Hi All,
We have been running the tests with WLK 1.5. All the tests pass on XP 32/64, Vista 32/64 and Win-7 32-bit. One time we saw a BSOD on Win-7 64 bit. This crash happened only once and never saw this again. I analysed the crash dump and nothing points to my driver as the culpret (BRCMHD64.sys).

Does this look like a WLK 1.5 issue?

Attahced is the crash dump analysis.
Any pointers are appreciated.
Thanks in Advance.
-- Aj

============================ CRASH DUMP START ===================================

1: kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************

DRIVER_CORRUPTED_EXPOOL (c5)
An attempt was made to access a pageable (or completely invalid) address at an
interrupt request level (IRQL) that is too high. This is
caused by drivers that have corrupted the system pool. Run the driver
verifier against any new (or suspect) drivers, and if that doesn't turn up
the culprit, then use gflags to enable special pool.
Arguments:
Arg1: 0000000000000008, memory referenced
Arg2: 0000000000000002, IRQL
Arg3: 0000000000000001, value 0 = read operation, 1 = write operation
Arg4: fffff800029ac90d, address which referenced memory

Debugging Details:

PEB is paged out (Peb.Ldr = 000007fffffda018). Type ".hh dbgerr001" for details PEB is paged out (Peb.Ldr = 000007fffffda018). Type ".hh dbgerr001" for details

BUGCHECK_STR: 0xC5_2

CURRENT_IRQL: 2

FAULTING_IP:
nt!ExAllocatePoolWithTag+53d
fffff800`029ac90d 48895808 mov qword ptr [rax+8],rbx

DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT

PROCESS_NAME: WTTSvc.exe

TRAP_FRAME: fffff8800a0d3910 -- (.trap 0xfffff8800a0d3910)
NOTE: The trap frame does not contain all registers.
Some register values may be zeroed or incorrect.
rax=0000000000000000 rbx=0000000000000000 rcx=fffffa8006c1ec50
rdx=0000000000000000 rsi=0000000000000000 rdi=0000000000000000
rip=fffff800029ac90d rsp=fffff8800a0d3aa0 rbp=fffff80002a07880
r8=0000000000000000 r9=fffff80002a07ae0 r10=fffff80002a07888
r11=0000000000000770 r12=0000000000000000 r13=0000000000000000
r14=0000000000000000 r15=0000000000000000
iopl=0 nv up ei pl zr na po nc
nt!ExAllocatePoolWithTag+0x53d:
fffff800`029ac90d 48895808 mov qword ptr [rax+8],rbx ds:6325:0008=????????????????
Resetting default scope

LAST_CONTROL_TRANSFER: from fffff80002879469 to fffff80002879f00

STACK_TEXT:
fffff8800a0d37c8 fffff80002879469 : 000000000000000a 0000000000000008 0000000000000002 0000000000000001 : nt!KeBugCheckEx
fffff8800a0d37d0 fffff800028780e0 : fffff6fd4002e2e8 fffff80002a07ae0 fffff88000000000 000000000000001c : nt!KiBugCheckDispatch+0x69
fffff8800a0d3910 fffff800029ac90d : 0000000000000000 4545454545454545 0000000000000001 fffff8800a0d4210 : nt!KiPageFault+0x260
fffff8800a0d3aa0 fffff80002889cb4 : 0000000000000000 000000000000001d fffff8800a0d3e18 0000000000000000 : nt!ExAllocatePoolWithTag+0x53d
fffff8800a0d3b90 fffff8800122586d : fffff8800a0d4210 0000000000000000 fffff8800a0d3e00 0000000000000000 : nt!IoAllocateMdl+0x144
fffff8800a0d3be0 fffff88001225999 : fffff8800a0d3e10 fffff8800a0d3d60 fffff8800a0d3e18 fffff980063a6c60 : Ntfs!NtfsCreateMdlAndBuffer+0xbd
fffff8800a0d3c30 fffff8800121b1b3 : fffff8800a0d3e10 fffff980063a6c60 fffff88009760000 0000000000000000 : Ntfs!NtfsAllocateCompressionBuffer+0x75
fffff8800a0d3c80 fffff8800121c15b : fffff8800a0d4210 fffff980063a6c60 fffffa8005fdce10 00000000035e3000 : Ntfs!NtfsPrepareSimpleBuffers+0x4d3
fffff8800a0d3d40 fffff88001219fdc : fffff980063a6c60 fffffa8005fe9c40 fffff8800a0d3e60 fffffa80056e0860 : Ntfs!NtfsPrepareBuffers+0xcb
fffff8800a0d3dc0 fffff88001228dc4 : fffff8800a0d4210 fffff980063a6c60 fffffa8006cda100 0000000000000000 : Ntfs!NtfsNonCachedIo+0x1bc
fffff8800a0d3f90 fffff880012211c2 : fffff8800a0d4210 fffff980063a6c60 fffffa8005fdce10 00000000035e3000 : Ntfs!NtfsNonCachedUsaWrite+0x64
fffff8800a0d4020 fffff88001225413 : fffff8800a0d4210 fffff980063a6c60 fffff8800a0d4300 fffff8800a0d5901 : Ntfs!NtfsCommonWrite+0x1022
fffff8800a0d41e0 fffff80002d1fc16 : fffff980063a6c60 fffff980063a6c60 fffffa8006cda030 fffffa80059a0f40 : Ntfs!NtfsFsdWrite+0x1c3
fffff8800a0d4460 fffff8800100323f : fffff980063a6fb8 fffff8800a0d4500 fffffa80071d1900 fffffa80059a0f40 : nt!IovCallDriver+0x566
fffff8800a0d44c0 fffff880010016df : fffffa8005fe79d0 fffffa8005fe79d0 fffffa8005fe7900 fffff980063a6c60 : fltmgr!FltpLegacyProcessingAfterPreCallbacksCompleted+0x24f
fffff8800a0d4550 fffff80002d1fc16 : fffff980063a6c60 0000000000000002 fffff8800a0d4b40 fffffa80045bea18 : fltmgr!FltpDispatch+0xcf
fffff8800a0d45b0 fffff800028f63a1 : fffff980063a6c60 fffff800028681c7 fffffa8005fdcd20 fffffa8005795010 : nt!IovCallDriver+0x566
fffff8800a0d4610 fffff800028681c7 : 0000000000000000 fffff8800a0d4b40 fffffa8004102470 0000000000000000 : nt! ?? ::FNODOBFM::string'+0x3f5a7 fffff8800a0d4690 fffff80002866194 : fffff8a0002d8f18 fffff8a0002d9000 fffffa8005fe89e0 fffffa8005fe89e0 : nt!MiFlushSectionInternal+0xa58 fffff8800a0d48d0 fffff80002865d3a : 000000000001d000 000000000001d001 000000000001d000 00000000206bff00 : nt!MmFlushSection+0x1f4 fffff8800a0d4990 fffff88001228840 : fffffa8006cdbb70 0000000000000000 000000000001d000 0000000000000000 : nt!CcFlushCache+0x88a fffff8800a0d4a90 fffff880012d7ba3 : fffff8a00024dd80 00000000206c1d60 0000000000000000 fffff8800a0d5900 : Ntfs!LfsFlushLfcb+0x644 fffff8800a0d4c10 fffff880012d7d20 : fffff8a000085f30 00000000206c1d60 fffff8800a0d5080 fffff8800a0d5080 : Ntfs!LfsFlushToLsnPriv+0x143 fffff8800a0d4ca0 fffff880012215c8 : fffff8a000085f30 00000000206c1d60 00000000206c1d60 0000000000000400 : Ntfs!LfsFlushToLsn+0xa0 fffff8800a0d4cd0 fffff88001225413 : fffff8800a0d4ec0 fffff98007396c60 fffff8800a0d5000 fffff8800a0d5901 : Ntfs!NtfsCommonWrite+0x1432 fffff8800a0d4e90 fffff80002d1fc16 : fffff98007396c60 fffff98007396c60 fffffa8006cda030 fffffa8007f55010 : Ntfs!NtfsFsdWrite+0x1c3 fffff8800a0d5110 fffff8800100323f : fffff98007396fb8 fffff8800a0d51c0 fffffa80071d1900 fffffa8007f55010 : nt!IovCallDriver+0x566 fffff8800a0d5170 fffff880010016df : fffffa8005fe79d0 fffffa8005fe79d0 fffffa8005fe7900 fffff98007396c60 : fltmgr!FltpLegacyProcessingAfterPreCallbacksCompleted+0x24f fffff8800a0d5200 fffff80002d1fc16 : fffff98007396c60 0000000000000002 fffff8800a0d5778 fffffa80045be798 : fltmgr!FltpDispatch+0xcf fffff8800a0d5260 fffff800028f63a1 : fffff98007396c60 fffff800028681c7 fffffa8007e10800 fffffa80078dc2b0 : nt!IovCallDriver+0x566 fffff8800a0d52c0 fffff800028681c7 : 0000000000000000 fffff8800a0d5778 fffffa80039a22a0 0000000000000000 : nt! ?? ::FNODOBFM::string'+0x3f5a7
fffff8800a0d5340 fffff80002866194 : fffff8a001795010 fffff8a001795810 fffffa8007b0c4d0 fffffa8007b0c4d0 : nt!MiFlushSectionInternal+0xa58
fffff8800a0d5580 fffff80002865d3a : 0000000000000000 0000000000000000 0000000000000000 fffffa8007d38600 : nt!MmFlushSection+0x1f4
fffff8800a0d5640 fffff880012d9642 : fffffa8007e109b8 0000000000000000 fffffa8000000000 fffff800028780fd : nt!CcFlushCache+0x88a
fffff8800a0d5740 fffff880012da6ba : fffff8a0017835e0 fffff8a0017835e0 fffff8a0017835e0 fffffa8007d386f0 : Ntfs!NtfsFlushUserStream+0x92
fffff8800a0d57c0 fffff880012d988e : fffffa8007d386f0 fffff8a0017835e0 fffff880012d9764 0000000000000000 : Ntfs!NtfsPerformOptimisticFlush+0x7a
fffff8800a0d5820 fffff880012da5f0 : fffffa8007d386f0 fffff98006200c60 fffffa8005700180 0000000000000000 : Ntfs!NtfsCommonFlushBuffers+0x12a
fffff8800a0d5900 fffff80002d1fc16 : fffff98006200c60 fffff98006200c60 fffffa8007d386f0 fffff8800a0d5928 : Ntfs!NtfsFsdFlushBuffers+0x104
fffff8800a0d5970 fffff8800100323f : fffff98006200fb8 fffff8800a0d5a20 fffffa80071d1900 fffffa8005e25220 : nt!IovCallDriver+0x566
fffff8800a0d59d0 fffff880010016df : fffffa8005fe79d0 fffffa8005fe79d0 fffffa8005fe7900 fffff98006200c60 : fltmgr!FltpLegacyProcessingAfterPreCallbacksCompleted+0x24f
fffff8800a0d5a60 fffff80002d1fc16 : fffff98006200c60 0000000000000002 fffff98006200c60 0000000000000000 : fltmgr!FltpDispatch+0xcf
fffff8800a0d5ac0 fffff80002b8d929 : 0000000000000002 fffffa8005700180 0000000000000001 fffffa80086d1270 : nt!IovCallDriver+0x566
fffff8800a0d5b20 fffff80002b1b8ad : fffff98006200c60 fffff8800a0d5ca0 fffffa8005700180 fffff80002879101 : nt!IopSynchronousServiceTail+0xf9
fffff8800a0d5b90 fffff80002879153 : fffffa80056e0860 0000000000304108 fffffa8005fe79d0 fffffa8005700180 : nt!NtFlushBuffersFile+0x171
fffff8800a0d5c20 000000007771036a : 0000000000000000 0000000000000000 0000000000000000 0000000000000000 : nt!KiSystemServiceCopyEnd+0x13
00000000035dddd8 0000000000000000 : 0000000000000000 0000000000000000 0000000000000000 0000000000000000 : 0x7771036a

