NDIS Debugging Tips 0x01 how ndis miniport connect its ISR to system ?

最新推荐文章于 2025-04-17 11:54:16 发布
原创 最新推荐文章于 2025-04-17 11:54:16 发布 · 2k 阅读 · 1 ·
CC 4.0 BY-SA版权
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
文章标签:

#system #debugging #null #c #reference #list

本文分析了 NDIS 中断服务例程 (ISR) 的工作原理及其如何调度 NDIS 中断。详细介绍了 NDIS!ndisMIsr 函数的执行流程,并展示了如何使用调试工具进行跟踪。

kd> !idt

Dumping IDT:

37: 80a6e030 hal!PicSpuriousService37
3d: 80a6f2d4 hal!HalpApcInterrupt
41: 80a6f128 hal!HalpDispatchInterrupt
50: 80a6e108 hal!HalpApicRebootService
51: 810ecdd4 serial!SerialCIsrSw (KINTERRUPT 810ecd98)
52: 810f6544 i8042prt!I8042MouseInterruptService (KINTERRUPT 810f6508)
72: 81216bcc atapi!IdePortInterrupt (KINTERRUPT 81216b90)
83: 8110f2ac USBPORT!USBPORT_InterruptService (KINTERRUPT 8110f270)
92: 81276dd4 atapi!IdePortInterrupt (KINTERRUPT 81276d98)
93: 81152044 NDIS!ndisMIsr (KINTERRUPT 81152008)
a3: 8126b044 SCSIPORT!ScsiPortInterrupt (KINTERRUPT 8126b008)
b1: 81231044 ACPI!ACPIInterruptServiceRoutine (KINTERRUPT 81231008)
b3: 810f79ac i8042prt!I8042KeyboardInterruptService (KINTERRUPT 810f7970)
c1: 80a6e290 hal!HalpBroadcastCallService
d1: 80a6d624 hal!HalpClockInterrupt
e1: 80a6e6a0 hal!HalpIpiHandler
e3: 80a6e4c8 hal!HalpLocalApicErrorService
fd: 80a6ec0c hal!HalpProfileInterrupt

ndis!ndisMIsr 是ndis driver的universal ISR, 且看它如何dispatch ndis interrupt.

kd> bp ndis!ndisMIsr
kd> g
Breakpoint 0 hit
NDIS!ndisMIsr:
fc6db0aa  mov     edi,edi

kd> dds @esp L10
fc0f4730  8081f170 nt!KiInterruptDispatch+0x40
fc0f4734  81152008 ; _KINTERRUPT
fc0f4738  810d45dc ; _KINTERRUPT.ServiceContext
fc0f473c  00010008 ; it seems 1 is SharedVector, 8 is Irql, but i'm not sure... 
fc0f4740  00000193 ; interrupt vector
fc0f4744  00000000
fc0f4748  81152002
fc0f474c  00000193
fc0f4750  fc0f47dc
fc0f4754  80a6ea8a hal!KfLowerIrql+0x12
fc0f4758  badb0d00
fc0f475c  00001090
fc0f4760  00000000
fc0f4764  00000000
fc0f4768  00000000
fc0f476c  00000000

kd> dt nt!_KINTERRUPT 81152008
   +0x000 Type             : 22
   +0x002 Size             : 484
   +0x004 InterruptListEntry : _LIST_ENTRY [ 0x8115200c - 0x8115200c ]
   +0x00c ServiceRoutine   : 0xfc6db0aa     NDIS!ndisMIsr+0
   +0x010 ServiceContext   : 0x810d45dc ; here, the ServiceContext is actually a 
                           ; ndis!_NDIS_MINIPORT_INTERRUPT structure
   +0x014 SpinLock         : 0
   +0x018 TickCount        : 0xffffffff
   +0x01c ActualLock       : 0x8115226c  -> 0
   +0x020 DispatchAddress  : 0x8081f130     nt!KiInterruptDispatch+0
   +0x024 Vector           : 0x193
   +0x028 Irql             : 0x8 ''
   +0x029 SynchronizeIrql  : 0x8 ''
   +0x02a FloatingSave     : 0 ''
   +0x02b Connected        : 0x1 ''
   +0x02c Number           : 0 ''
   +0x02d ShareVector      : 0x1 ''
   +0x030 Mode             : 0 ( LevelSensitive )
   +0x034 ServiceCount     : 0
   +0x038 DispatchCount    : 0xffffffff
   +0x03c DispatchCode     : [106] 0x56535554

kd> dt 0x810d45dc ndis!_NDIS_MINIPORT_INTERRUPT
   +0x000 InterruptObject  : 0x81152008
   +0x004 DpcCountLock     : 0
   +0x008 Reserved         : 0x810d4500
   +0x00c MiniportIsr      : 0xfca576c6     pcntpci5!LanceISR+0
   +0x010 MiniportDpc      : 0xfca57e8a     pcntpci5!LanceHandleInterruptWithLock+0
   +0x014 InterruptDpc     : _KDPC
   +0x034 Miniport         : 0x810ee838
   +0x038 DpcCount         : 0 ''
   +0x039 Filler1          : 0 ''
   +0x03c DpcsCompletedEvent : _KEVENT
   +0x04c SharedInterrupt  : 0x1 ''
   +0x04d IsrRequested     : 0 ''


let's take a look at what ndis!ndisMIsr does...

kd> uf NDIS!ndisMIsr
NDIS!ndisMIsr:
fc6db0aa  mov     edi,edi
fc6db0ac  push    ebp
fc6db0ad  mov     ebp,esp
fc6db0af  push    ecx
fc6db0b0  push    esi
fc6db0b1  mov     esi,[ebp+0xc]  ;_KINTERRUPT.ServiceContext
fc6db0b4  mov     eax,[esi+0x34] ;@eax should be _NDIS_MINIPORT_INTERRUPT.Miniport, 
                                 ;just dt _NDIS_MINIPORT_INTERRUPT can get this fact,
                                 ;which is _NDIS_MINIPORT_BLOCK type
                                 ;let's abbreviate this block as NMB)
                                 ;abbreviate _NDIS_MINIPORT_INTERRUPT as NMI

fc6db0b7  push    edi
fc6db0b8  push    dword ptr [esi+0x8]
fc6db0bb  mov     byte ptr [ebp+0xf],0x0
fc6db0bf  test    byte ptr [eax+0x3c],0x1 ; 0
fc6db0c3  jne     NDIS!ndisMIsr+0x1b (fc6dd5ee) ; no jmp

NDIS!ndisMIsr+0x1b:
fc6dd5ee  mov     eax,[eax+0x8]
fc6dd5f1  call    dword ptr [eax+0x2c]
fc6dd5f4  mov     byte ptr [ebp+0xf],0x1
fc6dd5f8  mov     byte ptr [ebp-0x1],0x1
fc6dd5fc  jmp     NDIS!ndisMIsr+0x3c (fc6db0da)

NDIS!ndisMIsr+0x2b:
fc6db0c9  lea     eax,[ebp+0xf]
fc6db0cc  push    eax                 ; QueueMiniportHandleInterrupt

fc6db0cd  lea     eax,[ebp-0x1]
fc6db0d0  push    eax                 ; InterruptRecognized

fc6db0d1  call    dword ptr [esi+0xc] ; call pcntpci5!LanceISR+0, NMI.MiniportIsr

fc6db0d4  cmp     byte ptr [ebp+0xf],0x0 ; QueueMiniportHandleInterrupt == TRUE ?

fc6db0d8  jz      NDIS!ndisMIsr+0x5f (fc6db0fa) ; QueueMiniportHandleInterrupt == FALSE
                                                ; jmp to exit ndisMIsr

