Ну вроде здесь была такая тема, автор справился с задачей но не как не прокомментировал её решение... Нарыл вот эту статью, но не понятно что делать... IM driver crash & resets Someone else asked for this, so I thought I'd post my solution here: This turned out to be a flaw in the handling of resets. The sample PassThru basically ignores the whole reset scenario, so it was no help at all. The problem is that if a reset is in progress, you are not allowed to call NdisRequest() - the blue screen occurs because the lower driver is trying to respond to your request while at the same time freeing all its buffers. What I did was make a "reset state" flag in my ADAPT structure. This field has three states - "running", "in reset", and "reset end". (Be sure to protect the state with a spin lock.) When handling query/set requests (MiniportSet/QueryInformation()), if the state is not "running", I queue the request. I use the sample PassThru logic here, which leaves the request data in the ADAPT Request buffer and sets the "QueuedRequest" flag to TRUE. (Do not call NdisRequest() here in that case - just return from the function.) The state change is managed as follows: In the ProtocolStatus() function, we will get notifications of NDIS_STATUS_RESET_START and NDIS_STATUS_RESET_END at the beginning and end of a reset operation. When we get the "start" event, I set the reset state to "in reset". When we get the "end" event, I set the state to "reset end". In the ProtocolStatusComplete() function, if I see the reset state is "reset end", then I set the state to "running" and check the "QueuedRequest" flag. If a request was queued, I then pass the request buffer (from the ADAPT structure) to NdisRequest(). This fixed the problem, and it has been running well in the environments where it used to blue screen. This does, of course, require the faith that once Ndis sends the RESET_START, it will follow it up with RESET_END and ProtocolStatusComplete(), but so far this all seems to be happening as documented. Hope that helps!
ты бы лучше минидампы приводил и анализировать пробовал сам, иначе движения почти не будет в твоей работе
Да млин тут же английским языком написано что мой драйвер вызывает драйвер с меньшим уровнем привилегий что и вызывает исключение, нуна там чёта сделать типа выставить какой то флаг в структуре ADAPT structure но я в английском не силён, ну былаже тема кто то должен чё та знать!!!
Вот этот код вызывает BSoD Код (Text): mov NR.RequestType,NdisRequestQueryInformation mov NR.DATA.QUERY_INFORMATION.Oid,OID_802_3_CURRENT_ADDRESS mov NR.DATA.QUERY_INFORMATION.InformationBuffer,offset NdisBuffer mov NR.DATA.QUERY_INFORMATION.InformationBufferLength,128 mov NR.DATA.QUERY_INFORMATION.BytesWritten,0 mov NR.DATA.QUERY_INFORMATION.BytesNeeded,0 push offset NR ;[in] push NdisBindingHandle ;[in] push offset NdisStatus ;[out] call NdisRequest NdisRequest proc .... push ebx push ebx xor edx,edx mov ecx,esi ;ESI=ASCII "NDMP" call 0F70CC93Fh mov ecx,esi ;ESI=ASCII "NDMP" call 0F70C92F4h ;EIP=0F70CAF71h .... NdisRequest endp 0F70C92F4h proc mov edi,edi push ebp mov ebp,esp sub esp,10h push ebx push esi push edi mov esi,ecx ;ECX=ASCII "NDMP" xor ebx,ebx mov edi,[esi+13Ch] ;EIP=0F70C9303h .... 0F70C92F4h endp Сей код mov edi,[esi+13Ch] ;EIP=0F70C9303h и вызывает исключение первый раз когда EIP=0F70C9303h ESI=ASCII "NDMP" усё нормально второй раз ESI=00h => mov edi,[esi+13Ch] => исключение => BSoD
