Driver Problems? Questions? Issues?
Put OSR's experience to work for you! Contact us for assistance with:
  • Creating the right design for your requirements
  • Reviewing your existing driver code
  • Analyzing driver reliability/performance issues
  • Custom training mixed with consulting and focused directly on your specific areas of interest/concern.
Check us out. OSR, the Windows driver experts.

Monthly Seminars at OSR Headquarters

East Coast USA
Windows Internals and SW Drivers, Dulles (Sterling) VA, 9 April 2018

Writing WDF Drivers I: Core Concepts, Manchester, NH, 7 May 2018

Kernel Debugging & Crash Analysis for Windows, Manchester, NH, 21 May 2018


Go Back   OSR Online Lists > ntfsd
Welcome, Guest
You must login to post to this list
  Message 1 of 5  
14 Jul 17 13:55
Sivaller
xxxxxx@gmail.com
Join Date: 13 Jul 2017
Posts To This List: 33
Why BSOD ?????

I don't understand, See my party code of my diskfilesystemdriver , when i uncomment this line /////BEGIN Line incriminating BUG1////////////=20 I HAVE BSOD. Thank My code incrimating : //////BEGIN Line incriminating BUG1//////////// if ((fileObject == NULL)&& (Irp->MdlAddress != NULL)) { //effet de bord 140720174 PVOID currentAddress; KdPrintfd2(("[DrvDispatch] Reads by file=NULL\n")); /*currentAddress = MmGetSystemAddressForMdlSafe(Irp->MdlAddress, NormalPagePriority); if (currentAddress == NULL) { KdPrintfd2(("[DrvDispatch] currentAddress=NULL PAS NORMAL\n")); status= STATUS_INSUFFICIENT_RESOURCES; goto trierrorop; }*/ // here we could return the bootsector. If we don't have one // the requested read lenght must be returned as requested Irp->IoStatus.Information = irps->Parameters.Read.Length; KdPrintfd2(("[DrvDispatch] Offset:%d Reads finished with length:%d\n",irps->Parameters.Read.ByteOffset.LowPart, Irp->IoStatus.Information)); status = STATUS_SUCCESS; goto trierrorop; } //////END Line incriminating BUG1//////////// My entire code dispatch NTSTATUS DrvDispatch ( IN PDEVICE_OBJECT DeviceObject, IN PIRP Irp ) { PIO_STACK_LOCATION irps; NTSTATUS status=STATUS_NOT_IMPLEMENTED; KdPrintf(("[VFUM] control\n")); irps=NULL; if (Irp!=NULL) { irps = IoGetCurrentIrpStackLocation(Irp); //if (irps!=NULL) KdPrintfd(("[VFUM] vfums_control : Device:%x Majorfunction %d irp %x\n",DeviceObject,irps->MajorFunction,Irp)); { if (irps->MajorFunction == IRP_MJ_CREATE) { KdPrintfd(("[F DRVDISPATCH]IRP_MJ_CREATE \n")); } if (irps->MajorFunction==IRP_MJ_SYSTEM_CONTROL) { KdPrintfd(("IRP_MJ_SYSTEM_CONTROL\n")); } if (irps->MajorFunction == IRP_MJ_FILE_SYSTEM_CONTROL) { KdPrintfd(("IRP_MJ_FILE_SYSTEM_CONTROL\n")); } } /*if ((irps->MajorFunction==IRP_MN_CANCEL_REMOVE_DEVICE) || (irps->MajorFunction==IRP_MN_REMOVE_DEVICE) || (irps->MajorFunction==IRP_MJ_CLOSE) || (irps->MajorFunction==IRP_MN_QUERY_REMOVE_DEVICE) || (irps->MajorFunction==IRP_MN_STOP_DEVICE) || (irps->MajorFunction==IRP_MN_QUERY_STOP_DEVICE)) { KdPrintf(("[VDUM] DeviceDispatch invalid device OK IRP_MN_REMOVE_DEVICE\n")); status=STATUS_SUCCESS; } else { Irp->IoStatus.Status=status=STATUS_NO_MEDIA_IN_DEVICE; Irp->IoStatus.Information=0; }*/ //EFFETS DE BORD !!!!! if (irps->MajorFunction==IRP_MJ_PNP) { KdPrintf(("IRP_MJ_PNP\n")); status=STATUS_SUCCESS; switch (irps->MinorFunction) { case IRP_MN_QUERY_REMOVE_DEVICE: KdPrintf((" IRP_MN_QUERY_REMOVE_DEVICE\n")); break; case IRP_MN_SURPRISE_REMOVAL: KdPrintf((" IRP_MN_SURPRISE_REMOVAL\n")); break; case IRP_MN_REMOVE_DEVICE: KdPrintf((" IRP_MN_REMOVE_DEVICE\n")); break; case IRP_MN_CANCEL_REMOVE_DEVICE: KdPrintf((" IRP_MN_CANCEL_REMOVE_DEVICE\n")); break; case IRP_MN_QUERY_DEVICE_RELATIONS: KdPrintf((" IRP_MN_QUERY_DEVICE_RELATIONS\n")); status = STATUS_INVALID_PARAMETER; break; default: KdPrintf((" other minnor function %d\n", irps->MinorFunction)); break; //IoSkipCurrentIrpStackLocation(Irp); //status = IoCallDriver(Vcb->TargetDeviceObject, Irp); } Irp->IoStatus.Status=status; goto ANC; } if (DeviceObject == DiskGlobal.pdiskcd) { KdPrintf(("[CD DISK FAT]\n")); } if (DeviceObject == DiskGlobal.pdiskcd) { KdPrintf(("[FILE DISK FAT]\n")); } /////////////////////// if (DeviceObject==g_devcontrol) { PVOID* p=NULL; KdPrintf(("xxxxxxxx\n")); if (irps->FileObject!