Ways to anlayze crash dump files

TheMSsForum.com: The Microsoft Software Forum

The MSS Forum ‹ Drivers
- Archive
  - Biz
  - MCSE
  - CRM
  - Drivers
  - Framework
  - ADO
  - ASP
  - Compact
  - Forms
  - Dotnet
  - C#
  - VB
  - FontpageGen
  - Excel
  - WorkSheet
  - Exchange
  - Setup
  - Fox
  - Fontpage
  - ASP
  - IIS
  - Entourage
  - Money
  - Messanger
  - PocketPC
  - Powerpoint
  - Project
  - Publisher
  - Excel
  - VB
  - Security
  - Portal
  - Services
  - SQLServerDev
  - SVCS
  - SQLServer
  - VB
  - VC
  - MFC
  - ExcelGen

- Previous
  - 1
    - PDB file path in driver binary By default if i build my driver, the path of the pdb file is seen in the driver binary even in the free build. i don't want the path to be seen in the driver binary. how to remove it. any comile time flags? Tag: Ways to anlayze crash dump files Tag: 65520
  - 2
    - Test Question 11 Tag: Ways to anlayze crash dump files Tag: 65511
  - 3
    - NdisAllocatePacketPoolEx & NULL pool handle NdisAllocateBufferPool can return a NULL pool handle which is valid. is same true with NdisAllocatePacketPoolEx ? Tag: Ways to anlayze crash dump files Tag: 65510
  - 4
    - Visual Studio 5.0 compatibility Hi, I need Visual Studio 5.0 to build my driver code. Am not able to get it I have 6.0 version. Can anyone tell me how to make 6.0 to be compatible for 5.0? What settings has to be changed? Thanks & Regards Gayathri Tag: Ways to anlayze crash dump files Tag: 65503
  - 5
    - Microsoft - Need urgent help - Product rollout stopped Hello, Sorry for posting this again but I'm in a crunch to resolve this issue ASAP. We are developing a 3.3 V only PC Card which work with my driver under Windows 2000 and Xp but Windows 98SE is showing an error code of 7. My driver entry routine is called but not my initialize routine. Does Windows 98SE support 3.3V only PC Card? I've noticed that Microsoft recommends that PC Card be implemented as dual voltage (3.3V/5V). Please reply ASAP since our product rollout is on hold until this issue is resolve. Tag: Ways to anlayze crash dump files Tag: 65495
  - 6
    - Newbie! Creating correct inf file Hi, before asking my question I should say that I'm absolutely new to driver programming and worse I don't even have the DDK documentation. However, I have some years experience with Windows development and now want to create a MIDI driver thats sole purpose is to route MIDI messages to my custom application. I have already found the documentation for Installable Drivers in the Win SDK and some code in newsgroups. The code is written for Win 3.11 but I was able to rewrite and compile it under Windows XP. I'm also able to load the driver with the OpenDriver() API. My question: I want other applications let select the driver for their MIDI output device. For this, I assume, I must install the driver. The old Win 3.11 code example comes with an inf file that looks something like this: [disks] 1=. ,"My MIDI driver",disk1 [Installable.Drivers] MyMidiDrv=1:d:\bcb5\music\installableDrivers\MidiDriver1\MyMidiDrv.dll,"MIDI","MIDI",,, However, trying to install this always gives me the error "Installation failed". What could be the cause? Is this inf file at all valid under Win32? I really appreciate any comment/idea!! thanks, Nick Tag: Ways to anlayze crash dump files Tag: 65493
  - 7
    - Does the WinDbg in source mode Does someone has successfully debug with source and break point and all with the WinDbg? I put a break point in my source code... (set the source path and all) When my driver loads it always tell me that it cannot locate the breakpoint??? Thanks Denis Tag: Ways to anlayze crash dump files Tag: 65486
  - 8
    - out of the device driver newsgroup Guys, I am pausing out of the driver newsgroup for a month or two. I am reachable for any printer driver,port monitor, language monitor, print processor,spooler or any printing related queries at my email vprnt at lycos dot com Thanks Vipin Tag: Ways to anlayze crash dump files Tag: 65478
  - 9
    - printer driver halftoning I have been given the task of adding enhanced halftoning capability to an existing printer driver. The driver sends its output to a thermal transfer barcode printer. This is monochrome device (hence the need for halftoning). I have tried changing the halftoning parameters, such as the GDIINFO HTPatternSize, but this does not seem to affect the output. Ultimately, I am look for a way to let the use choose from any of the HT_PATSIZE_* values and have the driver use these when rendering color images. I just can't seem to get all of the settings lined up just right between the GDIINFO, DEVINFO, DEVHTINFO. I have implemented DrvStretchBlt and I am calling EngStretchBlt with iMode set to HALFTONE. None of this seems to help. Any pointers or suggestions would be welcome. Neal Tag: Ways to anlayze crash dump files Tag: 65477