Аналогичная проблема. Я только начал разбираться с NDIS. Пытаюсь узнать MAC сетевой карты. Код: Код (Text): NDIS_REQUEST NdisReq; Status = NdisAllocateMemoryWithTag((PVOID*)&NdisReq.DATA.SET_INFORMATION.InformationBuffer, 6, 0x00AB0000); if(Status == NDIS_STATUS_SUCCESS) { DBGPRINT(("\n\tMemory allocated\n")); NdisReq.RequestType = NdisRequestQueryInformation; NdisReq.DATA.QUERY_INFORMATION.Oid = OID_802_3_CURRENT_ADDRESS; NdisReq.DATA.QUERY_INFORMATION.InformationBufferLength = 6; NdisReq.DATA.QUERY_INFORMATION.BytesNeeded = 6; NdisRequest(Status, pAdapt->BindingHandle, &NdisReq); /// BSOD if (Status != NDIS_STATUS_PENDING) { PtRequestComplete(pAdapt, &NdisReq, Status); } PrintBufer(NdisReq.DATA.SET_INFORMATION.InformationBuffer, NdisReq.DATA.QUERY_INFORMATION.BytesWritten); DBGPRINT(("\n\tNdisRequest Status = %d\n", Status)); } Все это в PtBindAdapter примера passthru. Получаю BugCheck 7E, {c0000005, f83f897d, f8addab0, f8add7ac} Код (Text): FAULTING_MODULE: 804d7000 nt DEBUG_FLR_IMAGE_TIMESTAMP: 4acd92df EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - <Unable to get error code text> FAULTING_IP: NDIS!NdisRequest+12 f83f897d 8901 mov dword ptr [ecx],eax EXCEPTION_RECORD: f8addab0 -- (.exr 0xfffffffff8addab0) ExceptionAddress: f83f897d (NDIS!NdisRequest+0x00000012) ExceptionCode: c0000005 (Access violation) ExceptionFlags: 00000000 NumberParameters: 2 Parameter[0]: 00000001 Parameter[1]: 00000000 Attempt to write to address 00000000 CONTEXT: f8add7ac -- (.cxr 0xfffffffff8add7ac) eax=00000103 ebx=82468c4c ecx=00000000 edx=82480b18 esi=823f81b8 edi=00000000 eip=f83f897d esp=f8addb78 ebp=f8addb78 iopl=0 nv up ei pl zr na pe nc cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00010246 NDIS!NdisRequest+0x12: f83f897d 8901 mov dword ptr [ecx],eax ds:0023:00000000=???????? Resetting default scope DEFAULT_BUCKET_ID: DRIVER_FAULT BUGCHECK_STR: 0x7E LAST_CONTROL_TRANSFER: from f897bc2e to f83f897d STACK_TEXT: WARNING: Stack unwind information not available. Following frames may be wrong. f8addb78 f897bc2e 00000000 825ce8e0 8240dba0 NDIS!NdisRequest+0x12 f8addc2c f83eafe4 00000000 f8addc54 82468c4c passthru!PtBindAdapter+0x3ce [f:\pt3\driver\protocol.c @ 304] f8addcc8 f83ed63d 806d06e0 8242bb08 80526ae8 NDIS!NdisOpenConfigurationKeyByName+0x7c4 f8addd50 f83ed6d6 8246c820 8055a1c0 825c7640 NDIS!NdisMGetDeviceProperty+0xdb f8addd64 f83e9bfe 8246c818 0042bb08 f8adddac NDIS!NdisMGetDeviceProperty+0x174 f8addd74 80533dd0 8246c818 00000000 825c7640 NDIS!NdisFreeToBlockPool+0x165a f8adddac 805c4a28 8246c818 00000000 00000000 nt!ExQueueWorkItem+0x1b2 f8addddc 80540fa2 80533cd0 00000000 00000000 nt!PsRemoveCreateThreadNotifyRoutine+0x21e 00000000 00000000 00000000 00000000 00000000 nt!KiDispatchInterrupt+0x5a2
На одноядерном проце BSoD не возникает Для монопольный доступ к ресурсам на двухядерноа Атлоне делаю вот так Код (Text): .... push offset NSL ;PNDIS_SPIN_LOCK SpinLock call NdisAllocateSpinLock push offset NSL ;PNDIS_SPIN_LOCK SpinLock call NdisAcquireSpinLock push STATUS_SUCCESS push STATUS_SUCCESS push offset buffer call ProtocolOpenAdapterComplete push offset NSL ;PNDIS_SPIN_LOCK SpinLock call NdisReleaseSpinLock .... ProtocolOpenAdapterComplete proc push ebp mov ebp,esp Param_1 equ dword ptr [ebp+08h] Param_2 equ dword ptr [ebp+0Ch] Param_3 equ dword ptr [ebp+10h] pushad pushfd mov NR.RequestType,NdisRequestQueryInformation mov NR.DATA.QUERY_INFORMATION.Oid,OID_802_3_CURRENT_ADDRESS mov NR.DATA.QUERY_INFORMATION.InformationBuffer,offset NdisBuffer mov NR.DATA.QUERY_INFORMATION.InformationBufferLength,128 mov NR.DATA.QUERY_INFORMATION.BytesWritten,0 mov NR.DATA.QUERY_INFORMATION.BytesNeeded,0 push offset NR ;[in] push NdisBindingHandle ;[in] push offset NdisStatus ;[out] call NdisRequest mov ebx,NdisStatus mov Param_1,ebx popfd popad mov eax,Param_1 leave retn 0Ch ProtocolOpenAdapterComplete endp ....
Код (Text): push offset NSL ;PNDIS_SPIN_LOCK SpinLock call NdisAllocateSpinLock push offset NSL ;PNDIS_SPIN_LOCK SpinLock call NdisAcquireSpinLock push STATUS_SUCCESS push STATUS_SUCCESS push offset buffer call ProtocolOpenAdapterComplete push offset NSL ;PNDIS_SPIN_LOCK SpinLock call NdisReleaseSpinLock это все одна функция? а в чем прикол (NdisAllocateSpinLock)?