BSOD appears when MmUnmapLockedPages is used in nt4.0

Hi

Can someone help me in finding a solution for acheiving common buffer dma
.The following is the source code. On allocation I used the following
code and it works fine.

VirtualBuffer =
HalAllocateCommonBuffer(DmaAdapter,0x1000,&PhysicalBuffer,FALSE);

MemMDL = IoAllocateMdl(VirtualBuffer,0x1000,FALSE,FALSE,NULL);

MmBuildMdlForNonPagedPool(MemMDL);

UserBuffer = MmMapLockedPages(MemMDL,UserMode);

On deallocation I used the following code and works fine.
MmUnlockPages(MemMDL); IoFreeMdl(MemMDL);
HalFreeCommonBuffer(DmaAdapter,0x1000,PhysicalBuffer,VirtualBuffer,FALSE);

BSOD appears when I close the application.

A fatal system error has occurred.

*******************************************************************************

*
*
* Bugcheck Analysis
*
*
*
*******************************************************************************

*** WARNING: Unable to verify Timestamp for ntoskrnl.exe
*** ERROR: Symbol file could not be found. Defaulted to export symbols
for ntoskrnl.exe -
Bugcheck code 0000000A
Arguments c0503000 00000002 00000000 8012d773

ChildEBP RetAddr Args to Child
f7497bfc 801415e0 0000000a c0503000 00000002
ntoskrnl!DbgBreakPointWithStatus+0x4
*** WARNING: Unable to verify Timestamp for halapic.dll
*** ERROR: Symbol file could not be found. Defaulted to export symbols
for halapic.dll -
f7497c18 80010880 f7497c60 8010a465 e1194d68
ntoskrnl!Kei386EoiHelper+0x2948
00000001 00000000 00000000 00000000 00000000 halapic+0xf880

ntoskrnl!DbgBreakPointWithStatus+4:
8012ff7c cc

Your responce is highly appreciated

Daliraju

since you never locked the buffer you shouldn’t be unlocking it. You can just free the MDL.

-p

From: DALIRAJU VYSYARAJU [mailto:xxxxx@sbs.com]
Sent: Thu 8/22/2002 10:32 PM
To: NT Developers Interest List
Cc:
Subject: [ntdev] BSOD appears when MmUnmapLockedPages is used in nt4.0

Hi

Can someone help me in finding a solution for acheiving common buffer dma
.The following is the source code. On allocation I used the following
code and it works fine.

VirtualBuffer =
HalAllocateCommonBuffer(DmaAdapter,0x1000,&PhysicalBuffer,FALSE);

MemMDL = IoAllocateMdl(VirtualBuffer,0x1000,FALSE,FALSE,NULL);

MmBuildMdlForNonPagedPool(MemMDL);

UserBuffer = MmMapLockedPages(MemMDL,UserMode);

On deallocation I used the following code and works fine.
MmUnlockPages(MemMDL); IoFreeMdl(MemMDL);
HalFreeCommonBuffer(DmaAdapter,0x1000,PhysicalBuffer,VirtualBuffer,FALSE);

BSOD appears when I close the application.

A fatal system error has occurred.

*******************************************************************************

*
*
* Bugcheck Analysis
*
*
*
*******************************************************************************

*** WARNING: Unable to verify Timestamp for ntoskrnl.exe
*** ERROR: Symbol file could not be found. Defaulted to export symbols
for ntoskrnl.exe -
Bugcheck code 0000000A
Arguments c0503000 00000002 00000000 8012d773

ChildEBP RetAddr Args to Child
f7497bfc 801415e0 0000000a c0503000 00000002
ntoskrnl!DbgBreakPointWithStatus+0x4
*** WARNING: Unable to verify Timestamp for halapic.dll
*** ERROR: Symbol file could not be found. Defaulted to export symbols
for halapic.dll -
f7497c18 80010880 f7497c60 8010a465 e1194d68
ntoskrnl!Kei386EoiHelper+0x2948
00000001 00000000 00000000 00000000 00000000 halapic+0xf880

ntoskrnl!DbgBreakPointWithStatus+4:
8012ff7c cc

Your responce is highly appreciated

Daliraju

You are currently subscribed to ntdev as: xxxxx@microsoft.com
To unsubscribe send a blank email to %%email.unsub%%

>>>UserBuffer = MmMapLockedPages(MemMDL,UserMode);

This does not mean that your pages are locked.
Seems like you are not locking your buffer pages.

