Windows System Software -- Consulting, Training, Development -- Unique Expertise, Guaranteed Results

Before Posting... Please check out the Community Guidelines in the
Announcements and Administration Category, below.

How to communicate from kernel mode to user mod app

Hi All,
i want to know is there any way so that i can send a message from
kernel mode to user mode app for notification. i have requirment of notifing
the user mode app with interrupt register value when i am getting any
interrupt that has been generated from my device.as far as handling
interrupt is concern i am doing that successfully in kernel side .

i also want to know how to use callback function feature for communicating
with the user mode application.

any pointer tutorial that can help me to solve this problem.

Best Regards
Nayan

_________________________________________________________________
Catch all the cricketing action right here. Live score, match reports,
photos et al. http://content.msn.co.in/Sports/Cricket/Default.aspx

Comments

  • Send the overlapped IOCTL from the app.
    In the driver, pend it till there will be a need to send a message. When
    such a need occurs, fill the IOCTL IRP's buffer and complete the IRP.
    Do not forget to provide the IRP cancellation in this driver, or the app
    will be unable to exit.

    This technique is called the "inverted call".

    --
    Maxim Shatskih, Windows DDK MVP
    StorageCraft Corporation
    xxxxx@storagecraft.com
    http://www.storagecraft.com

    "nayan kumar" <xxxxx@hotmail.com> wrote in message news:xxxxx@ntdev...
    > Hi All,
    > i want to know is there any way so that i can send a message from
    > kernel mode to user mode app for notification. i have requirment of notifing
    > the user mode app with interrupt register value when i am getting any
    > interrupt that has been generated from my device.as far as handling
    > interrupt is concern i am doing that successfully in kernel side .
    >
    > i also want to know how to use callback function feature for communicating
    > with the user mode application.
    >
    > any pointer tutorial that can help me to solve this problem.
    >
    > Best Regards
    > Nayan
    >
    > _________________________________________________________________
    > Catch all the cricketing action right here. Live score, match reports,
    > photos et al. http://content.msn.co.in/Sports/Cricket/Default.aspx
    >
    >
  • "nayan kumar" wrote in message news:xxxxx@ntdev...
    > Hi All,
    > i want to know is there any way so that i can send a message from
    > kernel mode to user mode app for notification. i have requirment of
    > notifing the user mode app with interrupt register value when i am getting
    > any interrupt that has been generated from my device.as far as handling
    > interrupt is concern i am doing that successfully in kernel side .
    >
    > i also want to know how to use callback function feature for communicating
    > with the user mode application.
    >
    > any pointer tutorial that can help me to solve this problem.
    >
    > Best Regards
    > Nayan

    Communication from kernel to user mode is usually done via the inverted call
    technique. See http://www.osronline.com/article.cfm?id=94 for an example.
  • Mike_KempMike_Kemp Posts: 289
    Another way (rather than wait on an overlapped call) is to pass in an event
    from the user code.

    (This is thanks to Walter Oney, see "Programming the MS Windows Driver
    Model, 2nd ed)

    The kernel needs to get a safe reference to the event the user passes in...

    PKEVENT pkNotifyAppEvent;

    ntStatus = ObReferenceObjectByHandle(userEvent, EVENT_MODIFY_STATE,
    *ExEventObjectType, Irp->RequestorMode, (PVOID*) &pkNotifyAppEvent, NULL);

    //if okay
    pDeviceExtension->pNotifyApp = pkNotifyAppEvent;
    //...don't forget to deref once finished with...

    The kernel can set this event when the user must take same action:

    KeSetEvent(pDeviceExtension->pNotifyAppEvent, EVENT_INCREMENT, FALSE);

    A user mode thread can wait on the event and when it is triggered, call into
    the driver to find out what the result was.

    while(true)
    {
    //can wait forever but you may want to check every 100mS if you should
    give up
    result = WaitForSingleObject(userEvent, 100); //wait up to 100mS

    // if it happened, inquire here
    }

    This way the user inquires rather than being "called back" by the kernel,
    which I doubt is possible.

    - Mike

    ----- Original Message -----
    From: nayan kumar
    To: Windows System Software Devs Interest List
    Sent: Wednesday, January 10, 2007 12:08 PM
    Subject: [ntdev] How to communicate from kernel mode to user mod app


    Hi All,
    i want to know is there any way so that i can send a message from
    kernel mode to user mode app for notification. i have requirment of notifing
    the user mode app with interrupt register value when i am getting any
    interrupt that has been generated from my device.as far as handling
    interrupt is concern i am doing that successfully in kernel side .

    i also want to know how to use callback function feature for communicating
    with the user mode application.

    any pointer tutorial that can help me to solve this problem.

