DRIVER_VERIFIER_IOMANAGER_VIOLATION (c9) - 23b

NTDEV
1

Hi

I am debugging an issue where pool corruption is happenning and IRP is getting corrupted. I enabled driver verifier (special pool option) and now I get a bugcheck with following details :

0: kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************

DRIVER_VERIFIER_IOMANAGER_VIOLATION (c9)
The IO manager has caught a misbehaving driver.
Arguments:
Arg1: 0000023b, The caller has changed the status field of an IRP it does not understand.
Arg2: b6ca7322, The address in the driver’s code where the error was detected.
Arg3: 98ba4f20, IRP address.
Arg4: 00000000

Debugging Details:

ERROR_CODE: (NTSTATUS) 0xc9 - The operating system cannot run %1.

EXCEPTION_CODE: (Win32) 0xc9 (201) - The operating system cannot run %1.

EXCEPTION_PARAMETER1: 0000023b

EXCEPTION_PARAMETER2: b6ca7322

EXCEPTION_PARAMETER3: 98ba4f20

EXCEPTION_PARAMETER4: 0

BUGCHECK_STR: 0xc9_23b

DRIVER_VERIFIER_IO_VIOLATION_TYPE: 23b

FAULTING_IP:
STREAM!StreamClassPnP+0
b6ca7322 8bff mov edi,edi

FOLLOWUP_IP:
STREAM!StreamClassPnP+0
b6ca7322 8bff mov edi,edi

IRP_ADDRESS: 98ba4f20

DEVICE_OBJECT: 891439e0

DRIVER_OBJECT: 89813270

IMAGE_NAME: myusbb.sys

DEBUG_FLR_IMAGE_TIMESTAMP: 4c2cf4f4

MODULE_NAME: myusbb

FAULTING_MODULE: b92ee000 myusbb

DEFAULT_BUCKET_ID: DRIVER_FAULT

PROCESS_NAME: System

LOCK_ADDRESS: 80562560 – (!locks 80562560)

Resource @ nt!IopDeviceTreeLock (0x80562560) Shared 1 owning threads
Threads: 89b92020-01<*>
1 total locks, 1 locks currently held

PNP_TRIAGE:
Lock address : 0x80562560
Thread Count : 1
Thread address: 0x89b92020
Thread wait : 0x9f4d

LAST_CONTROL_TRANSFER: from 8067f258 to 8053869a

STACK_TEXT:
f78ce24c 8067f258 0000004c 000000c9 f78ce26c nt!KeBugCheckEx+0x1b
f78ce3d4 8067fa24 f78ce6af 806ab090 00040000 nt!ViBugcheckHalt+0xc3
f78ce678 8067fb10 806af630 0000023b f78ce6a4 nt!VfBugcheckThrowException+0xa1
f78ce768 806805b0 0000023b 00000009 b6ca7322 nt!VfBugcheckThrowIoException+0xb5
f78ce798 8067ebd4 883f4120 b6ca7322 00000000 nt!VfGenericVerifyIrpStackUpward+0x79
f78ce7bc 80682c8f 883f4120 00000000 883eb201 nt!VfMajorVerifyIrpStackUpward+0x5e
f78ce7fc 80675328 98ba4fdb 98ba4f20 00000000 nt!IovpCompleteRequest2+0xb4
f78ce814 804e2911 00000000 98ba4f20 f78ce878 nt!IovpLocalCompletionRoutine+0x63
f78ce844 80675849 883fe948 00000000 00000000 nt!IopfCompleteRequest+0xa2
f78ce8b0 b6ca05e7 c00000bb 883fe948 f78ce8e0 nt!IovCompleteRequest+0x9a
f78ce8c0 b6ca630e 98ba4f20 00000000 883fe948 STREAM!SCCompleteIrp+0x29
f78ce8e0 b6ca5b2d 98ba4f20 883fe948 98ba4fd8 STREAM!SCUnknownPNPCallback+0x52
f78ce8fc b6ca5ffa 0000010a 00000000 00000000 STREAM!SCSubmitRequest+0xc7
f78ce930 b6ca76de 98ba4f20 883fe948 b6ca62bc STREAM!SCSendUnknownCommand+0x32
f78ce998 804e23eb 883fe890 98ba4f20 80702428 STREAM!StreamClassPnP+0x3bc
f78ce9a8 80675145 98ba4ffc f78cea60 98ba4f20 nt!IopfCallDriver+0x31
f78ce9cc 8067c9d6 00000001 c00000bb 00000000 nt!IovCallDriver+0xa0
f78ce9f0 80681304 883fe890 f78cea3c 00000001 nt!VfIrpSendSynchronousIrp+0xab
f78cea64 8067ee4d 00000000 885b7560 80506cde nt!VfPnpTestStartedPdoStack+0x43
f78cea70 80506cde 890d2b20 00000001 885b7560 nt!VfMajorTestStartedPdoStack+0x32
f78ceacc 805a6b4d 885b7560 890d2b20 8996b4c8 nt!PipProcessStartPhase3+0x2e2
f78ced20 805a3251 8996b4c8 00000001 00000000 nt!PipProcessDevNodeTree+0x1f7
f78ced54 80506f7e 00000003 805625c0 8056b5fc nt!PiProcessReenumeration+0x60
f78ced7c 804e33d5 00000000 00000000 89b92020 nt!PipDeviceActionWorker+0x170
f78cedac 80577316 00000000 00000000 00000000 nt!ExpWorkerThread+0xef
f78ceddc 804ed6f9 804e3311 00000001 00000000 nt!PspSystemThreadStartup+0x34
00000000 00000000 00000000 00000000 00000000 nt!KiThreadStartup+0x16

