|
阅读:1740回复:9
DriverEntry返回后的重启
我用drivermonitor加载驱动调试,当执行完DriverEntry后进入一片无效的汇编指令,一执行这些汇编指令就重启,不知道这是什么原因导致的,请大侠赐教
|
|
|
沙发#
发布于:2005-01-04 08:34
代码贴出来呀,这么说谁知道呀
|
|
|
|
板凳#
发布于:2005-01-04 09:22
如果你C写一般不会有问题的,如果用纯汇编写的话,可能忘了返回指令了.....
|
|
|
|
地板#
发布于:2005-01-04 09:59
可能是资源没有释放好,这个正是要非常小心,比较难发现,不知道有没有什么好工具看的
|
|
|
地下室#
发布于:2005-01-04 13:05
可能是资源没有释放好,这个正是要非常小心,比较难发现,不知道有没有什么好工具看的 搞定了? |
|
|
|
5楼#
发布于:2005-01-04 16:39
没有啊,现在变成了蓝屏,出的错误是KMODE_EXCEPTION_NOT_HANDLED,发生在DriverEntry成功返回后
|
|
|
6楼#
发布于:2005-01-04 20:08
我用的是C,没有用汇编
用windbg看dump,显示 ******************************************************************************* * * * Bugcheck Analysis * * * ******************************************************************************* Bugcheck code 0000001E Arguments c0000005 0000b822 00000000 0000b822 ChildEBP RetAddr Args to Child WARNING: Stack unwind information not available. Following frames may be wrong. ed437714 0000001e c0000005 0000b822 00000000 nt+0x559bc WaitForEvent failed 但是堆栈却看不了 kd> !analyze -v No export analyze found 这是什么原因? |
|
|
7楼#
发布于:2005-01-04 21:20
程序是进行TDI通信的,参考了pcausa,如下:
NTSTATUS DriverEntry(IN PVOID DriverObject,IN PVOID Argument2) { ULONG i; //DbgPrint("Enter DriverEntry, IRQL:%dn", KeGetCurrentIrql()); PUCHAR pSendBuffer; ULONG length=18; IO_STATUS_BLOCK ioStatus; INPARAM inParam; //in_addr tmpRemoteAddress; // Network Byte Order PMDL pMdl = NULL; TIENDPNT connEndPnt; UCHAR msg[128]; NTSTATUS status; inParam.remoteIpAddr=4060741898;//10.1.10.242 inParam.remotePort=47138;//8888 status=BuildTcpConnection(&connEndPnt, &inParam); if(!NT_SUCCESS(status)) { DbgPrint("build tcp connection error\n"); return STATUS_UNSUCCESSFUL; } // Allocate non-paged system-space memory status = NdisAllocateMemory((VOID **)&pSendBuffer,length,0,HighestAcceptableMax); if( !NT_SUCCESS( status ) ) { TiCloseConnEndpt( &connEndPnt); pSendBuffer= NULL; return status; } RtlCopyMemory(pSendBuffer, "test tdi (tcp)!", 18 ); pMdl = IoAllocateMdl(pSendBuffer,length,FALSE,FALSE,NULL); if( !pMdl ) { TiCloseConnEndpt(&connEndPnt); NdisFreeMemory(pSendBuffer,length,0); return STATUS_UNSUCCESSFUL; } __try { MmProbeAndLockPages( pMdl, KernelMode, IoModifyAccess ); } __except( EXCEPTION_EXECUTE_HANDLER ) { TiCloseConnEndpt( &connEndPnt); NdisFreeMemory(pSendBuffer,length,0); MmUnlockPages(pMdl); IoFreeMdl( pMdl ); pMdl = NULL; return STATUS_UNSUCCESSFUL; } pMdl->Next = NULL; status=TiSendOnEndpoint(&connEndPnt,NULL,NULL,NULL,&ioStatus,pMdl,0); if( !NT_SUCCESS( status ) ) { TiCloseConnEndpt( &connEndPnt); NdisFreeMemory(pSendBuffer,length,0); MmUnlockPages(pMdl); IoFreeMdl( pMdl ); return status; } status=TiReceiveOnEndpoint(&connEndPnt,NULL,NULL,NULL,&ioStatus,pMdl,0); if( NT_SUCCESS( status ) ) { RtlCopyMemory(msg,pMdl,18 ); DbgPrint("return contents:%s\n",msg); } TiCloseConnEndpt( &connEndPnt); NdisFreeMemory(pSendBuffer,length,0); MmUnlockPages(pMdl); IoFreeMdl( pMdl ); pMdl = NULL; return status; } |
|
|
8楼#
发布于:2005-01-06 17:41
我估计在释放内存时出了问题,如 NdisFreeMemory,最笨的办法,删去一些东西,确定在哪条语句上的问题,然后再下手
|
|
|
|
9楼#
发布于:2005-01-10 14:43
确实是内存释放的问题,多谢各位
|
|