Hello All,

I am writing a small device driver in C for Windows XP. The driver works fine for 80% of the time but blue screens otherwise. Earlier I never bothered to actually find the source of the Blue Screen but this time I decided to have a crack at it...

The blue screen dumped the entire physical memory to disk and I rebooted my computer, loaded up WinDbg.exe and gave it the right path for symbols. It correctly loads up my *.c source code files and tells me that the error is in a line when I do !analyze -v. That seems like a happy ending, except it is really not:

It says the error is in this line:

Code:
if (pFile)
{
    memcpy(pFile, pOther, 0x100); // This is the line it says is the problem.
    ... // Other code here.
}
Now when I do a db pFile it returns:

Code:
00 00 00 00
Now if pFile was 0, it should *NOT* have entered the
Code:
if
block. But the thing is that pFile is 0. It is very strange... I even looked at the disassembly and printed out the bytes at that address and it matches perfrectly with db pFile.

I'm guessing since my driver is so simple and I don't have any synchronization primitives like semaphores etc. for threads, pFile is something (a valid value) and the code goes into the if block, then the thread switches and the OS calls another routine in the driver and my driver sets pFile to 0... now when the thread switches back again, the driver tries to write to location NULL and it blue screens.

Do you think my current theory is good? How can I prove/disprove it? Also, does anyone have an alternate explanation of what really is going on?

I'm sorry for the bad English: it is not my first language.

Thank you,