Enumerating Majorfunctions and making sense of a minidump?

Hi,
I have coded a small kernel-mode driver which creates a dummy device and
handles a Create
call on that device.
The driver loads properly and also handles the Create call on it and unloads
properly.
But in the DriverEntry function when I tried enumerating the MajorFunction
array values.
It seeems to crash with bug-check and produces a Minidump.
*************************************************************
The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001e
(0xc0000005, 0xf75dd466, 0x00000000, 0x00000028).
*************************************************************
As u can see its a memry access-violation.
So how can I enumerate the array values safely without crashing?
Also I did a dumpchk on the minidump and could not make any sense of the
analysis.
Can somebody pls tell me what to look into the analysis of the dump and how
to know whats
going wrong and where?
Thanks.
–Mayur.

If you attach a debugger, you can see the exact index in which you are
over stepping the bounds of the array. What value are you using to
limit the iteration over DriverObject->MajorFunction?
IRP_MJ_MAXIMUM_FUNCTION?

d

-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Mayur Kankanwadi
Sent: Friday, April 15, 2005 12:52 AM
To: Windows System Software Devs Interest List
Subject: [ntdev] Enumerating Majorfunctions and making sense of a
minidump?

Hi,
I have coded a small kernel-mode driver which creates a dummy device and
handles a Create
call on that device.
The driver loads properly and also handles the Create call on it and
unloads
properly.
But in the DriverEntry function when I tried enumerating the
MajorFunction
array values.
It seeems to crash with bug-check and produces a Minidump.
*************************************************************
The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001e
(0xc0000005, 0xf75dd466, 0x00000000, 0x00000028).
*************************************************************
As u can see its a memry access-violation.
So how can I enumerate the array values safely without crashing?
Also I did a dumpchk on the minidump and could not make any sense of the
analysis.
Can somebody pls tell me what to look into the analysis of the dump and
how
to know whats
going wrong and where?
Thanks.
–Mayur.


Questions? First check the Kernel Driver FAQ at
http://www.osronline.com/article.cfm?id=256

You are currently subscribed to ntdev as: xxxxx@windows.microsoft.com
To unsubscribe send a blank email to xxxxx@lists.osr.com

Yes,I am using IRP_MJ_MAXIMUM_FUNCTION
as the array bound but still the code crashes the whole
OS!!
This is the code(I have just):
for(iter = 0;iter < IRP_MJ_MAXIMUM_FUNCTION;iter++)
{
DbgPrint(“Address : %ld”,DriverObject->MajorFunction[iter]);
}
Is this right??
Thanks.
–Mayur.
“Doron Holan” wrote in message
news:xxxxx@ntdev…
If you attach a debugger, you can see the exact index in which you are
over stepping the bounds of the array. What value are you using to
limit the iteration over DriverObject->MajorFunction?
IRP_MJ_MAXIMUM_FUNCTION?

d

-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Mayur Kankanwadi
Sent: Friday, April 15, 2005 12:52 AM
To: Windows System Software Devs Interest List
Subject: [ntdev] Enumerating Majorfunctions and making sense of a
minidump?

Hi,
I have coded a small kernel-mode driver which creates a dummy device and
handles a Create
call on that device.
The driver loads properly and also handles the Create call on it and
unloads
properly.
But in the DriverEntry function when I tried enumerating the
MajorFunction
array values.
It seeems to crash with bug-check and produces a Minidump.

The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001e
(0xc0000005, 0xf75dd466, 0x00000000, 0x00000028).

As u can see its a memry access-violation.
So how can I enumerate the array values safely without crashing?
Also I did a dumpchk on the minidump and could not make any sense of the
analysis.
Can somebody pls tell me what to look into the analysis of the dump and
how
to know whats
going wrong and where?
Thanks.
–Mayur.


Questions? First check the Kernel Driver FAQ at
http://www.osronline.com/article.cfm?id=256

You are currently subscribed to ntdev as: xxxxx@windows.microsoft.com
To unsubscribe send a blank email to xxxxx@lists.osr.com

Like I said, hook up a debugger. They you can see the value of iter.
If it’s zero, then I would guess you are trying to do this at HIGH irql
or something else is wrong (like DriverObject == NULL ?)

Also, the format specifier for a pointer value is %p, ie
DbgPrint(“Address : %p\n”, DriverObject->MajorFunction[iter]);

d

-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Mayur Kankanwadi
Sent: Friday, April 15, 2005 10:44 AM
To: Windows System Software Devs Interest List
Subject: Re:[ntdev] Enumerating Majorfunctions and making sense of a
minidump?

