Hi,
I am running HCK tests on my serial driver. So far all tests have passed. But the test “WHCK Fuzz zero length buffer IOCTL test” freezes the system. WHen i attach the debugger, i find that it is getting stuck at WDF functions. Earlier it got stuck at a function WDFStringCreate(). I removed this function since it was dead code. However at the next function WdfDeviceOpenRegistryKey the debugger again throws an error “Break instruction exception - code 80000003 (first chance)”. WHen i press “g” it execution continues but it again gets stuck at the same functino in some later iteration.
A few notes before i post the debugger output.
-
If i keep pressing “g” everytime it is stuck the test eventually runs to completion successfully.
-
This function gets called as a part of processing an IOCTL request IOCTL_RESET_DEVICE.
When i tried to see if the function WdfDeviceOpenRegistryKey returns any error value, by turninig on DbgView, I see that the driver is receving only an unknown IOCTL all the times and the IOCTL_RESET_DEVICE never got called. -
I am not acquiring any spinlocks etc while calling the function WdfDeviceOpenRegistryKey. So this function is getting called at PASSIVE_LEVEL only.
The parameters for this function were already validated before this function is called. -
The function ResetDevice() which gets called during this IOCTL request is also getting called while the driver loads and there i am not seeing this problem with WdfDeviceOpenRegistryKey function.
-
I couldn’t generate the output of WDFKD.WDFLOGDUMP because there some problem with .tmf files on my system.
Below is the output of !analyze -v and output of “kb” command.
onnected to Windows 7 7601 x86 compatible target at (Mon Nov 24 18:58:40.700 2014 (UTC + 5:30)), ptr64 FALSE
Loading Kernel Symbols
…
…
Press ctrl-c (cdb, kd, ntsd) or ctrl-break (windbg) to abort symbol loads that take too long.
Run !sym noisy before .reload to track down problems loading symbols.
…
…
Loading User Symbols
…
…
Loading unloaded module list
…
*** ERROR: Module load completed but symbols could not be loaded for Te.exe
*** ERROR: Symbol file could not be found. Defaulted to export symbols for WDTFFuzzTestAction.dll -
*** ERROR: Symbol file could not be found. Defaulted to export symbols for WDTF.DLL -
*** ERROR: Module load completed but symbols could not be loaded for CustomMarshalers.dll
*** WARNING: Unable to verify checksum for CustomMarshalers.ni.dll
*** ERROR: Module load completed but symbols could not be loaded for CustomMarshalers.ni.dll
*** ERROR: Symbol file could not be found. Defaulted to export symbols for WDTFSystemAction.dll -
*** ERROR: Symbol file could not be found. Defaulted to export symbols for WDTFEDTAction.dll -
*** ERROR: Symbol file could not be found. Defaulted to export symbols for System.Data.dll -
*** WARNING: Unable to verify checksum for System.Data.ni.dll
*** ERROR: Module load completed but symbols could not be loaded for System.Data.ni.dll
*** WARNING: Unable to verify checksum for System.Core.ni.dll
*** ERROR: Module load completed but symbols could not be loaded for System.Core.ni.dll
*** WARNING: Unable to verify checksum for System.Xml.ni.dll
*** ERROR: Module load completed but symbols could not be loaded for System.Xml.ni.dll
*** WARNING: Unable to verify checksum for mscorlib.ni.dll
*** ERROR: Module load completed but symbols could not be loaded for mscorlib.ni.dll
Unable to read KiBugCheckData
Unable to read KiBugCheckData
