BSOD on MmUnmapLockedPages

OSR_Community_User · September 9, 2002, 2:05pm

Description of the Problem:The following code works fine in windows 2000
machines. All the problems appear when NT4.0 is used. BSOD appears when
closing the application. This is about common buffer DMA (Bus Master)
implementation. In my application I allocate common buffer though an IOCTL
call then deallocate common buffer through another IOCTL call. I have no
problem while allocation and deallocation. All the problems appear when
closing the application. Code is as follows: On allocation: works fine

VirtualBuffer =
HalAllocateCommonBuffer(DmaAdapter,0x1000,&PhysicalBuffer,FALSE);
MemMDL = IoAllocateMdl(VirtualBuffer,0x1000,FALSE,FALSE,NULL);
MmBuildMdlForNonPagedPool(MemMDL);
UserBuffer = MmMapLockedPages(MemMDL,UserMode

On deallocation: works fine
MmUnmapLockedPages(VirtualBuffer, MemMDL);
IoFreeMdl(MemMDL);
HalFreeCommonBuffer(DmaAdapter,0x1000,PhysicalBuffer,VirtualBuffer,FALSE);

When I close the application BSOD comes up

symbolic strack trace:
nt!RtlFindFirstRunSet+0x90
nt!KiInitializeAbios+0xc7
nt!KiInitializeAbios+0x77
TDI!CTEStartTimer+0x5a
nt!HAL_NULL_THUNK_DATA+0x938

kd> !analyze -v
****************************************************************************
***
*
*
* Bugcheck Analysis
*
*
*
****************************************************************************
***

Unknown bugcheck code (80000021)
Unknown bugcheck description
Arguments:
Arg1: 00010002
Arg2: 80000025
Arg3: 00010001
Arg4: 80090300

Debugging Details:

DEFAULT_BUCKET_ID: DRIVER_FAULT

BUGCHECK_STR: 0x80000021

LAST_CONTROL_TRANSFER: from 801167f7 to 8012ff7c

STACK_TEXT:
fe37dac0 801167f7 00000202 80116869 80551588 nt!RtlFindFirstRunSet+0x90
fe37dae8 801167a7 fe406900 fff0bdc0 ffffffff nt!KiInitializeAbios+0xc7
fe37db04 f90b8c68 fe406900 fff0bdc0 ffffffff nt!KiInitializeAbios+0x77
fe37db50 801415e0 00000008 00000286 fe37dc04 TDI!CTEStartTimer+0x5a fe37dc18
80010880 fe37dc60 8010a465 e116e1c8 nt!HAL_NULL_THUNK_DATA+0x938 00000001
00000000 00000000 00000000 00000000 hal!HalStartProfileInterrupt+0x34

FOLLOWUP_IP:
TDI!CTEStartTimer+5a
f90b8c68 b801000000 mov eax,0x1

FOLLOWUP_NAME: MachineOwner

SYMBOL_NAME: TDI!CTEStartTimer+5a

MODULE_NAME: TDI

IMAGE_NAME: TDI.SYS

DEBUG_FLR_IMAGE_TIMESTAMP: 31ec6e6c

STACK_COMMAND: kb

BUCKET_ID: 0x80000021_TDI!CTEStartTimer+5a

Followup: MachineOwner

Let me know if you need more information.

Vysyaraju Dali Raju

Vysyaraju Daliraju, / Systems Software Engineer
SBS Technologies, 8371C Central Ave. / Newark, CA 94560
Phone: 510-742-2570 / Fax: -2501 / EMail: xxxxx@sbs.com
mailto:xxxxx ></mailto:xxxxx>

OSR_Community_User · September 9, 2002, 9:01pm

The MmUnmapLockedPages call should pass in UserBuffer, not
VirtualBuffer.
Ravi
-----Original Message-----
From: Vysyaraju Daliraju [mailto:xxxxx@sbs.com]
Sent: Monday, September 09, 2002 10:58 AM
To: NT Developers Interest List
Subject: [ntdev] BSOD on MmUnmapLockedPages

