Problem running .wmv , when a file system filter driver is ins
in [Device Drivers]
|
Prev: Can a high speed USB Audio device work on XP?
Next: Caching for Vista Client-Side Print Spooler
From: Ajay on 5 May 2010 11:38 Hi. The complete list is way too long. I am copying the two interesting portions (failure case). ----------------------------------------------------------------------------------------------- 2:46:43.9955888 PM wmplayer.exe 3908 RegOpenKey HKLM\Software\Microsoft\Windows Media Foundation\PEAuth NAME NOT FOUND Desired Access: Query Value 2:46:44.0023165 PM wmplayer.exe 3908 Thread Create SUCCESS Thread ID: 3348 2:46:44.0028662 PM wmplayer.exe 3908 RegOpenKey HKLM\Software\Microsoft\Windows Media Foundation\PEAuth NAME NOT FOUND Desired Access: Query Value 2:46:44.0116031 PM wmplayer.exe 3908 QueryOpen C:\Program Files\Windows Media Player\mfpmp.exe FAST IO DISALLOWED 2:46:44.0158729 PM wmplayer.exe 3908 CreateFile C:\Program Files\Windows Media Player\mfpmp.exe NAME NOT FOUND Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a 2:46:44.0219315 PM wmplayer.exe 3908 QueryNameInformationFile C:\Program Files\Windows Media Player SUCCESS Name: \Program Files\Windows Media Player 2:46:44.0276236 PM wmplayer.exe 3908 QueryOpen C:\Program Files\Windows Media Player\mfpmp.exe FAST IO DISALLOWED 2:46:44.0278155 PM wmplayer.exe 3908 QueryNameInformationFile C:\Program Files\Windows Media Player SUCCESS Name: \Program Files\Windows Media Player 2:46:44.0322739 PM wmplayer.exe 3908 CreateFile C:\Program Files\Windows Media Player\mfpmp.exe NAME NOT FOUND Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a 2:46:44.0417768 PM wmplayer.exe 3908 QueryOpen C:\Windows\System32\mfpmp.exe FAST IO DISALLOWED 2:46:44.0462028 PM wmplayer.exe 3908 CreateFile C:\Windows\System32\mfpmp.exe SUCCESS Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened 2:46:44.0473118 PM wmplayer.exe 3908 QueryBasicInformationFile C:\Windows\System32\mfpmp.exe SUCCESS CreationTime: 4/11/2009 6:50:20 PM, LastAccessTime: 4/11/2009 6:50:20 PM, LastWriteTime: 4/11/2009 6:50:20 PM, ChangeTime: 4/18/2010 2:15:33 AM, FileAttributes: A 2:46:44.0482189 PM wmplayer.exe 3908 CloseFile C:\Windows\System32\mfpmp.exe SUCCESS 2:46:44.0524823 PM wmplayer.exe 3908 QueryOpen C:\Windows\System32\mfpmp.exe FAST IO DISALLOWED 2:46:44.0549195 PM wmplayer.exe 3908 CreateFile C:\Windows\System32\mfpmp.exe SUCCESS Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened 2:46:44.0586708 PM wmplayer.exe 3908 QueryBasicInformationFile C:\Windows\System32\mfpmp.exe SUCCESS CreationTime: 4/11/2009 6:50:20 PM, LastAccessTime: 4/11/2009 6:50:20 PM, LastWriteTime: 4/11/2009 6:50:20 PM, ChangeTime: 4/18/2010 2:15:33 AM, FileAttributes: A 2:46:44.0593550 PM wmplayer.exe 3908 CloseFile C:\Windows\System32\mfpmp.exe SUCCESS 2:46:44.0681307 PM wmplayer.exe 3908 CreateFile C:\Windows\System32\mfpmp.exe SUCCESS Desired Access: Read Data/List Directory, Execute/Traverse, Read Attributes, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened 2:46:44.0786468 PM wmplayer.exe 3908 QueryStandardInformationFile C:\Windows\System32\mfpmp.exe SUCCESS AllocationSize: 24,576, EndOfFile: 24,576, NumberOfLinks: 2, DeletePending: False, Directory: False 2:46:44.1758969 PM wmplayer.exe 3908 RegOpenKey HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mfpmp.exe NAME NOT FOUND Desired Access: Query Value, Enumerate Sub Keys 2:46:44.1990912 PM wmplayer.exe 3908 QuerySecurityFile C:\Windows\System32\mfpmp.exe SUCCESS Information: Label 2:46:44.2718750 PM wmplayer.exe 3908 QueryNameInformationFile C:\Windows\System32\mfpmp.exe SUCCESS Name: \Windows\System32\mfpmp.exe 2:46:44.2910735 PM Idle 0 Process Profiling SUCCESS User Time: 0.0000000 seconds, Kernel Time: 3.2947376 seconds, Private Bytes: 0, Working Set: 12,288 2:46:44.2943471 PM System 4 Process Profiling SUCCESS User Time: 0.0000000 seconds, Kernel Time: 62.9405040 seconds, Private Bytes: 0, Working Set: 2,732,032 2:46:44.2943661 PM smss.exe 428 Process Profiling SUCCESS User Time: 0.0000000 seconds, Kernel Time: 0.8111664 seconds, Private Bytes: 249,856, Working Set: 610,304 2:46:44.2974188 PM csrss.exe 496 Process Profiling SUCCESS User Time: 0.1001440 seconds, Kernel Time: 3.0944496 seconds, Private Bytes: 1,564,672, Working Set: 4,579,328 2:46:44.2974682 PM wmplayer.exe 3908 QueryNameInformationFile C:\Windows\System32\mfpmp.exe SUCCESS Name: \Windows\System32\mfpmp.exe 2:46:44.3783849 PM wmplayer.exe 3908 Process Create C:\Windows\system32\mfpmp.exe SUCCESS PID: 3036, Command line: mfpmp.exe /43eebaf0b8c9034a_504b9c0/PMPServer {CA091E7B-DBEA-4100-84B3-E892468430B3} 3908 =C:\Users\abhinav\AppData\Local\Temp=C:\ProgramData 2:46:44.3786352 PM mfpmp.exe 3036 Process Start SUCCESS Parent PID: 3908 2:46:44.3812154 PM mfpmp.exe 3036 Thread Create SUCCESS Thread ID: 3332 2:46:44.3968839 PM wmplayer.exe 3908 CloseFile C:\Windows\System32\mfpmp.exe SUCCESS 2:46:44.4172689 PM mfpmp.exe 3036 Thread Exit SUCCESS Thread ID: 3332, User Time: 0.0000000, Kernel Time: 0.0000000 2:46:44.4290721 PM mfpmp.exe 3036 QueryNameInformationFile C:\Windows\System32\mfpmp.exe SUCCESS Name: \Windows\System32\mfpmp.exe 2:46:44.4321725 PM mfpmp.exe 3036 QueryNameInformationFile C:\Windows\System32\ntdll.dll SUCCESS Name: \Windows\System32\ntdll.dll 2:46:45.0061907 PM wmplayer.exe 3908 RegQueryValue HKCU\Software\Microsoft\MediaPlayer\Preferences\LastLicenseRefresh SUCCESS Type: REG_DWORD, Length: 4, Data: 325753032 2:46:45.0064393 PM wmplayer.exe 3908 RegQueryValue HKCU\Software\Microsoft\MediaPlayer\Preferences\LicenseRefreshInterval NAME NOT FOUND Length: 144 2:46:45.0066285 PM wmplayer.exe 3908 RegQueryValue HKCU\Software\Microsoft\MediaPlayer\Preferences\DisableLicenseRefresh NAME NOT FOUND Length: 144 2:46:45.2258837 PM Idle 0 Process Profiling SUCCESS User Time: 0.0000000 seconds, Kernel Time: 3.2947376 seconds, Private Bytes: 0, Working Set: 12,288 2:46:45.2259035 PM System 4 Process Profiling SUCCESS User Time: 0.0000000 seconds, Kernel Time: 62.9905760 seconds, Private Bytes: 0, Working Set: 2,723,840 2:46:45.2259217 PM smss.exe 428 Process Profiling SUCCESS User Time: 0.0000000 seconds, Kernel Time: 0.8111664 seconds, Private Bytes: 249,856, Working Set: 610,304 2:46:45.2259396 PM csrss.exe 496 Process Profiling SUCCESS User Time: 0.1001440 seconds, Kernel Time: 3.0944496 seconds, Private Bytes: 1,564,672, Working Set: 4,571,136 ------------------------------------------------------------------------------------------------- As can be seen, MFPMP.exe thread dies immediately after creation. (Please refer to the log at "2:46:44.4172689"). I will be glad for any help. Regards Ajay "anshul makkar" wrote: > Hi, > > there seems some issue after loading mlang.dll . Do you see some crash > media application or not. > > May be you are not handling some calls that a media player requires. > > As Scott suggested, please show the output of process-mon and file- > mon. > > Thanks > Anshul Makkar > www.justkernel.com > anshul_makkar(a)justkernel.com > On May 4, 9:33 am, Ajay <A...