Friday, July 09, 2004 6:33 AM
> To: Windows System Software Devs Interest List
> Subject: RE: [ntdev] IRQL Error
>
> Rikki,
>
> Please collect the output from windbg’s analyze -v command after your
> bugcheck and post it. In addition provide us with the exact code
segment
> that calls KeWaitForSingleObject. You have a bug in your code
(obviously)
> and without that information we can only guess at what you have done
wrong.
> Most likely this is simply a bad pointer value passed into
> KeWaitForSingleObject.
>
>
>
>
> From: xxxxx@lists.osr.com
> [mailto:xxxxx@lists.osr.com] On Behalf Of Rikki
> Sent: Thursday, July 08, 2004 6:20 PM
> To: Windows System Software Devs Interest List
> Subject: RE: [ntdev] IRQL Error
>
>
> I checked the IRQL KeIGetCurrentIrql returns 0 but the bugcheck says
> i am running at irql 1c… how can i lower the IRQL to DPC level?
>
>
>
> From: xxxxx@lists.osr.com
> [mailto:xxxxx@lists.osr.com] On Behalf Of
> xxxxx@3Dlabs.com
> Sent: Thursday, July 08, 2004 4:54 PM
> To: Windows System Software Devs Interest List
> Subject: RE: [ntdev] IRQL Error
>
>
> Not sure how this is related to PsCreateSystemThread, but certainly
> IRQL_LESS_THAN_OR_EQUAL is an indication that you’re trying to wait
when
> you’re at an inappropriate level of IRQL.
>
> Copied from DDK docs:
> Callers of KeWaitForSingleObject must be running at IRQL <=
> DISPATCH_LEVEL
>
> Check the IRQL of the thread that is doing the waiting…
> –
> Mats
>
> -----Original Message-----
> From: xxxxx@lists.osr.com
> [mailto:xxxxx@lists.osr.com]On Behalf Of Rikki
> Sent: Thursday, July 08, 2004 9:30 AM
> To: Windows System Software Devs Interest List
> Subject: [ntdev] IRQL Error
>
>
> Hello Everybody,
>
> Why to i get IRQL_LESS_THAN_OR_EQUAL_TO in my call to
> KeWaitforSingleObject on a thread Created with PsCreateSystemThread? I
am
> trying to emulate the code shown here in the SYSTEM THREADS section
of
> walter ONEY’s Programming the windows driver model.
>
> Best Regards,
> Rikki Tamayo
> —
> Questions? First check the Kernel Driver FAQ at
> http://www.osronline.com/article.cfm?id=256
>
> You are currently subscribed to ntdev as:
> xxxxx@3dlabs.com
> To unsubscribe send a blank email to
> xxxxx@lists.osr.com
>
> —
> Questions? First check the Kernel Driver FAQ at
> http://www.osronline.com/article.cfm?id=256
>
> You are currently subscribed to ntdev as: xxxxx@omron.com.ph
> To unsubscribe send a blank email to
> xxxxx@lists.osr.com
> —
> Questions? First check the Kernel Driver FAQ at
> http://www.osronline.com/article.cfm?id=256
>
> You are currently subscribed to ntdev as: xxxxx@hollistech.com
> To unsubscribe send a blank email to
> xxxxx@lists.osr.com
>
>
>
>
>
>
> —
> Questions? First check the Kernel Driver FAQ at
> http://www.osronline.com/article.cfm?id=256
>
> You are currently subscribed to ntdev as: xxxxx@omron.com.ph To
> unsubscribe send a blank email to xxxxx@lists.osr.com
>
>
>
> —
> Questions? First check the Kernel Driver FAQ at
http://www.osronline.com/article.cfm?id=256
>
> You are currently subscribed to ntdev as: xxxxx@ybwork.com
> To unsubscribe send a blank email to xxxxx@lists.osr.com
>
—
Questions? First check the Kernel Driver FAQ at
http://www.osronline.com/article.cfm?id=256
You are currently subscribed to ntdev as: xxxxx@osr.com
To unsubscribe send a blank email to xxxxx@lists.osr.com
Or it is not an event. He did say he was waiting on a thread. Rikki forgot
to post the relevant code segment. My ESP-enabled source code browser is
malfunctioning, so I’ll avoid further speculation 
-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Tony Mason
Sent: Friday, July 09, 2004 5:41 AM
To: Windows System Software Devs Interest List
Subject: RE: [ntdev] IRQL ErrorActually, this is a reasonable IRQL for KeWaitForSingleObject
(SYNCH_LEVEL) and the final error is a null pointer deref,
but the call to KeWaitForSingleObject shows a non-null first
parameter. Thus, it is more likely that the event is not
initialized. If I had to guess, I suspect you will find that
ECX was just loaded from the first parameters, now that value
is being dereferenced and (unfortunately) ECX = 0.Regards,
Tony
Tony Mason
Consulting Partner
OSR Open Systems Resources, Inc.
http://www.osr.com-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Ray Yang
Sent: Thursday, July 08, 2004 10:49 PM
To: ntdev redirect
Subject: Re: [ntdev] IRQL ErrorObviously, you passed a null-pointer to KeWaitForSingleObject.
