hi tim roberts,
thanks for ur step for helping. and as you told that known persons hiding their knowledge but i am sure if we will do it then definately we will share it with the community to intersted peoples…
i am using WDK 7600.16385.0 kit and vista x86 build environment for driver compilation.
structure problem:
for query_adpater( DXGKQAITYPE_DRIVERCAPS) callback :
the structure _DXGK_DRIVERCAPS defined in wdk help is different from the _DXGK_DRIVERCAPS structure defined in d3dkmddi.h file of WDK 7600.16385.0 kit for extra support of win7.
that thing resolved by sending version number in WDDMVersion attribute.
//////////////////////
current problem:
currently i am getting call for QueryAdapterInfo( ) for query about segment descriptors.
during first call i am sending number of segments supported is 1.
during second call i am passing first descriptor for the first segment, which as follow:
[
my segment is virtual frame buffer, so i am using memory segment type,
size of segment is 8 MB,
i am implementing virtual adapter so i am allocating 8 MB from nonpaged area in RAM, and passing its physical address in the base address of segment descriptor, (getting physical address of my buffer by using API MmIoGetPhysicalAddress( ) which is stored in PDevExt->PSegmntInfo[i].SegPhyAddress )
]
pDxgkSegDesc[i].BaseAddress=PDevExt->PSegmntInfo[i].SegPhyAddress;
pDxgkSegDesc[i].CpuTranslatedAddress=PDevExt->PSegmntInfo[i].SegPhyAddress;
pDxgkSegDesc[i].Size=8*1024*1024; // for AGP it will be ignored
pDxgkSegDesc[i].NbOfBanks=0;
pDxgkSegDesc[i].pBankRangeTable=0;
//// for memory segment CommitLimit should be same as size of segment
pDxgkSegDesc[i].CommitLimit=8*1024*1024;
pDxgkSegDesc[i].Flags.Aperture=0x0;
pDxgkSegDesc[i].Flags.CpuVisible=1; // cpu visible virtual address, For AGP it has no meaning
pDxgkSegDesc[i].Flags.PopulatedFromSystemMemory=1;
after returning success in this call , it crashes with following dump information:
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
PAGE_FAULT_IN_NONPAGED_AREA (50)
Invalid system memory was referenced. This cannot be protected by try-except,
it must be protected by a Probe. Typically the address is just plain bad or it
is pointing at freed memory.
Arguments:
Arg1: ffff0002, memory referenced.
Arg2: 00000001, value 0 = read operation, 1 = write operation.
Arg3: 82a49ca0, If non-zero, the instruction address which referenced the bad memory
address.
Arg4: 00000000, (reserved)
Debugging Details:
***** Kernel symbols are WRONG. Please fix symbols to do analysis.
*************************************************************************
*** ***
*** ***
*** Your debugger is not using the correct symbols ***
*** ***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!_KPRCB ***
*** ***
*************************************************************************
*************************************************************************
*** ***
*** ***
*** Your debugger is not using the correct symbols ***
*** ***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!_KPRCB ***
*** ***
*************************************************************************
*************************************************************************
*** ***
*** ***
*** Your debugger is not using the correct symbols ***
*** ***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!_KPRCB ***
*** ***
*************************************************************************
*************************************************************************
*** ***
*** ***
*** Your debugger is not using the correct symbols ***
*** ***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: kernel32!pNlsUserInfo ***
*** ***
*************************************************************************
*************************************************************************
*** ***
*** ***
*** Your debugger is not using the correct symbols ***
*** ***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: kernel32!pNlsUserInfo ***
*** ***
*************************************************************************
ADDITIONAL_DEBUG_TEXT:
Use ‘!findthebuild’ command to search for the target build information.
If the build information is available, run ‘!findthebuild -s ; .reload’ to set symbol path and load symbols.
MODULE_NAME: dxgkrnl
FAULTING_MODULE: 82a03000 nt
DEBUG_FLR_IMAGE_TIMESTAMP: 497025ce
WRITE_ADDRESS: unable to get nt!MmSpecialPoolStart
unable to get nt!MmSpecialPoolEnd
unable to get nt!MmPoolCodeStart
unable to get nt!MmPoolCodeEnd
ffff0002
FAULTING_IP:
nt!memcpy+a0
82a49ca0 8807 mov byte ptr [edi],al
MM_INTERNAL_CODE: 0
DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT
BUGCHECK_STR: 0x50
CURRENT_IRQL: 0
LAST_CONTROL_TRANSFER: from 82af0aaf to 82a902fc
STACK_TEXT:
WARNING: Stack unwind information not available. Following frames may be wrong.