(a)discussions.microsoft.com> wrote: > > Hi all. > > > > We have installed a custom file system filter driver, where we do > > file-system hooking, (including Fast-IO calls). We are using WinDDK > > 6001.18000. > > > > Now, when the driver is installed on a Vista Business x86 machine, and we > > try to play a .wmv file with Windows Media Player, it fails to play it. When > > we disable our driver, the wmv file plays effortlessly. > > > > We have gone through the document at the link : > > > > http://blogs.msdn.com/mediasdkstuff/archive/2009/04/07/exception-play... > > > > Also, we took a sequence of loaded DLLs, in both the success and failure > > cases. > > > > ------------------------------------------------------------------------------------------------------------ > > > > Success Case - wmv file plays successfully. Following is the tail of the > > sequence > > > > ------------------------------------------------------------------------------------------------------------ > > > > ModLoad: 6dea0000 6deee000 C:\Windows\System32\wmpeffects.dll > > eax=00000001 ebx=00000000 ecx=0020c101 edx=00000000 esi=7ffdf000 edi=20000000 > > eip=77735e74 esp=0020c118 ebp=0020c16c iopl=0 nv up ei pl zr na pe nc > > cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00000246 > > ntdll!KiFastSystemCallRet: > > 77735e74 c3 ret > > 0:000> g > > ModLoad: 6fd70000 6fd7b000 C:\Windows\System32\msdmo.dll > > eax=76df020d ebx=00000000 ecx=00000001 edx=76dd1860 esi=7ffdf000 edi=20000000 > > eip=77735e74 esp=0020bdd4 ebp=0020be28 iopl=0 nv up ei pl zr na pe nc > > cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00000246 > > ntdll!KiFastSystemCallRet: > > 77735e74 c3 ret > > 0:000> g > > ModLoad: 6e9b0000 6e9e0000 C:\Windows\system32\mlang.dll > > eax=00000001 ebx=00000000 ecx=05ffe201 edx=00000000 esi=7ffd3000 edi=20000000 > > eip=77735e74 esp=05ffe238 ebp=05ffe28c iopl=0 nv up ei pl zr na pe nc > > cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00000246 > > ntdll!KiFastSystemCallRet: > > 77735e74 c3 ret > > 0:016> g > > ModLoad: 6e2f0000 6e30b000 C:\Windows\System32\mfps.dll > > eax=00000001 ebx=00000000 ecx=05ffe701 edx=00000000 esi=7ffd3000 edi=20000000 > > eip=77735e74 esp=05ffe748 ebp=05ffe79c iopl=0 nv up ei pl zr na pe nc > > cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00000246 > > ntdll!KiFastSystemCallRet: > > 77735e74 c3 ret > > 0:016> g > > ModLoad: 04990000 04999000 MFPMP.exe > > eax=05ffef70 ebx=05ffea60 ecx=00000004 edx=00000000 esi=00000000 edi=05ffee34 > > eip=77735e74 esp=05ffe9c0 ebp=05ffea18 iopl=0 nv up ei pl nz na po nc > > cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00000202 > > ntdll!KiFastSystemCallRet: > > 77735e74 c3 ret > > > > ------------------------------------------------------------------------------------------------------------ > > > > Failure Case - wmv file plays does not play. Following is the tail of the > > sequence > > > > ------------------------------------------------------------------------------------------------------------ > > > > ModLoad: 6ab50000 6ab9e000 C:\Windows\System32\wmpeffects.dll > > eax=0006d460 ebx=00000000 ecx=00000004 edx=00000010 esi=7ffdf000 edi=20000000 > > eip=778e5e74 esp=0006c338 ebp=0006c38c iopl=0 nv up ei pl zr na pe nc > > cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00000246 > > ntdll!KiFastSystemCallRet: > > 778e5e74 c3 ret > > 0:000> g > > ModLoad: 74340000 7434b000 C:\Windows\System32\msdmo.dll > > eax=762e020d ebx=00000000 ecx=00000001 edx=762c1860 esi=7ffdf000 edi=20000000 > > eip=778e5e74 esp=0006bff4 ebp=0006c048 iopl=0 nv up ei pl zr na pe nc > > cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00000246 > > ntdll!KiFastSystemCallRet: > > 778e5e74 c3 ret > > 0:000> g > > ModLoad: 701a0000 701d0000 C:\Windows\system32\mlang.dll > > eax=0000005c ebx=00000000 ecx=0006b862 edx=778e5e74 esi=7ffdf000 edi=20000000 > > eip=778e5e74 esp=0006b698 ebp=0006b6ec iopl=0 nv up ei pl zr na pe nc > > cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00000246 > > ntdll!KiFastSystemCallRet: > > 778e5e74 c3 ret > > 0:000> g > > ModLoad: 74330000 74332000 C:\Windows\system32\wmerror.dll > > eax=00000000 ebx=00000000 ecx=00000000 edx=67bf72a2 esi=7ffdf000 edi=20000000 > > eip=778e5e74 esp=0006d204 ebp=0006d258 iopl=0 nv up ei pl zr na pe nc > > cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00000246 > > ntdll!KiFastSystemCallRet: > > 778e5e74 c3 ret > > > > ---------------------------------------------------------------------------------------------------------- > > > > As can be seen, there is a difference in DLL loading after mlang.dll. > > > > So, what should be done so that the wmv media can be played, even in the > > presence of the driver? > > > > Looking forward to some light. > > > > Regards > > > > Ajay > > . >
From: Ajay on 7 May 2010 01:45 Anyone from Microsoft? Don Burn? Even a slightest of insight will help. If the query-situation is an expected one, please let us know. Regards Ajay "Ajay" wrote: > Hi. > > The complete list is way too long. I am copying the two interesting portions > (failure case). > > ----------------------------------------------------------------------------------------------- > 2:46:43.9955888 > PM wmplayer.exe 3908 RegOpenKey HKLM\Software\Microsoft\Windows Media > Foundation\PEAuth NAME NOT FOUND Desired Access: Query Value > 2:46:44.0023165 PM wmplayer.exe 3908 Thread Create SUCCESS Thread ID: 3348 > 2:46:44.0028662 > PM wmplayer.exe 3908 RegOpenKey HKLM\Software\Microsoft\Windows Media > Foundation\PEAuth NAME NOT FOUND Desired Access: Query Value > 2:46:44.0116031 PM wmplayer.exe 3908 QueryOpen C:\Program Files\Windows > Media Player\mfpmp.exe FAST IO DISALLOWED > 2:46:44.0158729 PM wmplayer.exe 3908 CreateFile C:\Program Files\Windows > Media Player\mfpmp.exe NAME NOT FOUND Desired Access: Read Attributes, > Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: > Read, Write, Delete, AllocationSize: n/a > 2:46:44.0219315 PM wmplayer.exe 3908 QueryNameInformationFile C:\Program > Files\Windows Media Player SUCCESS Name: \Program Files\Windows Media Player > 2:46:44.0276236 PM wmplayer.exe 3908 QueryOpen C:\Program Files\Windows > Media Player\mfpmp.exe FAST IO DISALLOWED > 2:46:44.0278155 PM wmplayer.exe 3908 QueryNameInformationFile C:\Program > Files\Windows Media Player SUCCESS Name: \Program Files\Windows Media Player > 2:46:44.0322739 PM wmplayer.exe 3908 CreateFile C:\Program Files\Windows > Media Player\mfpmp.exe NAME NOT FOUND Desired Access: Read Attributes, > Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: > Read, Write, Delete, AllocationSize: n/a > 2:46:44.0417768 > PM wmplayer.exe 3908 QueryOpen C:\Windows\System32\mfpmp.exe FAST IO > DISALLOWED > 2:46:44.0462028 > PM wmplayer.exe 3908 CreateFile C:\Windows\System32\mfpmp.exe SUCCESS Desired > Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, > Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, > OpenResult: Opened > 2:46:44.0473118 > PM wmplayer.exe 3908 QueryBasicInformationFile C:\Windows\System32\mfpmp.exe SUCCESS CreationTime: > 