*** ERROR: Symbol file could not be found. Defaulted to export symbols for WDTFSystemPowerStatesData.dll -
*** ERROR: Symbol file could not be found. Defaulted to export symbols for WDTFSystemData.dll -
*** ERROR: Symbol file could not be found. Defaulted to export symbols for WDTFSystemCurrentProcessdata.dll -
*** ERROR: Symbol file could not be found. Defaulted to export symbols for WDTFSystemCommandLineData.dll -
*** ERROR: Symbol file could not be found. Defaulted to export symbols for WDTFSystemBatteryData.dll -
*** ERROR: Module load completed but symbols could not be loaded for MSVCR100_CLR0400.dll
*** ERROR: Symbol file could not be found. Defaulted to export symbols for WDTFCurrentSystemPowerPolicyData.dll -
*** ERROR: Symbol file could not be found. Defaulted to export symbols for WDTFWindowsData.dll -
*** ERROR: Symbol file could not be found. Defaulted to export symbols for WDTFVolumeData.dll -
*** ERROR: Symbol file could not be found. Defaulted to export symbols for WDTFUSBHubData.dll -
*** ERROR: Symbol file could not be found. Defaulted to export symbols for WDTFUSBData.dll -
*** ERROR: Symbol file could not be found. Defaulted to export symbols for WDTFStorageMediaData.dll -
*** WARNING: Unable to verify checksum for System.Configuration.ni.dll
*** ERROR: Module load completed but symbols could not be loaded for System.Configuration.ni.dll
*** WARNING: Unable to verify checksum for System.ni.dll
*** ERROR: Module load completed but symbols could not be loaded for System.ni.dll
*** ERROR: Symbol file could not be found. Defaulted to export symbols for clrjit.dll -
*** ERROR: Symbol file could not be found. Defaulted to export symbols for nlssorting.dll -
*** ERROR: Symbol file could not be found. Defaulted to export symbols for clr.dll -
*** ERROR: Symbol file could not be found. Defaulted to export symbols for WDTFNetData.dll -
*** ERROR: Symbol file could not be found. Defaulted to export symbols for WDTFOpticalMediaData.dll -
*** ERROR: Symbol file could not be found. Defaulted to export symbols for WDTFIoSpyData.dll -
*** ERROR: Symbol file could not be found. Defaulted to export symbols for WDTFEDTData.dll -
*** ERROR: Symbol file could not be found. Defaulted to export symbols for WDTFDnWdfData.dll -
*** ERROR: Symbol file could not be found. Defaulted to export symbols for mscoreei.dll -
*** ERROR: Symbol file could not be found. Defaulted to export symbols for MSCorEE.dll -
*** ERROR: Symbol file could not be found. Defaulted to export symbols for WDTFDevnodeInfData.dll -
*** ERROR: Symbol file could not be found. Defaulted to export symbols for WDTFDevnodeData.dll -
*** ERROR: Symbol file could not be found. Defaulted to export symbols for WDTFDiskData.dll -
*** ERROR: Symbol file could not be found. Defaulted to export symbols for WDTFDevnodeInterfaceData.dll -
*** ERROR: Symbol file could not be found. Defaulted to export symbols for WDTFDevnodeCapabilitiesData.dll -
*** ERROR: Module load completed but symbols could not be loaded for Wex.Common.Managed.dll
*** ERROR: Module load completed but symbols could not be loaded for WTTLog.dll
*** ERROR: Symbol file could not be found. Defaulted to export symbols for TE.Loaders.dll -
*** ERROR: Module load completed but symbols could not be loaded for Wex.Logger.dll
*** ERROR: Symbol file could not be found. Defaulted to export symbols for Wex.Communication.dll -
*** ERROR: Symbol file could not be found. Defaulted to export symbols for Wex.Common.dll -
*** ERROR: Module load completed but symbols could not be loaded for TE.Model.dll
*** ERROR: Module load completed but symbols could not be loaded for Te.Common.dll
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
Unknown bugcheck code (0)
Unknown bugcheck description
Arguments:
Arg1: 00000000
Arg2: 00000000
Arg3: 00000000
Arg4: 00000000
Debugging Details:
*** ERROR: Module load completed but symbols could not be loaded for MSDMFilt.sys
The version of SOS does not match the version of CLR you are debugging. Please
load the matching version of SOS for the version of CLR you are debugging.