  - 10
    - Mirror Driver - Capturing GDI Call information Hi everyone, For a remote desktop type application, I am trying to see if it is feasible to actually grab GDI call information with a mirror driver and send that to the client where it would be drawn. This would result in much less data being transferred over the network over the usual approach of sending pre-drawn JPEG rectangles for changed parts of the screen, I would think. Can anyone point me to some information on how to do this? How would I use this data on the client to redraw the display since it will be coming from kernel-mode on the server? The DDK mirror sample doesn't have enough comments for me to figure this out. Thanks! Aruk Tag: Ways to anlayze crash dump files Tag: 65476
  - 11
    - is device interface path (DevicePath) persistent ? Is device interface path [ i.e. the DevicePath parameter of the SetupDiOpenDeviceInterface function or DevicePath member of the SP_DEVICE_INTERFACE_DETAIL_DATA structure ] persistent 1) between reboots? I.e. will sequential SetupDi*-style enumerations made in the same Windows session give the same DevicePath for the same device interface? 2) over reboots? i.e. will enumerations before and after reboot give the same DevicePath for the same device interface ? Many thanks! Igor. Tag: Ways to anlayze crash dump files Tag: 65474
  - 12
    - drive letter from DevicePath / Device handle Should be an easy question I guess ... Suppose, I used SetupDi* functions to get the DevicePath for the device, say CD-ROM drive, and then opened the handle for the device passing this DevicePath to CreateFile. So far, so good. Now, what is the best/recommended way to resolve the drive letter (if any) associated with this device [e.g. E:, F: etc] ? Many thanks! Igor. Tag: Ways to anlayze crash dump files Tag: 65472
  - 13
    - High Volume Queueing in NDIS MiniportSendPackets I have a deserialized intermediate driver that accepts packets in MiniportSendPackets, queues them, schedules a work item to do some processing on them that has to happen at PASSIVE_LEVEL, and sets their status to NDIS_STATUS_PENDING. The work item completes the packets once it is finished processing. This all works fine in low volume situations, but when I subject my driver to one of the NDIS Test stress tests, I notice the following: - MiniportSendPackets keeps getting called at DISPATCH_LEVEL and queueing the packets; - My work items never get a chance to run and complete the packets; and, - Eventually I run out of buffer descriptors and I have to start setting NDIS_STATUS_FAILURE on the packets in MiniportSendPackets. I don't think there's a way to pause the execution of MiniportSendPackets because it's getting called at DISPATCH_LEVEL. My question is: how can I follow all the rules for MiniportSendPackets in this situation and still give my work items a chance to complete the packets in a high volume situation? Tag: Ways to anlayze crash dump files Tag: 65471
  - 14
    - NDIS driver Hello: My application involves streaming audio, video, and control data from nodes with embedded ethernet capabilities. Each node will have a video camera and microphone as inputs, and speakers and a video screen as outputs. Each node can transmit audio/video/control data to any other node on the network. The windows PC will be able to stream data to any node, and will be able to receive data streamed from any node. The PC will also be able to monitor and save data being streamed directly from 1 node to another. The nodes will have ethernet PHY/MAC front ends connected to a microcontroller or FPGA to send and receive data, but no high-level capabilities (ie no TCP/IP stack). My question is what sort of network driver I need to write (Windows XP). Is an intermediate NDIS driver the correct choice? Is there a way to simplify the architecture by improving the capabilities of the remote nodes - ie package audio/video/control data as some "standard" format recognized by Windows resulting in simplification or elimination of need for custom device driver? If nodes have full TCP/IP stacks, does this simplify anything? If nodes are just "dumb" MAC addresses that source or sink data without knowledge of any windows high level protocols, does this force the creation of custom network driver? Any suggestions are welcome. Thanks, Doug Tag: Ways to anlayze crash dump files Tag: 65461
  - 15
    - About SMB client driver ... I am using Microsoft Windows 2003 on a Tyan motherboard which has the Intel ICH5R (7520 chipset). This chipset has an embedded I2C controller and my application needs to do some I2C based device communication, i.e. thermal, drive detection, etc. These are normal I2C communication that I can get done in Linux very well. With Windows I know that some SMB client driver is needed. I can't figure out if there are any SMB client drivers available from Microsoft for Windows 2003 (at some point it will be SAK solution). If there is a driver already available then how do I talk to the driver (i.e. are there documented IOCTL that I can use?). If such a driver is not available then how easy it is to write one? Even if I write one the SMB client driver of mine needs to talk to the SMB class driver but I do not know or did not find any document that explains this. Can somebody please provide me some information on how to get this working. Sincerely appreciate your feedback and help on this one. Regards SG -- SG, Device Driver writer Tag: Ways to anlayze crash dump files Tag: 65458
  - 16
    - Help in analyzing crash dump files When I get a BSOD, I use Visual SOFTICE and a Kernel memory dump to try and trace the error. If one of my driver's function is in the stack trace, I can goto its source and try to find the error. My problem starts when I don't see my driver in the stack trace, and even when I disassemble "Parameter 4: Address of instruction executing" I can't see any of my driver's function. Any way I can get more informant from the dump? Does WinDbg can be more helpful in analyzing dump files ? Any way to know if the win32 user mode app caused the crash? (Then I need to use a complete memory dump?) Any other tips on debugging BSODs? Thanks Tag: Ways to anlayze crash dump files Tag: 65456
  - 17
    - Override excel's printing dpi setting This question has been asked before, but not answered. So here goes again: I need to programmatically print excel documents based on the printer's settings (essentially the dpi). However, for excel documents, they have their own print settings in Page Setup. When printing programmatically, these settings override the printer's default settings. Any ways to change the document's settings, or to override these settings to use the printer's, or even to intercept the print job to change them? Thanks! Tag: Ways to anlayze crash dump files Tag: 65453
  - 18
    - DPC/ISR synchronization (windows ce) I haven't had a lot of response in the platform builder newsgroups, so I'll try here. In Windows CE 4.1, I had no problem with a NDIS ISR (miniportISR) interrupting the DPC(MiniportHandleInterrupt). In upgrading to Windows CE 5.0, I'm seeing that the ISR is getting held off by the DPC. I've tried serialized/deserialized. I've verified that the interrupt is not disabled in the kernel and can see with independent means that kernel is seeing the interrupt and setting the interrupt event in time with the hardware, but the ISR waits until the DPC finishes until it is run. Does anyone have visibility into what has changed between the CE 4.x and 5.x NDIS implementation ? The driver registers as an NDIS 5.0 miniport. Tag: Ways to anlayze crash dump files Tag: 65444
  - 19
    - HID mouse filter (aka firefly) question Greetings, I have a question about the DDK firefly example. It's supposed to show how to implement a filter driver for a MS optical mouse device. My question is, how are HID mouse events actually intercepted, identified, and filtered relative to the firefly example? I'm kinda new at device driver programming, but I already understand (to some extent) the other filter drivers (moufiltr and kbfiltr) in the DDK, to the point that I've successfully modified, rebuilt, and loaded those. Now I want to do the same with the firefly example (really for all HID mice and keyboards), but there don't seem to be enough clues in the example. Can somebody help me connect the missing dots? Tag: Ways to anlayze crash dump files Tag: 65443
  - 20
    - Kernal or application thread - Help Hi Guys I have a windows application and device driver using a piece of data acquisition hardware. When the data has been acquired I use the device driver to read back the data. Its read back byte by byte and there is a lot to read back. At the moment I don't have any threads operating so when the device driver is reading back the data the User interface is locked out. So what I'm going to do is create a thread that operates in the background always waiting for the data ready signal and then reading the data back when its available. It would have lower priority than the User Interface thread and so should not effect its operation. My question is this. Should I create a thread in the kernel i.e. created by the device driver, Or should I create a thread at the application level which owns the device driver(i.e. opens it communicates with it etc.)