Hi,
I'm using an application to send arps to look for
particular devices connected to installed adapters. I apply a filter so that
only ARP packets are recieved. Under windows XP, I have experience spontanious
reboots (blue screen with PAGE_FAULT_IN_NONPAGED_AREA). It doesn't happen
frequently, about 4 times over 5 days recently. From my understanding,
these filters are applied at the NPF level, and not passed down to the actual
NIC driver, so the NIC drivers we have been testing on shouldn't be in
question. After looking at the minidumps, it appears that the fault is
happening at line 690 of Packet.c, which is:
if
(((struct bpf_insn*)prog)[cnt].code==BPF_SEPARATION && (insns-cnt-1)!=0)In user land, there is nothing to suggest the dynamically allocated memory for the bpf_insn struct (happening at icode_to_fcode in optimize.c) has been freed before sending DeviceIoControl, or that the malloc failed. From what I know about whats happening with the IO, the user virtual memory is mapped to the system buffer in the non-paged pool (I could be wrong here). The only explaination I see is that the SystemBuffer, which exists in the non-paged pool, has somehow become bogus, and when the above line of code is executed, we get the crash.
Has anyone experienced this behavior before, or know of any related bugs? I'm basically left clueless as to why this is happening!
Kind Regards,
Daniel
