问题描述(蓝屏条件):
在CreateDevice前添加#pragma code_seg("INIT"),
以RtlInitUnicodeString(&devName, L"\\Device\\MyDDKDevice")形式初始化devName,
将其保存在设备扩展里,给Unload调用,一旦访问devName就会导致蓝屏,
蓝屏代码Bug Check 0x50: PAGE_FAULT_IN_NONPAGED_AREA
以RtlInitUnicodeString(&devName, g_wsDevName)形式初始化devName,则不会蓝屏
在CreateDevice前添加#pragma code_seg("PAGE")或#pragma code_seg()或不添加该行代码
RtlInitUnicodeString第二个参数形式无要求,都正常
注:这是在win10 1903 vs2019下测试的,该测试代码来自《Windows驱动开发技术详解》,
以前win10 1803 vs2017的时候也测试过,但不会导致蓝屏。
PCWSTR g_wsDevName = L"\\Device\\MyDDKDevice";
PCWSTR g_wsDevSymbolicName = L"\\??\\HelloDDK";
//#pragma code_seg("INIT") //1. WRONG
//#pragma code_seg("PAGE") //2. OK
#pragma code_seg() //3. OK
NTSTATUS CreateDevice(
IN PDRIVER_OBJECT pDriverObject)
{
DbgPrint("Enter %s\n", __FUNCTION__);
NTSTATUS status = 0;
PDEVICE_OBJECT pDevObj = NULL;
PDEVICE_EXTENSION pDevExt = NULL;
UNICODE_STRING devName;
//RtlInitUnicodeString(&devName, g_wsDevName); //这种形式在什么代码段都可以
RtlInitUnicodeString(&devName, L"\\Device\\MyDDKDevice"); //这种形式不能用在code_seg("INIT")
__try {
status = IoCreateDevice(pDriverObject,
sizeof(DEVICE_EXTENSION),
&devName,
FILE_DEVICE_UNKNOWN,
0, TRUE,
&pDevObj);
if (status != STATUS_SUCCESS) __leave;
pDevObj->Flags |= DO_BUFFERED_IO;
pDevExt = (PDEVICE_EXTENSION)pDevObj->DeviceExtension;
pDevExt->pDevice = pDevObj;
pDevExt->ustrDeviceName = devName;
//创建符号链接
UNICODE_STRING symLinkName;
//RtlInitUnicodeString(&symLinkName, g_wsDevSymbolicName);
RtlInitUnicodeString(&symLinkName, L"\\??\\HelloDDK");
pDevExt->ustrSymLinkName = symLinkName;
status = IoCreateSymbolicLink(&symLinkName, &devName);
if (!NT_SUCCESS(status))
{
DbgPrint("Failed to call IoCreateSymbolicLink\n");
IoDeleteDevice(pDevObj);
__leave;
}
}
__finally {
}
DbgPrint("Leave %s\n", __FUNCTION__);
return status;
}
浙公网安备 33010602011771号