Bought on ebay:
Windows 7 x64:
Just plugged the Prolific PL2303HX USB To TTL in and this driver was automatically
installed.
Driver version 3.4.62.293
Driver date 17.10.2013
I used .NET and a sample program to read from the COM-port, but seems I got only garbage\noise... The TX-led seems to be lit constantly. When I try with a 433 remote i see the TX-led is blinking and the data read from COM-port seems a bit less garbage. So it kind of works. But I think I need a better interface then a COM-port to filter out all the noise (Arduino next).
But after a while I started to get mysterious BSOD:
----------------- START ------------------
0: kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
IRQL_NOT_LESS_OR_EQUAL (a)
An attempt was made to access a pageable (or completely invalid) address at an
interrupt request level (IRQL) that is too high. This is usually
caused by drivers using improper addresses.
If a kernel debugger is available get the stack backtrace.
Arguments:
Arg1: 0000000000000000, memory referenced
Arg2: 0000000000000002, IRQL
Arg3: 0000000000000000, bitfield :
bit 0 : value 0 = read operation, 1 = write operation
bit 3 : value 0 = not an execute operation, 1 = execute operation (only on chips which support this level of status)
Arg4: fffff80002ed9625, address which referenced memory
Debugging Details:
------------------
READ_ADDRESS: GetPointerFromAddress: unable to read from fffff8000310b100
GetUlongFromAddress: unable to read from fffff8000310b1c0
0000000000000000 Nonpaged pool
CURRENT_IRQL: 2
FAULTING_IP:
nt!KeSetEvent+1e3
fffff800`02ed9625 488b00 mov rax,qword ptr [rax]
CUSTOMER_CRASH_COUNT: 1
DEFAULT_BUCKET_ID: WIN7_DRIVER_FAULT
BUGCHECK_STR: 0xA
PROCESS_NAME: System
ANALYSIS_VERSION: 6.3.9600.17298 (debuggers(dbg).141024-1500) amd64fre
TRAP_FRAME: fffff88002fd33b0 -- (.trap 0xfffff88002fd33b0)
NOTE: The trap frame does not contain all registers.
Some register values may be zeroed or incorrect.
rax=0000000000000000 rbx=0000000000000000 rcx=fffff88002fd3678
rdx=0000000000000001 rsi=0000000000000000 rdi=0000000000000000
rip=fffff80002ed9625 rsp=fffff88002fd3540 rbp=0000000000000000
r8=0000000000000000 r9=0000000000000001 r10=0000000000000000
r11=fffff88002fd36c8 r12=0000000000000000 r13=0000000000000000
r14=0000000000000000 r15=0000000000000000
iopl=0 nv up ei pl nz ac po cy
nt!KeSetEvent+0x1e3:
fffff800`02ed9625 488b00 mov rax,qword ptr [rax] ds:00000000`00000000=????????????????
Resetting default scope
LOCK_ADDRESS: fffff800030d7da0 -- (!locks fffff800030d7da0)
Resource @ nt!PiEngineLock (0xfffff800030d7da0) Available
WARNING: SystemResourcesList->Flink chain invalid. Resource may be corrupted, or already deleted.
WARNING: SystemResourcesList->Blink chain invalid. Resource may be corrupted, or already deleted.
