The scenario happens when i running my filter several times . When i connect 5 - 7 times it’s working fine . But after that the crash happens sometimes at the
sendbufferlistComplete () function in " Filter file " and some times in sendbufferlist () function in
“miniport” file .
FAULTING_SOURCE_CODE:
506: if((pNetBufferList != NULL)&&((pNetBufferList->SourceHandle ==
m_hFilter)) ) {
507:
508: PVOID pBuffer = NULL ;
509: ASSERT(*((PVOID*)NET_BUFFER_LIST_CONTEXT_DATA_START(pNetBufferList))
!= NULL);
510: pBuffer = *((PVOID*)
NET_BUFFER_LIST_CONTEXT_DATA_START(pNetBufferList));
511: PMDL pMdl =
NET_BUFFER_FIRST_MDL(NET_BUFFER_LIST_FIRST_NB(pNetBufferList));
512:
513: if(NULL != pMdl)
514: NdisFreeMdl(pMdl);
515:
and some times in :
FAULTING_SOURCE_CODE:
744: pNextNetBufferList = NET_BUFFER_LIST_NEXT_NBL(pNetBufferList);
745:
746: m_ul64XmitOk ++;
747:
748: NET_BUFFER_LIST_STATUS(pNetBufferList) = m_ulPausedState ?
NDIS_STATUS_PAUSED : NDIS_STATUS_SUCCESS;
749: NdisMSendNetBufferListsComplete(m_hAdapter, pNetBufferList,
SendFlags);
750:
751: pNetBufferList = pNextNetBufferList;
752: }
753:
my function as follows :
*********************************************************
Send buffer list function ()
*********************************************************
SendNetBufferLists(
IN PNET_BUFFER_LIST NetBufferLists,
IN NDIS_PORT_NUMBER PortNumber,
IN ULONG SendFlags)
{
PNET_BUFFER_LIST pSendNetBufferList = NULL;
PNET_BUFFER_LIST pSendNetBufferListComplete = NULL;
PNET_BUFFER_LIST pNetBufferList = NetBufferLists;
PNET_BUFFER_LIST pNextNetBufferList = NULL;
while (pNetBufferList) {
pNextNetBufferList = NET_BUFFER_LIST_NEXT_NBL(pNetBufferList);
NET_BUFFER_LIST_NEXT_NBL(pNetBufferList) = NULL;
if (pNetBufferList->ChildRefCount != 0) {
DbgPrintEx(DPFLTR_IHVNETWORK_ID, DPFLTR_ERROR_LEVEL, “!!!
[%p]SendNetBufferLists(): pNetBufferList->ChildRefCount != 0\n”, this);
}
PNET_BUFFER pNetBuffer =
NET_BUFFER_LIST_FIRST_NB(pNetBufferList);
PNET_BUFFER pNextNetBuffer = NULL;
while (pNetBuffer) {
pNextNetBuffer = NET_BUFFER_NEXT_NB(pNetBuffer);
u32_t nResult = OutgoingNetBufferInput(pNetBuffer);
PNET_BUFFER_LIST pNewNetBufferList =
NdisAllocateNetBufferAndNetBufferList(m_hNetBufferListPool, 0, 0, NULL, 0, 0);
if (pNewNetBufferList == NULL) {
pNetBuffer = pNextNetBuffer;
DbgPrintEx(DPFLTR_IHVNETWORK_ID, DPFLTR_WARNING_LEVEL, “!!! [%p]
CFilter::SendNetBufferLists(): NdisAllocateNetBufferAndNetBufferList():
failed\n”, this);
continue;
}
PNET_BUFFER pNewNetBuffer =
NET_BUFFER_LIST_FIRST_NB(pNewNetBufferList);
NET_BUFFER_FIRST_MDL(pNewNetBuffer) = NET_BUFFER_FIRST_MDL(pNetBuffer);
