我在DispatchDeviceControl里

调用这个函数...会导致蓝屏..可以看到
DRIVER_IRQL_NOT_LESS_OR_EQUAL这样的提示

我把cli sti注释掉就不蓝了..

请问何解?

我对驱动的各种同步以及开关中断的情境不是很了解..有哪位能给指点指点吗?

PPTE GetPteAddress( PVOID VirtualAddress )
{
  PPTE pPTE = 0;
  __asm
  {
    cli      //disable interrupts
    pushad
    mov esi, PROCESS_PAGE_DIR_BASE
    mov edx, VirtualAddress
    mov eax, edx
    shr eax, 22
    lea eax, [esi + eax*4]  //pointer to page directory entry (PDE)
    test [eax], 0x80
    jnz Is_Large_Page  //it's a large page
    mov esi, PROCESS_PAGE_TABLE_BASE
    shr edx, 12
    lea eax, [esi + edx*4]  //pointer to page table entry (PTE)
    mov pPTE, eax
    jmp Done

    //NOTE: There is not a page table for large pages because the PTE's are contained in the page directory.
    Is_Large_Page:
    mov pPTE, eax

    Done:
    popad
    sti    //reenable interrupts
  }//end asm

  return pPTE;

}//end GetPteAddress

[培训]科锐逆向工程师培训第53期2025年7月8日开班！