共用方式為

KeSetEventPageable (Windows 驅動程序程序代碼QL 查詢)

  • 發行項

概觀

當 Wait 自變數設定為 TRUE 時,不得在分頁區段中呼叫 KeSetEvent。 這可能會導致系統損毀區段分頁。

如需詳細資訊,請參閱 KeSetEvent (wdm.h)

建議

調整 KeSetEvent 呼叫,將 FALSE 傳遞至 wait 參數。

範例

// Copyright (c) Microsoft Corporation.
// Licensed under the MIT license.
//
// driver_snippet.c
//

#define SET_DISPATCH 1

// Template. Not called in this test.
void top_level_call() {}

#include <wdm.h>

void KeSetEventIrql_Fail1(PRKEVENT Event);

_IRQL_always_function_min_(APC_LEVEL) 
void KeSetEventIrql_Fail2(PRKEVENT Event);

_IRQL_always_function_min_(PASSIVE_LEVEL) 
void KeSetEventIrql_Pass1(PRKEVENT Event);

_IRQL_always_function_min_(PASSIVE_LEVEL) 
void KeSetEventIrql_Pass2(PRKEVENT Event);

#pragma alloc_text(PAGE, KeSetEventIrql_Fail1)
#pragma alloc_text(PAGE, KeSetEventIrql_Fail2)
#pragma alloc_text(PAGE, KeSetEventIrql_Pass2)

void KeSetEventIrql_Fail1(PRKEVENT Event)
{
    // This is a paged function.  We assume a lower limit of PASSIVE_LEVEL and an upper limit of APC_LEVEL on the IRQL.

    KeSetEvent(Event, HIGH_PRIORITY, TRUE); // ERROR: Calling with wait set to TRUE in a pageable context
}

void KeSetEventIrql_Fail2(PRKEVENT Event)
{
    // This is a paged function.  Even though it runs at APC_LEVEL, not PASSIVE_LEVEL, that's still an error.

    KeSetEvent(Event, HIGH_PRIORITY, TRUE); // ERROR: Calling with wait set to TRUE in a pageable context
}

void KeSetEventIrql_Pass1(PRKEVENT Event)
{
    // This function will potentially run at passive level but it's not pageable, so there's no issue.

    KeSetEvent(Event, HIGH_PRIORITY, TRUE);
}

void KeSetEventIrql_Pass2(PRKEVENT Event)
{
    // This function will runs at passive level and is pageable, but correctly uses FALSE in its call to KeSetEvent.

    KeSetEvent(Event, HIGH_PRIORITY, FALSE);
}

// TODO multi-threaded tests
// function has max IRQL requirement, creates two threads where one is above that requirement and one is below

其他詳細資料

您可以在 Microsoft GitHub CodeQL 存放庫中找到此查詢。 如需 Windows 驅動程式開發人員如何下載和執行 CodeQL 的詳細資訊,請參閱 CodeQL 和靜態工具標誌測試頁面。