求救呀!nt驱动用链表实现irp同的问题

tomlinson · 发表于2009-11-29 23:29

求救呀!nt驱动用链表实现irp同的问题 [复制链接]

不知道为什么初始化的链表头地址和DriverUnload的地址不一样.而且如果运行DriverUnload还会蓝屏!请高手指教呀!
#include
//原型区
//**************************************************************************************
NTSTATUS DeviceCreate(IN PDRIVER_OBJECT);
NTSTATUS IrpCreate(IN PDEVICE_OBJECT,IN PIRP);
NTSTATUS IrpDefault(IN PDEVICE_OBJECT,IN PIRP);
NTSTATUS IrpRead(IN PDEVICE_OBJECT,IN PIRP);
NTSTATUS IrpClose(IN PDEVICE_OBJECT,IN PIRP);
NTSTATUS IrpWrite(IN PDEVICE_OBJECT,IN PIRP);
NTSTATUS IrpCleanUp(IN PDEVICE_OBJECT,IN PIRP);
void DriverUnload(IN PDRIVER_OBJECT);
//代码区
//**************************************************************************************
//入口
#pragma INITCODE
extern "C" NTSTATUS DriverEntry(IN PDRIVER_OBJECT pDriObj,IN PUNICODE_STRING pRegPath)
{
PDEVICE_EXTENSION pdx;
KdPrint(("enter driver process...\n"));
pDriObj->DriverUnload=DriverUnload;
pDriObj->MajorFunction[IRP_MJ_CREATE]=IrpCreate;
pDriObj->MajorFunction[IRP_MJ_CLOSE]=IrpClose;
pDriObj->MajorFunction[IRP_MJ_WRITE]=IrpDefault;
pDriObj->MajorFunction[IRP_MJ_READ]=IrpRead;
pDriObj->MajorFunction[IRP_MJ_CLEANUP]=IrpCleanUp;
DeviceCreate(pDriObj);
return STATUS_SUCCESS;
}
//创建设备
#pragma INITCODE
NTSTATUS DeviceCreate(IN PDRIVER_OBJECT pDriObj)
{
NTSTATUS status=STATUS_SUCCESS;
PDEVICE_OBJECT pDevObj;
PDEVICE_EXTENSION pDevExt;
UNICODE_STRING devName;
RtlInitUnicodeString(&devName,L"\\Device\\Father");
status=IoCreateDevice(pDriObj,sizeof(pDevExt),&(UNICODE_STRING)devName,FILE_DEVICE_UNKNOWN,0,TRUE,&pDevObj);
if(!NT_SUCCESS(status))
{
return status;
}
pDevObj->Flags|=DO_BUFFERED_IO;
pDevExt=(PDEVICE_EXTENSION)pDevObj->DeviceExtension;
KdPrint(("up pDevExt:%d",pDevExt));
pDevExt->pDevice=pDevObj;
pDevExt->uDName=devName;
//初始化链表头
pDevExt->plinkListHead=(PLIST_ENTRY)ExAllocatePool(PagedPool,sizeof(LIST_ENTRY));
InitializeListHead(pDevExt->plinkListHead);
KdPrint(("pDriverExt->plinkListHead:%d",pDevExt->plinkListHead));
KdPrint(("pDriverExt->plinkListHead->Flink:%d",pDevExt->plinkListHead->Flink));
KdPrint(("pDriverExt->plinkListHead->Blink:%d",pDevExt->plinkListHead->Blink));
//符号连接
UNICODE_STRING symLinkName;
RtlInitUnicodeString(&symLinkName,L"\\??\\Father");
pDevExt->uSymName=symLinkName;
status=IoCreateSymbolicLink(&symLinkName,&devName);
if (!NT_SUCCESS(status))
{
IoDeleteDevice(pDevObj);
return status;
}
return status;
}
//删除驱动
#pragma PAGEDCODE
void DriverUnload(IN PDRIVER_OBJECT pDriObj)
{
KdPrint(("Enter Close\n"));
PDEVICE_OBJECT pNextObj = pDriObj->DeviceObject;
while (pNextObj != NULL)
{
PDEVICE_EXTENSION pDevExt = (PDEVICE_EXTENSION)
pNextObj->DeviceExtension;
KdPrint(("-------------------------------"));
KdPrint(("pDevExt:%d",pDevExt));
//删除符号链接
UNICODE_STRING pLinkName = pDevExt->uSymName;
IoDeleteSymbolicLink(&pLinkName);
KdPrint(("name:%d",pDevExt->plinkListHead));
//__try{
//ExFreePool(pDevExt->plinkListHead);
//}
//__except(EXCEPTION_EXECUTE_HANDLER)
//{
//KdPrint(("error in pointers"));
//}
KdPrint(("pDriverExt->plinkListHead:%d",pDevExt->plinkListHead));
KdPrint(("pDriverExt->plinkListHead->Flink:%d",pDevExt->plinkListHead->Flink));
KdPrint(("pDriverExt->plinkListHead->Blink:%d",pDevExt->plinkListHead->Blink));
pNextObj = pNextObj->NextDevice;
IoDeleteDevice( pDevExt->pDevice );
}
KdPrint(("Leave Close\n"));
}
//
NTSTATUS IrpCleanUp(IN PDEVICE_OBJECT pDevObj,IN PIRP pirp)
{
NTSTATUS status=STATUS_SUCCESS;
PMYDATASTRUCT my_irp_entry;
PDEVICE_EXTENSION pDevExt=(PDEVICE_EXTENSION)pDevObj->DeviceExtension;
while(!IsListEmpty(pDevExt->plinkListHead))
{
__try
{
PLIST_ENTRY pEntry=RemoveHeadList(pDevExt->plinkListHead);
my_irp_entry=CONTAINING_RECORD(pEntry,MYDATASTRUCT,ListEntry);
my_irp_entry->pirp->IoStatus.Status=status;
my_irp_entry->pirp->IoStatus.Information=0;
IoCompleteRequest(my_irp_entry->pirp,IO_NO_INCREMENT);
ExFreePool(my_irp_entry);
}
__except(EXCEPTION_EXECUTE_HANDLER)
{
KdPrint(("error in pointers"));
}
}
status=STATUS_SUCCESS;
pirp->IoStatus.Status=status;
pirp->IoStatus.Information=0;
IoCompleteRequest(pirp,IO_NO_INCREMENT);
return status;
}
//读处理
NTSTATUS IrpRead(IN PDEVICE_OBJECT pDevObj,IN PIRP pirp)
{
PDEVICE_EXTENSION pDevExt=(PDEVICE_EXTENSION)pDevObj->DeviceExtension;
DbgPrint("enter list in...");
PMYDATASTRUCT pData=(PMYDATASTRUCT)ExAllocatePool(PagedPool,sizeof(MYDATASTRUCT));

