Ok,Thanks to Nick,I have a better analysis of the problem, but I am still
not very clear abt it, I knew from before that PcfAllocatedCachedFont was a
problem but what exactly is causing the problem I am still not clear.if any
one can help me clear that doubt.
Here is the updated output from !analyze -v command.
****************************************************************************
***
*
*
* Bugcheck Analysis
*
*
*
****************************************************************************
***
PAGE_FAULT_IN_NONPAGED_AREA (50)
Invalid system memory was referenced. This cannot be protected by
try-except,
it must be protected by a Probe. Typically the address is just plain bad or
it
is pointing at freed memory.
Arguments:
Arg1: e233fd2c, memory referenced.
Arg2: 00000001, value 0 = read operation, 1 = write operation.
Arg3: bd03b215, If non-zero, the instruction address which referenced the
bad memory
address.
Arg4: 00000001, (reserved)
Debugging Details:
Database SolnDb not connected
WRITE_ADDRESS: e233fd2c Paged pool
FAULTING_IP:
sisgrv!pcfAllocateCachedFont+105
bd03b215 c7402400000000 mov dword ptr [eax+0x24],0x0
MM_INTERNAL_CODE: 1
DEFAULT_BUCKET_ID: DRIVER_FAULT
BUGCHECK_STR: 0x50
LAST_CONTROL_TRANSFER: from 8042bcb9 to 80452e70
STACK_TEXT:
bc8b5a94 8042bcb9 00000003 bc8b5adc e233fd2c
nt!RtlpBreakWithStatusInstruction
bc8b5ac4 8042c068 00000003 c0388cfc 80062e90 nt!KiBugCheckDebugBreak+0x31
bc8b5e4c 80446eaf 00000000 e233fd2c 00000001 nt!KeBugCheckEx+0x37b
bc8b5e94 80464966 00000001 e233fd2c 00000000 nt!MmAccessFault+0x74e
bc8b5e94 bd03b215 00000001 e233fd2c 00000000 nt!KiTrap0E+0xc3
bc8b5f2c bd03aaa8 e1eba008 00000201 00000000
sisgrv!pcfAllocateCachedFont+0x105 [e:\driver\display\2dtext.c @ 657]
bc8b62f8 eed659b9 e1ebaa38 bc8b6828 e348c748 sisgrv!DrvTextOut+0x2d8
[e:\driver\display\2dtext.c @ 245]
bc8b66f4 a008ea3b e1ebaa38 bc8b6828 e348c748 SiSRV!DrvTextOut+0xb9
[c:\rr\2dtext.c @ 43]
bc8b6740 a008e9b8 eed65900 bc8b67c4 e1ebaa38 win32k!OffTextOut+0x6f
bc8b67cc a001cdb6 e1ebaa38 bc8b6828 e348c748 win32k!SpTextOut+0x83
bc8b6a54 a001be2f bc8b6d50 e1ec24cc e1ec2520
win32k!GreExtTextOutWLocked+0xdfe
bc8b6cc4 a00189ab bc8b6d50 7ffdb1dc 000000a0 win32k!GreBatchTextOut+0x2dd
bc8b6d54 80461663 0000009e 01d2fac4 00000001 win32k!NtGdiFlushUserBatch+0xd1
bc8b6d54 77f44d80 0000009e 01d2fac4 00000001 nt!KiSystemService+0x96
01d2fbdc 77f44364 01010050 0002e192 0000002a GDI32!NtGdiGetCharSet+0xb
01d2fbf4 0ffcd922 01010050 0002e192 0000002a GDI32!GetTextExtentPointA+0x17
01d2fc1c 0ffd1c77 00002f88 00001677 00030576 WOW32!WG32GetTextExtent+0x2e
01d2fc38 0ffcb8b3 16772fcc 0ffcb3ec 01671660 WOW32!WOWBopEntry+0xe7
01d2ff74 0f005726 16772fcc 01069b70 01cdf71c WOW32!W32Thread+0x4c7
01d2ffb4 77e92ca8 01671660 01069b70 01cdf71c ntvdm!ThreadStartupRoutine+0x48
01d2ffec 00000000 0f0056de 01671660 00000000 KERNEL32!BaseThreadStart+0x52
FOLLOWUP_IP:
sisgrv!pcfAllocateCachedFont+105
bd03b215 c7402400000000 mov dword ptr [eax+0x24],0x0
FOLLOWUP_NAME: MachineOwner
SYMBOL_NAME: sisgrv!pcfAllocateCachedFont+105
MODULE_NAME: sisgrv
IMAGE_NAME: sisgrv.dll
DEBUG_FLR_IMAGE_TIMESTAMP: 3ef12df8
STACK_COMMAND: kb
BUCKET_ID: 0x50_W_sisgrv!pcfAllocateCachedFont+105
Followup: MachineOwner
Thanks & Regards,
Nitin Kapoor
“Nick Ryan” wrote in message news:xxxxx@ntdev…
>
> Set the environment variable _NT_SYMBOL_PATH to the following value on
> your host machine (or set it in a batch file that invokes WinDbg, which
> is what I do so that I don’t have to modify my environment globally):
>
> srvC:\Symbolshttp://msdl.microsoft.com/download/symbols
>
> Now run WinDbg again and re-attempt analysis. It should be able to find
> all kernel symbols correctly now. (Also, make sure you are using the
> latest version of WinDbg available from Microsoft’s site).
