I am new in driver world. Looking for a light from anyone. Also is my assumption right that as one of the driver thread owning the fastmutex and taking time to release others are waiting for the resource make the system hanged - not a real deadlock? I can provide more data if required - I have the source code, pdb file and the dump.
Here is the summary of what windbg get from the manual crash dump:
Blocking Locks Summary
No.Type Lock Addr Owner Thread Owner Wait Time Owner Waiting On Owner Function
1 !er f55c0c10 !t 8a468d38 1m:59.703s No. 4 MyDriver+0xfdaa
2 !er f55c0ce0 !t 8c052db0 1m:59.703s !t 8bf8f650 MyDriver+0x402
3 !er 8bf873d4 !t 8a468d38 1m:59.703s No. 4 MyDriver+0xfdaa
4 !er 8a0aecb4 !t 89f8c110 1m:59.703s No. 2 MyDriver+0x2aaa
5 !er 8b178ed4 !t 8c052db0 1m:59.703s !t 8bf8f650 MyDriver+0x402
1: kd>!thread 8a468d38
THREAD 8a468d38 Cid 0004.061c Teb: 00000000 Win32Thread: 00000000 WAIT: (Unknown) KernelMode Non-Alertable
8a7d9208 SynchronizationEvent
8a468db0 NotificationTimer
IRP List:
89f33008: (0006,0094) Flags: 00000884 Mdl: 00000000
Impersonation token: e50f0d48 (Level Impersonation)
Owning Process 8cb63648 Image: System
Wait Start TickCount 32386641 Ticks: 205 (0:00:00:03.203)
Context Switch Count 237
UserTime 00:00:00.0000
KernelTime 00:00:00.0000
Start Address srv!WorkerThread (0xf577c394)
Stack Init f366b000 Current f366a4bc Base f366b000 Limit f3668000 Call 0
Priority 14 BasePriority 9 PriorityDecrement 5
ChildEBP RetAddr Args to Child
f366a4d4 80832f7a 8a468db0 8a468d38 8a468de0 nt!KiSwapContext+0x26 (FPO: [Uses EBP] [0,0,4])
f366a500 8082925c 8a468d38 8a0aecb4 00000000 nt!KiSwapThread+0x284 (FPO: [Non-Fpo])
f366a548 8087c1ad 8a7d9208 0000001b 00000000 nt!KeWaitForSingleObject+0x346 (FPO: [Non-Fpo])
f366a584 8087c3a1 00000000 8a7ab468 f366a880 nt!ExpWaitForResource+0xd5 (FPO: [Non-Fpo])
f366a5a4 f55cedaa 8a0aecb4 8a7ab401 00000000 nt!ExAcquireResourceExclusiveLite+0x8d (FPO: [Non-Fpo])
WARNING: Stack unwind information not available. Following frames may be wrong.
f366a5d8 f55ce434 8a7ab401 8a0aec70 00000001 MyDriver+0xfdaa
f366a6cc f55c7000 8a7ab468 e50f0d48 f366a90c MyDriver+0xf434
f366a888 f55c7fdf 8a7ab468 89f33008 8bfdc520 MyDriver+0x8000
f366a8cc 8081dcdf 8bf89500 89f33008 89f33008 MyDriver+0x8fdf
f366a8e0 808f8275 8b030f90 8b0d8258 00000000 nt!IofCallDriver+0x45 (FPO: [Non-Fpo])
f366a9c8 808f86bc 8bf89500 00000000 8b7000e0 nt!IopParseDevice+0xa35 (FPO: [Non-Fpo])
f366aa00 80936689 8b030f90 00000000 8b7000e0 nt!IopParseFile+0x46 (FPO: [Non-Fpo])
f366aa80 80932e04 00001154 f366aac0 00000040 nt!ObpLookupObjectName+0x11f (FPO: [Non-Fpo])
f366aad4 808ea231 00000000 00000000 6d0c3800 nt!ObOpenObjectByName+0xea (FPO: [Non-Fpo])
f366ab50 808eb4cb f366acd8 00000080 f366aca8 nt!IopCreateFile+0x447 (FPO: [Non-Fpo])
f366abac f5781efd f366acd8 00000080 f366aca8 nt!IoCreateFile+0xa3 (FPO: [Non-Fpo])
f366ac1c f57c5307 8c2a6328 f366acd8 00000080 srv!SrvIoCreateFile+0x36d (FPO: [Non-Fpo])
f366acec f57c0424 8c2a6328 8c2a6328 80881ad0 srv!COLDP__SrvSnapEnumerateSnapShots+0x282c
f366ad78 f5766bc6 8c2a6330 8c2e1260 f577c451 srv!_NULL_IMPORT_DESCRIPTOR (srv+0x5b424)
f366ad84 f577c451 00000000 8a468d38 00000000 srv!SrvProcessSmb+0xb7 (FPO: [0,0,0])
f366adac 80948bd0 002e1260 00000000 00000000 srv!WorkerThread+0x138 (FPO: [Non-Fpo])
f366addc 8088d4e2 f577c394 8c2e1260 00000000 nt!PspSystemThreadStartup+0x2e (FPO: [Non-Fpo])
00000000 00000000 00000000 00000000 00000000 nt!KiThreadStartup+0x16
1: kd> !locks -v 8a0aecb4
Resource @ 0x8a0aecb4 Exclusively owned
Contention Count = 359
NumberOfExclusiveWaiters = 1
Threads: 89f8c110-01<*>
