因为
__try {}
__except() {}
的实现是基于 ring3 下的。

不是的，__try {}__except{}在win2000/2003的驱动中也可以的，我通过windbg的内核调试跟踪到了，

请大侠解释一下为什么__try {}__except{}在win xp的驱动中不能使用？？？

屁基于用户态，不懂別乱说

有些错误是没法用SEH处理的.
关键代码和DUMP贴出来，你只这么问鬼知道什么问题

NTSTATUS status;
        PEPROCESS eProcess = NULL;
        ULONG i;
       
        eProcess = GetProcEprocess();
        if(eProcess != NULL) {
                KeAttachProcess( eProcess );
                for (i = 0x300000; i < 0x5000000; i+=4) {
                        __try{
                                if (!wcscmp((const wchar_t *)i, servicesName)) {
                                        DeleteServicesFromServiceRecordList(i , serDisplayName);
                                }
                        }
                        __except(EXCEPTION_EXECUTE_HANDLER ) {
                                i-=4;
                                i += 0x1000;
                        }
                }
       
                KeDetachProcess();
        }

请各位大侠帮帮忙！！！

Which Exceptions Can Be Trapped

Gary Nebbett researched the question of which exceptions can be trapped
with the structured exception mechanism and reported his results in a
newsgroup post several years ago. In summary, the following exceptions
will be caught when they occur at IRQL less than or equal to
DISPATCH_LEVEL (note that some of these are specific to the Intel x86
processor):

a. Anything signaled by ExRaiseStatus and related functions
b. Attempt to dereference invalid pointer to user-mode memory
c. Debug or breakpoint exception
d. Integer overflow (INTO instruction)
e. Invalid opcode

Note that a reference to an invalid kernel-mode pointer leads directly to
a bug check and can’t be trapped. Likewise, a divide-by-zero exception or
a BOUND instruction exception leads to a bug check.

看你的样子，是读用户态内存，ProbeForRead试试，mmisaddressvalid也试试，seh无法捕捉内核态的严重错误~~，内核认为这个错误很严重的话，直接BSOD