IoVolumeDeviceToDosName在Windows 7上崩溃,但在Windows XP上工作正常

IoVolumeDeviceToDosName craches Windows 7 but works fine on Windows XP

本文关键字:Windows 工作 XP 但在 崩溃 IoVolumeDeviceToDosName      更新时间:2023-10-16

在我们将内核驱动程序代码从C更改为c++之后,IoVolumeDeviceToDosName函数的调用在Windows 7上产生BSOD,但是这段代码

谁能给我一个提示如何解决这个问题?

是Windows 7驱动程序编译。不使用静态代码分析器

BUGCHECK_STR:  0x7f_8
TSS:  00000028 -- (.tss 0x28)
eax=908b92ec ebx=00000000 ecx=908b9360 edx=00000000 esi=908b9374 edi=908b9374
eip=826c5035 esp=908b8e74 ebp=908b92c8 iopl=0         nv up ei ng nz na po nc
cs=0008  ss=0010  ds=0023  es=0023  fs=0030  gs=0000             efl=00010282
nt!_woutput_l+0x1b:
826c5035 57              push    edi
Resetting default scope
DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT
PROCESS_NAME:  svchost.exe
CURRENT_IRQL:  1f
LAST_CONTROL_TRANSFER:  from 826bedad to 826c5035
STACK_TEXT:  
908b92c8 826bedad 908b92ec 86d70560 00000000 nt!_woutput_l+0x1b
908b930c 826c7667 908b9374 00000063 86d70560 nt!_vsnwprintf_l+0x7b
908b9328 86d66160 908b9374 00000063 86d70560 nt!_vsnwprintf+0x18
908b934c 86d6cf44 908b9374 000000c8 86d70560 volmgr!RtlStringCbPrintfW+0x3a
908b9440 86d668ab 851080e8 843b0248 00004000 volmgr!VmpQueryDeviceName+0x46
908b9464 826434bc 85108030 843b03b4 85104be8 volmgr!VmDeviceControl+0x2f1
908b947c 87001854 908b94c4 8700274d 85104b30 nt!IofCallDriver+0x63
908b9484 8700274d 85104b30 843b0248 85103990 fvevol!FveFilterSkip+0x1e
908b94c4 826434bc 85104b30 843b0248 85103978 fvevol!FveFilterDeviceControl+0x16f
908b94dc 873d1083 908b957c 843b0248 908b9534 nt!IofCallDriver+0x63
908b94ec 873d96ea 851038c0 843b0248 17b5c100 rdyboost!SmdDispatchPassthrough+0x6d
908b9534 826434bc 851038c0 843b0248 843b0248 rdyboost!SmdDispatchDeviceControl+0x68
908b954c 873b2fcc 00000000 85108660 85108660 nt!IofCallDriver+0x63
908b9580 826434bc 00000000 843b0248 00000200 volsnap!VolSnapDeviceControl+0x50
908b9598 827f549f 85f09030 93acd748 843dd030 nt!IofCallDriver+0x63
908b9dfc 90cef31f 85108660 908b9e14 0030002e nt!IoVolumeDeviceToDosName+0x7e
908ba668 90cef541 00000d78 85108030 908bb538 ProcObsrv!GetProcessImageName+0x21f [d:ocsourcesdrivers2005ocdriversprocobsrvprocobsrv.c @ 381]
908bb53c 8285e238 843dd030 00000d78 908bb560 ProcObsrv!OnCreateProcessEx+0x91 [d:ocsourcesdrivers2005ocdriversprocobsrvprocobsrv.c @ 469]
908bb5f4 8285d523 85f09030 013dd030 908bb650 nt!PspInsertThread+0x5be
908bbd00 8264a42a 00b0eacc 00b0eaa8 02000000 nt!NtCreateUserProcess+0x742
908bbd00 77b164f4 00b0eacc 00b0eaa8 02000000 nt!KiFastCallEntry+0x12a
00b0e78c 77b14bcc 761e4a0b 00b0eacc 00b0eaa8 ntdll!KiFastSystemCallRet
00b0e790 761e4a0b 00b0eacc 00b0eaa8 02000000 ntdll!NtCreateUserProcess+0xc
00b0edec 76192059 00000000 00000000 000f2188 kernel32!CreateProcessInternalW+0xe75
00b0ee24 6b3669a8 00000000 000f2188 00000000 kernel32!CreateProcessW+0x2c
00b0eeb4 6b34ee3b 00b0eeec 000f20d8 00000020 mpsvc!CommonUtil::UtilCreateProcess+0x8c
00b0eef8 6b3558b5 00948b98 00000000 c4d82385 mpsvc!MpService::MpTaskSchedulerCmdRun+0x7f
00b0ef44 6b355c60 00000001 c4d8234d 00b0efc8 mpsvc!CommonUtil::CStdBasicString<unsigned short,CommonUtil::mp_char_traits<unsigned short>,std::allocator<unsigned short> >::operator+=+0x73
00b0ef8c 6b355d94 00b0efdc 00958830 00948b40 mpsvc!MpService::CMpSignaturesUpdateManager::RpcStartUpdate+0x1d0
00b0efc4 7654fc8f 00307f90 00000011 00b0f1f8 mpsvc!ServerMpRpcSigUpdClientOpen+0x32
00b0efec 765b4c53 6b355d62 00b0f1d8 00000005 RPCRT4!Invoke+0x2a
00b0f3f4 765b430e 00000000 00000000 00308048 RPCRT4!NdrStubCall2+0x2d6
00b0f410 7654f34a 00308048 c82f34ca 00318238 RPCRT4!NdrServerCall2+0x19
00b0f44c 7654f4da 6b39096e 00308048 00b0f4fc RPCRT4!DispatchToStubInCNoAvrf+0x4a
00b0f4a4 7654f3c6 00318238 00000000 00000000 RPCRT4!RPC_INTERFACE::DispatchToStubWorker+0x16c
00b0f4cc 76543974 00000000 00000000 00b0f4fc RPCRT4!RPC_INTERFACE::DispatchToStub+0x8b
00b0f518 7654f7a4 00307f90 00b0f534 0031c188 RPCRT4!LRPC_SCALL::DispatchRequest+0x257
00b0f538 7654f763 00307f90 0033d380 0031c188 RPCRT4!LRPC_SCALL::QueueOrDispatchCall+0xbd
00b0f554 7654f5ff 00000000 0033d368 00318238 RPCRT4!LRPC_SCALL::HandleRequest+0x34f
00b0f588 7654f573 00000000 0033d368 00319e90 RPCRT4!LRPC_SASSOCIATION::HandleRequest+0x144
00b0f5c0 7654ee4f 00318150 00000000 00319e90 RPCRT4!LRPC_ADDRESS::HandleRequest+0xbd
00b0f63c 7654ece7 00000000 00b0f658 76551357 RPCRT4!LRPC_ADDRESS::ProcessIO+0x50a
00b0f648 76551357 003181ec 00000000 00b0f680 RPCRT4!LrpcServerIoHandler+0x16
00b0f658 77afd3a3 00b0f6c4 003181ec 0031f898 RPCRT4!LrpcIoComplete+0x16
00b0f680 77b00748 00b0f6c4 00000000 00000000 ntdll!TppAlpcpExecuteCallback+0x1c5
00b0f7e8 761e1174 002e1da8 00b0f834 77b2b3f5 ntdll!TppWorkerThread+0x5a4
00b0f7f4 77b2b3f5 002e1da8 7709baea 00000000 kernel32!BaseThreadInitThunk+0xe
00b0f834 77b2b3c8 77afd63e 002e1da8 00000000 ntdll!__RtlUserThreadStart+0x70
00b0f84c 00000000 77afd63e 002e1da8 00000000 ntdll!_RtlUserThreadStart+0x1b