1: kd> kp
Child-SP RetAddr Call Site
fffff8800a0d37c8 fffff80002879469 nt!KeBugCheckEx
fffff8800a0d37d0 fffff800028780e0 nt!KiBugCheckDispatch+0x69
fffff8800a0d3910 fffff800029ac90d nt!KiPageFault+0x260
fffff8800a0d3aa0 fffff80002889cb4 nt!ExAllocatePoolWithTag+0x53d
fffff8800a0d3b90 fffff8800122586d nt!IoAllocateMdl+0x144
fffff8800a0d3be0 fffff88001225999 Ntfs!NtfsCreateMdlAndBuffer+0xbd
fffff8800a0d3c30 fffff8800121b1b3 Ntfs!NtfsAllocateCompressionBuffer+0x75
fffff8800a0d3c80 fffff8800121c15b Ntfs!NtfsPrepareSimpleBuffers+0x4d3
fffff8800a0d3d40 fffff88001219fdc Ntfs!NtfsPrepareBuffers+0xcb
fffff8800a0d3dc0 fffff88001228dc4 Ntfs!NtfsNonCachedIo+0x1bc
fffff8800a0d3f90 fffff880012211c2 Ntfs!NtfsNonCachedUsaWrite+0x64
fffff8800a0d4020 fffff88001225413 Ntfs!NtfsCommonWrite+0x1022
fffff8800a0d41e0 fffff80002d1fc16 Ntfs!NtfsFsdWrite+0x1c3
fffff8800a0d4460 fffff8800100323f nt!IovCallDriver+0x566
fffff8800a0d44c0 fffff880010016df fltmgr!FltpLegacyProcessingAfterPreCallbacksCompleted+0x24f
fffff8800a0d4550 fffff80002d1fc16 fltmgr!FltpDispatch+0xcf
fffff8800a0d45b0 fffff800028f63a1 nt!IovCallDriver+0x566
fffff8800a0d4610 fffff800028681c7 nt! ?? ::FNODOBFM::string'+0x3f5a7 fffff8800a0d4690 fffff80002866194 nt!MiFlushSectionInternal+0xa58 fffff8800a0d48d0 fffff800`02865d3a nt!MmFlushSection+0x1f4
============================ CRASH DUMP END ===================================

Have you run your tests with driver verifier and special pool enabled?

• S

From: xxxxx@lists.osr.com [mailto:xxxxx@lists.osr.com] On Behalf Of Ajitabh Saxena
Sent: Friday, February 05, 2010 11:31 AM
To: Windows System Software Devs Interest List
Subject: [ntdev] Win-7 64 Bit System Crash On CHAOS - [Concurrent Hardware and OS Test]

Hi All,
We have been running the tests with WLK 1.5. All the tests pass on XP 32/64, Vista 32/64 and Win-7 32-bit. One time we saw a BSOD on Win-7 64 bit. This crash happened only once and never saw this again. I analysed the crash dump and nothing points to my driver as the culpret (BRCMHD64.sys).

Does this look like a WLK 1.5 issue?

Attahced is the crash dump analysis.
Any pointers are appreciated.
Thanks in Advance.
-- Aj

============================ CRASH DUMP START ===================================

1: kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************

DRIVER_CORRUPTED_EXPOOL (c5)
An attempt was made to access a pageable (or completely invalid) address at an
interrupt request level (IRQL) that is too high. This is
caused by drivers that have corrupted the system pool. Run the driver
verifier against any new (or suspect) drivers, and if that doesn't turn up
the culprit, then use gflags to enable special pool.
Arguments:
Arg1: 0000000000000008, memory referenced
Arg2: 0000000000000002, IRQL
Arg3: 0000000000000001, value 0 = read operation, 1 = write operation
Arg4: fffff800029ac90d, address which referenced memory

Debugging Details:

PEB is paged out (Peb.Ldr = 000007fffffda018). Type ".hh dbgerr001" for details PEB is paged out (Peb.Ldr = 000007fffffda018). Type ".hh dbgerr001" for details

BUGCHECK_STR: 0xC5_2

CURRENT_IRQL: 2

FAULTING_IP:
nt!ExAllocatePoolWithTag+53d
fffff800`029ac90d 48895808 mov qword ptr [rax+8],rbx

DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT

PROCESS_NAME: WTTSvc.exe

TRAP_FRAME: fffff8800a0d3910 -- (.trap 0xfffff8800a0d3910)
NOTE: The trap frame does not contain all registers.
Some register values may be zeroed or incorrect.
rax=0000000000000000 rbx=0000000000000000 rcx=fffffa8006c1ec50
rdx=0000000000000000 rsi=0000000000000000 rdi=0000000000000000
rip=fffff800029ac90d rsp=fffff8800a0d3aa0 rbp=fffff80002a07880
r8=0000000000000000 r9=fffff80002a07ae0 r10=fffff80002a07888
r11=0000000000000770 r12=0000000000000000 r13=0000000000000000
r14=0000000000000000 r15=0000000000000000
iopl=0 nv up ei pl zr na po nc
nt!ExAllocatePoolWithTag+0x53d:
fffff800`029ac90d 48895808 mov qword ptr [rax+8],rbx ds:6325:0008=????????????????
Resetting default scope