;
; QueueMiniportHandleInterrupt == TRUE, according to DDK, NDIS will
; queue a DPC (in term of NDIS, it's NdisHandleInterrupt routine,
; which is set in NDIS_MINIPORT_CHARACTERISTICS.HandleInterruptHandler)
;

NDIS!ndisMIsr+0x3c:
fc6db0da  xor     eax,eax
fc6db0dc  lea     edi,[esi+0x38]
fc6db0df  inc     eax
fc6db0e0  lock    xadd [edi],eax ; increase DPC count
fc6db0e4  push    0x0
fc6db0e6  push    0x0
fc6db0e8  add     esi,0x14
fc6db0eb  push    esi            ; NDIS!ndisMDpcX
fc6db0ec  call    dword ptr [NDIS!_imp__KeInsertQueueDpc (fc6c5198)] ; Queue DPC routine
fc6db0f2  test    al,al
fc6db0f4  je      NDIS!ndisMIsr+0x58 (fc6dd601)

NDIS!ndisMIsr+0x58:
fc6dd601  or      eax,0xffffffff  ; DPC is already in DPC Queue, so decrease DPC count
                                  ; return FALSE
fc6dd604  lock    xadd [edi],eax
fc6dd608  jmp     NDIS!ndisMIsr+0x5f (fc6db0fa)

NDIS!ndisMIsr+0x5f:
fc6db0fa  mov     al,[ebp-0x1]
fc6db0fd  pop     edi
fc6db0fe  pop     esi
fc6db0ff  leave
fc6db100  ret     0x8

