从IRP使用MDL时出现问题 [英] A problem when using an MDL from an IRP

问题描述

我在Windows中编写了一个虚拟USB总线驱动程序，在枚举USBSTOR驱动程序之后，在USB批量或中断传输阶段，USBSTOR驱动程序将发送一些带有MDL指针的IRP.这意味着使用直接I/O方法(但奇怪的是，IRP中的方法"为都不").当我使用MDL复制数据时，会导致崩溃.处理MDL的代码如下:

I wrote a virtual USB bus driver in Windows, after it enumerate the USBSTOR driver, in the usb bulk or interrupt transfer phase, the USBSTOR driver will send some IRPs with MDL pointer. It means that using direct I/O method (but strangely, the "Method" in the IRP is "Neither"). When I use the MDL to copy data, it cause a crash. The code to deal with the mdl is below:

if(Irp->MdlAddress != NULL)
{
    buf = MmGetSystemAddressForMdlSafe(Irp->MdlAddress, NormalPagePriority);

    //It will not crash without this sentence
    RtlMoveMemory(buf, data, dataLength);
}

如果不复制数据，则不会崩溃.但是，当崩溃发生时，复制总是会有一些延迟，并且崩溃的点并不总是在一个地方.
当我将buf中的数据打印出来然后再复制到buf时，我发现有时它并不全为零.它应该全为零.这意味着但不指向将数据复制到的正确缓冲区.数据被复制到内核中的未知位置，这会导致崩溃.

问题是，为什么我会通过使用MmGetSystemAddressForMdlSafe()获得错误的虚拟地址，这是USBSTOR驱动程序的错误还是什么?在复制数据之前，我还应该做其他事情吗?

Without copying data, it will not crash. But when crash happen, there always be some delay from copying, and the point it crash down, not always at one place.
When I print out the data from the buf before copying to it, I saw some times it''s not all zero. It should be all zero. It means the but dosn''t point to the right buffer the data shall be copied to. The data was copied to an unknow place in the kernel, it cause a crash.

The question is why would I get a wrong virtual address by using MmGetSystemAddressForMdlSafe(), is this a bug of USBSTOR driver or what? Should I do something else before copying data?

推荐答案

我现在知道原因了.在这里获取虚拟地址之前，我做错了事.我降低了IRQL，这是一个致命错误.

I know the reason now. Before getting the virtual address here, I did a wrong thing. I lower the IRQL, this is a fatal error.

这篇关于从IRP使用MDL时出现问题的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！