system crashes in storport driver booting

Prev: Is it possible to determine (programmatically) if system wasjust powered up or rebooted
Next: Is it possible to determine (programmatically) if system was just

From: hitesh on 13 Jul 2010 06:25

---

Hi all,
i am writing a storport miniport driver.
currently i am not handling read/write command in my start_io routine.
I am handling inquiry, report luns and read capacity.
if i install the driver in device manager->scan for h/w changes ->
install driver for my h/w, then it installs correctly and i am able to
see the disk listed in device manager, as i am not hanlding read/write
it shown disk uninitialized.
i am also able to disable and enable the device.
but the moment i restart the machine whenever driver loads, my machine
crashes everytime it loads my driver.

so my question is:
1) what is the difference in loading the driver during windows booting
and installing from device manager?
2) if there is difference then what a person need to handle extra
during boot time? (please note that i am not using it for any boot
disk, my primary OS disk is connected with other ATA controller)

i have connected WinDbg and tried to find out the problem,
here is the dump, plz look @ it and let me know if you can find the
solution,

*******************************************************************************
*
*
* Bugcheck
Analysis *
*
*
*******************************************************************************

DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1)
An attempt was made to access a pageable (or completely invalid)
address at an
interrupt request level (IRQL) that is too high. This is usually
caused by drivers using improper addresses.
If kernel debugger is available get stack backtrace.
Arguments:
Arg1: 0000000000000000, memory referenced
Arg2: 000000000000000a, IRQL
Arg3: 0000000000000008, value 0 = read operation, 1 = write operation
Arg4: 0000000000000000, address which referenced memory

Debugging Details:
------------------


READ_ADDRESS: 0000000000000000

CURRENT_IRQL: a

FAULTING_IP:
+35e952f00fddfdc
00000000`00000000 ?? ???

PROCESS_NAME: Idle

DEFAULT_BUCKET_ID: DRIVER_FAULT

BUGCHECK_STR: 0xD1

TRAP_FRAME: fffffadf954399c0 -- (.trap 0xfffffadf954399c0)
NOTE: The trap frame does not contain all registers.
Some register values may be zeroed or incorrect.
rax=fffffadfa0ab0820 rbx=0000000000000000 rcx=fffffadfa06c2008
rdx=fffffadfa06c41b0 rsi=0000000000000000 rdi=0000000000000000
rip=0000000000000000 rsp=fffffadf95439b58 rbp=fffffadf95439c30
r8=000000c42dfdf9a7 r9=fffff8000118df28 r10=fffffadf9509d450
r11=fffffadfa06c4e70 r12=0000000000000000 r13=0000000000000000
r14=0000000000000000 r15=0000000000000000
iopl=0 nv up ei ng nz na pe nc
00000000`00000000 ?? ???
Resetting default scope

LAST_CONTROL_TRANSFER: from fffff800010c8ede to fffff8000104b350

FAILED_INSTRUCTION_ADDRESS:
+35e952f00fddfdc
00000000`00000000 ?? ???

STACK_TEXT:
fffffadf`95439148 fffff800`010c8ede : 00000000`00000000
00000000`00000000 00000000`000000d1 fffff800`0106144e : nt!
RtlpBreakWithStatusInstruction
fffffadf`95439150 fffff800`010ca4c4 : fffff800`00000003
00000000`000000d1 00000000`00000000 00000000`0000000a : nt!
KiBugCheckDebugBreak+0x1e
fffffadf`954391b0 fffff800`010502d4 : 00000000`00000002
00000000`00000000 00000000`00000002 fffffadf`a0bd75d0 : nt!
KeBugCheck2+0x676
fffffadf`95439800 fffff800`0104fef4 : 00000000`0000000a
00000000`00000000 00000000`0000000a 00000000`00000008 : nt!KeBugCheckEx
+0x104
fffffadf`95439840 fffff800`0104ef07 : fffffadf`a0aaa8c0
fffffadf`94ffc488 00000000`00000000 fffffadf`9509b180 : nt!
KiBugCheckDispatch+0x74
fffffadf`954399c0 00000000`00000000 : fffff800`01051089
00000000`00000000 fffff800`01050d00 00000000`00000246 : nt!KiPageFault
+0x207