THREAD 89f8c110 Cid 0004.0224 Teb: 00000000 Win32Thread: 00000000 WAIT: (Unknown) KernelMode Non-Alertable
8bf99c50 SynchronizationEvent
89f8c188 NotificationTimer
IRP List:
89cdfd78: (0006,0094) Flags: 00000884 Mdl: 00000000
Impersonation token: e50f0d48 (Level Impersonation)
Owning Process 8cb63648 Image: System
Wait Start TickCount 32386641 Ticks: 205 (0:00:00:03.203)
Context Switch Count 256
UserTime 00:00:00.0000
KernelTime 00:00:00.0000
Start Address srv!WorkerThread (0xf577c394)
Stack Init f3c03000 Current f3c02568 Base f3c03000 Limit f3c00000 Call 0
Priority 14 BasePriority 9 PriorityDecrement 5
ChildEBP RetAddr
f3c02580 80832f7a nt!KiSwapContext+0x26 (FPO: [Uses EBP] [0,0,4])
f3c025ac 8082925c nt!KiSwapThread+0x284 (FPO: [Non-Fpo])
f3c025f4 8087c1ad nt!KeWaitForSingleObject+0x346 (FPO: [Non-Fpo])
f3c02630 8087c3a1 nt!ExpWaitForResource+0xd5 (FPO: [Non-Fpo])
f3c02650 f55c1aaa nt!ExAcquireResourceExclusiveLite+0x8d (FPO: [Non-Fpo])
f3c02690 f55c793b MyDriver+0x2aaa
f3c02888 f55c7fdf MyDriver+0x893b
00000000 00000000 MyDriver+0x8fdf
Threads Waiting On Exclusive Access:
8a468d38
1 total locks, 1 locks currently held
you said you have the PDB and the source, but why is it not loaded ? if the
symbol path is properly set the stack trace should have showed ur function
names instead of offsets. the command “!analyze -v” will in most cases
explain clearly what the problem is if proper pdb is loaded. so try it
wrote in message news:xxxxx@ntdev…
>I am new in driver world. Looking for a light from anyone. Also is my
>assumption right that as one of the driver thread owning the fastmutex and
>taking time to release others are waiting for the resource make the system
>hanged - not a real deadlock? I can provide more data if required - I have
>the source code, pdb file and the dump.
>
> Here is the summary of what windbg get from the manual crash dump:
>
> Blocking Locks Summary
>
> No.Type Lock Addr Owner Thread Owner Wait Time Owner Waiting On Owner
> Function
> 1 !er f55c0c10 !t 8a468d38 1m:59.703s No. 4
> MyDriver+0xfdaa
> 2 !er f55c0ce0 !t 8c052db0 1m:59.703s !t 8bf8f650
> MyDriver+0x402
> 3 !er 8bf873d4 !t 8a468d38 1m:59.703s No. 4
> MyDriver+0xfdaa
> 4 !er 8a0aecb4 !t 89f8c110 1m:59.703s No. 2
> MyDriver+0x2aaa
> 5 !er 8b178ed4 !t 8c052db0 1m:59.703s !t 8bf8f650
> MyDriver+0x402
>
>
> 1: kd>!thread 8a468d38
>
> THREAD 8a468d38 Cid 0004.061c Teb: 00000000 Win32Thread: 00000000 WAIT:
> (Unknown) KernelMode Non-Alertable
> 8a7d9208 SynchronizationEvent
> 8a468db0 NotificationTimer
> IRP List:
> 89f33008: (0006,0094) Flags: 00000884 Mdl: 00000000
> Impersonation token: e50f0d48 (Level Impersonation)
> Owning Process 8cb63648 Image: System
> Wait Start TickCount 32386641 Ticks: 205 (0:00:00:03.203)
> Context Switch Count 237
> UserTime 00:00:00.0000
> KernelTime 00:00:00.0000
> Start Address srv!WorkerThread (0xf577c394)
> Stack Init f366b000 Current f366a4bc Base f366b000 Limit f3668000 Call 0
> Priority 14 BasePriority 9 PriorityDecrement 5
>
> ChildEBP RetAddr Args to Child
> f366a4d4 80832f7a 8a468db0 8a468d38 8a468de0 nt!KiSwapContext+0x26 (FPO:
> [Uses EBP] [0,0,4])
> f366a500 8082925c 8a468d38 8a0aecb4 00000000 nt!KiSwapThread+0x284 (FPO:
> [Non-Fpo])
> f366a548 8087c1ad 8a7d9208 0000001b 00000000
> nt!KeWaitForSingleObject+0x346 (FPO: [Non-Fpo])
> f366a584 8087c3a1 00000000 8a7ab468 f366a880 nt!ExpWaitForResource+0xd5
> (FPO: [Non-Fpo])
> f366a5a4 f55cedaa 8a0aecb4 8a7ab401 00000000
> nt!ExAcquireResourceExclusiveLite+0x8d (FPO: [Non-Fpo])
> WARNING: Stack unwind information not available. Following frames may be
> wrong.
