Dear Experts,
I am writing an USB driver while testing my driver, I got Blue screen. Bug
check analysis was showing that the problem is in SR.SYS file. Who is
responsible for this error?
I verified my driver pool with driver verifier. The address that is causing
the error doesn't match any of my memory allocations.
I am attaching the Bugcheck analysis bellow.
Regards,
RD
*******************************************************************************
*
*
* Bugcheck
Analysis *
*
*
*******************************************************************************
Use !analyze -v to get detailed debugging information.
BugCheck BE, {c582a2f0, 139c055, f88aa50c, a}
Probably caused by : sr.sys ( sr!SrWrite+aa )
Followup: MachineOwner
nt!RtlpBreakWithStatusInstruction:
804e3b25 cc int 3
kd> !analyze -v
*******************************************************************************
*
*
* Bugcheck
Analysis *
*
*
*******************************************************************************
ATTEMPTED_WRITE_TO_READONLY_MEMORY (be)
An attempt was made to write to readonly memory. The guilty driver is on
the
stack trace (and is typically the current instruction pointer).
When possible, the guilty driver's name (Unicode string) is printed on
the bugcheck screen and saved in KiBugCheckDriver.
Arguments:
Arg1: c582a2f0, Virtual address for the attempted write.
Arg2: 0139c055, PTE contents.
Arg3: f88aa50c, (reserved)
Arg4: 0000000a, (reserved)
Debugging Details:
DEFAULT_BUCKET_ID: DRIVER_FAULT
BUGCHECK_STR: 0xBE
LAST_CONTROL_TRANSFER: from 80549efc to 80539fda
TRAP_FRAME: f88aa50c -- (.trap fffffffff88aa50c)
ErrCode = 00000003
eax=c4f69970 ebx=c4f69970 ecx=0139c055 edx=c03160a8 esi=c582a2f0
edi=c582a2f0
eip=80539fda esp=f88aa580 ebp=f88aa590 iopl=0 nv up ei ng nz na pe
nc
cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000
efl=00010282
nt!MiProtectedPoolRemoveEntryList+0x44:
80539fda 8906 mov [esi],eax
Resetting default scope
STACK_TEXT:
f88aa590 80549efc 821ea000 00000000 80562040
nt!MiProtectedPoolRemoveEntryList+0x44
f88aa5d8 8054b2e1 00000000 4f66c000 00000000 nt!MiAllocatePoolPages+0x16e
f88aa640 bae6fdcd 00000004 00001000 3966744e nt!ExAllocatePoolWithTag+0x10b
f88aa680 bae6ffe2 f88aa888 82258e80 00000000
Ntfs!NtfsCreateMdlAndBuffer+0x43
f88aa878 bae6fc97 f88aa888 826f8e48 0110070a Ntfs!NtfsCommonWrite+0x17cb
f88aa9ec 804e3d77 82235020 826f8e48 806ee2e8 Ntfs!NtfsFsdWrite+0xf3
f88aa9fc 8066a2c5 826f8e48 8225b4b8 8224a3b0 nt!IopfCallDriver+0x31
f88aaa20 baf123ca 8224a2f8 8224a200 f88aaa64 nt!IovCallDriver+0xa0
f88aaa30 804e3d77 8224a2f8 826f8e48 806ee2e8 sr!SrWrite+0xaa
f88aaa40 8066a2c5 82258038 00003000 8224a2f8 nt!IopfCallDriver+0x31
f88aaa64 804efb8d e246d560 00001000 e14ac128 nt!IovCallDriver+0xa0
f88aaa78 bae8fe86 82258009 82247138 f88aab1c nt!IoSynchronousPageWrite+0xaf
f88aab44 bae8ff50 e14ac128 e246d560 e14ac128 Ntfs!LfsFlushLfcb+0x429
f88aab68 bae95a1f e14ac128 e246d560 e14a4bb0 Ntfs!LfsFlushLbcb+0x81
f88aab90 bae8ea8e e14ac128 ffffffff 7fffffff Ntfs!LfsFlushToLsnPriv+0xf3
f88aabd0 bae99967 e14a4bb0 ffffffff 7fffffff Ntfs!LfsFlushToLsn+0x8e
f88aac3c bae99ae3 81f82728 82442e70 82235020
Ntfs!NtfsCommonFlushBuffers+0x287
f88aaca0 804e3d77 82235020 82442e70 806ee2e8 Ntfs!NtfsFsdFlushBuffers+0x92