InsertHeadList(pDevExt->plinkListHead,&pData->ListEntry);
IoMarkIrpPending(pirp);
KdPrint(("list ined out..."));
return STATUS_PENDING;
}
//写处理
#pragma PAGEDCODE
NTSTATUS IrpWrite(IN PDEVICE_OBJECT pDevObj,IN PIRP pirp)
{
NTSTATUS status=STATUS_SUCCESS;
return status;
}
//默认处理
#pragma PAGEDCODE
NTSTATUS IrpDefault(IN PDEVICE_OBJECT pDevObj,IN PIRP pirp)
{
NTSTATUS status=STATUS_SUCCESS;

return status;
}
//关闭处理
#pragma PAGEDCODE
NTSTATUS IrpClose(IN PDEVICE_OBJECT pDevObj,IN PIRP pirp)
{
NTSTATUS status=STATUS_SUCCESS;

return status;
}
NTSTATUS IrpCreate(IN PDEVICE_OBJECT pDevObj,IN PIRP pirp)
{
NTSTATUS status=STATUS_SUCCESS;

return status;
}

junuo · 发表于2009-11-30 08:39

哪个UNLOAD蓝屏的啊？

shangyl · 发表于2009-11-30 11:26

就是当加载后再运行然后再运行卸载例程就会蓝屏！//__try{
//ExFreePool(pDevExt->plinkListHead);
//}
//__except(EXCEPTION_EXECUTE_HANDLER)
//{
//KdPrint(("error in pointers"));
//}
加上的是后，而且我发现在加载时初始化链表，然后直接再运行卸载例程，用kdprint();打出来的链表头地址会减一，我是把链表头放在驱动扩展里面的，如果用ExFreePool(pDevExt->plinkListHead); 就会出现蓝屏。

求救呀!nt驱动用链表实现irp同的问题 [复制链接]

最新回复