CLR Version: 4.0.30319.1
SOS Version: 4.0.30319.18047
Failed to load data access DLL, 0x80004005
Verify that 1) you have a recent build of the debugger (6.2.14 or newer)
2) the file mscordacwks.dll that matches your version of clr.dll is
in the version directory or on the symbol path
3) or, if you are debugging a dump file, verify that the file
mscordacwks_.dll is on your symbol path.
4) you are debugging on supported cross platform architecture as
the dump file. For example, an ARM dump file must be debugged
on an X86 or an ARM machine; an AMD64 dump file must be
debugged on an AMD64 machine.
You can also run the debugger command .cordll to control the debugger’s
load of mscordacwks.dll. .cordll -ve -u -l will do a verbose reload.
If that succeeds, the SOS command should work on retry.
If you are debugging a minidump, you need to make sure that your executable
path is pointing to clr.dll as well.
The version of SOS does not match the version of CLR you are debugging. Please
load the matching version of SOS for the version of CLR you are debugging.
CLR Version: 4.0.30319.1
SOS Version: 4.0.30319.18047
Failed to load data access DLL, 0x80004005
Verify that 1) you have a recent build of the debugger (6.2.14 or newer)
2) the file mscordacwks.dll that matches your version of clr.dll is
in the version directory or on the symbol path
3) or, if you are debugging a dump file, verify that the file
mscordacwks_.dll is on your symbol path.
4) you are debugging on supported cross platform architecture as
the dump file. For example, an ARM dump file must be debugged
on an X86 or an ARM machine; an AMD64 dump file must be
debugged on an AMD64 machine.
You can also run the debugger command .cordll to control the debugger’s
load of mscordacwks.dll. .cordll -ve -u -l will do a verbose reload.
If that succeeds, the SOS command should work on retry.
If you are debugging a minidump, you need to make sure that your executable
path is pointing to clr.dll as well.
PROCESS_NAME: Te.exe
FAULTING_IP:
nt!DbgBreakPoint+0
848c1848 cc int 3
EXCEPTION_RECORD: ffffffff – (.exr 0xffffffffffffffff)
ExceptionAddress: 848c1848 (nt!DbgBreakPoint)
ExceptionCode: 80000003 (Break instruction exception)
ExceptionFlags: 00000000
NumberParameters: 3
Parameter[0]: 00000000
Parameter[1]: 8d5cdd48
Parameter[2]: 00000000
ERROR_CODE: (NTSTATUS) 0x80000003 - {EXCEPTION} Breakpoint A breakpoint has been reached.
EXCEPTION_CODE: (HRESULT) 0x80000003 (2147483651) - One or more arguments are invalid
EXCEPTION_PARAMETER1: 00000000
EXCEPTION_PARAMETER2: 8d5cdd48
EXCEPTION_PARAMETER3: 00000000
DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT
BUGCHECK_STR: 0x0
CURRENT_IRQL: 2
MANAGED_STACK: !dumpstack -EE
The version of SOS does not match the version of CLR you are debugging. Please
load the matching version of SOS for the version of CLR you are debugging.
