Bought on ebay:
Windows 7 x64:
Just plugged the Prolific PL2303HX USB To TTL in and this driver was automatically
installed.
Driver version 3.4.62.293
Driver date 17.10.2013
I used .NET and a sample program to read from the COM-port, but seems I got only garbage\noise... The TX-led seems to be lit constantly. When I try with a 433 remote i see the TX-led is blinking and the data read from COM-port seems a bit less garbage. So it kind of works. But I think I need a better interface then a COM-port to filter out all the noise (Arduino next).
But after a while I started to get mysterious BSOD:
----------------- START ------------------
0: kd> !analyze -v ******************************************************************************* * * * Bugcheck Analysis * * * ******************************************************************************* IRQL_NOT_LESS_OR_EQUAL (a) An attempt was made to access a pageable (or completely invalid) address at an interrupt request level (IRQL) that is too high. This is usually caused by drivers using improper addresses. If a kernel debugger is available get the stack backtrace. Arguments: Arg1: 0000000000000000, memory referenced Arg2: 0000000000000002, IRQL Arg3: 0000000000000000, bitfield : bit 0 : value 0 = read operation, 1 = write operation bit 3 : value 0 = not an execute operation, 1 = execute operation (only on chips which support this level of status) Arg4: fffff80002ed9625, address which referenced memory Debugging Details: ------------------ READ_ADDRESS: GetPointerFromAddress: unable to read from fffff8000310b100 GetUlongFromAddress: unable to read from fffff8000310b1c0 0000000000000000 Nonpaged pool CURRENT_IRQL: 2 FAULTING_IP: nt!KeSetEvent+1e3 fffff800`02ed9625 488b00 mov rax,qword ptr [rax] CUSTOMER_CRASH_COUNT: 1 DEFAULT_BUCKET_ID: WIN7_DRIVER_FAULT BUGCHECK_STR: 0xA PROCESS_NAME: System ANALYSIS_VERSION: 6.3.9600.17298 (debuggers(dbg).141024-1500) amd64fre TRAP_FRAME: fffff88002fd33b0 -- (.trap 0xfffff88002fd33b0) NOTE: The trap frame does not contain all registers. Some register values may be zeroed or incorrect. rax=0000000000000000 rbx=0000000000000000 rcx=fffff88002fd3678 rdx=0000000000000001 rsi=0000000000000000 rdi=0000000000000000 rip=fffff80002ed9625 rsp=fffff88002fd3540 rbp=0000000000000000 r8=0000000000000000 r9=0000000000000001 r10=0000000000000000 r11=fffff88002fd36c8 r12=0000000000000000 r13=0000000000000000 r14=0000000000000000 r15=0000000000000000 iopl=0 nv up ei pl nz ac po cy nt!KeSetEvent+0x1e3: fffff800`02ed9625 488b00 mov rax,qword ptr [rax] ds:00000000`00000000=???????????????? Resetting default scope LOCK_ADDRESS: fffff800030d7da0 -- (!locks fffff800030d7da0) Resource @ nt!PiEngineLock (0xfffff800030d7da0) Available WARNING: SystemResourcesList->Flink chain invalid. Resource may be corrupted, or already deleted. WARNING: SystemResourcesList->Blink chain invalid. Resource may be corrupted, or already deleted. 