=NULL) p=irps->FileObject->FsContext2; KdPrintfd(("Control VFUM irp %x irps %x context %x\n",Irp,irps,p)); status=controldispatch(DeviceObject,Irp,irps); Irp->IoStatus.Status=status; KdPrintfdnotimpl(("Return information AV : %x\n",Irp->IoStatus.Information)); KdPrintfd(("Control VFUM return status %x\n",status)); } #if SUPPORTRAWDISK else if (IsRawDisk(DeviceObject)==TRUE) { KdPrintfd (("In RawDisk\n")); KeEnterCriticalRegion(); status=controldiskrawsystem(DeviceObject,Irp,irps); KeLeaveCriticalRegion(); if (status==STATUS_PENDING) return status; } #endif else { PPARAMVDF vdf; KdPrintf(("[VFUM] Virtual disk\n")); vdf=vdf_GetParam(DeviceObject); KdPrintfd2(("[VFUM] dispatch_virtualdisk enter : Device:%x Majorfunction %d irp %x vdf=%x \n",DeviceObject,irps->MajorFunction,vdf)); if (vdf!=NULL) { //if ((vdf->used==TRUE) && (vdf->parameter==TRUE)) { PVOID* p=NULL; BOOLEAN MOUNTED=((vdf->used==TRUE) && (vdf->parameter==TRUE) && (vdf->dismounting==FALSE)); if (irps->FileObject!=NULL) p=irps->FileObject->FsContext2; //KdPrintfd2(("[VFUM] vfums_control_virtualdisk irp %x irps %x context %x vdf=%x\n",Irp,irps,p,vdf)); //if ((vdf->used==TRUE) && (vdf->parameter==3DTRUE)) { FsRtlEnterFileSystem(); /*status=ccreate(DeviceObject,Irp,irps,irps->FileObject); if (status!=STATUS_SUCCESS) { KdPrintf(("CCReate return status %x\n",status)); goto trierrorop; }*/ /*if ((irps->MajorFunction==IRP_MJ_CLOSE)) { status=FatDirectClose(NULL,DeviceObject,Irp,irps); status=STATUS_SUCCESS; goto trierrorop; }*/ /*if ((irps->MajorFunction==IRP_MJ_CLOSE)) { KdPrintfd(("E IRP_MJ_CLOSE\n")); IjThreadforclose(vdf,Irp); KdPrintfd(("Wait thread\n")); status=WaitObject(&vdf->eventclose,30); KdPrintfd(("WaitObject from IRP_MJ_CLOSE return status %x\n",status)); status=STATUS_SUCCESS; goto trierrorop; }*/ if ((irps->MajorFunction==IRP_MJ_CLEANUP)) { PFILE_OBJECT _file; PCCB fsc; _file=irps->FileObject; if (_file==NULL) { Irp->IoStatus.Information=0; status=STATUS_SUCCESS; goto trierrorop; } fsc=(PCCB)_file->FsContext2; fsc=vdfsValidPointer(vdf,fsc); __try { if (_file->FileName.Buffer!=NULL) KdPrintfd2(("Cleanup FileName %wZ\n",&_file->FileName)); } __except (1) { KdPrintfd2(("Exception KdPrintfd2\n")); } if ((fsc!=NULL)) { if (_file->SectionObjectPointer != NULL && _file->SectionObjectPointer->DataSectionObject != NULL) { //fsc->debug2=TRUE; KdPrintf(("FatCleanup Dump Cache\n")); if (fsc->Fcb!=NULL) CcFlushCache(&fsc->Fcb->SectionObjectPointers, NULL, 0, NULL); KdPrintf(("FatCleanup Dump Cache2\n")); if (fsc->Fcb!=NULL) CcPurgeCacheSection(&fsc->Fcb->SectionObjectPointers, NULL, 0, FALSE); KdPrintf(("FatCleanup Dump Cache3\n")); if (issection(DeviceObject)) CcUninitializeCacheMap(_file, NULL, NULL); KdPrintf(("FatCleanup Fin Dump \n")); //fsc->debug2=FALSE; } else KdPrintf(("FatCleanup not mapping\n")); _file->Flags |= FO_CLEANUP_COMPLETE; } } if (irps->MajorFunction==IRP_MJ_CLOSE) { //if (modevdf2(vdf)==TRUE) { if (MOUNTED==FALSE) { //SI LE LECTEUR EST DEMONTER IL FAUT LIBERER LE VCB SINON LE LIBERER PLUS TARD POUR QUE LE PROCESSUS //USER CONNAISSE LE PARAM PCCB fsc=NULL; PFILE_OBJECT _file; //KdPrintfd6(("MUST IT CLOSE ABCDEF\n")); //PCCB fsc; _file=irps->FileObject; fsc=_file->FsContext2; //A METTRE DANS UTH ExAcquireResourceExclusiveLite(&vdf->ResourceNextFile, TRUE); fsc=vdfsValidPointer(vdf,fsc); if (fsc!