代码可以在这里下载:http://bbs.pediy.com/showthread.php?t=83735
原来的代码未使用自旋锁,因为链表数据会丢失,
所以后来我在插入链表时使用了自旋锁,用的是 ExInterlockedInsertTailList 函数,
在WINXP和WIN2003下,已经不会再出现链表中数据丢失的情况了,
但在WIN2000下,还是会出现,出现的环境是卡巴和DebugView都运行的情况下,
当数据丢失后,试图通过DebugView打印时蓝屏了。
但如果关闭卡巴和DebugView任意一个,则不会蓝屏。
蓝屏如下:
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
Use !analyze -v to get detailed debugging information.
BugCheck 50, {ff974cb0, 0, 80461e23, 0}
*** ERROR: Module load completed but symbols could not be loaded for Dbgv.sys
*** ERROR: Module load completed but symbols could not be loaded for klif.sys
*** WARNING: Unable to verify checksum for irp4exe.exe
*** ERROR: Module load completed but symbols could not be loaded for irp4exe.exe
*************************************************************************
*** ***
*** ***
*** Your debugger is not using the correct symbols ***
*** ***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: kernel32!pNlsUserInfo ***
*** ***
*************************************************************************
Probably caused by : Dbgv.sys ( Dbgv+992 )
Followup: MachineOwner
---------
nt!RtlpBreakWithStatusInstruction:
80455558 cc int 3
kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
PAGE_FAULT_IN_NONPAGED_AREA (50)
Invalid system memory was referenced. This cannot be protected by try-except,
it must be protected by a Probe. Typically the address is just plain bad or it
is pointing at freed memory.
Arguments:
Arg1: ff974cb0, memory referenced.
Arg2: 00000000, value 0 = read operation, 1 = write operation.
Arg3: 80461e23, If non-zero, the instruction address which referenced the bad memory
address.
Arg4: 00000000, (reserved)
Debugging Details:
------------------
READ_ADDRESS: ff974cb0 Nonpaged pool
FAULTING_IP:
nt!_output+434
80461e23 66833800 cmp word ptr [eax],0
MM_INTERNAL_CODE: 0
DEFAULT_BUCKET_ID: DRIVER_FAULT
BUGCHECK_STR: 0x50
PROCESS_NAME: irp4exe.exe
TRAP_FRAME: be1204d4 -- (.trap 0xffffffffbe1204d4)
ErrCode = 00000000
eax=ff974cb0 ebx=80064b53 ecx=ff974cb0 edx=7fffffff esi=7ffffffe edi=00000001
eip=80461e23 esp=be120548 ebp=be12079c iopl=0 nv up ei pl nz na pe nc
cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00010206
nt!_output+0x434:
80461e23 66833800 cmp word ptr [eax],0 ds:0023:ff974cb0=????
Resetting default scope
LAST_CONTROL_TRANSFER: from 8042a9eb to 80455558
STACK_TEXT:
be1200b8 8042a9eb 00000003 be120100 ff974cb0 nt!RtlpBreakWithStatusInstruction
be1200e8 8042afde 00000003 c03fe5d0 80064b7c nt!KiBugCheckDebugBreak+0x31
be120474 80449d19 00000001 ff974cb0 00000000 nt!KeBugCheckEx+0x390
be1204bc 80467cbf 00000000 ff974cb0 00000000 nt!MmAccessFault+0x757
be1204bc 80461e23 00000000 ff974cb0 00000000 nt!KiTrap0E+0xc3
be12079c 80461626 be1207b4 f41a69de be120b00 nt!_output+0x434
be1207d4 be0e9992 be1207ec f41a69d0 be120afc nt!vsprintf+0x2d
WARNING: Stack unwind information not available. Following frames may be wrong.
be120af0 f41a6acd f41a69d0 ff974cb0 ff974cb0 Dbgv+0x992
be120bb8 8041ddf1 814ef030 815bef68 815bef68 irp4!MyDeviceIoControl+0xdd [e:\mydriver\irp\4\sys\irp4.c @ 172]
be120bcc 804ae9bc 815befd8 00000000 815bef68 nt!IopfCallDriver+0x35
be120be0 804af826 814ef030 815bef68 812e76e8 nt!IopSynchronousServiceTail+0x60
be120cb8 804a73ae 000003d4 00000000 00000000 nt!IopXxxControlFile+0x5e4
be120cec be6580ce 000003d4 00000000 00000000 nt!NtDeviceIoControlFile+0x28
be120d34 80465024 000003d4 00000000 00000000 klif+0x100ce
be120d34 77f88403 000003d4 00000000 00000000 nt!KiSystemService+0xc4
0012feb8 77e6951b 000003d4 00000000 00000000 ntdll!ZwDeviceIoControlFile+0xb
0012ff1c 00401072 000003d4 00222400 00000000 KERNEL32!DeviceIoControl+0xf8
0012ffc0 77e889d5 00000006 00000008 7ffdf000 irp4exe+0x1072
0012fff0 00000000 00401181 00000000 000000c8 KERNEL32!BaseProcessStart+0x3dSTACK_COMMAND: kb
FOLLOWUP_IP:
Dbgv+992
be0e9992 83c40c add esp,0Ch
SYMBOL_STACK_INDEX: 7
SYMBOL_NAME: Dbgv+992
FOLLOWUP_NAME: MachineOwner
MODULE_NAME: Dbgv
IMAGE_NAME: Dbgv.sys
DEBUG_FLR_IMAGE_TIMESTAMP: 4436c4b6
FAILURE_BUCKET_ID: 0x50_Dbgv+992
BUCKET_ID: 0x50_Dbgv+992
Followup: MachineOwner
---------
请稍微指点一下!