1 total locks PNP_TRIAGE: Lock address : 0xfffff800030d7da0 Thread Count : 0 Thread address: 0x0000000000000000 Thread wait : 0x0 LAST_CONTROL_TRANSFER: from fffff80002ed4429 to fffff80002ed4e80 STACK_TEXT: fffff880`02fd3268 fffff800`02ed4429 : 00000000`0000000a 00000000`00000000 00000000`00000002 00000000`00000000 : nt!KeBugCheckEx fffff880`02fd3270 fffff800`02ed30a0 : 00000000`00000000 fffff800`02ed88d1 fffffa80`070d3e40 fffff880`02fd3670 : nt!KiBugCheckDispatch+0x69 fffff880`02fd33b0 fffff800`02ed9625 : fffffa80`07026660 00000000`00000000 fffff880`02fd3660 00000000`001b0010 : nt!KiPageFault+0x260 fffff880`02fd3540 fffff880`06832b02 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000001 : nt!KeSetEvent+0x1e3 fffff880`02fd35b0 fffff800`02ed88d1 : 00000000`00000000 fffffa80`09800100 fffffa80`077736f8 00000000`00000000 : sermouse!SerialMouseReadSerialPortComplete+0x12 fffff880`02fd35e0 fffff880`06837650 : 00000000`00000000 fffffa80`08e0e600 00000000`00000000 00000000`00000000 : nt!IopfCompleteRequest+0x341 fffff880`02fd36d0 fffff880`019eb4eb : ffffffff`80001ab0 00000000`00000103 fffffa80`0a192de0 fffffa80`07a551b0 : sermouse!SerialMousePnP+0x2ec fffff880`02fd3730 fffff800`03290b7e : fffffa80`07773430 fffffa80`0973ded0 fffffa80`07a55060 fffffa80`0722e240 : mouclass!MousePnP+0x337 fffff880`02fd3790 fffff800`02fca7fd : fffffa80`0722e240 fffffa80`0973ded0 fffff800`02fd3f20 00000000`00000000 : nt!PnpAsynchronousCall+0xce fffff880`02fd37d0 fffff800`0329fef6 : fffff800`030d7b60 fffffa80`073b7d90 fffffa80`0973ded0 fffffa80`073b7f38 : nt!PnpStartDevice+0x11d fffff880`02fd3890 fffff800`032a0194 : fffffa80`073b7d90 fffffa80`06cb001f fffffa80`06cb6340 00000000`00000001 : nt!PnpStartDeviceNode+0x156 fffff880`02fd3920 fffff800`032c38a6 : fffffa80`073b7d90 fffffa80`06cb6340 00000000`00000002 00000000`00000000 : nt!PipProcessStartPhase1+0x74 fffff880`02fd3950 fffff800`032c3e38 : fffff800`030d5720 00000000`00000000 00000000`00000001 fffff800`0313fb88 : nt!PipProcessDevNodeTree+0x296 fffff880`02fd3bc0 fffff800`02fd6877 : 00000001`00000003 00000000`00000000 00000000`00000001 00000000`00000000 : nt!PiProcessReenumeration+0x98 fffff880`02fd3c10 fffff800`02ede561 : fffff800`02fd6550 fffff800`031caf01 fffffa80`06a36b00 00000000`00000000 : nt!PnpDeviceActionWorker+0x327 fffff880`02fd3cb0 fffff800`031710ca : 00000000`00000000 fffffa80`06a36b50 00000000`00000080 fffffa80`06a21b30 : nt!ExpWorkerThread+0x111 fffff880`02fd3d40 fffff800`02ec5be6 : fffff880`009e8180 fffffa80`06a36b50 fffff880`009f2f40 00000000`00000000 : nt!PspSystemThreadStartup+0x5a fffff880`02fd3d80 00000000`00000000 : fffff880`02fd4000 fffff880`02fce000 fffff880`02fd3140 00000000`00000000 : nt!KxStartSystemThread+0x16 STACK_COMMAND: kb FOLLOWUP_IP: sermouse!SerialMouseReadSerialPortComplete+12 fffff880`06832b02 b8160000c0 mov eax,0C0000016h SYMBOL_STACK_INDEX: 4 SYMBOL_NAME: sermouse!SerialMouseReadSerialPortComplete+12 FOLLOWUP_NAME: MachineOwner MODULE_NAME: sermouse IMAGE_NAME: sermouse.sys DEBUG_FLR_IMAGE_TIMESTAMP: 4a5bca94 IMAGE_VERSION: 6.1.7600.16385 FAILURE_BUCKET_ID: X64_0xA_sermouse!SerialMouseReadSerialPortComplete+12 BUCKET_ID: X64_0xA_sermouse!SerialMouseReadSerialPortComplete+12 ANALYSIS_SOURCE: KM FAILURE_ID_HASH_STRING: km:x64_0xa_sermouse!serialmousereadserialportcomplete+12 FAILURE_ID_HASH: {b0342a9b-8e8c-dfd0-5456-ac7f39d85b9e} Followup: MachineOwner
-------------- END ----------------
At first glance it does not seem to involve the Prolific PL2303HX, but it had to be because I haven't had a BSOD in years and now suddenly I start getting these. I went into device manager and opened the driver and selected update driver and after a while the driver was updated from Windows Update. I checked the driver after:
Driver version: 3.4.67.325
Driver date: 18.8.2014
Looks good. But after short time I got a new set of BSOD:
-------------- START -----------------------
1: kd> !analyze -v ******************************************************************************* * * * Bugcheck Analysis * * * ******************************************************************************* WDF_VIOLATION (10d) The Kernel-Mode Driver Framework was notified that Windows detected an error in a framework-based driver. In general, the dump file will yield additional information about the driver that caused this bug check. Arguments: Arg1: 0000000000000004, A NULL parameter was passed to a function that required a non- NULL value. Use the "ln" debugger command with the value of Parameter 3 as its argument to determine the function which requires a non-NULL parameter. Arg2: 0000000000000000, Reserved. Arg3: fffff88006f51cb1, The caller's address. Arg4: fffffa8009c10a40, Reserved. Debugging Details: ------------------ *** WARNING: Unable to verify timestamp for ser2pl64.sys *** ERROR: Module load completed but symbols could not be loaded for ser2pl64.sys BUGCHECK_STR: 0x10D_4 CUSTOMER_CRASH_COUNT: 1 DEFAULT_BUCKET_ID: WIN7_DRIVER_FAULT PROCESS_NAME: System CURRENT_IRQL: 2 ANALYSIS_VERSION: 6.3.9600.17298 (debuggers(dbg).141024-1500) amd64fre DPC_STACK_BASE: FFFFF88002F22FB0 LAST_CONTROL_TRANSFER: from fffff88000f65b33 to fffff80002ebfe80 STACK_TEXT: fffff880`02f1bb18 fffff880`00f65b33 : 00000000`0000010d 00000000`00000004 00000000`00000000 fffff880`06f51cb1 : nt!KeBugCheckEx fffff880`02f1bb20 fffff880`00ee902a : fffffa80`08e8dfb0 00000000`00000180 fffffa80`000000a0 fffff880`04015e6b : Wdf01000!FxVerifierNullBugCheck+0x53 fffff880`02f1bb60 fffff880`06f51cb1 : fffffa80`08e8dfb0 fffff880`06f51aef 00000000`00000010 00000000`00000206 : Wdf01000!imp_WdfObjectGetTypedContextWorker+0x1a fffff880`02f1bbb0 fffffa80`08e8dfb0 : fffff880`06f51aef 00000000`00000010 00000000`00000206 00000000`00000000 : ser2pl64+0xdcb1 fffff880`02f1bbb8 fffff880`06f51aef : 00000000`00000010 00000000`00000206 00000000`00000000 fffff880`06f51b17 : 0xfffffa80`08e8dfb0 fffff880`02f1bbc0 00000000`00000010 : 00000000`00000206 00000000`00000000 fffff880`06f51b17 fffffa80`08e8dfb0 : ser2pl64+0xdaef fffff880`02f1bbc8 00000000`00000206 : 00000000`00000000 fffff880`06f51b17 fffffa80`08e8dfb0 00000000`00000000 : 0x10 fffff880`02f1bbd0 00000000`00000000 : fffff880`06f51b17 fffffa80`08e8dfb0 00000000`00000000 fffffa80`07226b50 : 0x206 STACK_COMMAND: kb FOLLOWUP_IP: ser2pl64+dcb1 fffff880`06f51cb1 837c245002 cmp dword ptr [rsp+50h],2 SYMBOL_STACK_INDEX: 3 SYMBOL_NAME: ser2pl64+dcb1 FOLLOWUP_NAME: MachineOwner MODULE_NAME: ser2pl64 IMAGE_NAME: ser2pl64.sys DEBUG_FLR_IMAGE_TIMESTAMP: 53edb799 FAILURE_BUCKET_ID: X64_0x10D_4_ser2pl64+dcb1 BUCKET_ID: X64_0x10D_4_ser2pl64+dcb1 ANALYSIS_SOURCE: KM FAILURE_ID_HASH_STRING: km:x64_0x10d_4_ser2pl64+dcb1 FAILURE_ID_HASH: {28aec0cd-8c1b-42ee-cab0-82c12b7fab7b} Followup: MachineOwner
------------------------ END ----------------------
Well, now there is no doubt: ser2pl64.sys is crashing. I checked Prolific website:
http://www.prolific.com.tw/US/ShowProduct.aspx?p_id=225&pcid=41
And there is the same driver as I have...
So it seems Prolific suck at writing drivers and I have found a new way to do DOS-attack: plug in one of these sticks (+ a 433 receiver) in a Windows 7 box: it will automatically install the drivers and eventually crash the system:-)
No comments:
Post a Comment