? Creating a thread in the device driver is easier for me given the current software architecture. If I change, to create a new application level thread then all existing communication between the User Interface thread and the device driver would have to be modified to go to, and then through the new thread. So Ideally I want to create a new thread in the Kernel. But will it operate at a lower priority than the User Interface thread and therefor allow it priority. All help appreciated. Denis ____________________ Centron System Solutions http://www.CentronSolutions.com Tag: Ways to anlayze crash dump files Tag: 65440
  - 21
    - Use GetPrinterData to GetPrinterDataFromPort to get printer status Trying to write a language monitor for a printer to retrieve printer status, but having some trouble connecting the dots. There does not seem to be much info on this subject. Through reading other threads and info on the MSDN site I understand that the API GetPrinterData retrieves printer config data from the registry, but if the data is not in the registry it will call GetPrinterDataFromPort in the language monitor, which will communicate with the printer with WriteCommand and read back the results in the UstatusThread with ReadCommand. I can retreive an existing registry key with GetPrinterData successfully, but a non-existing key will return 0 bytes needed and does not seem to call the language monitors PJLMonGetPrinterDataFromPort. I have a debug statement with OutputDebugString here that never gets called. What do I need to do in order for an application to retrieve printer status directly from the printer? Is this the preferred method? Do I have to make use of SetPrinterData to store the result or trigger the call to GetPrinterData to make the call the the language monitor? If there is a more appropriate thread for this question, please let me know. Assistance with this would be much appreciated. Thankyou Tag: Ways to anlayze crash dump files Tag: 65437
  - 22
    - Ke386CallBios() I've got a situation where I'm being told to make an Int15 bios call from a driver. I know it's no longer supported, highly discouraged etc, but I'm still being pushed into it. Based on some newsgroup posts, it looks like Ke386CallBios() is what I need. However, I don't have any idea on how to call it (obviously no documentation for an undocumented function). Any suggestions? -- Dean Tag: Ways to anlayze crash dump files Tag: 65433
  - 23
    - Creating Browser Info in Server 2003.SP1 DDK In my sources file, I have the following: BROWSER_INFO=1 BROWSERFILE=$(TARGETNAME).bsc -n This works great when I build using the Server 2003 DDK. However, it doesn't generate a browser file if I build using the Server 2003 SP1 DDK. What happened? Tag: Ways to anlayze crash dump files Tag: 65426
  - 24
    - Install a filter driver automatcally Hi everyone, DDK sample Firefly shows how to install a mouse filter driver on a USB mouse, but it requires manual installation. A user has to find out his/her mouse device object (sometimes appears as HID compliant mouse) in Device Manager and take the "Update Driver" route to install it. Is it possible to install such a filter driver between mouhid.sys and mouclass.sys (so it filters all USB mice but not other PS/2, serial, i.e., not a classwide filter) aautomatically with a SETUP.exe or the similar? Is there any example to create SETUP.exe for automatic installation? Thanks in advance, Liang Fu Tag: Ways to anlayze crash dump files Tag: 65425
  - 25
    - Win98 calls to lower driver from upper driver We have developed a Windows 98 upper and lower driver to perform read and write operations to the disk. How do we make these both drivers communicate with each other. Thanks in advance!! Tag: Ways to anlayze crash dump files Tag: 65422
- Next
  - 1
    - How to use a PTRDIFF to get the value it offsets to I am trying to get the family name of a font which is accessed by a PTRDIFF which holds the offset to its memory location. I have tried to add the offset to the memory location of the variable and it is pointing me to garbage. What is the procedure to get the family name of a font from the PIFIMETRICS? Thanks Tag: Ways to anlayze crash dump files Tag: 65421
  - 2
