OSR's ntdev List: BugCheck 1A, subtype 0x3300 in Windows 10

Driver Problems? Questions? Issues?
Put OSR's experience to work for you! Contact us for assistance with:

Creating the right design for your requirements
Reviewing your existing driver code
Analyzing driver reliability/performance issues
Custom training mixed with consulting and focused directly on your specific areas of interest/concern.

Check us out. OSR, the Windows driver experts.

OSR Seminars

Kernel Debugging & Crash Analysis (Manchester, NH)
Developing Filter Manager Minifilters (Manchester, NH)
Writing WDF Drivers I: Core Concepts (Santa Clara/San Jose, CA)
Windows Internals and SW Drivers, (Dulles/Sterling, VA)
Writing WDF Drivers II: Advanced Implementation Techniques (Manchester, NH)

		OSR Online Lists > ntdev
BugCheck 1A, subtype 0x3300 in Windows 10

Welcome, Guest
You must login to post to this list

Message 1 of 6

16 May 17 08:35

jason chen

xxxxxx@gmail.com

Join Date: 12 Apr 2017

Posts To This List: 5

BugCheck 1A, subtype 0x3300 in Windows 10

Hi , I wrote a virtual disk driver (like VHD driver) and it could boot Windows 10 successfully. The VHD file was stored on Ext3 partition which was powered by an Ext2Fsd driver in Win 10. My driver received all incoming I/O requests, translated their LBAs into VHD file offset and called ZwRead/Write on it to completed the IRPs. It worked well, until I try loading 3D mark demo, A BSOD with BugCheck code 1A (subtype 3300) came up. "!analyze -v" in Windbg says it caused by MmprobeAndLockPage call in Ext2 driver when my driver called ZwWrite. However, Windbg give no message on the first args of bugcheck 1A, which is 3300. Do you know what does "3300" mean and how to fix it? 1.The faulting code in Ext2Fsd is listed below: NTSTATUS LockUserBuffer (IN PIRP Irp, IN ULONG Length, IN LOCK_OPERATION Operation) { NTSTATUS Status; ASSERT(Irp != NULL); if (Irp->MdlAddress != NULL) { return STATUS_SUCCESS; } IoAllocateMdl(Irp->UserBuffer, Length, FALSE, FALSE, Irp); if (Irp->MdlAddress == NULL) { return STATUS_INSUFFICIENT_RESOURCES; } __try { MmProbeAndLockPages(Irp->MdlAddress, Irp->RequestorMode, Operation); <-- Status = STATUS_SUCCESS; } __except (EXCEPTION_EXECUTE_HANDLER) { DbgBreak(); IoFreeMdl(Irp->MdlAddress); Irp->MdlAddress = NULL; Status = STATUS_INVALID_USER_BUFFER; } return Status; } 2. Dump Irp->Mdl in windbg 1: kd> dt nt!_MDL ffffe0005f431560 +0x000 Next : (null) +0x008 Size : 0n1072 +0x00a MdlFlags : 0n2 +0x00c AllocationProcessorNumber : 1 +0x00e Reserved : 0xffff +0x010 Process : (null) +0x018 MappedSystemVa : 0xffffe000`5f09aa00 Void +0x020 StartVa : 0xffffd000`25200000 Void +0x028 ByteCount : 0x80000 +0x02c ByteOffset : 0 Thanks!

Message 2 of 6

16 May 17 12:32

Jamey Kirby

xxxxxx@gmail.com

Join Date: 31 Dec 2014

Posts To This List: 279

BugCheck 1A, subtype 0x3300 in Windows 10

With little information to go on, it seems you are only testing for two of the three types of buffers. There is direct (mdl), buffer (intermediate buffering), or neither. Also, on the user buffer, before allocating the Mdl, maybe you should ProbeForRead()/ProbeForWrite() Sorry I can't be more helpful. On Tue, May 16, 2017 at 8:35 AM <xxxxx@gmail.com> wrote: > Hi , > I wrote a virtual disk driver (like VHD driver) and it could boot > Windows 10 successfully. The VHD file was stored on Ext3 partition which > was powered by an Ext2Fsd driver in Win 10. > My driver received all incoming I/O requests, translated their LBAs > into VHD file offset and called ZwRead/Write on it to completed the IRPs. > It worked well, until I try loading 3D mark demo, A BSOD with BugCheck code > 1A (subtype 3300) came up. > "!analyze -v" in Windbg says it caused by MmprobeAndLockPage call in > Ext2 driver when my driver called ZwWrite. However, Windbg give no message <...excess quoted lines suppressed...> --

Message 3 of 6

16 May 17 16:05

ntdev member 172858

xxxxxx@outlook.com

Join Date:

Posts To This List: 27

BugCheck 1A, subtype 0x3300 in Windows 10

Why don’t you post the « !analyse -v » output. The stack could give an indication of where MM encountered a serious error. W. N.

Message 4 of 6

17 May 17 00:37

Slava Imameev

xxxxxx@hotmail.com

Join Date: 13 Sep 2013

Posts To This List: 207

BugCheck 1A, subtype 0x3300 in Windows 10

<QUOTE> Why don?t you post the ? !analyse -v ? output. </QUOTE> Why don't Microsoft publish the kernel source code so people stop spending days on a problem that can be solved in 30 mins by source code browsing.

Message 5 of 6

17 May 17 01:33

Jamey Kirby

xxxxxx@gmail.com

Join Date: 31 Dec 2014

Posts To This List: 279

BugCheck 1A, subtype 0x3300 in Windows 10

Are you building a virtual miniport, or a disk class driver? FYI: https://github.com/lmr3796/WRK-1.2 On Wed, May 17, 2017 at 12:38 AM <xxxxx@hotmail.com> wrote: > <QUOTE> > Why don?t you post the ?? !analyse -v ?? output. > </QUOTE> > > Why don't Microsoft publish the kernel source code so people stop spending > days on a problem that can be solved in 30 mins by source code browsing. > > --- > NTDEV is sponsored by OSR > <...excess quoted lines suppressed...> --

Message 6 of 6

17 May 17 02:04

Slava Imameev

xxxxxx@hotmail.com

Join Date: 13 Sep 2013

Posts To This List: 207

BugCheck 1A, subtype 0x3300 in Windows 10

<QUOTE> FYI: https://github.com/lmr3796/WRK-1.2 </QUOTE> the old WinSrv 2003 kernel without PnP subsystem sources, you definitely will not find new MM bugchecks the OP asks for and such things as physical pages reverse mapping introduced in Win7

Posting Rules
You may not post new threads You may not post replies You may not post attachments	You must login to OSR Online AND be a member of the ntdev list to be able to post.

All times are GMT -5. The time now is 23:45.

Contact Us - Osr Online Homepage - Top