    Best Regards
    Nayan

    _________________________________________________________________
    Catch all the cricketing action right here. Live score, match reports,
    photos et al. http://content.msn.co.in/Sports/Cricket/Default.aspx


    ---
    Questions? First check the Kernel Driver FAQ at
    http://www.osronline.com/article.cfm?id=256

    To unsubscribe, visit the List Server section of OSR Online at
    http://www.osronline.com/page.cfm?name=ListServer
  • Doron_HolanDoron_Holan Posts: 10,353
    I don't like the shared event for two reasons
    1) there is no data associated with it so you still have to send the IOCTL
    2) there is no count associated with it, so if 2 interrupts occurred before the wait on the event was satisfied by the application, the app does not know about the data from the 2nd interrupt

    Pending the IOCTL satifies the requirements very well. The app can still wait on an IOCTL or synchronous I/O call and then when the wait is satisfied, the data is in hand.

    d
  • > A user mode thread can wait on the event and when it is triggered, call into
    > the driver to find out what the result was.

    ...which is by far more coding then inverted call.

    Event objects are good if you do not need to transfer any data at all, only to
    signal that something occured.

    --
    Maxim Shatskih, Windows DDK MVP
    StorageCraft Corporation
    xxxxx@storagecraft.com
    http://www.storagecraft.com
  • Mike_KempMike_Kemp Posts: 289
    Signalling a user event to the app is a useful option if you are already
    doing a lot of non overlapped i/o and you don't want to change to overlapped
    to handle this activity. It's easy to buffer up a number of realtime events
    in the kernel and fetch them in one go each time the app has time to attend
    to them. It's pretty responsive, probably because the thread waiting on the
    event gets a priority boost when signalled specifically to allow it to
    respond quickly (at least so it is claimed). I've found it useful for
    receiving relatively low priority information that is not part of the
    device's main activity. If it's a new design probably best to follow the
    others' advice though... Mike

    ----- Original Message -----
    From: Maxim S. Shatskih
    Newsgroups: ntdev
    To: Windows System Software Devs Interest List
    Sent: Wednesday, January 10, 2007 6:56 PM
    Subject: Re:[ntdev] How to communicate from kernel mode to user mod app


    > A user mode thread can wait on the event and when it is triggered, call
    > into
    > the driver to find out what the result was.

    ...which is by far more coding then inverted call.

    Event objects are good if you do not need to transfer any data at all, only
    to
    signal that something occured.

    --
    Maxim Shatskih, Windows DDK MVP
    StorageCraft Corporation
    xxxxx@storagecraft.com
    http://www.storagecraft.com


    ---
    Questions? First check the Kernel Driver FAQ at
    http://www.osronline.com/article.cfm?id=256

    To unsubscribe, visit the List Server section of OSR Online at
    http://www.osronline.com/page.cfm?name=ListServer
  • To support opinion of Doron and Max: hardware interrupts these days tend to become messages that carry data. Example: PCI express, MSI.
  • Hi All,
    First of all thnaks to all people for their valuable suggesion. I
    started implementing your suggesion. In between i googled about this and
    found some stuff with the help of that i tried to implement callback
    function for sending data from kernel to user mode application.I am facing
    some problem with it and want to discuss it with you people just for my
    knowledge. For the first time callback function gets called properly no
    issue at all.but when i get interrupt for the second time that time i am
    getting BSOD .due to lack of resources i am not able to use windbg but i am
    writting down the text which appears on my computer screen.it is as follows

    STOP : 0x0000001E (0xC0000005,0x023210BE,0x00000000,0x023210BE)

    KMODE_EXCEPTION_NOT_HANDLED

    Beginning dump of physical memory

    when i tried for the second time that time i got the crash again but this
    time the text appears on my computer screen was quite diffrent from the
    previous one which is as follows

    STOP : 0x000000B8 (0x00000000,0x00000000,0x00000000,0x00000000)

    A wait operation attach process or yield was attempt from DPC routine

    Beginning dump of physical memory

    i appreciate if you expert people can help me to get rid from this BSOD and
    making the driver work properly.

    Best Regards
    Nayan

    _________________________________________________________________
    Always wanted to be a writer? Here's your chance!
    http://content.msn.co.in/Contribute/Default.aspx
  • Tim_RobertsTim_Roberts Posts: 12,567
    nayan kumar wrote:
    > Hi All,
    > First of all thnaks to all people for their valuable
    > suggesion. I started implementing your suggesion. In between i googled
    > about this and found some stuff with the help of that i tried to
    > implement callback function for sending data from kernel to user mode
    > application.I am facing some problem with it and want to discuss it
    > with you people just for my knowledge. For the first time callback
    > function gets called properly no issue at all.but when i get interrupt
    > for the second time that time i am getting BSOD .due to lack of
    > resources i am not able to use windbg but i am writting down the text
    > which appears on my computer screen.it is as follows
    >
    > STOP : 0x0000001E (0xC0000005,0x023210BE,0x00000000,0x023210BE)
    > KMODE_EXCEPTION_NOT_HANDLED

    This is a general protection fault, meaning that you accessed an invalid
    address. In this case, the address is 0x023210BE, which is a user-mode
    address. When you say you "implement callback function", you don't
    literally mean that you called from kernel mode into user mode, do you?
    When you get an interrupt, the original process is almost certainly no
    longer in memory, so none of the user-mode addresses will have any meaning.

