Invalid Virtual Address

TheMSsForum.com: The Microsoft Software Forum

Hi All,

I am developing a PCI based storage driver. I am implementing the
function SRB_FUNCTION_EXECUTE_SCSI for read/write operations in
internal IOCTLs.

If the request is of size 4096 bytes i get an invalid buffer address
from MmGetMdlVirtualAddress(mdladdress) (NULL). However, when i used
MmGetSystemAddressForMdlSafe() i got the correct virtual address.

But the initialization of DMA trasaction fails with
STATUS_INVALID_PARAMETER in WdfDmaTransactionInitialize() routine. I
verified the parameters of WdfDmaTransactionInitialize(), and all are
non-null paramenters.

Can any one point out if i'm going wrong any where. All your
suggestions are appreciable.

Thank You.

Regards,
Sushma
Top

RE: Invalid Virtual Address by GottfriedStckl

GottfriedStckl
Fri Jul 25 15:53:00 CDT 2008

Can you post the whole codesequence, so we can see, how you procede?

"Sushma" wrote:

> Hi All,
>
> I am developing a PCI based storage driver. I am implementing the
> function SRB_FUNCTION_EXECUTE_SCSI for read/write operations in
> internal IOCTLs.
>
> If the request is of size 4096 bytes i get an invalid buffer address
> from MmGetMdlVirtualAddress(mdladdress) (NULL). However, when i used
> MmGetSystemAddressForMdlSafe() i got the correct virtual address.
>
> But the initialization of DMA trasaction fails with
> STATUS_INVALID_PARAMETER in WdfDmaTransactionInitialize() routine. I
> verified the parameters of WdfDmaTransactionInitialize(), and all are
> non-null paramenters.
>
> Can any one point out if i'm going wrong any where. All your
> suggestions are appreciable.
>
> Thank You.
>
> Regards,
> Sushma
>
Top

Re: Invalid Virtual Address by Sushma

Sushma
Tue Jul 29 07:00:16 CDT 2008

Here is the code snippet.

Irp = WdfRequestWdmGetIrp(Request);
mdl = Irp->MdlAddress;

status = WdfDmaTransactionCreate( devExt->DmaEnabler,
&attributes,
&dmaTransaction );
if(!NT_SUCCESS(status))
{
goto CleanUp;
}

if(mdl != NULL)
{
virtualAddress = MmGetSystemAddressForMdlSafe(mdl,
LowPagePriority);
}
else
{
status = STATUS_INVALID_PARAMETER;
goto CleanUp;
}

if( virtualAddress == NULL)
{
goto CleanUp;
}

length = MmGetMdlByteCount(mdl);

status = WdfDmaTransactionInitialize( dmaTransaction,
EvtProgramReadDma,

WdfDmaDirectionReadFromDevice,
mdl,
virtualAddress,
length );

if(!NT_SUCCESS(status)) {
goto CleanUp;
}

At this point WdfDmaTransactionInitialize() fails with
STATUS_INVALID_PARAMETER. If i had used srb->DataBuffer in place of
virtualaddress from MmGetSystemAddressForMdlSafe() it works if the
request size if 512 bytes. If the request size is 4096 i get a null
(0) address.

I had used WdfDmaProfilePacket.

Can you let me know if i'm missing anything else?

Thank You.

Regards,
Sushma
Top

Re: Invalid Virtual Address by Sushma

Sushma
Tue Jul 29 11:51:00 CDT 2008

I need some help very badly as i'm stuck up with this problem quite
few days.

Some one who has faced similiar problem could reply to my query. Any
help from MS guys.

Thank You.

Regards,
Sushma

Top

Re: Invalid Virtual Address by Sushma

Sushma
Wed Jul 30 10:23:26 CDT 2008

Do i need to the WDM way. Get the DMA_ADAPTER object continue with
AllocateAdapterChannel(), maptransfer(), KeFlushIoBuffers().

I donot have any idea why WdfDmaTransactionInitialize() fails with
Invalid Parameter when MmGetSystemAddressForMdlSafe() is used.

Kindly suggest.

Thank You.