When I dumped the IRP following are the details : I am not able to conclude if this bugcheck is related to my original issue(pool corruption) . Any pointers would be greatly appreciated.

0: kd> !irp 98ba4f20 f
Irp is active with 3 stacks 4 is current (= 0x98ba4ffc)
No Mdl: No System Buffer: Thread 00000000: Irp is completed.
Flags = 40000000
ThreadListEntry.Flink = 98ba4f30
ThreadListEntry.Blink = 98ba4f30
IoStatus.Status = 00000000
IoStatus.Information = 00000000
RequestorMode = 00000000
Cancel = 00
CancelIrql = 0
ApcEnvironment = 00
UserIosb = 00000000
UserEvent = 00000000
Overlay.AsynchronousParameters.UserApcRoutine = 00000000
Overlay.AsynchronousParameters.UserApcContext = 00000000
Overlay.AllocationSize = 00000000 - 00000000
CancelRoutine = 00000000
UserBuffer = 00000000
&Tail.Overlay.DeviceQueueEntry = 98ba4f60
Tail.Overlay.Thread = 00000000
Tail.Overlay.AuxiliaryBuffer = 00000000
Tail.Overlay.ListEntry.Flink = 00000000
Tail.Overlay.ListEntry.Blink = 00000000
Tail.Overlay.CurrentStackLocation = 98ba4ffc
Tail.Overlay.OriginalFileObject = 00000000
Tail.Apc = 9b5c8f18
Tail.CompletionKey = 9b5c8f18
cmd flg cl Device File Completion-Context
[0, 0] 0 10 00000000 00000000 00000000-00000000

Args: 00000000 00000000 00000000 00000000
[1b, 0] 0 10 891439e0 00000000 b6ca2180-f78ce8b4
\Driver\myusbb STREAM!SCSynchCompletionRoutine
Args: 00000000 00000000 00000000 00000000
[1b,ff] 0 e0 883fe890 00000000 8067c723-f78ce9e0 Success Error Cancel
\Driver\SNPSTD3 nt!ViIrpSynchronousCompletionRoutine
Args: 00000000 00000000 00000000 00000000

Regards

Manish

2

Irp.IoStatus.Status is the “Status” field of the IRP that your driver
changed for a PNP IRP it did not understand. So don’t do that. Your code for
SCUnknownPNPCallback is wrong. Just pass the request down the stack
(assuming you are a function or filter driver) and return the status of
IoCallDriver.