NET_BUFFER_DATA_LENGTH(pNewNetBuffer) = NET_BUFFER_DATA_LENGTH(pNetBuffer);
NET_BUFFER_DATA_OFFSET(pNewNetBuffer) = NET_BUFFER_DATA_OFFSET(pNetBuffer);
NET_BUFFER_CURRENT_MDL(pNewNetBuffer) = NET_BUFFER_CURRENT_MDL(pNetBuffer);
NET_BUFFER_CURRENT_MDL_OFFSET(pNewNetBuffer) =
NET_BUFFER_CURRENT_MDL_OFFSET(pNetBuffer);
NDIS_SET_NET_BUFFER_LIST_CANCEL_ID(pNewNetBufferList,
NDIS_GET_NET_BUFFER_LIST_CANCEL_ID(pNetBufferList));
NdisCopySendNetBufferListInfo(pNewNetBufferList, pNetBufferList);
pNewNetBufferList->SourceHandle = m_hFilter;
pNewNetBufferList->ParentNetBufferList = pNetBufferList;
pNetBufferList->ChildRefCount ++;
NdisInterlockedIncrement(&m_nSendNetBufferListCount);
if (pSendNetBufferList != NULL) {
PNET_BUFFER_LIST pCurrentNetBufferList = pSendNetBufferList;
while (NET_BUFFER_LIST_NEXT_NBL(pCurrentNetBufferList) != NULL) {
pCurrentNetBufferList = NET_BUFFER_LIST_NEXT_NBL(pCurrentNetBufferList);
}
NET_BUFFER_LIST_NEXT_NBL(pCurrentNetBufferList) = pNewNetBufferList;
} else {
pSendNetBufferList = pNewNetBufferList;
}
pNetBuffer = pNextNetBuffer;
}
if (pNetBufferList->ChildRefCount == 0) {
NET_BUFFER_LIST_STATUS(pNetBufferList) = NDIS_STATUS_SUCCESS;
if (pSendNetBufferListComplete != NULL) {
PNET_BUFFER_LIST pCurrentNetBufferList =
pSendNetBufferListComplete;
while
(NET_BUFFER_LIST_NEXT_NBL(pCurrentNetBufferList) != NULL) {
pCurrentNetBufferList = NET_BUFFER_LIST_NEXT_NBL(pCurrentNetBufferList);
}
NET_BUFFER_LIST_NEXT_NBL(pCurrentNetBufferList) = pNetBufferList;
} else {
pSendNetBufferListComplete = pNetBufferList;
}
}
pNetBufferList = pNextNetBufferList;
}
if (pSendNetBufferList != NULL) {
NdisFSendNetBufferLists(m_hFilter, pSendNetBufferList, PortNumber, SendFlags);
}
if (pSendNetBufferListComplete != NULL) {
NdisFSendNetBufferListsComplete(m_hFilter, pSendNetBufferListComplete,
SendFlags & NDIS_SEND_FLAGS_DISPATCH_LEVEL ?
NDIS_SEND_COMPLETE_FLAGS_DISPATCH_LEVEL : 0);
}
}
**********************************************************
and the SendBufferListComplete function :
*************************************************************
SendNetBufferListsComplete(
IN PNET_BUFFER_LIST NetBufferLists,
IN ULONG SendCompleteFlags )
{
PNET_BUFFER_LIST pNetBufferList = NULL ;
pNetBufferList = NetBufferLists;
PNET_BUFFER_LIST pNextNetBufferList = NULL;
while ( NULL != pNetBufferList) {
pNextNetBufferList = NET_BUFFER_LIST_NEXT_NBL(pNetBufferList);
NET_BUFFER_LIST_NEXT_NBL(pNetBufferList) = NULL;
PNET_BUFFER_LIST pParentNetBufferList = pNetBufferList->ParentNetBufferList;
if (pParentNetBufferList != NULL) {
NDIS_STATUS status =
