What process are you in the context of when you make this call? It may
be that the routine needs data from the PEB which may not be present in
the system process.
-p
-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Samarth Sharma
Sent: Thursday, June 05, 2003 3:02 AM
To: NT Developers Interest List
Subject: [ntdev] Re: rtlvolumedevicetodosname problem again…
Hi,
Well i now use the following call…
>ntstatus=ObReferenceObjectByHandle(Handle,0,*IoFileObjectType,KernelMo
>de,&
Object,NULL);
The handle is a valid handle and the call to RtlVolume…() is made only
if
ObRef…() returns STATUS_SUCCESS.The code is executing at
PASSIVE_LEVEL.
However, the driver still continues to crash.
I tried DbgPrint() before all the statements but was unable to detect
any problem. But the call to RtlVolume…() does sometimes return an
error. Is there any other method to strongly check that the parameters
that i am passing of RtlVolume…() The system crashes with either
KMODE_EXCEPTION_NOT_HANDLED or PAGE_FAULT_IN_NONPAGED_AREA.
Thank you for any suggestions
Samarth
“Peter Wieland” wrote in message
news:xxxxx@ntdev…
Look at the description of the ObjectType parameter of
ObReferenceObjectByHandle in the DDK documentation.
-p
-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Samarth Sharma
Sent: Wednesday, June 04, 2003 9:54 PM
To: NT Developers Interest List
Subject: [ntdev] Re: rtlvolumedevicetodosname problem again…
Thanks for the info Nick…Is there any method of verifying whether the
object i receive is a valid FILE_OBJECT type object??
Regards,
Samarth
“Nick Ryan” wrote in message news:xxxxx@ntdev…
>
> The handle MUST be a handle to an open filesystem file.
>
> - Nick Ryan
>
> > -----Original Message-----
> > From: xxxxx@lists.osr.com
> > [mailto:xxxxx@lists.osr.com] On Behalf Of Samarth
> > Sharma
> > Sent: Wednesday, June 04, 2003 3:51 AM
> > To: NT Developers Interest List
> > Subject: [ntdev] Re: rtlvolumedevicetodosname problem again…
> >
> >
> > Hi,
> > Well i double checked for the pointers being Non-NULL.that didn’t
> > work…I am sure that i’m running at IRQL==Passive…The ‘Handle’ can
> > be a handle to a registry key or a file or a socket or anything else
> > basically. Therefore, i’m not too certain if it would be a
> > FILE_OBJECT. However, i do a
> > ZwQueryInformationFile() just before the given code and that code
> > gets executed only if the ZwQuery…() succeeds. Also, the
> > interesting part is that my driver usually crashes when DbgView is
> > running on the system. It seems a behave a little better on other
> > occasions. Does this give any clue to the problem?? I’m having a
> > little problem with WinDbg. Will send the !analyze -v soon. Thanks,
> > Samarth
> >
> > “Nick Ryan” wrote in message news:xxxxx@ntdev…
> > >
> > > The code looks fine (except for a missing left parentheses, but
> > > I’m sure that’s just an email typo) - we need more information.
> > Where did
> > > ‘Handle’ come from? Can you double-check that Object and
> > ((FILE_OBJECT
> > > *) Object)->DeviceObject are non-NULL? Are you sure you’re
> > running at
> > > passive level? Can you send us the !analyze -v from WinDbg?
> > >
> > > - Nick Ryan
> > >
> > > > -----Original Message-----
> > > > From: xxxxx@lists.osr.com
> > > > [mailto:xxxxx@lists.osr.com] On Behalf Of Samarth
> > > > Sharma
> > > > Sent: Wednesday, June 04, 2003 1:44 AM
> > > > To: NT Developers Interest List
> > > > Subject: [ntdev] rtlvolumedevicetodosname problem again…
> > > >
> > > >
> > > > Hi all,
> > > > I’m trying to use Rtlvolumedevicetodosname() to get the drive
> > > > letter. I have a handle to an object and obtain the
> > object pointer
> > > > using ObReferenceObjectByHandle(). I then pass (((FILE_OBJECT
> > > > *)Object)->DeviceObject) as the first argument to
> > RtlVolume…().
> > > > However, using this KPI results in a blue screen on my
> > system, with
> > > > a KMode_exception_not_handled.(most of the times) The
> > actual call is
> > > > listed below…
> > > >
> > > > >>>
> > > > ntstatus=ObReferenceObjectByHandle(Handle,0,0,KernelMode,&Obje
> > > > ct,NULL);
> > > > >>> if(ntstatus==STATUS_SUCCESS)
> > > > >>>
> > ntstatus=RtlVolumeDeviceToDosName((FILE_OBJECT
> > > > *)Object)->DeviceObject,&DriveName);
> > > >
> > > > Am i doing this correctly?? i browsed through the ntfsd
> > archives but
> > > > was not able to find a reason for this to happen…except perhaps
> > > > that the Object returned by
> > > > ObReference…() may not be a file object and so the
> > system crashes.
> > > > If so, is there a method to verify if the object returned
> > is of the
> > > > required type or not? Thanks for any help… Regards, Samarth
> > > >
> > > >
> > > >
> > > > —
> > > > You are currently subscribed to ntdev as: xxxxx@nryan.com To
> > > > unsubscribe send a blank email to
> > > > xxxxx@lists.osr.com
> > > >
> > >
> > >
> > >
> > >
> >
> >
> >
> > —
> > You are currently subscribed to ntdev as: xxxxx@nryan.com To
> > unsubscribe send a blank email to xxxxx@lists.osr.com
> >
>
>
>
>
—
You are currently subscribed to ntdev as: xxxxx@microsoft.com To
unsubscribe send a blank email to xxxxx@lists.osr.com
—
You are currently subscribed to ntdev as: xxxxx@microsoft.com To
unsubscribe send a blank email to xxxxx@lists.osr.com