Description of the Problem:The following code works fine in windows 2000
machines. All the problems appear when NT4.0 is used. BSOD appears when
closing the application. This is about common buffer DMA (Bus Master)
implementation. In my application I allocate common buffer though an
IOCTL call then deallocate common buffer through another IOCTL call. I
have no problem while allocation and deallocation. All the problems
appear when closing the application. Code is as follows: On allocation:
works fine

VirtualBuffer =
HalAllocateCommonBuffer(DmaAdapter,0x1000,&PhysicalBuffer,FALSE);
MemMDL = IoAllocateMdl(VirtualBuffer,0x1000,FALSE,FALSE,NULL);
MmBuildMdlForNonPagedPool(MemMDL);
UserBuffer = MmMapLockedPages(MemMDL,UserMode

On deallocation: works fine
MmUnmapLockedPages(VirtualBuffer, MemMDL);
IoFreeMdl(MemMDL);
HalFreeCommonBuffer(DmaAdapter,0x1000,PhysicalBuffer,VirtualBuffer,FALSE
);

When I close the application BSOD comes up

symbolic strack trace:
nt!RtlFindFirstRunSet+0x90
nt!KiInitializeAbios+0xc7
nt!KiInitializeAbios+0x77
TDI!CTEStartTimer+0x5a
nt!HAL_NULL_THUNK_DATA+0x938

kd> !analyze -v
************************************************************************
*******
*
*
* Bugcheck Analysis
*
*
*
************************************************************************
*******

Unknown bugcheck code (80000021)
Unknown bugcheck description
Arguments:
Arg1: 00010002
Arg2: 80000025
Arg3: 00010001
Arg4: 80090300

Debugging Details:

DEFAULT_BUCKET_ID: DRIVER_FAULT

BUGCHECK_STR: 0x80000021

LAST_CONTROL_TRANSFER: from 801167f7 to 8012ff7c

STACK_TEXT:
fe37dac0 801167f7 00000202 80116869 80551588 nt!RtlFindFirstRunSet+0x90
fe37dae8 801167a7 fe406900 fff0bdc0 ffffffff nt!KiInitializeAbios+0xc7
fe37db04 f90b8c68 fe406900 fff0bdc0 ffffffff nt!KiInitializeAbios+0x77
fe37db50 801415e0 00000008 00000286 fe37dc04 TDI!CTEStartTimer+0x5a
fe37dc18 80010880 fe37dc60 8010a465 e116e1c8
nt!HAL_NULL_THUNK_DATA+0x938 00000001 00000000 00000000 00000000
00000000 hal!HalStartProfileInterrupt+0x34

FOLLOWUP_IP:
TDI!CTEStartTimer+5a
f90b8c68 b801000000 mov eax,0x1

FOLLOWUP_NAME: MachineOwner

SYMBOL_NAME: TDI!CTEStartTimer+5a

MODULE_NAME: TDI

IMAGE_NAME: TDI.SYS

DEBUG_FLR_IMAGE_TIMESTAMP: 31ec6e6c

STACK_COMMAND: kb

BUCKET_ID: 0x80000021_TDI!CTEStartTimer+5a

Followup: MachineOwner

Let me know if you need more information.

Vysyaraju Dali Raju

Vysyaraju Daliraju, / Systems Software Engineer
SBS Technologies, 8371C Central Ave. / Newark, CA 94560
Phone: 510-742-2570 / Fax: -2501 / EMail: xxxxx@sbs.com
mailto:xxxxx

—
You are currently subscribed to ntdev as: xxxxx@windows.microsoft.com
To unsubscribe send a blank email to %%email.unsub%%</mailto:xxxxx>

OSR_Community_User · September 10, 2002, 2:53pm

Hi Ravi!

Thanks for the help. It works with user buffer.