    You cannot possibly hope to debug this without WinDBG. "Lack of
    resources" is not a good enough reason. I have a laptop I bought in
    1999 with a 233MHz Pentium-II running Windows 2000 that works perfectly
    well as a WinDBG host. Surely you can borrow a 5-year-old laptop that
    is no longer being used.

    Why don't you show us what your interrupt code looks like. Maybe
    something will stand out.

    --
    Tim Roberts, xxxxx@probo.com
    Providenza & Boekelheide, Inc.

    Tim Roberts, [email protected]
    Providenza & Boekelheide, Inc.

  • Hi Tim,
    Thanks for your reply.I certainly accept this that i am a kid
    before you expert people in this area .Please dont mind.

    here is the code from driver part


    //declaration
    typedef ULONG (*PCALLBACK_ROUTINE)(UHORT,USHORT);

    typedef struct _JIN_SD_DESIGNER_FDO_DATA
    {
    ULONG CallbackAddress;
    PCALLBACK_ROUTINE KernelCallback;

    }JIN_SD_DESIGNER_FDO_DATA, *PJIN_SD_DESIGNER_FDO_DATA;

    NTSTATUS JinSdDesignerDispatchIoctl(IN PDEVICE_OBJECT pDeviceObject,IN
    PIRP pIrp)
    {
    PIO_STACK_LOCATION pIrpStack;
    NTSTATUS ntStatus= STATUS_SUCCESS;
    PJIN_SD_DESIGNER_FDO_DATA pFdoData;

    pFdoData = (PJIN_SD_DESIGNER_FDO_DATA) pDeviceObject->DeviceExtension;
    pIrpStack = IoGetCurrentIrpStackLocation (pIrp);

    switch(pIrpStack->Parameters.DeviceIoControl.IoControlCode)
    {
    case IOCTL_SET_EVENT_HANDLE:
    DbgPrint ("\nJinSdDesigner:\t IOCTL_SET_EVENT_HANDLE \n");
    pFdoData->CallbackAddress = ((ULONG*)
    pIrpStack->Parameters.DeviceIoControl.Type3InputBuffer)[0];


    pFdoData->KernelCallback = NULL;
    pFdoData->KernelCallback = (PCALLBACK_ROUTINE) pFdoData->CallbackAddress;

    if(pFdoData->KernelCallback == NULL)
    {
    DbgPrint ("\nJinSdDesigner:\t Invalid Function Pointer \n");
    DbgPrint("\nJinSdDesigner:\t Error at File:- %s,\n Line:-( %d): \n",
    __FILE__, __LINE__);
    pIrp->IoStatus.Information = 0;
    ntStatus = STATUS_INVALID_USER_BUFFER;
    goto EXIT;
    }

    DbgPrint("\nJinSdDesigner:\t Valid Function Pointer\n");

    pIrp->IoStatus.Information = ntStatus;
    break;
    default:
    ntStatus = STATUS_INVALID_DEVICE_REQUEST;
    DbgPrint ("\nJinSdDesigner:\t Inside default case\n");


    }

    EXIT:
    pIrp->IoStatus.Status = ntStatus;
    IoCompleteRequest (pIrp, IO_NO_INCREMENT);
    DbgPrint ("\nJinSdDesigner:\t <--- %s \n",__FUNCTION__);
    return ntStatus;
    }

    BOOLEAN JinSdDesignerInterruptHandler(IN PKINTERRUPT pkInterupt,IN PVOID
    pVoidServiceContext)
    {
    PJIN_SD_DESIGNER_FDO_DATA pFdoData;
    BOOLEAN bInterruptRecognized = FALSE;
    pFdoData = (PJIN_SD_DESIGNER_FDO_DATA) pVoidServiceContext;

    DbgPrint ("\nJinSdDesigner:\t %s---> \n",__FUNCTION__);


    if(bInterruptRecognized = JinSdDesignerAcknowledgeInterrupt(pFdoData))
    IoRequestDpc(pFdoData->Self, NULL, pFdoData);

    DbgPrint ("\nJinSdDesigner:\t <--- %s \n",__FUNCTION__);

    return bInterruptRecognized;
    }

    VOID JinSdDesignerDpcForIsr(IN PKDPC pkDpc,IN PDEVICE_OBJECT
    pDeviceObject,IN PIRP pIrpSystemArgument1,IN PVOID pVoidSystemArgument2)
    {
    PJIN_SD_DESIGNER_FDO_DATA pFdoData;
    KIRQL CurIrql;
    ULONG RetVal=0;

    pFdoData = (PJIN_SD_DESIGNER_FDO_DATA) pDeviceObject->DeviceExtension;

    DbgPrint ("\nJinSdDesigner:\t %s---> \n",__FUNCTION__);

