Hi all
I have a problem with driver . When it crashes I see the following bug check
always. At this moment I believe that I am releasing everything what ever I
have allocated in the driver . Can anybody let me know what is happening
here . OS is Windows XP , and I never had any problem in Windows 2K with the
same code.
DRIVER_CORRUPTED_EXPOOL (c5)
An attempt was made to access a pagable (or completely invalid) address at
an
interrupt request level (IRQL) that is too high. This is
caused by drivers that have corrupted the system pool. Run the driver
verifier against any new (or suspect) drivers, and if that doesn't turn up
the culprit, then use gflags to enable special pool.
Arguments:
Arg1: 00001000, memory referenced
Arg2: 00000002, IRQL
Arg3: 00000001, value 0 = read operation, 1 = write operation
Arg4: 8052f200, address which referenced memory
Debugging Details:
DEFAULT_BUCKET_ID: DRIVER_FAULT
BUGCHECK_STR: 0xC5
LAST_CONTROL_TRANSFER: from 804ee7a4 to 80515aa0
STACK_TEXT:
f9d735a0 804ee7a4 00000003 00000000 000000c5
nt!RtlpBreakWithStatusInstruction
f9d735ec 804ef060 00000003 00001000 8052f200 nt!KiBugCheckDebugBreak+0x19
f9d739b4 804ef4ff 000000c5 00001000 00000002 nt!KeBugCheck2+0x43c
f9d739d4 8052b165 0000000a 00001000 00000002 nt!KeBugCheckEx+0x19
f9d739d4 8052f200 0000000a 00001000 00000002 nt!KiTrap0E+0x2ad
f9d73a90 8052f36f 00000001 00000000 f97416ba nt!ExFreePoolWithTag+0x4a8
f9d73a9c f97416ba 81a66600 8190f410 e20cb1e8 nt!ExFreePool+0xb
f9d73ab8 f973a160 00000001 e20cb1e8 00000001
ks!KspReleaseDeviceBagEntry+0x48
f9d73acc f973a133 8190f410 e20d0bb0 00000001 ks!KspRemoveObjectBagEntry+0x2b
f9d73ae8 f973a2be 8190f410 8190f35c f973a447 ks!KspTerminateObjectBag+0x22
f9d73af4 f973a447 8190f37c f97380fd 00000001 ks!CKsDevice::~CKsDevice+0x30
f9d73afc f97380fd 00000001 8199f390 8190f3c0 ks!CKsDevice::`scalar deleting
destructor'+0x8
f9d73b24 f9737eb4 0090f35c f973a28c 8190f358
ks!CBaseUnknown::NonDelegatedRelease+0x32
f9d73b2c f973a28c 8190f358 8190f358 f973a3d9
ks!CKsFileObjectThunk::Release+0xd
f9d73b38 f973a3d9 8196cf10 8199f390 8199f448 ks!KsTerminateDevice+0x2c
f9d73b50 804e5d53 8196cf10 81aa6030 f9d73bd0 ks!CKsDevice::DispatchPnp+0x133
f9d73b60 805698e0 81aa6030 81aa6030 00000002 nt!IopfCallDriver+0x31
f9d73b8c 805699eb 8196cf10 f9d73bac 00000000 nt!IopSynchronousCall+0xb8
f9d73bdc 804ecb0e 81aa6030 00000002 00000000 nt!IopRemoveDevice+0x89
f9d73c04 805690d8 e1fcc1b8 00000018 e1f1d348
nt!IopRemoveLockedDeviceNode+0x15e
f9d73c1c 80569139 81acbee8 00000002 e1f1d348
nt!IopDeleteLockedDeviceNode+0x32
f9d73c50 805691ae 81ac7168 02f1d348 00000002
nt!IopDeleteLockedDeviceNodes+0x3d
f9d73c74 8056929f 81a99da0 00000000 819adfd0 nt!IopDelayedRemoveWorker+0x22
f9d73c88 804e8ce1 81ac7168 00000001 e1fb9f20
nt!IopChainDereferenceComplete+0xd5
f9d73cb4 8056f982 81b8eb68 00000002 00000000
nt!IopNotifyPnpWhenChainDereferenced+0x9f
f9d73d34 8056f9c2 f9d73d6c 8069b408 e1e06920
nt!PiProcessQueryRemoveAndEject+0x9ba
f9d73d4c 8056fae4 f9d73d6c 81bcada8 818e7a08
nt!PiProcessTargetDeviceEvent+0x24
81bcada8 00000000 81bcadb0 81bcadb0 81bb8544 nt!PiWalkDeviceList+0xce
FOLLOWUP_IP:
nt!ExFreePool+b
8052f36f c20400 ret 0x4
FOLLOWUP_NAME: Pool_corruption
SYMBOL_NAME: nt!ExFreePool+b
MODULE_NAME: nt
IMAGE_NAME: ntoskrnl.exe
DEBUG_FLR_IMAGE_TIMESTAMP: 3c7ac994
STACK_COMMAND: kb
BUCKET_ID: 0xC5_nt!ExFreePool+b
Followup: Pool_corruption
Thanks in advance
sri