none
Obserbed BSOD in WDI After GET RSSI for specific NBL from miniport driver. RRS feed

  • Question

  • I am  writing WDI miniport driver.

    BUGCHECK:

    EXCEPTION_RECORD:  ffffd880256d63c8 -- (.exr 0xffffd880256d63c8)
    ExceptionAddress: fffff807d23bb0a2 (wdiwifi!Wdi_NdisMIndicateStatusEx+0x0000000000004712)
       ExceptionCode: c0000005 (Access violation)
      ExceptionFlags: 00000000
    NumberParameters: 2
       Parameter[0]: 0000000000000001
       Parameter[1]: 000000000000017b
    Attempt to write to address 000000000000017b

    STACK:

    DUMP_CLASS: 1
    
    DUMP_QUALIFIER: 0
    
    BUILD_VERSION_STRING:  14393.0.amd64fre.rs1_release.160715-1616
    
    ADDITIONAL_DEBUG_TEXT:  
    You can run '.symfix; .reload' to try to fix the symbol path and load symbols.
    
    WRONG_SYMBOLS_TIMESTAMP: 578998f1
    
    WRONG_SYMBOLS_SIZE: 820000
    
    FAULTING_MODULE: fffff8026e80e000 nt
    
    DEBUG_FLR_IMAGE_TIMESTAMP:  578998f1
    
    DUMP_TYPE:  0
    
    BUGCHECK_P1: ffffffffc0000005
    
    BUGCHECK_P2: fffff807d23bb0a2
    
    BUGCHECK_P3: ffffd880256d63c8
    
    BUGCHECK_P4: ffffd880256d5bf0
    
    EXCEPTION_CODE: (NTSTATUS) 0x578998f1 - <Unable to get error code text>
    
    FAULTING_IP: 
    wdiwifi!Wdi_NdisMIndicateStatusEx+4712
    fffff807`d23bb0a2 488997c0000000  mov     qword ptr [rdi+0C0h],rdx
    
    EXCEPTION_RECORD:  ffffd880256d63c8 -- (.exr 0xffffd880256d63c8)
    ExceptionAddress: fffff807d23bb0a2 (wdiwifi!Wdi_NdisMIndicateStatusEx+0x0000000000004712)
       ExceptionCode: c0000005 (Access violation)
      ExceptionFlags: 00000000
    NumberParameters: 2
       Parameter[0]: 0000000000000001
       Parameter[1]: 000000000000017b
    Attempt to write to address 000000000000017b
    
    CONTEXT:  ffffd880256d5bf0 -- (.cxr 0xffffd880256d5bf0)
    rax=0000000000000010 rbx=ffff890195774fc0 rcx=fffff807d2457aa0
    rdx=ffff890195775028 rsi=ffff890195e23800 rdi=00000000000000bb
    rip=fffff807d23bb0a2 rsp=ffffd880256d6600 rbp=0000000000000000
     r8=0000000000000000  r9=0000000000000000 r10=000000000000ffff
    r11=ffffd880256d6570 r12=0000000000000000 r13=ffff890195775000
    r14=0000000000000001 r15=fffff807d2450898
    iopl=0         nv up ei pl zr na po nc
    cs=0010  ss=0018  ds=002b  es=002b  fs=0053  gs=002b             efl=00010246
    wdiwifi!Wdi_NdisMIndicateStatusEx+0x4712:
    fffff807`d23bb0a2 488997c0000000  mov     qword ptr [rdi+0C0h],rdx ds:002b:00000000`0000017b=????????????????
    Resetting default scope
    
