WPP & KMDF Crash

TheMSsForum.com: The Microsoft Software Forum

I have been attempting to use WPP tracing in my Bus Driver and when I create
a session in TraceView with either the symbols or CTL file I will get a bug
check on occasion. I have several function driver which use WPP just fine.
Any pointers on where to start looking?

PAGE_FAULT_IN_NONPAGED_AREA (50)
Invalid system memory was referenced. This cannot be protected by try-except,
it must be protected by a Probe. Typically the address is just plain bad or
it
is pointing at freed memory.
Arguments:
Arg1: 86193940, memory referenced.
Arg2: 00000000, value 0 = read operation, 1 = write operation.
Arg3: 819da52f, If non-zero, the instruction address which referenced the
bad memory
address.
Arg4: 00000000, (reserved)

Debugging Details:
------------------


READ_ADDRESS: GetPointerFromAddress: unable to read from 819726d8
Unable to read MiSystemVaType memory at 819532e0
86193940

FAULTING_IP:
nt!WmipForwardWmiIrp+75
819da52f ff10 call dword ptr [eax]

MM_INTERNAL_CODE: 0

CUSTOMER_CRASH_COUNT: 2

DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT

BUGCHECK_STR: 0x50

PROCESS_NAME: System

CURRENT_IRQL: 0

TRAP_FRAME: 85728b94 -- (.trap 0xffffffff85728b94)
ErrCode = 00000000
eax=86193940 ebx=84c6b008 ecx=00000004 edx=00000000 esi=84371178 edi=85728c90
eip=819da52f esp=85728c08 ebp=85728c40 iopl=0 nv up ei pl zr na pe nc
cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00010246
nt!WmipForwardWmiIrp+0x75:
819da52f ff10 call dword ptr [eax]
ds:0023:86193940=????????
Resetting default scope

LAST_CONTROL_TRANSFER: from 818a0ae4 to 818b6b4e

STACK_TEXT:
85728b7c 818a0ae4 00000000 86193940 00000000 nt!MmAccessFault+0x158
85728b7c 819da52f 00000000 86193940 00000000 nt!KiTrap0E+0xdc
85728c40 819da169 00000000 00000004 86193940 nt!WmipForwardWmiIrp+0x75
85728c6c 819da1be 00000004 86193940 85728ce8 nt!WmipSendWmiIrp+0x56
85728c9c 819ad46a 00000004 86f56c74 00000040 nt!WmipDeliverWnodeToDS+0x22
85728d18 819ad24b 99abf480 86f82754 8193e8fc
nt!WmipProcessLegacyEtwCallback+0x89
85728d44 818a16be 86f82754 00000000 82a8e828 nt!WmipLegacyEtwWorker+0x5e
85728d7c 819ee6ad 86f82754 5ac88d9a 00000000 nt!ExpWorkerThread+0xfd
85728dc0 818d5686 818a15c1 00000001 00000000 nt!PspSystemThreadStartup+0x9d
00000000 00000000 00000000 00000000 00000000 nt!KiThreadStartup+0x16


STACK_COMMAND: kb

FOLLOWUP_IP:
nt!WmipForwardWmiIrp+75
819da52f ff10 call dword ptr [eax]

SYMBOL_STACK_INDEX: 2

SYMBOL_NAME: nt!WmipForwardWmiIrp+75

FOLLOWUP_NAME: MachineOwner

MODULE_NAME: nt

IMAGE_NAME: ntkrnlmp.exe

DEBUG_FLR_IMAGE_TIMESTAMP: 47918b0a

FAILURE_BUCKET_ID: 0x50_nt!WmipForwardWmiIrp+75

BUCKET_ID: 0x50_nt!WmipForwardWmiIrp+75

Followup: MachineOwner
Top

Re: WPP & KMDF Crash by Eliyas

Eliyas
Tue May 06 20:04:20 CDT 2008

Where do you call WPP_INIT_TRACING and WPP_CLEANUP in the KMDF driver?