>
> - Nick Ryan
>
> > -----Original Message-----
> > From: xxxxx@lists.osr.com
> > [mailto:xxxxx@lists.osr.com] On Behalf Of Nitin Kapoor
> > Sent: Thursday, June 26, 2003 7:11 PM
> > To: NT Developers Interest List
> > Subject: [ntdev] Re: Page Fault In Non Paged Area
> >
> >
> > Thanks Gary:
> >
> > When I do the analyze command on windbg it gives me the
> > attached output though it points me to font cache but it also
> > says that the symbols are not correct, I am new to windbg can
> > u guide me on this which symbols are not correct , I have
> > double checked on the symbol path they are correct and if I
> > give a INT in the code it stops at the correct position , am
> > I missing on something are we required to give some other
> > symbol path also
> >
> > Secondly, I don’t know how to click on the driver name in the
> > stack in softice and I am sure that the problem is in
> > Drvtextout because I have allready tested it with EngTextOut
> > it doesn’t break then.
> >
> > Here is the windbg output.
> >
> > * Bugcheck Analysis *
> >
> > PAGE_FAULT_IN_NONPAGED_AREA (50)
> >
> > Invalid system memory was referenced. This cannot be
> > protected by try-except, it must be protected by a Probe.
> > Typically the address is just plain bad or it is pointing at
> > freed memory.
> >
> > Arguments:
> >
> > Arg1: e21e4a2c, memory referenced.
> >
> > Arg2: 00000001, value 0 = read operation, 1 = write operation.
> >
> > Arg3: bd03b215, If non-zero, the instruction address which
> > referenced the bad memory
> >
> > address.
> >
> > Arg4: 00000001, (reserved)
> >
> > Debugging Details:
> >
> > ------------------
> >
> > ***** Kernel symbols are WRONG. Please fix symbols to do analysis.
> >
> > Database SolnDb not connected
> >
> > WRITE_ADDRESS: unable to get nt!MmPoolCodeEnd
> >
> > unable to get nt!MmSpecialPoolEnd
> >
> > unable to get nt!MmPagedPoolEnd
> >
> > unable to get nt!MmNonPagedPoolEnd
> >
> > unable to get nt!MmNonPagedPoolStart
> >
> > unable to get nt!MmSpecialPoolStart
> >
> > unable to get nt!MmPagedPoolStart
> >
> > unable to get nt!MmNonPagedPoolExpansionStart
> >
> > unable to get nt!MmPoolCodeStart
> >
> > e21e4a2c
> >
> > FAULTING_IP:
> >
> > sisgrv!pcfAllocateCachedFont+105
> >
> > bd03b215 c7402400000000 mov dword ptr [eax+0x24],0x0
> >
> > MM_INTERNAL_CODE: 1
> >
> > DEFAULT_BUCKET_ID: DRIVER_FAULT
> >
> > BUGCHECK_STR: 0x50
> >
> > LAST_CONTROL_TRANSFER: from 8042c068 to 80452e70
> >
> > STACK_TEXT:
> >
> > WARNING: Stack unwind information not available. Following
> > frames may be wrong.
