Debugging Stop 0xC1 - Sloppy Bytes and Special Pool
Another memory corruption related bugcheck, but this time, it related to the use of the Special Pool option available within Driver Verifier. MSDN Blogs (NT Debugging) wrote a excellent article explaining Special Pool, and how it works which I've added to a blog post for this month, so I would highly recommend checking that article out before reading this blog post to have a full understanding of Special Pool and Slop Bytes. The first parameter is what we are most interested in, this the address which was attempting to freed, but was picked up by Driver Verifier due to the single bit corruption within the Slop Bytes region. Firstly, let's examine the pool page in which the address belonged to with the !pool extension. We can see the pool page is obviously corrupted, but let's investigate further with the !poolval extension on the suggested address provided by the dump file. Let's look even further with the _POOL_HEADER data structure: Okay, we can clearly see that th...