|
[求助]双主机连接调试,问题求救
串口测试软件的结果只能说明串口及线路的好坏,就算能通迅,也不能代表dbg能通迅 在保证串口是好的情况下,要求连线,线能通迅没用,要符合它才行,要质量好一点,长度短一点的连通的可能性会高一点 |
|
[求助]串口为何不能识别?
输入/输出范围 03F8 - 03FF 使用者: ACPI 基于 x86 的电脑 中断请求 0x00000004 (04) 使用者: ACPI 基于 x86 的电脑 串口被 ACPI 占用,求救 |
|
[求助]串口为何不能识别?
主板上串口现成的为什么要去转一下呢?微软这么说的? |
|
[求助]内存拷贝蓝屏,求助
驱动程序默认就0级中断最低了的,把所有IRQL相关的代码去掉,仅仅一个考贝函数,还是读一些后 蓝屏,疯了 |
|
[求助]内存拷贝蓝屏,求助
如何把IRQL等级调到最低啊,能给个代码吗 |
|
[求助]内存拷贝蓝屏,求助
PVOID myMemory; 驱动入口函数() { ... Copy__Memory(); } PVOID Copy__Memory() { KIRQL oldIrql; ULONG mbase=0xb1ab2000; //某模块基址 ULONG msize=851968; //模块长度 myMemory=ExAllocatePool(NonPagedPool,msize); //myMemory 是全局变量 if(myMemory==NULL) { return NULL; } oldIrql = KeRaiseIrqlToDpcLevel(); __asm { cli push eax //去掉保护 mov eax,cr0 and eax,0xfffeffff mov cr0,eax pop eax } RtlZeroMemory(myMemory,msize); RtlMoveMemory(myMemory,(PVOID)mbase,msize); __asm { push eax mov eax,cr0 or eax,10000h mov cr0,eax pop eax sti } KeLowerIrql(oldIrql); return myMemory; } --------------------------生成:testlsxx.sys--------------以下dmp文件内容 Loading Dump File [C:\Users\mydriver\Desktop\Mini010511-11.dmp] Mini Kernel Dump File: Only registers and stack trace are available Symbol search path is: D:\win7-32-Symbols;D:\WinDDK\7600.16385.1\Debuggers\symbols Executable search path is: Unable to load image ntoskrnl.exe, Win32 error 0n2 *** WARNING: Unable to verify timestamp for ntoskrnl.exe Windows XP Kernel Version 2600 (Service Pack 3) UP Free x86 compatible Product: WinNt, suite: TerminalServer SingleUserTS Machine Name: Kernel base = 0x804d8000 PsLoadedModuleList = 0x8055c1c0 Debug session time: Wed Jan 5 05:27:30.394 2011 (UTC + 8:00) System Uptime: 0 days 0:03:24.984 Unable to load image ntoskrnl.exe, Win32 error 0n2 *** WARNING: Unable to verify timestamp for ntoskrnl.exe Loading Kernel Symbols ............................................................... ................................................................ .... Loading User Symbols Loading unloaded module list ........... Unable to load image testlsxx.sys, Win32 error 0n2 *** WARNING: Unable to verify timestamp for testlsxx.sys *** ERROR: Module load completed but symbols could not be loaded for testlsxx.sys ******************************************************************************* * * * Bugcheck Analysis * * * ******************************************************************************* Use !analyze -v to get detailed debugging information. BugCheck 1000000A, {b1ab2000, 2, 0, 804dada8} *** WARNING: Unable to verify timestamp for mssmbios.sys Probably caused by : testlsxx.sys ( testlsxx+1153 ) Followup: MachineOwner --------- kd> !analyze -v ******************************************************************************* * * * Bugcheck Analysis * * * ******************************************************************************* IRQL_NOT_LESS_OR_EQUAL (a) An attempt was made to access a pageable (or completely invalid) address at an interrupt request level (IRQL) that is too high. This is usually caused by drivers using improper addresses. If a kernel debugger is available get the stack backtrace. Arguments: Arg1: b1ab2000, memory referenced Arg2: 00000002, IRQL Arg3: 00000000, bitfield : bit 0 : value 0 = read operation, 1 = write operation bit 3 : value 0 = not an execute operation, 1 = execute operation (only on chips which support this level of status) Arg4: 804dada8, address which referenced memory Debugging Details: ------------------ READ_ADDRESS: b1ab2000 CURRENT_IRQL: 2 FAULTING_IP: nt!memmove+33 804dada8 f3a5 rep movs dword ptr es:[edi],dword ptr [esi] CUSTOMER_CRASH_COUNT: 11 DEFAULT_BUCKET_ID: COMMON_SYSTEM_FAULT BUGCHECK_STR: 0xA PROCESS_NAME: System LAST_CONTROL_TRANSFER: from f8811153 to 804dada8 STACK_TEXT: f89b3c4c f8811153 81cc9000 b1ab2000 000d0000 nt!memmove+0x33 WARNING: Stack unwind information not available. Following frames may be wrong. f89b3c74 f881109f f89b3d4c 805a49ad 8212b800 testlsxx+0x1153 f89b3c7c 805a49ad 8212b800 81d9c000 00000000 testlsxx+0x109f f89b3d4c 805a4c83 800004b0 00000001 00000000 nt!IopLoadDriver+0x67d f89b3d74 804e526b 800004b0 00000000 823b6da8 nt!IopLoadUnloadDriver+0x56 f89b3dac 8057beff b1e9fcf4 00000000 00000000 nt!ExpWorkerThread+0x100 f89b3ddc 804f98ea 804e5196 00000001 00000000 nt!PspSystemThreadStartup+0x34 00000000 00000000 00000000 00000000 00000000 nt!KiThreadStartup+0x16 STACK_COMMAND: kb FOLLOWUP_IP: testlsxx+1153 f8811153 ?? ??? SYMBOL_STACK_INDEX: 1 SYMBOL_NAME: testlsxx+1153 FOLLOWUP_NAME: MachineOwner MODULE_NAME: testlsxx IMAGE_NAME: testlsxx.sys DEBUG_FLR_IMAGE_TIMESTAMP: 4d238e91 FAILURE_BUCKET_ID: 0xA_testlsxx+1153 BUCKET_ID: 0xA_testlsxx+1153 Followup: MachineOwner --------------------------------------------------------- 总之就是不能拷贝,写内存没问题,就是到一定时候就不能读了,用__try和__except 用 ProbeForRead进行测试也一样,直接返到except中,就是读有问题,用windbg的看内存 工具,到了接近不能读的区域也是提示不能读,用KD 去那地址读也是空白,但是这个地址是 在这个模块区间啊,为什么不能读呢,换几个模块也一样,读到一定数量字节后就不能读了 为什么??? 有什么别的办法获取某个模块的内存全部数据吗??求朋友们帮助啊 |
|
[求助]内存拷贝蓝屏,求助
跪求指点 |
|
[求助]内存拷贝蓝屏,求助
一个模块从头到尾,每一处的数据都 可以读出,为什么读出总数不能多?有数量限制?是它自身的限制还是系统给的限制? 它每一处内存数据都能读,那它的可读内存又是什么? |
|
[求助]内存拷贝蓝屏,求助
从首部到尾部的数据都是可以读的,就是好象不能连着读出1万以上的字节,如果读9000字节,随便在哪开始读都可以 |
|
[必读]新人导航和报到贴(报到时勿另发帖)
突然觉得没文化很可怕,所以来学学 |
操作理由
RANk
{{ user_info.golds == '' ? 0 : user_info.golds }}
雪币
{{ experience }}
课程经验
{{ score }}
学习收益
{{study_duration_fmt}}
学习时长
基本信息
荣誉称号:
{{ honorary_title }}
能力排名:
No.{{ rank_num }}
等 级:
LV{{ rank_lv-100 }}
活跃值:
在线值:
浏览人数:{{ visits }}
最近活跃:{{ last_active_time }}
注册时间:{{ user_info.create_date_jsonfmt }}
勋章
兑换勋章
证书
证书查询 >
能力值