davidpreetham
Member
- Jun 7, 2019
- 8
Hi,
I am having system crash during HLK testing sleep in enable and disable test case. Driver verifier is crashing my driver saying access violation. Same TAG is not used for releasing which is used for acquiring. From description of bugcheck I understood driver verifier keeps its own Chk build io_remove_lock in place actual driver remove lock if the driver is not Chk build driver.
My query is I am not able to debug Chk build io_remove_lock to see tag information. Windbg not able to display tag details. I tired !remlock looks like deprecated.
typedef struct _IO_REMOVE_LOCK { IO_REMOVE_LOCK_COMMON_BLOCK Common; #if DBG
IO_REMOVE_LOCK_DBG_BLOCK Dbg;
#endif
} IO_REMOVE_LOCK, *PIO_REMOVE_LOCK;
TAG is checked only on case of Chk build or verifier is enabled..
-------_-------------------------------------------------------------------+++
DRIVER_VERIFIER_DETECTED_VIOLATION (c4)
A device driver attempting to corrupt the system has been caught. This is
because the driver was specified in the registry as being suspect (by the
administrator) and the kernel has enabled substantial checking of this driver.
If the driver attempts to corrupt the system, bugchecks 0xC4, 0xC1 and 0xA will
be among the most commonly seen crashes.
Arguments:
Arg1: 00000000000000d5, IoReleaseRemoveLock tag doesn't match previous IoAcquireRemoveLock tag.
Arg2: fffffa80178213e0, Address of the chk build Remove Lock structure.
Arg3: fffffa8017954070, Tag that doesn't match previous IoAcquireRemoveLock tag.
If the driver calling IoReleaseRemoveLock is not built chk,
Parameter 2 is the chk build Remove Lock used by the Driver Verifier
on behalf of the driver. In this case, the address of the RemoveLock
used by the driver is not used at all, because the Driver Verifier is
replacing the lock address for all the Remove Lock APIs.
Arg4: 0000000000000000
I am having system crash during HLK testing sleep in enable and disable test case. Driver verifier is crashing my driver saying access violation. Same TAG is not used for releasing which is used for acquiring. From description of bugcheck I understood driver verifier keeps its own Chk build io_remove_lock in place actual driver remove lock if the driver is not Chk build driver.
My query is I am not able to debug Chk build io_remove_lock to see tag information. Windbg not able to display tag details. I tired !remlock looks like deprecated.
typedef struct _IO_REMOVE_LOCK { IO_REMOVE_LOCK_COMMON_BLOCK Common; #if DBG
IO_REMOVE_LOCK_DBG_BLOCK Dbg;
#endif
} IO_REMOVE_LOCK, *PIO_REMOVE_LOCK;
TAG is checked only on case of Chk build or verifier is enabled..
-------_-------------------------------------------------------------------+++
DRIVER_VERIFIER_DETECTED_VIOLATION (c4)
A device driver attempting to corrupt the system has been caught. This is
because the driver was specified in the registry as being suspect (by the
administrator) and the kernel has enabled substantial checking of this driver.
If the driver attempts to corrupt the system, bugchecks 0xC4, 0xC1 and 0xA will
be among the most commonly seen crashes.
Arguments:
Arg1: 00000000000000d5, IoReleaseRemoveLock tag doesn't match previous IoAcquireRemoveLock tag.
Arg2: fffffa80178213e0, Address of the chk build Remove Lock structure.
Arg3: fffffa8017954070, Tag that doesn't match previous IoAcquireRemoveLock tag.
If the driver calling IoReleaseRemoveLock is not built chk,
Parameter 2 is the chk build Remove Lock used by the Driver Verifier
on behalf of the driver. In this case, the address of the RemoveLock
used by the driver is not used at all, because the Driver Verifier is
replacing the lock address for all the Remove Lock APIs.
Arg4: 0000000000000000