Furthermore, that IRQL is also weird. So high???Anyway, I’m sure it’s easy to fix this bug by putting a
breakpoint at KeWaitForSingleObject in you source code. This
will help you to find out which parameter is wrong.Regards,
Ray Yang
xxxxx@ybwork.com
----- Original Message -----
From: “Rikki”
> To: “Windows System Software Devs Interest List”
> Sent: Friday, July 09, 2004 7:00 AM
> Subject: RE: [ntdev] IRQL Error
>
>
> > Here is the bugcheck for the error I am encountering
> >
> >
> >
> ****************************************************
>
> *
> >
> > *
> > *
> > * Bugcheck Analysis
> > *
> > *
> > *
> >
> ****************************************************
>
> *
> >
> >
> > IRQL_NOT_LESS_OR_EQUAL (a)
> > An attempt was made to access a pageable (or completely invalid)
> address
> at
> > an
> > interrupt request level (IRQL) that is too high. This is usually
> > caused by drivers using improper addresses.
> > If a kernel debugger is available get the stack backtrace.
> > Arguments:
> > Arg1: 00000000, memory referenced
> > Arg2: 0000001c, IRQL
> > Arg3: 00000001, value 0 = read operation, 1 = write operation
> > Arg4: 8043aa0c, address which referenced memory
> >
> > Debugging Details:
> > ------------------
> >
> >
> > WRITE_ADDRESS: 00000000
> >
> > CURRENT_IRQL: 1c
> >
> > FAULTING_IP:
> > nt!KeWaitForSingleObject+159
> > 8043aa0c 8939 mov [ecx],edi
> >
> > DEFAULT_BUCKET_ID: DRIVER_FAULT
> >
> > BUGCHECK_STR: 0xA
> >
> > LAST_CONTROL_TRANSFER: from 80438523 to 8049df08
> >
> > STACK_TEXT:
> > bc3d85e8 80438523 00000003 bc3d8630 00000000
> > nt!RtlpBreakWithStatusInstruction
> > bc3d8618 80438b01 00000003 00000000 8043aa0c
> nt!KiBugCheckDebugBreak+0x31
> > bc3d89a0 804b54c0 00000000 00000000 0000001c nt!KeBugCheckEx+0x37b
> > bc3d89a0 8043aa0c 00000000 00000000 0000001c nt!KiTrap0E+0x2a4
> > bc3d8a50 bc034fb8 812a68d0 00000000 00000000
> nt!KeWaitForSingleObject+0x159
> > bc3d8a90 eb799460 812980d8 81298020 812a4008
> toaster!SC_CardTracking+0x98
> > [e:\pcscv2\srcref\toaster\func\featured1\scard.c @ 803]
> > bc3d8bb8 bc0385ab 00000000 812a4000 00000000
> > SMCLIB!SmartcardDeviceControl+0x48a
> > bc3d8bd4 bc038797 81298020 812a4008 00000000
> > toaster!ToasterDispatchIoctl+0x4b
> > [e:\pcscv2\srcref\toaster\func\featured1\toaster.c @ 1216] bc3d8bfc
> > 80424606 81298020 812a4008 812a4008
> toaster!ToasterDispatchIO+0xf7
> > [e:\pcscv2\srcref\toaster\func\featured1\toaster.c @ 1319]
> > bc3d8c14 80526410 812a409c 00000000 812a4008 nt!IopfCallDriver+0x4f
> > bc3d8c28 80527528 81298020 812a4008 81317868
> > nt!IopSynchronousServiceTail+0x94
> > bc3d8cf4 8051c7ca 000000bc 00000110 00000000
> nt!IopXxxControlFile+0x610
> > bc3d8d28 804b19ba 000000bc 00000110 00000000
> nt!NtDeviceIoControlFile+0x28
> > bc3d8d28 77f7869b 000000bc 00000110 00000000
> nt!KiSystemService+0x10a
> > 009efe24 77e5b556 000000bc 00000110 00000000
> ntdll!NtDeviceIoControlFile+0xb
> > 009efe88 0100f2bb 000000bc 00310028 00000000
> KERNEL32!DeviceIoControl+0x7a
> > 009effb4 77e5d4a3 00000003 00000000 00000028
> SCardSvr!MonitorReader+0x24b
> > 009effec 00000000 0100f070 00274c38 00000000
> KERNEL32!BaseThreadStart+0x52
> >
> >
> > FOLLOWUP_IP:
> > toaster!SC_CardTracking+98
> [e:\pcscv2\srcref\toaster\func\featured1\scard.c
> > @ 803]
> > bc034fb8 8945e0 mov [ebp-0x20],eax
> >
> > FOLLOWUP_NAME: MachineOwner
> >
> > SYMBOL_NAME: toaster!SC_CardTracking+98
> >
> > MODULE_NAME: toaster
> >
> > IMAGE_NAME: toaster.sys
> >
> > DEBUG_FLR_IMAGE_TIMESTAMP: 40edcdcb
> >
> > STACK_COMMAND: kb
> >
> > BUCKET_ID: 0xA_W_toaster!SC_CardTracking+98
> >
> > Followup: MachineOwner
> > ---------
> >
> >
> > -----Original Message-----
> > From: xxxxx@lists.osr.com
> > [mailto:xxxxx@lists.osr.com] On Behalf Of Mark Roddy
> > Sent: Friday, July 09, 2004 6:33 AM
> > To: Windows System Software Devs Interest List
> > Subject: RE: [ntdev] IRQL Error
> >
> > Rikki,
> >
> > Please collect the output from windbg’s analyze -v command
> after your
> > bugcheck and post it. In addition provide us with the exact code
> segment
> > that calls KeWaitForSingleObject. You have a bug in your code
> (obviously)
> > and without that information we can only guess at what you have done
> wrong.
> > Most likely this is simply a bad pointer value passed into
> > KeWaitForSingleObject.
> >
> >
> >
> >
> > From: xxxxx@lists.osr.com
> > [mailto:xxxxx@lists.osr.com] On Behalf Of Rikki
> > Sent: Thursday, July 08, 2004 6:20 PM
> > To: Windows System Software Devs Interest List
> > Subject: RE: [ntdev] IRQL Error
> >
> >
> > I checked the IRQL KeIGetCurrentIrql returns 0 but the
> bugcheck says i
> > am running at irql 1c… how can i lower the IRQL to DPC level?
> >
> >
> >
> > From: xxxxx@lists.osr.com
> > [mailto:xxxxx@lists.osr.com] On Behalf Of
> > xxxxx@3Dlabs.com
> > Sent: Thursday, July 08, 2004 4:54 PM
> > To: Windows System Software Devs Interest List
> > Subject: RE: [ntdev] IRQL Error
> >
> >
> > Not sure how this is related to PsCreateSystemThread, but certainly
> > IRQL_LESS_THAN_OR_EQUAL is an indication that you’re trying to wait
> when
> > you’re at an inappropriate level of IRQL.
> >
> > Copied from DDK docs:
> > Callers of KeWaitForSingleObject must be running at IRQL <=
> > DISPATCH_LEVEL
> >
> > Check the IRQL of the thread that is doing the waiting…
> > –
> > Mats
> >
> > -----Original Message-----
> > From: xxxxx@lists.osr.com
> > [mailto:xxxxx@lists.osr.com]On Behalf Of Rikki
> > Sent: Thursday, July 08, 2004 9:30 AM
> > To: Windows System Software Devs Interest List
> > Subject: [ntdev] IRQL Error
> >
> >
> > Hello Everybody,
> >
> > Why to i get IRQL_LESS_THAN_OR_EQUAL_TO in my call to
> > KeWaitforSingleObject on a thread Created with
> PsCreateSystemThread? I
> am
> > trying to emulate the code shown here in the SYSTEM THREADS section
> of
> > walter ONEY’s Programming the windows driver model.
> >
> > Best Regards,
> > Rikki Tamayo
> > —
> > Questions? First check the Kernel Driver FAQ at
> > http://www.osronline.com/article.cfm?id=256
> >
> > You are currently subscribed to ntdev as:
> > xxxxx@3dlabs.com
> > To unsubscribe send a blank email to
> > xxxxx@lists.osr.com
> >
> > —
> > Questions? First check the Kernel Driver FAQ at
> > http://www.osronline.com/article.cfm?id=256
> >
> > You are currently subscribed to ntdev as: xxxxx@omron.com.ph To
> > unsubscribe send a blank email to xxxxx@lists.osr.com
> > —
> > Questions? First check the Kernel Driver FAQ at
> > http://www.osronline.com/article.cfm?id=256
> >
> > You are currently subscribed to ntdev as: xxxxx@hollistech.com To
> > unsubscribe send a blank email to xxxxx@lists.osr.com
> >
> >
> >
> >
> >
> >
> > —
> > Questions? First check the Kernel Driver FAQ at
> > http://www.osronline.com/article.cfm?id=256
> >
> > You are currently subscribed to ntdev as: xxxxx@omron.com.ph To
> > unsubscribe send a blank email to xxxxx@lists.osr.com
> >
> >
> >
> > —
> > Questions? First check the Kernel Driver FAQ at
> http://www.osronline.com/article.cfm?id=256
> >
> > You are currently subscribed to ntdev as: xxxxx@ybwork.com To
> > unsubscribe send a blank email to xxxxx@lists.osr.com
> >
>
>
> —
> Questions? First check the Kernel Driver FAQ at
> http://www.osronline.com/article.cfm?id=256
>
> You are currently subscribed to ntdev as: xxxxx@osr.com To
> unsubscribe send a blank email to xxxxx@lists.osr.com
>
>
>
> —
> Questions? First check the Kernel Driver FAQ at
> http://www.osronline.com/article.cfm?id=256
>
> You are currently subscribed to ntdev as:
> xxxxx@hollistech.com To unsubscribe send a blank email to
> xxxxx@lists.osr.com
>