    CPU_COUNT: 2
    
    CPU_MHZ: 9df
    
    CPU_VENDOR:  GenuineIntel
    
    CPU_FAMILY: 6
    
    CPU_MODEL: 17
    
    CPU_STEPPING: a
    
    CURRENT_IRQL:  0
    
    ANALYSIS_SESSION_HOST:  CPU500
    
    ANALYSIS_SESSION_TIME:  11-20-2018 11:14:57.0789
    
    ANALYSIS_VERSION: 10.0.14321.1024 amd64fre
    
    LAST_CONTROL_TRANSFER:  from fffff807d23b9e40 to fffff807d23bb0a2
    
    STACK_TEXT:  
    ffffd880`256d6600 fffff807`d23b9e40 : 00000000`00000000 00000000`00000000 ffffd880`256d66f9 ffff8901`95e238b8 : wdiwifi!Wdi_NdisMIndicateStatusEx+0x4712
    ffffd880`256d6650 fffff807`d23ba5d1 : fffff807`d235f3c0 fffff807`d2362a30 ffff8901`95e238b8 00000000`00000003 : wdiwifi!Wdi_NdisMIndicateStatusEx+0x34b0
    ffffd880`256d6760 fffff807`d23b7163 : ffff8901`95cd28e0 ffffd880`00000003 ffffd880`256d68a0 00000000`00000000 : wdiwifi!Wdi_NdisMIndicateStatusEx+0x3c41
    ffffd880`256d6800 fffff807`d2321f59 : 00000000`00000000 ffff8901`96606c28 00000000`00000010 ffff8901`965f7000 : wdiwifi!Wdi_NdisMIndicateStatusEx+0x7d3
    ffffd880`256d6840 fffff807`d23133e4 : fffff807`00000000 ffff8901`965f7000 00000000`000000bb 00000000`00000003 : rpsusb!WDI_InsertDataInQueue+0x189 [d:\wlan\wdi_driver_code_base_with_native_driver_debug_datapath\wdi_driver_code_base_with_native_driver\windows_driver\driver\wdi\ganges_wdi_common.c @ 1102]
    ffffd880`256d68a0 fffff807`d232fbc8 : ffff8901`95dc8050 00000000`00000000 ffff8901`965f7000 00000000`00000038 : rpsusb!rsi_deliver_frame_to_nw_stack+0x2a4 [d:\wlan\wdi_driver_code_base_with_native_driver_debug_datapath\wdi_driver_code_base_with_native_driver\windows_driver\driver\osd\ganges_windows_data.c @ 1582]
    ffffd880`256d6900 fffff807`d2333505 : 00000000`00000000 00001f80`01000000 00000000`00000038 00000000`00000002 : rpsusb!ganges_add_new_ap_in_scan_list+0xc8 [d:\wlan\wdi_driver_code_base_with_native_driver_debug_datapath\wdi_driver_code_base_with_native_driver\windows_driver\driver\wlan\osi\ganges_fsm.c @ 3401]
    ffffd880`256d6980 fffff807`d2334af6 : ffff8901`965fd860 fffff807`d230ba83 ffff8901`965f7000 fffff807`d2334f60 : rpsusb!handle_fsm_dot11_mgmt+0x115 [d:\wlan\wdi_driver_code_base_with_native_driver_debug_datapath\wdi_driver_code_base_with_native_driver\windows_driver\driver\wlan\osi\ganges_fsm.c @ 2068]
    ffffd880`256d6c90 fffff807`d233507e : ffff8901`94aaa000 ffff8901`95dc8000 ffff8901`965f7000 fffff807`d2334f60 : rpsusb!handle_mgmt_packet+0x346 [d:\wlan\wdi_driver_code_base_with_native_driver_debug_datapath\wdi_driver_code_base_with_native_driver\windows_driver\driver\wlan\osi\ganges_fsm.c @ 2912]
    ffffd880`256d6ce0 fffff802`6e8aa4bd : 201b7b00`0000010b ffff8901`95ae1040 fffff807`d2334f60 00000000`00000080 : rpsusb!management_pkt_handler_thread+0x11e [d:\wlan\wdi_driver_code_base_with_native_driver_debug_datapath\wdi_driver_code_base_with_native_driver\windows_driver\driver\wlan\osi\ganges_fsm.c @ 547]
    ffffd880`256d6d10 fffff802`6e95d456 : ffffd880`211ef180 ffff8901`95ae1040 fffff802`6e8aa47c 3b1cbf65`58009838 : nt!KeCountSetBitsAffinityEx+0xb7d
    ffffd880`256d6d60 00000000`00000000 : ffffd880`256d7000 ffffd880`256d1000 00000000`00000000 00000000`00000000 : nt!KeSynchronizeExecution+0x45d6
    