8a34525c 82af0aaf 00000003 84e5b1a8 00000000 nt!DbgBreakPointWithStatus+0x4
8a345628 82a9b97d 00000050 ffff0002 00000001 nt!KeBugCheckEx+0xc7b
8a3456b4 82a51800 00000001 ffff0002 00000000 nt!IoGetIoPriorityHint+0x3cb
8a3456ec 82c4cca2 82a4e66a 00000000 00000000 nt!Kei386EoiHelper+0x2788
8a345748 82c01e9b ffff0002 8dd517a8 00000004 nt!RtlUpcaseUnicodeChar+0xfff
8a345768 82c01488 8dd517a8 8a345928 c0000023 nt!RtlQueryRegistryValues+0x9c6
8a345790 82c017f2 00000001 00000000 8ae3807e nt!NtNotifyChangeDirectoryFile+0x756
8a3457f8 8b37b9aa 00000000 8b8b7600 8a345820 nt!RtlQueryRegistryValues+0x31d
8a345858 8b3a584b 84eb2920 8b3536c8 8a345928 dxgkrnl!DpiGetDriverVersion+0x1b071
8a345940 8b3a7c18 8ae3807e 00000000 8ae381a4 dxgkrnl!DpiGetDriverVersion+0x44f12
8a345a30 8b3a7961 83e16000 8ae3807e 83e16000 dxgkrnl!DpiGetDriverVersion+0x472df
8a345a50 8b3a7683 83e16000 83e165c0 84eb0000 dxgkrnl!DpiGetDriverVersion+0x47028
8a345b1c 8b3a8ffb ffffeaae 00000000 8b39cac7 dxgkrnl!DpiGetDriverVersion+0x46d4a
8a345b38 8b3a8f79 84eb2920 8a345b4c 8dd461b0 dxgkrnl!DpiGetDriverVersion+0x486c2
8a345b50 8b39cf4e 84eb2920 84eb2f64 84fbbd68 dxgkrnl!DpiGetDriverVersion+0x48640
8a345c68 8b39ca0a 84eb2920 00000001 00000000 dxgkrnl!DpiGetDriverVersion+0x3c615
8a345c90 8b397b69 00000000 8ae3d9c8 00000044 dxgkrnl!DpiGetDriverVersion+0x3c0d1
8a345cb0 8ae3de09 8a345cc8 8eeb300c 00000001 dxgkrnl!DpiGetDriverVersion+0x37230
8a345cb8 8eeb300c 00000001 ffffc0bd 8a345d18 watchdog!SMgrNotifySessionChange+0x19
8a345cc8 8eea67fa 00000001 00000000 850b8b80 win32k!EngFntCacheLookUp+0x5eee
8a345d18 8eea67bc 0023fa48 8a345d34 82a4e66a win32k!EngWideCharToMultiByte+0x3be6
8a345d24 82a4e66a 00000044 00000048 0023fa64 win32k!EngWideCharToMultiByte+0x3ba8
8a345d70 77afaf8d 001718d4 00000001 ffffffff nt!ZwYieldExecution+0xb4e
8a345d80 00000000 001f0003 77ae7c70 00000000 ntdll!RtlpStartWaitThread+0xd
STACK_COMMAND: kb
FOLLOWUP_IP:
dxgkrnl!DpiGetDriverVersion+1b071
8b37b9aa 8bf8 mov edi,eax
SYMBOL_STACK_INDEX: 8
SYMBOL_NAME: dxgkrnl!DpiGetDriverVersion+1b071
FOLLOWUP_NAME: MachineOwner
IMAGE_NAME: dxgkrnl.sys
BUCKET_ID: WRONG_SYMBOLS
Followup: MachineOwner
Q.1
is this a proper way for virtual adapter to give segment physical address of allocated buffer by allocating segment in system ram ? or any other way we can do it ?
Q.2
is there another way to load my virtual driver because when i am trying to load virtual driver using hdwwiz it calls addDevice () callback and after that it calls for REmoveDevice() and unloadDriver () callbacks. thats why i am using Q.3 method for driver loading.
Q.3
i am updating driver of exising standard VGA Adapter in my PC , which is a PCI based physical device and i am trying to load virtual adapter driver for it by using physical memroy for segment that’s why it is failing ?
thanks again to people sharing their knowledge and experience in WDDM.