4/11/2009 6:50:20 PM, LastAccessTime: 4/11/2009 6:50:20 PM, LastWriteTime: > 4/11/2009 6:50:20 PM, ChangeTime: 4/18/2010 2:15:33 AM, FileAttributes: A > 2:46:44.0482189 > PM wmplayer.exe 3908 CloseFile C:\Windows\System32\mfpmp.exe SUCCESS > 2:46:44.0524823 > PM wmplayer.exe 3908 QueryOpen C:\Windows\System32\mfpmp.exe FAST IO > DISALLOWED > 2:46:44.0549195 > PM wmplayer.exe 3908 CreateFile C:\Windows\System32\mfpmp.exe SUCCESS Desired > Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, > Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, > OpenResult: Opened > 2:46:44.0586708 > PM wmplayer.exe 3908 QueryBasicInformationFile C:\Windows\System32\mfpmp.exe SUCCESS CreationTime: > 4/11/2009 6:50:20 PM, LastAccessTime: 4/11/2009 6:50:20 PM, LastWriteTime: > 4/11/2009 6:50:20 PM, ChangeTime: 4/18/2010 2:15:33 AM, FileAttributes: A > 2:46:44.0593550 > PM wmplayer.exe 3908 CloseFile C:\Windows\System32\mfpmp.exe SUCCESS > 2:46:44.0681307 > PM wmplayer.exe 3908 CreateFile C:\Windows\System32\mfpmp.exe SUCCESS Desired > Access: Read Data/List Directory, Execute/Traverse, Read Attributes, > Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, > Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: > n/a, OpenResult: Opened > 2:46:44.0786468 > PM wmplayer.exe 3908 QueryStandardInformationFile C:\Windows\System32\mfpmp.exe SUCCESS AllocationSize: > 24,576, EndOfFile: 24,576, NumberOfLinks: 2, DeletePending: False, Directory: > False > 2:46:44.1758969 > PM wmplayer.exe 3908 RegOpenKey HKLM\SOFTWARE\Microsoft\Windows > NT\CurrentVersion\Image File Execution Options\mfpmp.exe NAME NOT > FOUND Desired Access: Query Value, Enumerate Sub Keys > 2:46:44.1990912 > PM wmplayer.exe 3908 QuerySecurityFile C:\Windows\System32\mfpmp.exe SUCCESS Information: Label > 2:46:44.2718750 > PM wmplayer.exe 3908 QueryNameInformationFile C:\Windows\System32\mfpmp.exe SUCCESS Name: \Windows\System32\mfpmp.exe > 2:46:44.2910735 PM Idle 0 Process Profiling SUCCESS User Time: 0.0000000 > seconds, Kernel Time: 3.2947376 seconds, Private Bytes: 0, Working Set: 12,288 > 2:46:44.2943471 PM System 4 Process Profiling SUCCESS User Time: 0.0000000 > seconds, Kernel Time: 62.9405040 seconds, Private Bytes: 0, Working Set: > 2,732,032 > 2:46:44.2943661 PM smss.exe 428 Process Profiling SUCCESS User Time: > 0.0000000 seconds, Kernel Time: 0.8111664 seconds, Private Bytes: 249,856, > Working Set: 610,304 > 2:46:44.2974188 PM csrss.exe 496 Process Profiling SUCCESS User Time: > 0.1001440 seconds, Kernel Time: 3.0944496 seconds, Private Bytes: 1,564,672, > Working Set: 4,579,328 > 2:46:44.2974682 > PM wmplayer.exe 3908 QueryNameInformationFile C:\Windows\System32\mfpmp.exe SUCCESS Name: \Windows\System32\mfpmp.exe > 2:46:44.3783849 PM wmplayer.exe 3908 Process > Create C:\Windows\system32\mfpmp.exe SUCCESS PID: 3036, Command line: > mfpmp.exe /43eebaf0b8c9034a_504b9c0/PMPServer > {CA091E7B-DBEA-4100-84B3-E892468430B3} 3908 > =C:\Users\abhinav\AppData\Local\Temp=C:\ProgramData > 2:46:44.3786352 PM mfpmp.exe 3036 Process Start SUCCESS Parent PID: 3908 > 2:46:44.3812154 PM mfpmp.exe 3036 Thread Create SUCCESS Thread ID: 3332 > 2:46:44.3968839 > PM wmplayer.exe 3908 CloseFile C:\Windows\System32\mfpmp.exe SUCCESS > 2:46:44.4172689 PM mfpmp.exe 3036 Thread Exit SUCCESS Thread ID: 3332, User > Time: 0.0000000, Kernel Time: 0.0000000 > 2:46:44.4290721 > PM mfpmp.exe 3036 QueryNameInformationFile C:\Windows\System32\mfpmp.exe SUCCESS Name: \Windows\System32\mfpmp.exe > 2:46:44.4321725 > PM mfpmp.exe 3036 QueryNameInformationFile