Mark Roddy

On Wed, Sep 29, 2010 at 7:02 AM, Manish Jawa wrote:

> Hi
>
>
> I am debugging an issue where pool corruption is happenning and IRP is
> getting corrupted. I enabled driver verifier (special pool option) and now I
> get a bugcheck with following details :
>
>
>
> 0: kd> !analyze -v
>
> ****
>
>
> * Bugcheck
> Analysis
>
>
>
>
> DRIVER_VERIFIER_IOMANAGER_VIOLATION (c9)
> The IO manager has caught a misbehaving driver.
> Arguments:
> Arg1: 0000023b, The caller has changed the status field of an IRP it does
> not understand.
> Arg2: b6ca7322, The address in the driver’s code where the error was
> detected.
> Arg3: 98ba4f20, IRP address.
> Arg4: 00000000
> Debugging Details:
> ------------------
> ERROR_CODE: (NTSTATUS) 0xc9 - The operating system cannot run %1.
> EXCEPTION_CODE: (Win32) 0xc9 (201) - The operating system cannot run %1.
> EXCEPTION_PARAMETER1: 0000023b
> EXCEPTION_PARAMETER2: b6ca7322
> EXCEPTION_PARAMETER3: 98ba4f20
> EXCEPTION_PARAMETER4: 0
> BUGCHECK_STR: 0xc9_23b
> DRIVER_VERIFIER_IO_VIOLATION_TYPE: 23b
> FAULTING_IP:
> STREAM!StreamClassPnP+0
> b6ca7322 8bff mov edi,edi
> FOLLOWUP_IP:
> STREAM!StreamClassPnP+0
> b6ca7322 8bff mov edi,edi
> IRP_ADDRESS: 98ba4f20
> DEVICE_OBJECT: 891439e0
> DRIVER_OBJECT: 89813270
> IMAGE_NAME: myusbb.sys
> DEBUG_FLR_IMAGE_TIMESTAMP: 4c2cf4f4
> MODULE_NAME: myusbb
> FAULTING_MODULE: b92ee000 myusbb
> DEFAULT_BUCKET_ID: DRIVER_FAULT
> PROCESS_NAME: System
> LOCK_ADDRESS: 80562560 – (!locks 80562560)
> Resource @ nt!IopDeviceTreeLock (0x80562560) Shared 1 owning threads
> Threads: 89b92020-01<>
> 1 total locks, 1 locks currently held
> PNP_TRIAGE:
> Lock address : 0x80562560
> Thread Count : 1
> Thread address: 0x89b92020
> Thread wait : 0x9f4d
> LAST_CONTROL_TRANSFER: from 8067f258 to 8053869a
> STACK_TEXT:
> f78ce24c 8067f258 0000004c 000000c9 f78ce26c nt!KeBugCheckEx+0x1b
> f78ce3d4 8067fa24 f78ce6af 806ab090 00040000 nt!ViBugcheckHalt+0xc3
> f78ce678 8067fb10 806af630 0000023b f78ce6a4
> nt!VfBugcheckThrowException+0xa1
> f78ce768 806805b0 0000023b 00000009 b6ca7322
> nt!VfBugcheckThrowIoException+0xb5
> f78ce798 8067ebd4 883f4120 b6ca7322 00000000
> nt!VfGenericVerifyIrpStackUpward+0x79
> f78ce7bc 80682c8f 883f4120 00000000 883eb201
> nt!VfMajorVerifyIrpStackUpward+0x5e
> f78ce7fc 80675328 98ba4fdb 98ba4f20 00000000 nt!IovpCompleteRequest2+0xb4
> f78ce814 804e2911 00000000 98ba4f20 f78ce878
> nt!IovpLocalCompletionRoutine+0x63
> f78ce844 80675849 883fe948 00000000 00000000 nt!IopfCompleteRequest+0xa2
> f78ce8b0 b6ca05e7 c00000bb 883fe948 f78ce8e0 nt!IovCompleteRequest+0x9a
> f78ce8c0 b6ca630e 98ba4f20 00000000 883fe948 STREAM!SCCompleteIrp+0x29
> f78ce8e0 b6ca5b2d 98ba4f20 883fe948 98ba4fd8
> STREAM!SCUnknownPNPCallback+0x52
> f78ce8fc b6ca5ffa 0000010a 00000000 00000000 STREAM!SCSubmitRequest+0xc7
> f78ce930 b6ca76de 98ba4f20 883fe948 b6ca62bc
> STREAM!SCSendUnknownCommand+0x32
