When I use ExFreePoolWithTag to deallocates a NonPagedPool memory my system crushed. The bug check number is 0x4E:PFN_LIST_CORRUPT. The parameter1 is 0x9A, and the parameter4 is 2. I access this memory exclusively but when free may not synchronized.Shall this be the cause of the problem?
I want to ask if there is anybody met this problem before and what may be the proper cause of problem.
Thanks & Regards!
any spelling mistake is not intended
0x9A means the page is locked.
http://msdn.microsoft.com/en-us/library/ms793247.aspx.
Regards
Haibo
-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of
xxxxx@huaweisymantec.com
Sent: Tuesday, April 28, 2009 9:52 AM
To: Windows System Software Devs Interest List
Subject: [ntdev] system crush when free memory
When I use ExFreePoolWithTag to deallocates a NonPagedPool memory my system
crushed. The bug check number is 0x4E:PFN_LIST_CORRUPT. The parameter1 is
0x9A, and the parameter4 is 2. I access this memory exclusively but when
free may not synchronized.Shall this be the cause of the problem?
I want to ask if there is anybody met this problem before and what may be
the proper cause of problem.
Thanks & Regards!
NTDEV is sponsored by OSR
For our schedule of WDF, WDM, debugging and other seminars visit:
http://www.osr.com/seminars
To unsubscribe, visit the List Server section of OSR Online at
http://www.osronline.com/page.cfm?name=ListServer
Why it is locked, is that means the page is being used? How can I trace this error?
Thanks
Did you call MmAllocatePagesForMdl without unlock it?
Or did you send the buffer to other drivers, and free it before the driver
completes the request?
Regards
Haibo
-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of
xxxxx@huaweisymantec.com
Sent: Tuesday, April 28, 2009 10:19 AM
To: Windows System Software Devs Interest List
Subject: RE:[ntdev] system crush when free memory
Why it is locked, is that means the page is being used? How can I trace this
error?
Thanks
NTDEV is sponsored by OSR
For our schedule of WDF, WDM, debugging and other seminars visit:
http://www.osr.com/seminars
To unsubscribe, visit the List Server section of OSR Online at
http://www.osronline.com/page.cfm?name=ListServer
Sorry, it should be MmProbeAndLockPages.
Regards
Haibo
-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Haibo
Sent: Tuesday, April 28, 2009 10:28 AM
To: Windows System Software Devs Interest List
Subject: RE: [ntdev] system crush when free memory
Did you call MmAllocatePagesForMdl without unlock it?
Or did you send the buffer to other drivers, and free it before the driver
completes the request?
Regards
Haibo
-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of
xxxxx@huaweisymantec.com
Sent: Tuesday, April 28, 2009 10:19 AM
To: Windows System Software Devs Interest List
Subject: RE:[ntdev] system crush when free memory
Why it is locked, is that means the page is being used? How can I trace this
error?
Thanks
NTDEV is sponsored by OSR
For our schedule of WDF, WDM, debugging and other seminars visit:
http://www.osr.com/seminars
To unsubscribe, visit the List Server section of OSR Online at
http://www.osronline.com/page.cfm?name=ListServer
NTDEV is sponsored by OSR
For our schedule of WDF, WDM, debugging and other seminars visit:
http://www.osr.com/seminars
To unsubscribe, visit the List Server section of OSR Online at
http://www.osronline.com/page.cfm?name=ListServer
1: I didn’t use Mdl in my driver.
2: This buffer is allocated by my driver and I didn’t send it to any other drivers.
This buffer is used internally and is read / writen synchronizingly, then I use a remove lock to ensure there is no other access when I try to free it.
Should I use a spinlock to synchronize it with read / write.
Post some code plz. Especially how you access and free it.
Regards
Haibo
-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of
xxxxx@huaweisymantec.com
Sent: Tuesday, April 28, 2009 10:58 AM
To: Windows System Software Devs Interest List
Subject: RE:[ntdev] system crush when free memory
1: I didn’t use Mdl in my driver.
2: This buffer is allocated by my driver and I didn’t send it to any other
drivers.