f88aacb0 8066a2c5 c000000e 00000000 00000000 nt!IopfCallDriver+0x31
f88aacd4 baf21807 e21cee40 ba040400 00000000 nt!IovCallDriver+0xa0
f88aacf8 baf2041d 82235020 820ca978 8224a3b0 sr!SrFlushBuffers+0x65
f88aad24 baf20dc2 e21cee40 8225c188 8224d030 sr!SrLogFlush+0xc1
f88aad60 80563e8f 8224d030 8225c188 80561b7c sr!SrLoggerFlushWorkItem+0x80
f88aad74 804e47fe 8225c188 00000000 822918b8 nt!IopProcessWorkItem+0x13
f88aadac 8057dfed 8225c188 00000000 00000000 nt!ExpWorkerThread+0x100
f88aaddc 804fa477 804e4729 00000001 00000000 nt!PspSystemThreadStartup+0x34
00000000 00000000 00000000 00000000 00000000 nt!KiThreadStartup+0x16
FOLLOWUP_IP:
sr!SrWrite+aa
baf123ca 5f pop edi
SYMBOL_STACK_INDEX: 8
FOLLOWUP_NAME: MachineOwner
SYMBOL_NAME: sr!SrWrite+aa
MODULE_NAME: sr
IMAGE_NAME: sr.sys
DEBUG_FLR_IMAGE_TIMESTAMP: 41107cde
STACK_COMMAND: .trap fffffffff88aa50c ; kb
FAILURE_BUCKET_ID: 0xBE_sr!SrWrite+aa
BUCKET_ID: 0xBE_sr!SrWrite+aa
Followup: MachineOwner
kd> !verifier 3
Verify Level ff ... enabled options are:
special pool
special irql
inject random low-resource API failures
all pool allocations checked on unload
Io subsystem checking enabled
Deadlock detection enabled
Enhanced Io checking enabled
DMA checking enabled
Summary of All Verifier Statistics
RaiseIrqls 0x0
AcquireSpinLocks 0x53
Synch Executions 0x0
Trims 0x3c
Pool Allocations Attempted 0x2a
Pool Allocations Succeeded 0x2a
Pool Allocations Succeeded SpecialPool 0x2a
Pool Allocations With NO TAG 0x0
Pool Allocations Failed 0x0
Resource Allocations Failed Deliberately 0x0
Current paged pool allocations 0x1 for 00000074 bytes
Peak paged pool allocations 0x1 for 00000074 bytes
Current nonpaged pool allocations 0x21 for 00000728 bytes
Peak nonpaged pool allocations 0x22 for 00002728 bytes
Driver Verification List
Entry State NonPagedPool PagedPool Module
822c9f00 Loaded 00000728 00000074 Mydrvr.sys
Current Pool Allocations 00000001 00000021
Current Pool Bytes 00000074 00000728
Peak Pool Allocations 00000001 00000022
Peak Pool Bytes 00000074 00002728
PoolAddress SizeInBytes Tag CallersAddress
82856f88 0x00000074 BulK f850f398
82e08fb8 0x00000048 1BRU f8519bd5
82b16fd0 0x0000002c 1CWR f8519a4d
82b18fd0 0x0000002c 1CWR f8519a4d
8304efe0 0x00000020 BulK f85106e6
82772fb8 0x00000048 1BRU f8519bd5
82e74fc8 0x00000038 BulK f8510b81
82754ff8 0x00000004 BulK f8510cbb
82afcfd0 0x0000002c 1CWR f8519a4d
82484fb8 0x00000048 1BRU f8519bd5
82800fd0 0x0000002c 1CWR f8519a4d
8259efb8 0x00000048 1BRU f8519bd5
824e4fd0 0x0000002c 1CWR f8519a4d
82a5afb8 0x00000048 1BRU f8519bd5
82f2efd0 0x0000002c 1CWR f8519a4d
82ac4fb8 0x00000048 1BRU f8519bd5
82a12fd0 0x0000002c 1CWR f8519a4d
82af0fb8 0x00000048 1BRU f8519bd5
82b34fd0 0x0000002c 1CWR f8519a4d
82a02fb8 0x00000048 1BRU f8519bd5
82b9efd0 0x0000002c 1CWR f8519a4d
827bafb8 0x00000048 1BRU f8519bd5
82b44fd0 0x0000002c 1CWR f8519a4d
82bc8fb8 0x00000048 1BRU f8519bd5
82474fd0 0x0000002c 1CWR f8519a4d
827cafb8 0x00000048 1BRU f8519bd5
82c32fd0 0x0000002c 1CWR f8519a4d
8244cfb8 0x00000048 1BRU f8519bd5
82e98fd0 0x0000002c 1CWR f8519a4d
82cd8fb8 0x00000048 1BRU f8519bd5
82646fd0 0x0000002c 1CWR f8519a4d
82ce0fb8 0x00000048 1BRU f8519bd5
825b4fd0 0x0000002c 1CWR f8519a4d
827a8fb8 0x00000048 1BRU f8519bd5