    RetVal = 777;
    DbgPrint("\nJinSdDesigner:\t Before calling call back function\n");
    DbgPrint ("\nJinSdDesigner:\tCallback Function Return
    value:-(%u)\n",RetVal);

    CurIrql = KeGetCurrentIrql();
    KeLowerIrql(PASSIVE_LEVEL);

    RetVal =
    pFdoData->KernelCallback(pFdoData->usNormalInterruptRegisterData,pFdoData->usErrorInterruptRegisterData);

    KeRaiseIrql(CurIrql,&CurIrql);

    DbgPrint("\nJinSdDesigner:\t After calling call back function\n");
    DbgPrint ("\nJinSdDesigner:\tCallback Function Return
    value:-(%u)\n",RetVal);




    DbgPrint ("\nJinSdDesigner:\t <--- %s \n",__FUNCTION__);
    }

    if u need some more clarification please let me know.
    i am very much keen to know the reason why i am getting BSOD for the second
    time.

    Best Regards
    Nayan

    _________________________________________________________________
    MSN cricket features 'Cricketer of the Month'
    http://content.msn.co.in/Sports/Cricket/Default.aspx
  • The short answer is that this is poor practice at best. Your "callback" is to an address that is unknown and unknowable at the time you are making it [that's what "arbitrary context" means when DPCs are discussed]. You are lucky it even worked once [it means your Dpc happened to run in the context of the process that gave you that address the first time it ran].

    Also, we provide a number of fine development aids (PFD, Driver Verifier, SDC, etc), all of which will tell you that lowering Irql to PASSIVE_LEVEL in a Dpc routine is forbidden- period. We do our best to keep code like this out of our operating system, and would really appreciate it if you would extend us the same courtesy.

    No slam against them intended [I've used it plenty over the years myself], but just because you can google it, it doesn't mean it's worth the time it took to read it.

    You may get stronger feedback than this [I nearly exploded when I read the code, but I suspected it was what you were doing from the bugchecks you were mentioning, and for the benefit of the doubt, I'm assuming you simply didn't realize how wrong this approach is].
  • Don_BurnDon_Burn Posts: 4,311
    Nayan,

    Bob did a nice general do not go there. I want to explain a few of
    the reasons this code is REALLY BAD. These are from simplest to hardest to
    fix:

    1. You lower IRQL in the DPC routine, this breaks the locking of the
    kernel. You can never do this, if you are not the one who raised IRQL by a
    KeRaiseIrql call, then do not lower it. On a uniprocessor you have just
    turned off all spin locks, and on a multiprocessor you have mess things up
    well so crashes and deadlocks the likely result.

    2. As Bob mentioned, DPC's run in arbitrary context, this means you
    cannot rely on the address your IOCTL passed in, since the program with
    that address maybe swapped out, or at least not running and the address you
    get is for another process. So the address can be totally invalid, and
    fail.

    3. Even if you fix the above, you have opened a large security
    hole. The code in the kernel is trusted, now you are allowing any process
    that wants to run at the trusted level. Basically, this code will allow
    any MALWARE writer to completely take over the computer.

    As a number of people suggested, you should go to the inverted call.
    Instead of having the IOCTL pass a pointer to a routine, pend the IOCTL and
    complete it in the DPC routine, to signal the event. Any method trying to
    call directly into user code, is going to never be safe and reliable.


    --
    Don Burn (MVP, Windows DDK)
    Windows 2k/XP/2k3 Filesystem and Driver Consulting
    http://www.windrvr.com
    Remove StopSpam from the email to reply


