我创建了一个名为 fxwrap.sys 的 NDIS5 中间过滤器驱动程序,但是当我卸载它时。windows导致蓝屏。似乎ndis!ndisOidRequestComplete从转储文件中读取了空地址。我想知道这个问题是由fxwrap还是其他原因引起的。
环境:Windows 7 终极版 7601
这里是 fxwrap!PtRequestComplete 函数源代码:
VOID PtRequestComplete(NDIS_HANDLE ProtocolBindingContext,
PNDIS_REQUEST NdisRequest,
NDIS_STATUS Status)
{
PADAPT pAdapt = (PADAPT)ProtocolBindingContext;
NDIS_OID Oid = pAdapt->Request.DATA.SET_INFORMATION.Oid ;
NdisAcquireSpinLock(&pAdapt->AdaptDataLock);
{
pAdapt->OutstandingRequests = FALSE;
}
NdisReleaseSpinLock(&pAdapt->AdaptDataLock);
switch(NdisRequest->RequestType)
{
case NdisRequestQueryInformation:
{
if(Oid == OID_TCP_TASK_OFFLOAD)
{
Status = NDIS_STATUS_FAILURE;
}
ASSERT(Oid != OID_PNP_QUERY_POWER);
if(Oid == OID_PNP_CAPABILITIES && Status == NDIS_STATUS_SUCCESS)
{
MPQueryPNPCapbilities(pAdapt, &Status);
}
*pAdapt->BytesReadOrWritten = NdisRequest->DATA.QUERY_INFORMATION.BytesWritten;
*pAdapt->BytesNeeded = NdisRequest->DATA.QUERY_INFORMATION.BytesNeeded;
NdisMQueryInformationComplete(pAdapt->MiniportHandle, Status);
} break;
case NdisRequestSetInformation:
{
ASSERT( Oid != OID_PNP_SET_POWER);
*pAdapt->BytesReadOrWritten = NdisRequest->DATA.SET_INFORMATION.BytesRead;
*pAdapt->BytesNeeded = NdisRequest->DATA.SET_INFORMATION.BytesNeeded;
NdisMSetInformationComplete(pAdapt->MiniportHandle, Status);
}break;
default:
ASSERT(0);
break;
}
}
以下是转储信息:
DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1) 试图以过高的中断请求级别 (IRQL) 访问可分页(或完全无效)地址。这通常是由使用不正确地址的驱动程序引起的。如果内核调试器可用,则获取堆栈回溯。参数: Arg1:00000000,引用的内存 Arg2:00000002,IRQL Arg3:00000000,值 0 = 读取操作,1 = 写入操作 Arg4:8a81bd11,引用内存的地址
调试细节:
READ_ADDRESS:GetPointerFromAddress:无法从 84788848 读取无法读取 MiSystemVaType 内存在 84767e20 00000000
当前_IRQL:2
FAULTING_IP: ndis!ndisOidRequestComplete+8a 8a81bd11 803b05
cmp 字节 ptr [ebx],5CUSTOMER_CRASH_COUNT: 1
DEFAULT_BUCKET_ID:VISTA_DRIVER_FAULT
BUGCHECK_STR:0xD1
PROCESS_NAME:系统
TRAP_FRAME: 8dd07aa0 -- (.trap 0xffffffff8dd07aa0) ErrCode = 00000000 eax=00000200 ebx=00000000 ecx=00000001 edx=00000000 esi=8dd07b4c edi=a277f5a4 eip=8a81bd11 esp=8dd07b14 ebp=8dd07b34 iopl=0 nv up ei pl zr na pe nc cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00010246
ndis!ndisOidRequestComplete+0x8a:
8a81bd11 803b05 cmp 字节 ptr [ebx],5 ds:0023:00000000=??
重置默认范围
LAST_CONTROL_TRANSFER:从 8a81bd11 到 846605fb
堆栈文本:
8dd07aa0 8a81bd11 badb0d00 00000000 8dd07ac0 nt!KiTrap0E+0x2cf
8dd07b34 8a81c8b9 8dd07b4c 8c840008 870c1618 ndis!ndisOidRequestComplete+0x8a
8dd07b68 952b411b 8963b0f0 a277f5a4 00000000 ndis!NdisFOidRequestComplete+0x6a
8dd07b88 8a81c19d 870c1618 8c840008 00000000 起搏器!PcFilterRequestComplete+0x5b
8dd07bbc 8a843572 02d07bd4 00000000 89ac60e0 ndis!ndisOidRequestComplete+0x516
8dd07bf4 8a843805 00ac60e0 8c840008 00000000 ndis!ndisMOidRequestCompleteInternal+0xd0
8dd07c18 8a87a765 02ac60e0 00000000 8c840008 ndis!ndisCompleteLegacyRequest+0xdb
8dd07c38 95a831c5 89ac60e0 00000000 89ad20e0 ndis!NdisMSetInformationComplete+0x81
8dd07c54 8a87506f 8a1d48e8 8a1d4908 00000000 fxwrap!PtRequestComplete+0x61
8dd07c70 8a81c05b 876f54c0 8966f0f0 00000000 ndis!ndisCompleteOidRequestToRequest+0x4a
8dd07ca4 8a8704b2 00d07cbc 89ad20e0 8a85a000 ndis!ndisOidRequestComplete+0x3d4
8dd07ce8 8a823221 00ad20e0 8966f190 86a58638 ndis!ndisMDoOidRequest+0x528
8dd07d00 8469ca6b 8966f188 00000000 86a58638 ndis!ndisDoOidRequests+0x4d
8dd07d50 84827fda 00000000 92ed9892 00000000 nt!ExpWorkerThread+0x10d
8dd07d90 846d01f9 8469c95e 00000000 00000000 nt!PspSystemThreadStartup+0x9e
00000000 00000000 00000000 00000000 00000000 nt!KiThreadStartup+0x19
堆栈命令:kb
FOLLOWUP_IP:起搏器!PcFilterRequestComplete+5b 952b411b 56
推送 esiSYMBOL_STACK_INDEX:3
SYMBOL_NAME:起搏器!PcFilterRequestComplete+5b
FOLLOWUP_NAME:机器所有者
MODULE_NAME:起搏器
IMAGE_NAME:起搏器.sys
DEBUG_FLR_IMAGE_TIMESTAMP:4a5bc916
FAILURE_BUCKET_ID: 0xD1_pacer!PcFilterRequestComplete+5b
BUCKET_ID: 0xD1_pacer!PcFilterRequestComplete+5b
跟进:MachineOwner
感谢您的任何意见。