I have been tasked with quickly debugging a driver written in 2004 for Windows
XP. I just started the debug effort and don’t know much other than the bugcheck
data which is below. I am posting this in hopes that I will get some good ideas
to chase down. Our customer has written an application that will crash after
varying amounts of execution time. Thanks for all help in advance.
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
Use !analyze -v to get detailed debugging information.
BugCheck 19, {20, 891b14f0, 891b1538, 1a09000b}
Probably caused by : PCM_ADIO.sys ( PCM_ADIO!PCM_ADIODeviceIoControlDispatch+732
)
Followup: MachineOwner
nt!RtlpBreakWithStatusInstruction:
804e8a42 cc int 3
0: kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
BAD_POOL_HEADER (19)
The pool is already corrupt at the time of the current request.
This may or may not be due to the caller.
The internal pool links must be walked to figure out a possible cause of
the problem, and then special pool applied to the suspect tags or the driver
verifier to a suspect driver.
Arguments:
Arg1: 00000020, a pool block header size is corrupt.
Arg2: 891b14f0, The pool entry we were looking for within the page.
Arg3: 891b1538, The next pool entry.
Arg4: 1a09000b, (reserved)
Debugging Details:
BUGCHECK_STR: 0x19_20
POOL_ADDRESS: 891b14f0 Nonpaged pool
DEFAULT_BUCKET_ID: DRIVER_FAULT
PROCESS_NAME: MainAlogithmTes
IRP_ADDRESS: 89290008
DEVICE_OBJECT: 899cf030
DRIVER_OBJECT: 89a3dda0
IMAGE_NAME: PCM_ADIO.sys
DEBUG_FLR_IMAGE_TIMESTAMP: 50f73baf
MODULE_NAME: PCM_ADIO
FAULTING_MODULE: f76e7000 PCM_ADIO
LAST_CONTROL_TRANSFER: from 8053c58b to 804e8a42
STACK_TEXT:
a96ab5dc 8053c58b 00000003 a96ab938 00000000 nt!RtlpBreakWithStatusInstruction
a96ab628 8053d05e 00000003 89106cc0 891b14f0 nt!KiBugCheckDebugBreak+0x19
a96aba08 8053d672 00000019 00000020 891b14f0 nt!KeBugCheck2+0x574
a96aba28 80557fc5 00000019 00000020 891b14f0 nt!KeBugCheckEx+0x1b
a96aba78 804f8a8f 891b14f8 00000000 89290048 nt!ExFreePoolWithTag+0x2c1
a96abad0 804f8c25 89290048 a96abb1c a96abb10 nt!IopCompleteRequest+0xf4
a96abb20 80707ef2 00000000 00000000 a96abb38 nt!KiDeliverApc+0xb3
a96abb20 80707ae4 00000000 00000000 a96abb38 hal!HalpApcInterrupt+0xc6
a96abba8 804ebd2c 89290048 89290008 00000000 hal!KeReleaseQueuedSpinLock+0x3c
a96abbc8 804f8c3f 89290048 89106cc0 00000000 nt!KeInsertQueueApc+0x6d
a96abbfc f76e9af2 00000018 0000ffa9 00000000 nt!IopfCompleteRequest+0x1d8
a96abc40 804e73c9 899cf030 89290008 80707410
PCM_ADIO!PCM_ADIODeviceIoControlDispatch+0x732 [c:\windows
drivers\pcmadio\iorw.c @ 430]
a96abc50 805766e2 8929009c 89106cc0 89290008 nt!IopfCallDriver+0x31
a96abc64 805863d8 899cf030 89290008 89106cc0 nt!IopSynchronousServiceTail+0x70
a96abd00 8058e9d0 00000040 00000000 00000000 nt!IopXxxControlFile+0x5ef
a96abd34 804e398f 00000040 00000000 00000000 nt!NtDeviceIoControlFile+0x2a
a96abd34 7c90e4f4 00000040 00000000 00000000 nt!KiFastCallEntry+0xfc
00b5ff00 7c90d26c 7c801675 00000040 00000000 ntdll!KiFastSystemCallRet
00b5ff04 7c801675 00000040 00000000 00000000 ntdll!NtDeviceIoControlFile+0xc
00b5ff64 100026e7 00000040 80002018 00000000 kernel32!DeviceIoControl+0xdd
WARNING: Stack unwind information not available. Following frames may be wrong.
00b5ffb4 7c80b713 00000000 0012faf0 0012fae0 ADIO_LIB+0x26e7
00b5ffec 00000000 00401904 00000000 00000000 kernel32!BaseThreadStart+0x37
STACK_COMMAND: kb
FOLLOWUP_IP:
PCM_ADIO!PCM_ADIODeviceIoControlDispatch+732 [c:\windows drivers\pcmadio\iorw.c
@ 430]
f76e9af2 8b55f0 mov edx,dword ptr [ebp-10h]
FAULTING_SOURCE_CODE:
426: Irp->IoStatus.Information = x;
427: Irp->IoStatus.Status = status;
428: IoCompleteRequest (Irp, IO_NO_INCREMENT);
429:
430: PCM_ADIODecrementIoCount(&deviceExtension->IoLock);
431:
432: break;
433:
434: case IOCTL_WRITE_BLOCK_DATA:
435:
SYMBOL_STACK_INDEX: b
SYMBOL_NAME: PCM_ADIO!PCM_ADIODeviceIoControlDispatch+732
FOLLOWUP_NAME: MachineOwner
FAILURE_BUCKET_ID: 0x19_20_PCM_ADIO!PCM_ADIODeviceIoControlDispatch+732
BUCKET_ID: 0x19_20_PCM_ADIO!PCM_ADIODeviceIoControlDispatch+732