C:\Windows\System32\ntdll.dll SUCCESS Name: \Windows\System32\ntdll.dll > 2:46:45.0061907 > PM wmplayer.exe 3908 RegQueryValue HKCU\Software\Microsoft\MediaPlayer\Preferences\LastLicenseRefresh SUCCESS Type: REG_DWORD, Length: 4, Data: 325753032 > 2:46:45.0064393 > PM wmplayer.exe 3908 RegQueryValue HKCU\Software\Microsoft\MediaPlayer\Preferences\LicenseRefreshInterval NAME NOT FOUND Length: 144 > 2:46:45.0066285 > PM wmplayer.exe 3908 RegQueryValue HKCU\Software\Microsoft\MediaPlayer\Preferences\DisableLicenseRefresh NAME NOT FOUND Length: 144 > 2:46:45.2258837 PM Idle 0 Process Profiling SUCCESS User Time: 0.0000000 > seconds, Kernel Time: 3.2947376 seconds, Private Bytes: 0, Working Set: 12,288 > 2:46:45.2259035 PM System 4 Process Profiling SUCCESS User Time: 0.0000000 > seconds, Kernel Time: 62.9905760 seconds, Private Bytes: 0, Working Set: > 2,723,840 > 2:46:45.2259217 PM smss.exe 428 Process Profiling SUCCESS User Time: > 0.0000000 seconds, Kernel Time: 0.8111664 seconds, Private Bytes: 249,856, > Working Set: 610,304 > 2:46:45.2259396 PM csrss.exe 496 Process Profiling SUCCESS User Time: > 0.1001440 seconds, Kernel Time: 3.0944496 seconds, Private Bytes: 1,564,672, > Working Set: 4,571,136 > ------------------------------------------------------------------------------------------------- > > As can be seen, MFPMP.exe thread dies immediately after creation. (Please > refer to the log at "2:46:44.4172689"). > > > I will be glad for any help. > > Regards > Ajay > > > > "anshul makkar" wrote: > > > Hi, > > > > there seems some issue after loading mlang.dll . Do you see some crash > > media application or not. > > > > May be you are not handling some calls that a media player requires. > > > > As Scott suggested, please show the output of process-mon and file- > > mon. > > > > Thanks > > Anshul Makkar > > www.justkernel.com > > anshul_makkar(a)justkernel.com > > On May 4, 9:33 am, Ajay <A...(a)discussions.microsoft.com> wrote: > > > Hi all. > > > > > > We have installed a custom file system filter driver, where we do > > > file-system hooking, (including Fast-IO calls). We are using WinDDK > > > 6001.18000. > > > > > > Now, when the driver is installed on a Vista Business x86 machine, and we > > > try to play a .wmv file with Windows Media Player, it fails to play it. When > > > we disable our driver, the wmv file plays effortlessly. > > > > > > We have gone through the document at the link : > > > > > > http://blogs.msdn.com/mediasdkstuff/archive/2009/04/07/exception-play... > > > > > > Also, we took a sequence of loaded DLLs, in both the success and failure > > > cases. > > > > > > ------------------------------------------------------------------------------------------------------------ > > > > > > Success Case - wmv file plays successfully. Following is the tail of the > > > sequence > > > > > > ------------------------------------------------------------------------------------------------------------ > > > > > > ModLoad: 6dea0000 6deee000 C:\Windows\System32\wmpeffects.dll > > > eax=00000001 ebx=00000000 ecx=0020c101 edx=00000000 esi=7ffdf000 edi=20000000 > > > eip=77735e74 esp=0020c118 ebp=0020c16c iopl=0 nv up ei pl zr na pe nc > > > cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00000246 > > > ntdll!KiFastSystemCallRet: > > > 77735e74 c3 ret > > > 0:000> g > > > ModLoad: 6fd70000 6fd7b000 C:\Windows\System32\msdmo.dll > > > eax=76df020d ebx=00000000 ecx=00000001 edx=76dd1860 esi=7ffdf000 edi=20000000 > > > eip=77735e74 esp=0020bdd4 ebp=0020be28 