异步IRP的教训(已附DUMP)
来源:互联网 发布:c 编程主要应用 编辑:程序博客网 时间:2024/06/06 19:31
[教训]异步IRP中,IoSetCompletionRoutine()要在IoCallDriver()的前面,不然底层驱动完成了读写之后,找不到完成例程,会导致出错。看似简单,不小心却可能带来大麻烦。
[经过]修改驱动,需要把原来较大的IO切成小IO发给磁盘驱动,结果改完后一读写数据就蓝屏,百思不得其解。折腾了很长时间之后,才发现在RwBuildIrpAndCallDriver()函数里,IoSetCompletionRoutine()在IoCallDriver()的前面。遂做修改,调整顺序,数据读写正常。
其实在DUMP文件中,通过对堆栈调用和崩溃位置的分析,应该可以早点看出问题来。
下附DUMP分析:
0: kd> !analyze -v******************************************************************************** ** Bugcheck Analysis ** ********************************************************************************IRQL_NOT_LESS_OR_EQUAL (a)An attempt was made to access a pageable (or completely invalid) address at aninterrupt request level (IRQL) that is too high. This is usuallycaused by drivers using improper addresses.If a kernel debugger is available get the stack backtrace.Arguments:Arg1: 000000e8, memory referencedArg2: 00000002, IRQLArg3: 00000001, bitfield :bit 0 : value 0 = read operation, 1 = write operationbit 3 : value 0 = not an execute operation, 1 = execute operation (only on chips which support this level of status)Arg4: 80a0da16, address which referenced memoryDebugging Details:------------------WRITE_ADDRESS: 000000e8 CURRENT_IRQL: 2FAULTING_IP: hal!KeAcquireInStackQueuedSpinLock+2680a0da16 8711 xchg edx,dword ptr [ecx]DEFAULT_BUCKET_ID: DRIVER_FAULTBUGCHECK_STR: 0xAPROCESS_NAME: IdleTRAP_FRAME: 8087924c -- (.trap 0xffffffff8087924c)ErrCode = 00000002eax=808792d4 ebx=00000000 ecx=000000e8 edx=808792d4 esi=00000000 edi=8a500c88eip=80a0da16 esp=808792c0 ebp=808792e0 iopl=0 nv up ei pl nz ac po nccs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00010212hal!KeAcquireInStackQueuedSpinLock+0x26:80a0da16 8711 xchg edx,dword ptr [ecx] ds:0023:000000e8=????????Resetting default scopeLAST_CONTROL_TRANSFER: from 80a0da16 to 8086c6d0STACK_TEXT: 8087924c 80a0da16 badb0d00 808792d4 00000001 nt!KiTrap0E+0x238808792c0 8082519e 8a500c88 8a500c48 00000000 hal!KeAcquireInStackQueuedSpinLock+0x26808792e0 8081a518 8a500c88 00000000 00000000 nt!KeInsertQueueApc+0x2080879314 ba108c70 80879344 ba108f54 8a797030 nt!IopfCompleteRequest+0x1d88087931c ba108f54 8a797030 8a500c48 00000001 CLASSPNP!ClassCompleteRequest+0x1180879344 8081a3e2 00000000 87eed5d8 898ab488 CLASSPNP!TransferPktComplete+0x18080879374 b9dfc8f8 8aac49e0 87eed5d8 808793b8 nt!IopfCompleteRequest+0xa280879384 b9dfc436 8a436d80 00000001 00000000 SCSIPORT!SpCompleteRequest+0x5e808793b8 b9dfc6f7 8aac49e0 8a436d80 80879427 SCSIPORT!SpProcessCompletedRequest+0x63280879428 8086de5f 8aac499c 8aac4928 00000000 SCSIPORT!ScsiPortCompletionDpc+0x2b580879450 8086dd44 00000000 0000000e 00000000 nt!KiRetireDpcList+0x6180879454 00000000 0000000e 00000000 00000000 nt!KiIdleLoop+0x28STACK_COMMAND: kbFOLLOWUP_IP: CLASSPNP!ClassCompleteRequest+11ba108c70 5d pop ebpSYMBOL_STACK_INDEX: 4SYMBOL_NAME: CLASSPNP!ClassCompleteRequest+11FOLLOWUP_NAME: MachineOwnerMODULE_NAME: CLASSPNPIMAGE_NAME: CLASSPNP.SYSDEBUG_FLR_IMAGE_TIMESTAMP: 41107ec2FAILURE_BUCKET_ID: 0xA_CLASSPNP!ClassCompleteRequest+11BUCKET_ID: 0xA_CLASSPNP!ClassCompleteRequest+11Followup: MachineOwner---------
- 异步IRP的教训(已附DUMP)
- IRP的异步完成
- 同步,异步IRP的处理
- 同步,异步IRP的处理
- IRP的同步完成与异步完成
- IRP的同步完成与异步完成
- irp的异步完成_irp等待插入队列_删除队列_结束irp
- irp的异步完成_取消irp设置回调函数_应用层CancelIo
- 应用程序对设备 + IRP 的同步异步学习
- 驱动开发(13)IRP 的异步完成和 CancelRoutine
- 错误理解 thrift 异步client 和 异步server的教训
- 一个计算机大师的人生教训[原译](附原文)
- IoBuildAsynchronousFsdRequest创建IRP数据包_异步
- 对IRP的理解
- IRP 的创建
- 对IRP的理解
- IRP的创建
- IRP的完成例程
- select系统调用
- 017-字符串
- JS获取屏幕、浏览器、网页高度宽度
- LinearLayout
- mongoDB sharding 集群配置示例(转)
- 异步IRP的教训(已附DUMP)
- 做个睿智的女子
- 15个google面试题
- 单链表逆序算法
- DesignPattern-Factory Method
- 水晶报表中去掉小数点后面无用的零
- 对select和epoll的理解
- Hadoop MR 数据聚类算法
- open打开的页面最大化的js方法和如何获取电脑宽度和高度的方法