kd> dt ndis!_NDIS_MINIPORT_INTERRUPT  @esi -r1
   +0x000 InterruptObject  : 0x81152008
   +0x004 DpcCountLock     : 0
   +0x008 Reserved         : 0x810d4500 
   +0x00c MiniportIsr      : 0xfca576c6     pcntpci5!LanceISR+0
   +0x010 MiniportDpc      : 0xfca57e8a     pcntpci5!LanceHandleInterruptWithLock+0
   +0x014 InterruptDpc     : _KDPC
      +0x000 Type             : 0x13 ''
      +0x001 Importance       : 0 ''
      +0x002 Number           : 0 ''
      +0x003 Expedite         : 0 ''
      +0x004 DpcListEntry     : _LIST_ENTRY [ 0x810f2234 - 0xffdffa40 ]
      +0x00c DeferredRoutine  : 0xfc6db108        NDIS!ndisMDpcX+0
      +0x010 DeferredContext  : 0x810d45dc
      +0x014 SystemArgument1  : (null)
      +0x018 SystemArgument2  : (null)
      +0x01c DpcData          : (null) 
   +0x034 Miniport         : 0x810ee838 
      +0x000 Signature        : 0x504d444e
      +0x004 NextMiniport     : (null)
      +0x008 DriverHandle     : 0x8111c708
      +0x00c MiniportAdapterContext : 0x810d4500
      +0x010 MiniportName     : _UNICODE_STRING "/DEVICE/{D0F0BDEF-43D7-4DED-BF6F-FA040B787796}"
      +0x018 BindPaths        : 0x81114a78
      +0x01c OpenQueue        : 0xffa298d8
      +0x020 ShortRef         : _REFERENCE
      +0x028 DeviceContext    : (null)
      +0x02c Padding1         : 0 ''
      +0x02d LockAcquired     : 0 ''
      +0x02e PmodeOpens       : 0 ''
      +0x02f AssignedProcessor : 0 ''
      +0x030 Lock             : 0
      +0x034 MediaRequest     : (null)
      +0x038 Interrupt        : 0x810d45dc
      +0x03c Flags            : 0x2c452008
      +0x040 PnPFlags         : 0x210000
      +0x044 PacketList       : _LIST_ENTRY [ 0x810ee87c - 0x810ee87c ]
      +0x04c FirstPendingPacket : (null)
      +0x050 ReturnPacketsQueue : (null)
      +0x054 RequestBuffer    : 0xb
      +0x058 SetMCastBuffer   : (null)
      +0x05c PrimaryMiniport  : 0x810ee838
      +0x060 WrapperContext   : 0x810ee7f0
      +0x064 BusDataContext   : 0x81218898
      +0x068 PnPCapabilities  : 0x30
      +0x06c Resources        : (null)
      +0x070 WakeUpDpcTimer   : _NDIS_TIMER
      +0x0b8 BaseName         : _UNICODE_STRING "{D0F0BDEF-43D7-4DED-BF6F-FA040B787796}"
      +0x0c0 SymbolicLinkName : _UNICODE_STRING "/??/PCI#VEN_1022&DEV_2000&SUBSYS_20001022&REV_10#3&61aaa01&0&88#{ad498944-762f-11d0-8dcb-00c04fc3358c}/{D0F0BDEF-43D7-4DED-BF6F-FA040B787796}"
      +0x0c8 CheckForHangSeconds : 2
      +0x0cc CFHangTicks      : 1
      +0x0ce CFHangCurrentTick : 1
      +0x0d0 ResetStatus      : 0
      +0x0d4 ResetOpen        : (null)
      +0x0d8 EthDB            : 0x810dca68
      +0x0d8 NullDB           : 0x810dca68
      +0x0dc TrDB             : (null)
      +0x0e0 FddiDB           : (null)
      +0x0e4 ArcDB            : (null)
      +0x0e8 PacketIndicateHandler : 0xfc6e6005        NDIS!ethFilterDprIndicateReceivePacket+0
      +0x0ec SendCompleteHandler : 0xfc6d7180        NDIS!ndisMSendCompleteX+0
      +0x0f0 SendResourcesHandler : 0xfc6dd86d        NDIS!NdisMSendResourcesAvailable+0
      +0x0f4 ResetCompleteHandler : 0xfc6dff74        NDIS!NdisMResetComplete+0
      +0x0f8 MediaType        : 0 ( NdisMedium802_3 )
      +0x0fc BusNumber        : 0
      +0x100 BusType          : 5 ( NdisInterfacePci )
      +0x104 AdapterType      : 5 ( NdisInterfacePci )
      +0x108 DeviceObject     : 0x810ee738
      +0x10c PhysicalDeviceObject : 0x812187e0
      +0x110 NextDeviceObject : 0x812187e0
      +0x114 MapRegisters     : 0x811414e8
      +0x118 CallMgrAfList    : (null)
      +0x11c MiniportThread   : (null)
      +0x120 SetInfoBuf       : (null)
      +0x124 SetInfoBufLen    : 0
      +0x126 MaxSendPackets   : 4
      +0x128 FakeStatus       : 0
      +0x12c LockHandler      : 0xfc6dc9fd
      +0x130 pAdapterInstanceName : 0x81117268  "AMD PCNET Family PCI Ethernet Adapter"
      +0x134 TimerQueue       : (null)
      +0x138 MacOptions       : 0x8f
      +0x13c PendingRequest   : (null)
      +0x140 MaximumLongAddresses : 0x20
      +0x144 MaximumShortAddresses : 0
      +0x148 CurrentLookahead : 0x80
      +0x14c MaximumLookahead : 0x200
      +0x150 HandleInterruptHandler : 0xfca57e8a        pcntpci5!LanceHandleInterruptWithLock+0
      +0x154 DisableInterruptHandler : 0xfca57676        pcntpci5!LanceDisableInterrupt+0
      +0x158 EnableInterruptHandler : 0xfca57626        pcntpci5!LanceEnableInterrupt+0
      +0x15c SendPacketsHandler : 0xfc6d764c        NDIS!ndisMSendPacketsX+0
      +0x160 DeferredSendHandler : 0xfc6d789a        NDIS!ndisMStartSendPackets+0
      +0x164 EthRxIndicateHandler : 0xfc6e6ef1        NDIS!EthFilterDprIndicateReceive+0
      +0x168 TrRxIndicateHandler : 0xfc6e853f        NDIS!TrFilterDprIndicateReceive+0
      +0x16c FddiRxIndicateHandler : 0xfc6e5044        NDIS!FddiFilterDprIndicateReceive+0
      +0x170 EthRxCompleteHandler : 0xfc6e646d        NDIS!EthFilterDprIndicateReceiveComplete+0
      +0x174 TrRxCompleteHandler : 0xfc6e83eb        NDIS!TrFilterDprIndicateReceiveComplete+0
      +0x178 FddiRxCompleteHandler : 0xfc6e45f8        NDIS!FddiFilterDprIndicateReceiveComplete+0
      +0x17c StatusHandler    : 0xfc6dc3c2        NDIS!NdisMIndicateStatus+0
      +0x180 StatusCompleteHandler : 0xfc6dd270        NDIS!NdisMIndicateStatusComplete+0
      +0x184 TDCompleteHandler : 0xfc6d8715        NDIS!NdisMTransferDataComplete+0
      +0x188 QueryCompleteHandler : 0xfc6de0f3        NDIS!NdisMQueryInformationComplete+0
      +0x18c SetCompleteHandler : 0xfc6deda3        NDIS!NdisMSetInformationComplete+0
      +0x190 WanSendCompleteHandler : 0xfc6d7e92        NDIS!NdisMWanSendComplete+0
      +0x194 WanRcvHandler    : 0xfc6dc1e8        NDIS!NdisMWanIndicateReceive+0
      +0x198 WanRcvCompleteHandler : 0xfc6dc18f        NDIS!NdisMWanIndicateReceiveComplete+0
      +0x19c NextGlobalMiniport : (null)
      +0x1a0 WorkQueue        : [7] _SINGLE_LIST_ENTRY
      +0x1bc SingleWorkItems  : [6] _SINGLE_LIST_ENTRY
      +0x1d4 SendFlags        : 0x1 ''
      +0x1d5 TrResetRing      : 0 ''
      +0x1d6 ArcnetAddress    : 0 ''
      +0x1d7 XState           : 0 ''
      +0x1d8 ArcBuf           : (null)
      +0x1d8 BusInterface     : (null)
      +0x1dc Log              : (null)
      +0x1e0 SlotNumber       : 0xffffffff
      +0x1e4 AllocatedResources : 0x810e75a0
      +0x1e8 AllocatedResourcesTranslated : 0x810e75e4
      +0x1ec PatternList      : _SINGLE_LIST_ENTRY
      +0x1f0 PMCapabilities   : _NDIS_PNP_CAPABILITIES
      +0x200 DeviceCaps       : _DEVICE_CAPABILITIES
      +0x240 WakeUpEnable     : 0
      +0x244 CurrentDevicePowerState : 1 ( PowerDeviceD0 )
      +0x248 pIrpWaitWake     : (null)
      +0x24c WaitWakeSystemState : 0 ( PowerSystemUnspecified )
      +0x250 VcIndex          : _LARGE_INTEGER 0x0
      +0x258 VcCountLock      : 0
      +0x25c WmiEnabledVcs    : _LIST_ENTRY [ 0x810eea94 - 0x810eea94 ]
      +0x264 pNdisGuidMap     : 0xffa6d870
      +0x268 pCustomGuidMap   : 0xffa6df70
      +0x26c VcCount          : 0
      +0x26e cNdisGuidMap     : 0x45
      +0x270 cCustomGuidMap   : 5
      +0x272 CurrentMapRegister : 0
      +0x274 AllocationEvent  : 0xfcd6e58c
      +0x278 BaseMapRegistersNeeded : 0x40
      +0x27a SGMapRegistersNeeded : 0x10
      +0x27c MaximumPhysicalMapping : 0x600
      +0x280 MediaDisconnectTimer : _NDIS_TIMER
      +0x2c8 MediaDisconnectTimeOut : 0xffff
      +0x2ca InstanceNumber   : 1
      +0x2cc OpenReadyEvent   : _NDIS_EVENT
      +0x2dc PnPDeviceState   : 1 ( NdisPnPDeviceStarted )
      +0x2e0 OldPnPDeviceState : 0 ( NdisPnPDeviceAdded )
      +0x2e4 SetBusData       : 0xfc89e030        pci!PciPnpWriteConfig+0
      +0x2e8 GetBusData       : 0xfc89e006        pci!PciPnpReadConfig+0
      +0x2ec DeferredDpc      : _KDPC
      +0x310 NdisStats        : _NDIS_STATS
      +0x328 IndicatedPacket  : [32] (null)
      +0x3a8 RemoveReadyEvent : (null)
      +0x3ac AllOpensClosedEvent : (null)
      +0x3b0 AllRequestsCompletedEvent : (null)
      +0x3b4 InitTimeMs       : 0xda
      +0x3b8 WorkItemBuffer   : [6] _NDIS_MINIPORT_WORK_ITEM
      +0x400 SystemAdapterObject : 0x810d4490
      +0x404 DriverVerifyFlags : 0
      +0x408 OidList          : 0xffa0a008
      +0x40c InternalResetCount : 0
      +0x40e MiniportResetCount : 0
      +0x410 MediaSenseConnectCount : 1
      +0x412 MediaSenseDisconnectCount : 0
      +0x414 xPackets         : (null)
      +0x418 UserModeOpenReferences : 0
      +0x41c SavedSendHandler : 0xfc6bf2b6
      +0x41c SavedWanSendHandler : 0xfc6bf2b6
      +0x420 SavedSendPacketsHandler : 0xfc6d764c        NDIS!ndisMSendPacketsX+0
      +0x424 SavedCancelSendPacketsHandler : (null)
      +0x428 WSendPacketsHandler : 0xfca5a332        pcntpci5!LanceSendPackets+0
      +0x42c MiniportAttributes : 0x28
      +0x430 SavedSystemAdapterObject : (null)
      +0x434 NumOpens         : 2
      +0x436 CFHangXTicks     : 0
      +0x438 RequestCount     : 0
      +0x43c IndicatedPacketsCount : 0
      +0x440 PhysicalMediumType : 0
      +0x444 LastRequest      : 0xff837cd0
      +0x448 DmaAdapterRefCount : 3
      +0x44c FakeMac          : 0x810cda30
      +0x450 LockDbg          : 0
      +0x454 LockDbgX         : 0
      +0x458 LockThread       : (null)
      +0x45c InfoFlags        : 0xa010a11
      +0x460 TimerQueueLock   : 0
      +0x464 ResetCompletedEvent : (null)
      +0x468 QueuedBindingCompletedEvent : (null)
      +0x46c DmaResourcesReleasedEvent : (null)
      +0x470 SavedPacketIndicateHandler : 0xfc6e6005        NDIS!ethFilterDprIndicateReceivePacket+0
      +0x474 RegisteredInterrupts : 1
      +0x478 SGListLookasideList : (null)
      +0x47c ScatterGatherListSize : 0
      +0x480 WakeUpTimerEvent : (null)
      +0x484 SecurityDescriptor : 0x81137e90
      +0x488 NumUserOpens     : 0
      +0x48c NumAdminOpens    : 0
      +0x490 Ref              : _ULONG_REFERENCE
   +0x038 DpcCount         : 0 ''
   +0x039 Filler1          : 0 ''
   +0x03c DpcsCompletedEvent : _KEVENT
      +0x000 Header           : _DISPATCHER_HEADER
   +0x04c SharedInterrupt  : 0x1 ''
   +0x04d IsrRequested     : 0 ''

windbg/kd has a ndis extension called ndiskd.dll, let's use it to
dump some shit...

kd> !ndiskd.miniports
Miniport Driver Block: 8111c708, Version 0.1024
  Miniport: 810ee838, NetLuidIndex: 0, IfIndex: 0, AMD PCNET Family PCI Ethernet Adapter

it's easy to know that 810ee838 is _NDIS_MINIPORT_BLOCK, coz we ever saw the number
in the above analysis:

dt ndis!_NDIS_MINIPORT_BLOCK 810ee838
   +0x000 Signature        : 0x504d444e
   +0x004 NextMiniport     : (null)
   +0x008 DriverHandle     : 0x8111c708 
   +0x00c MiniportAdapterContext : 0x810d4500
   +0x010 MiniportName     : _UNICODE_STRING "/DEVICE/{D0F0BDEF-43D7-4DED-BF6F-FA040B787796}"
   +0x018 BindPaths        : 0x81114a78
   +0x01c OpenQueue        : 0xffa298d8
   +0x020 ShortRef         : _REFERENCE
   +0x028 DeviceContext    : (null)
   +0x02c Padding1         : 0 ''
   +0x02d LockAcquired     : 0 ''
   +0x02e PmodeOpens       : 0 ''
   +0x02f AssignedProcessor : 0 ''
   +0x030 Lock             : 0
   +0x034 MediaRequest     : (null)
   +0x038 Interrupt        : 0x810d45dc
   +0x03c Flags            : 0x2c452008
   +0x040 PnPFlags         : 0x210000
   +0x044 PacketList       : _LIST_ENTRY [ 0x810ee87c - 0x810ee87c ]
   +0x04c FirstPendingPacket : (null)
   +0x050 ReturnPacketsQueue : (null)
   +0x054 RequestBuffer    : 0xb
   +0x058 SetMCastBuffer   : (null)
   +0x05c PrimaryMiniport  : 0x810ee838
   +0x060 WrapperContext   : 0x810ee7f0
   +0x064 BusDataContext   : 0x81218898
   +0x068 PnPCapabilities  : 0x30
   +0x06c Resources        : (null)
   +0x070 WakeUpDpcTimer   : _NDIS_TIMER
   +0x0b8 BaseName         : _UNICODE_STRING "{D0F0BDEF-43D7-4DED-BF6F-FA040B787796}"
   +0x0c0 SymbolicLinkName : _UNICODE_STRING "/??/PCI#VEN_1022&DEV_2000&SUBSYS_20001022&REV_10#3&61aaa01&0&88#{ad498944-762f-11d0-8dcb-00c04fc3358c}/{D0F0BDEF-43D7-4DED-BF6F-FA040B787796}"
   +0x0c8 CheckForHangSeconds : 2
   +0x0cc CFHangTicks      : 1
   +0x0ce CFHangCurrentTick : 1
   +0x0d0 ResetStatus      : 0
   +0x0d4 ResetOpen        : (null)
   +0x0d8 EthDB            : 0x810dca68
   +0x0d8 NullDB           : 0x810dca68
   +0x0dc TrDB             : (null)
   +0x0e0 FddiDB           : (null)
   +0x0e4 ArcDB            : (null)
   +0x0e8 PacketIndicateHandler : 0xfc6e6005     NDIS!ethFilterDprIndicateReceivePacket+0
   +0x0ec SendCompleteHandler : 0xfc6d7180     NDIS!ndisMSendCompleteX+0
   +0x0f0 SendResourcesHandler : 0xfc6dd86d     NDIS!NdisMSendResourcesAvailable+0
   +0x0f4 ResetCompleteHandler : 0xfc6dff74     NDIS!NdisMResetComplete+0
   +0x0f8 MediaType        : 0 ( NdisMedium802_3 )
   +0x0fc BusNumber        : 0
   +0x100 BusType          : 5 ( NdisInterfacePci )
   +0x104 AdapterType      : 5 ( NdisInterfacePci )
   +0x108 DeviceObject     : 0x810ee738
   +0x10c PhysicalDeviceObject : 0x812187e0
   +0x110 NextDeviceObject : 0x812187e0
   +0x114 MapRegisters     : 0x811414e8
   +0x118 CallMgrAfList    : (null)
   +0x11c MiniportThread   : (null)
   +0x120 SetInfoBuf       : (null)
   +0x124 SetInfoBufLen    : 0
   +0x126 MaxSendPackets   : 4
   +0x128 FakeStatus       : 0
   +0x12c LockHandler      : 0xfc6dc9fd
   +0x130 pAdapterInstanceName : 0x81117268  "AMD PCNET Family PCI Ethernet Adapter"
   +0x134 TimerQueue       : (null)
   +0x138 MacOptions       : 0x8f
   +0x13c PendingRequest   : (null)
   +0x140 MaximumLongAddresses : 0x20
   +0x144 MaximumShortAddresses : 0
   +0x148 CurrentLookahead : 0x80
   +0x14c MaximumLookahead : 0x200
   +0x150 HandleInterruptHandler : 0xfca57e8a     pcntpci5!LanceHandleInterruptWithLock+0
   +0x154 DisableInterruptHandler : 0xfca57676     pcntpci5!LanceDisableInterrupt+0
   +0x158 EnableInterruptHandler : 0xfca57626     pcntpci5!LanceEnableInterrupt+0
   +0x15c SendPacketsHandler : 0xfc6d764c     NDIS!ndisMSendPacketsX+0
   +0x160 DeferredSendHandler : 0xfc6d789a     NDIS!ndisMStartSendPackets+0
   +0x164 EthRxIndicateHandler : 0xfc6e6ef1     NDIS!EthFilterDprIndicateReceive+0
   +0x168 TrRxIndicateHandler : 0xfc6e853f     NDIS!TrFilterDprIndicateReceive+0
   +0x16c FddiRxIndicateHandler : 0xfc6e5044     NDIS!FddiFilterDprIndicateReceive+0
   +0x170 EthRxCompleteHandler : 0xfc6e646d     NDIS!EthFilterDprIndicateReceiveComplete+0
   +0x174 TrRxCompleteHandler : 0xfc6e83eb     NDIS!TrFilterDprIndicateReceiveComplete+0
   +0x178 FddiRxCompleteHandler : 0xfc6e45f8     NDIS!FddiFilterDprIndicateReceiveComplete+0
   +0x17c StatusHandler    : 0xfc6dc3c2     NDIS!NdisMIndicateStatus+0
   +0x180 StatusCompleteHandler : 0xfc6dd270     NDIS!NdisMIndicateStatusComplete+0
   +0x184 TDCompleteHandler : 0xfc6d8715     NDIS!NdisMTransferDataComplete+0
   +0x188 QueryCompleteHandler : 0xfc6de0f3     NDIS!NdisMQueryInformationComplete+0
   +0x18c SetCompleteHandler : 0xfc6deda3     NDIS!NdisMSetInformationComplete+0
   +0x190 WanSendCompleteHandler : 0xfc6d7e92     NDIS!NdisMWanSendComplete+0
   +0x194 WanRcvHandler    : 0xfc6dc1e8     NDIS!NdisMWanIndicateReceive+0
   +0x198 WanRcvCompleteHandler : 0xfc6dc18f     NDIS!NdisMWanIndicateReceiveComplete+0
   +0x19c NextGlobalMiniport : (null)
   +0x1a0 WorkQueue        : [7] _SINGLE_LIST_ENTRY
   +0x1bc SingleWorkItems  : [6] _SINGLE_LIST_ENTRY
   +0x1d4 SendFlags        : 0x1 ''
   +0x1d5 TrResetRing      : 0 ''
   +0x1d6 ArcnetAddress    : 0 ''
   +0x1d7 XState           : 0 ''
   +0x1d8 ArcBuf           : (null)
   +0x1d8 BusInterface     : (null)
   +0x1dc Log              : (null)
   +0x1e0 SlotNumber       : 0xffffffff
   +0x1e4 AllocatedResources : 0x810e75a0
   +0x1e8 AllocatedResourcesTranslated : 0x810e75e4
   +0x1ec PatternList      : _SINGLE_LIST_ENTRY
   +0x1f0 PMCapabilities   : _NDIS_PNP_CAPABILITIES
   +0x200 DeviceCaps       : _DEVICE_CAPABILITIES
   +0x240 WakeUpEnable     : 0
   +0x244 CurrentDevicePowerState : 1 ( PowerDeviceD0 )
   +0x248 pIrpWaitWake     : (null)
   +0x24c WaitWakeSystemState : 0 ( PowerSystemUnspecified )
   +0x250 VcIndex          : _LARGE_INTEGER 0x0
   +0x258 VcCountLock      : 0
   +0x25c WmiEnabledVcs    : _LIST_ENTRY [ 0x810eea94 - 0x810eea94 ]
   +0x264 pNdisGuidMap     : 0xffa6d870
   +0x268 pCustomGuidMap   : 0xffa6df70
   +0x26c VcCount          : 0
   +0x26e cNdisGuidMap     : 0x45
   +0x270 cCustomGuidMap   : 5
   +0x272 CurrentMapRegister : 0
   +0x274 AllocationEvent  : 0xfcd6e58c
   +0x278 BaseMapRegistersNeeded : 0x40
   +0x27a SGMapRegistersNeeded : 0x10
   +0x27c MaximumPhysicalMapping : 0x600
   +0x280 MediaDisconnectTimer : _NDIS_TIMER
   +0x2c8 MediaDisconnectTimeOut : 0xffff
   +0x2ca InstanceNumber   : 1
   +0x2cc OpenReadyEvent   : _NDIS_EVENT
   +0x2dc PnPDeviceState   : 1 ( NdisPnPDeviceStarted )
   +0x2e0 OldPnPDeviceState : 0 ( NdisPnPDeviceAdded )
   +0x2e4 SetBusData       : 0xfc89e030     pci!PciPnpWriteConfig+0
   +0x2e8 GetBusData       : 0xfc89e006     pci!PciPnpReadConfig+0
   +0x2ec DeferredDpc      : _KDPC
   +0x310 NdisStats        : _NDIS_STATS
   +0x328 IndicatedPacket  : [32] (null)
   +0x3a8 RemoveReadyEvent : (null)
   +0x3ac AllOpensClosedEvent : (null)
   +0x3b0 AllRequestsCompletedEvent : (null)
   +0x3b4 InitTimeMs       : 0xda
   +0x3b8 WorkItemBuffer   : [6] _NDIS_MINIPORT_WORK_ITEM
   +0x400 SystemAdapterObject : 0x810d4490
   +0x404 DriverVerifyFlags : 0
   +0x408 OidList          : 0xffa0a008
   +0x40c InternalResetCount : 0
   +0x40e MiniportResetCount : 0
   +0x410 MediaSenseConnectCount : 1
   +0x412 MediaSenseDisconnectCount : 0
   +0x414 xPackets         : (null)
   +0x418 UserModeOpenReferences : 0
   +0x41c SavedSendHandler : 0xfc6bf2b6
   +0x41c SavedWanSendHandler : 0xfc6bf2b6
   +0x420 SavedSendPacketsHandler : 0xfc6d764c     NDIS!ndisMSendPacketsX+0
   +0x424 SavedCancelSendPacketsHandler : (null)
   +0x428 WSendPacketsHandler : 0xfca5a332     pcntpci5!LanceSendPackets+0
   +0x42c MiniportAttributes : 0x28
   +0x430 SavedSystemAdapterObject : (null)
   +0x434 NumOpens         : 2
   +0x436 CFHangXTicks     : 0
   +0x438 RequestCount     : 0
   +0x43c IndicatedPacketsCount : 0
   +0x440 PhysicalMediumType : 0
   +0x444 LastRequest      : 0xff837cd0
   +0x448 DmaAdapterRefCount : 3
   +0x44c FakeMac          : 0x810cda30
   +0x450 LockDbg          : 0
   +0x454 LockDbgX         : 0
   +0x458 LockThread       : (null)
   +0x45c InfoFlags        : 0xa010a11
   +0x460 TimerQueueLock   : 0
   +0x464 ResetCompletedEvent : (null)
   +0x468 QueuedBindingCompletedEvent : (null)
   +0x46c DmaResourcesReleasedEvent : (null)
   +0x470 SavedPacketIndicateHandler : 0xfc6e6005     NDIS!ethFilterDprIndicateReceivePacket+0
   +0x474 RegisteredInterrupts : 1
   +0x478 SGListLookasideList : (null)
   +0x47c ScatterGatherListSize : 0
   +0x480 WakeUpTimerEvent : (null)
   +0x484 SecurityDescriptor : 0x81137e90
   +0x488 NumUserOpens     : 0
   +0x48c NumAdminOpens    : 0
   +0x490 Ref              : _ULONG_REFERENCE

but what the heck is 8111c708 ??? the shit ndiskd calls it as
`Miniport Driver Block`, after checking with !object cmd, it proved
that this address is NOT any valid system standard object type, the
debugger will always give u junk values, okay, it's NOT nt!_DRIVER_OBJECT,
then what's it? ON EARTH? it should be some type defined by ndis?
let's kick out the invaluable `dt` cmd to scan ndis.sys, here u are ...

kd> dt ndis!_*driver*
          ndis!_NDIS_M_DRIVER_BLOCK
          ndis!_DRIVER_OBJECT
          ndis!_NDIS_M_DRIVER_BLOCK
          ndis!_DRIVER_EXTENSION
          ndis!_DRIVER_OBJECT
          ndis!_DRIVER_EXTENSION

ndis!_NDIS_M_DRIVER_BLOCK should be most likely to be the target we wanna shoot at...

kd> dt 8111c708 ndis!_NDIS_M_DRIVER_BLOCK -r1
   +0x000 NextDriver       : (null)
   +0x004 MiniportQueue    : 0x810ee838
      +0x000 Signature        : 0x504d444e
      +0x004 NextMiniport     : (null)
      +0x008 DriverHandle     : 0x8111c708
      +0x00c MiniportAdapterContext : 0x810d4500 
      +0x010 MiniportName     : _UNICODE_STRING "/DEVICE/{D0F0BDEF-43D7-4DED-BF6F-FA040B787796}"
      +0x018 BindPaths        : 0x81114a78
      +0x01c OpenQueue        : 0xffa298d8
      +0x020 ShortRef         : _REFERENCE
      +0x028 DeviceContext    : (null)
      +0x02c Padding1         : 0 ''
      +0x02d LockAcquired     : 0 ''
      +0x02e PmodeOpens       : 0 ''
      +0x02f AssignedProcessor : 0 ''
      +0x030 Lock             : 0
      +0x034 MediaRequest     : (null)
      +0x038 Interrupt        : 0x810d45dc
      +0x03c Flags            : 0x2c452008
      +0x040 PnPFlags         : 0x210000
      +0x044 PacketList       : _LIST_ENTRY [ 0x810ee87c - 0x810ee87c ]
      +0x04c FirstPendingPacket : (null)
      +0x050 ReturnPacketsQueue : (null)
      +0x054 RequestBuffer    : 0xb
      +0x058 SetMCastBuffer   : (null)
      +0x05c PrimaryMiniport  : 0x810ee838
      +0x060 WrapperContext   : 0x810ee7f0
      +0x064 BusDataContext   : 0x81218898
      +0x068 PnPCapabilities  : 0x30
      +0x06c Resources        : (null)
      +0x070 WakeUpDpcTimer   : _NDIS_TIMER
      +0x0b8 BaseName         : _UNICODE_STRING "{D0F0BDEF-43D7-4DED-BF6F-FA040B787796}"
      +0x0c0 SymbolicLinkName : _UNICODE_STRING "/??/PCI#VEN_1022&DEV_2000&SUBSYS_20001022&REV_10#3&61aaa01&0&88#{ad498944-762f-11d0-8dcb-00c04fc3358c}/{D0F0BDEF-43D7-4DED-BF6F-FA040B787796}"
      +0x0c8 CheckForHangSeconds : 2
      +0x0cc CFHangTicks      : 1
      +0x0ce CFHangCurrentTick : 1
      +0x0d0 ResetStatus      : 0
      +0x0d4 ResetOpen        : (null)
      +0x0d8 EthDB            : 0x810dca68
      +0x0d8 NullDB           : 0x810dca68
      +0x0dc TrDB             : (null)
      +0x0e0 FddiDB           : (null)
      +0x0e4 ArcDB            : (null)
      +0x0e8 PacketIndicateHandler : 0xfc6e6005        NDIS!ethFilterDprIndicateReceivePacket+0
      +0x0ec SendCompleteHandler : 0xfc6d7180        NDIS!ndisMSendCompleteX+0
      +0x0f0 SendResourcesHandler : 0xfc6dd86d        NDIS!NdisMSendResourcesAvailable+0
      +0x0f4 ResetCompleteHandler : 0xfc6dff74        NDIS!NdisMResetComplete+0
      +0x0f8 MediaType        : 0 ( NdisMedium802_3 )
      +0x0fc BusNumber        : 0
      +0x100 BusType          : 5 ( NdisInterfacePci )
      +0x104 AdapterType      : 5 ( NdisInterfacePci )
      +0x108 DeviceObject     : 0x810ee738
      +0x10c PhysicalDeviceObject : 0x812187e0
      +0x110 NextDeviceObject : 0x812187e0
      +0x114 MapRegisters     : 0x811414e8
      +0x118 CallMgrAfList    : (null)
      +0x11c MiniportThread   : (null)
      +0x120 SetInfoBuf       : (null)
      +0x124 SetInfoBufLen    : 0
      +0x126 MaxSendPackets   : 4
      +0x128 FakeStatus       : 0
      +0x12c LockHandler      : 0xfc6dc9fd 
     +0x130 pAdapterInstanceName : 0x81117268  "AMD PCNET Family PCI Ethernet Adapter"
      +0x134 TimerQueue       : (null)
      +0x138 MacOptions       : 0x8f
      +0x13c PendingRequest   : (null)
      +0x140 MaximumLongAddresses : 0x20
      +0x144 MaximumShortAddresses : 0
      +0x148 CurrentLookahead : 0x80
      +0x14c MaximumLookahead : 0x200
      +0x150 HandleInterruptHandler : 0xfca57e8a        pcntpci5!LanceHandleInterruptWithLock+0
      +0x154 DisableInterruptHandler : 0xfca57676        pcntpci5!LanceDisableInterrupt+0
      +0x158 EnableInterruptHandler : 0xfca57626        pcntpci5!LanceEnableInterrupt+0
      +0x15c SendPacketsHandler : 0xfc6d764c        NDIS!ndisMSendPacketsX+0
      +0x160 DeferredSendHandler : 0xfc6d789a        NDIS!ndisMStartSendPackets+0
      +0x164 EthRxIndicateHandler : 0xfc6e6ef1        NDIS!EthFilterDprIndicateReceive+0
      +0x168 TrRxIndicateHandler : 0xfc6e853f        NDIS!TrFilterDprIndicateReceive+0
      +0x16c FddiRxIndicateHandler : 0xfc6e5044        NDIS!FddiFilterDprIndicateReceive+0
      +0x170 EthRxCompleteHandler : 0xfc6e646d        NDIS!EthFilterDprIndicateReceiveComplete+0
      +0x174 TrRxCompleteHandler : 0xfc6e83eb        NDIS!TrFilterDprIndicateReceiveComplete+0
      +0x178 FddiRxCompleteHandler : 0xfc6e45f8        NDIS!FddiFilterDprIndicateReceiveComplete+0
      +0x17c StatusHandler    : 0xfc6dc3c2        NDIS!NdisMIndicateStatus+0
      +0x180 StatusCompleteHandler : 0xfc6dd270        NDIS!NdisMIndicateStatusComplete+0
      +0x184 TDCompleteHandler : 0xfc6d8715        NDIS!NdisMTransferDataComplete+0
      +0x188 QueryCompleteHandler : 0xfc6de0f3        NDIS!NdisMQueryInformationComplete+0
      +0x18c SetCompleteHandler : 0xfc6deda3        NDIS!NdisMSetInformationComplete+0
      +0x190 WanSendCompleteHandler : 0xfc6d7e92        NDIS!NdisMWanSendComplete+0
      +0x194 WanRcvHandler    : 0xfc6dc1e8        NDIS!NdisMWanIndicateReceive+0
      +0x198 WanRcvCompleteHandler : 0xfc6dc18f        NDIS!NdisMWanIndicateReceiveComplete+0
      +0x19c NextGlobalMiniport : (null)
      +0x1a0 WorkQueue        : [7] _SINGLE_LIST_ENTRY
      +0x1bc SingleWorkItems  : [6] _SINGLE_LIST_ENTRY
      +0x1d4 SendFlags        : 0x1 ''
      +0x1d5 TrResetRing      : 0 ''
      +0x1d6 ArcnetAddress    : 0 ''
      +0x1d7 XState           : 0 ''
      +0x1d8 ArcBuf           : (null)
      +0x1d8 BusInterface     : (null)
      +0x1dc Log              : (null)
      +0x1e0 SlotNumber       : 0xffffffff
      +0x1e4 AllocatedResources : 0x810e75a0
      +0x1e8 AllocatedResourcesTranslated : 0x810e75e4
      +0x1ec PatternList      : _SINGLE_LIST_ENTRY
      +0x1f0 PMCapabilities   : _NDIS_PNP_CAPABILITIES
      +0x200 DeviceCaps       : _DEVICE_CAPABILITIES
      +0x240 WakeUpEnable     : 0
      +0x244 CurrentDevicePowerState : 1 ( PowerDeviceD0 )
      +0x248 pIrpWaitWake     : (null)
      +0x24c WaitWakeSystemState : 0 ( PowerSystemUnspecified )
      +0x250 VcIndex          : _LARGE_INTEGER 0x0
      +0x258 VcCountLock      : 0
      +0x25c WmiEnabledVcs    : _LIST_ENTRY [ 0x810eea94 - 0x810eea94 ]
      +0x264 pNdisGuidMap     : 0xffa6d870
      +0x268 pCustomGuidMap   : 0xffa6df70
      +0x26c VcCount          : 0
      +0x26e cNdisGuidMap     : 0x45
      +0x270 cCustomGuidMap   : 5
      +0x272 CurrentMapRegister : 0
      +0x274 AllocationEvent  : 0xfcd6e58c
      +0x278 BaseMapRegistersNeeded : 0x40
      +0x27a SGMapRegistersNeeded : 0x10
      +0x27c MaximumPhysicalMapping : 0x600
      +0x280 MediaDisconnectTimer : _NDIS_TIMER
      +0x2c8 MediaDisconnectTimeOut : 0xffff
      +0x2ca InstanceNumber   : 1
      +0x2cc OpenReadyEvent   : _NDIS_EVENT
      +0x2dc PnPDeviceState   : 1 ( NdisPnPDeviceStarted )
      +0x2e0 OldPnPDeviceState : 0 ( NdisPnPDeviceAdded )
      +0x2e4 SetBusData       : 0xfc89e030        pci!PciPnpWriteConfig+0
      +0x2e8 GetBusData       : 0xfc89e006        pci!PciPnpReadConfig+0
      +0x2ec DeferredDpc      : _KDPC
      +0x310 NdisStats        : _NDIS_STATS
      +0x328 IndicatedPacket  : [32] (null)
      +0x3a8 RemoveReadyEvent : (null)
      +0x3ac AllOpensClosedEvent : (null)
      +0x3b0 AllRequestsCompletedEvent : (null)
      +0x3b4 InitTimeMs       : 0xda
      +0x3b8 WorkItemBuffer   : [6] _NDIS_MINIPORT_WORK_ITEM
      +0x400 SystemAdapterObject : 0x810d4490
      +0x404 DriverVerifyFlags : 0
      +0x408 OidList          : 0xffa0a008
      +0x40c InternalResetCount : 0
      +0x40e MiniportResetCount : 0
      +0x410 MediaSenseConnectCount : 1
      +0x412 MediaSenseDisconnectCount : 0
      +0x414 xPackets         : (null)
      +0x418 UserModeOpenReferences : 0
      +0x41c SavedSendHandler : 0xfc6bf2b6
      +0x41c SavedWanSendHandler : 0xfc6bf2b6
      +0x420 SavedSendPacketsHandler : 0xfc6d764c        NDIS!ndisMSendPacketsX+0
      +0x424 SavedCancelSendPacketsHandler : (null)
      +0x428 WSendPacketsHandler : 0xfca5a332        pcntpci5!LanceSendPackets+0
      +0x42c MiniportAttributes : 0x28
      +0x430 SavedSystemAdapterObject : (null)
      +0x434 NumOpens         : 2
      +0x436 CFHangXTicks     : 0
      +0x438 RequestCount     : 0
      +0x43c IndicatedPacketsCount : 0
      +0x440 PhysicalMediumType : 0
      +0x444 LastRequest      : 0xff837cd0
      +0x448 DmaAdapterRefCount : 3
      +0x44c FakeMac          : 0x810cda30
      +0x450 LockDbg          : 0
      +0x454 LockDbgX         : 0
      +0x458 LockThread       : (null)
      +0x45c InfoFlags        : 0xa010a11
      +0x460 TimerQueueLock   : 0
      +0x464 ResetCompletedEvent : (null)
      +0x468 QueuedBindingCompletedEvent : (null)
      +0x46c DmaResourcesReleasedEvent : (null)
      +0x470 SavedPacketIndicateHandler : 0xfc6e6005        NDIS!ethFilterDprIndicateReceivePacket+0
      +0x474 RegisteredInterrupts : 1
      +0x478 SGListLookasideList : (null)
      +0x47c ScatterGatherListSize : 0
      +0x480 WakeUpTimerEvent : (null)
      +0x484 SecurityDescriptor : 0x81137e90
      +0x488 NumUserOpens     : 0
      +0x48c NumAdminOpens    : 0
      +0x490 Ref              : _ULONG_REFERENCE
   +0x008 NdisDriverInfo   : 0x811b3110
      +0x000 DriverObject     : 0x811324b8
      +0x004 ServiceRegPath   : _UNICODE_STRING "/REGISTRY/MACHINE/SYSTEM/ControlSet001/Services/PCnet"
   +0x00c AssociatedProtocol : (null)
   +0x010 DeviceList       : _LIST_ENTRY [ 0x8111c718 - 0x8111c718 ]
      +0x000 Flink            : 0x8111c718  [ 0x8111c718 - 0x8111c718 ]
      +0x004 Blink            : 0x8111c718  [ 0x8111c718 - 0x8111c718 ]
   +0x018 PendingDeviceList : (null)
   +0x01c UnloadHandler    : (null)
   +0x020 MiniportCharacteristics : _NDIS51_MINIPORT_CHARACTERISTICS
      +0x000 MajorNdisVersion : 0x5 ''
      +0x001 MinorNdisVersion : 0 ''
      +0x002 Filler           : 0
      +0x004 Reserved         : 0
      +0x008 CheckForHangHandler : (null)
      +0x00c DisableInterruptHandler : 0xfca57676        pcntpci5!LanceDisableInterrupt+0
      +0x010 EnableInterruptHandler : 0xfca57626        pcntpci5!LanceEnableInterrupt+0
      +0x014 HaltHandler      : 0xfca5c8fe        pcntpci5!LanceHalt+0
      +0x018 HandleInterruptHandler : 0xfca57e8a        pcntpci5!LanceHandleInterruptWithLock+0
      +0x01c InitializeHandler : 0xfca5d29a        pcntpci5!LanceInitialize+0
      +0x020 ISRHandler       : 0xfca576c6        pcntpci5!LanceISR+0
      +0x024 QueryInformationHandler : 0xfca5915c        pcntpci5!LanceQueryInformation+0
      +0x028 ReconfigureHandler : (null)
      +0x02c ResetHandler     : 0xfca5c868        pcntpci5!LanceReset+0
      +0x030 SendHandler      : (null)
      +0x030 WanSendHandler   : (null)
      +0x034 SetInformationHandler : 0xfca597c2        pcntpci5!LanceSetInformation+0
      +0x038 TransferDataHandler : 0xfca5c1bc        pcntpci5!LanceTransferData+0
      +0x038 WanTransferDataHandler : 0xfca5c1bc        pcntpci5!LanceTransferData+0
      +0x03c ReturnPacketHandler : 0xfca57822        pcntpci5!LanceReturnPacket+0
      +0x040 SendPacketsHandler : 0xfca5a332        pcntpci5!LanceSendPackets+0
      +0x044 AllocateCompleteHandler : (null)
      +0x048 CoCreateVcHandler : (null)
      +0x04c CoDeleteVcHandler : (null)
      +0x050 CoActivateVcHandler : (null)
      +0x054 CoDeactivateVcHandler : (null)
      +0x058 CoSendPacketsHandler : (null)
      +0x05c CoRequestHandler : (null)
      +0x060 CancelSendPacketsHandler : (null)
      +0x064 PnPEventNotifyHandler : (null)
      +0x068 AdapterShutdownHandler : (null)
      +0x06c Reserved1        : (null)
      +0x070 Reserved2        : (null)
      +0x074 Reserved3        : (null)
      +0x078 Reserved4        : (null)
   +0x09c MiniportsRemovedEvent : _KEVENT
      +0x000 Header           : _DISPATCHER_HEADER
   +0x0ac Ref              : _REFERENCE
      +0x000 SpinLock         : 0
      +0x004 ReferenceCount   : 2
      +0x006 Closing          : 0 ''
   +0x0b4 Flags            : 0
   +0x0b8 IMStartRemoveMutex : _KMUTANT
      +0x000 Header           : _DISPATCHER_HEADER
      +0x010 MutantListEntry  : _LIST_ENTRY [ 0x0 - 0x0 ]
      +0x018 OwnerThread      : (null)
      +0x01c Abandoned        : 0 ''
      +0x01d ApcDisable       : 0 ''
   +0x0d8 DriverVersion    : 0x400