This buffer is used internally and is read / writen synchronizingly, then I
use a remove lock to ensure there is no other access when I try to free it.
NTDEV is sponsored by OSR
For our schedule of WDF, WDM, debugging and other seminars visit:
http://www.osr.com/seminars
To unsubscribe, visit the List Server section of OSR Online at
http://www.osronline.com/page.cfm?name=ListServer
Please
1, check IRQL.
2, check whether the pointer is the same when allocate and free.
3, !analyze -v
thanks
wayne
On 2009-4-28 9:52, xxxxx@huaweisymantec.com wrote:
type=“cite”>
When I use ExFreePoolWithTag to deallocates a NonPagedPool memory my system crushed. The bug check number is 0x4E:PFN_LIST_CORRUPT. The parameter1 is 0x9A, and the parameter4 is 2. I access this memory exclusively but when free may not synchronized.Shall this be the cause of the problem?
I want to ask if there is anybody met this problem before and what may be the proper cause of problem.Thanks & Regards!
NTDEV is sponsored by OSR
For our schedule of WDF, WDM, debugging and other seminars visit:
http://www.osr.com/seminarsTo unsubscribe, visit the List Server section of OSR Online athttp://www.osronline.com/page.cfm?name=ListServer
> I access this memory exclusively but when free may not synchronized.
The above implies that the same buffer may be freed more than once…
Anton Bassov
Driver verifier is useful.
Mark Roddy
On Mon, Apr 27, 2009 at 9:52 PM, wrote:
> When I use ExFreePoolWithTag to deallocates a NonPagedPool memory my system crushed. The bug check number is 0x4E:PFN_LIST_CORRUPT. The parameter1 is 0x9A, and the parameter4 is 2. I access this memory exclusively but when free may not synchronized.Shall this be the cause of the problem?
> I want to ask if there is anybody met this problem before and what may be the proper cause of problem.
>
> Thanks & Regards!
>
> —
> NTDEV is sponsored by OSR
>
> For our schedule of WDF, WDM, debugging and other seminars visit:
> http://www.osr.com/seminars
>
> To unsubscribe, visit the List Server section of OSR Online at http://www.osronline.com/page.cfm?name=ListServer
>
Thanks All
Driver verifier is useful.
Mark Roddy
I tried but seems no help. Which option should I enabled and how can I trace this problem?
> I access this memory exclusively but when free may not synchronized.
The above implies that the same buffer may be freed more than once…
Anton Bassov
Maybe it is.But the parameter Windbg shows seems to specify that the reference count of the entry that is being removed is 2.Can this be the reason of the crush?
Why not post some code snippets?
Regards
Haibo
-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of
xxxxx@huaweisymantec.com
Sent: Wednesday, April 29, 2009 5:08 PM
To: Windows System Software Devs Interest List
Subject: RE:[ntdev] system crush when free memory
I access this memory exclusively but when free may not synchronized.
The above implies that the same buffer may be freed more than once…
Anton Bassov
Maybe it is.But the parameter Windbg shows seems to specify that the
reference count of the entry that is being removed is 2.Can this be the
reason of the crush?
NTDEV is sponsored by OSR
For our schedule of WDF, WDM, debugging and other seminars visit:
http://www.osr.com/seminars
To unsubscribe, visit the List Server section of OSR Online at
http://www.osronline.com/page.cfm?name=ListServer
Try to simulate the issue enabling driver verifier and with windbg connected
from another system. I usually choose “custom settings” and then enable all
predefined settings in driver verfier.
On Wed, Apr 29, 2009 at 2:33 PM, wrote:
> Thanks All
>
> >Driver verifier is useful.
>
> >Mark Roddy
>
> I tried but seems no help. Which option should I enabled and how can I
> trace this problem?
>
> —
> NTDEV is sponsored by OSR
>
> For our schedule of WDF, WDM, debugging and other seminars visit:
> http://www.osr.com/seminars
>
> To unsubscribe, visit the List Server section of OSR Online at
> http://www.osronline.com/page.cfm?name=ListServer
>