LAST_CONTROL_TRANSFER: from fffff80002879469 to fffff80002879f00

STACK_TEXT:
fffff8800a0d37c8 fffff80002879469 : 000000000000000a 0000000000000008 0000000000000002 0000000000000001 : nt!KeBugCheckEx
fffff8800a0d37d0 fffff800028780e0 : fffff6fd4002e2e8 fffff80002a07ae0 fffff88000000000 000000000000001c : nt!KiBugCheckDispatch+0x69
fffff8800a0d3910 fffff800029ac90d : 0000000000000000 4545454545454545 0000000000000001 fffff8800a0d4210 : nt!KiPageFault+0x260
fffff8800a0d3aa0 fffff80002889cb4 : 0000000000000000 000000000000001d fffff8800a0d3e18 0000000000000000 : nt!ExAllocatePoolWithTag+0x53d
fffff8800a0d3b90 fffff8800122586d : fffff8800a0d4210 0000000000000000 fffff8800a0d3e00 0000000000000000 : nt!IoAllocateMdl+0x144
fffff8800a0d3be0 fffff88001225999 : fffff8800a0d3e10 fffff8800a0d3d60 fffff8800a0d3e18 fffff980063a6c60 : Ntfs!NtfsCreateMdlAndBuffer+0xbd
fffff8800a0d3c30 fffff8800121b1b3 : fffff8800a0d3e10 fffff980063a6c60 fffff88009760000 0000000000000000 : Ntfs!NtfsAllocateCompressionBuffer+0x75
fffff8800a0d3c80 fffff8800121c15b : fffff8800a0d4210 fffff980063a6c60 fffffa8005fdce10 00000000035e3000 : Ntfs!NtfsPrepareSimpleBuffers+0x4d3
fffff8800a0d3d40 fffff88001219fdc : fffff980063a6c60 fffffa8005fe9c40 fffff8800a0d3e60 fffffa80056e0860 : Ntfs!NtfsPrepareBuffers+0xcb
fffff8800a0d3dc0 fffff88001228dc4 : fffff8800a0d4210 fffff980063a6c60 fffffa8006cda100 0000000000000000 : Ntfs!NtfsNonCachedIo+0x1bc
fffff8800a0d3f90 fffff880012211c2 : fffff8800a0d4210 fffff980063a6c60 fffffa8005fdce10 00000000035e3000 : Ntfs!NtfsNonCachedUsaWrite+0x64
fffff8800a0d4020 fffff88001225413 : fffff8800a0d4210 fffff980063a6c60 fffff8800a0d4300 fffff8800a0d5901 : Ntfs!NtfsCommonWrite+0x1022
fffff8800a0d41e0 fffff80002d1fc16 : fffff980063a6c60 fffff980063a6c60 fffffa8006cda030 fffffa80059a0f40 : Ntfs!NtfsFsdWrite+0x1c3
fffff8800a0d4460 fffff8800100323f : fffff980063a6fb8 fffff8800a0d4500 fffffa80071d1900 fffffa80059a0f40 : nt!IovCallDriver+0x566
fffff8800a0d44c0 fffff880010016df : fffffa8005fe79d0 fffffa8005fe79d0 fffffa8005fe7900 fffff980063a6c60 : fltmgr!FltpLegacyProcessingAfterPreCallbacksCompleted+0x24f
fffff8800a0d4550 fffff80002d1fc16 : fffff980063a6c60 0000000000000002 fffff8800a0d4b40 fffffa80045bea18 : fltmgr!FltpDispatch+0xcf
fffff8800a0d45b0 fffff800028f63a1 : fffff980063a6c60 fffff800028681c7 fffffa8005fdcd20 fffffa8005795010 : nt!IovCallDriver+0x566
fffff8800a0d4610 fffff800028681c7 : 0000000000000000 fffff8800a0d4b40 fffffa8004102470 0000000000000000 : nt! ?? ::FNODOBFM::string'+0x3f5a7 fffff8800a0d4690 fffff80002866194 : fffff8a0002d8f18 fffff8a0002d9000 fffffa8005fe89e0 fffffa8005fe89e0 : nt!MiFlushSectionInternal+0xa58 fffff8800a0d48d0 fffff80002865d3a : 000000000001d000 000000000001d001 000000000001d000 00000000206bff00 : nt!MmFlushSection+0x1f4 fffff8800a0d4990 fffff88001228840 : fffffa8006cdbb70 0000000000000000 000000000001d000 0000000000000000 : nt!CcFlushCache+0x88a fffff8800a0d4a90 fffff880012d7ba3 : fffff8a00024dd80 00000000206c1d60 0000000000000000 fffff8800a0d5900 : Ntfs!LfsFlushLfcb+0x644 fffff8800a0d4c10 fffff880012d7d20 : fffff8a000085f30 00000000206c1d60 fffff8800a0d5080 fffff8800a0d5080 : Ntfs!LfsFlushToLsnPriv+0x143 fffff8800a0d4ca0 fffff880012215c8 : fffff8a000085f30 00000000206c1d60 00000000206c1d60 0000000000000400 : Ntfs!LfsFlushToLsn+0xa0 fffff8800a0d4cd0 fffff88001225413 : fffff8800a0d4ec0 fffff98007396c60 fffff8800a0d5000 fffff8800a0d5901 : Ntfs!NtfsCommonWrite+0x1432 fffff8800a0d4e90 fffff80002d1fc16 : fffff98007396c60 fffff98007396c60 fffffa8006cda030 fffffa8007f55010 : Ntfs!NtfsFsdWrite+0x1c3 fffff8800a0d5110 fffff8800100323f : fffff98007396fb8 fffff8800a0d51c0 fffffa80071d1900 fffffa8007f55010 : nt!IovCallDriver+0x566 fffff8800a0d5170 fffff880010016df : fffffa8005fe79d0 fffffa8005fe79d0 fffffa8005fe7900 fffff98007396c60 : fltmgr!FltpLegacyProcessingAfterPreCallbacksCompleted+0x24f fffff8800a0d5200 fffff80002d1fc16 : fffff98007396c60 0000000000000002 fffff8800a0d5778 fffffa80045be798 : fltmgr!FltpDispatch+0xcf fffff8800a0d5260 fffff800028f63a1 : fffff98007396c60 fffff800028681c7 fffffa8007e10800 fffffa80078dc2b0 : nt!IovCallDriver+0x566 fffff8800a0d52c0 fffff800028681c7 : 0000000000000000 fffff8800a0d5778 fffffa80039a22a0 0000000000000000 : nt! ?? ::FNODOBFM::string'+0x3f5a7
fffff8800a0d5340 fffff80002866194 : fffff8a001795010 fffff8a001795810 fffffa8007b0c4d0 fffffa8007b0c4d0 : nt!MiFlushSectionInternal+0xa58
fffff8800a0d5580 fffff80002865d3a : 0000000000000000 0000000000000000 0000000000000000 fffffa8007d38600 : nt!MmFlushSection+0x1f4
fffff8800a0d5640 fffff880012d9642 : fffffa8007e109b8 0000000000000000 fffffa8000000000 fffff800028780fd : nt!CcFlushCache+0x88a
fffff8800a0d5740 fffff880012da6ba : fffff8a0017835e0 fffff8a0017835e0 fffff8a0017835e0 fffffa8007d386f0 : Ntfs!NtfsFlushUserStream+0x92
fffff8800a0d57c0 fffff880012d988e : fffffa8007d386f0 fffff8a0017835e0 fffff880012d9764 0000000000000000 : Ntfs!NtfsPerformOptimisticFlush+0x7a
fffff8800a0d5820 fffff880012da5f0 : fffffa8007d386f0 fffff98006200c60 fffffa8005700180 0000000000000000 : Ntfs!NtfsCommonFlushBuffers+0x12a
fffff8800a0d5900 fffff80002d1fc16 : fffff98006200c60 fffff98006200c60 fffffa8007d386f0 fffff8800a0d5928 : Ntfs!NtfsFsdFlushBuffers+0x104
fffff8800a0d5970 fffff8800100323f : fffff98006200fb8 fffff8800a0d5a20 fffffa80071d1900 fffffa8005e25220 : nt!IovCallDriver+0x566
fffff8800a0d59d0 fffff880010016df : fffffa8005fe79d0 fffffa8005fe79d0 fffffa8005fe7900 fffff98006200c60 : fltmgr!FltpLegacyProcessingAfterPreCallbacksCompleted+0x24f
fffff8800a0d5a60 fffff80002d1fc16 : fffff98006200c60 0000000000000002 fffff98006200c60 0000000000000000 : fltmgr!FltpDispatch+0xcf
fffff8800a0d5ac0 fffff80002b8d929 : 0000000000000002 fffffa8005700180 0000000000000001 fffffa80086d1270 : nt!IovCallDriver+0x566
fffff8800a0d5b20 fffff80002b1b8ad : fffff98006200c60 fffff8800a0d5ca0 fffffa8005700180 fffff80002879101 : nt!IopSynchronousServiceTail+0xf9
fffff8800a0d5b90 fffff80002879153 : fffffa80056e0860 0000000000304108 fffffa8005fe79d0 fffffa8005700180 : nt!NtFlushBuffersFile+0x171
fffff8800a0d5c20 000000007771036a : 0000000000000000 0000000000000000 0000000000000000 0000000000000000 : nt!KiSystemServiceCopyEnd+0x13
00000000035dddd8 0000000000000000 : 0000000000000000 0000000000000000 0000000000000000 0000000000000000 : 0x7771036a

1: kd> kp
Child-SP RetAddr Call Site
fffff8800a0d37c8 fffff80002879469 nt!KeBugCheckEx
fffff8800a0d37d0 fffff800028780e0 nt!KiBugCheckDispatch+0x69
fffff8800a0d3910 fffff800029ac90d nt!KiPageFault+0x260
fffff8800a0d3aa0 fffff80002889cb4 nt!ExAllocatePoolWithTag+0x53d
fffff8800a0d3b90 fffff8800122586d nt!IoAllocateMdl+0x144
fffff8800a0d3be0 fffff88001225999 Ntfs!NtfsCreateMdlAndBuffer+0xbd
fffff8800a0d3c30 fffff8800121b1b3 Ntfs!NtfsAllocateCompressionBuffer+0x75
fffff8800a0d3c80 fffff8800121c15b Ntfs!NtfsPrepareSimpleBuffers+0x4d3
fffff8800a0d3d40 fffff88001219fdc Ntfs!NtfsPrepareBuffers+0xcb
fffff8800a0d3dc0 fffff88001228dc4 Ntfs!NtfsNonCachedIo+0x1bc
fffff8800a0d3f90 fffff880012211c2 Ntfs!NtfsNonCachedUsaWrite+0x64
fffff8800a0d4020 fffff88001225413 Ntfs!NtfsCommonWrite+0x1022
fffff8800a0d41e0 fffff80002d1fc16 Ntfs!NtfsFsdWrite+0x1c3
fffff8800a0d4460 fffff8800100323f nt!IovCallDriver+0x566
fffff8800a0d44c0 fffff880010016df fltmgr!FltpLegacyProcessingAfterPreCallbacksCompleted+0x24f
fffff8800a0d4550 fffff80002d1fc16 fltmgr!FltpDispatch+0xcf
fffff8800a0d45b0 fffff800028f63a1 nt!IovCallDriver+0x566
fffff8800a0d4610 fffff800028681c7 nt! ?? ::FNODOBFM::string'+0x3f5a7 fffff8800a0d4690 fffff80002866194 nt!MiFlushSectionInternal+0xa58 fffff8800a0d48d0 fffff800`02865d3a nt!MmFlushSection+0x1f4
============================ CRASH DUMP END ===================================

NTDEV is sponsored by OSR

For our schedule of WDF, WDM, debugging and other seminars visit:

To unsubscribe, visit the List Server section of OSR Online at ListServer/Forum

I think So. Adding last chunk of analysis which clearly says that the tests were running with verifier enabled.
Is that the problem??

-- Ajitabh

=======================================================

STACK_COMMAND: kb

FOLLOWUP_IP:
nt!ExAllocatePoolWithTag+53d
fffff800`029ac90d 48895808 mov qword ptr [rax+8],rbx

SYMBOL_STACK_INDEX: 3

SYMBOL_NAME: nt!ExAllocatePoolWithTag+53d

FOLLOWUP_NAME: MachineOwner

MODULE_NAME: nt

IMAGE_NAME: ntkrnlmp.exe

DEBUG_FLR_IMAGE_TIMESTAMP: 4a5bc600

FAILURE_BUCKET_ID: X64_0xC5_2_VRF_nt!ExAllocatePoolWithTag+53d

BUCKET_ID: X64_0xC5_2_VRF_nt!ExAllocatePoolWithTag+53d

From: xxxxx@lists.osr.com [mailto:xxxxx@lists.osr.com] On Behalf Of Skywing
Sent: Friday, February 05, 2010 11:50 AM
To: Windows System Software Devs Interest List
Subject: RE:[ntdev] Win-7 64 Bit System Crash On CHAOS - [Concurrent Hardware and OS Test]

Have you run your tests with driver verifier and special pool enabled?