NET_BUFFER_LIST_STATUS(pNetBufferList);
if(NULL != pNetBufferList)
NdisFreeNetBufferList(pNetBufferList);
if (NdisInterlockedDecrement(&pParentNetBufferList->ChildRefCount) == 0)
{
NET_BUFFER_LIST_STATUS(pParentNetBufferList) = status;
NdisFSendNetBufferListsComplete(m_hFilter, pParentNetBufferList,
SendCompleteFlags);
}
} else {
if((pNetBufferList !=
NULL)&&((pNetBufferList->SourceHandle == m_hFilter)) ) {
PVOID pBuffer = NULL ;
ASSERT(*((PVOID*)NET_BUFFER_LIST_CONTEXT_DATA_START(pNetBufferList)) !=
NULL);
pBuffer = *((PVOID*) NET_BUFFER_LIST_CONTEXT_DATA_START(pNetBufferList));
PMDL pMdl =
NET_BUFFER_FIRST_MDL(NET_BUFFER_LIST_FIRST_NB(pNetBufferList));
if(NULL != pMdl)
NdisFreeMdl(pMdl);
if(NULL != pBuffer)
delete (UCHAR*) pBuffer;
if(NULL != pNetBufferList)
NdisFreeNetBufferList(pNetBufferList);
}
else
{
NdisFSendNetBufferListsComplete(m_hFilter, pNetBufferList,
SendCompleteFlags);
}
NdisInterlockedDecrement(&m_nSendNetBufferListCount);
pNetBufferList = NULL ;
pNetBufferList = pNextNetBufferList;
}
}
**************************************************************
and in packetoutput () function :
*************************************************
u32_t CFilter::PacketOutput(
IN u8_t* pBuffer,
IN u32_t nLength
) {
UCHAR* pPacket = new UCHAR[nLength];
NdisMoveMemory(pPacket, pBuffer, nLength);
PMDL pMdl = NdisAllocateMdl(m_hFilter, pPacket, nLength);
if (pMdl == NULL) {
delete pPacket;
DbgPrintEx(DPFLTR_IHVNETWORK_ID, DPFLTR_WARNING_LEVEL, “!!! [%p]
CFilter::PacketOutput(): NdisAllocateMdl(): failed\n”, this);
goto cfpoExit;
}
PNET_BUFFER_LIST pNetBufferList =
NdisAllocateNetBufferAndNetBufferList(m_hNetBufferListPool, sizeof(PVOID), 0,
pMdl, 0, nLength);
if (pNetBufferList != NULL) {
*((PVOID*) NET_BUFFER_LIST_CONTEXT_DATA_START(pNetBufferList)) = pPacket;
NdisInterlockedIncrement(&m_nSendNetBufferListCount);
NdisFSendNetBufferLists(m_hFilter, pNetBufferList, 0, 0);
} else {
NdisFreeMdl(pMdl);
delete pPacket;
DbgPrintEx(DPFLTR_IHVNETWORK_ID, DPFLTR_WARNING_LEVEL, “!!! [%p]
CFilter::PacketOutput(): NdisAllocateNetBufferAndNetBufferList(): failed\n”,
this);
goto cfpoExit;
}
}
****************************************
and in pause function :
***************************************************************
NDIS_STATUS CFilter::Pause(
IN PNDIS_FILTER_PAUSE_PARAMETERS FilterPauseParameters
) {
DbgPrintEx(DPFLTR_IHVNETWORK_ID, DPFLTR_TRACE_LEVEL, “>>> [%p] CFilter::Pause():\n”, this);
switch (FilterPauseParameters->PauseReason) {
case NDIS_PAUSE_NDIS_INTERNAL:
DbgPrintEx(DPFLTR_IHVNETWORK_ID, DPFLTR_TRACE_LEVEL, “*** [%p] CFilter::Pause(): NDIS_PAUSE_NDIS_INTERNAL\n”, this);