From: DALIRAJU VYSYARAJU [mailto:xxxxx@sbs.com]
Sent: Thu 8/22/2002 10:32 PM
To: NT Developers Interest List
Cc:
Subject: [ntdev] BSOD appears when MmUnmapLockedPages is used in
nt4.0

Hi

Can someone help me in finding a solution for acheiving common buffer dma
.The following is the source code. On allocation I used the following
code and it works fine.

VirtualBuffer =
HalAllocateCommonBuffer(DmaAdapter,0x1000,&PhysicalBuffer,FALSE);

MemMDL = IoAllocateMdl(VirtualBuffer,0x1000,FALSE,FALSE,NULL);

MmBuildMdlForNonPagedPool(MemMDL);

UserBuffer = MmMapLockedPages(MemMDL,UserMode);

On deallocation I used the following code and works fine.
MmUnlockPages(MemMDL); IoFreeMdl(MemMDL);
HalFreeCommonBuffer(DmaAdapter,0x1000,PhysicalBuffer,VirtualBuffer,FALSE);

BSOD appears when I close the application.

A fatal system error has occurred.

*******************************************************************************

*
*
* Bugcheck Analysis
*
*
*
*******************************************************************************

*** WARNING: Unable to verify Timestamp for ntoskrnl.exe
*** ERROR: Symbol file could not be found. Defaulted to export symbols
for ntoskrnl.exe -
Bugcheck code 0000000A
Arguments c0503000 00000002 00000000 8012d773

ChildEBP RetAddr Args to Child
f7497bfc 801415e0 0000000a c0503000 00000002
ntoskrnl!DbgBreakPointWithStatus+0x4
*** WARNING: Unable to verify Timestamp for halapic.dll
*** ERROR: Symbol file could not be found. Defaulted to export symbols
for halapic.dll -
f7497c18 80010880 f7497c60 8010a465 e1194d68
ntoskrnl!Kei386EoiHelper+0x2948
00000001 00000000 00000000 00000000 00000000 halapic+0xf880

ntoskrnl!DbgBreakPointWithStatus+4:
8012ff7c cc

Your responce is highly appreciated

Daliraju

You are currently subscribed to ntdev as: xxxxx@microsoft.com
To unsubscribe send a blank email to %%email.unsub%%

You are currently subscribed to ntdev as: xxxxx@nai.com
To unsubscribe send a blank email to %%email.unsub%%

common buffer is always locked.

-p

-----Original Message-----
From: xxxxx@nai.com [mailto:xxxxx@nai.com]
Sent: Friday, August 23, 2002 9:22 AM
To: NT Developers Interest List
Subject: [ntdev] RE: BSOD appears when MmUnmapLockedPages is used in
nt4.0

>>UserBuffer = MmMapLockedPages(MemMDL,UserMode);

This does not mean that your pages are locked.
Seems like you are not locking your buffer pages.

From: DALIRAJU VYSYARAJU [mailto:xxxxx@sbs.com]
Sent: Thu 8/22/2002 10:32 PM
To: NT Developers Interest List
Cc:
Subject: [ntdev] BSOD appears when MmUnmapLockedPages is used in
nt4.0

Hi

Can someone help me in finding a solution for acheiving common buffer
dma .The following is the source code. On allocation I used the
following
code and it works fine.

VirtualBuffer =
HalAllocateCommonBuffer(DmaAdapter,0x1000,&PhysicalBuffer,FALSE);

MemMDL = IoAllocateMdl(VirtualBuffer,0x1000,FALSE,FALSE,NULL);

MmBuildMdlForNonPagedPool(MemMDL);

UserBuffer = MmMapLockedPages(MemMDL,UserMode);

On deallocation I used the following code and works fine.
MmUnlockPages(MemMDL); IoFreeMdl(MemMDL);
HalFreeCommonBuffer(DmaAdapter,0x1000,PhysicalBuffer,VirtualBuffer,FALSE
);

BSOD appears when I close the application.