> f78ce998 804e23eb 883fe890 98ba4f20 80702428 STREAM!StreamClassPnP+0x3bc
> f78ce9a8 80675145 98ba4ffc f78cea60 98ba4f20 nt!IopfCallDriver+0x31
> f78ce9cc 8067c9d6 00000001 c00000bb 00000000 nt!IovCallDriver+0xa0
> f78ce9f0 80681304 883fe890 f78cea3c 00000001
> nt!VfIrpSendSynchronousIrp+0xab
> f78cea64 8067ee4d 00000000 885b7560 80506cde
> nt!VfPnpTestStartedPdoStack+0x43
> f78cea70 80506cde 890d2b20 00000001 885b7560
> nt!VfMajorTestStartedPdoStack+0x32
> f78ceacc 805a6b4d 885b7560 890d2b20 8996b4c8 nt!PipProcessStartPhase3+0x2e2
> f78ced20 805a3251 8996b4c8 00000001 00000000 nt!PipProcessDevNodeTree+0x1f7
> f78ced54 80506f7e 00000003 805625c0 8056b5fc nt!PiProcessReenumeration+0x60
> f78ced7c 804e33d5 00000000 00000000 89b92020 nt!PipDeviceActionWorker+0x170
> f78cedac 80577316 00000000 00000000 00000000 nt!ExpWorkerThread+0xef
> f78ceddc 804ed6f9 804e3311 00000001 00000000 nt!PspSystemThreadStartup+0x34
> 00000000 00000000 00000000 00000000 00000000 nt!KiThreadStartup+0x16
>
> When I dumped the IRP following are the details : I am not able to conclude
> if this bugcheck is related to my original issue(pool corruption) . Any
> pointers would be greatly appreciated.
> 0: kd> !irp 98ba4f20 f
> Irp is active with 3 stacks 4 is current (= 0x98ba4ffc)
> No Mdl: No System Buffer: Thread 00000000: Irp is completed.
> Flags = 40000000
> ThreadListEntry.Flink = 98ba4f30
> ThreadListEntry.Blink = 98ba4f30
> IoStatus.Status = 00000000
> IoStatus.Information = 00000000
> RequestorMode = 00000000
> Cancel = 00
> CancelIrql = 0
> ApcEnvironment = 00
> UserIosb = 00000000
> UserEvent = 00000000
> Overlay.AsynchronousParameters.UserApcRoutine = 00000000
> Overlay.AsynchronousParameters.UserApcContext = 00000000
> Overlay.AllocationSize = 00000000 - 00000000
> CancelRoutine = 00000000
> UserBuffer = 00000000
> &Tail.Overlay.DeviceQueueEntry = 98ba4f60
> Tail.Overlay.Thread = 00000000
> Tail.Overlay.AuxiliaryBuffer = 00000000
> Tail.Overlay.ListEntry.Flink = 00000000
> Tail.Overlay.ListEntry.Blink = 00000000
> Tail.Overlay.CurrentStackLocation = 98ba4ffc
> Tail.Overlay.OriginalFileObject = 00000000
> Tail.Apc = 9b5c8f18
> Tail.CompletionKey = 9b5c8f18
> cmd flg cl Device File Completion-Context
> [0, 0] 0 10 00000000 00000000 00000000-00000000
> Args: 00000000 00000000 00000000 00000000
> [1b, 0] 0 10 891439e0 00000000 b6ca2180-f78ce8b4
> \Driver\myusbb STREAM!SCSynchCompletionRoutine
> Args: 00000000 00000000 00000000 00000000
> [1b,ff] 0 e0 883fe890 00000000 8067c723-f78ce9e0 Success Error Cancel
> \Driver\SNPSTD3 nt!ViIrpSynchronousCompletionRoutine
> Args: 00000000 00000000 00000000 00000000
>
>
>
> Regards
> Manish
>
> —
> NTDEV is sponsored by OSR
>
> For our schedule of WDF, WDM, debugging and other seminars visit:
> http://www.osr.com/seminars
>
> To unsubscribe, visit the List Server section of OSR Online at
> http://www.osronline.com/page.cfm?name=ListServer
>

