BSOD of HID device

NTSTATUS
InternalIoctl
    (
    IN PDEVICE_OBJECT DeviceObject,
    IN PIRP Irp
    )
{......
case IOCTL_HID_READ_REPORT:
        //
        //Return a report from the device into a class driver-supplied buffer.
        //
        DebugPrint((\"IOCTL_HID_READ_REPORT\\n\"));
      
       ntStatus = OrbQueueReadReport(DeviceObject, Irp);
  ntStatus = ReadReport(DeviceObject, Irp);
  return ntStatus;
......
Irp->IoStatus.Status = ntStatus;
    IoCompleteRequest(Irp, IO_NO_INCREMENT);
    ntStatus = STATUS_SUCCESS;

    return ntStatus;
}


NTSTATUS
ReadReport(
    IN PDEVICE_OBJECT DeviceObject,
    IN PIRP Irp
    )
{
    NTSTATUS ntStatus = STATUS_SUCCESS;
    PDEVICE_EXTENSION   deviceInfo;
    PIO_STACK_LOCATION  IrpStack;
    LARGE_INTEGER timeout;
    PREAD_TIMER    readTimerStruct;
PMOUSE_FEATURE_DATA mouseData;
//PIRP mouseIrp;

    DebugPrint((\"ReadReport Entry\\n\"));
    //
    // Get a pointer to the device extension
    //
    deviceInfo = GET_MINIDRIVER_DEVICE_EXTENSION(DeviceObject);

DebugPrint((\"Before ExAllocatePoolWithTag = %x\\n\", KeGetCurrentIrql()));


 readTimerStruct = ExAllocatePoolWithTag(NonPagedPool,
                                            sizeof(READ_TIMER),
                                            VHID_POOL_TAG
                                            );
DebugPrint((\"After ExAllocatePoolWithTag = %x\\n\", KeGetCurrentIrql()));
   if(!readTimerStruct){
        DebugPrint((\"Mem allocation for readTimerStruct failed\\n\"));
        Irp->IoStatus.Status = ntStatus = STATUS_INSUFFICIENT_RESOURCES;
        IoCompleteRequest(Irp, IO_NO_INCREMENT);
        return ntStatus;
    }

    else{

        RtlZeroMemory(readTimerStruct, sizeof(READ_TIMER));
        //
        //remember the Irp
        //
        readTimerStruct->Irp = Irp;
//readTimerStruct->deviceInfo=deviceInfo;
        //
        // Initialize the DPC structure and Timer
        //
        DebugPrint((\"Before KeInitializeDpc = %x\\n\", KeGetCurrentIrql()));
        KeInitializeDpc(&readTimerStruct->ReadTimerDpc,
                        ReadTimerDpcRoutine,
                        (PVOID)readTimerStruct
                        );
        DebugPrint((\"After KeInitializeDpc = %x\\n\", KeGetCurrentIrql()));

DebugPrint((\"Before KeInitializeTimer = %x\\n\", KeGetCurrentIrql()));
        KeInitializeTimer(&readTimerStruct->ReadTimer);
DebugPrint((\"After KeInitializeTimer = %x\\n\", KeGetCurrentIrql()));
        //
        // Queue the timer DPC  
        //
        timeout.HighPart = -1;
        timeout.LowPart = -(LONG)(10*1000*5000);  //in 100 ns.total 5 sec
       DebugPrint((\"Before KeSetTimer = %x\\n\", KeGetCurrentIrql()));
        KeSetTimer(&readTimerStruct->ReadTimer,
                   timeout,
                   &readTimerStruct->ReadTimerDpc
                   );
         DebugPrint((\"After KeSetTimer = %x\\n\", KeGetCurrentIrql()));          
  
    }
DebugPrint((\"ReadReport Exit = 0x%x\\n\", ntStatus));

    return ntStatus;
}

其中：
typedef struct _DEVICE_EXTENSION{

    HID_DESCRIPTOR              HidDescriptor;

    PHID_REPORT_DESCRIPTOR          ReportDescriptor;

    BOOLEAN                           ReadReportDescFromRegistry;

    DEVICE_PNP_STATE    DevicePnPState;   // Track the state of the device

    DEVICE_PNP_STATE    PreviousPnPState; // Remembers the previous pnp state
BOOLEAN Removed; // Is device being removed?
PDEVICE_OBJECT nextDevObj; // PDO that BUS gave to us

// queue stuff
KSPIN_LOCK readQueueLock; // Spin lock //add 2
LIST_ENTRY readQueueList; // List
NPAGED_LOOKASIDE_LIST readQueuePool; // Lookaside list
ULONG readsPending; // Reads pending
} DEVICE_EXTENSION, * PDEVICE_EXTENSION;

typedef struct _READ_TIMER{
    
    KDPC             ReadTimerDpc;
    KTIMER          ReadTimer;
    PIRP              Irp;
  
} READ_TIMER, * PREAD_TIMER;

VOID
ReadTimerDpcRoutine(  
    IN PKDPC Dpc,
    IN PVOID DeferredContext,
    IN PVOID SystemArgument1,
    IN PVOID SystemArgument2
    )
{
发送两个数
}


NTSTATUS
OrbQueueReadReport(IN PDEVICE_OBJECT DeviceObject, IN PIRP Irp)
{
PORB_QUEUE_ITEM item;
NTSTATUS status = STATUS_INSUFFICIENT_RESOURCES;
    PDEVICE_EXTENSION   devExt;
DebugPrint((\"Before OrbQueueReadReport = %x\\n\", KeGetCurrentIrql()));

  devExt = GET_MINIDRIVER_DEVICE_EXTENSION(DeviceObject);

// New way:
// We allocate item from lookaside list, this is more effective
// and pool doesn\'t get fragmented.
item = ExAllocateFromNPagedLookasideList(&devExt->readQueuePool);
// Fail if no memory
if (item == NULL) {
// Bad luck
DebugPrint((\"OrbQueueReadReport(): no item\\n\"));

// Complete Irp with error
return CompleteIrp(Irp, status, 0);
}
// Remember to always mark Irp pending
IoMarkIrpPending(Irp);
// Save Irp pointer for later processing
item->Irp = Irp;
// Insert into queue of pending requests
ExInterlockedInsertHeadList(&devExt->readQueueList, &item->List, &devExt->readQueueLock);
// Increment pending I/O count
InterlockedIncrement(&devExt->readsPending);
Irp->IoStatus.Status = STATUS_PENDING;
Irp->IoStatus.Information = sizeof(devExt->readsPending);
DebugPrint((\"After OrbQueueReadReport = %x\\n\", KeGetCurrentIrql()));
return STATUS_PENDING;
}
请问：
readTimer和DPC可以删除吗？
这段代码有问题，老是出现蓝屏，请教高手！大大给分！

顶一下：）

ding

没有人帮我：（

这么长代码，谁有空看啊！你应该标出在哪里出现BSOD

老大，这还不是全部了，我只是选区了一小部分

IoCompleteRequest(Irp, IO_NO_INCREMENT);
是这句话出错，

这个程序是鼠标的hid驱动，我用app让它画矩形，很奇怪的是，开始没有问题，画300*300的正方形，当画到28圈的时候蓝屏

不解啊！