win10 1903 vs2019 调用RtlInitUnicodeString时导致的蓝屏
问题描述(蓝屏条件): 在CreateDevice前添加#pragma code_seg("INIT"), 以RtlInitUnicodeString(&devName, L"\\Device\\MyDDKDevice")形式初始化devName, 将其保存在设备扩展里,给Unload调用,一旦访问devName就会导致蓝屏, 蓝屏代码Bug Check 0x50: PAGE_FAULT_IN_NONPAGED_AREA 以RtlInitUnicodeString(&devName, g_wsDevName)形式初始化devName,则不会蓝屏 在CreateDevice前添加#pragma code_seg("PAGE")或#pragma code_seg()或不添加该行代码 RtlInitUnicodeString第二个参数形式无要求,都正常 注:这是在win10 1903 vs2019下测试的,该测试代码来自《Windows驱动开发技术详解》, 以前win10 1803 vs2017的时候也测试过,但不会导致蓝屏。 PCWSTR g_wsDevName = L"\\Device\\MyDDKDevice"; PCWSTR g_wsDevSymbolicName = L"\\??\\HelloDDK"; //#pragma code_seg("INIT") //1. WRONG //#pragma code_seg("PAGE") //2. OK #pragma code_seg() //3. OK NTSTATUS CreateDevice( IN PDRIVER_OBJECT pDriverObject) { DbgPrint("Enter %s\n", __FUNCTION__); NTSTATUS status = 0; PDEVICE_OBJECT pDevObj = NULL; PDEVICE_EXTENSION pDevExt = NULL; UNICODE_STRING devName; //RtlInitUnicodeString(&devName, g_wsDevName); //这种形式在什么代码段都可以 RtlInitUnicodeString(&devName, L"\\Device\\MyDDKDevice"); //这种形式不能用在code_seg("INIT") __try { status = IoCreateDevice(pDriverObject, sizeof(DEVICE_EXTENSION), &devName, FILE_DEVICE_UNKNOWN, 0, TRUE, &pDevObj); if (status != STATUS_SUCCESS) __leave; pDevObj->Flags |= DO_BUFFERED_IO; pDevExt = (PDEVICE_EXTENSION)pDevObj->DeviceExtension; pDevExt->pDevice = pDevObj; pDevExt->ustrDeviceName = devName; //创建符号链接 UNICODE_STRING symLinkName; //RtlInitUnicodeString(&symLinkName, g_wsDevSymbolicName); RtlInitUnicodeString(&symLinkName, L"\\??\\HelloDDK"); pDevExt->ustrSymLinkName = symLinkName; status = IoCreateSymbolicLink(&symLinkName, &devName); if (!NT_SUCCESS(status)) { DbgPrint("Failed to call IoCreateSymbolicLink\n"); IoDeleteDevice(pDevObj); __leave; } } __finally { } DbgPrint("Leave %s\n", __FUNCTION__); return status; }