Yes,I am using IRP_MJ_MAXIMUM_FUNCTION
as the array bound but still the code crashes the whole
OS!!
This is the code(I have just):
for(iter = 0;iter < IRP_MJ_MAXIMUM_FUNCTION;iter++)
{
DbgPrint(“Address : %ld”,DriverObject->MajorFunction[iter]);
}
Is this right??
Thanks.
–Mayur.
“Doron Holan” wrote in message
news:xxxxx@ntdev…
If you attach a debugger, you can see the exact index in which you are
over stepping the bounds of the array. What value are you using to
limit the iteration over DriverObject->MajorFunction?
IRP_MJ_MAXIMUM_FUNCTION?

d

-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Mayur Kankanwadi
Sent: Friday, April 15, 2005 12:52 AM
To: Windows System Software Devs Interest List
Subject: [ntdev] Enumerating Majorfunctions and making sense of a
minidump?

Hi,
I have coded a small kernel-mode driver which creates a dummy device and
handles a Create
call on that device.
The driver loads properly and also handles the Create call on it and
unloads
properly.
But in the DriverEntry function when I tried enumerating the
MajorFunction
array values.
It seeems to crash with bug-check and produces a Minidump.

The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001e
(0xc0000005, 0xf75dd466, 0x00000000, 0x00000028).

As u can see its a memry access-violation.
So how can I enumerate the array values safely without crashing?
Also I did a dumpchk on the minidump and could not make any sense of the
analysis.
Can somebody pls tell me what to look into the analysis of the dump and
how
to know whats
going wrong and where?
Thanks.
–Mayur.


Questions? First check the Kernel Driver FAQ at
http://www.osronline.com/article.cfm?id=256

You are currently subscribed to ntdev as: xxxxx@windows.microsoft.com
To unsubscribe send a blank email to xxxxx@lists.osr.com


Questions? First check the Kernel Driver FAQ at
http://www.osronline.com/article.cfm?id=256

You are currently subscribed to ntdev as: xxxxx@windows.microsoft.com
To unsubscribe send a blank email to xxxxx@lists.osr.com

Its working.
The error was somewhere else and not in the for loop.
My mistake. :smiley:
Thanks all.
–Mayur.

“Doron Holan” wrote in message
news:xxxxx@ntdev…
Like I said, hook up a debugger. They you can see the value of iter.
If it’s zero, then I would guess you are trying to do this at HIGH irql
or something else is wrong (like DriverObject == NULL ?)

Also, the format specifier for a pointer value is %p, ie
DbgPrint(“Address : %p\n”, DriverObject->MajorFunction[iter]);

d

-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Mayur Kankanwadi
Sent: Friday, April 15, 2005 10:44 AM
To: Windows System Software Devs Interest List
Subject: Re:[ntdev] Enumerating Majorfunctions and making sense of a
minidump?

Yes,I am using IRP_MJ_MAXIMUM_FUNCTION
as the array bound but still the code crashes the whole
OS!!
This is the code(I have just):
for(iter = 0;iter < IRP_MJ_MAXIMUM_FUNCTION;iter++)
{
DbgPrint(“Address : %ld”,DriverObject->MajorFunction[iter]);
}
Is this right??
Thanks.
–Mayur.
“Doron Holan” wrote in message
news:xxxxx@ntdev…
If you attach a debugger, you can see the exact index in which you are
over stepping the bounds of the array. What value are you using to
limit the iteration over DriverObject->MajorFunction?
IRP_MJ_MAXIMUM_FUNCTION?

d

-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Mayur Kankanwadi
Sent: Friday, April 15, 2005 12:52 AM
To: Windows System Software Devs Interest List
Subject: [ntdev] Enumerating Majorfunctions and making sense of a
minidump?

Hi,
I have coded a small kernel-mode driver which creates a dummy device and
handles a Create
call on that device.
The driver loads properly and also handles the Create call on it and
unloads
properly.
But in the DriverEntry function when I tried enumerating the
MajorFunction
array values.
It seeems to crash with bug-check and produces a Minidump.

The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001e
(0xc0000005, 0xf75dd466, 0x00000000, 0x00000028).

As u can see its a memry access-violation.
So how can I enumerate the array values safely without crashing?
Also I did a dumpchk on the minidump and could not make any sense of the
analysis.
Can somebody pls tell me what to look into the analysis of the dump and
how
to know whats
going wrong and where?
Thanks.
–Mayur.


Questions? First check the Kernel Driver FAQ at
http://www.osronline.com/article.cfm?id=256

You are currently subscribed to ntdev as: xxxxx@windows.microsoft.com
To unsubscribe send a blank email to xxxxx@lists.osr.com


Questions? First check the Kernel Driver FAQ at
http://www.osronline.com/article.cfm?id=256

You are currently subscribed to ntdev as: xxxxx@windows.microsoft.com
To unsubscribe send a blank email to xxxxx@lists.osr.com