• S

From: xxxxx@lists.osr.com [mailto:xxxxx@lists.osr.com] On Behalf Of Ajitabh Saxena
Sent: Friday, February 05, 2010 11:31 AM
To: Windows System Software Devs Interest List
Subject: [ntdev] Win-7 64 Bit System Crash On CHAOS - [Concurrent Hardware and OS Test]

Hi All,
We have been running the tests with WLK 1.5. All the tests pass on XP 32/64, Vista 32/64 and Win-7 32-bit. One time we saw a BSOD on Win-7 64 bit. This crash happened only once and never saw this again. I analysed the crash dump and nothing points to my driver as the culpret (BRCMHD64.sys).

Does this look like a WLK 1.5 issue?

Attahced is the crash dump analysis.
Any pointers are appreciated.
Thanks in Advance.
-- Aj

============================ CRASH DUMP START ===================================

1: kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************

DRIVER_CORRUPTED_EXPOOL (c5)
An attempt was made to access a pageable (or completely invalid) address at an
interrupt request level (IRQL) that is too high. This is
caused by drivers that have corrupted the system pool. Run the driver
verifier against any new (or suspect) drivers, and if that doesn't turn up
the culprit, then use gflags to enable special pool.
Arguments:
Arg1: 0000000000000008, memory referenced
Arg2: 0000000000000002, IRQL
Arg3: 0000000000000001, value 0 = read operation, 1 = write operation
Arg4: fffff800029ac90d, address which referenced memory

Debugging Details:

PEB is paged out (Peb.Ldr = 000007fffffda018). Type ".hh dbgerr001" for details PEB is paged out (Peb.Ldr = 000007fffffda018). Type ".hh dbgerr001" for details

BUGCHECK_STR: 0xC5_2

CURRENT_IRQL: 2

FAULTING_IP:
nt!ExAllocatePoolWithTag+53d
fffff800`029ac90d 48895808 mov qword ptr [rax+8],rbx

DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT

PROCESS_NAME: WTTSvc.exe

TRAP_FRAME: fffff8800a0d3910 -- (.trap 0xfffff8800a0d3910)
NOTE: The trap frame does not contain all registers.
Some register values may be zeroed or incorrect.
rax=0000000000000000 rbx=0000000000000000 rcx=fffffa8006c1ec50
rdx=0000000000000000 rsi=0000000000000000 rdi=0000000000000000
rip=fffff800029ac90d rsp=fffff8800a0d3aa0 rbp=fffff80002a07880
r8=0000000000000000 r9=fffff80002a07ae0 r10=fffff80002a07888
r11=0000000000000770 r12=0000000000000000 r13=0000000000000000
r14=0000000000000000 r15=0000000000000000
iopl=0 nv up ei pl zr na po nc
nt!ExAllocatePoolWithTag+0x53d:
fffff800`029ac90d 48895808 mov qword ptr [rax+8],rbx ds:6325:0008=????????????????
Resetting default scope

LAST_CONTROL_TRANSFER: from fffff80002879469 to fffff80002879f00

STACK_TEXT:
fffff8800a0d37c8 fffff80002879469 : 000000000000000a 0000000000000008 0000000000000002 0000000000000001 : nt!KeBugCheckEx
fffff8800a0d37d0 fffff800028780e0 : fffff6fd4002e2e8 fffff80002a07ae0 fffff88000000000 000000000000001c : nt!KiBugCheckDispatch+0x69
fffff8800a0d3910 fffff800029ac90d : 0000000000000000 4545454545454545 0000000000000001 fffff8800a0d4210 : nt!KiPageFault+0x260
fffff8800a0d3aa0 fffff80002889cb4 : 0000000000000000 000000000000001d fffff8800a0d3e18 0000000000000000 : nt!ExAllocatePoolWithTag+0x53d
fffff8800a0d3b90 fffff8800122586d : fffff8800a0d4210 0000000000000000 fffff8800a0d3e00 0000000000000000 : nt!IoAllocateMdl+0x144
fffff8800a0d3be0 fffff88001225999 : fffff8800a0d3e10 fffff8800a0d3d60 fffff8800a0d3e18 fffff980063a6c60 : Ntfs!NtfsCreateMdlAndBuffer+0xbd
fffff8800a0d3c30 fffff8800121b1b3 : fffff8800a0d3e10 fffff980063a6c60 fffff88009760000 0000000000000000 : Ntfs!NtfsAllocateCompressionBuffer+0x75
fffff8800a0d3c80 fffff8800121c15b : fffff8800a0d4210 fffff980063a6c60 fffffa8005fdce10 00000000035e3000 : Ntfs!NtfsPrepareSimpleBuffers+0x4d3
fffff8800a0d3d40 fffff88001219fdc : fffff980063a6c60 fffffa8005fe9c40 fffff8800a0d3e60 fffffa80056e0860 : Ntfs!NtfsPrepareBuffers+0xcb
fffff8800a0d3dc0 fffff88001228dc4 : fffff8800a0d4210 fffff980063a6c60 fffffa8006cda100 0000000000000000 : Ntfs!NtfsNonCachedIo+0x1bc
fffff8800a0d3f90 fffff880012211c2 : fffff8800a0d4210 fffff980063a6c60 fffffa8005fdce10 00000000035e3000 : Ntfs!NtfsNonCachedUsaWrite+0x64
fffff8800a0d4020 fffff88001225413 : fffff8800a0d4210 fffff980063a6c60 fffff8800a0d4300 fffff8800a0d5901 : Ntfs!NtfsCommonWrite+0x1022
fffff8800a0d41e0 fffff80002d1fc16 : fffff980063a6c60 fffff980063a6c60 fffffa8006cda030 fffffa80059a0f40 : Ntfs!NtfsFsdWrite+0x1c3
fffff8800a0d4460 fffff8800100323f : fffff980063a6fb8 fffff8800a0d4500 fffffa80071d1900 fffffa80059a0f40 : nt!IovCallDriver+0x566
fffff8800a0d44c0 fffff880010016df : fffffa8005fe79d0 fffffa8005fe79d0 fffffa8005fe7900 fffff980063a6c60 : fltmgr!FltpLegacyProcessingAfterPreCallbacksCompleted+0x24f
fffff8800a0d4550 fffff80002d1fc16 : fffff980063a6c60 0000000000000002 fffff8800a0d4b40 fffffa80045bea18 : fltmgr!FltpDispatch+0xcf
fffff8800a0d45b0 fffff800028f63a1 : fffff980063a6c60 fffff800028681c7 fffffa8005fdcd20 fffffa8005795010 : nt!IovCallDriver+0x566
fffff8800a0d4610 fffff800028681c7 : 0000000000000000 fffff8800a0d4b40 fffffa8004102470 0000000000000000 : nt! ?? ::FNODOBFM::string'+0x3f5a7 fffff8800a0d4690 fffff80002866194 : fffff8a0002d8f18 fffff8a0002d9000 fffffa8005fe89e0 fffffa8005fe89e0 : nt!MiFlushSectionInternal+0xa58 fffff8800a0d48d0 fffff80002865d3a : 000000000001d000 000000000001d001 000000000001d000 00000000206bff00 : nt!MmFlushSection+0x1f4 fffff8800a0d4990 fffff88001228840 : fffffa8006cdbb70 0000000000000000 000000000001d000 0000000000000000 : nt!CcFlushCache+0x88a fffff8800a0d4a90 fffff880012d7ba3 : fffff8a00024dd80 00000000206c1d60 0000000000000000 fffff8800a0d5900 : Ntfs!LfsFlushLfcb+0x644 fffff8800a0d4c10 fffff880012d7d20 : fffff8a000085f30 00000000206c1d60 fffff8800a0d5080 fffff8800a0d5080 : Ntfs!LfsFlushToLsnPriv+0x143 fffff8800a0d4ca0 fffff880012215c8 : fffff8a000085f30 00000000206c1d60 00000000206c1d60 0000000000000400 : Ntfs!LfsFlushToLsn+0xa0 fffff8800a0d4cd0 fffff88001225413 : fffff8800a0d4ec0 fffff98007396c60 fffff8800a0d5000 fffff8800a0d5901 : Ntfs!NtfsCommonWrite+0x1432 fffff8800a0d4e90 fffff80002d1fc16 : fffff98007396c60 fffff98007396c60 fffffa8006cda030 fffffa8007f55010 : Ntfs!NtfsFsdWrite+0x1c3 fffff8800a0d5110 fffff8800100323f : fffff98007396fb8 fffff8800a0d51c0 fffffa80071d1900 fffffa8007f55010 : nt!IovCallDriver+0x566 fffff8800a0d5170 fffff880010016df : fffffa8005fe79d0 fffffa8005fe79d0 fffffa8005fe7900 fffff98007396c60 : fltmgr!FltpLegacyProcessingAfterPreCallbacksCompleted+0x24f fffff8800a0d5200 fffff80002d1fc16 : fffff98007396c60 0000000000000002 fffff8800a0d5778 fffffa80045be798 : fltmgr!FltpDispatch+0xcf fffff8800a0d5260 fffff800028f63a1 : fffff98007396c60 fffff800028681c7 fffffa8007e10800 fffffa80078dc2b0 : nt!IovCallDriver+0x566 fffff8800a0d52c0 fffff800028681c7 : 0000000000000000 fffff8800a0d5778 fffffa80039a22a0 0000000000000000 : nt! ?? ::FNODOBFM::string'+0x3f5a7
fffff8800a0d5340 fffff80002866194 : fffff8a001795010 fffff8a001795810 fffffa8007b0c4d0 fffffa8007b0c4d0 : nt!MiFlushSectionInternal+0xa58
fffff8800a0d5580 fffff80002865d3a : 0000000000000000 0000000000000000 0000000000000000 fffffa8007d38600 : nt!MmFlushSection+0x1f4
fffff8800a0d5640 fffff880012d9642 : fffffa8007e109b8 0000000000000000 fffffa8000000000 fffff800028780fd : nt!CcFlushCache+0x88a
fffff8800a0d5740 fffff880012da6ba : fffff8a0017835e0 fffff8a0017835e0 fffff8a0017835e0 fffffa8007d386f0 : Ntfs!NtfsFlushUserStream+0x92
fffff8800a0d57c0 fffff880012d988e : fffffa8007d386f0 fffff8a0017835e0 fffff880012d9764 0000000000000000 : Ntfs!NtfsPerformOptimisticFlush+0x7a
fffff8800a0d5820 fffff880012da5f0 : fffffa8007d386f0 fffff98006200c60 fffffa8005700180 0000000000000000 : Ntfs!NtfsCommonFlushBuffers+0x12a
fffff8800a0d5900 fffff80002d1fc16 : fffff98006200c60 fffff98006200c60 fffffa8007d386f0 fffff8800a0d5928 : Ntfs!NtfsFsdFlushBuffers+0x104
fffff8800a0d5970 fffff8800100323f : fffff98006200fb8 fffff8800a0d5a20 fffffa80071d1900 fffffa8005e25220 : nt!IovCallDriver+0x566
fffff8800a0d59d0 fffff880010016df : fffffa8005fe79d0 fffffa8005fe79d0 fffffa8005fe7900 fffff98006200c60 : fltmgr!FltpLegacyProcessingAfterPreCallbacksCompleted+0x24f
fffff8800a0d5a60 fffff80002d1fc16 : fffff98006200c60 0000000000000002 fffff98006200c60 0000000000000000 : fltmgr!FltpDispatch+0xcf
fffff8800a0d5ac0 fffff80002b8d929 : 0000000000000002 fffffa8005700180 0000000000000001 fffffa80086d1270 : nt!IovCallDriver+0x566
fffff8800a0d5b20 fffff80002b1b8ad : fffff98006200c60 fffff8800a0d5ca0 fffffa8005700180 fffff80002879101 : nt!IopSynchronousServiceTail+0xf9
fffff8800a0d5b90 fffff80002879153 : fffffa80056e0860 0000000000304108 fffffa8005fe79d0 fffffa8005700180 : nt!NtFlushBuffersFile+0x171
fffff8800a0d5c20 000000007771036a : 0000000000000000 0000000000000000 0000000000000000 0000000000000000 : nt!KiSystemServiceCopyEnd+0x13
00000000035dddd8 0000000000000000 : 0000000000000000 0000000000000000 0000000000000000 0000000000000000 : 0x7771036a

