请高手帮着找毛病

我用CreateService()可建立服务，但startservice()总返回0，我在驱动程序中加了Debugprint想跟踪一下，哪想到了startservice()却黑屏重启了，请看看我的代码，找找毛病，帮帮忙啊

///////////////////filter.cpp//////////////////////////////
#include "filter.h"

#define NT_DEVICE_NAME L"\\Device\\SeaCdromFilter"
#define DOS_DEVICE_NAME L"\\DosDevices\\SeaCdromFilter"

extern "C"
NTSTATUS DriverEntry(IN PDRIVER_OBJECT DriverObject,
                     IN PUNICODE_STRING RegistryPath)
{

#if DBG
DebugPrintInit("SeaCdromFilter checked");
    #else
DebugPrintInit("SeaCdromFilter free");
    #endif

DebugPrint("RegistryPath is %T",RegistryPath);

fSymbolicLink = FALSE;

DriverObject->DriverUnload = DriverUnload;
DriverObject->DriverExtension->AddDevice = MyAddDevice;

ULONG i;

    for (i = 0; i <= IRP_MJ_MAXIMUM_FUNCTION; i++)
{
        DriverObject->MajorFunction = MySendToNextDriver;
    }

DriverObject->MajorFunction[IRP_MJ_DEVICE_CONTROL] = MyDrvDeviceControl;
    //DriverObject->MajorFunction[IRP_MJ_READ]= MyDrvDeviceControl;
    //DriverObject->MajorFunction[IRP_MJ_WRITE]= MyDrvDeviceControl;

DebugPrintMsg("DriverEntry completed");

    return STATUS_SUCCESS;
}

VOID DriverUnload(IN PDRIVER_OBJECT DriverObject)
{
   UNICODE_STRING  win32DeviceName;

   RtlInitUnicodeString(&win32DeviceName, DOS_DEVICE_NAME);

   if(fido)
{
IoDeleteDevice(fido);
}

    if(fSymbolicLink)
    {
   IoDeleteSymbolicLink(&win32DeviceName);
    }

}
NTSTATUS MyAddDevice(IN PDRIVER_OBJECT DriverObject,
                     IN PDEVICE_OBJECT pdo)
{
DebugPrint("AddDevice");

    NTSTATUS status;
    //PDEVICE_OBJECT fido;

UNICODE_STRING ntDeviceName;
    UNICODE_STRING win32DeviceName;

RtlInitUnicodeString(&ntDeviceName, NT_DEVICE_NAME);

    status = IoCreateDevice(DriverObject,              
                            sizeof(DEVICE_EXTENSION),    
                            &ntDeviceName,                  
                            FILE_DEVICE_CD_ROM,        
                            0,                          
                            FALSE,                    
                            &fido);                    

 
    if( !NT_SUCCESS(status))
{

}
    else
{
PDEVICE_EXTENSION pdx = (PDEVICE_EXTENSION)fido->DeviceExtension;
        pdx->fdo = fido;

//新设备对象放到堆栈上,返给你下一层设备对象的地址
   PDEVICE_OBJECT fdo = IoAttachDeviceToDeviceStack(fido, pdo);
        pdx->NextStackDevice = fdo;

        //初始化设备标志
   fido->Flags |= DO_DIRECT_IO;
        fido->Flags |= DO_POWER_PAGABLE;
        fido->DeviceType = fdo->DeviceType;
        fido->Characteristics = fdo->Characteristics;

//清除DO_DEVICE_INITIALIZING 标志
        fido->Flags &= ~DO_DEVICE_INITIALIZING;

RtlInitUnicodeString(&win32DeviceName, DOS_DEVICE_NAME);
        status = IoCreateSymbolicLink(&win32DeviceName, &ntDeviceName);
        if (!NT_SUCCESS(status))
{

}
else
{
   fSymbolicLink = TRUE;
}


}

    if (!NT_SUCCESS(status))
{
        if(fido)
{
IoDeleteDevice(fido);
}
if(fSymbolicLink)
{
IoDeleteSymbolicLink(&win32DeviceName);
}
}
  
    return status;