=NULL) { PsharevdfsFCB fcb=fsc->Fcb; ////RemoveEntryList(&fsc->NextFile); ////EFFET DE BORD 09072017 COMMENT BSOD W10 COMPILER vdfsDoneCCB(vdf,fsc); vdfsFreeFCB(fcb); /*RemoveEntryList(&fsc->NextFile); vdfsFreeFCB(fsc->Fcb); vdfsDoneCCB(vdf,fsc);*/ _file->FsContext=NULL; _file->FsContext2=NULL; // KdPrintfd2(("Ca Bug \n")); } ExReleaseResourceLite(&vdf->ResourceNextFile); } } } if (MOUNTED) { if ((irps->MajorFunction==IRP_MJ_CLOSE)) { PFILE_OBJECT file; //PCCB fsc; file=irps->FileObject; //fsc=(PCCB)file->FsContext2; KdPrintfd2(("CLOSE\n")); if (file->FileName.Buffer!=NULL)KdPrintfd2(("E CLOSE FileName %wZ \n",&file->FileName)); //if (file->RelatedFileObject!=NULL) // KdPrintfd2(("E CLOSE RelativeFileName %wZ \n",&file->RelatedFileObject->FileName.Buffer)); /*if (fsc->debug2==TRUE) { KdPrintfd2(("Eh mince probl?me XXX4TOF\n")); } else KdPrintfd2(("Bon XSFDFS44\n"));*/ //ON VEUX LE METTRE DANS LA LIST2 if (modevdf2(vdf)==TRUE) { status=PushCMD(DeviceObject,vdf,Irp); if (status==STATUS_PENDING) { KdPrintf(("irp_mj_close status pending\n")); FsRtlExitFileSystem(); return status; } else if (!NT_SUCCESS(status)) goto trierrorop; } } if ((irps->MajorFunction==IRP_MJ_CREATE)) { if (modevdf2(vdf)==TRUE) { //ON VEUX LE METTRE DANS LA LIST2 status=PushCMD(DeviceObject,vdf,Irp); if (status==STATUS_PENDING) { KdPrintf(("irp_mj_read status pending\n")); FsRtlExitFileSystem(); return status; } else if (!NT_SUCCESS(status)) goto trierrorop; } } if ((irps->MajorFunction==IRP_MJ_DIRECTORY_CONTROL)) { if ((irps->MinorFunction==IRP_MN_NOTIFY_CHANGE_DIRECTORY)) { PPARAMVDF vdf; PCCB fsc; ULONG CompletionFilter; PFILE_OBJECT file; BOOLEAN WatchTree; file=irps->FileObject; KdPrintf(("IRP_MN_NOTIFY_CHANGE_DIRECTORY r?pertoire %wZ bt\n",&file->FileName)); CompletionFilter = irps->Parameters.NotifyDirectory.CompletionFilter; WatchTree = (irps->Flags& SL_WATCH_TREE)==SL_WATCH_TREE ; vdf=(PPARAMVDF)DeviceObject->DeviceExtension; KdPrintf(("IRP_MN_NOTIFY_CHANGE_DIRECTORY Before Context %x\n",file->FsContext2)); FsRtlNotifyFullChangeDirectory( vdf->NotifySync, &vdf->DirNotifyList, file->FsContext2, (PSTRING)&file->FileName, WatchTree, FALSE, CompletionFilter, Irp, NULL, NULL ); KdPrintf(("IRP_MN_NOTIFY_CHANGE_DIRECTORY After Context %x\n",file->FsContext2)); fsc=(PCCB)file->FsContext2; fsc=vdfsValidPointer(vdf,fsc); if (fsc!=NULL) fsc->evchgdirectory=TRUE; else KdPrintf(("IRP_MN_NOTIFY_CHANGE_DIRECTORY Not found fsc\n")); Irp->IoStatus.Status=STATUS_SUCCESS; status=STATUS_PENDING; FsRtlExitFileSystem(); goto gty; } } if ((irps->MajorFunction==IRP_MJ_WRITE) || (irps->MajorFunction==IRP_MJ_SET_INFORMATION)) //MODE MTHREAD uniqument { if (modevdf2(vdf)==TRUE) { PCOM2 ocom=NULL; PVOID Buffer; if (irps->MajorFunction==IRP_MJ_WRITE) { if (irps->Parameters.Write.Length==0) { KdPrintfd2((" writelength NULL\n")); Irp->IoStatus.Information=0; status=STATUS_SUCCESS; goto trierrorop; } if (Irp->MdlAddress) { KdPrintfd2((" use MdlAddress\n")); Buffer = MmGetSystemAddressForMdlSafe(Irp->MdlAddress, NormalPagePriority); } else { KdPrintfd2((" use UserBuffer\n")); Buffer = Irp->UserBuffer; } } =09 else Buffer=Irp->AssociatedIrp.SystemBuffer; status=Pre_PushCMD(DeviceObject,vdf,Irp,&ocom); //ON VEUX LE METTRE DANS LA LIST2 //status=PushCMD(DeviceObject,vdf,Irp); if (status==STATUS_PENDING) { copypsp(&ocom->in_data,Buffer,irps->Parameters.Write.Length); _i_p(vdf,ocom); KdPrintf(("irp_mj_read status pending\n")); FsRtlExitFileSystem(); return status; } else if (!NT_SUCCESS(status)) goto trierrorop; } } //if ((irps->MajorFunction==IRP_MJ_READ) || (irps->MajorFunction==IRP_MJ_WRITE)) if ((irps->MajorFunction==IRP_MJ_WRITE) || (irps->MajorFunction==IRP_MJ_SET_INFORMATION)) { PFILE_OBJECT file; PVOID Buffer; KdPrintfd2(("WRITE\n")); if (irps->MajorFunction==IRP_MJ_WRITE) KdPrintfd(("E IRP_MJ_WRITE\n")); if (irps->MajorFunction==IRP_MJ_SET_INFORMATION) KdPrintfd(("E IRP_MJ_SET_INFORMATION\n")); file=irps->FileObject; if (file==NULL) { KdPrintfd2(("E Write File==3DNULL\n")); status=STATUS_INVALID_PARAMETER; goto trierrorop; } if (irps->MajorFunction==IRP_MJ_WRITE) { if (irps->Parameters.Write.Length==0) { KdPrintfd2((" writelength NULL\n")); Irp->IoStatus.Information=3D0; status=STATUS_SUCCESS; goto trierrorop; } if (Irp->MdlAddress) { KdPrintfd2((" use MdlAddress\n")); Buffer = MmGetSystemAddressForMdlSafe(Irp->MdlAddress, NormalPagePriority); } else { KdPrintfd2((" use UserBuffer\n")); Buffer = Irp->UserBuffer; } } else { KdPrintf(("IK SetInformation %x\n")); Buffer=Irp->AssociatedIrp.SystemBuffer; } if (file!=NULL) { DWORD *dw=(DWORD*)Buffer; PCCB fsc=(PCCB)file->FsContext2; KdPrintfd2(("[INT] Write Offset %x Data %x\n",irps->Parameters.Write.ByteOffset.LowPart,*dw)); fsc=vdfsValidPointer(vdf,fsc); if (fsc==NULL) { status=STATUS_INVALID_HANDLE; goto trierrorop; } if (fsc->debug1==TRUE) KdPrintfd2((" mettre des spin\n")); fsc->debug1=TRUE; if (fsc->bufferwrite!=NULL) { ExFreePool(fsc->bufferwrite); } fsc->bufferwrite=ExAllocatePool(NonPagedPool,fsc->sizewrite=irps-> Parameters.Write.Length); if (fsc->bufferwrite!=NULL) { RtlCopyMemory(fsc->bufferwrite,Buffer,fsc->sizewrite); status=STATUS_SUCCESS; } else { KdPrintfd2(("Insufficent ressource\n")); status=STATUS_INSUFFICIENT_RESOURCES; goto trierrorop; } } else KdPrintfd2(("File==NULL\n")); } if ((irps->MajorFunction==IRP_MJ_READ)) { PFILE_OBJECT fileObject = irps->FileObject; ULONG Length; PMDL mdl; if ((vdf->used==TRUE) && (vdf->parameter==TRUE)) { } else { //DISK INUTILISER OU DISCONNECTED status=STATUS_DEVICE_NOT_READY; goto trierrorop; } if (irps->MajorFunction==IRP_MJ_READ) Length = irps->Parameters.Read.Length; else Length = irps->Parameters.Write.Length; KdPrintfd2(("Int IRP_MJ_READ Offset %x Length %x\n",irps->Parameters.Read.ByteOffset.LowPart,Length)); if (irps->Parameters.Read.Length=3D=0) { Irp->IoStatus.Information=3D0; status=STATUS_SUCCESS; goto trierrorop; } if (irps->MinorFunction == IRP_MN_COMPLETE) { Irp->MdlAddress = NULL; KdPrintfd2(("IRP_MN_COMPLETE")); status = STATUS_SUCCESS; goto trierrorop; =09 } //////BEGIN Line incriminating BUG1//////////// if ((fileObject == NULL)&& (Irp->MdlAddress != NULL)) { //effet de bord 140720174 PVOID currentAddress; KdPrintfd2(("[DrvDispatch] Reads by file=NULL\n")); /*currentAddress = MmGetSystemAddressForMdlSafe(Irp->MdlAddress, NormalPagePriority); if (currentAddress == NULL) { KdPrintfd2(("[DrvDispatch] currentAddress=NULL PAS NORMAL\n")); status= STATUS_INSUFFICIENT_RESOURCES; goto trierrorop; }*/ // here we could return the bootsector. If we don't have one // the requested read lenght must be returned as requested Irp->IoStatus.Information = irps->Parameters.Read.Length; KdPrintfd2(("[DrvDispatch] Offset:%d Reads finished with length:%d\n",irps->Parameters.Read.ByteOffset.LowPart, Irp->IoStatus.Information)); status = STATUS_SUCCESS; goto trierrorop; } //////END Line incriminating BUG1//////////// ////A REFLECHIR if (fileObject == NULL) { KdPrintfd2(("[DrvDispatch] fileObject == NULL\n")); status = STATUS_INVALID_DEVICE_REQUEST; goto trierrorop;; } ///// /*mdl = IoAllocateMdl(Irp->UserBuffer, irps->Parameters.QueryDirectory.Length, FALSE, FALSE, Irp); __try { MmProbeAndLockPages(Irp->MdlAddress, Irp->RequestorMode, IoWriteAccess); } __except (EXCEPTION_EXECUTE_HANDLER) { KdPrintf(("IRP_MJ_READ or IRP_MJ_WRITE MmProveAndLockPages error\n")); IoFreeMdl(Irp->MdlAddress); Irp->MdlAddress = NULL; status= STATUS_INSUFFICIENT_RESOURCES; goto trierrorop; } */ if (Irp->MdlAddress==NULL) { KdPrintfd2(("Int IRP_MJ_READ Irp->MdlAddress==NULL\n")); status=AllocateMdl(Irp,irps->Parameters.Read.Length); if (!NT_SUCCESS(status)) { KdPrintfd2(("Failure Get MDL\n")); goto trierrorop; } else KdPrintfd2(("OK allocate MDL\n")); } else KdPrintfd2(("Irp->MdlAdress!