Regards,
Sushma

Top

Re: Invalid Virtual Address by Doron

Doron
Wed Jul 30 17:21:15 CDT 2008

dump the log for your driver using !wdflogdump
(http://blogs.msdn.com/doronh/archive/2006/07/31/684531.aspx), it will tell
you why the parameter is invalid

d

--
Please do not send e-mail directly to this alias. this alias is for
newsgroup purposes only.
This posting is provided "AS IS" with no warranties, and confers no rights.


"Sushma" <sushma.yella@gmail.com> wrote in message
news:0c7f138f-b959-4b89-921a-2fc7382451fc@1g2000pre.googlegroups.com...
> Do i need to the WDM way. Get the DMA_ADAPTER object continue with
> AllocateAdapterChannel(), maptransfer(), KeFlushIoBuffers().
>
> I donot have any idea why WdfDmaTransactionInitialize() fails with
> Invalid Parameter when MmGetSystemAddressForMdlSafe() is used.
>
> Kindly suggest.
>
> Thank You.
>
> Regards,
> Sushma
>

Top

Re: Invalid Virtual Address by Sushma

Sushma
Wed Jul 30 23:46:43 CDT 2008

Thanks for the reply.

I'll capture the log and post it.

Thank you.

Regards,
Sushma
Top

Re: Invalid Virtual Address by Tim

Tim
Thu Jul 31 00:46:48 CDT 2008

Sushma <sushma.yella@gmail.com> wrote:
>
>Thanks for the reply.
>
>I'll capture the log and post it.

Why don't you capture the log and READ it? The log should tell you what
you need to know. Please remember that this newsgroup is not a
step-by-step debugging service.
--
Tim Roberts, timr@probo.com
Providenza & Boekelheide, Inc.
Top

Re: Invalid Virtual Address by Sushma

Sushma
Thu Jul 31 05:05:39 CDT 2008

Sorry. I did not mean to post it without reading.

I thought if there is any dificulty in understanding the log i could
come back.

Thank You

Regards,
Sushma
Top

Re: Invalid Virtual Address by Sushma

Sushma
Thu Jul 31 07:45:52 CDT 2008

I did capture the log and found that the address was out of bound when
MmGetSystemAddressForMdlSafe() was used. When i used
MmGetMdlVirtualAddress() i get the virtual address as 0x0. The virtual
address is 0x0 only when the request size is large such as 4096 bytes.

This is not accepted by WdfDmaTransactionInitialize() and fails with
invalid parameter. However, i observed that the WDM version of driver
also has virtual address returned as 0x0 when MmGetMdlVirtualAddress()
is used. This virtual address is used in MapTransfer() and works fine
without any problems. The CurrentVA parameter in MapTransfer() is just
the index of the MDL.

How can i acheive the same in WDF driver? Can i bypass the virtual
address parameter of WdfDmaTransactionInitialize() in some way?

Here is the wdflogdump.

kd> !load C:\Program Files\Debugging Tools for Windows\winext
\wdfkd.dll
kd> !C:\WINDDK\6000\bin\x86\wdfkd.wdftmffile C:\WINDDK\6000\tools
\tracing\i386\wdf01005.tmf
Set TMF file name is : 'C:\WINDDK\6000\tools\tracing
\i386\wdf01005.tmf'
kd> !C:\WINDDK\6000\bin\x86\wdfkd.wdflogdump pcistor
Trace searchpath is:

Trace format prefix is: %7!u!: %!FUNC! -
TMF file used for formatting IFR log is: C:\WINDDK\6000\tools\tracing
\i386\wdf01005.tmf
Log at 81dd4000
Gather log: Please wait, this may take a moment (reading 4032 bytes).
% read so far ... 10, 20, 30, 40, 50, 60, 70, 80, 90, 100
There are 108 log entries
--- start of log ---
125836: FxDevice::AllocateRequestMemory - Allocating FxRequest*
816AE4D8, WDFREQUEST 7E951B20
125837: FxIoQueue::QueueRequest - Queuing WDFREQUEST 0x7E951B20 on
WDFQUEUE 0x7E99EED8
125838: FxIoQueue::DispatchEvents - Thread 823C9640 is processing
WDFQUEUE 0x7E99EED8
125839: FxIoQueue::DispatchEvents - Driver has 1 requests from
sequential WDFQUEUE 0x7E99EED8
125840: FxIoQueue::DispatchEvents - Thread 816842E8 is processing
WDFQUEUE 0x7E99EED8
125841: FxIoQueue::DispatchRequestToDriver - Calling driver
EvtIoInternalDeviceControl for WDFREQUEST 0x7E951B20
125842: imp_WdfRequestGetParameters - Enter: Request 7E951B20,
Parameters AA1BFB50
125843: imp_WdfRequestWdmGetIrp - Enter: WDFREQUEST 0x7E951B20
125844: imp_WdfRequestGetParameters - Enter: Request 7E951B20,
Parameters AA1BFAB4
125845: imp_WdfRequestWdmGetIrp - Enter: WDFREQUEST 0x7E951B20
125846: imp_WdfRequestGetParameters - Enter: Request 7E951B20,
Parameters AA1BFA4C
125847: imp_WdfDmaTransactionInitialize - VirtualAddress+Length
(F8B4C000+4096) is out of bounds of MDL VA + MDL Byte count (max
address is 00001000). Possibly a chained MDL,
0xc000000d(STATUS_INVALID_PARAMETER)
125848: imp_WdfRequestComplete - Completing WDFREQUEST 0x7E951B20,
0xc000000d(STATUS_INVALID_PARAMETER)
125849: FxRequest::Complete - Completing WDFREQUEST 0x7E951B20 for IRP
0x814248C8 with Information 0x0, 0xc000000d(STATUS_INVALID_PARAMETER)
125850: FxIoQueue::RequestCompletedCallback - Enter: WDFQUEUE
0x7E99EED8, WDFREQUEST 0x7E951B20
125851: FxIoQueue::DispatchRequestToDriver - WDFREQUEST 0x7E951B20
dispatched to driver
125852: FxDevice::FreeRequestMemory - Free FxRequest* 816AE4D8 memory
125853: FxIoQueue::DispatchEvents - No requests on WDFQUEUE 0x7E99EED8
125854: FxDevice::FreeRequestMemory - Free FxRequest* 82160DF8 memory
125855: FxPkgIo::Dispatch - WDFDEVICE 0x7DEB0FB0 !devobj 0x8234FEC0
0x0000000f(IRP_MJ_INTERNAL_DEVICE_CONTROL), IRP_MN 0, IRP 0x81A75A60
125856: FxDevice::AllocateRequestMemory - Allocating FxRequest*
8168C958, WDFREQUEST 7E9736A0
125857: FxIoQueue::QueueRequest - Queuing WDFREQUEST 0x7E9736A0 on
WDFQUEUE 0x7DEC2898
125858: FxIoQueue::DispatchEvents - Thread 80551920 is processing
WDFQUEUE 0x7DEC2898
125859: FxIoQueue::DispatchRequestToDriver - Calling driver
EvtIoInternalDeviceControl for WDFREQUEST 0x7E9736A0
125860: imp_WdfRequestGetParameters - Enter: Request 7E9736A0,
Parameters 80548B84
125861: imp_WdfRequestCompleteWithInformation - Completing WDFREQUEST
0x7E9736A0, 0xc0000013(STATUS_NO_MEDIA_IN_DEVICE)
125862: FxRequest::Complete - Completing WDFREQUEST 0x7E9736A0 for IRP
0x81A75A60 with Information 0x0, 0xc0000013(STATUS_NO_MEDIA_IN_DEVICE)
125863: FxIoQueue::RequestCompletedCallback - Enter: WDFQUEUE
0x7DEC2898, WDFREQUEST 0x7E9736A0
125864: FxIoQueue::DispatchRequestToDriver - WDFREQUEST 0x7E9736A0
dispatched to driver
125865: FxDevice::FreeRequestMemory - Free FxRequest* 8168C958 memory
125866: FxIoQueue::DispatchEvents - No requests on WDFQUEUE 0x7DEC2898
125867: FxPkgIo::Dispatch - WDFDEVICE 0x7E56B880 !devobj 0x82135F00
0x0000000f(IRP_MJ_INTERNAL_DEVICE_CONTROL), IRP_MN 0, IRP 0x816912B8
125868: FxDevice::AllocateRequestMemory - Allocating FxRequest*
82160DF8, WDFREQUEST 7DE9F200
125869: FxIoQueue::QueueRequest - Queuing WDFREQUEST 0x7DE9F200 on
WDFQUEUE 0x7E99EED8
125870: FxIoQueue::DispatchEvents - Thread 80551920 is processing
WDFQUEUE 0x7E99EED8
125871: FxIoQueue::DispatchRequestToDriver - Calling driver
EvtIoInternalDeviceControl for WDFREQUEST 0x7DE9F200
125872: imp_WdfRequestGetParameters - Enter: Request 7DE9F200,
Parameters 80548B84
125873: imp_WdfRequestCompleteWithInformation - Completing WDFREQUEST
0x7DE9F200, STATUS_SUCCESS
125874: FxRequest::Complete - Completing WDFREQUEST 0x7DE9F200 for IRP
0x816912B8 with Information 0x0, STATUS_SUCCESS
125875: FxIoQueue::RequestCompletedCallback - Enter: WDFQUEUE
0x7E99EED8, WDFREQUEST 0x7DE9F200
125876: FxIoQueue::DispatchRequestToDriver - WDFREQUEST 0x7DE9F200
dispatched to driver
125877: FxDevice::FreeRequestMemory - Free FxRequest* 82160DF8 memory
125878: FxIoQueue::DispatchEvents - No requests on WDFQUEUE 0x7E99EED8
125879: FxPkgIo::Dispatch - WDFDEVICE 0x7E56B880 !devobj 0x82135F00
0x0000000f(IRP_MJ_INTERNAL_DEVICE_CONTROL), IRP_MN 0, IRP 0x814248C8
125880: FxDevice::AllocateRequestMemory - Allocating FxRequest*
82160DF8, WDFREQUEST 7DE9F200
125881: FxIoQueue::QueueRequest - Queuing WDFREQUEST 0x7DE9F200 on
WDFQUEUE 0x7E99EED8
125882: FxIoQueue::DispatchEvents - Thread 80551920 is processing
WDFQUEUE 0x7E99EED8
125883: FxIoQueue::DispatchRequestToDriver - Calling driver
EvtIoInternalDeviceControl for WDFREQUEST 0x7DE9F200
125884: imp_WdfRequestGetParameters - Enter: Request 7DE9F200,
Parameters 80548BC8
125885: imp_WdfRequestWdmGetIrp - Enter: WDFREQUEST 0x7DE9F200
125886: imp_WdfRequestGetParameters - Enter: Request 7DE9F200,
Parameters 80548B2C
125887: imp_WdfRequestWdmGetIrp - Enter: WDFREQUEST 0x7DE9F200
125888: imp_WdfRequestGetParameters - Enter: Request 7DE9F200,
Parameters 80548AC4
125889: imp_WdfDmaTransactionInitialize - VirtualAddress+Length
(F8B4C000+4096) is out of bounds of MDL VA + MDL Byte count (max
address is 00001000). Possibly a chained MDL,
0xc000000d(STATUS_INVALID_PARAMETER)
125890: imp_WdfRequestComplete - Completing WDFREQUEST 0x7DE9F200,
0xc000000d(STATUS_INVALID_PARAMETER)
125891: FxRequest::Complete - Completing WDFREQUEST 0x7DE9F200 for IRP
0x814248C8 with Information 0x0, 0xc000000d(STATUS_INVALID_PARAMETER)
125892: FxIoQueue::RequestCompletedCallback - Enter: WDFQUEUE
0x7E99EED8, WDFREQUEST 0x7DE9F200
125893: FxIoQueue::DispatchRequestToDriver - WDFREQUEST 0x7DE9F200
dispatched to driver
125894: FxDevice::FreeRequestMemory - Free FxRequest* 82160DF8 memory
125895: FxIoQueue::DispatchEvents - No requests on WDFQUEUE 0x7E99EED8
125896: FxPkgIo::Dispatch - WDFDEVICE 0x7E56B880 !devobj 0x82135F00
0x0000000f(IRP_MJ_INTERNAL_DEVICE_CONTROL), IRP_MN 0, IRP 0x814248C8
125897: FxDevice::AllocateRequestMemory - Allocating FxRequest*
82160DF8, WDFREQUEST 7DE9F200
125898: FxIoQueue::QueueRequest - Queuing WDFREQUEST 0x7DE9F200 on
WDFQUEUE 0x7E99EED8
125899: FxIoQueue::DispatchEvents - Thread 80551920 is processing
WDFQUEUE 0x7E99EED8
125900: FxIoQueue::DispatchRequestToDriver - Calling driver
EvtIoInternalDeviceControl for WDFREQUEST 0x7DE9F200
125901: imp_WdfRequestGetParameters - Enter: Request 7DE9F200,
Parameters 80548BC8
125902: imp_WdfRequestWdmGetIrp - Enter: WDFREQUEST 0x7DE9F200
125903: imp_WdfRequestGetParameters - Enter: Request 7DE9F200,
Parameters 80548B2C
125904: imp_WdfRequestWdmGetIrp - Enter: WDFREQUEST 0x7DE9F200
125905: imp_WdfRequestGetParameters - Enter: Request 7DE9F200,
Parameters 80548AC4
125906: imp_WdfDmaTransactionInitialize - VirtualAddress+Length
(F8B4C000+4096) is out of bounds of MDL VA + MDL Byte count (max
address is 00001000). Possibly a chained MDL,
0xc000000d(STATUS_INVALID_PARAMETER)