A fatal system error has occurred.

************************************************************************
*******

*

*
* Bugcheck Analysis

*
*

*
************************************************************************
*******

*** WARNING: Unable to verify Timestamp for ntoskrnl.exe
*** ERROR: Symbol file could not be found. Defaulted to export symbols
for ntoskrnl.exe -
Bugcheck code 0000000A
Arguments c0503000 00000002 00000000 8012d773

ChildEBP RetAddr Args to Child
f7497bfc 801415e0 0000000a c0503000 00000002
ntoskrnl!DbgBreakPointWithStatus+0x4
*** WARNING: Unable to verify Timestamp for halapic.dll
*** ERROR: Symbol file could not be found. Defaulted to export symbols
for halapic.dll -
f7497c18 80010880 f7497c60 8010a465 e1194d68
ntoskrnl!Kei386EoiHelper+0x2948
00000001 00000000 00000000 00000000 00000000 halapic+0xf880

ntoskrnl!DbgBreakPointWithStatus+4:
8012ff7c cc

Your responce is highly appreciated

Daliraju

You are currently subscribed to ntdev as: xxxxx@microsoft.com
To unsubscribe send a blank email to %%email.unsub%%

You are currently subscribed to ntdev as: xxxxx@nai.com
To unsubscribe send a blank email to %%email.unsub%%

You are currently subscribed to ntdev as: xxxxx@microsoft.com To
unsubscribe send a blank email to %%email.unsub%%

Look at the routines used, Viyer. He does not need to lock the pages
described by that Mdl.
its enough he calls MmBuildMdlForNonPagedPool. Also,
MmBuildMdlForNonPagedPool() as opsed to MmProbeAndLockPages() does not
requires a subsequent unlock operation, since the former simply builds the
Mdl , and reference counting of Pfn are not incremented.

My question for the original poster is whatever he calls
MmUnmapLockedPages() for getting rid of the user mode mapping hwn no longer
needed , and if it does it at a correct IRQL level ( < DISPATCH for a user
mode mapping).

Dan

----- Original Message -----
From:
To: “NT Developers Interest List”
Sent: Friday, August 23, 2002 7:21 PM
Subject: [ntdev] RE: BSOD appears when MmUnmapLockedPages is used in nt4.0

> >>>UserBuffer = MmMapLockedPages(MemMDL,UserMode);
>
> This does not mean that your pages are locked.
> Seems like you are not locking your buffer pages.
>
>
> From: DALIRAJU VYSYARAJU [mailto:xxxxx@sbs.com]
> Sent: Thu 8/22/2002 10:32 PM
> To: NT Developers Interest List
> Cc:
> Subject: [ntdev] BSOD appears when MmUnmapLockedPages is used in
> nt4.0
>
>
>
> Hi
>
> Can someone help me in finding a solution for acheiving common buffer dma
> .The following is the source code. On allocation I used the following
> code and it works fine.
>
>
>
>
>
>
> VirtualBuffer =
> HalAllocateCommonBuffer(DmaAdapter,0x1000,&PhysicalBuffer,FALSE);
>
>
>
> MemMDL = IoAllocateMdl(VirtualBuffer,0x1000,FALSE,FALSE,NULL);
>
>
>
> MmBuildMdlForNonPagedPool(MemMDL);
>
>
>
> UserBuffer = MmMapLockedPages(MemMDL,UserMode);
>
>
>
>
>
>
> On deallocation I used the following code and works fine.
> MmUnlockPages(MemMDL); IoFreeMdl(MemMDL);
> HalFreeCommonBuffer(DmaAdapter,0x1000,PhysicalBuffer,VirtualBuffer,FALSE);
>
>
>
>
>
>
> BSOD appears when I close the application.
>
> A fatal system error has occurred.
>
>
*************************************************************************

>
>
> *
> *
> * Bugcheck Analysis
> *
> *
> *
>
*************************************************************************

>
>
> WARNING: Unable to verify Timestamp for ntoskrnl.exe
> ERROR: Symbol file could not be found. Defaulted to export symbols
> for ntoskrnl.exe -
> Bugcheck code 0000000A
> Arguments c0503000 00000002 00000000 8012d773
>
> ChildEBP RetAddr Args to Child
> f7497bfc 801415e0 0000000a c0503000 00000002
> ntoskrnl!DbgBreakPointWithStatus+0x4
> WARNING: Unable to verify Timestamp for halapic.dll
> ERROR: Symbol file could not be found. Defaulted to export symbols
> for halapic.dll -
> f7497c18 80010880 f7497c60 8010a465 e1194d68
> ntoskrnl!Kei386EoiHelper+0x2948
> 00000001 00000000 00000000 00000000 00000000 halapic+0xf880
>
> ntoskrnl!DbgBreakPointWithStatus+4:
> 8012ff7c cc
>
> Your responce is highly appreciated
>
> Daliraju
>
>
>
>
>
> —
> You are currently subscribed to ntdev as: xxxxx@microsoft.com
> To unsubscribe send a blank email to %%email.unsub%%
>
>
>
>
>
> —
> You are currently subscribed to ntdev as: xxxxx@nai.com
> To unsubscribe send a blank email to %%email.unsub%%
>
>
>
> —
> You are currently subscribed to ntdev as: xxxxx@rdsor.ro
> To unsubscribe send a blank email to %%email.unsub%%
>

My bad.
I completely overlooked the MmBuildMdlForNonPagedPool() call.

-----Original Message-----
From: Dan Partelly [mailto:xxxxx@rdsor.ro]
Sent: Friday, August 23, 2002 9:18 AM
To: NT Developers Interest List
Subject: [ntdev] RE: BSOD appears when MmUnmapLockedPages is used in
nt4.0

Look at the routines used, Viyer. He does not need to lock the pages
described by that Mdl.
its enough he calls MmBuildMdlForNonPagedPool. Also,
MmBuildMdlForNonPagedPool() as opsed to MmProbeAndLockPages() does not
requires a subsequent unlock operation, since the former simply builds the
Mdl , and reference counting of Pfn are not incremented.

My question for the original poster is whatever he calls
MmUnmapLockedPages() for getting rid of the user mode mapping hwn no
longer
needed , and if it does it at a correct IRQL level ( < DISPATCH for a user
mode mapping).

Dan

----- Original Message -----
From:
To: “NT Developers Interest List”
Sent: Friday, August 23, 2002 7:21 PM
Subject: [ntdev] RE: BSOD appears when MmUnmapLockedPages is used in nt4.0

> >>>UserBuffer = MmMapLockedPages(MemMDL,UserMode);
>
> This does not mean that your pages are locked.
> Seems like you are not locking your buffer pages.
>
>
> From: DALIRAJU VYSYARAJU [mailto:xxxxx@sbs.com]
> Sent: Thu 8/22/2002 10:32 PM
> To: NT Developers Interest List
> Cc:
> Subject: [ntdev] BSOD appears when MmUnmapLockedPages is used in
> nt4.0
>
>
>
> Hi
>
> Can someone help me in finding a solution for acheiving common buffer dma
> .The following is the source code. On allocation I used the following
> code and it works fine.
>
>
>
>
>
>
> VirtualBuffer =
> HalAllocateCommonBuffer(DmaAdapter,0x1000,&PhysicalBuffer,FALSE);
>
>
>
> MemMDL = IoAllocateMdl(VirtualBuffer,0x1000,FALSE,FALSE,NULL);
>
>
>
> MmBuildMdlForNonPagedPool(MemMDL);
>
>
>
> UserBuffer = MmMapLockedPages(MemMDL,UserMode);
>
>
>
>
>
>
> On deallocation I used the following code and works fine.
> MmUnlockPages(MemMDL); IoFreeMdl(MemMDL);
> HalFreeCommonBuffer(DmaAdapter,0x1000,PhysicalBuffer,VirtualBuffer,FALSE);
>
>
>
>
>
>
> BSOD appears when I close the application.
>
> A fatal system error has occurred.
>
>
*************************************************************************


>
>
> *
> *
> * Bugcheck Analysis
> *
> *
> *
>
*************************************************************************


>
>
> WARNING: Unable to verify Timestamp for ntoskrnl.exe
> ERROR: Symbol file could not be found. Defaulted to export symbols
> for ntoskrnl.exe -
> Bugcheck code 0000000A
> Arguments c0503000 00000002 00000000 8012d773
>
> ChildEBP RetAddr Args to Child
> f7497bfc 801415e0 0000000a c0503000 00000002
> ntoskrnl!DbgBreakPointWithStatus+0x4
> WARNING: Unable to verify Timestamp for halapic.dll
> ERROR: Symbol file could not be found. Defaulted to export symbols
> for halapic.dll -
> f7497c18 80010880 f7497c60 8010a465 e1194d68
> ntoskrnl!Kei386EoiHelper+0x2948
> 00000001 00000000 00000000 00000000 00000000 halapic+0xf880
>
> ntoskrnl!DbgBreakPointWithStatus+4:
> 8012ff7c cc
>
> Your responce is highly appreciated
>
> Daliraju
>
>
>
>
>
> —
> You are currently subscribed to ntdev as: xxxxx@microsoft.com
> To unsubscribe send a blank email to %%email.unsub%%
>
>
>
>
>
> —
> You are currently subscribed to ntdev as: xxxxx@nai.com
> To unsubscribe send a blank email to %%email.unsub%%
>
>
>
> —
> You are currently subscribed to ntdev as: xxxxx@rdsor.ro
> To unsubscribe send a blank email to %%email.unsub%%
>

—
You are currently subscribed to ntdev as: xxxxx@nai.com
To unsubscribe send a blank email to %%email.unsub%%

> VirtualBuffer =

HalAllocateCommonBuffer(DmaAdapter,0x1000,&PhysicalBuffer,FALSE);

MemMDL = IoAllocateMdl(VirtualBuffer,0x1000,FALSE,FALSE,NULL);

Why you need a MDL on top of the common buffer?
Common buffers are allocated by bottom-most drivers closest to
hardware, so, there is no need to pass the common buffer down to some
other driver.
And for DMA purposes, just use the logical address returned by
HalAllocateCommonBuffer and put it to the hardware, no MDLs at all.

Max

Hi, all

I have an quick question.
If kernel mode driver try to free null poiner using nt!ExFreePool(), Can we
say that we can get BSOD with BugCheck 0xC2 absolutely?

I had an experience so that get BSOD with BugCheck 0xC2 when kernel mode
driver try to do so.

Thanks in advance,
Futoshi

See “Bug Check 0xC2: BAD_POOL_CALLER” in the section “Bug Check Code
Reference” in the latest windbg documentation for complete information
about this bugcheck code.

It is certainly a fatal error to call ExFreePool with any invalid
address.

Will you always get this bugcheck? I give up, probably.

===========================
Mark Roddy
Consultant, Microsoft DDK MVP
Hollis Technology Solutions
xxxxx@hollistech.com
www.hollistech.com
603-321-1032

-----Original Message-----
From: xxxxx@citrix.co.jp
To: “NT Developers Interest List”
Date: Wed, 11 Sep 2002 18:03:33 +0900
Subject: [ntdev] [BugCheck 0xC2]

> Hi, all
>
> I have an quick question.
> If kernel mode driver try to free null poiner using nt!ExFreePool(),
> Can we
> say that we can get BSOD with BugCheck 0xC2 absolutely?
>
> I had an experience so that get BSOD with BugCheck 0xC2 when kernel
> mode
> driver try to do so.
>
> Thanks in advance,
> Futoshi
>
>
> —
> You are currently subscribed to ntdev as: xxxxx@hollistech.com
> To unsubscribe send a blank email to %%email.unsub%%