CLR Version: 4.0.30319.1
SOS Version: 4.0.30319.18047
Failed to load data access DLL, 0x80004005
Some functionality may be impaired
OS Thread Id: 0x0 (0)
TEB information is not available so a stack size of 0xFFFF is assumed
Current frame:
ChildEBP RetAddr Caller, Callee
LAST_CONTROL_TRANSFER: from 8745d176 to 848c1848
STACK_TEXT:
8b939428 8745d176 91b5efa8 90662110 848156ee nt!DbgBreakPoint
8b93944c 90661d80 91b48fd0 6e5654a8 00000001 Wdf01000!imp_WdfDeviceOpenRegistryKey+0xfc
8b93946c 90666f5d 6e5654a8 00000001 000f003f PortDriver!WdfDeviceOpenRegistryKey+0x30 [c:\program files\windows kits\8.0\include\wdf\kmdf\1.11\wdfdevice.h @ 2430]
8b9395b8 90666504 6e5654a8 9066cd16 0000000e PortDriver!GetRegistryKeyValue+0x8d [d:\24-11-2014\1.0.0.13\1.0.0.13\registry.c @ 93]
8b9395ec 906664b5 6e5654a8 91a9acd0 5f00000a PortDriver!StartUpDevice+0x34 [d:\24-11-2014\1.0.0.13\1.0.0.13\startup.c @ 182]
8b939600 90663e6a 6e5654a8 91bc2fa8 91b48f78 PortDriver!ResetDevice+0x65 [d:\24-11-2014\1.0.0.13\1.0.0.13\startup.c @ 512]
8b939674 874ad674 6e4b91f8 4cafb130 00000000 PortDriver!SerialEvtIoDeviceControl+0x1d5a [d:\24-11-2014\1.0.0.13\1.0.0.13\ioctl.c @ 1416]
8b9396a4 8744066c 6e4b91f8 4cafb130 00000000 Wdf01000!VfEvtIoDeviceControl+0x4f
8b9396e4 87440241 4cafb130 8b939728 b3504ec8 Wdf01000!FxIoQueue::DispatchRequestToDriver+0x3c0
8b939700 874439da 91b46e00 00000000 91b46e00 Wdf01000!FxIoQueue::DispatchEvents+0x4af
8b939720 8744196c 91b46e00 b3504ec8 91a9ac14 Wdf01000!FxIoQueue::QueueRequest+0x204
8b939754 8743bbc2 b3456eb8 918ba360 b3456eb8 Wdf01000!FxPkgIo::Dispatch+0x3ba
8b93977c 8743ba33 918ba360 b3456eb8 8d5db568 Wdf01000!FxDevice::Dispatch+0x155
8b939798 84b796c3 918ba360 b3456eb8 b3456f8c Wdf01000!FxDevice::DispatchWithLock+0x77
8b9397bc 8487dbe0 00000000 b3456fb0 918ba360 nt!IovCallDriver+0x258
8b9397d0 84b8b3d0 8cf1a008 b3456eb8 918beaf0 nt!IofCallDriver+0x1b
8b9397e8 84b796c3 918beba8 b3456eb8 b3456fb0 nt!ViFilterDispatchGeneric+0x5e
8b93980c 8487dbe0 00000000 b3456fd4 918beaf0 nt!IovCallDriver+0x258
8b939820 874c9353 918be968 b3456eb8 00000000 nt!IofCallDriver+0x1b
WARNING: Stack unwind information not available. Following frames may be wrong.
8b939838 874c9068 918be968 b3456eb8 91815008 MSDMFilt+0x2353
8b939a8c 84b796c3 918be968 b3456eb8 b3456fd4 MSDMFilt+0x2068
8b939ab0 8487dbe0 00000000 b3456ff8 918be968 nt!IovCallDriver+0x258
8b939ac4 84b8b3d0 837c20f0 b3456eb8 918be660 nt!IofCallDriver+0x1b
8b939adc 84b796c3 918be718 b3456eb8 8cf1ad90 nt!ViFilterDispatchGeneric+0x5e
8b939b00 8487dbe0 00000000 b3456eb8 918be660 nt!IovCallDriver+0x258
8b939b14 84a72b29 8cf1ad90 b3456eb8 b3456fdc nt!IofCallDriver+0x1b
8b939b34 84a75cfb 918be660 8cf1ad90 00000000 nt!IopSynchronousServiceTail+0x1f8
