BSOD when DEVICE_OBJECT::StackSize=1 (Probably a bug in the Windows-10 kernel) RRS feed

  • Question

  • I have a driver implementing virtual drive. Its device object has StackSize=1 (it is a bottom-level device, not attached to any other device or bus). It worked correctly in all Windows versions prior to Windows-10. But crashes in Windows-10, unless I forcefully increase StackSize (without actually using the increased stack).

    Here is the full scenario, how it crashes:
       - When I try to exclusive-open my volume, FASTFAT calls function FatMultipleAsync()
       - It creates an IRP, passing correct parameters:
    IoMakeAssociatedIrp( pMasterIrp, pMyRawDevice->StackSize + 1); // pMyRawDevice->StackSize==1
       - IoMakeAssociatedIrp() first makes an IRP with sufficient StackSize
       - But in the end of IoMakeAssociatedIrp() there is the following new code (as I see it in the debugger):
            if( pMasterIrp->Tail.Overlay.IrpExtension )
               Irp->StackCount -= 2;
               // ...

       - then StackCount becomes 0, and I get the obvious bug check NO_MORE_IRP_STACK_LOCATIONS...

    It looks like a bug in Windows 10 kernel:
    IoMakeAssociatedIrp() must not create invalid IRPs when StackSize=1.
    It is a correct value for bottom-level devices.
    Thursday, December 18, 2014 5:25 PM