iopl=0 nv up ei pl zr na pe nc > > > cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00000246 > > > ntdll!KiFastSystemCallRet: > > > 77735e74 c3 ret > > > 0:000> g > > > ModLoad: 6e9b0000 6e9e0000 C:\Windows\system32\mlang.dll > > > eax=00000001 ebx=00000000 ecx=05ffe201 edx=00000000 esi=7ffd3000 edi=20000000 > > > eip=77735e74 esp=05ffe238 ebp=05ffe28c iopl=0 nv up ei pl zr na pe nc > > > cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00000246 > > > ntdll!KiFastSystemCallRet: > > > 77735e74 c3 ret > > > 0:016> g > > > ModLoad: 6e2f0000 6e30b000 C:\Windows\System32\mfps.dll > > > eax=00000001 ebx=00000000 ecx=05ffe701 edx=00000000 esi=7ffd3000 edi=20000000 > > > eip=77735e74 esp=05ffe748 ebp=05ffe79c iopl=0 nv up ei pl zr na pe nc > > > cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00000246 > > > ntdll!KiFastSystemCallRet: > > > 77735e74 c3 ret > > > 0:016> g > > > ModLoad: 04990000 04999000 MFPMP.exe > > > eax=05ffef70 ebx=05ffea60 ecx=00000004 edx=00000000 esi=00000000 edi=05ffee34 > > > eip=77735e74 esp=05ffe9c0 ebp=05ffea18 iopl=0 nv up ei pl nz na po nc > > > cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00000202 > > > ntdll!KiFastSystemCallRet: > > > 77735e74 c3 ret > > > > > > ------------------------------------------------------------------------------------------------------------ > > > > > > Failure Case - wmv file plays does not play. Following is the tail of the > > > sequence > > > > > > ------------------------------------------------------------------------------------------------------------ > > > > > > ModLoad: 6ab50000 6ab9e000 C:\Windows\System32\wmpeffects.dll > > > eax=0006d460 ebx=00000000 ecx=00000004 edx=00000010 esi=7ffdf000 edi=20000000 > > > eip=778e5e74 esp=0006c338 ebp=0006c38c iopl=0 nv up ei pl zr na pe nc > > > cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00000246 > > > ntdll!KiFastSystemCallRet: > > > 778e5e74 c3 ret > > > 0:000> g > > > ModLoad: 74340000 7434b000 C:\Windows\System32\msdmo.dll > > > eax=762e020d ebx=00000000 ecx=00000001 edx=762c1860 esi=7ffdf000 edi=20000000 > > > eip=778e5e74 esp=0006bff4 ebp=0006c048 iopl=0 nv up ei pl zr na pe nc > > > cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00000246 > > > ntdll!KiFastSystemCallRet: > > > 778e5e74 c3 ret > > > 0:000> g > > > ModLoad: 701a0000 701d0000 C:\Windows\system32\mlang.dll > > > eax=0000005c ebx=00000000 ecx=0006b862 edx=778e5e74 esi=7ffdf000 edi=20000000 > > > eip=778e5e74 esp=0006b698 ebp=0006b6ec iopl=0 nv up ei pl zr na pe nc > > > cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00000246 > > > ntdll!KiFastSystemCallRet: > > > 778e5e74 c3 ret > > > 0:000> g > > > ModLoad: 74330000 74332000 C:\Windows\system32\wmerror.dll > > > eax=00000000 ebx=00000000 ecx=00000000 edx=67bf72a2 esi=7ffdf000 edi=20000000 > > > eip=778e5e74 esp=0006d204 ebp=0006d258 iopl=0 nv up ei pl zr na pe nc > > > cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00000246 > > > ntdll!KiFastSystemCallRet: > > > 778e5e74 c3 ret > > > > > > ---------------------------------------------------------------------------------------------------------- > > > > > > As can be seen, there is a difference in DLL loading after mlang.dll. > > > > > > So, what should be done so that the wmv media can be played, even in the > > > presence of the driver? > > > > > > Looking forward to some light. > > > > > > Regards > > > > > > Ajay > > > > . > >
|
Pages: 1 Prev: Can a high speed USB Audio device work on XP? Next: Caching for Vista Client-Side Print Spooler |