    "nayan kumar" wrote in message
    news:xxxxx@ntdev...
    > Hi Tim,
    > Thanks for your reply.I certainly accept this that i am a kid
    > before you expert people in this area .Please dont mind.
    >
    > here is the code from driver part
    >
    >
    > //declaration
    > typedef ULONG (*PCALLBACK_ROUTINE)(UHORT,USHORT);
    >
    > typedef struct _JIN_SD_DESIGNER_FDO_DATA
    > {
    > ULONG CallbackAddress;
    > PCALLBACK_ROUTINE KernelCallback;
    >
    > }JIN_SD_DESIGNER_FDO_DATA, *PJIN_SD_DESIGNER_FDO_DATA;
    >
    > NTSTATUS JinSdDesignerDispatchIoctl(IN PDEVICE_OBJECT pDeviceObject,IN
    > PIRP pIrp)
    > {
    > PIO_STACK_LOCATION pIrpStack;
    > NTSTATUS ntStatus= STATUS_SUCCESS;
    > PJIN_SD_DESIGNER_FDO_DATA pFdoData;
    >
    > pFdoData = (PJIN_SD_DESIGNER_FDO_DATA) pDeviceObject->DeviceExtension;
    > pIrpStack = IoGetCurrentIrpStackLocation (pIrp);
    >
    > switch(pIrpStack->Parameters.DeviceIoControl.IoControlCode)
    > {
    > case IOCTL_SET_EVENT_HANDLE:
    > DbgPrint ("\nJinSdDesigner:\t IOCTL_SET_EVENT_HANDLE \n");
    > pFdoData->CallbackAddress = ((ULONG*)
    > pIrpStack->Parameters.DeviceIoControl.Type3InputBuffer)[0];
    >
    >
    > pFdoData->KernelCallback = NULL;
    > pFdoData->KernelCallback = (PCALLBACK_ROUTINE) pFdoData->CallbackAddress;
    >
    > if(pFdoData->KernelCallback == NULL)
    > {
    > DbgPrint ("\nJinSdDesigner:\t Invalid Function Pointer \n");
    > DbgPrint("\nJinSdDesigner:\t Error at File:- %s,\n Line:-( %d): \n",
    > __FILE__, __LINE__);
    > pIrp->IoStatus.Information = 0;
    > ntStatus = STATUS_INVALID_USER_BUFFER;
    > goto EXIT;
    > }
    >
    > DbgPrint("\nJinSdDesigner:\t Valid Function Pointer\n");
    >
    > pIrp->IoStatus.Information = ntStatus;
    > break;
    > default:
    > ntStatus = STATUS_INVALID_DEVICE_REQUEST;
    > DbgPrint ("\nJinSdDesigner:\t Inside default case\n");
    >
    >
    > }
    >
    > EXIT:
    > pIrp->IoStatus.Status = ntStatus;
    > IoCompleteRequest (pIrp, IO_NO_INCREMENT);
    > DbgPrint ("\nJinSdDesigner:\t <--- %s \n",__FUNCTION__);
    > return ntStatus;
    > }
    >
    > BOOLEAN JinSdDesignerInterruptHandler(IN PKINTERRUPT pkInterupt,IN PVOID
    > pVoidServiceContext)
    > {
    > PJIN_SD_DESIGNER_FDO_DATA pFdoData;
    > BOOLEAN bInterruptRecognized = FALSE;
    > pFdoData = (PJIN_SD_DESIGNER_FDO_DATA) pVoidServiceContext;
    >
    > DbgPrint ("\nJinSdDesigner:\t %s---> \n",__FUNCTION__);
    >
    >
    > if(bInterruptRecognized = JinSdDesignerAcknowledgeInterrupt(pFdoData))
    > IoRequestDpc(pFdoData->Self, NULL, pFdoData);
    >
    > DbgPrint ("\nJinSdDesigner:\t <--- %s \n",__FUNCTION__);
    >
    > return bInterruptRecognized;
    > }
    >
    > VOID JinSdDesignerDpcForIsr(IN PKDPC pkDpc,IN PDEVICE_OBJECT
    > pDeviceObject,IN PIRP pIrpSystemArgument1,IN PVOID pVoidSystemArgument2)
    > {
    > PJIN_SD_DESIGNER_FDO_DATA pFdoData;
    > KIRQL CurIrql;
    > ULONG RetVal=0;
    >
    > pFdoData = (PJIN_SD_DESIGNER_FDO_DATA) pDeviceObject->DeviceExtension;
    >
    > DbgPrint ("\nJinSdDesigner:\t %s---> \n",__FUNCTION__);
    >
    > RetVal = 777;
    > DbgPrint("\nJinSdDesigner:\t Before calling call back function\n");
    > DbgPrint ("\nJinSdDesigner:\tCallback Function Return
    > value:-(%u)\n",RetVal);
    >
    > CurIrql = KeGetCurrentIrql();
    > KeLowerIrql(PASSIVE_LEVEL);
    >
    > RetVal =
    > pFdoData->KernelCallback(pFdoData->usNormalInterruptRegisterData,pFdoData->usErrorInterruptRegisterData);
    >
    > KeRaiseIrql(CurIrql,&CurIrql);
    >
    > DbgPrint("\nJinSdDesigner:\t After calling call back function\n");
    > DbgPrint ("\nJinSdDesigner:\tCallback Function Return
    > value:-(%u)\n",RetVal);
    >
    >
    >
    >
    > DbgPrint ("\nJinSdDesigner:\t <--- %s \n",__FUNCTION__);
    > }
    >
    > if u need some more clarification please let me know.
    > i am very much keen to know the reason why i am getting BSOD for the
    > second time.
    >
    > Best Regards
    > Nayan
    >
    > _________________________________________________________________
    > MSN cricket features 'Cricketer of the Month'
    > http://content.msn.co.in/Sports/Cricket/Default.aspx
    >
    >
  • Typo- SDV (not SDC), of course.

    This may help understand the problem (although it's a bit abstracted and simplified- hope that doesn't lead to eventual confusion): all user-mode processes on your system have the same virtual address range- how that maps to physical memory addresses is controlled by "page tables" used by the processor. There are tables for each process, so what an address means depends upon which table is in use on the processor executing your Dpc. Your callback address is probably a different piece of code (or data, or even an invalid address) in each process running on the machine.

    An interrupt has to be handled quickly, and Dpcs also need to be fast. Because of this, they get handled ASAP, in the address space of whatever process is executing at the time they get called.