=3DNULL\n")); if (modevdf2(vdf)==TRUE) { //ON VEUX LE METTRE DANS LA LIST2 status=PushCMD(DeviceObject,vdf,Irp); if (status==STATUS_PENDING) { KdPrintf(("irp_mj_read status pending\n")); FsRtlExitFileSystem(); return status; } else if (!NT_SUCCESS(status)) goto trierrorop; } //status=STATUS_SUCCESS; } if ((irps->MajorFunction==IRP_MJ_QUERY_SECURITY)) { ULONG bufferLength = irps->Parameters.QuerySecurity.Length; //BSOD RISK !!!! if (Irp->UserBuffer != NULL && bufferLength > 0) { // make a MDL for UserBuffer that can be used later on another thread context if (Irp->MdlAddress == NULL) { status = AllocateMdl(Irp, bufferLength); KdPrintfd2(("IRP_MJ_QUERY_SECURITY allocate error mdl %x\n",status)); if (!NT_SUCCESS(status)) { goto trierrorop; // } } } KdPrintfd2(("IRP_MJ_QUERY_SECURITY ALLOCATE MDL OK with size %d!!!!!\n",bufferLength)); status=STATUS_SUCCESS; /////// } if ((irps->MajorFunction==IRP_MJ_SET_SECURITY)) { KdPrintfd2(("IRP_MJ_SET_SECURITY\n")); } if ((irps->MajorFunction==IRP_MJ_DEVICE_CONTROL)) { ULONG Length; PMDL mdl; if (irps->Parameters.DeviceIoControl.IoControlCode==IOCTL_REDIR_QUERY_PATH) { Length = irps->Parameters.Read.Length; KdPrintfd2(("Int IRP_MJ_DEVICE_CONTROL Offset %x Length %x\n",irps->Parameters.Read.ByteOffset.LowPart,Length)); /*mdl = IoAllocateMdl(Irp->UserBuffer, irps->Parameters.QueryDirectory.Length, FALSE, FALSE, Irp); __try { MmProbeAndLockPages(Irp->MdlAddress, Irp->RequestorMode, IoWriteAccess); } __except (EXCEPTION_EXECUTE_HANDLER) { KdPrintf(("IRP_MJ_READ or IRP_MJ_WRITE MmProveAndLockPages error\n")); IoFreeMdl(Irp->MdlAddress); Irp->MdlAddress = NULL; status= STATUS_INSUFFICIENT_RESOURCES; goto trierrorop; } */ if (Irp->MdlAddress==NULL) { KdPrintfd2(("Int IRP_MJ_DEVICE_CONTROL Irp->MdlAddress==NULL\n")); status=AllocateMdl(Irp,sizeof (QUERY_PATH_RESPONSE)); if (!NT_SUCCESS(status)) goto trierrorop; } } } if (irps->MajorFunction==IRP_MJ_DIRECTORY_CONTROL) { if (irps->MinorFunction==IRP_MN_QUERY_DIRECTORY) { UCHAR* Buffer; int cdebug; UCHAR cdebug1; ULONG Length = irps->Parameters.QueryDirectory.Length; /*est-ce*/ if (Irp->MdlAddress==NULL) { KdPrintf(("Int IRP_MN_QUERY_DIRECTORY Irp->MdlAddress==NULL\n")); status=AllocateMdl(Irp,irps->Parameters.QueryDirectory.Length); if (!NT_SUCCESS(status)) goto trierrorop; } /*Buffer=FatMapUserBuffer(Irp); //Buffer=NULL; for (cdebug = 0 ; cdebug < Length; cdebug++) { cdebug1=Buffer[cdebug]; }*/ //ON VEUX LE METTRE DANS LA LIST2 if (modevdf2(vdf)==TRUE) { status=PushCMD(DeviceObject,vdf,Irp); if (status==STATUS_PENDING) { KdPrintf(("irp_mj_read status pending\n")); FsRtlExitFileSystem(); return status; } else if (!NT_SUCCESS(status)) goto trierrorop; } //status=STATUS_SUCCESS; } } //KIRQL oldirql; //MUTEX_P(vdf->lock,&oldirql); //status=vdfdispatch(DeviceObject,Irp,irps); //PPARAMVDF vd=(PPARAMVD)DeviceObject->DeviceExtension; IjThread(vdf,Irp); //Irp->IoStatus.Status=STATUS_PENDING; status=STATUS_PENDING; trierrorop:; if (status!=STATUS_PENDING) { if (status==STATUS_NOT_IMPLEMENTED) { KdPrintfdnotimpl(("[system] Not Implemented Majorfunction:%x MinorFunction:%x\n",irps->MajorFunction,irps->MinorFunction)); } KdPrintfd2(("Error before pushthread %x\n",status)); Irp->IoStatus.Status=status; IoCompleteRequest(Irp, IO_NO_INCREMENT); } //trierror: FsRtlExitFileSystem(); return status; } else { KdPrintfd(("DISK UNLOADED !!! FORBIDDEN REQUEST !!!!