- This topic has 0 replies, 1 voice, and was last updated 14 years, 10 months ago by
.
-
Posts
-
Hi
I want to send UDP packets over the Ethernet. The driver must work on and windows server 2003 OS and so the Winsock for Kernel are no option. So I use the TDI. I can open an port and close an port without problems. But when i want to send an packet i got an BSOD.Sendroutine
// send an udp packet to an spezific port and ip
NTSTATUS UdpToTdi_SendData(UDP_PORT_INFO* port, ushort destPort, ulong destIp, uchar *data, uint size)
{
NTSTATUS status = STATUS_SUCCESS;
NDIS_STATUS ndis_status = NDIS_STATUS_SUCCESS;
PNDIS_BUFFER ndis_buffer;
PMDL pMdl;
if(gl_StatusInit == 0)
{
DbgPrint("TdiInterfaceUdp::UdpToTdi_Senddata: TDI not initializedn");
return STATUS_ACCESS_DENIED;
}
if(size == 0 || data == NULL || destPort == 0 || destIp == 0 || port == NULL)
{
DbgPrint("TdiInterfaceUdp::UdpToTdi_Senddata: Invalid Parametersn");
return STATUS_ACCESS_DENIED;
}
port->addr.TAAddressCount = 1;
port->addr.Address[0].AddressLength = TDI_ADDRESS_LENGTH_IP;
port->addr.Address[0].AddressType = TDI_ADDRESS_TYPE_IP;
port->addr.Address[0].Address[0].sin_port = RtlUshortByteSwap(destPort);
port->addr.Address[0].Address[0].in_addr = RtlUlongByteSwap(destIp);
port->addr.Address[0].Address[0].sin_zero[0] = 0;
port->addr.Address[0].Address[0].sin_zero[1] = 0;
port->addr.Address[0].Address[0].sin_zero[2] = 0;
port->addr.Address[0].Address[0].sin_zero[3] = 0;
port->addr.Address[0].Address[0].sin_zero[4] = 0;
port->addr.Address[0].Address[0].sin_zero[5] = 0;
port->addr.Address[0].Address[0].sin_zero[6] = 0;
port->addr.Address[0].Address[0].sin_zero[7] = 0;
port->tdiInfo.UserDataLength = 0;
port->tdiInfo.UserData = 0;
port->tdiInfo.OptionsLength = 0;
port->tdiInfo.Options = 0;
port->tdiInfo.RemoteAddressLength = sizeof(port->addr);
port->tdiInfo.RemoteAddress = &port->addr;
port->pIrp = TdiBuildInternalDeviceControlIrp(TDI_SEND_DATAGRAM,
gl_pDevice,
port->pAddrFileObj,
NULL,
&port->IoStatus);
if(port->pIrp == NULL)
{
DbgPrint("TdiInterfaceUdp::UdpToTdi_Senddata: TdiBuildInternalDeviceControlIrp failedn");
return STATUS_ACCESS_DENIED;
}
pMdl = IoAllocateMdl(&data, size, FALSE, FALSE, NULL);
if(pMdl == NULL)
{
DbgPrint("TdiInterfaceUdp::UdpToTdi_Senddata: Allocating pMdl not successfulln");
return STATUS_ACCESS_DENIED;
}
_try
{
MmProbeAndLockPages(pMdl, KernelMode, IoModifyAccess);
}
_except(EXCEPTION_EXECUTE_HANDLER)
{
DbgPrint("TdiInterfaceUdp::UdpToTdi_Senddata: MmProbeAndLockPages() failedn");
return STATUS_ACCESS_DENIED;
}
TdiBuildSendDatagram(port->pIrp,
gl_pDevice,
port->pAddrFileObj,
(PIO_COMPLETION_ROUTINE) UdpToTdi_SendComplete, // completion routine
pMdl,//ndis_buffer, // completion context
pMdl,//ndis_buffer,
size,
&port->tdiInfo);
if(port->pIrp != NULL && gl_pDevice != NULL)
status = IoCallDriver(gl_pDevice, port->pIrp);
if(status != STATUS_SUCCESS && status != STATUS_PENDING)
DbgPrint("TdiInterfaceUdp::UdpToTdi_Senddata: IoCallDriver failedn");
return status;
}
// callback function for the send function
NTSTATUS UdpToTdi_SendComplete(PDEVICE_OBJECT obj, PIRP Irp, PVOID pContext)
{
TDI_STATUS Status = Irp->IoStatus.Status;
PMDL pMdl = (PMDL)pContext;
DbgPrint("SendComplete arrivedn");
if (Status)
DbgPrint("TdiInterfaceUdp::UdpToTdi_SendComplete: Error %d during sending an paketn", Status);
if(pMdl != NULL)
IoFreeMdl(pMdl);
if(Irp != NULL)
IoFreeIrp(Irp);
else
DbgPrint("Irp == NULLn");
return STATUS_MORE_PROCESSING_REQUIRED;
}
BlueScreen:
SYSTEM_THREAD_EXCEPTION_NOT_HANDLED_M (1000007e)
This is a very common bugcheck. Usually the exception address pinpoints
the driver/function that caused the problem. Always note this address
as well as the link date of the driver/image that contains this address.
