Hello list!
Since I had great luck with last question, I thought I would push my
luck for another. At the moment I am running “ifstest.exe” to ensure the
correctness of my file system driver.
I can pass tests like that of:
FileSystemDeviceOpenTest
FileFullPathCreationTest
DirectoryFullPathCreationTest
BasicInformationTest
StandardInformationTest
NameInformationTest
So I feel confident those calls are “close” to “correct”, BUT, when I
try one of the these tests:
FileRelativePathCreationTest
DirectoryRelativePathCreationTest
TunnelTest
It BSODs quite early, and none of the IRP_MJ_CREATE calls have anything
but a NULL RelatedFileObject (which I would expect it to use, as it is
called RelativePath test, that’s what it’ll do, right?) so maybe it is
the very call to create a relative object that fails. The BSOD stack is:
REFERENCE_BY_POINTER (18)
Arguments:
Arg1: 0000000000000000, Object type of the object whose reference count
is being lowered
Arg2: ffffce896610f210, Object whose reference count is being lowered
Arg3: 0000000000000007, Reserved
Arg4: 00000000ffffffc5, Reserved
The reference count of an object is illegal for the current
state of the object.
nt!KeBugCheckEx+0x107
nt!IopIncrementVpbRefCount+0xf7a91
nt!IopParseDevice+0x105c
nt!IopParseFile+0xc7
nt!ObpLookupObjectName+0x5b7
nt!ObOpenObjectByNameEx+0x1e0
nt!IopCreateFile+0x391
nt!NtCreateFile+0x79
nt!KiSystemServiceCopyEnd+0x13
ntdll!NtCreateFile+0x14
opcreatg!FileRelativePathCreationTest+0x254
Since it doesn’t involve my code in the stack, I am guessing I have not
set something up correctly. Perhaps the Vpb that it is trying to
increment. It seems Arg2 is not NULL though, from above. I do not really
do much with Vpb, at least compared to fastfat (which seems to copy and
swap it sometimes) Since the call before is ParseDevice, am I suppose to
set Vpb for the FILE_DEVICE_DISK I create perhaps?
The last call to my code is:
* query_information: FileStandardLinkInformation
file_standard_link_information
fsDispatcher: enter: major 5: minor 0: IRP_MJ_QUERY_INFORMATION
fsDeviceObject
* query_information: FileNameInformation (normalize 1)
file_name_information: remaining space 252 str.len 16 struct size 8
* file_name_information: partial name of ‘frelpath’ struct size 0x8 and
FileNameLength 0x10 Usedspace 0x10
KDTARGET: Refreshing KD connection
Any hints is appreciated!
Lund