Mirror Driver - how can I use Driver with User-Mode Application
in [Device Drivers]
|
Prev: For PDO: How to forward request to next lower driver stack automatically in KMDF?
Next: Mirror Driver - how to pass Bitmap to user-mode app thought DrvEscape.
From: Attributesoft on 12 Jun 2007 12:44 On 12 , 18:54, "Ivan Brugiolo [MSFT]" <ivanb...(a)online.microsoft.com> wrote: > Show the stack in the kernel debugger with good symbols, > and the outpuf of `!analyze -f -v`. > Unfortunately the level of kernel knowledge you've shown so far > is not going to attract many answers besides a request to go back > and learn the basics first. > > -- > -- > This posting is provided "AS IS" with no warranties, and confers no rights. > Use of any included script samples are subject to the terms specified athttp://www.microsoft.com/info/cpyright.htm > > <Attributes...(a)gmail.com> wrote in message > > news:1181650654.533206.67320(a)x35g2000prf.googlegroups.com... > > >I tried to do with this code > > GetMem(surfObjPointer,10485760); > > ExtEscape(hdc1,1,2,nil,10485760,surfObjPointer); > > But it doesn't help too. How can I do this '!analyze -f -v' with what debuger or app? Am I need to do it on two pc?
From: Attributesoft on 12 Jun 2007 13:21 Sorry for flooding. I'va been posting because is it not have been posting and now it posted all. Lag or something like that.
From: Attributesoft on 13 Jun 2007 16:03
Ok Ivan, I learned about crush dump. In user mode i did (Delphi) surfObjPointer: Pointer; *** GetMem(surfObjPointer,10485760); ExtEscape(hdc1,1,10485760,surfObjPointer,3,nil); And In Driver ULONG DrvEscape( SURFOBJ *pso, ULONG iEsc, ULONG cjIn, PVOID pvIn, ULONG cjOut, PVOID pvOut) { memcpy(pvIn,pso->pvBits,pso->cjBits); return pso->cjBits; } The dump from '!analyze -f -v' ******************************************************************************* * * * Bugcheck Analysis * * * ******************************************************************************* KERNEL_MODE_EXCEPTION_NOT_HANDLED_M (1000008e) This is a very common bugcheck. Usually the exception address pinpoints the driver/function that caused the problem. Always note this address as well as the link date of the driver/image that contains this address. Some common problems are exception code 0x80000003. This means a hard coded breakpoint or assertion was hit, but this system was booted /NODEBUG. This is not supposed to happen as developers should never have hardcoded breakpoints in retail code, but ... If this happens, make sure a debugger gets connected, and the system is booted /DEBUG. This will let us see why this breakpoint is happening. An exception code of 0x80000002 (STATUS_DATATYPE_MISALIGNMENT) indicates that an unaligned data reference was encountered. The trap frame will supply additional information. Arguments: Arg1: c0000005, The exception code that was not handled Arg2: bfeb40b9, The address that the exception occurred at Arg3: a868255c, Trap Frame Arg4: 00000000 Debugging Details: ------------------ ***** Kernel symbols are WRONG. Please fix symbols to do analysis. EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - The instruction at "0x%08lx" referenced memory at "0x%08lx". The memory could not be "%s". FAULTING_IP: mirror_bfeb3000+10b9 bfeb40b9 ?? ??? TRAP_FRAME: a868255c -- (.trap ffffffffa868255c) Unable to read trap frame at a868255c DEFAULT_BUCKET_ID: DRIVER_FAULT BUGCHECK_STR: 0x8E LAST_CONTROL_TRANSFER: from 00000000 to bfeb40b9 STACK_TEXT: a86825cc 00000000 bfeb40a0 a8682604 bf857bc7 mirror_bfeb3000+0x10b9 FOLLOWUP_IP: mirror_bfeb3000+10b9 bfeb40b9 ?? ??? FOLLOWUP_NAME: MachineOwner SYMBOL_NAME: mirror_bfeb3000+10b9 MODULE_NAME: mirror_bfeb3000 IMAGE_NAME: mirror.dll DEBUG_FLR_IMAGE_TIMESTAMP: 467047eb STACK_COMMAND: .trap ffffffffa868255c ; kb BUCKET_ID: WRONG_SYMBOLS Followup: MachineOwner --------- Can you something about this dump? |