    - Bluetooth programming compilation problems Hi all, I am trying to develop an application which try to discover different devices present and the services exposed by them over bluetooth. I am using WSALookupServiceBegin(), WSALookupServiceEnd() and WSALookupServiceNext() functions. When I try to query services then i get some BLOB data in pwsaResults->lpBlob->pBlobData. I dont know how to get information from this. Although I try to use interfaces like ISdpRecord, ISdpStream but when I include bthapi.h nothing happens and I get the errors that the following interfaces are not defined. Then I included bthapi.idl but I am getting following errors: C:\Program Files\Microsoft Visual Studio 8\SmartDevices\SDK\PocketPC2003\Include\bthapi.idl(13) : error C4430: missing type specifier - int assumed. Note: C++ does not support default-int 1>C:\Program Files\Microsoft Visual Studio 8\SmartDevices\SDK\PocketPC2003\Include\bthapi.idl(13) : error C2440: 'initializing' : cannot convert from 'const char [3]' to 'int' 1> There is no context in which this conversion is possible 1>C:\Program Files\Microsoft Visual Studio 8\SmartDevices\SDK\PocketPC2003\Include\bthapi.idl(13) : error C2146: syntax error : missing ';' before identifier 'cpp_quote' 1>C:\Program Files\Microsoft Visual Studio 8\SmartDevices\SDK\PocketPC2003\Include\bthapi.idl(14) : error C4430: missing type specifier - int assumed. Note: C++ does not support default-int 1>C:\Program Files\Microsoft Visual Studio 8\SmartDevices\SDK\PocketPC2003\Include\bthapi.idl(14) : error C2374: 'cpp_quote' : redefinition; multiple initialization 1> C:\Program Files\Microsoft Visual Studio 8\SmartDevices\SDK\PocketPC2003\Include\bthapi.idl(12) : see declaration of 'cpp_quote' Could anyone please help me out here. Thanks, Arsalan Tag: Ways to anlayze crash dump files Tag: 65416
  - 3
    - NDIS and broadcast Hi all, I would like to ask you for an answer on following question. If I send a broadcast frame from my NDIS IM, will it be delivered to all stations on segment including source station, or not? I have a reason to think that it is so ... when I send broadcast frame, it is a bit later indicated in my PtReceive. It seems little strange to me but ... Another questions are: Is it normal behaviour? Is it possible to somehow switch it off? thanks for patient Michal Tag: Ways to anlayze crash dump files Tag: 65410
  - 4
    - Network mechanism in windows Hi all, I have following problem. Using NDIS IM, I have discovered that after plugging cable into NIC card (e.g. associated with ip 192.168.10.1), windows send throught it ARP request (filled with Sender IP = 192.168.10.1 and Target IP = 192.168.10.1), which is then indicated as received (again in my NDIS IM). It occures even if translation for the IP is included in ARP table, so I suppose that this is done as some kind of testing accessibility of network. Questions are: 1) is that description correct ? 2) why does it happen? thanks for answers Michal Tag: Ways to anlayze crash dump files Tag: 65400
  - 5
    - PAE question about memory access Hello, I have some questions related to the use of PAE for access to memory beyond 4G in 32-bit Windows drivers. I'm trying to understand how a PCI device which supports dual address cycles works in conjunction with a device driver running on a system with PAE enabled. As I understand it any memory that the system provides can be either above or below the 4G mark. If a driver calls IoGetDmaAdapter with Dma32BitAddresses set to TRUE (and Dma64bitAddresses set to FALSE), does this mean that when AllocateCommonBuffer is called that it will only give memory which is physically below 4G? Or does it mean that the memory can be anywhere, but the "logical" address it returns will always be a 32-bit quantity? Or is there some other interpretation? In my case, the device only wants to receive 32-bit host memory addresses to access, but we do want the device to be able take advantage of the upper memory, if possible. Also, if for some reason we did want to restrict the memory for this device to the lower 4G of memory, is there a way to specify it? We might want to support some device types which can support DAC and some which do not in the same driver at the same time. Thanks, Nathan Tag: Ways to anlayze crash dump files Tag: 65387
  - 6
    - remote boot Windows XP Embedded, crash dump Hi, When using "remote boot Windows XP Embedded" (sdi file), crash dump files can not be created because when WIDOWS re-boots from SDI image , it can not determine if the system had a crash since it recreates and formats the disk at every boot. Is there a way to get a crash dump even by adding devices or/and developping device drivers? i assume a pagefile must be created on a disk somewhere? For example can we use a USB flash disk to hold the pagefile and when Windows reboots after a crash, will it generate a crash dump on the USB disk? -- Thanks, Daniel Tag: Ways to anlayze crash dump files Tag: 65381