\n")); Irp->IoStatus.Status=status=STATUS_DEVICE_REMOVED; if ((irps->MajorFunction==IRP_MJ_CLOSE) || (irps->MajorFunction==IRP_MJ_CLEANUP) ) { //LE CLOSE POSE PROBLEME DANS FILE PCCB !!!!! Irp->IoStatus.Status=status=STATUS_SUCCESS; } Irp->IoStatus.Information=0; FsRtlExitFileSystem(); } //MUTEX_V(vdf->lock,oldirql); } /*else { KdPrintfd(("[VFUM] dispatch_virtualdisk : Device:%x Majorfunction %d irp %x not configured or not initialized %d %d \n",DeviceObject,irps->MajorFunction,Irp,vdf->used,vdf->parameter)); status=STATUS_DEVICE_NOT_READY; }*/ } /*else { KdPrintfd(("DISK UNLOADED !!! FORBIDDEN REQUEST !!!!\n")); Irp->IoStatus.Status=status=STATUS_DEVICE_REMOVED; Irp->IoStatus.Information=0; }*/ } else { KdPrintfd(("Handle not found\n")); status=STATUS_INVALID_HANDLE; } } //INCRIMINATION BUG ????? //Irp->IoStatus.Status=status; ANC:; if (status==STATUS_NOT_IMPLEMENTED) { KdPrintfdnotimpl(("[systemg] Not Implemented Majorfunction:%x MinorFunction:%x\n",irps->MajorFunction,irps->MinorFunction)); } KdPrintfdnotimpl(("Return information : %x\n",Irp->IoStatus.Information)); IoCompleteRequest(Irp, IO_NO_INCREMENT); gty: return status; } else return STATUS_SUCCESS; }
  Message 2 of 5  
14 Jul 17 15:00
Slava Imameev
xxxxxx@hotmail.com
Join Date: 13 Sep 2013
Posts To This List: 264
Why BSOD ?????

1. Provide !analyze -v output 2. Cleanup the mess in the copy-pasted code. It is barely readable in the online version because of spaces or tabs transformation to =09=09=09=09=09=09=09=09=09 .
  Message 3 of 5  
17 Jul 17 12:14
Sivaller
xxxxxx@gmail.com
Join Date: 13 Jul 2017
Posts To This List: 33
Why BSOD ?????

Information windbg : STACK_TEXT: ffffd000`acf8dea8 fffff803`3cb5c5a9 : 00000000`0000000a 00000000`0000004c 00000000`00000002 00000000`00000001 : nt!KeBugCheckEx ffffd000`acf8deb0 fffff803`3cb5adc8 : 00000000`00000000 ffffe000`e15c6910 ffffe000`e3ec7780 fffff801`2f72f34b : nt!KiBugCheckDispatch+0x69 ffffd000`acf8dff0 fffff803`3cacb7d4 : ffffe000`e2d997d0 00000000`00000000 ffffe000`e1443000 ffffe000`e1443070 : nt!KiPageFault+0x248 ffffd000`acf8e180 fffff803`3cee8bf3 : fffff803`3cd44440 00000000`00000000 ffffe000`e258e080 ffffe000`e1443000 : nt!IopMountInitializeVpb+0x54 ffffd000`acf8e1b0 fffff803`3cacb974 : ffffe000`e1443070 ffffe000`e23323b0 ffffe000`e1443070 fffff803`3cea7a66 : nt!IopMountVolume+0x46b ffffd000`acf8e430 fffff803`3ce31367 : 00000000`00000025 00000000`00000000 ffffd000`acf8e790 00000000`00000000 : nt!IopCheckVpbMounted+0x154 ffffd000`acf8e480 fffff803`3ce2c9d1 : ffffc000`2ca2a638 ffffc000`2ca2a638 ffffd000`acf8e790 ffffe000`e1443040 : nt!IopParseDevice+0x4a7 ffffd000`acf8e690 fffff803`3ce8b38c : ffffe000`e1c73201 ffffd000`acf8e8b8 ffffe000`00000040 ffffe000`e00a4f20 : nt!ObpLookupObjectName+0x711 ffffd000`acf8e830 fffff803`3ce8769c : ffffe000`00000001 ffffe000`e23323b0 00000000`003ceb40 00000000`003ce290 : nt!ObOpenObjectByName+0x1ec ffffd000`acf8e960 fffff803`3ce872e9 : 00000000`003ce278 00000000`00000000 00000000`003ceb40 00000000`003ce290 : nt!IopCreateFile+0x38c ffffd000`acf8ea00 fffff803`3cb5c263 : fffff6fb`40001b98 00000000`00000000 00000000`00000000 00000000`00000000 : nt!NtCreateFile+0x79 ffffd000`acf8ea90 00007ff9`a57e3a9a : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x13 00000000`003ce208 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x00007ff9`a57e3a9a STACK_COMMAND: kb THREAD_SHA1_HASH_MOD_FUNC: b137d77bc1f8deefd04b4562dfe551e52af3da5a THREAD_SHA1_HASH_MOD_FUNC_OFFSET: 27ae7d2d2794d88ca82b2572a447cec3b99430b0 THREAD_SHA1_HASH_MOD: dc844b1b94baa204d070855e43bbbd27eee98b94 FOLLOWUP_IP: nt!IopMountInitializeVpb+54 fffff803`3cacb7d4 88514c mov byte ptr [rcx+4Ch],dl FAULT_INSTR_CODE: 484c5188 SYMBOL_STACK_INDEX: 3 SYMBOL_NAME: nt!IopMountInitializeVpb+54
  Message 4 of 5  
17 Jul 17 12:49
Sivaller
xxxxxx@gmail.com
Join Date: 13 Jul 2017
Posts To This List: 33
Why BSOD ?????