8b939bd0 84abc63b 918be660 b3456eb8 00000000 nt!IopXxxControlFile+0x6aa
8b939c04 848848fa 00000520 00000000 00000000 nt!NtDeviceIoControlFile+0x2a
8b939c04 77257094 00000520 00000000 00000000 nt!KiFastCallEntry+0x12a
0525f950 77255864 6a60fdd9 00000520 00000000 ntdll!KiFastSystemCallRet
0525f954 6a60fdd9 00000520 00000000 00000000 ntdll!NtDeviceIoControlFile+0xc
0525fc24 6a61bc5f 00800001 00000220 ffffffff WDTFFuzzTestAction+0xfdd9
0525fcb8 6a617004 05013a9c 3574b16e 00000000 WDTFFuzzTestAction!DllUnregisterServer+0x94c8
0525fd08 6a615ff6 0525fd1c 756aed6c 0502ad60 WDTFFuzzTestAction!DllUnregisterServer+0x486d
0525fd10 756aed6c 0502ad60 0525fd5c 7727377b WDTFFuzzTestAction!DllUnregisterServer+0x385f
0525fd1c 7727377b 0502ad60 720a4199 00000000 kernel32!BaseThreadInitThunk+0xe
0525fd5c 7727374e 6a615fe9 0502ad60 00000000 ntdll!__RtlUserThreadStart+0x70
0525fd74 00000000 6a615fe9 0502ad60 00000000 ntdll!_RtlUserThreadStart+0x1b
STACK_COMMAND: kb
FOLLOWUP_IP:
PortDriver!WdfDeviceOpenRegistryKey+30 [c:\program files\windows kits\8.0\include\wdf\kmdf\1.11\wdfdevice.h @ 2430]
90661d80 5d pop ebp
FAULTING_SOURCE_CODE:
2426: WDFKEY* Key
2427: )
2428: {
2429: return ((PFN_WDFDEVICEOPENREGISTRYKEY) WdfFunctions[WdfDeviceOpenRegistryKeyTableIndex])(WdfDriverGlobals, Device, DeviceInstanceKeyType, DesiredAccess, KeyAttributes, Key);
> 2430: }
2431:
2432: //
2433: // WDF Function: WdfDeviceSetSpecialFileSupport
2434: //
2435: typedef
SYMBOL_STACK_INDEX: 2
SYMBOL_NAME: PortDriver!WdfDeviceOpenRegistryKey+30
FOLLOWUP_NAME: MachineOwner
MODULE_NAME: PortDriver
IMAGE_NAME: PortDriver.sys
DEBUG_FLR_IMAGE_TIMESTAMP: 54732ca4
FAILURE_BUCKET_ID: 0x0_VRF_PortDriver!WdfDeviceOpenRegistryKey+30
BUCKET_ID: 0x0_VRF_PortDriver!WdfDeviceOpenRegistryKey+30
Followup: MachineOwner
---------
0: kd> .exr 0xffffffffffffffff
ExceptionAddress: 848c1848 (nt!DbgBreakPoint)
ExceptionCode: 80000003 (Break instruction exception)
ExceptionFlags: 00000000
NumberParameters: 3
Parameter[0]: 00000000
Parameter[1]: 8d5cdd48
Parameter[2]: 00000000
0: kd> kb
ChildEBP RetAddr Args to Child
8b939428 8745d176 91b5efa8 90662110 848156ee nt!DbgBreakPoint
8b93944c 90661d80 91b48fd0 6e5654a8 00000001 Wdf01000!imp_WdfDeviceOpenRegistryKey+0xfc
8b93946c 90666f5d 6e5654a8 00000001 000f003f PortDriver!WdfDeviceOpenRegistryKey+0x30 [c:\program files\windows kits\8.0\include\wdf\kmdf\1.11\wdfdevice.h @ 2430]
8b9395b8 90666504 6e5654a8 9066cd16 0000000e PortDriver!GetRegistryKeyValue+0x8d [d:\24-11-2014\1.0.0.13\1.0.0.13\registry.c @ 93]
8b9395ec 906664b5 6e5654a8 91a9acd0 5f00000a PortDriver!StartUpDevice+0x34 [d:\24-11-2014\1.0.0.13\1.0.0.13\startup.c @ 182]
8b939600 90663e6a 6e5654a8 91bc2fa8 91b48f78 PortDriver!ResetDevice+0x65 [d:\24-11-2014\1.0.0.13\1.0.0.13\startup.c @ 512]
