Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

System crash on IoCreateDevice

131 views
Skip to first unread message

xakee

unread,
Feb 28, 2008, 2:40:16 PM2/28/08
to
Hello,

can you please let me know why my code restart my PC when i load and
start the following driver using osrloaderv3. Im just started to get a
grip on driver development under NT. Thanx in advance for you help :)

<code>

#include <ntddk.h>
#define DEVICE_NAME L"\\Device\\KRegSpy"
#define DOS_DEVICE_NAME L"\\DosDevices\\KRegSpy"

typedef struct _DEVICE_EXTENSION{

LARGE_INTEGER RegistryCallbackCookie;
KMUTEX TraceBufferMutex;

} DEVICE_EXTENSION, *PDEVICE_EXTENSION;

void DriverUnload(PDRIVER_OBJECT drvObjPtr){
UNICODE_STRING dosDeviceName;
PDEVICE_OBJECT devObjPtr = drvObjPtr->DeviceObject;

DbgPrint("Bye Kernel =)\n");
//delete symbolic link
//
RtlInitUnicodeString(&dosDeviceName,DOS_DEVICE_NAME);
/oDeleteSymbolicLink(&dosDeviceName);

//delete device
IoDeleteDevice(devObjPtr);
return;
}

NTSTATUS AddDevice(PDRIVER_OBJECT drvObjPtr,PDEVICE_OBJECT devObjPtr)
{
UNICODE_STRING deviceName;
UNICODE_STRING dosDeviceName;
NTSTATUS status;

//Create device
RtlInitUnicodeString(&deviceName,DEVICE_NAME);
status = IoCreateDevice(drvObjPtr,sizeof(DEVICE_EXTENSION),
&deviceName,FILE_DEVICE_UNKNOWN,0,0,&devObjPtr);
if(!NT_SUCCESS(status)){
return status;
}

//Create DOS type device
RtlInitUnicodeString(&dosDeviceName,DOS_DEVICE_NAME);
status=IoCreateSymbolicLink(&dosDeviceName,&deviceName);
if(!NT_SUCCESS(status)){
IoDeleteDevice(devObjPtr);
}

DbgPrint("AddDevice Called");
return status;
}

NTSTATUS DriverEntry(PDRIVER_OBJECT drvObjPtr, PUNICODE_STRING regPath)
{
DbgPrint("Hello Kernel =)\n");
drvObjPtr->DriverUnload = DriverUnload;
drvObjPtr->DriverExtension->AddDevice = AddDevice;

//Major IRP delegates
//drvObjPtr->MajorFunction[IRP_MJ_CREATE] = CreateClose;
//drvObjPtr->MajorFunction[IRP_MJ_CLOSE] = CreateClose;
//drvObjPtr->MajorFunction[IRP_MJ_CLEANUP] = Cleanup;

return STATUS_SUCCESS;
}

</code>

Maxim S. Shatskih

unread,
Feb 28, 2008, 3:01:13 PM2/28/08
to
Try to execute it with WinDbg attached.

--
Maxim Shatskih, Windows DDK MVP
StorageCraft Corporation
ma...@storagecraft.com
http://www.storagecraft.com

"xakee" <m.zaki...@gmail.com> wrote in message
news:e9198502-11bb-4d99...@o10g2000hsf.googlegroups.com...

Tim Roberts

unread,
Mar 1, 2008, 2:22:55 AM3/1/08
to
xakee <m.zaki...@gmail.com> wrote:
>
>can you please let me know why my code restart my PC when i load and
>start the following driver using osrloaderv3. Im just started to get a
>grip on driver development under NT. Thanx in advance for you help :)

Unless I am mistaken, osrloader is used to load legacy (non-PnP) drivers.
You have an AddDevice routine here, which is for a PnP driver. You need to
decide what you are trying to do.

>typedef struct _DEVICE_EXTENSION{
>
> LARGE_INTEGER RegistryCallbackCookie;
> KMUTEX TraceBufferMutex;
>
>} DEVICE_EXTENSION, *PDEVICE_EXTENSION;
>
>void DriverUnload(PDRIVER_OBJECT drvObjPtr){
> UNICODE_STRING dosDeviceName;
> PDEVICE_OBJECT devObjPtr = drvObjPtr->DeviceObject;
>
> DbgPrint("Bye Kernel =)\n");
> //delete symbolic link
> //
> RtlInitUnicodeString(&dosDeviceName,DOS_DEVICE_NAME);
> /oDeleteSymbolicLink(&dosDeviceName);
>
> //delete device
> IoDeleteDevice(devObjPtr);
> return;
>}

One problem here is the order of operations. The driver will not be
unloaded until the last device is deleted. You can't call IoDeleteDevice
here. By the time DriverUnload is called, all of the devices must already
be gone.

>NTSTATUS AddDevice(PDRIVER_OBJECT drvObjPtr,PDEVICE_OBJECT devObjPtr)
>{
> UNICODE_STRING deviceName;
> UNICODE_STRING dosDeviceName;
> NTSTATUS status;
>
> //Create device
> RtlInitUnicodeString(&deviceName,DEVICE_NAME);
> status = IoCreateDevice(drvObjPtr,sizeof(DEVICE_EXTENSION),
> &deviceName,FILE_DEVICE_UNKNOWN,0,0,&devObjPtr);

This is wrong. The PDEVICE_OBJECT that is passed into AddDevice is the
next device below you in the device stack. It is the device you need to
send bus requests to. IoCreateDevice returns YOUR new device object, and
you must allocate your OWN space to receive it, often in your device
extension.
--
Tim Roberts, ti...@probo.com
Providenza & Boekelheide, Inc.

Maxim S. Shatskih

unread,
Mar 1, 2008, 6:25:45 PM3/1/08
to
> > RtlInitUnicodeString(&deviceName,DEVICE_NAME);
> > status = IoCreateDevice(drvObjPtr,sizeof(DEVICE_EXTENSION),
> > &deviceName,FILE_DEVICE_UNKNOWN,0,0,&devObjPtr);
>
> This is wrong. The PDEVICE_OBJECT that is passed into AddDevice is the
> next device below you in the device stack.

No, the PDO is passed (so you can use IoGetDeviceProperty or such), the
NextDevice pointer is obtained from IoAttachDeviceToDeviceStack within
AddDevice.

The OP was not correct also :-)

0 new messages