    So your callback to a user mode address from a Dpc is a roll of the dice- it could execute anything or nothing. It is just the wrong way to solve your problem.

    Please use the inverted call method described earlier. Or at least explain why it doesn't meet your needs.
  • Thanks for the summary, Don. Wish I could so as well :).
  • > -----Original Message-----
    > From: xxxxx@lists.osr.com [mailto:bounce-275438-
    > xxxxx@lists.osr.com] On Behalf Of Don Burn
    > Sent: Friday, January 12, 2007 9:54 AM
    > To: Windows System Software Devs Interest List
    > Subject: Re:[ntdev] How to communicate from kernel mode to user mod app
    >
    > Nayan,
    >
    > Bob did a nice general do not go there. I want to explain a few of
    > the reasons this code is REALLY BAD. These are from simplest to hardest
    > to
    > fix:
    >
    > 1. You lower IRQL in the DPC routine, this breaks the locking of
    > the
    > kernel. You can never do this, if you are not the one who raised IRQL by
    > a
    > KeRaiseIrql call, then do not lower it. On a uniprocessor you have just
    > turned off all spin locks, and on a multiprocessor you have mess things up
    > well so crashes and deadlocks the likely result.
    >
    > 2. As Bob mentioned, DPC's run in arbitrary context, this means you
    > cannot rely on the address your IOCTL passed in, since the program with
    > that address maybe swapped out, or at least not running and the address
    > you
    > get is for another process. So the address can be totally invalid, and
    > fail.
    >
    > 3. Even if you fix the above, you have opened a large security
    > hole. The code in the kernel is trusted, now you are allowing any process
    > that wants to run at the trusted level. Basically, this code will allow
    > any MALWARE writer to completely take over the computer.
    >
    > As a number of people suggested, you should go to the inverted call.
    > Instead of having the IOCTL pass a pointer to a routine, pend the IOCTL
    > and
    > complete it in the DPC routine, to signal the event. Any method trying to
    > call directly into user code, is going to never be safe and reliable.
    >
    [PCAUSA] One additional thought.

    If you really like the logic of having a callback to in user-mode when
    driver data is available, study the user-mode asynchronous I/O methods. In
    particular, look at "asynchronous procedure callbacks" (See ReadFileEx and
    friends) as well as I/O completion ports (See CreateIoCompletionPort and
    friends).

    Both of these user-mode techniques are fairly high performance.

    AND, in the driver you still handle the inverted call in the same way that
    most folks are recommending.