8b939674 874ad674 6e4b91f8 4cafb130 00000000 PortDriver!SerialEvtIoDeviceControl+0x1d5a [d:\24-11-2014\1.0.0.13\1.0.0.13\ioctl.c @ 1416]
8b9396a4 8744066c 6e4b91f8 4cafb130 00000000 Wdf01000!VfEvtIoDeviceControl+0x4f
8b9396e4 87440241 4cafb130 8b939728 b3504ec8 Wdf01000!FxIoQueue::DispatchRequestToDriver+0x3c0
8b939700 874439da 91b46e00 00000000 91b46e00 Wdf01000!FxIoQueue::DispatchEvents+0x4af
8b939720 8744196c 91b46e00 b3504ec8 91a9ac14 Wdf01000!FxIoQueue::QueueRequest+0x204
8b939754 8743bbc2 b3456eb8 918ba360 b3456eb8 Wdf01000!FxPkgIo::Dispatch+0x3ba
8b93977c 8743ba33 918ba360 b3456eb8 8d5db568 Wdf01000!FxDevice::Dispatch+0x155
8b939798 84b796c3 918ba360 b3456eb8 b3456f8c Wdf01000!FxDevice::DispatchWithLock+0x77
8b9397bc 8487dbe0 00000000 b3456fb0 918ba360 nt!IovCallDriver+0x258
8b9397d0 84b8b3d0 8cf1a008 b3456eb8 918beaf0 nt!IofCallDriver+0x1b
8b9397e8 84b796c3 918beba8 b3456eb8 b3456fb0 nt!ViFilterDispatchGeneric+0x5e
8b93980c 8487dbe0 00000000 b3456fd4 918beaf0 nt!IovCallDriver+0x258
8b939820 874c9353 918be968 b3456eb8 00000000 nt!IofCallDriver+0x1b
WARNING: Stack unwind information not available. Following frames may be wrong.
8b939838 874c9068 918be968 b3456eb8 91815008 MSDMFilt+0x2353
8b939a8c 84b796c3 918be968 b3456eb8 b3456fd4 MSDMFilt+0x2068
8b939ab0 8487dbe0 00000000 b3456ff8 918be968 nt!IovCallDriver+0x258
8b939ac4 84b8b3d0 837c20f0 b3456eb8 918be660 nt!IofCallDriver+0x1b
8b939adc 84b796c3 918be718 b3456eb8 8cf1ad90 nt!ViFilterDispatchGeneric+0x5e
8b939b00 8487dbe0 00000000 b3456eb8 918be660 nt!IovCallDriver+0x258
8b939b14 84a72b29 8cf1ad90 b3456eb8 b3456fdc nt!IofCallDriver+0x1b
8b939b34 84a75cfb 918be660 8cf1ad90 00000000 nt!IopSynchronousServiceTail+0x1f8
8b939bd0 84abc63b 918be660 b3456eb8 00000000 nt!IopXxxControlFile+0x6aa
8b939c04 848848fa 00000520 00000000 00000000 nt!NtDeviceIoControlFile+0x2a
8b939c04 77257094 00000520 00000000 00000000 nt!KiFastCallEntry+0x12a
0525f950 77255864 6a60fdd9 00000520 00000000 ntdll!KiFastSystemCallRet
0525f954 6a60fdd9 00000520 00000000 00000000 ntdll!NtDeviceIoControlFile+0xc
0525fc24 6a61bc5f 00800001 00000220 ffffffff WDTFFuzzTestAction+0xfdd9
0525fcb8 6a617004 05013a9c 3574b16e 00000000 WDTFFuzzTestAction!DllUnregisterServer+0x94c8
0525fd08 6a615ff6 0525fd1c 756aed6c 0502ad60 WDTFFuzzTestAction!DllUnregisterServer+0x486d
0525fd10 756aed6c 0502ad60 0525fd5c 7727377b WDTFFuzzTestAction!DllUnregisterServer+0x385f
0525fd1c 7727377b 0502ad60 720a4199 00000000 kernel32!BaseThreadInitThunk+0xe
0525fd5c 7727374e 6a615fe9 0502ad60 00000000 ntdll!__RtlUserThreadStart+0x70
0525fd74 00000000 6a615fe9 0502ad60 00000000 ntdll!_RtlUserThreadStart+0x1b
Any help is appreciated.