}

NTSTATUS MySendToNextDriver(IN PDEVICE_OBJECT DeviceObject,IN PIRP Irp)
{
PDEVICE_EXTENSION deviceExtension;

    IoSkipCurrentIrpStackLocation(Irp);
    deviceExtension = (PDEVICE_EXTENSION)DeviceObject->DeviceExtension;

    return IoCallDriver(deviceExtension->NextStackDevice, Irp);
}

NTSTATUS MyDrvDeviceControl(IN PDEVICE_OBJECT DeviceObject, IN PIRP Irp)
{
   NTSTATUS ntStatus;

   ntStatus = Irp->IoStatus.Status = STATUS_UNSUCCESSFUL;
   IoCompleteRequest(Irp, IO_NO_INCREMENT);
   return ntStatus;
}
///////////////////////filter.h////////////////////////////
#include <ntddk.h>
#include "DebugPrint.h"

#ifdef __cplusplus
}
#endif

#define NT_DEVICE_NAME L"\\Device\\SeaCdromFilter"
#define DOS_DEVICE_NAME L"\\DosDevices\\SeaCdromFilter"

typedef struct _DEVICE_EXTENSION
{
    PDEVICE_OBJECT    fdo;
    PDEVICE_OBJECT    NextStackDevice;

} DEVICE_EXTENSION, *PDEVICE_EXTENSION;

PDEVICE_OBJECT fido;

BOOLEAN fSymbolicLink;

NTSTATUS MyAddDevice(IN PDRIVER_OBJECT DriverObject,
                     IN PDEVICE_OBJECT PhysicalDeviceObject);

NTSTATUS MySendToNextDriver(IN PDEVICE_OBJECT DeviceObject,IN PIRP Irp);

NTSTATUS MyDrvDeviceControl(IN PDEVICE_OBJECT DeviceObject, IN PIRP Irp);

VOID DriverUnload(IN PDRIVER_OBJECT DriverObject);

1. Please use Softice or WinDbg to debug it by yourself.
2. I can't understand what you were trying to do with this section of code.
for (i = 0; i <= IRP_MJ_MAXIMUM_FUNCTION; i++)
{
DriverObject->MajorFunction = MySendToNextDriver;
}

I have never written a FS filter driver, and I don't know if this's the way filter driver should do in its driverentry. In general, you should handle IRP_MJ_CREATE and IRP_MJ_CLOSE in your own driver.

some 毛病 !!

 

2. I can't understand what you were trying to do with this section of code.
for (i = 0; i <= IRP_MJ_MAXIMUM_FUNCTION; i++)
{
DriverObject->MajorFunction = MySendToNextDriver;
}

 

should look like this :

for (i = 0; i <= IRP_MJ_MAXIMUM_FUNCTION; i++)
{
DriverObject->MajorFunction[ i ] = MySendToNextDriver;
}

Why you need this

IoSkipCurrentIrpStackLocation(Irp);

where is this PDEVICE_OBJECT pdo come from ??

PDEVICE_OBJECT fdo = IoAttachDeviceToDeviceStack(fido, pdo);


[编辑 -  11/23/04 by  KMK]

 

PDEVICE_OBJECT fdo = IoAttachDeviceToDeviceStack(fido, pdo);

再多看是这里不对了.这pdo是不对,不是自己的pdo,是你想attach的pdo.

用IoGetDeviceObjectPointer()........

 :D

CreateService()可建立服务，只是修改注册表而已
startservice()则会进入到你的DRIVERENTRY里,所以下断点 即可.
而且从你的结构来看你的驱动应该属于WDM,即由系统加载,由PNP管理器来调用你的ADDDEVICE,所以你通过SERVICE方式来加载可能是不行的,因为虽然你在DRIVERENTRY里返回成功,但由于没有在里面创建设备对象,所以系统还是会删除你的驱动对象,从而返回失败,建议把你的驱动改为KMD的方式,或者通过WDM方式来安装驱动.

请问如何将WDM改为KMD？