125907: imp_WdfRequestComplete - Completing WDFREQUEST 0x7DE9F200,
0xc000000d(STATUS_INVALID_PARAMETER)
125908: FxRequest::Complete - Completing WDFREQUEST 0x7DE9F200 for IRP
0x814248C8 with Information 0x0, 0xc000000d(STATUS_INVALID_PARAMETER)
125909: FxIoQueue::RequestCompletedCallback - Enter: WDFQUEUE
0x7E99EED8, WDFREQUEST 0x7DE9F200
125910: FxIoQueue::DispatchRequestToDriver - WDFREQUEST 0x7DE9F200
dispatched to driver
125911: FxDevice::FreeRequestMemory - Free FxRequest* 82160DF8 memory
125912: FxIoQueue::DispatchEvents - No requests on WDFQUEUE 0x7E99EED8
125913: FxPkgIo::Dispatch - WDFDEVICE 0x7DEB0FB0 !devobj 0x8234FEC0
0x0000000f(IRP_MJ_INTERNAL_DEVICE_CONTROL), IRP_MN 0, IRP 0x81A75A60
125914: FxDevice::AllocateRequestMemory - Allocating FxRequest*
8168C958, WDFREQUEST 7E9736A0
125915: FxIoQueue::QueueRequest - Queuing WDFREQUEST 0x7E9736A0 on
WDFQUEUE 0x7DEC2898
125916: FxIoQueue::DispatchEvents - Thread 80551920 is processing
WDFQUEUE 0x7DEC2898
125917: FxIoQueue::DispatchRequestToDriver - Calling driver
EvtIoInternalDeviceControl for WDFREQUEST 0x7E9736A0
125918: imp_WdfRequestGetParameters - Enter: Request 7E9736A0,
Parameters 80548B84
125919: imp_WdfRequestCompleteWithInformation - Completing WDFREQUEST
0x7E9736A0, 0xc0000013(STATUS_NO_MEDIA_IN_DEVICE)
125920: FxRequest::Complete - Completing WDFREQUEST 0x7E9736A0 for IRP
0x81A75A60 with Information 0x0, 0xc0000013(STATUS_NO_MEDIA_IN_DEVICE)
125921: FxIoQueue::RequestCompletedCallback - Enter: WDFQUEUE
0x7DEC2898, WDFREQUEST 0x7E9736A0
125922: FxIoQueue::DispatchRequestToDriver - WDFREQUEST 0x7E9736A0
dispatched to driver
125923: FxDevice::FreeRequestMemory - Free FxRequest* 8168C958 memory
125924: FxIoQueue::DispatchEvents - No requests on WDFQUEUE 0x7DEC2898
125925: FxPkgIo::Dispatch - WDFDEVICE 0x7E56B880 !devobj 0x82135F00
0x0000000f(IRP_MJ_INTERNAL_DEVICE_CONTROL), IRP_MN 0, IRP 0x816912B8
125926: FxDevice::AllocateRequestMemory - Allocating FxRequest*
82160DF8, WDFREQUEST 7DE9F200
125927: FxIoQueue::QueueRequest - Queuing WDFREQUEST 0x7DE9F200 on
WDFQUEUE 0x7E99EED8
125928: FxIoQueue::DispatchEvents - Thread 80551920 is processing
WDFQUEUE 0x7E99EED8
125929: FxIoQueue::DispatchRequestToDriver - Calling driver
EvtIoInternalDeviceControl for WDFREQUEST 0x7DE9F200
125930: imp_WdfRequestGetParameters - Enter: Request 7DE9F200,
Parameters 80548B84
125931: imp_WdfRequestCompleteWithInformation - Completing WDFREQUEST
0x7DE9F200, STATUS_SUCCESS
125932: FxRequest::Complete - Completing WDFREQUEST 0x7DE9F200 for IRP
0x816912B8 with Information 0x0, STATUS_SUCCESS
125933: FxIoQueue::RequestCompletedCallback - Enter: WDFQUEUE
0x7E99EED8, WDFREQUEST 0x7DE9F200
125934: FxIoQueue::DispatchRequestToDriver - WDFREQUEST 0x7DE9F200
dispatched to driver
125935: FxDevice::FreeRequestMemory - Free FxRequest* 82160DF8 memory
125936: FxIoQueue::DispatchEvents - No requests on WDFQUEUE 0x7E99EED8
125937: FxPkgIo::Dispatch - WDFDEVICE 0x7E56B880 !devobj 0x82135F00
0x0000000f(IRP_MJ_INTERNAL_DEVICE_CONTROL), IRP_MN 0, IRP 0x814248C8
125938: FxDevice::AllocateRequestMemory - Allocating FxRequest*
82160DF8, WDFREQUEST 7DE9F200
125939: FxIoQueue::QueueRequest - Queuing WDFREQUEST 0x7DE9F200 on
WDFQUEUE 0x7E99EED8
125940: FxIoQueue::DispatchEvents - Thread 80551920 is processing
WDFQUEUE 0x7E99EED8
125941: FxIoQueue::DispatchRequestToDriver - Calling driver
EvtIoInternalDeviceControl for WDFREQUEST 0x7DE9F200
125942: imp_WdfRequestGetParameters - Enter: Request 7DE9F200,
Parameters 80548BC8
125943: imp_WdfRequestWdmGetIrp - Enter: WDFREQUEST 0x7DE9F200
---- end of log ----
Top