STACK_COMMAND:  .tss 0x28 ; kb
FOLLOWUP_IP: 
volmgr!RtlStringCbPrintfW+3a
86d66160 83c410          add     esp,10h
SYMBOL_STACK_INDEX:  3
SYMBOL_NAME:  volmgr!RtlStringCbPrintfW+3a
FOLLOWUP_NAME:  MachineOwner
MODULE_NAME: volmgr
IMAGE_NAME:  volmgr.sys
DEBUG_FLR_IMAGE_TIMESTAMP:  4a5bbf1d
FAILURE_BUCKET_ID:  0x7f_8_volmgr!RtlStringCbPrintfW+3a
BUCKET_ID:  0x7f_8_volmgr!RtlStringCbPrintfW+3a
Followup: MachineOwner
---------

您可能正在将FILE_DEVICE_NETWORK_FILE_SYSTEM的Device Type转换为dos name。FILE_DEVICE_NETWORK_FILE_SYSTEM不是卷设备对象。所以在调用ioVolumeDeviceToDosName之前,你应该检查

if(IoGetCurrentIrpStackLocation(Irp)->FileObject->DeviceObject->DeviceType == FILE_DEVICE_DISK && !KeAreAllApcsDisabled())
{
    //Do you ioVolumeDeviceTioDosName Here
}
相关文章: