Initially, I started to develop the driver, and all of them came by myself step by step. It was inevitable that I had a lot of detours and made a windows filter driver, the filter driver is the best driver in development. It only processes the received IRPs (depending on your needs ).
Development Environment: Windows XP, Development Kit: Windows DDK 2600. Here we will focus on the debugging environment, install virtual machines, and use virtual machines as the target PC (mainly blue screen computers will restart), and set the IP address to be consistent with the network segment of the main PC, in this way, files can be shared between the primary PC and the target PC. At the same time, WinDbg can open debugging files on the Virtual Machine. Download WinDbg software and debug the software for free, this software is mainly used for kernel-level debugging. For more information about how to use it, see the WinDbg user manual. It can be used for single-step tracking and has powerful functions. Download The DbgView software, which is also free of charge, you can view the debugging output information (printed by dbuplint or KdPrint function). It is also very convenient to use. For details, refer to the official website of Microsoft. The debugging information of the driver will be printed on DbgView, this makes it easy to locate program errors (mainly logical errors). If a driver error occurs, it may cause a blue screen. In this case, you can use the methods described below to locate the error. Before the system crashes, the operating system will record the current call stack as a dump file. However, you must first determine whether the computer has stored the Dump information by right-clicking "My Computer ", select" properties ", and the" System Properties "dialog box is displayed. In the dialog box, click the" advanced "tab, and then click the" Settings "button (the third setting button ), in the displayed dialog box, select all check boxes and click OK. The dump file is stored in the C:/WINDOWS/Minidump directory. Wait until the VM restarts, you can use WinDbg to open the dump File generated by the crash in this directory to find out where the error occurred. In this case, you need to set the Image File Path, WinDbg -- File -- Image File Path, write the sys File directory. the sys file should be in the driver directory. sys File. Note that the path settings of the symbol table are not too long here. After opening the dump file, you can see the command window and select View -- Call Stack to View the function Call Stack, this type of function call relationship is a snapshot before the system crash, so we can analyze the words in the call that caused the system crash. If you do not have a blue screen, use DbgView to locate the error. If the kernel function call provided by the system fails, you can check the returned value (printed using dbgprs Int or KdPrint function) to view ntstatus. h file, find the corresponding error code to determine the root cause of the error.
When writing a driver, try not to use the RTL (Runtime Library) function at the application layer, and use all the RTL functions provided by DDK. This is mainly because the driver runs at the RING Level 0, while the application runs at the RING Level 3, the global variable should be used as little as possible (but I still use the global variable ^_^), mainly because the global variable may cause the function to be reentrant, the solution is to store the global variables you want to use in the form of device extensions and apply appropriate synchronous protection measures (for example, using the spin lock SpinLock ).
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