1: kd> kp
Child-SP RetAddr Call Site
fffff8800a0d37c8 fffff80002879469 nt!KeBugCheckEx
fffff8800a0d37d0 fffff800028780e0 nt!KiBugCheckDispatch+0x69
fffff8800a0d3910 fffff800029ac90d nt!KiPageFault+0x260
fffff8800a0d3aa0 fffff80002889cb4 nt!ExAllocatePoolWithTag+0x53d
fffff8800a0d3b90 fffff8800122586d nt!IoAllocateMdl+0x144
fffff8800a0d3be0 fffff88001225999 Ntfs!NtfsCreateMdlAndBuffer+0xbd
fffff8800a0d3c30 fffff8800121b1b3 Ntfs!NtfsAllocateCompressionBuffer+0x75
fffff8800a0d3c80 fffff8800121c15b Ntfs!NtfsPrepareSimpleBuffers+0x4d3
fffff8800a0d3d40 fffff88001219fdc Ntfs!NtfsPrepareBuffers+0xcb
fffff8800a0d3dc0 fffff88001228dc4 Ntfs!NtfsNonCachedIo+0x1bc
fffff8800a0d3f90 fffff880012211c2 Ntfs!NtfsNonCachedUsaWrite+0x64
fffff8800a0d4020 fffff88001225413 Ntfs!NtfsCommonWrite+0x1022
fffff8800a0d41e0 fffff80002d1fc16 Ntfs!NtfsFsdWrite+0x1c3
fffff8800a0d4460 fffff8800100323f nt!IovCallDriver+0x566
fffff8800a0d44c0 fffff880010016df fltmgr!FltpLegacyProcessingAfterPreCallbacksCompleted+0x24f
fffff8800a0d4550 fffff80002d1fc16 fltmgr!FltpDispatch+0xcf
fffff8800a0d45b0 fffff800028f63a1 nt!IovCallDriver+0x566
fffff8800a0d4610 fffff800028681c7 nt! ?? ::FNODOBFM::string'+0x3f5a7 fffff8800a0d4690 fffff80002866194 nt!MiFlushSectionInternal+0xa58 fffff8800a0d48d0 fffff800`02865d3a nt!MmFlushSection+0x1f4
============================ CRASH DUMP END ===================================

NTDEV is sponsored by OSR

For our schedule of WDF, WDM, debugging and other seminars visit:

To unsubscribe, visit the List Server section of OSR Online at ListServer/Forum

NTDEV is sponsored by OSR

For our schedule of WDF, WDM, debugging and other seminars visit:

To unsubscribe, visit the List Server section of OSR Online at ListServer/Forum

No Comments on this by Anyone??
CHAOS is a new test and I was not able to find enough information about this. Can someone from MSFT point me to some info about the test.

Can someone help with the crash dump?
Would really appreciate any help on this.
-- Aj

From: xxxxx@lists.osr.com [mailto:xxxxx@lists.osr.com] On Behalf Of Ajitabh Saxena
Sent: Friday, February 05, 2010 11:59 AM
To: Windows System Software Devs Interest List
Subject: RE:[ntdev] Win-7 64 Bit System Crash On CHAOS - [Concurrent Hardware and OS Test]

I think So. Adding last chunk of analysis which clearly says that the tests were running with verifier enabled.
Is that the problem??

-- Ajitabh

=======================================================

STACK_COMMAND: kb

FOLLOWUP_IP:
nt!ExAllocatePoolWithTag+53d
fffff800`029ac90d 48895808 mov qword ptr [rax+8],rbx

SYMBOL_STACK_INDEX: 3

SYMBOL_NAME: nt!ExAllocatePoolWithTag+53d

FOLLOWUP_NAME: MachineOwner

MODULE_NAME: nt

IMAGE_NAME: ntkrnlmp.exe

DEBUG_FLR_IMAGE_TIMESTAMP: 4a5bc600

FAILURE_BUCKET_ID: X64_0xC5_2_VRF_nt!ExAllocatePoolWithTag+53d

BUCKET_ID: X64_0xC5_2_VRF_nt!ExAllocatePoolWithTag+53d

From: xxxxx@lists.osr.com [mailto:xxxxx@lists.osr.com] On Behalf Of Skywing
Sent: Friday, February 05, 2010 11:50 AM
To: Windows System Software Devs Interest List
Subject: RE:[ntdev] Win-7 64 Bit System Crash On CHAOS - [Concurrent Hardware and OS Test]

Have you run your tests with driver verifier and special pool enabled?

• S

From: xxxxx@lists.osr.com [mailto:xxxxx@lists.osr.com] On Behalf Of Ajitabh Saxena
Sent: Friday, February 05, 2010 11:31 AM
To: Windows System Software Devs Interest List
Subject: [ntdev] Win-7 64 Bit System Crash On CHAOS - [Concurrent Hardware and OS Test]

Hi All,
We have been running the tests with WLK 1.5. All the tests pass on XP 32/64, Vista 32/64 and Win-7 32-bit. One time we saw a BSOD on Win-7 64 bit. This crash happened only once and never saw this again. I analysed the crash dump and nothing points to my driver as the culpret (BRCMHD64.sys).

Does this look like a WLK 1.5 issue?

Attahced is the crash dump analysis.
Any pointers are appreciated.
Thanks in Advance.
-- Aj

============================ CRASH DUMP START ===================================

1: kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************

DRIVER_CORRUPTED_EXPOOL (c5)
An attempt was made to access a pageable (or completely invalid) address at an
interrupt request level (IRQL) that is too high. This is
caused by drivers that have corrupted the system pool. Run the driver
verifier against any new (or suspect) drivers, and if that doesn't turn up
the culprit, then use gflags to enable special pool.
Arguments:
Arg1: 0000000000000008, memory referenced
Arg2: 0000000000000002, IRQL
Arg3: 0000000000000001, value 0 = read operation, 1 = write operation
Arg4: fffff800029ac90d, address which referenced memory

Debugging Details:

PEB is paged out (Peb.Ldr = 000007fffffda018). Type ".hh dbgerr001" for details PEB is paged out (Peb.Ldr = 000007fffffda018). Type ".hh dbgerr001" for details

BUGCHECK_STR: 0xC5_2

CURRENT_IRQL: 2

FAULTING_IP:
nt!ExAllocatePoolWithTag+53d
fffff800`029ac90d 48895808 mov qword ptr [rax+8],rbx

DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT

PROCESS_NAME: WTTSvc.exe

TRAP_FRAME: fffff8800a0d3910 -- (.trap 0xfffff8800a0d3910)
NOTE: The trap frame does not contain all registers.
Some register values may be zeroed or incorrect.
rax=0000000000000000 rbx=0000000000000000 rcx=fffffa8006c1ec50
rdx=0000000000000000 rsi=0000000000000000 rdi=0000000000000000
rip=fffff800029ac90d rsp=fffff8800a0d3aa0 rbp=fffff80002a07880
r8=0000000000000000 r9=fffff80002a07ae0 r10=fffff80002a07888
r11=0000000000000770 r12=0000000000000000 r13=0000000000000000
r14=0000000000000000 r15=0000000000000000
iopl=0 nv up ei pl zr na po nc
nt!ExAllocatePoolWithTag+0x53d:
fffff800`029ac90d 48895808 mov qword ptr [rax+8],rbx ds:6325:0008=????????????????
Resetting default scope