Some common problems are exception code 0x80000003. This means a hard
coded breakpoint or assertion was hit, but this system was booted
/NODEBUG. This is not supposed to happen as developers should never have
hardcoded breakpoints in retail code, but …
If this happens, make sure a debugger gets connected, and the
system is booted /DEBUG. This will let us see why this breakpoint is
happening.
Arguments:
Arg1: c0000005, The exception code that was not handled
Arg2: b936bcf4, The address that the exception occurred at
Arg3: b902bc5c, Exception Record Address
Arg4: b902b958, Context Record AddressDebugging Details:
EXCEPTION_CODE: (NTSTATUS) 0xc0000005 – The instruction at “0x%08lx” referenced memory at “0x%08lx”. The memory could not be “%s”.
FAULTING_IP:
tcpip!TCPDispatchInternalDeviceControl+36
b936bcf4 8b4810 mov ecx,dword ptr [eax+10h]EXCEPTION_RECORD: b902bc5c — (.exr 0xffffffffb902bc5c)
ExceptionAddress: b936bcf4 (tcpip!TCPDispatchInternalDeviceControl+0x00000036)
ExceptionCode: c0000005 (Access violation)
ExceptionFlags: 00000000
NumberParameters: 2
Parameter[0]: 00000000
Parameter[1]: 65732084
Attempt to read from address 65732084CONTEXT: b902b958 — (.cxr 0xffffffffb902b958)
eax=65732074 ebx=00000000 ecx=89db8a68 edx=89abe098 esi=89abe098 edi=89abe108
eip=b936bcf4 esp=b902bd24 ebp=b902bd30 iopl=0 nv up ei ng nz na po cy
cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00010283
tcpip!TCPDispatchInternalDeviceControl+0x36:
b936bcf4 8b4810 mov ecx,dword ptr [eax+10h] ds:0023:65732084=????????
Resetting default scopeCUSTOMER_CRASH_COUNT: 11
DEFAULT_BUCKET_ID: DRIVER_FAULT_SERVER_MINIDUMP
CURRENT_IRQL: 0
ERROR_CODE: (NTSTATUS) 0xc0000005 – The instruction at “0x%08lx” referenced memory at “0x%08lx”. The memory could not be “%s”.
EXCEPTION_PARAMETER1: 00000000
EXCEPTION_PARAMETER2: 65732084
READ_ADDRESS: 65732084
FOLLOWUP_IP:
ITCTECCTI!UdpToTdi_SendData+2f7 [c:itctecctitest_wdf_itctecctiwdf_itctecctitdiinterfaceudp.c @ 342]
b80e8bb7 8945d8 mov dword ptr [ebp-28h],eaxBUGCHECK_STR: 0x7E
EXCEPTION_STR: 0x0
LAST_CONTROL_TRANSFER: from 8081df85 to b936bcf4
STACK_TEXT:
b902bd30 8081df85 89db8a68 89abe098 89a8c460 tcpip!TCPDispatchInternalDeviceControl+0x36
b902bd44 b80e8bb7 0124b395 00000000 89a8c460 nt!IoCsqInitializeEx+0xf
b902bd90 b80e82eb 88c2af84 00001000 5802a8c0 ITCTECCTI!UdpToTdi_SendData+0x2f7 [c:itctecctitest_wdf_itctecctiwdf_itctecctitdiinterfaceudp.c @ 342]
b902bdac 80949b7c 00000000 00000000 00000000 ITCTECCTI!TimingThread+0x3b [c:itctecctitest_wdf_itctecctiwdf_itctecctiitctecctidriver.c @ 241]
b902bddc 8088e092 b80e82b0 00000000 00000000 nt!NtSetInformationJobObject+0x58c
00000000 00000000 00000000 00000000 00000000 nt!HalDispatchTable+0x1aFAULTING_SOURCE_CODE:
No source found for ‘c:itctecctitest_wdf_itctecctiwdf_itctecctitdiinterfaceudp.c’SYMBOL_STACK_INDEX: 2
SYMBOL_NAME: ITCTECCTI!UdpToTdi_SendData+2f7
FOLLOWUP_NAME: MachineOwner
MODULE_NAME: ITCTECCTI
IMAGE_NAME: ITCTECCTI.sys
DEBUG_FLR_IMAGE_TIMESTAMP: 4a42210e
STACK_COMMAND: .cxr 0xffffffffb902b958 ; kb
FAILURE_BUCKET_ID: 0x7E_ITCTECCTI!UdpToTdi_SendData+2f7
BUCKET_ID: 0x7E_ITCTECCTI!UdpToTdi_SendData+2f7
Followup: MachineOwner
If somebody see an error please tell me. THANKS
Harald
- You must be logged in to reply to this topic.