mmm, not bad, we always are lucky guys when playing such game, right? :p,
exactly match..., oh, it's time BRAZIL V.S. GERMANY, SOCCER...BYE...

IDA Pro told me about the code path of ISR/DPC of ndis:
when ndis miniport driver calls ndis!NdisMRegisterInterrupt to register its ISR, NdisMRegisterInterrupt will
call ndis!ndisMRegisterInterruptCommon ( an internal ndis routine) which calls nt!IoConnectInterrupt to
register ndis!ndisMIsr as the common ISR, ndis!ndisMDpcX as the common DPC routine, that's the
story how ndis miniport connects its ISR to system)

 from jonh lan
Win10 Microsoft Store 微软商店 Error 0x00000193 解决方法
asdfgh0077的博客
08-02 1257
Win10 Microsoft Store 微软商店 Error 0x00000193 解决方法
对一个虚拟网卡驱动程序的剖析(三):网卡的初始化函数MiniportInitialize
xu的blog
11-16 3905
 前面的驱动程序入口函数DriverEntry的作用是向系统说明这个驱动程序的结构。初始化函数则是为了使我们的网卡能够正常工作而进行各种准备工作。    系统在调用网卡的初始化函数的时候,会传进来一个输入参数MediumArray,这是一个包含一系列介质类型的数组,初始化函数要在这个数组中间选一种类型返回给系统,告诉系统该驱动支持的类型。做法就是将系统传进来的一个输出参数SelectedMediu
NDIS小端口驱动ndisEdge学习二——小端口驱动的初始化
苞米地里捉小鸡的博客
06-10 1369
目录 1 首先进入DriverEntry检查版本号(可选) 2 WDF_NO_EVENT_CALLBACK初始化驱动标志 3设置WdfDriverInitNoDispatchOverride表示框架不能拦截IO直接发给驱动的Irps 4创建WDFDriver对象 5初始化一个包装句柄(WrapperHandler) 6填写小端口特征 7注册小端口其中因为要保护全局变量所以需要有一个锁另外需要有一个链表储存需要的信息所以要初始化它们 8小端口驱动的Adapter结...
NDIS 小端口驱动 miniport driver 以太网卡
11-11
实现一个千兆以太网卡的NDISminiport驱动实例源代码 对于那些希望写一个NDIS 6.0miniport设备驱动的开发人员来说,实例实在是太少了,只有一个DDK中的E100BEX。这里,我将选择一个当前比较流行的以太网控制器(Realtek 8111/8168/8169/8110等PCI的千兆以太网控制器),针对它们写一个NDIS6的驱动-The realization of a Gigabit Ethernet card, the NDIS driver miniport instance of the source code for those who wish to write an NDIS 6.0 of the miniport device driver developers, the example is too small, there is only one DDK in E100BEX. Here, I will choose a more popular current Ethernet controller (Realtek 8111/8168/8169/8110, such as PCI Gigabit Ethernet controller), for them to write a driver NDIS6
miniport hook ethFilterDprIndicateReceivePacket 接收拦截时包处理问题
weixin_30649641的博客
06-08 125
XP环境: 1。研究了在my_ethFilterDprIndicateReceivePacket中丢包情况 //要想drop packet_arrays这些packet,使用miniportblock对应的ReturnPacketHandler来return //不能用ndis!ndisReturnpacket这函数。因为里面一些变量在我们现在拦截的这里还没设置好 //调用ndis!...
NDIS Debugging Tips 0x02 What's the system routine used to flush DMA cache of Windows?
12-14 1204
by jonh lan: http://www.microsoft.com/whdc/driver/kernel/dma.mspx  host a very good article interpreting NT DMA model,during the digesting process, I got a question, whats the system routine used
windows ndis 详解
zhangyihu321的专栏
08-15 2017
windows ndis 网络驱动
NDIS 小端口驱动 miniport driver 以太网卡实例源代码
最新发布
gitblog_06784的博客
04-17 278
NDIS 小端口驱动 miniport driver 以太网卡实例源代码 去发现同类优质开源项目:https://gitcode.com/ 此仓库包含了实现一个千兆以太网卡的NDIS miniport驱动实例的完整源代码。针对当前流行的以太网控制器(如Realtek 8111/8168/8169/8110等PCI的千兆以太网控制器),本源代码为开发人员提供了一个NDIS 6.0miniport设...
NDIS_Monitor.zip_NDIS monitor_Packet_Space Between_miniport _net
09-24
DIS Monitor allows to catch and log the exchange of packet data between NDIS miniport drivers and network protocol modules that occurs in kernel space. (exe by C# and Driver by c/c++ )
NDIS.rar_NDIS PDF_ndis_ndis 驱动_驱动开发
09-20
NDIS驱动分为三层:微型端口驱动(Miniport Drivers)、中间驱动(Filter Drivers)和协议驱动(Protocol Drivers)。微型端口驱动位于最底层,直接与硬件交互,负责初始化和管理网络硬件。中间驱动则位于微型端口...
精选资源
Quectel-Windows-USB-Driver(Q)-NDIS-V2.8.0.zip
01-22
该驱动程序适用于与Quectel的通信模块配合使用,支持最新的NDIS网络驱动程序接口规范,版本号为2.8.0。驱动程序的安装文件被压缩在一个ZIP格式的压缩包中,文件名为“Quectel-Windows-USB-Driver(Q)-NDIS-V2.8.0.zip...
精选资源
NDIS协议驱动程序源代码
11-20
NDIS(Network Driver Interface Specification,网络驱动程序接口规范)是微软为网络适配器驱动程序提供的一种接口标准,它位于操作系统内核层和网络适配器驱动层之间,作为一个通信桥梁,使得上层的网络协议栈(如...
千兆以太网卡NDIS 6.0 Miniport驱动开发实例
在计算机网络领域,NDIS(Network Driver Interface Specification,网络驱动接口规范)是微软和3Com公司共同开发的一套为网络驱动提供标准化接口的规范。NDIS允许网络硬件厂商开发与Windows网络堆栈兼容的驱动程序...
CVE-2016-0059 IE信息泄露漏洞分析
weixin_33985507的博客
03-08 344
netwind · 2016/04/20 10:10From:blog.fortinet.com/post/analys…0x00 概要本文将对CVE-2016-0059进行深度分析,该漏洞是由于微软超链接对象库内存数据泄露造成的,成功利用该漏洞可以获得一些信息从而对用户系统造成进一步威胁。要利用该漏洞,攻击者必须诱导用户点击一个email里的或者一个office文档里的超链接。起初是把该漏洞作为...
K8s 很难么?带你从头到尾捋一遍,不信你学不会
热门推荐
民工哥的博客
02-23 1万+
点击关注公众号,回复“1024”获取2TB学习资源!为什么要学习 Kubernetes?虽然 Docker 已经很强大了,但是在实际使用上还是有诸多不便,比如集群管理、资源调度、文件管理等...
10天智能锁项目实战第1天(了解单片机STM32F401RET6和C语言基础)
北豼不太皮的博客
02-21 4266
10天智能锁项目实战第1天(了解单片机STM32F401RET6和C语言基础)一、学习目标二、了解单片机STM32F401RET6三、C语言基础 一、学习目标 二、了解单片机STM32F401RET6 4、STM32F401RE特征 三、C语言基础 1.数据类型 常用2的次方: 2^7 = 128 2^8 = 256 2^15 = 32768 2^16= 65536 51单片机常见的数据类型: char: 占内存1字节 取值范围:-128~127 -2^7 ~ 2
Android开发(1) | Fragment 的应用——新闻应用
Jormungand_V的博客
02-21 7620
文章目录 news_item.xml: <TextView xmlns:android="http://schemas.android.com/apk/res/android" android:id="@+id/news_title" android:layout_width="match_parent" android:layout_height="wrap_content" android:lines="1" android:ellipsize="
评论
成就一亿技术人!
拼手气红包6.0元
还能输入1000个字符
 
红包 添加红包
表情包 插入表情
表情包 代码片
 条评论被折叠 查看
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值