LAST_CONTROL_TRANSFER: from fffff80002879469 to fffff80002879f00

STACK_TEXT:
fffff8800a0d37c8 fffff80002879469 : 000000000000000a 0000000000000008 0000000000000002 0000000000000001 : nt!KeBugCheckEx
fffff8800a0d37d0 fffff800028780e0 : fffff6fd4002e2e8 fffff80002a07ae0 fffff88000000000 000000000000001c : nt!KiBugCheckDispatch+0x69
fffff8800a0d3910 fffff800029ac90d : 0000000000000000 4545454545454545 0000000000000001 fffff8800a0d4210 : nt!KiPageFault+0x260
fffff8800a0d3aa0 fffff80002889cb4 : 0000000000000000 000000000000001d fffff8800a0d3e18 0000000000000000 : nt!ExAllocatePoolWithTag+0x53d
fffff8800a0d3b90 fffff8800122586d : fffff8800a0d4210 0000000000000000 fffff8800a0d3e00 0000000000000000 : nt!IoAllocateMdl+0x144
fffff8800a0d3be0 fffff88001225999 : fffff8800a0d3e10 fffff8800a0d3d60 fffff8800a0d3e18 fffff980063a6c60 : Ntfs!NtfsCreateMdlAndBuffer+0xbd
fffff8800a0d3c30 fffff8800121b1b3 : fffff8800a0d3e10 fffff980063a6c60 fffff88009760000 0000000000000000 : Ntfs!NtfsAllocateCompressionBuffer+0x75
fffff8800a0d3c80 fffff8800121c15b : fffff8800a0d4210 fffff980063a6c60 fffffa8005fdce10 00000000035e3000 : Ntfs!NtfsPrepareSimpleBuffers+0x4d3
fffff8800a0d3d40 fffff88001219fdc : fffff980063a6c60 fffffa8005fe9c40 fffff8800a0d3e60 fffffa80056e0860 : Ntfs!NtfsPrepareBuffers+0xcb
fffff8800a0d3dc0 fffff88001228dc4 : fffff8800a0d4210 fffff980063a6c60 fffffa8006cda100 0000000000000000 : Ntfs!NtfsNonCachedIo+0x1bc
fffff8800a0d3f90 fffff880012211c2 : fffff8800a0d4210 fffff980063a6c60 fffffa8005fdce10 00000000035e3000 : Ntfs!NtfsNonCachedUsaWrite+0x64
fffff8800a0d4020 fffff88001225413 : fffff8800a0d4210 fffff980063a6c60 fffff8800a0d4300 fffff8800a0d5901 : Ntfs!NtfsCommonWrite+0x1022
fffff8800a0d41e0 fffff80002d1fc16 : fffff980063a6c60 fffff980063a6c60 fffffa8006cda030 fffffa80059a0f40 : Ntfs!NtfsFsdWrite+0x1c3
fffff8800a0d4460 fffff8800100323f : fffff980063a6fb8 fffff8800a0d4500 fffffa80071d1900 fffffa80059a0f40 : nt!IovCallDriver+0x566
fffff8800a0d44c0 fffff880010016df : fffffa8005fe79d0 fffffa8005fe79d0 fffffa8005fe7900 fffff980063a6c60 : fltmgr!FltpLegacyProcessingAfterPreCallbacksCompleted+0x24f
fffff8800a0d4550 fffff80002d1fc16 : fffff980063a6c60 0000000000000002 fffff8800a0d4b40 fffffa80045bea18 : fltmgr!FltpDispatch+0xcf
fffff8800a0d45b0 fffff800028f63a1 : fffff980063a6c60 fffff800028681c7 fffffa8005fdcd20 fffffa8005795010 : nt!IovCallDriver+0x566
fffff8800a0d4610 fffff800028681c7 : 0000000000000000 fffff8800a0d4b40 fffffa8004102470 0000000000000000 : nt! ?? ::FNODOBFM::string'+0x3f5a7 fffff8800a0d4690 fffff80002866194 : fffff8a0002d8f18 fffff8a0002d9000 fffffa8005fe89e0 fffffa8005fe89e0 : nt!MiFlushSectionInternal+0xa58 fffff8800a0d48d0 fffff80002865d3a : 000000000001d000 000000000001d001 000000000001d000 00000000206bff00 : nt!MmFlushSection+0x1f4 fffff8800a0d4990 fffff88001228840 : fffffa8006cdbb70 0000000000000000 000000000001d000 0000000000000000 : nt!CcFlushCache+0x88a fffff8800a0d4a90 fffff880012d7ba3 : fffff8a00024dd80 00000000206c1d60 0000000000000000 fffff8800a0d5900 : Ntfs!LfsFlushLfcb+0x644 fffff8800a0d4c10 fffff880012d7d20 : fffff8a000085f30 00000000206c1d60 fffff8800a0d5080 fffff8800a0d5080 : Ntfs!LfsFlushToLsnPriv+0x143 fffff8800a0d4ca0 fffff880012215c8 : fffff8a000085f30 00000000206c1d60 00000000206c1d60 0000000000000400 : Ntfs!LfsFlushToLsn+0xa0 fffff8800a0d4cd0 fffff88001225413 : fffff8800a0d4ec0 fffff98007396c60 fffff8800a0d5000 fffff8800a0d5901 : Ntfs!NtfsCommonWrite+0x1432 fffff8800a0d4e90 fffff80002d1fc16 : fffff98007396c60 fffff98007396c60 fffffa8006cda030 fffffa8007f55010 : Ntfs!NtfsFsdWrite+0x1c3 fffff8800a0d5110 fffff8800100323f : fffff98007396fb8 fffff8800a0d51c0 fffffa80071d1900 fffffa8007f55010 : nt!IovCallDriver+0x566 fffff8800a0d5170 fffff880010016df : fffffa8005fe79d0 fffffa8005fe79d0 fffffa8005fe7900 fffff98007396c60 : fltmgr!FltpLegacyProcessingAfterPreCallbacksCompleted+0x24f fffff8800a0d5200 fffff80002d1fc16 : fffff98007396c60 0000000000000002 fffff8800a0d5778 fffffa80045be798 : fltmgr!FltpDispatch+0xcf fffff8800a0d5260 fffff800028f63a1 : fffff98007396c60 fffff800028681c7 fffffa8007e10800 fffffa80078dc2b0 : nt!IovCallDriver+0x566 fffff8800a0d52c0 fffff800028681c7 : 0000000000000000 fffff8800a0d5778 fffffa80039a22a0 0000000000000000 : nt! ?? ::FNODOBFM::string'+0x3f5a7
fffff8800a0d5340 fffff80002866194 : fffff8a001795010 fffff8a001795810 fffffa8007b0c4d0 fffffa8007b0c4d0 : nt!MiFlushSectionInternal+0xa58
fffff8800a0d5580 fffff80002865d3a : 0000000000000000 0000000000000000 0000000000000000 fffffa8007d38600 : nt!MmFlushSection+0x1f4
fffff8800a0d5640 fffff880012d9642 : fffffa8007e109b8 0000000000000000 fffffa8000000000 fffff800028780fd : nt!CcFlushCache+0x88a
fffff8800a0d5740 fffff880012da6ba : fffff8a0017835e0 fffff8a0017835e0 fffff8a0017835e0 fffffa8007d386f0 : Ntfs!NtfsFlushUserStream+0x92
fffff8800a0d57c0 fffff880012d988e : fffffa8007d386f0 fffff8a0017835e0 fffff880012d9764 0000000000000000 : Ntfs!NtfsPerformOptimisticFlush+0x7a
fffff8800a0d5820 fffff880012da5f0 : fffffa8007d386f0 fffff98006200c60 fffffa8005700180 0000000000000000 : Ntfs!NtfsCommonFlushBuffers+0x12a
fffff8800a0d5900 fffff80002d1fc16 : fffff98006200c60 fffff98006200c60 fffffa8007d386f0 fffff8800a0d5928 : Ntfs!NtfsFsdFlushBuffers+0x104
fffff8800a0d5970 fffff8800100323f : fffff98006200fb8 fffff8800a0d5a20 fffffa80071d1900 fffffa8005e25220 : nt!IovCallDriver+0x566
fffff8800a0d59d0 fffff880010016df : fffffa8005fe79d0 fffffa8005fe79d0 fffffa8005fe7900 fffff98006200c60 : fltmgr!FltpLegacyProcessingAfterPreCallbacksCompleted+0x24f
fffff8800a0d5a60 fffff80002d1fc16 : fffff98006200c60 0000000000000002 fffff98006200c60 0000000000000000 : fltmgr!FltpDispatch+0xcf
fffff8800a0d5ac0 fffff80002b8d929 : 0000000000000002 fffffa8005700180 0000000000000001 fffffa80086d1270 : nt!IovCallDriver+0x566
fffff8800a0d5b20 fffff80002b1b8ad : fffff98006200c60 fffff8800a0d5ca0 fffffa8005700180 fffff80002879101 : nt!IopSynchronousServiceTail+0xf9
fffff8800a0d5b90 fffff80002879153 : fffffa80056e0860 0000000000304108 fffffa8005fe79d0 fffffa8005700180 : nt!NtFlushBuffersFile+0x171
fffff8800a0d5c20 000000007771036a : 0000000000000000 0000000000000000 0000000000000000 0000000000000000 : nt!KiSystemServiceCopyEnd+0x13
00000000035dddd8 0000000000000000 : 0000000000000000 0000000000000000 0000000000000000 0000000000000000 : 0x7771036a

1: kd> kp
Child-SP RetAddr Call Site
fffff8800a0d37c8 fffff80002879469 nt!KeBugCheckEx
fffff8800a0d37d0 fffff800028780e0 nt!KiBugCheckDispatch+0x69
fffff8800a0d3910 fffff800029ac90d nt!KiPageFault+0x260
fffff8800a0d3aa0 fffff80002889cb4 nt!ExAllocatePoolWithTag+0x53d
fffff8800a0d3b90 fffff8800122586d nt!IoAllocateMdl+0x144
fffff8800a0d3be0 fffff88001225999 Ntfs!NtfsCreateMdlAndBuffer+0xbd
fffff8800a0d3c30 fffff8800121b1b3 Ntfs!NtfsAllocateCompressionBuffer+0x75
fffff8800a0d3c80 fffff8800121c15b Ntfs!NtfsPrepareSimpleBuffers+0x4d3
fffff8800a0d3d40 fffff88001219fdc Ntfs!NtfsPrepareBuffers+0xcb
fffff8800a0d3dc0 fffff88001228dc4 Ntfs!NtfsNonCachedIo+0x1bc
fffff8800a0d3f90 fffff880012211c2 Ntfs!NtfsNonCachedUsaWrite+0x64
fffff8800a0d4020 fffff88001225413 Ntfs!NtfsCommonWrite+0x1022
fffff8800a0d41e0 fffff80002d1fc16 Ntfs!NtfsFsdWrite+0x1c3
fffff8800a0d4460 fffff8800100323f nt!IovCallDriver+0x566
fffff8800a0d44c0 fffff880010016df fltmgr!FltpLegacyProcessingAfterPreCallbacksCompleted+0x24f
fffff8800a0d4550 fffff80002d1fc16 fltmgr!FltpDispatch+0xcf
fffff8800a0d45b0 fffff800028f63a1 nt!IovCallDriver+0x566
fffff8800a0d4610 fffff800028681c7 nt! ?? ::FNODOBFM::string'+0x3f5a7 fffff8800a0d4690 fffff80002866194 nt!MiFlushSectionInternal+0xa58 fffff8800a0d48d0 fffff800`02865d3a nt!MmFlushSection+0x1f4
============================ CRASH DUMP END ===================================

NTDEV is sponsored by OSR

For our schedule of WDF, WDM, debugging and other seminars visit:

To unsubscribe, visit the List Server section of OSR Online at ListServer/Forum

NTDEV is sponsored by OSR

For our schedule of WDF, WDM, debugging and other seminars visit:

To unsubscribe, visit the List Server section of OSR Online at ListServer/Forum

NTDEV is sponsored by OSR

For our schedule of WDF, WDM, debugging and other seminars visit:

To unsubscribe, visit the List Server section of OSR Online at ListServer/Forum

This test is the same as the "Pnpdtest with concurrent IO in parallel with DevPathExer" documented at Pnpdtest with concurrent IO in parallel with DevPathExer | Microsoft Learn.

Ravi.

From: xxxxx@lists.osr.com [mailto:xxxxx@lists.osr.com] On Behalf Of Ajitabh Saxena
Sent: Friday, February 05, 2010 4:47 PM
To: Windows System Software Devs Interest List
Subject: RE:[ntdev] Win-7 64 Bit System Crash On CHAOS - [Concurrent Hardware and OS Test]

No Comments on this by Anyone??
CHAOS is a new test and I was not able to find enough information about this. Can someone from MSFT point me to some info about the test.

Can someone help with the crash dump?
Would really appreciate any help on this.
-- Aj

From: xxxxx@lists.osr.com [mailto:xxxxx@lists.osr.com] On Behalf Of Ajitabh Saxena
Sent: Friday, February 05, 2010 11:59 AM
To: Windows System Software Devs Interest List
Subject: RE:[ntdev] Win-7 64 Bit System Crash On CHAOS - [Concurrent Hardware and OS Test]
I think So. Adding last chunk of analysis which clearly says that the tests were running with verifier enabled.
Is that the problem??

-- Ajitabh

=======================================================

STACK_COMMAND: kb

FOLLOWUP_IP:
nt!ExAllocatePoolWithTag+53d
fffff800`029ac90d 48895808 mov qword ptr [rax+8],rbx

SYMBOL_STACK_INDEX: 3

SYMBOL_NAME: nt!ExAllocatePoolWithTag+53d

FOLLOWUP_NAME: MachineOwner

MODULE_NAME: nt

IMAGE_NAME: ntkrnlmp.exe

DEBUG_FLR_IMAGE_TIMESTAMP: 4a5bc600

FAILURE_BUCKET_ID: X64_0xC5_2_VRF_nt!ExAllocatePoolWithTag+53d

BUCKET_ID: X64_0xC5_2_VRF_nt!ExAllocatePoolWithTag+53d

From: xxxxx@lists.osr.com [mailto:xxxxx@lists.osr.com] On Behalf Of Skywing
Sent: Friday, February 05, 2010 11:50 AM
To: Windows System Software Devs Interest List
Subject: RE:[ntdev] Win-7 64 Bit System Crash On CHAOS - [Concurrent Hardware and OS Test]

Have you run your tests with driver verifier and special pool enabled?

• S

From: xxxxx@lists.osr.com [mailto:xxxxx@lists.osr.com] On Behalf Of Ajitabh Saxena
Sent: Friday, February 05, 2010 11:31 AM
To: Windows System Software Devs Interest List
Subject: [ntdev] Win-7 64 Bit System Crash On CHAOS - [Concurrent Hardware and OS Test]

Hi All,
We have been running the tests with WLK 1.5. All the tests pass on XP 32/64, Vista 32/64 and Win-7 32-bit. One time we saw a BSOD on Win-7 64 bit. This crash happened only once and never saw this again. I analysed the crash dump and nothing points to my driver as the culpret (BRCMHD64.sys).

Does this look like a WLK 1.5 issue?

Attahced is the crash dump analysis.
Any pointers are appreciated.
Thanks in Advance.
-- Aj

============================ CRASH DUMP START ===================================

1: kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************

DRIVER_CORRUPTED_EXPOOL (c5)
An attempt was made to access a pageable (or completely invalid) address at an
interrupt request level (IRQL) that is too high. This is
caused by drivers that have corrupted the system pool. Run the driver
verifier against any new (or suspect) drivers, and if that doesn't turn up
the culprit, then use gflags to enable special pool.
Arguments:
Arg1: 0000000000000008, memory referenced
Arg2: 0000000000000002, IRQL
Arg3: 0000000000000001, value 0 = read operation, 1 = write operation
Arg4: fffff800029ac90d, address which referenced memory

Debugging Details:

PEB is paged out (Peb.Ldr = 000007fffffda018). Type ".hh dbgerr001" for details PEB is paged out (Peb.Ldr = 000007fffffda018). Type ".hh dbgerr001" for details

BUGCHECK_STR: 0xC5_2

CURRENT_IRQL: 2

FAULTING_IP:
nt!ExAllocatePoolWithTag+53d
fffff800`029ac90d 48895808 mov qword ptr [rax+8],rbx

DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT

PROCESS_NAME: WTTSvc.exe

TRAP_FRAME: fffff8800a0d3910 -- (.trap 0xfffff8800a0d3910)
NOTE: The trap frame does not contain all registers.
Some register values may be zeroed or incorrect.
rax=0000000000000000 rbx=0000000000000000 rcx=fffffa8006c1ec50
rdx=0000000000000000 rsi=0000000000000000 rdi=0000000000000000
rip=fffff800029ac90d rsp=fffff8800a0d3aa0 rbp=fffff80002a07880
r8=0000000000000000 r9=fffff80002a07ae0 r10=fffff80002a07888
r11=0000000000000770 r12=0000000000000000 r13=0000000000000000
r14=0000000000000000 r15=0000000000000000
iopl=0 nv up ei pl zr na po nc
nt!ExAllocatePoolWithTag+0x53d:
fffff800`029ac90d 48895808 mov qword ptr [rax+8],rbx ds:6325:0008=????????????????
Resetting default scope

LAST_CONTROL_TRANSFER: from fffff80002879469 to fffff80002879f00

STACK_TEXT:
fffff8800a0d37c8 fffff80002879469 : 000000000000000a 0000000000000008 0000000000000002 0000000000000001 : nt!KeBugCheckEx
fffff8800a0d37d0 fffff800028780e0 : fffff6fd4002e2e8 fffff80002a07ae0 fffff88000000000 000000000000001c : nt!KiBugCheckDispatch+0x69
fffff8800a0d3910 fffff800029ac90d : 0000000000000000 4545454545454545 0000000000000001 fffff8800a0d4210 : nt!KiPageFault+0x260
fffff8800a0d3aa0 fffff80002889cb4 : 0000000000000000 000000000000001d fffff8800a0d3e18 0000000000000000 : nt!ExAllocatePoolWithTag+0x53d
fffff8800a0d3b90 fffff8800122586d : fffff8800a0d4210 0000000000000000 fffff8800a0d3e00 0000000000000000 : nt!IoAllocateMdl+0x144
fffff8800a0d3be0 fffff88001225999 : fffff8800a0d3e10 fffff8800a0d3d60 fffff8800a0d3e18 fffff980063a6c60 : Ntfs!NtfsCreateMdlAndBuffer+0xbd
fffff8800a0d3c30 fffff8800121b1b3 : fffff8800a0d3e10 fffff980063a6c60 fffff88009760000 0000000000000000 : Ntfs!NtfsAllocateCompressionBuffer+0x75
fffff8800a0d3c80 fffff8800121c15b : fffff8800a0d4210 fffff980063a6c60 fffffa8005fdce10 00000000035e3000 : Ntfs!NtfsPrepareSimpleBuffers+0x4d3
fffff8800a0d3d40 fffff88001219fdc : fffff980063a6c60 fffffa8005fe9c40 fffff8800a0d3e60 fffffa80056e0860 : Ntfs!NtfsPrepareBuffers+0xcb
fffff8800a0d3dc0 fffff88001228dc4 : fffff8800a0d4210 fffff980063a6c60 fffffa8006cda100 0000000000000000 : Ntfs!NtfsNonCachedIo+0x1bc
fffff8800a0d3f90 fffff880012211c2 : fffff8800a0d4210 fffff980063a6c60 fffffa8005fdce10 00000000035e3000 : Ntfs!NtfsNonCachedUsaWrite+0x64
fffff8800a0d4020 fffff88001225413 : fffff8800a0d4210 fffff980063a6c60 fffff8800a0d4300 fffff8800a0d5901 : Ntfs!NtfsCommonWrite+0x1022
fffff8800a0d41e0 fffff80002d1fc16 : fffff980063a6c60 fffff980063a6c60 fffffa8006cda030 fffffa80059a0f40 : Ntfs!NtfsFsdWrite+0x1c3
fffff8800a0d4460 fffff8800100323f : fffff980063a6fb8 fffff8800a0d4500 fffffa80071d1900 fffffa80059a0f40 : nt!IovCallDriver+0x566
fffff8800a0d44c0 fffff880010016df : fffffa8005fe79d0 fffffa8005fe79d0 fffffa8005fe7900 fffff980063a6c60 : fltmgr!FltpLegacyProcessingAfterPreCallbacksCompleted+0x24f
fffff8800a0d4550 fffff80002d1fc16 : fffff980063a6c60 0000000000000002 fffff8800a0d4b40 fffffa80045bea18 : fltmgr!FltpDispatch+0xcf
fffff8800a0d45b0 fffff800028f63a1 : fffff980063a6c60 fffff800028681c7 fffffa8005fdcd20 fffffa8005795010 : nt!IovCallDriver+0x566
fffff8800a0d4610 fffff800028681c7 : 0000000000000000 fffff8800a0d4b40 fffffa8004102470 0000000000000000 : nt! ?? ::FNODOBFM::string'+0x3f5a7 fffff8800a0d4690 fffff80002866194 : fffff8a0002d8f18 fffff8a0002d9000 fffffa8005fe89e0 fffffa8005fe89e0 : nt!MiFlushSectionInternal+0xa58 fffff8800a0d48d0 fffff80002865d3a : 000000000001d000 000000000001d001 000000000001d000 00000000206bff00 : nt!MmFlushSection+0x1f4 fffff8800a0d4990 fffff88001228840 : fffffa8006cdbb70 0000000000000000 000000000001d000 0000000000000000 : nt!CcFlushCache+0x88a fffff8800a0d4a90 fffff880012d7ba3 : fffff8a00024dd80 00000000206c1d60 0000000000000000 fffff8800a0d5900 : Ntfs!LfsFlushLfcb+0x644 fffff8800a0d4c10 fffff880012d7d20 : fffff8a000085f30 00000000206c1d60 fffff8800a0d5080 fffff8800a0d5080 : Ntfs!LfsFlushToLsnPriv+0x143 fffff8800a0d4ca0 fffff880012215c8 : fffff8a000085f30 00000000206c1d60 00000000206c1d60 0000000000000400 : Ntfs!LfsFlushToLsn+0xa0 fffff8800a0d4cd0 fffff88001225413 : fffff8800a0d4ec0 fffff98007396c60 fffff8800a0d5000 fffff8800a0d5901 : Ntfs!NtfsCommonWrite+0x1432 fffff8800a0d4e90 fffff80002d1fc16 : fffff98007396c60 fffff98007396c60 fffffa8006cda030 fffffa8007f55010 : Ntfs!NtfsFsdWrite+0x1c3 fffff8800a0d5110 fffff8800100323f : fffff98007396fb8 fffff8800a0d51c0 fffffa80071d1900 fffffa8007f55010 : nt!IovCallDriver+0x566 fffff8800a0d5170 fffff880010016df : fffffa8005fe79d0 fffffa8005fe79d0 fffffa8005fe7900 fffff98007396c60 : fltmgr!FltpLegacyProcessingAfterPreCallbacksCompleted+0x24f fffff8800a0d5200 fffff80002d1fc16 : fffff98007396c60 0000000000000002 fffff8800a0d5778 fffffa80045be798 : fltmgr!FltpDispatch+0xcf fffff8800a0d5260 fffff800028f63a1 : fffff98007396c60 fffff800028681c7 fffffa8007e10800 fffffa80078dc2b0 : nt!IovCallDriver+0x566 fffff8800a0d52c0 fffff800028681c7 : 0000000000000000 fffff8800a0d5778 fffffa80039a22a0 0000000000000000 : nt! ?? ::FNODOBFM::string'+0x3f5a7
fffff8800a0d5340 fffff80002866194 : fffff8a001795010 fffff8a001795810 fffffa8007b0c4d0 fffffa8007b0c4d0 : nt!MiFlushSectionInternal+0xa58
fffff8800a0d5580 fffff80002865d3a : 0000000000000000 0000000000000000 0000000000000000 fffffa8007d38600 : nt!MmFlushSection+0x1f4
fffff8800a0d5640 fffff880012d9642 : fffffa8007e109b8 0000000000000000 fffffa8000000000 fffff800028780fd : nt!CcFlushCache+0x88a
fffff8800a0d5740 fffff880012da6ba : fffff8a0017835e0 fffff8a0017835e0 fffff8a0017835e0 fffffa8007d386f0 : Ntfs!NtfsFlushUserStream+0x92
fffff8800a0d57c0 fffff880012d988e : fffffa8007d386f0 fffff8a0017835e0 fffff880012d9764 0000000000000000 : Ntfs!NtfsPerformOptimisticFlush+0x7a
fffff8800a0d5820 fffff880012da5f0 : fffffa8007d386f0 fffff98006200c60 fffffa8005700180 0000000000000000 : Ntfs!NtfsCommonFlushBuffers+0x12a
fffff8800a0d5900 fffff80002d1fc16 : fffff98006200c60 fffff98006200c60 fffffa8007d386f0 fffff8800a0d5928 : Ntfs!NtfsFsdFlushBuffers+0x104
fffff8800a0d5970 fffff8800100323f : fffff98006200fb8 fffff8800a0d5a20 fffffa80071d1900 fffffa8005e25220 : nt!IovCallDriver+0x566
fffff8800a0d59d0 fffff880010016df : fffffa8005fe79d0 fffffa8005fe79d0 fffffa8005fe7900 fffff98006200c60 : fltmgr!FltpLegacyProcessingAfterPreCallbacksCompleted+0x24f
fffff8800a0d5a60 fffff80002d1fc16 : fffff98006200c60 0000000000000002 fffff98006200c60 0000000000000000 : fltmgr!FltpDispatch+0xcf
fffff8800a0d5ac0 fffff80002b8d929 : 0000000000000002 fffffa8005700180 0000000000000001 fffffa80086d1270 : nt!IovCallDriver+0x566
fffff8800a0d5b20 fffff80002b1b8ad : fffff98006200c60 fffff8800a0d5ca0 fffffa8005700180 fffff80002879101 : nt!IopSynchronousServiceTail+0xf9
fffff8800a0d5b90 fffff80002879153 : fffffa80056e0860 0000000000304108 fffffa8005fe79d0 fffffa8005700180 : nt!NtFlushBuffersFile+0x171
fffff8800a0d5c20 000000007771036a : 0000000000000000 0000000000000000 0000000000000000 0000000000000000 : nt!KiSystemServiceCopyEnd+0x13
00000000035dddd8 0000000000000000 : 0000000000000000 0000000000000000 0000000000000000 0000000000000000 : 0x7771036a

1: kd> kp
Child-SP RetAddr Call Site
fffff8800a0d37c8 fffff80002879469 nt!KeBugCheckEx
fffff8800a0d37d0 fffff800028780e0 nt!KiBugCheckDispatch+0x69
fffff8800a0d3910 fffff800029ac90d nt!KiPageFault+0x260
fffff8800a0d3aa0 fffff80002889cb4 nt!ExAllocatePoolWithTag+0x53d
fffff8800a0d3b90 fffff8800122586d nt!IoAllocateMdl+0x144
fffff8800a0d3be0 fffff88001225999 Ntfs!NtfsCreateMdlAndBuffer+0xbd
fffff8800a0d3c30 fffff8800121b1b3 Ntfs!NtfsAllocateCompressionBuffer+0x75
fffff8800a0d3c80 fffff8800121c15b Ntfs!NtfsPrepareSimpleBuffers+0x4d3
fffff8800a0d3d40 fffff88001219fdc Ntfs!NtfsPrepareBuffers+0xcb
fffff8800a0d3dc0 fffff88001228dc4 Ntfs!NtfsNonCachedIo+0x1bc
fffff8800a0d3f90 fffff880012211c2 Ntfs!NtfsNonCachedUsaWrite+0x64
fffff8800a0d4020 fffff88001225413 Ntfs!NtfsCommonWrite+0x1022
fffff8800a0d41e0 fffff80002d1fc16 Ntfs!NtfsFsdWrite+0x1c3
fffff8800a0d4460 fffff8800100323f nt!IovCallDriver+0x566
fffff8800a0d44c0 fffff880010016df fltmgr!FltpLegacyProcessingAfterPreCallbacksCompleted+0x24f
fffff8800a0d4550 fffff80002d1fc16 fltmgr!FltpDispatch+0xcf
fffff8800a0d45b0 fffff800028f63a1 nt!IovCallDriver+0x566
fffff8800a0d4610 fffff800028681c7 nt! ?? ::FNODOBFM::string'+0x3f5a7 fffff8800a0d4690 fffff80002866194 nt!MiFlushSectionInternal+0xa58 fffff8800a0d48d0 fffff800`02865d3a nt!MmFlushSection+0x1f4
============================ CRASH DUMP END ===================================

NTDEV is sponsored by OSR

For our schedule of WDF, WDM, debugging and other seminars visit:

To unsubscribe, visit the List Server section of OSR Online at ListServer/Forum

NTDEV is sponsored by OSR

For our schedule of WDF, WDM, debugging and other seminars visit:

To unsubscribe, visit the List Server section of OSR Online at ListServer/Forum

NTDEV is sponsored by OSR

For our schedule of WDF, WDM, debugging and other seminars visit:

To unsubscribe, visit the List Server section of OSR Online at ListServer/Forum

NTDEV is sponsored by OSR

For our schedule of WDF, WDM, debugging and other seminars visit:

To unsubscribe, visit the List Server section of OSR Online at ListServer/Forum