3

You’re changing the status code to success (0) for an unknown PnP irp.
Verifier sends you bogus IRPs (minor code 0xFF) specifically to see if
you’re processing IRPs you can’t possibly understand.

You should either be passing the unknown IRP down, or if you’re the PDO at
the bottom of a stack, you should not be touching the status when you
complete the IRP.

Jan

From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Manish Jawa
Sent: Wednesday, September 29, 2010 4:02 AM
To: Windows System Software Devs Interest List
Subject: [ntdev] DRIVER_VERIFIER_IOMANAGER_VIOLATION (c9) - 23b

Hi

I am debugging an issue where pool corruption is happenning and IRP is
getting corrupted. I enabled driver verifier (special pool option) and now I
get a bugcheck with following details :

0: kd> !analyze -v
****************************************************************************
***
*
*
* Bugcheck Analysis
*
*
*
****************************************************************************
***
DRIVER_VERIFIER_IOMANAGER_VIOLATION (c9)
The IO manager has caught a misbehaving driver.
Arguments:
Arg1: 0000023b, The caller has changed the status field of an IRP it does
not understand.
Arg2: b6ca7322, The address in the driver’s code where the error was
detected.
Arg3: 98ba4f20, IRP address.
Arg4: 00000000
Debugging Details:

ERROR_CODE: (NTSTATUS) 0xc9 - The operating system cannot run %1.
EXCEPTION_CODE: (Win32) 0xc9 (201) - The operating system cannot run %1.
EXCEPTION_PARAMETER1: 0000023b
EXCEPTION_PARAMETER2: b6ca7322
EXCEPTION_PARAMETER3: 98ba4f20
EXCEPTION_PARAMETER4: 0
BUGCHECK_STR: 0xc9_23b
DRIVER_VERIFIER_IO_VIOLATION_TYPE: 23b
FAULTING_IP:
STREAM!StreamClassPnP+0
b6ca7322 8bff mov edi,edi
FOLLOWUP_IP:
STREAM!StreamClassPnP+0
b6ca7322 8bff mov edi,edi
IRP_ADDRESS: 98ba4f20
DEVICE_OBJECT: 891439e0
DRIVER_OBJECT: 89813270
IMAGE_NAME: myusbb.sys
DEBUG_FLR_IMAGE_TIMESTAMP: 4c2cf4f4
MODULE_NAME: myusbb
FAULTING_MODULE: b92ee000 myusbb
DEFAULT_BUCKET_ID: DRIVER_FAULT
PROCESS_NAME: System
LOCK_ADDRESS: 80562560 – (!locks 80562560)
Resource @ nt!IopDeviceTreeLock (0x80562560) Shared 1 owning threads
Threads: 89b92020-01<*>
1 total locks, 1 locks currently held
PNP_TRIAGE:
Lock address : 0x80562560
Thread Count : 1
Thread address: 0x89b92020
Thread wait : 0x9f4d
LAST_CONTROL_TRANSFER: from 8067f258 to 8053869a
STACK_TEXT:
f78ce24c 8067f258 0000004c 000000c9 f78ce26c nt!KeBugCheckEx+0x1b
f78ce3d4 8067fa24 f78ce6af 806ab090 00040000 nt!ViBugcheckHalt+0xc3
f78ce678 8067fb10 806af630 0000023b f78ce6a4
nt!VfBugcheckThrowException+0xa1
f78ce768 806805b0 0000023b 00000009 b6ca7322
nt!VfBugcheckThrowIoException+0xb5
f78ce798 8067ebd4 883f4120 b6ca7322 00000000
nt!VfGenericVerifyIrpStackUpward+0x79
f78ce7bc 80682c8f 883f4120 00000000 883eb201
nt!VfMajorVerifyIrpStackUpward+0x5e
f78ce7fc 80675328 98ba4fdb 98ba4f20 00000000 nt!IovpCompleteRequest2+0xb4
f78ce814 804e2911 00000000 98ba4f20 f78ce878
nt!IovpLocalCompletionRoutine+0x63
f78ce844 80675849 883fe948 00000000 00000000 nt!IopfCompleteRequest+0xa2
f78ce8b0 b6ca05e7 c00000bb 883fe948 f78ce8e0 nt!IovCompleteRequest+0x9a
f78ce8c0 b6ca630e 98ba4f20 00000000 883fe948 STREAM!SCCompleteIrp+0x29
f78ce8e0 b6ca5b2d 98ba4f20 883fe948 98ba4fd8
STREAM!SCUnknownPNPCallback+0x52
f78ce8fc b6ca5ffa 0000010a 00000000 00000000 STREAM!SCSubmitRequest+0xc7
f78ce930 b6ca76de 98ba4f20 883fe948 b6ca62bc
STREAM!SCSendUnknownCommand+0x32
f78ce998 804e23eb 883fe890 98ba4f20 80702428 STREAM!StreamClassPnP+0x3bc
f78ce9a8 80675145 98ba4ffc f78cea60 98ba4f20 nt!IopfCallDriver+0x31
f78ce9cc 8067c9d6 00000001 c00000bb 00000000 nt!IovCallDriver+0xa0
f78ce9f0 80681304 883fe890 f78cea3c 00000001 nt!VfIrpSendSynchronousIrp+0xab
f78cea64 8067ee4d 00000000 885b7560 80506cde
nt!VfPnpTestStartedPdoStack+0x43
f78cea70 80506cde 890d2b20 00000001 885b7560
nt!VfMajorTestStartedPdoStack+0x32
f78ceacc 805a6b4d 885b7560 890d2b20 8996b4c8 nt!PipProcessStartPhase3+0x2e2
f78ced20 805a3251 8996b4c8 00000001 00000000 nt!PipProcessDevNodeTree+0x1f7
f78ced54 80506f7e 00000003 805625c0 8056b5fc nt!PiProcessReenumeration+0x60
f78ced7c 804e33d5 00000000 00000000 89b92020 nt!PipDeviceActionWorker+0x170
f78cedac 80577316 00000000 00000000 00000000 nt!ExpWorkerThread+0xef
f78ceddc 804ed6f9 804e3311 00000001 00000000 nt!PspSystemThreadStartup+0x34
00000000 00000000 00000000 00000000 00000000 nt!KiThreadStartup+0x16

