帮忙看看这段代码，主要用来在驱动内部建立IRP进行USB端点的读写，但是出现死等现象，在应用程序中通过writefile函数写端点没问题

urb =(PURB) ExAllocatePool(NonPagedPool,sizeof(struct _URB_BULK_OR_INTERRUPT_TRANSFER));
  
   if (urb)
   {
      RtlZeroMemory(urb,sizeof(struct  _URB_BULK_OR_INTERRUPT_TRANSFER));
 urb->UrbHeader.Length = sizeof(struct _URB_BULK_OR_INTERRUPT_TRANSFER);
 urb->UrbHeader.Function = URB_FUNCTION_BULK_OR_INTERRUPT_TRANSFER;
      PDEVICE_EXTENSION pdx = (PDEVICE_EXTENSION) fdo->DeviceExtension;
    
 urb->UrbBulkOrInterruptTransfer.TransferFlags =USBD_TRANSFER_DIRECTION_OUT;
 urb->UrbBulkOrInterruptTransfer.PipeHandle=pdx->Pipe_Handle[5];
 urb->UrbBulkOrInterruptTransfer.TransferBufferLength = 10;
 urb->UrbBulkOrInterruptTransfer.TransferBuffer = (BYTE*)pciout;
 urb->UrbBulkOrInterruptTransfer.TransferBufferMDL = NULL;

    pdx = (PDEVICE_EXTENSION) fdo->DeviceExtension;

    KeInitializeEvent(&event, NotificationEvent, FALSE);//TRUE

    irp = IoBuildDeviceIoControlRequest(
                               IOCTL_INTERNAL_USB_SUBMIT_URB,
                                        pdx->LowerDeviceObject,
                                        NULL,
                                        0,
                                        NULL,//(PUCHAR)Urb->UrbBulkOrInterruptTransfer.TransferBuffer,
                                        0,//Urb->UrbBulkOrInterruptTransfer.TransferBufferLength,
                                        TRUE,
                                        &event,
                                        &ioStatus);



if (!irp)
{
Printf(DEFAULT_PRINT,(\"DBGLVL_MEDIUM: Unable to allocate IRP for sending RB\\n\"));
return STATUS_INSUFFICIENT_RESOURCES;
}

     PMDL NewMdl=IoAllocateMdl(MmGetMdlVirtualAddress(Urb->UrbBulkOrInterruptTransfer.TransferBufferMDL),
                                    Urb->UrbBulkOrInterruptTransfer.TransferBufferLength,
  FALSE,
  FALSE,
  NULL);
        // irp);

      NewMdl->StartVa=NULL;
      irp->MdlAddress=NewMdl;


// Prepare for calling the USB driver stack
   nextStack = IoGetNextIrpStackLocation(irp);
   ASSERT(nextStack != NULL);

   // Set up the URB ptr to pass to the USB driver stack
   nextStack->Parameters.Others.Argument1 = Urb;
   nextStack->MajorFunction = IRP_MJ_INTERNAL_DEVICE_CONTROL;
   nextStack->Parameters.DeviceIoControl.IoControlCode = IOCTL_INTERNAL_USB_SUBMIT_URB;
  
   Printf(DEFAULT_PRINT,(\"Calling USB Driver Stack\\n\"));

   //
   // Call the USB class driver to perform the operation.  If the returned status
   // is PENDING, wait for the request to complete.
   //
  // IoMarkIrpPending(irp);

   IoSetCompletionRoutine(irp,
       URB_Write_Complete,
       fdo,
       TRUE,
       TRUE,
       TRUE);

   ntStatus = IoCallDriver(pdx->LowerDeviceObject,irp);

   Printf(DEFAULT_PRINT,(\"return from IoCallDriver USBD %x\\n\", ntStatus));

   if (ntStatus == STATUS_PENDING)
   {
      Printf(DEFAULT_PRINT,(\"Wait for single object\\n\"));

      status = KeWaitForSingleObject(
                    &event,
                    Suspended,
                    KernelMode,
                    FALSE,
                    NULL);

      Printf(DEFAULT_PRINT,(\"Wait for single object, returned %x\\n\", status));
   }
   else
   {
      ioStatus.Status = ntStatus;
   }

  
   Printf(DEFAULT_PRINT,(\"URB status = %x status = %x irp status %x\\n\",
         Urb->UrbHeader.Status, status, ioStatus.Status));
 
   ntStatus = ioStatus.Status;

   Printf(DEFAULT_PRINT,(\"exit Ezusb_CallUSBD (%x)\\n\", ntStatus));

   ......

