Windows 8.1 BSOD

I have been having problems with crashes for ages. I finally got fed up and ran Driver Verifier as instructed elsewhere on this site, and it just crashed with the following dump file:

http://1drv.ms/SyUF37

Can someone please help me identify the misbehaving driver? I am not sure how to read this file. Thank you kindly in advance.

This thread is locked. You can follow the question or vote as helpful, but you cannot reply to this thread.
 
Question Info
Last updated February 21, 2018 Views 107 Applies to:
Answer

Hi,


The attached DMP file is of the DRIVER_VERIFIER_DETECTED_VIOLATION (c4) bug check.

This is the general bug check code for fatal errors found by Driver Verifier.

6: kd> k
Child-SP          RetAddr           Call Site
ffffd001`adec38a8 fffff803`9e648ced nt!KeBugCheckEx
ffffd001`adec38b0 fffff803`9ea8b3f5 nt!MdlInvariantPreProcessing1+0x169
ffffd001`adec3920 fffff803`9ea91d59 nt!IovpCallDriver1+0x1fd
ffffd001`adec3a70 fffff803`9ea8688c nt!VfBeforeCallDriver+0x165
ffffd001`adec3aa0 fffff800`f507d817 nt!IovCallDriver+0x348
ffffd001`adec3af0 fffff800`f507d60d volsnap!VspDecrementIrpRefCount+0x1cb
ffffd001`adec3b50 fffff800`f507c57e volsnap!VspWriteVolumePhase35+0xa9
ffffd001`adec3b90 fffff800`f507c159 volsnap!VspWriteTableUpdatesCompletionLoop+0x52
ffffd001`adec3bc0 fffff803`9e4ec794 volsnap!VspWorkerThread+0xb5
ffffd001`adec3c00 fffff803`9e5775c6 nt!PspSystemThreadStartup+0x58
ffffd001`adec3c60 00000000`00000000 nt!KiStartSystemThread+0x16


BugCheck C4, {1010, ffffe000de7a6040, ffffcf818487ebd0, ffffe000dd0a6000}


The 1st parameter of the bug check is 1010 which indicates invariant MDL buffer contents for Write Irp were modified. Deadlock detection was not enabled for the verifier settings, so we cannot see if a driver is holding onto a lock for too long and causing this. Given we're seeing the Microsoft Volume Shadow Copy driver in the stack (volsnap.sys), we are likely dealing with something 3rd party and file system related.


-----------------------------


6: kd> lmvm sisraid2
start             end                 module name
fffff800`f4ab1000 fffff800`f4abf000   SiSRaid2   (deferred)             
    Image path: \SystemRoot\System32\drivers\SiSRaid2.sys
    Image name: SiSRaid2.sys
    Timestamp:        Wed Sep 24 14:28:20 2008

SiS RAID Stor Miniport driver, dated from 2008. Far too old to function with the OS, so please uninstall ASAP if no update - http://www.sis.com/download/

I believe it's conflicting with your LSI raid drivers, so that is why I recommend removal.

Regards,

Patrick

Debugger/Reverse Engineer.

Did this solve your problem?

Sorry this didn't help.

Great! Thanks for marking this as the answer.

How satisfied are you with this reply?

Thanks for your feedback, it helps us improve the site.

How satisfied are you with this response?

Thanks for your feedback.