原来的代码未使用自旋锁,因为链表数据会丢失,
所以后来我在插入链表时使用了自旋锁,用的是 ExInterlockedInsertTailList 函数,
在WINXP和WIN2003下,已经不会再出现链表中数据丢失的情况了,
但在WIN2000下,还是会出现,出现的环境是卡巴和DebugView都运行的情况下,
当数据丢失后,试图通过DebugView打印时蓝屏了。
但如果关闭卡巴和DebugView任意一个,则不会蓝屏。
蓝屏如下:
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
Use !analyze -v to get detailed debugging information.
BugCheck 50, {ff974cb0, 0, 80461e23, 0}
*** ERROR: Module load completed but symbols could not be loaded for Dbgv.sys
*** ERROR: Module load completed but symbols could not be loaded for klif.sys
*** WARNING: Unable to verify checksum for irp4exe.exe
*** ERROR: Module load completed but symbols could not be loaded for irp4exe.exe
*************************************************************************
*** ***
*** ***
*** Your debugger is not using the correct symbols ***
*** ***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: kernel32!pNlsUserInfo ***
*** ***
*************************************************************************
Probably caused by : Dbgv.sys ( Dbgv+992 )
Followup: MachineOwner
---------
nt!RtlpBreakWithStatusInstruction:
80455558 cc int 3
kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
PAGE_FAULT_IN_NONPAGED_AREA (50)
Invalid system memory was referenced. This cannot be protected by try-except,
it must be protected by a Probe. Typically the address is just plain bad or it
is pointing at freed memory.
Arguments:
Arg1: ff974cb0, memory referenced.
Arg2: 00000000, value 0 = read operation, 1 = write operation.
Arg3: 80461e23, If non-zero, the instruction address which referenced the bad memory
address.
Arg4: 00000000, (reserved)
Debugging Details:
------------------
READ_ADDRESS: ff974cb0 Nonpaged pool
FAULTING_IP:
nt!_output+434
80461e23 66833800 cmp word ptr [eax],0
MM_INTERNAL_CODE: 0
DEFAULT_BUCKET_ID: DRIVER_FAULT
BUGCHECK_STR: 0x50
PROCESS_NAME: irp4exe.exe
TRAP_FRAME: be1204d4 -- (.trap 0xffffffffbe1204d4)
ErrCode = 00000000
eax=ff974cb0 ebx=80064b53 ecx=ff974cb0 edx=7fffffff esi=7ffffffe edi=00000001
eip=80461e23 esp=be120548 ebp=be12079c iopl=0 nv up ei pl nz na pe nc
cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00010206
nt!_output+0x434:
80461e23 66833800 cmp word ptr [eax],0 ds:0023:ff974cb0=????
Resetting default scope
LAST_CONTROL_TRANSFER: from 8042a9eb to 80455558
STACK_TEXT:
be1200b8 8042a9eb 00000003 be120100 ff974cb0 nt!RtlpBreakWithStatusInstruction
be1200e8 8042afde 00000003 c03fe5d0 80064b7c nt!KiBugCheckDebugBreak+0x31
be120474 80449d19 00000001 ff974cb0 00000000 nt!KeBugCheckEx+0x390
be1204bc 80467cbf 00000000 ff974cb0 00000000 nt!MmAccessFault+0x757
be1204bc 80461e23 00000000 ff974cb0 00000000 nt!KiTrap0E+0xc3
be12079c 80461626 be1207b4 f41a69de be120b00 nt!_output+0x434
be1207d4 be0e9992 be1207ec f41a69d0 be120afc nt!vsprintf+0x2d
WARNING: Stack unwind information not available. Following frames may be wrong.
be120af0 f41a6acd f41a69d0 ff974cb0 ff974cb0 Dbgv+0x992
be120bb8 8041ddf1 814ef030 815bef68 815bef68 irp4!MyDeviceIoControl+0xdd [e:\mydriver\irp\4\sys\irp4.c @ 172]
be120bcc 804ae9bc 815befd8 00000000 815bef68 nt!IopfCallDriver+0x35
be120be0 804af826 814ef030 815bef68 812e76e8 nt!IopSynchronousServiceTail+0x60
be120cb8 804a73ae 000003d4 00000000 00000000 nt!IopXxxControlFile+0x5e4
be120cec be6580ce 000003d4 00000000 00000000 nt!NtDeviceIoControlFile+0x28
be120d34 80465024 000003d4 00000000 00000000 klif+0x100ce
be120d34 77f88403 000003d4 00000000 00000000 nt!KiSystemService+0xc4
0012feb8 77e6951b 000003d4 00000000 00000000 ntdll!ZwDeviceIoControlFile+0xb
0012ff1c 00401072 000003d4 00222400 00000000 KERNEL32!DeviceIoControl+0xf8
0012ffc0 77e889d5 00000006 00000008 7ffdf000 irp4exe+0x1072
0012fff0 00000000 00401181 00000000 000000c8 KERNEL32!BaseProcessStart+0x3dSTACK_COMMAND: kb
FOLLOWUP_IP:
Dbgv+992
be0e9992 83c40c add esp,0Ch
SYMBOL_STACK_INDEX: 7
SYMBOL_NAME: Dbgv+992
FOLLOWUP_NAME: MachineOwner
MODULE_NAME: Dbgv
IMAGE_NAME: Dbgv.sys
DEBUG_FLR_IMAGE_TIMESTAMP: 4436c4b6
FAILURE_BUCKET_ID: 0x50_Dbgv+992
BUCKET_ID: 0x50_Dbgv+992
Followup: MachineOwner
---------
请稍微指点一下!
解决方案 »
免费领取超大流量手机卡,每月29元包185G流量+100分钟通话, 中国电信官方发货