Dear All,
I’m writing a file system driver. I’m getting a crash when i’m calling Cccopywrite. Here is the Crash dump file.
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
IRQL_NOT_LESS_OR_EQUAL (a)
An attempt was made to access a pagable (or completely invalid) address at an
interrupt request level (IRQL) that is too high. This is usually
caused by drivers using improper addresses.
If a kernel debugger is available get the stack backtrace.
Arguments:
Arg1: 00000000, memory referenced
Arg2: 00000002, IRQL
Arg3: 00000001, value 0 = read operation, 1 = write operation
Arg4: 804e225b, address which referenced memory
Debugging Details:
WRITE_ADDRESS: 00000000
CURRENT_IRQL: 2
FAULTING_IP:
nt!CcSetDirtyInMask+fa
804e225b f3a5 rep movsd
DEFAULT_BUCKET_ID: DRIVER_FAULT
BUGCHECK_STR: 0xA_W
TRAP_FRAME: f38029cc – (.trap fffffffff38029cc)
ErrCode = 00000002
eax=00000000 ebx=ffb5e6c0 ecx=00000010 edx=f3802a4c esi=ffb5e700 edi=00000000
eip=804e225b esp=f3802a40 ebp=f3802a6c iopl=0 nv up ei pl nz na po nc
cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00010206
nt!CcSetDirtyInMask+fa:
804e225b f3a5 rep movsd ds:ffb5e700=00ffc000 es:00000000=???
Resetting default context
LAST_CONTROL_TRANSFER: from 804fcfcf to 804e225b
STACK_TEXT:
f3802a6c 804fcfcf ffb67978 f3802a88 00001000 nt!CcSetDirtyInMask+0xfa
f3802a90 804e4b69 ffb67978 80f2bb70 00000200 nt!CcFreeActiveVacb+0x87
f3802b14 f3f08d8f 80e3b048 f3802c1c 00000040 nt!CcCopyWrite+0x1d5
f38039d4 f3eefec9 81612fc8 81d3ee48 000084a1 Packudf!CdUpdateAndInitializeFcbWithCache+0x232 [c:\winddk\2600\src\gsl\strucsup.c @ 1659]
f38049d4 f3eaa5c3 81612fc8 833b2e90 80d90ce8 Packudf!CdCommonCreate+0x135b [c:\winddk\2600\src\gsl\create.c @ 1542]
f3804a3c 804eea36 80d90ce8 833b2e90 806cb1a8 Packudf!CdFsdDispatch+0x18f [c:\winddk\2600\src\gsl\cddata.c @ 329]
f3804a4c 80649111 833b2ea0 833b2e90 80de4220 nt!IopfCallDriver+0x31
f3804a70 80584ebb ffbab018 80e6732c f3804c18 nt!IovCallDriver+0x9e
f3804b54 805816f0 ffbab030 00000000 80e67288 nt!IopParseDevice+0xa4d
f3804bd8 80583aba 00000000 f3804c18 00000040 nt!ObpLookupObjectName+0x56a
f3804c2c 80585172 00000000 00000000 ffffff01 nt!ObOpenObjectByName+0xe9
f3804ca8 8058524e 034de820 40110080 034de548 nt!IopCreateFile+0x407
f3804cf0 8058d1f0 034de820 40110080 034de548 nt!IoCreateFile+0x36
f3804d30 804dc140 034de820 40110080 034de548 nt!NtCreateFile+0x2e
f3804d30 7ffe0304 034de820 40110080 034de548 nt!KiSystemService+0xc4
034de16c 77f7596a 77e30be5 034de820 40110080 SharedUserData!SystemCallStub+0x4
034de170 77e30be5 034de820 40110080 034de548 ntdll!NtCreateFile+0xc
034de83c 77e302b6 02babc84 00000614 80000000 kernel32!BaseCopyStream+0x615
034dec2c 77e30393 02babc84 02babe8c 7741ea44 kernel32!BasepCopyFileExW+0x4c6
034dec88 7741e7af 02babc84 02babe8c 7741ea44 kernel32!CopyFileExW+0x39
034deed0 7741e697 02babb90 02babc84 02babe8c SHELL32!FileCopy+0x11a
034df108 7741e670 02babb90 02babc84 02babe8c SHELL32!DoFile_Copy+0x22
034df83c 7741dd37 00000000 00000000 00107fa0 SHELL32!MoveCopyDriver+0x3d2
034df880 774a470e 00000000 00107fa0 00000000 SHELL32!SHFileOperationW+0x179
034dfce4 774a49a1 02c9a8dc 02c9444c 03c50020 SHELL32!CFSDropTarget::_MoveCopy+0x183
034dff34 774a4a32 02c9a8dc 02c9444c 00000000 SHELL32!CFSDropTarget::_DoDrop+0x210
034dff50 7728df5f 02c9444c 000a5150 003bb468 SHELL32!CFSDropTarget::_DoDropThreadProc+0x44
034dffb4 77e3d33b 00000000 000a5150 003bb468 SHLWAPI!WrapperThreadProc+0x92
034dffec 00000000 7728def2 02fcf118 00000000 kernel32!BaseThreadStart+0x37
FOLLOWUP_IP:
Packudf!CdUpdateAndInitializeFcbWithCache+232
f3f08d8f 0fb6d0 movzx edx,al
FOLLOWUP_NAME: MachineOwner
SYMBOL_NAME: Packudf!CdUpdateAndInitializeFcbWithCache+232
MODULE_NAME: Packudf
IMAGE_NAME: Packudf.sys
DEBUG_FLR_IMAGE_TIMESTAMP: 3f255eb5
STACK_COMMAND: .trap fffffffff38029cc ; kb
BUCKET_ID: 0xA_W_Packudf!CdUpdateAndInitializeFcbWithCache+232
Followup: MachineOwner
Can you please guide me as what’s happening here? What could be the cause…
Thanks in advance.
Sridhar D