Hey guys, I was doing a long-running test on a partial checked build of
W2K3 (hal, kernel, fltmgr), and ran across a surprising exception when I
ran fltmc (bare, just to see what was loaded):
EX: resource: APCs still enabled before resource 811918C0 acquire !!!
Break instruction exception - code 80000003 (first chance)
This resource isn’t one of mine:
kd> !locks 811918C0
Resource @ nt!IopDatabaseResource (0x811918c0) Available
Stupidly, I didn’t get a stack trace, but it was in fltmgr code (from
the calls window).
Now the documentation for KeEnter/LeaveCriticalRegion is a little silent
on the point of what happens when you call KeLeaveCriticalRegion more
times than you call KeEnter, but I’m wondering if I have an error where
I’m doing just that somewhere in my driver. Is that possible?
In this thread:
http://www.osronline.com/showThread.cfm?link=100664
in the last post, Doron Holan from Microsoft indicates that this is a
per-thread count, so I would imagine I’d be pretty pressed to screw up
somebody else’s CR count. I’ve got the info in the calls window still
open, and the stack trace I have there doesn’t indicate that this is
happening in a system worker thread, which seems to rule out the
possibility that I’ve called Enter in one thread, and Leave in a worker
thread, though I’ll check to make sure I don’t do that anywhere.
Any ideas where I should start looking (other than potentially calling
Enter and Leave in different thread contexts, which would be a major
screw-up for other reasons, since I’m only calling them when I
ExAcquireResource… or ExReleaseResource…)
Thanks,
~Eric
I typed this in from the Calls window in windbg, I’m a little fuzzy on
the inconsistency between the error message and the call stack (unless
the error message is getting printed on the way in and the dbgbreakpoint
happens on the way out, of course)
nt!DbgBreakPoint
nt!ExCheckIfKernelApcsShouldBeDisabled
nt!ExReleaseResourceLite
nt!IoEnumerateRegisteredFiltersList
fltmgr!FltpEnumerateAggregateFilterInformation
fltmgr!FltpEnumerateFilterInformation
fltmgr!FltpFindNext
fltmgr!FltpCommonDeviceControl
fltmgr!FltpControlDispatch
fltmgr!FltpDispatch
nt!IovCallDriver
nt!IofCallDriver
nt!IopSynchronousServiceTail
nt!IopXxxControlFile
nt!NtDeviceIoControlFile
nt!KiFastCallEntry
ntdll!KiFastSystemCallRet
ntdll!NtDeviceIoControlFile
FLTLIB!FilterpDeviceIoControl
FLTLIB!FilterFindNext
fltmc!ListFiltersCommand
fltmc!wmain
fltmc!wmainCRTStartup
kernel32!BaseProcessStart