    Good luck,

    Thomas F. Divine



    >
    > --
    > Don Burn (MVP, Windows DDK)
    > Windows 2k/XP/2k3 Filesystem and Driver Consulting
    > http://www.windrvr.com
    > Remove StopSpam from the email to reply
    >
    >
    > "nayan kumar" <xxxxx@hotmail.com> wrote in message
    > news:xxxxx@ntdev...
    > > Hi Tim,
    > > Thanks for your reply.I certainly accept this that i am a kid
    > > before you expert people in this area .Please dont mind.
    > >
    > > here is the code from driver part
    > >
    > >
    > > //declaration
    > > typedef ULONG (*PCALLBACK_ROUTINE)(UHORT,USHORT);
    > >
    > > typedef struct _JIN_SD_DESIGNER_FDO_DATA
    > > {
    > > ULONG CallbackAddress;
    > > PCALLBACK_ROUTINE KernelCallback;
    > >
    > > }JIN_SD_DESIGNER_FDO_DATA, *PJIN_SD_DESIGNER_FDO_DATA;
    > >
    > > NTSTATUS JinSdDesignerDispatchIoctl(IN PDEVICE_OBJECT pDeviceObject,IN
    > > PIRP pIrp)
    > > {
    > > PIO_STACK_LOCATION pIrpStack;
    > > NTSTATUS ntStatus= STATUS_SUCCESS;
    > > PJIN_SD_DESIGNER_FDO_DATA pFdoData;
    > >
    > > pFdoData = (PJIN_SD_DESIGNER_FDO_DATA) pDeviceObject-
    > >DeviceExtension;
    > > pIrpStack = IoGetCurrentIrpStackLocation (pIrp);
    > >
    > > switch(pIrpStack->Parameters.DeviceIoControl.IoControlCode)
    > > {
    > > case IOCTL_SET_EVENT_HANDLE:
    > > DbgPrint ("\nJinSdDesigner:\t IOCTL_SET_EVENT_HANDLE \n");
    > > pFdoData->CallbackAddress = ((ULONG*)
    > > pIrpStack->Parameters.DeviceIoControl.Type3InputBuffer)[0];
    > >
    > >
    > > pFdoData->KernelCallback = NULL;
    > > pFdoData->KernelCallback = (PCALLBACK_ROUTINE) pFdoData-
    > >CallbackAddress;
    > >
    > > if(pFdoData->KernelCallback == NULL)
    > > {
    > > DbgPrint ("\nJinSdDesigner:\t Invalid Function Pointer \n");
    > > DbgPrint("\nJinSdDesigner:\t Error at File:- %s,\n Line:-( %d): \n",
    > > __FILE__, __LINE__);
    > > pIrp->IoStatus.Information = 0;
    > > ntStatus = STATUS_INVALID_USER_BUFFER;
    > > goto EXIT;
    > > }
    > >
    > > DbgPrint("\nJinSdDesigner:\t Valid Function Pointer\n");
    > >
    > > pIrp->IoStatus.Information = ntStatus;
    > > break;
    > > default:
    > > ntStatus = STATUS_INVALID_DEVICE_REQUEST;
    > > DbgPrint ("\nJinSdDesigner:\t Inside default case\n");
    > >
    > >
    > > }
    > >
    > > EXIT:
    > > pIrp->IoStatus.Status = ntStatus;
    > > IoCompleteRequest (pIrp, IO_NO_INCREMENT);
    > > DbgPrint ("\nJinSdDesigner:\t <--- %s \n",__FUNCTION__);
    > > return ntStatus;
    > > }
    > >
    > > BOOLEAN JinSdDesignerInterruptHandler(IN PKINTERRUPT pkInterupt,IN
    > PVOID
    > > pVoidServiceContext)
    > > {
    > > PJIN_SD_DESIGNER_FDO_DATA pFdoData;
    > > BOOLEAN bInterruptRecognized = FALSE;
    > > pFdoData = (PJIN_SD_DESIGNER_FDO_DATA) pVoidServiceContext;
    > >
    > > DbgPrint ("\nJinSdDesigner:\t %s---> \n",__FUNCTION__);
    > >
    > >
    > > if(bInterruptRecognized = JinSdDesignerAcknowledgeInterrupt(pFdoData))
    > > IoRequestDpc(pFdoData->Self, NULL, pFdoData);
    > >
    > > DbgPrint ("\nJinSdDesigner:\t <--- %s \n",__FUNCTION__);
    > >
    > > return bInterruptRecognized;
    > > }
    > >
    > > VOID JinSdDesignerDpcForIsr(IN PKDPC pkDpc,IN PDEVICE_OBJECT
    > > pDeviceObject,IN PIRP pIrpSystemArgument1,IN PVOID
    > pVoidSystemArgument2)
    > > {
    > > PJIN_SD_DESIGNER_FDO_DATA pFdoData;
    > > KIRQL CurIrql;
    > > ULONG RetVal=0;
    > >
    > > pFdoData = (PJIN_SD_DESIGNER_FDO_DATA) pDeviceObject->DeviceExtension;
    > >
    > > DbgPrint ("\nJinSdDesigner:\t %s---> \n",__FUNCTION__);
    > >
    > > RetVal = 777;
    > > DbgPrint("\nJinSdDesigner:\t Before calling call back function\n");
    > > DbgPrint ("\nJinSdDesigner:\tCallback Function Return
    > > value:-(%u)\n",RetVal);
    > >
    > > CurIrql = KeGetCurrentIrql();
    > > KeLowerIrql(PASSIVE_LEVEL);
    > >
    > > RetVal =
    > > pFdoData->KernelCallback(pFdoData-
    > >usNormalInterruptRegisterData,pFdoData->usErrorInterruptRegisterData);
    > >
    > > KeRaiseIrql(CurIrql,&CurIrql);
    > >
    > > DbgPrint("\nJinSdDesigner:\t After calling call back function\n");
    > > DbgPrint ("\nJinSdDesigner:\tCallback Function Return
    > > value:-(%u)\n",RetVal);
    > >
    > >
    > >
    > >
    > > DbgPrint ("\nJinSdDesigner:\t <--- %s \n",__FUNCTION__);
    > > }
    > >
    > > if u need some more clarification please let me know.
    > > i am very much keen to know the reason why i am getting BSOD for the
    > > second time.
    > >
    > > Best Regards
    > > Nayan
    > >
    > > _________________________________________________________________
    > > MSN cricket features 'Cricketer of the Month'
    > > http://content.msn.co.in/Sports/Cricket/Default.aspx
    > >
    > >
    >
    >
    >
    > ---
    > Questions? First check the Kernel Driver FAQ at
    > http://www.osronline.com/article.cfm?id=256
    >
    > To unsubscribe, visit the List Server section of OSR Online at
    > http://www.osronline.com/page.cfm?name=ListServer
  • How anyone can expect to do kernel development without an effective debug
    capability is a mystery.

    All we can tell you is, oh yeah, you have a kernel mode exception that is
    not handled. Probably you have an access denied (C0000005) and quite
    possibly a bogus pointer (23210BE). Now ... if you had WinDbg up and running
    there is a whole herd of analytical tools available that can be called forth
    to find out what went bump in the night. But ... you don't have the
    resources for WinDbg, so really, about all that can be done is to scratch
    various parts of our anatomy and wonder why a kernel developer doesn't have
    the resources to do their work.