  - 7
    - Windows hardware and driver central I can not find a link to the WHDC on msdn.microsoft.com or the site map on microsoft.com. You almost have to the know the exact link http://www.microsoft.com/whdc/default.mspx to get to it. Does anyone know how do I go from www.microsoft.com or msdn.microsoft.com to http://www.microsoft.com/whdc/default.mspx? Thanks Tag: Ways to anlayze crash dump files Tag: 65372
  - 8
    - help debugging KMODE_EXCEPTION_NOT_HANDLED Hi I hooked CreateFile (i know hooking is bad..) and for some reason, the following line causes a BSOD with BUGCHECK: 1e KMODE_EXCEPTION_NOT_HANDLED wcslen(ObjectAttributes->ObjectName->Buffer) > 7 I also checked that ObjectName and ObjectName->Buffer are'nt NULL. Any idea why? Tag: Ways to anlayze crash dump files Tag: 65370
  - 9
    - NDIS passthru: signal event We are programming in a driver (NDIS passthru) environment and would like to know if there is an efficient way to signal the "outer world" about an event that happened in the driver. We know that we could use DeviceIoControl, which is good to supply data from "outside" to the driver and this routine also works in the opposite direction. However, you would have to "poll" the driver every now and then which is not really a nice way of obtaining data from a driver, is it? There must be a better, direct way of signaling the normal environment in a driver, but so far we havn't found anything. Any suggestions (, if possible with sample code)? Your advice will be very much appreciated. Thanks a lot. Tag: Ways to anlayze crash dump files Tag: 65363
  - 10
    - USB Communication I need to be able to talk to a device that is sending USB data. I also need to listen. What is the preferred method of doing so? Do I need to create a device driver or should I just use something that MS already has built in? We can assume that the OS is XP Pro. I am very familiar with writing C++ code but haven't needed to use C, and certainly have never needed to build a device driver, which seems awfully complicated as I read many of these posts regarding USB. If I do need to write a DD can anyone point me to a good "how-to book" or similar resource? TIA, Terry W. Tag: Ways to anlayze crash dump files Tag: 65361
  - 11
    - Missing VSS SDK files + GatherWriterMetadata problem The BETest example from the 7.1 VSS SDK requires some files that appear to be missing from the SDK, e.g. vs_assert.cpp, vs_assert.hxx, vs_trace.cpp, vs_trace.hxx, vs_hash.hxx, vs_hash.cpp and others. Also the include path in the "sources" file is incorrect and refers to a non-existent library: tracing.lib. Where can I find the missing files? I managed to compile the example without these files since they were either renamed version of files found in one of the example projects or slightly modified version of sample code available elsewhere on the web. However when I run the example on Windows XP I get the following error: Error in c:\winddk\3790.1830\src\vsssdk71\testapps\betest\main.cpp(2382): - Call pvbc->GatherWriterMetadata(&pAsync) not succeeded. Error code = 0x80042301. Error description = VSS_E_BAD_STATE This application has requested the Runtime to terminate it in an unusual way. Please contact the application's support team for more information. Can you tell me why GatherWriterMetadata might be failing? - the sample code seems to do everything right by the API docs. Thanks, Chris Tag: Ways to anlayze crash dump files Tag: 65360
  - 12
    - pre-newbie... install error Hi experts. I've just installed the DDK (WINXP_DDK.exe build 2600). All OK except for: Error installing cab: SDKINCS3 Error installing cab: SDKINCS2 Error installing cab: SDKINCS1 Now I don't even qualified as a newbie yet. So treat me gently please. Can anyone tell me what the problem is; should I worry about the errors; have I got the correct version of DDK for creating a intermediate device driver to run on XP and Win2K? Yes, I have done a google and a search through this group. No answers. Thanks for any replies. Ken. Tag: Ways to anlayze crash dump files Tag: 65358
  - 13