"Michael Fuchs" <MichaelFuchs@discussions.microsoft.com> wrote in message
news:09404824-4E7F-4414-87C9-94693FE68611@microsoft.com...
> I have been attempting to use WPP tracing in my Bus Driver and when I
> create
> a session in TraceView with either the symbols or CTL file I will get a
> bug
> check on occasion. I have several function driver which use WPP just
> fine.
> Any pointers on where to start looking?
>
> PAGE_FAULT_IN_NONPAGED_AREA (50)
> Invalid system memory was referenced. This cannot be protected by
> try-except,
> it must be protected by a Probe. Typically the address is just plain bad
> or
> it
> is pointing at freed memory.
> Arguments:
> Arg1: 86193940, memory referenced.
> Arg2: 00000000, value 0 = read operation, 1 = write operation.
> Arg3: 819da52f, If non-zero, the instruction address which referenced the
> bad memory
> address.
> Arg4: 00000000, (reserved)
>
> Debugging Details:
> ------------------
>
>
> READ_ADDRESS: GetPointerFromAddress: unable to read from 819726d8
> Unable to read MiSystemVaType memory at 819532e0
> 86193940
>
> FAULTING_IP:
> nt!WmipForwardWmiIrp+75
> 819da52f ff10 call dword ptr [eax]
>
> MM_INTERNAL_CODE: 0
>
> CUSTOMER_CRASH_COUNT: 2
>
> DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT
>
> BUGCHECK_STR: 0x50
>
> PROCESS_NAME: System
>
> CURRENT_IRQL: 0
>
> TRAP_FRAME: 85728b94 -- (.trap 0xffffffff85728b94)
> ErrCode = 00000000
> eax=86193940 ebx=84c6b008 ecx=00000004 edx=00000000 esi=84371178
> edi=85728c90
> eip=819da52f esp=85728c08 ebp=85728c40 iopl=0 nv up ei pl zr na pe
> nc
> cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000
> efl=00010246
> nt!WmipForwardWmiIrp+0x75:
> 819da52f ff10 call dword ptr [eax]
> ds:0023:86193940=????????
> Resetting default scope
>
> LAST_CONTROL_TRANSFER: from 818a0ae4 to 818b6b4e
>
> STACK_TEXT:
> 85728b7c 818a0ae4 00000000 86193940 00000000 nt!MmAccessFault+0x158
> 85728b7c 819da52f 00000000 86193940 00000000 nt!KiTrap0E+0xdc
> 85728c40 819da169 00000000 00000004 86193940 nt!WmipForwardWmiIrp+0x75
> 85728c6c 819da1be 00000004 86193940 85728ce8 nt!WmipSendWmiIrp+0x56
> 85728c9c 819ad46a 00000004 86f56c74 00000040 nt!WmipDeliverWnodeToDS+0x22
> 85728d18 819ad24b 99abf480 86f82754 8193e8fc
> nt!WmipProcessLegacyEtwCallback+0x89
> 85728d44 818a16be 86f82754 00000000 82a8e828 nt!WmipLegacyEtwWorker+0x5e
> 85728d7c 819ee6ad 86f82754 5ac88d9a 00000000 nt!ExpWorkerThread+0xfd
> 85728dc0 818d5686 818a15c1 00000001 00000000
> nt!PspSystemThreadStartup+0x9d
> 00000000 00000000 00000000 00000000 00000000 nt!KiThreadStartup+0x16
>
>
> STACK_COMMAND: kb
>
> FOLLOWUP_IP:
> nt!WmipForwardWmiIrp+75
> 819da52f ff10 call dword ptr [eax]
>
> SYMBOL_STACK_INDEX: 2
>
> SYMBOL_NAME: nt!WmipForwardWmiIrp+75
>
> FOLLOWUP_NAME: MachineOwner
>
> MODULE_NAME: nt
>
> IMAGE_NAME: ntkrnlmp.exe
>
> DEBUG_FLR_IMAGE_TIMESTAMP: 47918b0a
>
> FAILURE_BUCKET_ID: 0x50_nt!WmipForwardWmiIrp+75
>
> BUCKET_ID: 0x50_nt!WmipForwardWmiIrp+75
>
> Followup: MachineOwner

Top