Here debuggage : IRQL_NOT_LESS_OR_EQUAL (a) An attempt was made to access a pageable (or completely invalid) address at an interrupt request level (IRQL) that is too high. This is usually caused by drivers using improper addresses. If a kernel debugger is available get the stack backtrace. Arguments: Arg1: 000000000000004c, memory referenced Arg2: 0000000000000002, IRQL Arg3: 0000000000000001, bitfield : bit 0 : value 0 = read operation, 1 = write operation bit 3 : value 0 = not an execute operation, 1 = execute operation (only on chips which support this level of status) Arg4: fffff80148ec97d4, address which referenced memory Debugging Details: ------------------ DUMP_CLASS: 1 DUMP_QUALIFIER: 401 BUILD_VERSION_STRING: 10240.16384.amd64fre.th1.150709-1700 SYSTEM_MANUFACTURER: innotek GmbH VIRTUAL_MACHINE: VirtualBox SYSTEM_PRODUCT_NAME: VirtualBox SYSTEM_VERSION: 1.2 BIOS_VENDOR: innotek GmbH BIOS_VERSION: VirtualBox BIOS_DATE: 12/01/2006 BASEBOARD_MANUFACTURER: Oracle Corporation BASEBOARD_PRODUCT: VirtualBox BASEBOARD_VERSION: 1.2 DUMP_TYPE: 1 BUGCHECK_P1: 4c BUGCHECK_P2: 2 BUGCHECK_P3: 1 BUGCHECK_P4: fffff80148ec97d4 WRITE_ADDRESS: 000000000000004c CURRENT_IRQL: 2 FAULTING_IP: nt!IopMountInitializeVpb+54 fffff801`48ec97d4 88514c mov byte ptr [rcx+4Ch],dl CPU_COUNT: 2 CPU_MHZ: fa0 CPU_VENDOR: AuthenticAMD CPU_FAMILY: 15 CPU_MODEL: 2 CPU_STEPPING: 0 DEFAULT_BUCKET_ID: WIN8_DRIVER_FAULT BUGCHECK_STR: AV PROCESS_NAME: samplefatfilesystem.exe ANALYSIS_SESSION_HOST: DESKTOP-J0KVJ3N ANALYSIS_SESSION_TIME: 07-17-2017 18:47:12.0853 ANALYSIS_VERSION: 10.0.15063.468 amd64fre TRAP_FRAME: ffffd001e0993ff0 -- (.trap 0xffffd001e0993ff0) NOTE: The trap frame does not contain all registers. Some register values may be zeroed or incorrect. rax=0000000000000000 rbx=0000000000000000 rcx=0000000000000000 rdx=0000000000000002 rsi=0000000000000000 rdi=0000000000000000 rip=fffff80148ec97d4 rsp=ffffd001e0994180 rbp=ffffe00140c4e070 r8=0000000000000000 r9=ffffd001e1d80880 r10=fffff80192c85b80 r11=ffffd001e0994180 r12=0000000000000000 r13=0000000000000000 r14=0000000000000000 r15=0000000000000000 iopl=0 nv up ei pl nz na pe nc nt!IopMountInitializeVpb+0x54: fffff801`48ec97d4 88514c mov byte ptr [rcx+4Ch],dl ds:00000000`0000004c=?? Resetting default scope LAST_CONTROL_TRANSFER: from fffff80148f5a5a9 to fffff80148f4fc20 STACK_TEXT: ffffd001`e0993ea8 fffff801`48f5a5a9 : 00000000`0000000a 00000000`0000004c 00000000`00000002 00000000`00000001 : nt!KeBugCheckEx ffffd001`e0993eb0 fffff801`48f58dc8 : 00000000`00000000 ffffe001`41ed1df0 ffffe001`41cb2590 fffff801`92c8f34b : nt!KiBugCheckDispatch+0x69 ffffd001`e0993ff0 fffff801`48ec97d4 : ffffe001`40679e40 00000000`00000000 ffffe001`40c4e000 ffffe001`40c4e070 : nt!KiPageFault+0x248 ffffd001`e0994180 fffff801`492e6bf3 : fffff801`49142440 00000000`00000000 ffffe001`40690080 ffffe001`40c4e000 : nt!IopMountInitializeVpb+0x54 ffffd001`e09941b0 fffff801`48ec9974 : ffffe001`40c4e070 ffffe001`41c59b10 ffffe001`40c4e070 fffff801`492a5a66 : nt!IopMountVolume+0x46b