Re[6]: BSOD при записи/чтении
От: Ivan_83  
Дата: 05.12.11 17:44
Оценка:
Здравствуйте, x64, Вы писали:

P>>Дополню немного...

x64>Ну коли так, то и сюда не лишним будет заглянуть.

P>>...указать путь к исходникам для получения наиболее полной картины происходящего.

x64>А это необязательно, WinDbg сам найдёт, если дамп смотреть на той же машине, где всё это и собиралось.

Пришлось всё таки руками указать все пути, у меня фрибилд, видимо поэтому.
Также сделал полный дамп, он оказался более информативным.
Вот результаты:




0: kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************

ATTEMPTED_SWITCH_FROM_DPC (b8)
A wait operation, attach process, or yield was attempted from a DPC routine.
This is an illegal operation and the stack track will lead to the offending
code and original DPC routine.
Arguments:
Arg1: fffffa80053dc230, Original thread which is the cause of the failure
Arg2: fffffa80043f5060, New thread
Arg3: 0000000000000000, Stack address of the original thread
Arg4: 0000000000000000

Debugging Details:
------------------


FAULTING_THREAD: fffffa80053dc230

DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT

BUGCHECK_STR: 0xB8

PROCESS_NAME: svchost.exe

CURRENT_IRQL: 2

LAST_CONTROL_TRANSFER: from fffff80001ae0f32 to fffff80001ade4da

STACK_TEXT:
fffff800`01830460 fffff800`01ae0f32 : fffffa80`049047d0 fffffa80`053dc230 fffffa80`00000000 fffffa80`04903a40 : nt!KiSwapContext+0x7a
fffff800`018305a0 fffff800`01ae374f : fffffa80`0503a500 fffffa80`04c7beb0 00000000`00000000 fffff880`013d2527 : nt!KiCommitThreadWait+0x1d2
fffff800`01830630 fffff880`1514c0b9 : fffffa80`04c7bd00 00000000`00000000 fffffa80`04c7bd00 fffff800`01c66400 : nt!KeWaitForSingleObject+0x19f
fffff800`018306d0 fffff880`151517f7 : fffffa80`0490b010 fffffa80`0503a500 fffffa80`04c7bd60 00000000`00000002 : APCBatt!IOSyncRequest+0x85 [c:\users\rozhuk_im\documents\programmer\vc\apcbatt\apcbatt.c @ 536]
fffff800`01830730 fffff880`15151760 : fffffa80`05a9e520 00000000`00000001 00000000`00000001 fffff800`01b19f30 : APCBatt!SmBatt_UpdateData+0x7f [c:\users\rozhuk_im\documents\programmer\vc\apcbatt\apcbatt.c @ 785]
fffff800`01830770 fffff800`01ae75fc : 00000000`00000001 fffffa80`00000000 fffffa80`40740088 00000000`00000001 : APCBatt!UpdTimerDPC+0x3c [c:\users\rozhuk_im\documents\programmer\vc\apcbatt\apcbatt.c @ 663]
fffff800`018307a0 fffff800`01ae7496 : fffffa80`05a9e578 00000000`00000d33 00000000`00000000 fffff880`01b22f5c : nt!KiProcessTimerDpcTable+0x6c
fffff800`01830810 fffff800`01ae737e : 00000000`1f6dab1e fffff800`01830e88 00000000`00000d33 fffff800`01c548e8 : nt!KiProcessExpiredTimerList+0xc6
fffff800`01830e60 fffff800`01ae7167 : fffff800`01c51ec1 00000000`00000d33 fffffa80`03987050 00000000`00000033 : nt!KiTimerExpiration+0x1be
fffff800`01830f00 fffff800`01ade765 : 00000000`00000000 fffffa80`053dc230 00000000`00000000 fffff880`01180f5c : nt!KiRetireDpcList+0x277
fffff800`01830fb0 fffff800`01ade57c : 00000000`00000001 fffff800`01a20895 fffff800`01a463c0 fffff880`047b7700 : nt!KyRetireDpcList+0x5
fffff880`047b7640 fffff800`01b27993 : fffff800`01ad81a0 fffff800`01ad820c 00000000`00000000 00000000`00000000 : nt!KiDispatchInterruptContinue
fffff880`047b7670 fffff800`01ad820c : 00000000`00000000 00000000`00000000 00000068`00000101 00000000`00000000 : nt!KiDpcInterruptBypass+0x13
fffff880`047b7680 fffff800`01c0aab5 : fffffa80`0395d280 00000000`000000b3 00000000`00000001 00000000`000007ff : nt!KiInterruptDispatchNoLock+0x1fc
fffff880`047b7810 fffff800`01dd5a5f : 00000000`00000001 fffffa80`0398ad08 fffffa80`05839550 00000000`00000000 : nt!ExAllocatePoolWithTag+0x9d5
fffff880`047b7900 fffff800`01dd587b : fffffa80`00000000 fffffa80`039b3300 00000000`00000050 fffff880`047b79a8 : nt!ObpAllocateObject+0x12f
fffff880`047b7970 fffff800`01da3e54 : fffff880`047b7b20 00000000`00000002 fffff8a0`01ef6c00 fffff8a0`01ae2060 : nt!ObCreateObject+0xdb
fffff880`047b79e0 fffff800`01dafb5a : 00000000`00000000 00000000`019def28 00000000`00000001 fffffa80`053dc230 : nt!SepDuplicateToken+0xf4
fffff880`047b7a80 fffff800`01dafdd5 : fffffa80`053dc230 fffff880`0000000a 00000000`00000001 00000000`019defa0 : nt!NtOpenThreadTokenEx+0x33a
fffff880`047b7ba0 fffff800`01adaed3 : fffffa80`053dc230 00000000`019defa0 00000000`00000000 fffffa80`0555ce60 : nt!NtOpenThreadToken+0x11
fffff880`047b7be0 00000000`7787155a : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x13
00000000`019dee48 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x7787155a


