I have also been getting BSODs when using npf.sys. What I'm trying to figure out is
whether the behaviour of the driver and the sequence of steps that cause the BSOD are
related. Looking at the memory crash dump file( analyze -v in Windbg) the 'smoking
gun' pointed to npf.sys. The system crash happens when I have two Wireless Adapters(
Cisco350a, D-Link or something else) and attempt to disable one or both of them from
Device Manager. It might take a couple of cycles( diabling the adapter from Device
Manager, removing the NIC from it's slot then putting the NIC back in) to cause the
BSOD.
I guess my question is, if my application does not unbind from npf.sys before the NIC
is disabled, will this cause the blue screen? Also hat would happen if I call
PacketCloseAdapter and subsequently PacketRemoveAdapter on a NIC which has been
disabled from device manager? Below I have included a couple of routines which are
used in this context to open and close the adpater used by npf.sys to send packets.
Any input on this would be much appreciated!
-Areg Alimian
Following is the code snippet I use to Open a given Adapter using packet.dll.
if( m_hAdapterDevice == NULL )
{
if(!m_sRealName.IsEmpty())
{
lpAdapter = PacketOpenAdapter(realName);
if (!lpAdapter || (lpAdapter->hFile == INVALID_HANDLE_VALUE))
{ // Error Condition
dwErrorCode=GetLastError();
ErrorLog0(dwErrorCode);
m_DeviceCtxStatus = DEVICE_INIT;
m_hAdapterDevice = NULL;
return dwErrorCode;
}
else
{ // Successfully opened the adapter, return correct handles
m_DeviceCtxStatus = DEVICE_OPERATIONAL;
m_hAdapterDevice = lpAdapter;
nResult = AZ_SUCCESS;
}
}
else
{
m_DeviceCtxStatus = DEVICE_INIT;
m_hAdapterDevice = NULL;
nResult = AZ_ERROR_INVALID_PARAMETER;
ErrorLog0(nResult);
}
}
Following is the code snippet I use to Close a given Adapter and unload the npf driver
using packet.dll.
PacketCloseAdapter( m_hAdapterDevice );
m_DeviceCtxStatus = DEVICE_INIT;
m_hAdapterDevice = NULL;
if(PacketStopDriver())
return AZ_SUCCESS;
-----Original Message-----
From: Loris Degioanni [mailto:[EMAIL PROTECTED]
Sent: Fri 8/29/2003 9:53 AM
To: [EMAIL PROTECTED]
Cc:
Subject: Re: [WinPcap-users] npf.sys BSOD
The driver I sent you is the most recent version that we have on our CVS. It
fixes some bugs that were present in WinPcap version 3.0, among which:
- a wrong allocation of the packet filter memory that caused blue screens
with nmap to a couple of other users
- a synchronization issue in the buffered write functionality: in some cases
the 3.0 driver returns from a write before all the packets are sent. As a
result, if the application modifies or releases the packet buffer,
inconsistent packets are sent to the wire and blue screens can happen.
If you continue to use nmap, can you let me know the results (also if you
don't notice any BSOD) within some days from now? It would help me to
understand if these fixes solve your problem or if the driver needs further
debugging.
Loris
> "Loris Degioanni" <[EMAIL PROTECTED]> said:
>
> > Can you try the driver attached to this message and tell me if the bug
> > persists?
>
> I've tried it and ran nmap approx 10 times w/o any BSODs. But I'm
> not convinced it's stable. What exactly did you change?
>
> --gv
>
>
>
>
==================================================================
This is the WinPcap users list. It is archived at
http://www.mail-archive.com/[EMAIL PROTECTED]/
To unsubscribe use
mailto: [EMAIL PROTECTED]
==================================================================
��+"��^Z)�q�n���+-"جj�!���j�m�����
&j)Z��b��(��"��������"�����%��"���{.n�+����隊[h�)�q�n����z�p�z\j�h�+h���w+����r��������������������������������
