Hi ,
I wrote a virtual disk driver (like VHD driver) and it could boot Windows 10 successfully. The VHD file was stored on Ext3 partition which was powered by an Ext2Fsd driver in Win 10.
My driver received all incoming I/O requests, translated their LBAs into VHD file offset and called ZwRead/Write on it to completed the IRPs. It worked well, until I try loading 3D mark demo, A BSOD with BugCheck code 1A (subtype 3300) came up.
“!analyze -v” in Windbg says it caused by MmprobeAndLockPage call in Ext2 driver when my driver called ZwWrite. However, Windbg give no message on the first args of bugcheck 1A, which is 3300. Do you know what does “3300” mean and how to fix it?
1.The faulting code in Ext2Fsd is listed below:
NTSTATUS
LockUserBuffer (IN PIRP Irp,
IN ULONG Length,
IN LOCK_OPERATION Operation)
{
NTSTATUS Status;
ASSERT(Irp != NULL);
if (Irp->MdlAddress != NULL) {
return STATUS_SUCCESS;
}
IoAllocateMdl(Irp->UserBuffer, Length, FALSE, FALSE, Irp);
if (Irp->MdlAddress == NULL) {
return STATUS_INSUFFICIENT_RESOURCES;
}
__try {
MmProbeAndLockPages(Irp->MdlAddress, Irp->RequestorMode, Operation); <–
Status = STATUS_SUCCESS;
} __except (EXCEPTION_EXECUTE_HANDLER) {
DbgBreak();
IoFreeMdl(Irp->MdlAddress);
Irp->MdlAddress = NULL;
Status = STATUS_INVALID_USER_BUFFER;
}
return Status;
}
- Dump Irp->Mdl in windbg
1: kd> dt nt!_MDL ffffe0005f431560
+0x000 Next : (null)
+0x008 Size : 0n1072
+0x00a MdlFlags : 0n2
+0x00c AllocationProcessorNumber : 1
+0x00e Reserved : 0xffff
+0x010 Process : (null)
+0x018 MappedSystemVa : 0xffffe0005f09aa00 Void +0x020 StartVa : 0xffffd00025200000 Void
+0x028 ByteCount : 0x80000
+0x02c ByteOffset : 0
Thanks!
With little information to go on, it seems you are only testing for two of
the three types of buffers. There is direct (mdl), buffer (intermediate
buffering), or neither.
Also, on the user buffer, before allocating the Mdl, maybe you should
ProbeForRead()/ProbeForWrite()
Sorry I can’t be more helpful.
On Tue, May 16, 2017 at 8:35 AM wrote:
> Hi ,
> I wrote a virtual disk driver (like VHD driver) and it could boot
> Windows 10 successfully. The VHD file was stored on Ext3 partition which
> was powered by an Ext2Fsd driver in Win 10.
> My driver received all incoming I/O requests, translated their LBAs
> into VHD file offset and called ZwRead/Write on it to completed the IRPs.
> It worked well, until I try loading 3D mark demo, A BSOD with BugCheck code
> 1A (subtype 3300) came up.
> “!analyze -v” in Windbg says it caused by MmprobeAndLockPage call in
> Ext2 driver when my driver called ZwWrite. However, Windbg give no message
> on the first args of bugcheck 1A, which is 3300. Do you know what does
> “3300” mean and how to fix it?
>
> 1.The faulting code in Ext2Fsd is listed below:
>
> NTSTATUS
> LockUserBuffer (IN PIRP Irp,
> IN ULONG Length,
> IN LOCK_OPERATION Operation)
> {
> NTSTATUS Status;
> ASSERT(Irp != NULL);
>
> if (Irp->MdlAddress != NULL) {
> return STATUS_SUCCESS;
> }
>
> IoAllocateMdl(Irp->UserBuffer, Length, FALSE, FALSE, Irp);
> if (Irp->MdlAddress == NULL) {
> return STATUS_INSUFFICIENT_RESOURCES;
> }
>
> __try {
>
> MmProbeAndLockPages(Irp->MdlAddress, Irp->RequestorMode,
> Operation); <–
> Status = STATUS_SUCCESS;
>
> }__except (EXCEPTION_EXECUTE_HANDLER) {
>
> DbgBreak();
> IoFreeMdl(Irp->MdlAddress);
> Irp->MdlAddress = NULL;
> Status = STATUS_INVALID_USER_BUFFER;
> }
>
> return Status;
> }
>
> 2. Dump Irp->Mdl in windbg
>
> 1: kd> dt nt!_MDL ffffe0005f431560
> +0x000 Next : (null)
> +0x008 Size : 0n1072
> +0x00a MdlFlags : 0n2
> +0x00c AllocationProcessorNumber : 1
> +0x00e Reserved : 0xffff
> +0x010 Process : (null)
> +0x018 MappedSystemVa : 0xffffe0005f09aa00 Void<br>> +0x020 StartVa : 0xffffd00025200000 Void
> +0x028 ByteCount : 0x80000
> +0x02c ByteOffset : 0
>
> Thanks!
>
> —
> NTDEV is sponsored by OSR
>
> Visit the list online at: <
> http://www.osronline.com/showlists.cfm?list=ntdev>
>
> MONTHLY seminars on crash dump analysis, WDF, Windows internals and
> software drivers!
> Details at http:
>
> To unsubscribe, visit the List Server section of OSR Online at <
> http://www.osronline.com/page.cfm?name=ListServer>
></http:>
Why don’t you post the « !analyse -v » output.
The stack could give an indication of where MM encountered a serious error.
W. N.
Why don’t Microsoft publish the kernel source code so people stop spending days on a problem that can be solved in 30 mins by source code browsing.
Are you building a virtual miniport, or a disk class driver?
FYI:
https://github.com/lmr3796/WRK-1.2
On Wed, May 17, 2017 at 12:38 AM wrote:
>
>
> Why don’t Microsoft publish the kernel source code so people stop spending
> days on a problem that can be solved in 30 mins by source code browsing.
>
> —
> NTDEV is sponsored by OSR
>
> Visit the list online at: <
> http://www.osronline.com/showlists.cfm?list=ntdev>
>
> MONTHLY seminars on crash dump analysis, WDF, Windows internals and
> software drivers!
> Details at http:
>
> To unsubscribe, visit the List Server section of OSR Online at <
> http://www.osronline.com/page.cfm?name=ListServer>
></http:>
the old WinSrv 2003 kernel without PnP subsystem sources, you definitely will not find new MM bugchecks the OP asks for and such things as physical pages reverse mapping introduced in Win7