    - Print bitmaps from MSPaint Hi I am developing a virtual printer driver starting from the MSPLOT DDK sample. The driver uses a device managed surface and there are implemented DrvCopyBits, DrvBitBlt and also other painting hooks. When printing from MSPaint, DrvCopyBits is called, but the problem is that I receive very large bitmaps, even if the bitmap opened in MSPaint is small. For instance, in MSPaint I have a bitmap filled with one color and only one line drawn with another color. I would expect to receive in DrvCopyBits a source surface with a 4bpp bitmap, but I receive a 24bpp bitmap. You can see in this bitmap many other colors, like a translation between the two colors used in the MSPaint bitmap. Why is this happening? Here are some settings made in driver: - the dither format in the DEVINFO is set for BMF_24BPP, and the DrvDitherColor is not implemented. - the default pallete is created with EngCreatePalette(PAL_BGR, 0, 0, 0, 0, 0) - the halftone in the GDIINFO is set to HT_FORMAT_24BPP Are there any other settings that could generate this behavior? Thanks, Luminita Tag: Ways to anlayze crash dump files Tag: 65353
  - 14
    - How can I use Tdi in windows 98 scsi port driver ? I'm writing a scai port (*.mpd) driver for windows 98, It using tdi to connect the remote server with the tcp connection. they can transmit data to another, but after transmit some MB of data ,the computer with this driver hangs,or blue for bugchecks(report exception 10E ndis error ). Tag: Ways to anlayze crash dump files Tag: 65351
  - 15
    - ACPI.sys gets into endless loop reading temperature to appologize right away; i've started to write drivers w/ RT11, VMS etc, but then I got too old to do this stuff; now I find myself back in Win XP w/out clue... I found out: sytem proc [4] handle 64h jumps into acpi.sys+10b10h when my CPU P4 2.4 Ghz Northwood gets around 75C. Unfortunately it starts to consume continuously 50% of CPU power (Hyperthread active) and it does not go to sleep even if the temp. goes down. Amazingly, when I start e.g. Sandra or any other program which reads board and CPU temp, the system proc. goes back to eventually running 1-2% every now and then as before. I AM NOT TALKING ABOUT THE SYSTEM IDLE PROC. Award Bios 6 PG, EPOX Mob 4PDA2+, Win XP SR2 P4 2.4 Ghz Hyperth.active I assume there is an event telling that the CPU gets hot; ACPI gets involved and ACPI can than either not read the correct value from the BIOS or cannot find any release criteria to understand that the temp event has gone away. Could somebody illuminate my ignorance: which event triggers the system proc [4] handle 64h to run can somebody provide the sources of acpi.sys latest build where can I find documentation, how acpi gets motherboard values for temperature; I found a lot about power management, but not about temp. sorry to bother hk. Tag: Ways to anlayze crash dump files Tag: 65349
  - 16
    - Watermark in Postscript Driver Hi! I want to put watermark feature in Postcript driver using plug-ins. What I have done is writing the watermark text on Printer DC at Document event end page. This way it draws text but only problem is text is over the page and the data on page is hidden under watermark. Where as I want it to be meged with data on page so that both are visible.Basicaly Transparent text. I believe some ROP code may solve the problem but in case of PS no ROP code seems to work. The another way of writing watermark is the way given in DDK example using PDL but in that case how do I send font info when the selected font for watermark text is not device font. Thanks Naveen Tag: Ways to anlayze crash dump files Tag: 65337
  - 17
    - Get device object of the other driver Dear all, Here I have a problem. In my driver, I have the symbolic name of the other driver and I would like to pass IRP to that driver. But I don't know how to get that device object through the symbolic name. Is there any method to get the device object if I already have the symbolic name? Tag: Ways to anlayze crash dump files Tag: 65333
  - 18
    - Any advice appreciated for newbie building printer driver Hi, I'm a device driver newbie starting out on the road to what I hope would be a basic fax printer driver (a la WinFax or Ms Fax). As a first step, I'd like to build a print driver that prints to an image file (e.g. png or tiff). What resources would help me at least get this far?. Any sample source code for something similar? Book recommendations? Websites? <aside> PDFCreator claims to have a printer driver that prints to a PDF. Does anyone here know if this is a true Windows print driver or a GhostScript driver? </aside> Cheers, Kunle Tag: Ways to anlayze crash dump files Tag: 65329
  - 19
    - Overwriting Graphics-Output Hi guys! Could you please help me to overwrite parts of every frame thats been drawn to the screen in W2k / XP. Dont has to care about GDI / DX / OpenGL. Just some way thats able to finally draw to the entire screen after a frame has been finsihed. Whats the best solution to do so please? I first thought I could use the sample code of the screen-capture driver thats in the DDK, because its an event when a frame has been finished probably? That one I could use to draw to the screen when that event occurs. Thanks in advance!! Tag: Ways to anlayze crash dump files Tag: 65328