Vysyaraju Dali Raju

Vysyaraju Daliraju, / Systems Software Engineer
SBS Technologies, 8371C Central Ave. / Newark, CA 94560
Phone: 510-742-2570 / Fax: -2501 / EMail: xxxxx@sbs.com
mailto:xxxxx

-----Original Message-----
From: Ravisankar Pudipeddi [mailto:xxxxx@windows.microsoft.com]
Sent: Monday, September 09, 2002 5:58 PM
To: NT Developers Interest List
Subject: [ntdev] RE: BSOD on MmUnmapLockedPages

The MmUnmapLockedPages call should pass in UserBuffer, not
VirtualBuffer.
Ravi
-----Original Message-----
From: Vysyaraju Daliraju [mailto:xxxxx@sbs.com]
Sent: Monday, September 09, 2002 10:58 AM
To: NT Developers Interest List
Subject: [ntdev] BSOD on MmUnmapLockedPages

Description of the Problem:The following code works fine in windows 2000
machines. All the problems appear when NT4.0 is used. BSOD appears when
closing the application. This is about common buffer DMA (Bus Master)
implementation. In my application I allocate common buffer though an
IOCTL call then deallocate common buffer through another IOCTL call. I
have no problem while allocation and deallocation. All the problems
appear when closing the application. Code is as follows: On allocation:
works fine

VirtualBuffer =
HalAllocateCommonBuffer(DmaAdapter,0x1000,&PhysicalBuffer,FALSE);
MemMDL = IoAllocateMdl(VirtualBuffer,0x1000,FALSE,FALSE,NULL);
MmBuildMdlForNonPagedPool(MemMDL);
UserBuffer = MmMapLockedPages(MemMDL,UserMode

On deallocation: works fine
MmUnmapLockedPages(VirtualBuffer, MemMDL);
IoFreeMdl(MemMDL);
HalFreeCommonBuffer(DmaAdapter,0x1000,PhysicalBuffer,VirtualBuffer,FALSE
);

When I close the application BSOD comes up

symbolic strack trace:
nt!RtlFindFirstRunSet+0x90
nt!KiInitializeAbios+0xc7
nt!KiInitializeAbios+0x77
TDI!CTEStartTimer+0x5a
nt!HAL_NULL_THUNK_DATA+0x938

kd> !analyze -v
***********************************************************

Bugcheck Analysis

*****************************************************************

Unknown bugcheck code (80000021)
Unknown bugcheck description
Arguments:
Arg1: 00010002
Arg2: 80000025
Arg3: 00010001
Arg4: 80090300

Debugging Details:
------------------

DEFAULT_BUCKET_ID: DRIVER_FAULT

BUGCHECK_STR: 0x80000021

LAST_CONTROL_TRANSFER: from 801167f7 to 8012ff7c

STACK_TEXT:
fe37dac0 801167f7 00000202 80116869 80551588 nt!RtlFindFirstRunSet+0x90
fe37dae8 801167a7 fe406900 fff0bdc0 ffffffff nt!KiInitializeAbios+0xc7
fe37db04 f90b8c68 fe406900 fff0bdc0 ffffffff nt!KiInitializeAbios+0x77
fe37db50 801415e0 00000008 00000286 fe37dc04 TDI!CTEStartTimer+0x5a
fe37dc18 80010880 fe37dc60 8010a465 e116e1c8
nt!HAL_NULL_THUNK_DATA+0x938 00000001 00000000 00000000 00000000
00000000 hal!HalStartProfileInterrupt+0x34

FOLLOWUP_IP:
TDI!CTEStartTimer+5a
f90b8c68 b801000000 mov eax,0x1

FOLLOWUP_NAME: MachineOwner

SYMBOL_NAME: TDI!CTEStartTimer+5a

MODULE_NAME: TDI

IMAGE_NAME: TDI.SYS

DEBUG_FLR_IMAGE_TIMESTAMP: 31ec6e6c

STACK_COMMAND: kb

BUCKET_ID: 0x80000021_TDI!CTEStartTimer+5a

Followup: MachineOwner
---------

Let me know if you need more information.

Vysyaraju Dali Raju
__________________________________________
Vysyaraju Daliraju, / Systems Software Engineer
SBS Technologies, 8371C Central Ave. / Newark, CA 94560
Phone: 510-742-2570 / Fax: -2501 / EMail: xxxxx@sbs.com
mailto:xxxxx

—
You are currently subscribed to ntdev as: xxxxx@windows.microsoft.com
To unsubscribe send a blank email to %%email.unsub%%

—
You are currently subscribed to ntdev as: xxxxx@sbs.com
To unsubscribe send a blank email to %%email.unsub%%</mailto:xxxxx></mailto:xxxxx>