创建IRP_MJ_WRITE IRP参数的困惑

调用  IoBuildSynchronousFsdRequest创建 major function code 为IRP_MJ_WRITE的IRP，发送给一个卷设备对象去执行，返回错误： 0xC000000DL：   An invalid parameter was passed to a service or function.

查看MSDN函数文档：

IoBuildSynchronousFsdRequest

The IoBuildSynchronousFsdRequest routine allocates and sets up an IRP for a synchronously processed I/O request.

PIRP
  IoBuildSynchronousFsdRequest(
    IN ULONG  MajorFunction,
    IN PDEVICE_OBJECT  DeviceObject,
    IN OUT PVOID  Buffer  OPTIONAL,
    IN ULONG  Length  OPTIONAL,
    IN PLARGE_INTEGER  StartingOffset  OPTIONAL,
    IN PKEVENT  Event,
    OUT PIO_STATUS_BLOCK  IoStatusBlock
    );

Parameters

MajorFunction

Supplies a major function code. This code can be  IRP_MJ_PNP,  IRP_MJ_READ,  IRP_MJ_WRITE,  IRP_MJ_FLUSH_BUFFERS, or  IRP_MJ_SHUTDOWN.

DeviceObject

Supplies a pointer to the DEVICE_OBJECT structure for the next-lower driver's device object, which represents the target device.

Buffer

Supplies a pointer to a buffer. If  MajorFunction is IRP_MJ_WRITE, the buffer contains data to be written. If  MajorFunction is IRP_MJ_READ, the buffer receives data. If  MajorFunction is IRP_MJ_FLUSH_BUFFERS or IRP_MJ_SHUTDOWN, this parameter must be NULL.

Length

Supplies the length, in bytes, of  Buffer. For devices such as disks,  this value must be an integral of 512. This parameter is required for read and write requests, but must be zero for flush and shutdown requests.

StartingOffset

Supplies a pointer to the offset on the disk, for read and write requests. The units and meaning of this value are driver-specific. This parameter is required for read and write requests but must be zero for flush and shutdown requests.

Event

Supplies a pointer to a caller-allocated and initialized event object. The I/O manager sets the event to the Signaled state when a lower-level driver completes the requested operation. After calling  IoCallDriver, the driver can wait for the event object.

IoStatusBlock

Receives the I/O status block that is set when the IRP is completed by a lower-level driver.

Return Value

If the operation succeeds, IoBuildSynchronousFsdRequest returns a pointer to an initialized IRP structure, with the next-lower driver's I/O stack location set up from the supplied parameters. Otherwise, the routine returns NULL.

感觉有些纳闷，没发现参数传递的有什么问题呀！

查看对应的卷设备对象相关参数：

明白了，我传入的length=512，而块设备最小的单元为4096， IoBuildSynchronousFsdRequest  关于Length的说明，不应该为“ this value must be an integral of 512 ”，而应该说明是块设备最小操作单元的整数倍。

通过 IoBuildSynchronousFsdRequest  ， IoBuildAsynchronousFsdRequest 或 IoAllocateIrp  创建 major function code 为IRP_MJ_WRITE的IRP 发送给对应块设备处理时，不会像应用层调ReadFile发起写文件操作那样，参数经过文件系统驱动的转化，然后再给块设备驱动处理，所以它们的长度和偏移是有限制的，应该是对应 块设备最小操作单元的整数倍。