什麼可能導致「MDL在同一進程列表上被插入兩次」？

Question

我們正在開發NDIS協議和微型端口驅動程序。當駕駛員在使用中，系統處於休眠狀態，我們得到一個錯誤檢查（藍屏），出現以下錯誤：

LOCKED_PAGES_TRACKER_CORRUPTION (d9) 
Arguments: 
Arg1: 00000001, The MDL is being inserted twice on the same process list. 
Arg2: 875da420, Address of internal lock tracking structure. 
Arg3: 87785728, Address of memory descriptor list. 
Arg4: 00000013, Number of pages locked for the current process. 

爲我們的司機並不在列表中出現堆棧跟蹤是不是特別有幫助：

nt!RtlpBreakWithStatusInstruction 
nt!KiBugCheckDebugBreak+0x19 
nt!KeBugCheck2+0x574 
nt!KeBugCheckEx+0x1b 
nt!MiAddMdlTracker+0xd8 
nt!MmProbeAndLockPages+0x629 
nt!NtWriteFile+0x55c 
nt!KiFastCallEntry+0xfc 
ntdll!KiFastSystemCallRet 
ntdll!ZwWriteFile+0xc 
kernel32!WriteFile+0xa9 

哪些類型的問題可能導致此MDL錯誤？

Answer 1

原來，問題是在我們IRP_MJ_WRITE處理與此相關的代碼：

/* If not in D0 state, don't attempt transmits */ 
if (ndisProtocolOpenContext && 
    ndisProtocolOpenContext->powerState > NetDeviceStateD0) 
{ 
    DEBUG_PRINT(("NPD: system in sleep mode, so no TX\n")); 
    return STATUS_UNSUCCESSFUL; 
} 

這意味着，我們並沒有完全完成IRP與NDIS很可能做一些有趣的結果。增加對IoCompleteRequest的調用修復了問題。

/* If not in D0 state, don't attempt transmits */ 
if (ndisProtocolOpenContext && 
    ndisProtocolOpenContext->powerState > NetDeviceStateD0) 
{ 
    DEBUG_PRINT(("NPD: system in sleep mode, so no TX\n")); 
    pIrp->IoStatus.Status = STATUS_UNSUCCESSFUL; 
    IoCompleteRequest(pIrp, IO_NO_INCREMENT); 
    return STATUS_UNSUCCESSFUL; 
}