break;
case NDIS_PAUSE_LOW_POWER:
DbgPrintEx(DPFLTR_IHVNETWORK_ID, DPFLTR_TRACE_LEVEL, “*** [%p] CFilter::Pause(): NDIS_PAUSE_LOW_POWER\n”, this);
break;
case NDIS_PAUSE_BIND_PROTOCOL:
DbgPrintEx(DPFLTR_IHVNETWORK_ID, DPFLTR_TRACE_LEVEL, “*** [%p] CFilter::Pause(): NDIS_PAUSE_BIND_PROTOCOL\n”, this);
break;
case NDIS_PAUSE_UNBIND_PROTOCOL:
DbgPrintEx(DPFLTR_IHVNETWORK_ID, DPFLTR_TRACE_LEVEL, “*** [%p] CFilter::Pause(): NDIS_PAUSE_UNBIND_PROTOCOL\n”, this);
break;
case NDIS_PAUSE_ATTACH_FILTER:
DbgPrintEx(DPFLTR_IHVNETWORK_ID, DPFLTR_TRACE_LEVEL, “*** [%p] CFilter::Pause(): NDIS_PAUSE_ATTACH_FILTER\n”, this);
break;
case NDIS_PAUSE_DETACH_FILTER:
DbgPrintEx(DPFLTR_IHVNETWORK_ID, DPFLTR_TRACE_LEVEL, “*** [%p] CFilter::Pause(): NDIS_PAUSE_DETACH_FILTER\n”, this);
break;
case NDIS_PAUSE_FILTER_RESTART_STACK:
DbgPrintEx(DPFLTR_IHVNETWORK_ID, DPFLTR_TRACE_LEVEL, “*** [%p] CFilter::Pause(): NDIS_PAUSE_FILTER_RESTART_STACK\n”, this);
break;
case NDIS_PAUSE_MINIPORT_DEVICE_REMOVE:
DbgPrintEx(DPFLTR_IHVNETWORK_ID, DPFLTR_TRACE_LEVEL, “*** [%p] CFilter::Pause(): NDIS_PAUSE_MINIPORT_DEVICE_REMOVE\n”, this);
break;
default:
DbgPrintEx(DPFLTR_IHVNETWORK_ID, DPFLTR_TRACE_LEVEL, “*** [%p] CFilter::Pause(): %d\n”, this, FilterPauseParameters->PauseReason);
break;
}
NDIS_STATUS status = NDIS_STATUS_SUCCESS;
m_fPaused = true;
ULONG nCnt = 0;
while (InterlockedExchange(&m_nSendNetBufferListCount, m_nSendNetBufferListCount) != 0) {
NdisMSleep(250000);
nCnt ++;
if (nCnt == 4) {
nCnt = 0;
#if defined(DbgPrintExOld)
DbgPrintExOld(DPFLTR_IHVNETWORK_ID, DPFLTR_WARNING_LEVEL, “!!! [%p] CFilter::Pause(): waiting for m_nSendNetBufferListCount %d\n”, this, m_nSendNetBufferListCount);
#else
DbgPrintEx(DPFLTR_IHVNETWORK_ID, DPFLTR_WARNING_LEVEL, “!!! [%p] CFilter::Pause(): waiting for m_nSendNetBufferListCount %d\n”, this, m_nSendNetBufferListCount);
#endif /* DbgPrintExOld */
}
}
nCnt = 0;
while (InterlockedExchange(&m_nReceiveNetBufferListCount, m_nReceiveNetBufferListCount) != 0) {
NdisMSleep(250000);
nCnt ++;
if (nCnt == 4) {
nCnt = 0;
#if defined(DbgPrintExOld)
DbgPrintExOld(DPFLTR_IHVNETWORK_ID, DPFLTR_WARNING_LEVEL, “!!! [%p] CFilter::Pause(): waiting for m_nReceiveNetBufferListCount %d\n”, this, m_nReceiveNetBufferListCount);
#else
DbgPrintEx(DPFLTR_IHVNETWORK_ID, DPFLTR_WARNING_LEVEL, “!!! [%p] CFilter::Pause(): waiting for m_nReceiveNetBufferListCount %d\n”, this, m_nReceiveNetBufferListCount);
#endif /* DbgPrintExOld */
}
}
DbgPrintEx(DPFLTR_IHVNETWORK_ID, DPFLTR_TRACE_LEVEL, “<<< [%p] CFilter::Pause(): exited, status %08X\n”, this, status);
return status;
}