这段读取核心态内存驱动代码为什么一运行,机器就重启??
下面的代码用来对核心态内存进行读取,实际上是为了满足对一PCI卡分配的MEMORY RANGE进行读写操作的,但是用户程序一调用它,机器马上就重启,能帮我看看问题出在什么地方吗?如何改写解决呢?不甚感激!!
NTSTATUS PortTalkCreateDispatch(
IN PDEVICE_OBJECT DeviceObject,
IN PIRP Irp
)
{
Irp->IoStatus.Information = 0;
Irp->IoStatus.Status = STATUS_SUCCESS;
IoCompleteRequest(Irp, IO_NO_INCREMENT);
return STATUS_SUCCESS;
}
NTSTATUS DriverEntry(
IN PDRIVER_OBJECT DriverObject,
IN PUNICODE_STRING RegistryPath
)
{
PDEVICE_OBJECT deviceObject;
NTSTATUS status;
WCHAR NameBuffer[] = L"\\Device\\CardTalk";
WCHAR DOSNameBuffer[] = L"\\DosDevices\\CardTalk";
UNICODE_STRING uniNameString, uniDOSString;
KdPrint( ("CARDTALK: CARDTALK V2.0 12/01/2005 has Loaded Wang Shi") );
RtlInitUnicodeString(&uniNameString, NameBuffer);
RtlInitUnicodeString(&uniDOSString, DOSNameBuffer);
status = IoCreateDevice(DriverObject,
0,
&uniNameString,
FILE_DEVICE_UNKNOWN,
0,
FALSE,
&deviceObject);
if(!NT_SUCCESS(status))
return status;
status = IoCreateSymbolicLink (&uniDOSString, &uniNameString);
if (!NT_SUCCESS(status))
return status;
DriverObject->MajorFunction[IRP_MJ_CREATE] = PortTalkCreateDispatch;
DriverObject->MajorFunction[IRP_MJ_DEVICE_CONTROL] = PortTalkDeviceControl;
DriverObject->DriverUnload = PortTalkUnload;
return STATUS_SUCCESS;
}
NTSTATUS
PortTalkDeviceControl(
IN PDEVICE_OBJECT DeviceObject,
IN PIRP pIrp
)
{
PIO_STACK_LOCATION irpSp;
NTSTATUS ntStatus = STATUS_SUCCESS;
ULONG inBufLength; /* Input buffer length */
ULONG outBufLength; /* Output buffer length */
ULONG inBuf; /* Pointer to Input and output buffer */
PUCHAR CharBuffer;
PUSHORT ShortBuffer;
PULONG LongBuffer;
PVOID ioBuffer;
USHORT Offset;
UCHAR Value;
USHORT DValue;
volatile ULONG *m_commandReg;
irpSp = IoGetCurrentIrpStackLocation( pIrp );
inBufLength = irpSp->Parameters.DeviceIoControl.InputBufferLength;
outBufLength = irpSp->Parameters.DeviceIoControl.OutputBufferLength;
ioBuffer = pIrp->AssociatedIrp.SystemBuffer;
CharBuffer = (PUCHAR) ioBuffer;
ShortBuffer = (PUSHORT) ioBuffer;
LongBuffer = (PULONG) ioBuffer;
switch ( irpSp->Parameters.DeviceIoControl.IoControlCode )
{
case IOCTL_WRITE_REGISTER_ULONG:
if (inBufLength>=4){
m_commandReg = (PULONG)(0xDF922028);
WRITE_REGISTER_BUFFER_ULONG((PULONG)m_commandReg,(PULONG)ShortBuffer[0],1);
}
pIrp->IoStatus.Information = 0; /* Output Buffer Size */
ntStatus = STATUS_SUCCESS;
break;
}
pIrp->IoStatus.Status = ntStatus;
IoCompleteRequest( pIrp, IO_NO_INCREMENT );
return ntStatus;
}
问题点数:100、回复次数:6Top
1 楼seaquester()回复于 2005-12-15 17:25:45 得分 100
0xDF922028是那里来的?是设备的mem base吗?mem resource有没有MmMapIoSpaceTop
2 楼ancients(三叶虫)回复于 2005-12-15 23:46:49 得分 0
OxDF922028是设备已经分配好的内存,也就是MMMAPIOSPACE以后得到的虚拟内存空间,是这样的,设备已经装好了驱动,有一个MEMORY RANGEfan范围,我想对这个内核内存空间的某个区域字节进行读写,所以写了一个驱动来读写0xDF922028这块地方,结果就遇到了重启的问题,估计是代码的什么地方出错了,又没有查出来,能帮我看看吗,指出问题所在吗?Top
3 楼seaquester()回复于 2005-12-16 08:57:12 得分 0
既然是MmMapIoSpace得到的,为什么要在代码里面写死?
另外可以检查一下你的IOCTL_WRITE_REGISTER_ULONG 的定义,是否 Buffered 方式?从你的In/Out buffer 都是在 pIrp->AssociatedIrp.SystemBuffer ,如果IOCTL_WRITE_REGISTER_ULONG不是buffered 方式,就会出错。
如果上面都没有问题,只好用SoftICE跟一下了Top
4 楼ancients(三叶虫)回复于 2005-12-16 11:11:44 得分 0
写死是想先测试一下,是否这样程序可以执行,如果可以,再改成参数形式。
IOCTL_WRITE_REGISTER_ULONG 的定义是BUFFER方式,它作为IOCTL_CODE的功能函数,定义如下:
#define IOCTL_WRITE_REGISTER_ULONG \
CTL_CODE(CARDTALK_TYPE,0x921, METHOD_BUFFERED, FILE_ANY_ACCESS)
我以为是NTSTATUS PortTalkCreateDispatch中定义的IoCompleteRequest(Irp, IO_NO_INCREMENT);可能有问题,能帮我看看吗?
Top
5 楼ancients(三叶虫)回复于 2005-12-16 16:23:55 得分 0
请问有人能帮我解决这个问题吗?不甚感激啊,急!!!!Top
6 楼ancients(三叶虫)回复于 2005-12-17 22:19:08 得分 0
怎么没有人回答呢?急急急Top
相关问题
关键词
得分解答快速导航
相关链接
广告也精彩
反馈