    
    THREAD_SHA1_HASH_MOD_FUNC:  b86705e1df655ffdee64380d2add7907c8ff7d0c
    
    THREAD_SHA1_HASH_MOD_FUNC_OFFSET:  141bd31029b9bf52809b5aa04b44d65d1ffd97cb
    
    THREAD_SHA1_HASH_MOD:  d4954854b53e9ea3b6724352276da60332135743
    
    FOLLOWUP_IP: 
    wdiwifi!Wdi_NdisMIndicateStatusEx+4712
    fffff807`d23bb0a2 488997c0000000  mov     qword ptr [rdi+0C0h],rdx
    
    FAULT_INSTR_CODE:  c0978948
    
    SYMBOL_STACK_INDEX:  0
    
    SYMBOL_NAME:  nt_wrong_symbols!578998F1820000
    
    FOLLOWUP_NAME:  MachineOwner
    
    STACK_COMMAND:  .cxr 0xffffd880256d5bf0 ; kb
    
    BUGCHECK_STR:  578998F1
    
    EXCEPTION_CODE_STR:  578998F1
    
    EXCEPTION_STR:  WRONG_SYMBOLS
    
    PROCESS_NAME:  ntoskrnl.wrong.symbols.exe
    
    IMAGE_NAME:  ntoskrnl.wrong.symbols.exe
    
    MODULE_NAME: nt_wrong_symbols
    
    BUCKET_ID:  WRONG_SYMBOLS_X64_14393.0.amd64fre.rs1_release.160715-1616_TIMESTAMP_160716-021617
    
    DEFAULT_BUCKET_ID:  WRONG_SYMBOLS_X64_14393.0.amd64fre.rs1_release.160715-1616_TIMESTAMP_160716-021617
    
    PRIMARY_PROBLEM_CLASS:  WRONG_SYMBOLS
    
    FAILURE_BUCKET_ID:  WRONG_SYMBOLS_X64_14393.0.amd64fre.rs1_release.160715-1616_TIMESTAMP_160716-021617_578998F1_nt_wrong_symbols!578998F1820000
    
    TARGET_TIME:  2018-11-20T00:01:32.000Z
    
    OSBUILD:  14393
    
    OSSERVICEPACK:  0
    
    SERVICEPACK_NUMBER: 0
    
    OS_REVISION: 0
    
    SUITE_MASK:  272
    
    PRODUCT_TYPE:  1
    
    OSPLATFORM_TYPE:  x64
    
    OSNAME:  Windows 10
    
    OSEDITION:  Windows 10 WinNt TerminalServer SingleUserTS
    
    OS_LOCALE:  
    
    USER_LCID:  0
    
    OSBUILD_TIMESTAMP:  2016-07-16 07:46:17
    
    BUILDDATESTAMP_STR:  160715-1616
    
    BUILDLAB_STR:  rs1_release
    
    BUILDOSVER_STR:  10.0.14393.0.amd64fre.rs1_release.160715-1616
    
    ANALYSIS_SESSION_ELAPSED_TIME: bd
    
    ANALYSIS_SOURCE:  KM
    
    FAILURE_ID_HASH_STRING:  km:wrong_symbols_x64_14393.0.amd64fre.rs1_release.160715-1616_timestamp_160716-021617_578998f1_nt_wrong_symbols!578998f1820000
    
    FAILURE_ID_HASH:  {58a59102-05f3-08b0-a2e0-c9cfb103745a}
    
    Followup:     MachineOwner
    ---------
    
    1: kd> .exr 0xffffd880256d63c8
    ExceptionAddress: fffff807d23bb0a2 (wdiwifi!Wdi_NdisMIndicateStatusEx+0x0000000000004712)
       ExceptionCode: c0000005 (Access violation)
      ExceptionFlags: 00000000
    NumberParameters: 2
       Parameter[0]: 0000000000000001
       Parameter[1]: 000000000000017b
    Attempt to write to address 000000000000017b

     i feel something missing in the process of initialization and status indication to WDI driver.

    Wdi_NdisMIndicateStatusEx actually have two parameters one source handle and pointer to NDIS_STATUS_INDICATION structure

    ,according to logs second parameter point to invalid address.

    Is there a way I can further debug this problem and get more information?

    Thanks,

    shaikshavali.




    Tuesday, November 20, 2018 6:45 AM

Answers