When I dumped the IRP following are the details : I am not able to conclude
if this bugcheck is related to my original issue(pool corruption) . Any
pointers would be greatly appreciated.
0: kd> !irp 98ba4f20 f
Irp is active with 3 stacks 4 is current (= 0x98ba4ffc)
No Mdl: No System Buffer: Thread 00000000: Irp is completed.
Flags = 40000000
ThreadListEntry.Flink = 98ba4f30
ThreadListEntry.Blink = 98ba4f30
IoStatus.Status = 00000000
IoStatus.Information = 00000000
RequestorMode = 00000000
Cancel = 00
CancelIrql = 0
ApcEnvironment = 00
UserIosb = 00000000
UserEvent = 00000000
Overlay.AsynchronousParameters.UserApcRoutine = 00000000
Overlay.AsynchronousParameters.UserApcContext = 00000000
Overlay.AllocationSize = 00000000 - 00000000
CancelRoutine = 00000000
UserBuffer = 00000000
&Tail.Overlay.DeviceQueueEntry = 98ba4f60
Tail.Overlay.Thread = 00000000
Tail.Overlay.AuxiliaryBuffer = 00000000
Tail.Overlay.ListEntry.Flink = 00000000
Tail.Overlay.ListEntry.Blink = 00000000
Tail.Overlay.CurrentStackLocation = 98ba4ffc
Tail.Overlay.OriginalFileObject = 00000000
Tail.Apc = 9b5c8f18
Tail.CompletionKey = 9b5c8f18
cmd flg cl Device File Completion-Context
[0, 0] 0 10 00000000 00000000 00000000-00000000
Args: 00000000 00000000 00000000 00000000
[1b, 0] 0 10 891439e0 00000000 b6ca2180-f78ce8b4
\Driver\myusbb STREAM!SCSynchCompletionRoutine
Args: 00000000 00000000 00000000 00000000
[1b,ff] 0 e0 883fe890 00000000 8067c723-f78ce9e0 Success Error Cancel
\Driver\SNPSTD3 nt!ViIrpSynchronousCompletionRoutine
Args: 00000000 00000000 00000000 00000000

Regards
Manish

NTDEV is sponsored by OSR

For our schedule of WDF, WDM, debugging and other seminars visit:
http://www.osr.com/seminars

To unsubscribe, visit the List Server section of OSR Online at
http://www.osronline.com/page.cfm?name=ListServer

4

Manish Jawa wrote:

I am debugging an issue where pool corruption is happenning and IRP is
getting corrupted. I enabled driver verifier (special pool option) and
now I get a bugcheck with following details :

What kind of driver are you writing? This bugcheck is happening in the
standard driver stream.sys. Are you writing a streaming driver?
AVStream? Are you handling SRBs or IRPs directly?


Tim Roberts, xxxxx@probo.com
Providenza & Boekelheide, Inc.