Re: Invalid Virtual Address by Maxim

Maxim
Thu Jul 31 09:43:28 CDT 2008

> MmGetMdlVirtualAddress() i get the virtual address as 0x0. The virtual
> address is 0x0 only when the request size is large such as 4096 bytes.
>
> This is not accepted by WdfDmaTransactionInitialize() and fails with
> invalid parameter.

Looks like a KMDF bug.

MmGetMdlVirtualAddress returning NULL is valid, more so, NULL is valid as an
index to IoBuildPartialMdl.

MmGetMdlVirtualAddress will really return NULL if the MDL was created using
MmAllocatePagesForMdl.

--
Maxim Shatskih, Windows DDK MVP
StorageCraft Corporation
maxim@storagecraft.com
http://www.storagecraft.com

Top

Re: Invalid Virtual Address by Sushma

Sushma
Thu Jul 31 12:04:49 CDT 2008

Thanks for the reply.

Is there any alternate method to achieve the same?

or

Do i need to proceed the WDM type DMA processing?

Thank You.

Regards,
Sushma
Top

Re: Invalid Virtual Address by Sushma

Sushma
Thu Aug 07 08:41:04 CDT 2008

I apologize for bringing back the old thread once again.

I would like to know if this is really a KMDF bug. I need to update my
boss and plan accordingly how i can proceed further. I did the DMA
trasaction in WDM way using AllocateAdapterChannel(), MapTransfer()
and KeFlushIoBuffers() and it seems to work fine.

Any comments??

Thank You.

Regards,
Sushma
Top