ffffd001`e0994430 fffff801`4922f367 : 00000000`00000025 00000000`00000000 ffffd001`e0994790 00000000`00000000 : nt!IopCheckVpbMounted+0x154 ffffd001`e0994480 fffff801`4922a9d1 : ffffc000`86e2a638 ffffc000`86e2a638 ffffd001`e0994790 ffffe001`40c4e040 : nt!IopParseDevice+0x4a7 ffffd001`e0994690 fffff801`4928938c : ffffe001`41eff001 ffffd001`e09948b8 ffffe001`00000040 ffffe001`4027bf20 : nt!ObpLookupObjectName+0x711 ffffd001`e0994830 fffff801`4928569c : ffffe001`00000001 ffffe001`41c59b10 00000000`00f2e9b0 00000000`00f2e100 : nt!ObOpenObjectByName+0x1ec ffffd001`e0994960 fffff801`492852e9 : 00000000`00f2e0e8 00000000`00000000 00000000`00f2e9b0 00000000`00f2e100 : nt!IopCreateFile+0x38c ffffd001`e0994a00 fffff801`48f5a263 : fffff6fb`40001b78 00000000`00000000 00000000`00000000 00000000`00000000 : nt!NtCreateFile+0x79 ffffd001`e0994a90 00007ff9`a10f3a9a : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x13 00000000`00f2e078 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x00007ff9`a10f3a9a STACK_COMMAND: kb THREAD_SHA1_HASH_MOD_FUNC: b137d77bc1f8deefd04b4562dfe551e52af3da5a THREAD_SHA1_HASH_MOD_FUNC_OFFSET: 27ae7d2d2794d88ca82b2572a447cec3b99430b0 THREAD_SHA1_HASH_MOD: dc844b1b94baa204d070855e43bbbd27eee98b94 FOLLOWUP_IP: nt!IopMountInitializeVpb+54 fffff801`48ec97d4 88514c mov byte ptr [rcx+4Ch],dl FAULT_INSTR_CODE: 484c5188 SYMBOL_STACK_INDEX: 3 SYMBOL_NAME: nt!IopMountInitializeVpb+54 FOLLOWUP_NAME: MachineOwner MODULE_NAME: nt IMAGE_NAME: ntkrnlmp.exe DEBUG_FLR_IMAGE_TIMESTAMP: 559f3c1a BUCKET_ID_FUNC_OFFSET: 54 FAILURE_BUCKET_ID: AV_nt!IopMountInitializeVpb BUCKET_ID: AV_nt!IopMountInitializeVpb PRIMARY_PROBLEM_CLASS: AV_nt!IopMountInitializeVpb TARGET_TIME: 2017-07-17T16:45:45.000Z OSBUILD: 10240 OSSERVICEPACK: 0 SERVICEPACK_NUMBER: 0 OS_REVISION: 0 SUITE_MASK: 272 PRODUCT_TYPE: 1 OSPLATFORM_TYPE: x64 OSNAME: Windows 10 OSEDITION: Windows 10 WinNt TerminalServer SingleUserTS OS_LOCALE: USER_LCID: 0 OSBUILD_TIMESTAMP: 2015-07-10 05:29:30 BUILDDATESTAMP_STR: 150709-1700 BUILDLAB_STR: th1 BUILDOSVER_STR: 10.0.10240.16384.amd64fre.th1.150709-1700 ANALYSIS_SESSION_ELAPSED_TIME: 6f7 ANALYSIS_SOURCE: KM FAILURE_ID_HASH_STRING: km:av_nt!iopmountinitializevpb FAILURE_ID_HASH: {b00a9f3a-eb89-6a85-c75f-b86adbc50a6f} Followup: MachineOwner
  Message 5 of 5  
17 Jul 17 17:01
Sivaller
xxxxxx@gmail.com
Join Date: 13 Jul 2017
Posts To This List: 33
Why BSOD ?????

I'am novice in kernel driver, But apparatus i think than Windows does not like the return of STATUS_PENDING in ioctl function IRP_MN_MOUNT_VOLUME. I'am worked this IRP in the other thread , It returns for the moment STATUS_UNRECOGNIZED_VOLUME.
Posting Rules  
You may not post new threads
You may not post replies
You may not post attachments
You must login to OSR Online AND be a member of the ntfsd list to be able to post.

All times are GMT -5. The time now is 13:20.


Copyright ©2015, OSR Open Systems Resources, Inc.
Based on vBulletin Copyright ©2000 - 2005, Jelsoft Enterprises Ltd.
Modified under license