> >
> > bc845ac4 8042c068 00000003 c0388790 80062e90
> > nt!DbgBreakPointWithStatus+0x4
> >
> > bc845e4c 80446eaf 00000000 e21e4a2c 00000001 nt!KeBugCheckEx+0x154
> >
> > bc845e94 80464966 00000001 e21e4a2c 00000000
> > nt!MmTrimAllSystemPagableMemory+0x3e7e
> >
> > bc845eac e3586074 00000001 00000000 00000002 nt!Kei386EoiHelper+0x2910
> >
> > 00000020 0210040a 0558003a 05580054 0558006e 0xe3586074
> >
> > 02100746 00000000 00000000 00000000 00000000 0x210040a
> >
> >
> >
> > FOLLOWUP_IP:
> >
> > sisgrv!pcfAllocateCachedFont+105
> >
> > bd03b215 c7402400000000 mov dword ptr [eax+0x24],0x0
> >
> > FOLLOWUP_NAME: MachineOwner
> >
> > SYMBOL_NAME: sisgrv!pcfAllocateCachedFont+105
> >
> > IMAGE_NAME: Unknown_Image
> >
> > DEBUG_FLR_IMAGE_TIMESTAMP: 0
> >
> > STACK_COMMAND: kb
> >
> > BUCKET_ID: WRONG_SYMBOLS
> >
> > MODULE_NAME: Unknown_Module
> >
> > Followup: MachineOwner
> >
> > ---------
> >
> > Thanks & Regards
> >
> > Nitin Kapoor
> >
> >
> >
> >
> > “Gary Chen” wrote in message news:xxxxx@ntdev…
> >
> > Can you do a “!analyze -v” in WinDbg to let the debugger help
> > you to find the root cause? Or in softice, sometimes you can
> > click on the driver name in the stack window, which will lead
> > you to the line of code that’s at fault. Or to test if it is
> > really TextOut at fault, you can return FALSE or simply call
> > EngTextOut rightway.
> >
> > Gary
> >
> > -----Original Message-----
> > From: Nitin Kapoor [mailto:xxxxx@hotmail.com]
> > Sent: Wednesday, June 25, 2003 9:58 PM
> > To: NT Developers Interest List
> > Subject: [ntdev] Page Fault In Non Paged Area
> >
> >
> > Hello ,
> >
> >
> >
> > I have a strange problem in my driver and I cant find a way
> > of solving it with the required knowledge I have so I require
> > some advice.
> >
> >
> >
> > My display driver when tested with SPEEDY , gives a KERNEL
> > MODE EXCEPTION NOT HANDLED ->PAGE FAULT IN NON PAGED AREA
> > .Well when I do a stack command on this I find that the last
> > method called was DrvTextOut and Allocatecached font would be
> > where the problem lies.
> >
> >
> >
> > But my problem is that when I debug the code step by step the
> > code would not break regularly,and would break at different
> > positions and hence making it difficult to find out the root
> > cause of the problem.But if I run speedy straight off then it
> > would break very soon within say 20 seconds and no code is
> > pointed to at by Softice or Windbg where the page fault or
> > exception occurs.now I cant find any better way of debugging
> > the problem rather than going in it step by step but
> > everytime the code will break and not the same location so I
> > am not able to find out the exact cause of the problem.
> >
> >
> >
> > But I am sure DrvTextOut and Fonts is the culprit.So if any
> > one can guide me to more detailed tools of testing DrvTextOut
> > or Fonts , I will really appreciate their help or any inputs
> > if some one has faced some thing like this before.
> >
> >
> >
> > Thanks and Regards,
> >
> >
> >
> > Nitin Kapoor
> >
> >
> >
> > —
> > You are currently subscribed to ntdev as: xxxxx@mobilian.com
> > To unsubscribe send a blank email to xxxxx@lists.osr.com
> >
> >
> >
> > —
> > You are currently subscribed to ntdev as: xxxxx@nryan.com
> > To unsubscribe send a blank email to xxxxx@lists.osr.com
> >
>
>
>
>