SEH in drivers....

Hi all -

I’m using HCT to flush out problems in
a driver I’ve written. I’m getting an
unhandled access violation during the device
path exerciser, problem is that the code
in which the failure occurs is wrapped
in a __try/__except block (see below).

The handler never gets executed - the code
is part of a large switch statement and many
of the cases have __try/__except blocks also.

I use my own makefiles for building the drivers -
is it possible I’m missing a compiler flag
to make this work properly?

Thanks,

…tom

Tom Evans
Caveo Technology

My code: (SMB_INFO is an unmapped test address - it
crashes on the first de-reference of SMB_INFO ).

case IOCTL_SMB_DRIVER_INFORMATION:

__try {
if ( inputBufferLength >= sizeof( SMB_INFORMATION ) ) {
if( fdoData->GotResources == TRUE ) {
SMB_INFO = (PSMB_INFORMATION)
irpStack->Parameters.DeviceIoControl.Type3InputBuffer;
if ( SMB_INFO == NULL ) {
status = STATUS_INVALID_PARAMETER;
} else {
crash —> SMB_INFO->DeviceCount = 1;
SMB_INFO->DeviceArray[0].SlaveAddress = 0x32;
SMB_INFO->DeviceArray[0].Device.DeviceHWCapability = 0;
SMB_INFO->DeviceArray[0].Device.VersionRevision =0;
SMB_INFO->DeviceArray[0].Device.VendorID = mfg_code;
SMB_INFO->DeviceArray[0].Device.DeviceID = product_ID;
SMB_INFO->DeviceArray[0].Device.Interface = 0;
SMB_INFO->DeviceArray[0].Device.SubsystemVendorID =0;
SMB_INFO->DeviceArray[0].Device.SubsystemID =0;
}
} else {
if ( SMB_INFO != NULL ) SMB_INFO->DeviceCount = 0;
}
Irp->IoStatus.Information = 0;
} else {
status = STATUS_INVALID_PARAMETER;
}
}
__except ( EXCEPTION_EXECUTE_HANDLER ) {
status = STATUS_ACCESS_VIOLATION;
}

Actually - I’m getting a page faul in a nonpaged area
on that access - can that be caught with an exception handler?

Thanks,

…tom

-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com]On Behalf Of Thomas Evans
Sent: Friday, 21 March 2003 10:02 AM
To: File Systems Developers
Subject: [ntfsd] SEH in drivers…

Hi all -

I’m using HCT to flush out problems in
a driver I’ve written. I’m getting an
unhandled access violation during the device
path exerciser, problem is that the code
in which the failure occurs is wrapped
in a __try/__except block (see below).

The handler never gets executed - the code
is part of a large switch statement and many
of the cases have __try/__except blocks also.

I use my own makefiles for building the drivers -
is it possible I’m missing a compiler flag
to make this work properly?

Thanks,

…tom

Tom Evans
Caveo Technology

My code: (SMB_INFO is an unmapped test address - it
crashes on the first de-reference of SMB_INFO ).

case IOCTL_SMB_DRIVER_INFORMATION:

__try {
if ( inputBufferLength >= sizeof( SMB_INFORMATION ) ) {
if( fdoData->GotResources == TRUE ) {
SMB_INFO = (PSMB_INFORMATION)
irpStack->Parameters.DeviceIoControl.Type3InputBuffer;
if ( SMB_INFO == NULL ) {
status = STATUS_INVALID_PARAMETER;
} else {
crash —> SMB_INFO->DeviceCount = 1;
SMB_INFO->DeviceArray[0].SlaveAddress = 0x32;
SMB_INFO->DeviceArray[0].Device.DeviceHWCapability = 0;
SMB_INFO->DeviceArray[0].Device.VersionRevision =0;
SMB_INFO->DeviceArray[0].Device.VendorID = mfg_code;
SMB_INFO->DeviceArray[0].Device.DeviceID = product_ID;
SMB_INFO->DeviceArray[0].Device.Interface = 0;
SMB_INFO->DeviceArray[0].Device.SubsystemVendorID =0;
SMB_INFO->DeviceArray[0].Device.SubsystemID =0;
}
} else {
if ( SMB_INFO != NULL ) SMB_INFO->DeviceCount = 0;
}
Irp->IoStatus.Information = 0;
} else {
status = STATUS_INVALID_PARAMETER;
}
}
__except ( EXCEPTION_EXECUTE_HANDLER ) {
status = STATUS_ACCESS_VIOLATION;
}

You are currently subscribed to ntfsd as: xxxxx@caveo.com
To unsubscribe send a blank email to xxxxx@lists.osr.com

“Thomas Evans” wrote in message news:xxxxx@ntfsd…
>
>
> Actually - I’m getting a page faul in a nonpaged area
> on that access - can that be caught with an exception handler?
>

Ah, Device Path Exerciser… Don’t you just LOVE it?!?

ANYhow, the answer is “no” – SEH genearlly doesnt catch references to
invalid addresses within system space.

That’s why ProbeForRead and ProbeForWrite raise STATUS_ACCESS_VIOLATION if
the passed in address is outside of the user portion of the address space.

While we’re on the topic of validating addresses: Don’t forget to check for
zero length transfers. ProbeForRead and friends explicitly pass
zero-length buffers as valid.

[This is probably better posted in the ‘NTDEV’ forum, where the device
driver jocks hang out…]

Peter
OSR