OSRLogoOSRLogoOSRLogo x Seminar Ad

Everything Windows Driver Development

GoToHomePage xLoginx

    Thu, 14 Mar 2019     118020 members


  Online Dump Analyzer
OSR Dev Blog
The NT Insider
The Basics
File Systems
ListServer / Forum
  Express Links
  · The NT Insider Digital Edition - May-June 2016 Now Available!
  · Windows 8.1 Update: VS Express Now Supported
  · HCK Client install on Windows N versions
  · There's a WDFSTRING?
  · When CAN You Call WdfIoQueueP...ously

Permanent Pool Overrun Checking Starting With XP SP2

Windows XP SP2 will contain many enhancements.  One such enhancement of keen interest to driver writers is the implementation of pool header validation checking in the free build of the operating system.

Starting with Windows XP SP2, ExFreePoolWithTag was enhanced to to perform an integrity check of the pool header on the pool block following the one being returned.  If any corruption is detected, the system immediately crashes with a BAD_POOL_HEADER bugcheck.

Of course, what's most interesting -- and important -- about this enhancement is that this check is always enabled and active in the free build of Windows starting with XP SP2.  This change catches the sort of pool corruption that could otherwise linger and cause a crashes that's nearly impossible to debug.

If you don't want a nasty surprise when your customers upgrade to XP SP2, be sure you're testing your driver thoroughly with Driver Verifier, with the "special pool" option enabled, to detect any pool overrun errors.  You'll also probably want to be sure you do at least some testing on Windows XP SP2.


Related Articles
Must Succeed Pool...DEAD!
Bagging Bugs — Avoidance and Detection Tips to Consider
Who Owns Which Pool Tag
No Pool Tagging for Special Pool
ExAllocatePoolWithQuota Raises Exceptions
Pool and Memory Events
No Deadlock Verification on x64 UP Systems

User Comments
Rate this article and give us feedback. Do you find anything missing? Share your opinion with the community!
Post Your Comment

"RE: be sure you're testing your driver..."

Driver Verifier is (for the most part) a passive tool, in order to take advantage of its checks you need to enable it for your driver and then exercise your driver.

You can check out this article if you want more info about Verifier: http://www.osronline.com/article.cfm?article=325

18-Nov-04, Scott Noone

"be sure you're testing your driver thoroughly with Driver Verifier, with the "special pool" option e"
Hi, Since I'm not a computer sciences graduate, I'll appreciate your further explanation. I ran verifier and included all drives in the list. The computer was left for more than 12 hours on its own, but the run has never reached its end. So, I changed my configuration, and checked a single driver and got the following report:

Name: gearaspiwdm.sys, loads: 1, Unloads: 0 CurrentPagePoolAllocations: 0 CurrentNonpagePoolAllocations: 0 PeakPagedPoolAllocations: 0 PeakNonPagePoolAlloacations: 1 PagePoolUsageInBytes: 0 NonPagedPoolUsageInBytes: 0 PeakPagedPoolUsageInBytes: 0 PeakNonPagedPoolUsageInBytes: 2052

What does this report say? Is my drive ok or not? Where should I look for further information?

Appreciate your reply.


18-Nov-04, Ran Chermesh

Post Your Comments.
Print this article.
Email this article.
bottom nav links