> f366a5d8 f55ce434 8a7ab401 8a0aec70 00000001 MyDriver+0xfdaa
> f366a6cc f55c7000 8a7ab468 e50f0d48 f366a90c MyDriver+0xf434
> f366a888 f55c7fdf 8a7ab468 89f33008 8bfdc520 MyDriver+0x8000
> f366a8cc 8081dcdf 8bf89500 89f33008 89f33008 MyDriver+0x8fdf
> f366a8e0 808f8275 8b030f90 8b0d8258 00000000 nt!IofCallDriver+0x45 (FPO:
> [Non-Fpo])
> f366a9c8 808f86bc 8bf89500 00000000 8b7000e0 nt!IopParseDevice+0xa35 (FPO:
> [Non-Fpo])
> f366aa00 80936689 8b030f90 00000000 8b7000e0 nt!IopParseFile+0x46 (FPO:
> [Non-Fpo])
> f366aa80 80932e04 00001154 f366aac0 00000040 nt!ObpLookupObjectName+0x11f
> (FPO: [Non-Fpo])
> f366aad4 808ea231 00000000 00000000 6d0c3800 nt!ObOpenObjectByName+0xea
> (FPO: [Non-Fpo])
> f366ab50 808eb4cb f366acd8 00000080 f366aca8 nt!IopCreateFile+0x447 (FPO:
> [Non-Fpo])
> f366abac f5781efd f366acd8 00000080 f366aca8 nt!IoCreateFile+0xa3 (FPO:
> [Non-Fpo])
> f366ac1c f57c5307 8c2a6328 f366acd8 00000080 srv!SrvIoCreateFile+0x36d
> (FPO: [Non-Fpo])
> f366acec f57c0424 8c2a6328 8c2a6328 80881ad0
> srv!COLDP__SrvSnapEnumerateSnapShots+0x282c
> f366ad78 f5766bc6 8c2a6330 8c2e1260 f577c451 srv!_NULL_IMPORT_DESCRIPTOR
> (srv+0x5b424)
> f366ad84 f577c451 00000000 8a468d38 00000000 srv!SrvProcessSmb+0xb7 (FPO:
> [0,0,0])
> f366adac 80948bd0 002e1260 00000000 00000000 srv!WorkerThread+0x138 (FPO:
> [Non-Fpo])
> f366addc 8088d4e2 f577c394 8c2e1260 00000000
> nt!PspSystemThreadStartup+0x2e (FPO: [Non-Fpo])
> 00000000 00000000 00000000 00000000 00000000 nt!KiThreadStartup+0x16
>
> 1: kd> !locks -v 8a0aecb4
>
> Resource @ 0x8a0aecb4 Exclusively owned
> Contention Count = 359
> NumberOfExclusiveWaiters = 1
> Threads: 89f8c110-01<*>
>
> THREAD 89f8c110 Cid 0004.0224 Teb: 00000000 Win32Thread: 00000000
> WAIT: (Unknown) KernelMode Non-Alertable
> 8bf99c50 SynchronizationEvent
> 89f8c188 NotificationTimer
> IRP List:
> 89cdfd78: (0006,0094) Flags: 00000884 Mdl: 00000000
> Impersonation token: e50f0d48 (Level Impersonation)
> Owning Process 8cb63648 Image: System
> Wait Start TickCount 32386641 Ticks: 205 (0:00:00:03.203)
> Context Switch Count 256
> UserTime 00:00:00.0000
> KernelTime 00:00:00.0000
> Start Address srv!WorkerThread (0xf577c394)
> Stack Init f3c03000 Current f3c02568 Base f3c03000 Limit f3c00000 Call
> 0
> Priority 14 BasePriority 9 PriorityDecrement 5
> ChildEBP RetAddr
> f3c02580 80832f7a nt!KiSwapContext+0x26 (FPO: [Uses EBP] [0,0,4])
> f3c025ac 8082925c nt!KiSwapThread+0x284 (FPO: [Non-Fpo])
> f3c025f4 8087c1ad nt!KeWaitForSingleObject+0x346 (FPO: [Non-Fpo])
> f3c02630 8087c3a1 nt!ExpWaitForResource+0xd5 (FPO: [Non-Fpo])
> f3c02650 f55c1aaa nt!ExAcquireResourceExclusiveLite+0x8d (FPO:
> [Non-Fpo])
>
> f3c02690 f55c793b MyDriver+0x2aaa
> f3c02888 f55c7fdf MyDriver+0x893b
> 00000000 00000000 MyDriver+0x8fdf
>
>
> Threads Waiting On Exclusive Access:
> 8a468d38
>
> 1 total locks, 1 locks currently held
>
>