1 total locks
PNP_TRIAGE:
Lock address : 0xfffff800030d7da0
Thread Count : 0
Thread address: 0x0000000000000000
Thread wait : 0x0
LAST_CONTROL_TRANSFER: from fffff80002ed4429 to fffff80002ed4e80
STACK_TEXT:
fffff880`02fd3268 fffff800`02ed4429 : 00000000`0000000a 00000000`00000000 00000000`00000002 00000000`00000000 : nt!KeBugCheckEx
fffff880`02fd3270 fffff800`02ed30a0 : 00000000`00000000 fffff800`02ed88d1 fffffa80`070d3e40 fffff880`02fd3670 : nt!KiBugCheckDispatch+0x69
fffff880`02fd33b0 fffff800`02ed9625 : fffffa80`07026660 00000000`00000000 fffff880`02fd3660 00000000`001b0010 : nt!KiPageFault+0x260
fffff880`02fd3540 fffff880`06832b02 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000001 : nt!KeSetEvent+0x1e3
fffff880`02fd35b0 fffff800`02ed88d1 : 00000000`00000000 fffffa80`09800100 fffffa80`077736f8 00000000`00000000 : sermouse!SerialMouseReadSerialPortComplete+0x12
fffff880`02fd35e0 fffff880`06837650 : 00000000`00000000 fffffa80`08e0e600 00000000`00000000 00000000`00000000 : nt!IopfCompleteRequest+0x341
fffff880`02fd36d0 fffff880`019eb4eb : ffffffff`80001ab0 00000000`00000103 fffffa80`0a192de0 fffffa80`07a551b0 : sermouse!SerialMousePnP+0x2ec
fffff880`02fd3730 fffff800`03290b7e : fffffa80`07773430 fffffa80`0973ded0 fffffa80`07a55060 fffffa80`0722e240 : mouclass!MousePnP+0x337
fffff880`02fd3790 fffff800`02fca7fd : fffffa80`0722e240 fffffa80`0973ded0 fffff800`02fd3f20 00000000`00000000 : nt!PnpAsynchronousCall+0xce
fffff880`02fd37d0 fffff800`0329fef6 : fffff800`030d7b60 fffffa80`073b7d90 fffffa80`0973ded0 fffffa80`073b7f38 : nt!PnpStartDevice+0x11d
fffff880`02fd3890 fffff800`032a0194 : fffffa80`073b7d90 fffffa80`06cb001f fffffa80`06cb6340 00000000`00000001 : nt!PnpStartDeviceNode+0x156
fffff880`02fd3920 fffff800`032c38a6 : fffffa80`073b7d90 fffffa80`06cb6340 00000000`00000002 00000000`00000000 : nt!PipProcessStartPhase1+0x74
fffff880`02fd3950 fffff800`032c3e38 : fffff800`030d5720 00000000`00000000 00000000`00000001 fffff800`0313fb88 : nt!PipProcessDevNodeTree+0x296
fffff880`02fd3bc0 fffff800`02fd6877 : 00000001`00000003 00000000`00000000 00000000`00000001 00000000`00000000 : nt!PiProcessReenumeration+0x98
fffff880`02fd3c10 fffff800`02ede561 : fffff800`02fd6550 fffff800`031caf01 fffffa80`06a36b00 00000000`00000000 : nt!PnpDeviceActionWorker+0x327
fffff880`02fd3cb0 fffff800`031710ca : 00000000`00000000 fffffa80`06a36b50 00000000`00000080 fffffa80`06a21b30 : nt!ExpWorkerThread+0x111
fffff880`02fd3d40 fffff800`02ec5be6 : fffff880`009e8180 fffffa80`06a36b50 fffff880`009f2f40 00000000`00000000 : nt!PspSystemThreadStartup+0x5a
fffff880`02fd3d80 00000000`00000000 : fffff880`02fd4000 fffff880`02fce000 fffff880`02fd3140 00000000`00000000 : nt!KxStartSystemThread+0x16
STACK_COMMAND: kb
FOLLOWUP_IP:
sermouse!SerialMouseReadSerialPortComplete+12
fffff880`06832b02 b8160000c0 mov eax,0C0000016h
SYMBOL_STACK_INDEX: 4
SYMBOL_NAME: sermouse!SerialMouseReadSerialPortComplete+12
FOLLOWUP_NAME: MachineOwner
MODULE_NAME: sermouse
IMAGE_NAME: sermouse.sys
DEBUG_FLR_IMAGE_TIMESTAMP: 4a5bca94
IMAGE_VERSION: 6.1.7600.16385
FAILURE_BUCKET_ID: X64_0xA_sermouse!SerialMouseReadSerialPortComplete+12
BUCKET_ID: X64_0xA_sermouse!SerialMouseReadSerialPortComplete+12
ANALYSIS_SOURCE: KM
FAILURE_ID_HASH_STRING: km:x64_0xa_sermouse!serialmousereadserialportcomplete+12
FAILURE_ID_HASH: {b0342a9b-8e8c-dfd0-5456-ac7f39d85b9e}
Followup: MachineOwner
-------------- END ----------------
At first glance it does not seem to involve the Prolific PL2303HX, but it had to be because I haven't had a BSOD in years and now suddenly I start getting these. I went into device manager and opened the driver and selected update driver and after a while the driver was updated from Windows Update. I checked the driver after:
Driver version: 3.4.67.325
Driver date: 18.8.2014
Looks good. But after short time I got a new set of BSOD:
-------------- START -----------------------
1: kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
WDF_VIOLATION (10d)
The Kernel-Mode Driver Framework was notified that Windows detected an error
in a framework-based driver. In general, the dump file will yield additional
information about the driver that caused this bug check.