STACK_COMMAND: .thread 0xfffffa80053dc230 ; kb

FOLLOWUP_IP:
APCBatt!IOSyncRequest+85 [c:\users\rozhuk_im\documents\programmer\vc\apcbatt\apcbatt.c @ 536]
fffff880`1514c0b9 8bd8 mov ebx,eax

FAULTING_SOURCE_CODE: 

   532: 
   533:     // Call the device to do the read and wait for it to finish.
   534:     Status = IoCallDriver(DeviceObject, Irp);
   535:     if (Status == STATUS_PENDING) { // Wait for the IRP
>  536:         Status = KeWaitForSingleObject(&Event, Executive, KernelMode, FALSE, NULL);
   537:         if (Status == STATUS_SUCCESS)
   538:             Status = Irp->IoStatus.Status;
   539:     }
   540:     KeClearEvent(&Event);
   541:     DebugPrint("IOSyncRequest - DONE!!!");




SYMBOL_STACK_INDEX: 3

SYMBOL_NAME: APCBatt!IOSyncRequest+85

FOLLOWUP_NAME: MachineOwner

MODULE_NAME: APCBatt

IMAGE_NAME: APCBatt.sys

DEBUG_FLR_IMAGE_TIMESTAMP: 4edcf5b3

FAILURE_BUCKET_ID: X64_0xB8_APCBatt!IOSyncRequest+85

BUCKET_ID: X64_0xB8_APCBatt!IOSyncRequest+85

Followup: MachineOwner
---------

0: kd> lmvm APCBatt
start end module name
fffff880`1514b000 fffff880`15156000 APCBatt (private pdb symbols) c:\users\rozhuk_im\documents\programmer\vc\apcbatt\objfre_win7_amd64\amd64\APCBatt.pdb
Loaded symbol image file: APCBatt.sys
Image path: \SystemRoot\system32\DRIVERS\APCBatt.sys
Image name: APCBatt.sys
Timestamp: Tue Dec 06 01:47:47 2011 (4EDCF5B3)
CheckSum: 0000AA29
ImageSize: 0000B000
Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4


в адддевайс:

KeInitializeTimerEx(&pDeviceData->UpdTimer, NotificationTimer);
KeInitializeDpc(&pDeviceData->UpdTimerDpc, UpdTimerDPC, pDeviceData);
...
dueTime.QuadPart = Int32x32To64(INFO_UPDATE_TIME, ((-10) * 1000));
KeSetTimerEx(&pDeviceData->UpdTimer, dueTime, INFO_UPDATE_TIME, &pDeviceData->UpdTimerDpc);





VOID
UpdTimerDPC(PRKDPC Dpc, PVOID DeferredContext, PVOID SystemArgument1, PVOID SystemArgument2)
{
    SM_BATT_DRV_DEV_EXT_DATA *pDeviceData = (SM_BATT_DRV_DEV_EXT_DATA *)DeferredContext;
    LONG TimerStatus;

    PAGED_CODE();

    DebugPrint("UpdTimerDPC...");
    TimerStatus = InterlockedCompareExchange(&pDeviceData->UpdTimerProcess, 1, 0);
    if (1 == TimerStatus)
        return; // allready running

    //...
    DebugPrint("UpdTimerDPC: updating...");
    SmBatt_UpdateData(pDeviceData->Fdo);

    InterlockedExchange(&pDeviceData->UpdTimerProcess, 0);
}




SmBatt_UpdateData
просто вызывает:

RtlCopyMemory(pDeviceData->WriteBuff, "Y", 1);//(*WriteBuff) = 'Y';
Status = SmBatt_SerialPortWrite(pDeviceData->ComPdo, pDeviceData->ComFileObject, pDeviceData->WriteBuff, 1);
 
Подождите ...
Wait...
Пока на собственное сообщение не было ответов, его можно удалить.