都不在吗？在线等待！！！

readfile和writefile应该使用不同的端点吧，可是你里面只有一个Pipe_Handle[5]，一个bulk端点怎么能同时进行读写呢？

我的这段代码只是用来写的

以下是我把程序改后的代码和进行3次写操作後的结果

urb =(PURB) ExAllocatePool(NonPagedPool,sizeof(struct _URB_BULK_OR_INTERRUPT_TRANSFER));

if (urb)
{
RtlZeroMemory(urb,sizeof(struct _URB_BULK_OR_INTERRUPT_TRANSFER));
urb->UrbHeader.Length = sizeof(struct _URB_BULK_OR_INTERRUPT_TRANSFER);
urb->UrbHeader.Function = URB_FUNCTION_BULK_OR_INTERRUPT_TRANSFER;
PDEVICE_EXTENSION pdx = (PDEVICE_EXTENSION) fdo->DeviceExtension;

urb->UrbBulkOrInterruptTransfer.TransferFlags =USBD_TRANSFER_DIRECTION_OUT;
urb->UrbBulkOrInterruptTransfer.PipeHandle=pdx->Pipe_Handle[5];
urb->UrbBulkOrInterruptTransfer.TransferBufferLength = 10;
urb->UrbBulkOrInterruptTransfer.TransferBuffer = (BYTE*)pciout;
urb->UrbBulkOrInterruptTransfer.TransferBufferMDL = NULL;

pdx = (PDEVICE_EXTENSION) fdo->DeviceExtension;


KeInitializeEvent(&event, NotificationEvent, FALSE);

 irp = IoBuildDeviceIoControlRequest(
                               IOCTL_INTERNAL_USB_SUBMIT_URB,
                                        pdx->LowerDeviceObject,
                                        NULL,
                                        0,
                                        NULL,//(PUCHAR)Urb->UrbBulkOrInterruptTransfer.TransferBuffer,
                                        0,//Urb->UrbBulkOrInterruptTransfer.TransferBufferLength,
                                        TRUE,
                                        &event,
                                        &ioStatus);
    if (!irp)
{
Printf(DEFAULT_PRINT,(\"DBGLVL_MEDIUM: Unable to allocate IRP for sending

RB\\n\"));
return STATUS_INSUFFICIENT_RESOURCES;
}

      
   
   // Prepare for calling the USB driver stack
  
   nextStack = IoGetNextIrpStackLocation(irp);
   ASSERT(nextStack != NULL);

     nextStack->Parameters.Others.Argument1 = Urb;
      Printf(DEFAULT_PRINT,(\"Calling USB Driver Stack\\n\"));

   ntStatus = IoCallDriver(pdx->LowerDeviceObject,irp);

   Printf(DEFAULT_PRINT,(\"return from IoCallDriver USBD %x\\n\", ntStatus));

   if (ntStatus == STATUS_PENDING)
   {
      Printf(DEFAULT_PRINT,(\"Wait for single object\\n\"));

      status = KeWaitForSingleObject(
                    &event,
                    Suspended,
                    KernelMode,
                    FALSE,
                    NULL);

      Printf(DEFAULT_PRINT,(\"Wait for single object, returned %x\\n\", status));
   }
   else
   {
      ioStatus.Status = ntStatus;
   }

  
   Printf(DEFAULT_PRINT,(\"URB status = %x status = %x irp status %x\\n\",
         Urb->UrbHeader.Status, status, ioStatus.Status));
 
   ntStatus = ioStatus.Status;

   Printf(DEFAULT_PRINT,(\"exit Ezusb_CallUSBD (%x)\\n\", ntStatus));
    return ntStatus;


运行结果：
613.477222   Default     DS560: enter usb_CallUSBD
613.476022   Default     DS560: Calling USB Driver Stack
613.476091   Default     DS560: return from IoCallDriver USBD 103
613.476117   Default     DS560: Wait for single object
613.477137   Default     DS560: Wait for single object, returned 0
613.477167   Default     DS560: URB status = 0 status = 0 irp status 0
613.477196   Default     DS560: exit usb_CallUSBD (0)

613.477222   Default     DS560: enter usb_CallUSBD
613.477272   Default     DS560: Calling USB Driver Stack
613.477348   Default     DS560: return from IoCallDriver USBD 103
613.477374   Default     DS560: Wait for single object
613.479174   Default     DS560: Wait for single object, returned 0
613.479208   Default     DS560: URB status = c0000004 status = 0 irp status c000009c
613.479243   Default     DS560: exit usb_CallUSBD (c000009c)


613.479272   Default     DS560: enter usb_CallUSBD
613.479333   Default     DS560: Calling USB Driver Stack
613.479405   Default     DS560: return from IoCallDriver USBD 103
613.479433   Default     DS560: Wait for single object
613.479457   Default     DS560: Wait for single object, returned 0
613.479487   Default     DS560: URB status = c0000030 status = 0 irp status c000009c
613.479243   Default     DS560: exit usb_CallUSBD (c000009c)

好像头一次正确，后面的就不对了，什么原因?

怎么都只看不说？？？？？？？