Arguments:
Arg1: 0000000000000004, A NULL parameter was passed to a function that required a non-
NULL value. Use the "ln" debugger command with the value of
Parameter 3 as its argument to determine the function which
requires a non-NULL parameter.
Arg2: 0000000000000000, Reserved.
Arg3: fffff88006f51cb1, The caller's address.
Arg4: fffffa8009c10a40, Reserved.
Debugging Details:
------------------
*** WARNING: Unable to verify timestamp for ser2pl64.sys
*** ERROR: Module load completed but symbols could not be loaded for ser2pl64.sys
BUGCHECK_STR: 0x10D_4
CUSTOMER_CRASH_COUNT: 1
DEFAULT_BUCKET_ID: WIN7_DRIVER_FAULT
PROCESS_NAME: System
CURRENT_IRQL: 2
ANALYSIS_VERSION: 6.3.9600.17298 (debuggers(dbg).141024-1500) amd64fre
DPC_STACK_BASE: FFFFF88002F22FB0
LAST_CONTROL_TRANSFER: from fffff88000f65b33 to fffff80002ebfe80
STACK_TEXT:
fffff880`02f1bb18 fffff880`00f65b33 : 00000000`0000010d 00000000`00000004 00000000`00000000 fffff880`06f51cb1 : nt!KeBugCheckEx
fffff880`02f1bb20 fffff880`00ee902a : fffffa80`08e8dfb0 00000000`00000180 fffffa80`000000a0 fffff880`04015e6b : Wdf01000!FxVerifierNullBugCheck+0x53
fffff880`02f1bb60 fffff880`06f51cb1 : fffffa80`08e8dfb0 fffff880`06f51aef 00000000`00000010 00000000`00000206 : Wdf01000!imp_WdfObjectGetTypedContextWorker+0x1a
fffff880`02f1bbb0 fffffa80`08e8dfb0 : fffff880`06f51aef 00000000`00000010 00000000`00000206 00000000`00000000 : ser2pl64+0xdcb1
fffff880`02f1bbb8 fffff880`06f51aef : 00000000`00000010 00000000`00000206 00000000`00000000 fffff880`06f51b17 : 0xfffffa80`08e8dfb0
fffff880`02f1bbc0 00000000`00000010 : 00000000`00000206 00000000`00000000 fffff880`06f51b17 fffffa80`08e8dfb0 : ser2pl64+0xdaef
fffff880`02f1bbc8 00000000`00000206 : 00000000`00000000 fffff880`06f51b17 fffffa80`08e8dfb0 00000000`00000000 : 0x10
fffff880`02f1bbd0 00000000`00000000 : fffff880`06f51b17 fffffa80`08e8dfb0 00000000`00000000 fffffa80`07226b50 : 0x206
STACK_COMMAND: kb
FOLLOWUP_IP:
ser2pl64+dcb1
fffff880`06f51cb1 837c245002 cmp dword ptr [rsp+50h],2
SYMBOL_STACK_INDEX: 3
SYMBOL_NAME: ser2pl64+dcb1
FOLLOWUP_NAME: MachineOwner
MODULE_NAME: ser2pl64
IMAGE_NAME: ser2pl64.sys
DEBUG_FLR_IMAGE_TIMESTAMP: 53edb799
FAILURE_BUCKET_ID: X64_0x10D_4_ser2pl64+dcb1
BUCKET_ID: X64_0x10D_4_ser2pl64+dcb1
ANALYSIS_SOURCE: KM
FAILURE_ID_HASH_STRING: km:x64_0x10d_4_ser2pl64+dcb1
FAILURE_ID_HASH: {28aec0cd-8c1b-42ee-cab0-82c12b7fab7b}
Followup: MachineOwner
------------------------ END ----------------------
Well, now there is no doubt: ser2pl64.sys is crashing. I checked Prolific website:
http://www.prolific.com.tw/US/ShowProduct.aspx?p_id=225&pcid=41
And there is the same driver as I have...
So it seems Prolific suck at writing drivers and I have found a new way to do DOS-attack: plug in one of these sticks (+ a 433 receiver) in a Windows 7 box: it will automatically install the drivers and eventually crash the system:-)
No comments:
Post a Comment