STACK_COMMAND: kb

FOLLOWUP_IP:
nt!KiPageFault+207
fffff800`0104ef07 488d05f22f0000 lea rax,[nt!
ExpInterlockedPopEntrySListResume (fffff800`01051f00)]

SYMBOL_STACK_INDEX: 5

SYMBOL_NAME: nt!KiPageFault+207

FOLLOWUP_NAME: MachineOwner

MODULE_NAME: nt

IMAGE_NAME: ntkrnlmp.exe

DEBUG_FLR_IMAGE_TIMESTAMP: 42436123

FAILURE_BUCKET_ID: X64_0xD1_CODE_AV_NULL_IP_nt!KiPageFault+207

BUCKET_ID: X64_0xD1_CODE_AV_NULL_IP_nt!KiPageFault+207

Followup: MachineOwner
-----------------------------------------------------------------------

thanks,
Hitesh

From: hitesh on 13 Jul 2010 07:16

---

On Jul 13, 3:25 pm, hitesh <hitesh.ughr...(a)gmail.com> wrote:
> Hi all,
> i am writing a storport miniport driver.
> currently i am not handling read/write command in my start_io routine.
> I am handling inquiry, report luns and read capacity.
> if i install the driver in device manager->scan for h/w changes ->
> install driver for my h/w, then it installs correctly and i am able to
> see the disk listed in device manager, as i am not hanlding read/write
> it shown disk uninitialized.
> i am also able to disable and enable the device.
> but the moment i restart the machine whenever driver loads, my machine
> crashes everytime it loads my driver.
>
> so my question is:
> 1) what is the difference in loading the driver during windows booting
> and installing from device manager?
> 2) if there is difference then what a person need to handle extra
> during boot time? (please note that i am not using it for any boot
> disk, my primary OS disk is connected with other ATA controller)
>
> i have connected WinDbg and tried to find out the problem,
> here is the dump, plz look @ it and let me know if you can find the
> solution,
>
> ***************************************************************************­****
> *
> *
> *                        Bugcheck
> Analysis                                    *
> *
> *
> ***************************************************************************­****
>
> DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1)
> An attempt was made to access a pageable (or completely invalid)
> address at an
> interrupt request level (IRQL) that is too high.  This is usually
> caused by drivers using improper addresses.
> If kernel debugger is available get stack backtrace.
> Arguments:
> Arg1: 0000000000000000, memory referenced
> Arg2: 000000000000000a, IRQL
> Arg3: 0000000000000008, value 0 = read operation, 1 = write operation
> Arg4: 0000000000000000, address which referenced memory
>
> Debugging Details:
> ------------------
>
> READ_ADDRESS:  0000000000000000
>
> CURRENT_IRQL:  a
>
> FAULTING_IP:
> +35e952f00fddfdc
> 00000000`00000000 ??              ???
>
> PROCESS_NAME:  Idle
>
> DEFAULT_BUCKET_ID:  DRIVER_FAULT
>
> BUGCHECK_STR:  0xD1
>
> TRAP_FRAME:  fffffadf954399c0 -- (.trap 0xfffffadf954399c0)
> NOTE: The trap frame does not contain all registers.
> Some register values may be zeroed or incorrect.
> rax=fffffadfa0ab0820 rbx=0000000000000000 rcx=fffffadfa06c2008
> rdx=fffffadfa06c41b0 rsi=0000000000000000 rdi=0000000000000000
> rip=0000000000000000 rsp=fffffadf95439b58 rbp=fffffadf95439c30
>  r8=000000c42dfdf9a7  r9=fffff8000118df28 r10=fffffadf9509d450
> r11=fffffadfa06c4e70 r12=0000000000000000 r13=0000000000000000
> r14=0000000000000000 r15=0000000000000000
> iopl=0         nv up ei ng nz na pe nc
> 00000000`00000000 ??              ???
> Resetting default scope
>
> LAST_CONTROL_TRANSFER:  from fffff800010c8ede to fffff8000104b350
>
> FAILED_INSTRUCTION_ADDRESS:
> +35e952f00fddfdc
> 00000000`00000000 ??              ???
>
> STACK_TEXT:
> fffffadf`95439148 fffff800`010c8ede : 00000000`00000000
> 00000000`00000000 00000000`000000d1 fffff800`0106144e : nt!
> RtlpBreakWithStatusInstruction
> fffffadf`95439150 fffff800`010ca4c4 : fffff800`00000003
> 00000000`000000d1 00000000`00000000 00000000`0000000a : nt!
> KiBugCheckDebugBreak+0x1e
> fffffadf`954391b0 fffff800`010502d4 : 00000000`00000002
> 00000000`00000000 00000000`00000002 fffffadf`a0bd75d0 : nt!
> KeBugCheck2+0x676
> fffffadf`95439800 fffff800`0104fef4 : 00000000`0000000a
> 00000000`00000000 00000000`0000000a 00000000`00000008 : nt!KeBugCheckEx
> +0x104
> fffffadf`95439840 fffff800`0104ef07 : fffffadf`a0aaa8c0
> fffffadf`94ffc488 00000000`00000000 fffffadf`9509b180 : nt!
> KiBugCheckDispatch+0x74
> fffffadf`954399c0 00000000`00000000 : fffff800`01051089
> 00000000`00000000 fffff800`01050d00 00000000`00000246 : nt!KiPageFault
> +0x207
>
> STACK_COMMAND:  kb
>
> FOLLOWUP_IP:
> nt!KiPageFault+207
> fffff800`0104ef07 488d05f22f0000  lea     rax,[nt!
> ExpInterlockedPopEntrySListResume (fffff800`01051f00)]
>
> SYMBOL_STACK_INDEX:  5
>
> SYMBOL_NAME:  nt!KiPageFault+207
>
> FOLLOWUP_NAME:  MachineOwner
>
> MODULE_NAME: nt
>
> IMAGE_NAME:  ntkrnlmp.exe
>
> DEBUG_FLR_IMAGE_TIMESTAMP:  42436123
>
> FAILURE_BUCKET_ID:  X64_0xD1_CODE_AV_NULL_IP_nt!KiPageFault+207
>
> BUCKET_ID:  X64_0xD1_CODE_AV_NULL_IP_nt!KiPageFault+207
>
> Followup: MachineOwner
> -----------------------------------------------------------------------
>
> thanks,
> Hitesh

just to add more info,
i am developing it for windows xp 64 bit.
thanks,

From: eagersh on 14 Jul 2010 12:15

---

On Jul 13, 5:16 am, hitesh <hitesh.ughr...(a)gmail.com> wrote:
> On Jul 13, 3:25 pm, hitesh <hitesh.ughr...(a)gmail.com> wrote:
>
>
>
> > Hi all,
> > i am writing a storport miniport driver.
> > currently i am not handling read/write command in my start_io routine.
> > I am handling inquiry, report luns and read capacity.
> > if i install the driver in device manager->scan for h/w changes ->
> > install driver for my h/w, then it installs correctly and i am able to
> > see the disk listed in device manager, as i am not hanlding read/write
> > it shown disk uninitialized.
> > i am also able to disable and enable the device.
> > but the moment i restart the machine whenever driver loads, my machine
> > crashes everytime it loads my driver.
>
> > so my question is:
> > 1) what is the difference in loading the driver during windows booting
> > and installing from device manager?
> > 2) if there is difference then what a person need to handle extra
> > during boot time? (please note that i am not using it for any boot
> > disk, my primary OS disk is connected with other ATA controller)
>
> > i have connected WinDbg and tried to find out the problem,
> > here is the dump, plz look @ it and let me know if you can find the
> > solution,
>
> > ***************************************************************************­****
> > *
> > *
> > *                        Bugcheck
> > Analysis                                    *
> > *
> > *
> > ***************************************************************************­****
>
> > DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1)
> > An attempt was made to access a pageable (or completely invalid)
> > address at an
> > interrupt request level (IRQL) that is too high.  This is usually
> > caused by drivers using improper addresses.
> > If kernel debugger is available get stack backtrace.
> > Arguments:
> > Arg1: 0000000000000000, memory referenced
> > Arg2: 000000000000000a, IRQL
> > Arg3: 0000000000000008, value 0 = read operation, 1 = write operation
> > Arg4: 0000000000000000, address which referenced memory
>
> > Debugging Details:
> > ------------------
>
> > READ_ADDRESS:  0000000000000000
>
> > CURRENT_IRQL:  a
>
> > FAULTING_IP:
> > +35e952f00fddfdc
> > 00000000`00000000 ??              ???
>
> > PROCESS_NAME:  Idle
>
> > DEFAULT_BUCKET_ID:  DRIVER_FAULT
>
> > BUGCHECK_STR:  0xD1
>
> > TRAP_FRAME:  fffffadf954399c0 -- (.trap 0xfffffadf954399c0)
> > NOTE: The trap frame does not contain all registers.
> > Some register values may be zeroed or incorrect.
> > rax=fffffadfa0ab0820 rbx=0000000000000000 rcx=fffffadfa06c2008
> > rdx=fffffadfa06c41b0 rsi=0000000000000000 rdi=0000000000000000
> > rip=0000000000000000 rsp=fffffadf95439b58 rbp=fffffadf95439c30
> >  r8=000000c42dfdf9a7  r9=fffff8000118df28 r10=fffffadf9509d450
> > r11=fffffadfa06c4e70 r12=0000000000000000 r13=0000000000000000
> > r14=0000000000000000 r15=0000000000000000
> > iopl=0         nv up ei ng nz na pe nc
> > 00000000`00000000 ??              ???
> > Resetting default scope
>
> > LAST_CONTROL_TRANSFER:  from fffff800010c8ede to fffff8000104b350
>
> > FAILED_INSTRUCTION_ADDRESS:
> > +35e952f00fddfdc
> > 00000000`00000000 ??              ???
>
> > STACK_TEXT:
> > fffffadf`95439148 fffff800`010c8ede : 00000000`00000000
> > 00000000`00000000 00000000`000000d1 fffff800`0106144e : nt!
> > RtlpBreakWithStatusInstruction
> > fffffadf`95439150 fffff800`010ca4c4 : fffff800`00000003
> > 00000000`000000d1 00000000`00000000 00000000`0000000a : nt!
> > KiBugCheckDebugBreak+0x1e
> > fffffadf`954391b0 fffff800`010502d4 : 00000000`00000002
> > 00000000`00000000 00000000`00000002 fffffadf`a0bd75d0 : nt!
> > KeBugCheck2+0x676
> > fffffadf`95439800 fffff800`0104fef4 : 00000000`0000000a
> > 00000000`00000000 00000000`0000000a 00000000`00000008 : nt!KeBugCheckEx
> > +0x104
> > fffffadf`95439840 fffff800`0104ef07 : fffffadf`a0aaa8c0
> > fffffadf`94ffc488 00000000`00000000 fffffadf`9509b180 : nt!
> > KiBugCheckDispatch+0x74
> > fffffadf`954399c0 00000000`00000000 : fffff800`01051089
> > 00000000`00000000 fffff800`01050d00 00000000`00000246 : nt!KiPageFault
> > +0x207
>
> > STACK_COMMAND:  kb
>
> > FOLLOWUP_IP:
> > nt!KiPageFault+207
> > fffff800`0104ef07 488d05f22f0000  lea     rax,[nt!
> > ExpInterlockedPopEntrySListResume (fffff800`01051f00)]
>
> > SYMBOL_STACK_INDEX:  5
>
> > SYMBOL_NAME:  nt!KiPageFault+207
>
> > FOLLOWUP_NAME:  MachineOwner
>
> > MODULE_NAME: nt
>
> > IMAGE_NAME:  ntkrnlmp.exe
>
> > DEBUG_FLR_IMAGE_TIMESTAMP:  42436123
>
> > FAILURE_BUCKET_ID:  X64_0xD1_CODE_AV_NULL_IP_nt!KiPageFault+207
>
> > BUCKET_ID:  X64_0xD1_CODE_AV_NULL_IP_nt!KiPageFault+207
>
> > Followup: MachineOwner
> > -----------------------------------------------------------------------
>
> > thanks,
> > Hitesh
>
> just to add more info,
> i am developing it for windows xp 64 bit.
> thanks,

Your dump information is not very useful. Install correct symbols and
you could see a right stack during the crash.

Igor Sharovar

 | 
Pages: 1
Prev: Is it possible to determine (programmatically) if system wasjust powered up or rebooted
Next: Is it possible to determine (programmatically) if system was just