  - 20
    - IoInitializeTimer question Hello, I use IoTimer routines that are called once per second per device with IoInitializeTimer() How is the IoTimer routine synchorinized with device removal or system shutdown? Thanks, Nir Tag: Ways to anlayze crash dump files Tag: 65327
  - 21
    - Does BDA DVB-T minidriver have better performance than non-BDA one? Hi all, I've done some research about the BDA architecture. My purpose is to develope a DVB-T BDA driver. As I known, Microsoft constructs BDA architecture to optimize the performance. But I wonder if it could optimize the DVB-T performance based on the following reasons, 1. The transform filter is a user mode Mpeg2 decoder, so it can't reduce the system job to copy data from kernal mode to user mode. 2. It seems to be no BDA Mpeg2 decoder, so it can't do the way as BDA transform flter does. Is my understanding correct? Could anyone give me some explaination if any wrong in my above mention? Any reply will be deeply appreciated! Best Regards, Andreu Tag: Ways to anlayze crash dump files Tag: 65322
  - 22
    - DrvQueryFontTree fails with Splwow64.exe OS: Windows XP Professional x64 Version 2003 Service Pack 1 DDK: Windows DDK 3790.1830 Case: Printing from a 32-bit application DrvQueryFontTree returns a pointer to an FD_GLLYPHSET structure. After that ntdll.dll fails. Following is the call stack information: â??ntdll.dll!RtlCopyMemory () + 0xb0 bytesâ?? When the application that prints is a 64-bit application, there is no failure even though the content of â??FD_GLLYPHSETâ?? structure seems to be identical with the one from printing from 32-bit application. Tag: Ways to anlayze crash dump files Tag: 65315
  - 23
    - creating SVG print driver (new to driver dev) How to get font name,family,size,(other things i know from the GDI LOGFONT structure) from the ddi structures and functions? I am modifying the DDK sample oleps and writing to my svgfile in the various OEM entries in ddihook.cpp 2nd Question: what .lib to link to FONTOBJ_pxoGetXform and XFORMOBJ_iGetXform? Tag: Ways to anlayze crash dump files Tag: 65304
  - 24
    - NDIS 5.1 on Windows 2000 I have a problem with running my driver on some Windows 2000 systems. It uses NdisGetPoolFromPacket, that was introduced in NDIS 5.1. Windows shows blue screen when trying to load the driver. What update is required on Windows 2000 to support NDIS 5.1? ms Tag: Ways to anlayze crash dump files Tag: 65299
  - 25
    - custom miniport example I'm looking for an example of a custom MiniportCreate function. So far, the DDK examples all seem to use built-in miniports. Anybody know where a good example is? Tag: Ways to anlayze crash dump files Tag: 65281

When I get a BSOD, I use Visual SOFTICE and a Kernel memory dump to
try and trace the error.
If one of my driver's function is in the stack trace, I can goto its
source and try to find the error.

My problem starts when I don't see my driver in the stack trace, and
even when I disassemble "Parameter 4: Address of instruction
executing"
I can't see any of my driver's function.

Any way I can get more informant from the dump?
Does WinDbg can be more helpful in analyzing dump files ?
Any way to know if the win32 user mode app caused the crash? (Then I
need to use a complete memory dump?)
Any other tips on debugging BSODs?

Top

Re: Ways to anlayze crash dump files by Arkady

Arkady
Thu Jun 30 09:33:06 CDT 2005

Yes , look WinDbg's Open Crash Dump... option in menu but if it will be
helpful that's the question :)
Additionally look at
http://support.microsoft.com/default.aspx?scid=kb;EN-US;314084
but that never worked for me
Arkady
P.S. How analize BSOD itself look at
http://support.microsoft.com/default.aspx?scid=kb;en-us;130802 ( that for
STOP 0x0000000A e.g. )

"Omer" <Omerb99@gmail.com> wrote in message
news:1120136669.197796.68090@g44g2000cwa.googlegroups.com...
> When I get a BSOD, I use Visual SOFTICE and a Kernel memory dump to
> try and trace the error.
> If one of my driver's function is in the stack trace, I can goto its
> source and try to find the error.
>
> My problem starts when I don't see my driver in the stack trace, and
> even when I disassemble "Parameter 4: Address of instruction
> executing"
> I can't see any of my driver's function.
>
> Any way I can get more informant from the dump?
> Does WinDbg can be more helpful in analyzing dump files ?
> Any way to know if the win32 user mode app caused the crash? (Then I
> need to use a complete memory dump?)
> Any other tips on debugging BSODs?
>

Top