    --
    The personal opinion of
    Gary G. Little

    "nayan kumar" wrote in message news:xxxxx@ntdev...
    > Hi All,
    > First of all thnaks to all people for their valuable suggesion. I
    > started implementing your suggesion. In between i googled about this and
    > found some stuff with the help of that i tried to implement callback
    > function for sending data from kernel to user mode application.I am facing
    > some problem with it and want to discuss it with you people just for my
    > knowledge. For the first time callback function gets called properly no
    > issue at all.but when i get interrupt for the second time that time i am
    > getting BSOD .due to lack of resources i am not able to use windbg but i
    > am writting down the text which appears on my computer screen.it is as
    > follows
    >
    > STOP : 0x0000001E (0xC0000005,0x023210BE,0x00000000,0x023210BE)
    >
    > KMODE_EXCEPTION_NOT_HANDLED
    >
    > Beginning dump of physical memory
    >
    > when i tried for the second time that time i got the crash again but this
    > time the text appears on my computer screen was quite diffrent from the
    > previous one which is as follows
    >
    > STOP : 0x000000B8 (0x00000000,0x00000000,0x00000000,0x00000000)
    >
    > A wait operation attach process or yield was attempt from DPC routine
    >
    > Beginning dump of physical memory
    >
    > i appreciate if you expert people can help me to get rid from this BSOD
    > and making the driver work properly.
    >
    > Best Regards
    > Nayan
    >
    > _________________________________________________________________
    > Always wanted to be a writer? Here's your chance!
    > http://content.msn.co.in/Contribute/Default.aspx
    >
    >
  • NAYAN:

    I can't recall if you are developing a driver for actual hardware. If
    you are, then disregard what follows, as it will not help you.

    You can download Microsoft VirtualPC (I believe that it is still free).
    This will allow you to emulate and debug a target operating system all
    on your development machine. It is not a ideal solution, but, given
    your constraints, it is your only option, as not having no kernel
    debugger at all is fatal, SoftICE is not made any more and costs more
    than another machine anyway, and local kernel debugging with WinDbg is
    basically useless.

    In any case:

    WinDbg:

    http://www.microsoft.com/whdc/devtools/debugging/installx86.mspx

    VirtualPC:

    http://www.microsoft.com/downloads/details.aspx?FamilyId=6D58729D-DFA8-40BF-AFAF-20BCB7F01CD1&displaylang=en

    This link tells how to setup WinDbg for use with a VM.

    http://support.microsoft.com/kb/871171

    The constraints that lack of resources are imposing are indeed totally
    untenable. That being said, I seriously doubt it is a choice, so I hope
    this helps.

    Best of luck,

    mm


    http://support.microsoft.com/kb/871171
    >>> xxxxx@seagate.com 2007-01-12 16:52 >>>
    How anyone can expect to do kernel development without an effective
    debug
    capability is a mystery.

    All we can tell you is, oh yeah, you have a kernel mode exception that
    is
    not handled. Probably you have an access denied (C0000005) and quite
    possibly a bogus pointer (23210BE). Now ... if you had WinDbg up and
    running
    there is a whole herd of analytical tools available that can be called
    forth
    to find out what went bump in the night. But ... you don't have the
    resources for WinDbg, so really, about all that can be done is to
    scratch
    various parts of our anatomy and wonder why a kernel developer doesn't
    have
    the resources to do their work.

    --
    The personal opinion of
    Gary G. Little

    "nayan kumar" <xxxxx@hotmail.com> wrote in message
    news:xxxxx@ntdev...
    > Hi All,
    > First of all thnaks to all people for their valuable
    suggesion. I
    > started implementing your suggesion. In between i googled about this
    and
    > found some stuff with the help of that i tried to implement callback

    > function for sending data from kernel to user mode application.I am
    facing
    > some problem with it and want to discuss it with you people just for
    my
    > knowledge. For the first time callback function gets called properly
    no
    > issue at all.but when i get interrupt for the second time that time i
    am
    > getting BSOD .due to lack of resources i am not able to use windbg
    but i
    > am writting down the text which appears on my computer screen.it is
    as
    > follows
    >
    > STOP : 0x0000001E (0xC0000005,0x023210BE,0x00000000,0x023210BE)
    >
    > KMODE_EXCEPTION_NOT_HANDLED
    >
    > Beginning dump of physical memory
    >
    > when i tried for the second time that time i got the crash again but
    this
    > time the text appears on my computer screen was quite diffrent from
    the
    > previous one which is as follows
    >
    > STOP : 0x000000B8 (0x00000000,0x00000000,0x00000000,0x00000000)
    >
    > A wait operation attach process or yield was attempt from DPC
    routine
    >
    > Beginning dump of physical memory
    >
    > i appreciate if you expert people can help me to get rid from this
    BSOD
    > and making the driver work properly.
    >
    > Best Regards
    > Nayan
    >
    > _________________________________________________________________
    > Always wanted to be a writer? Here's your chance!
    > http://content.msn.co.in/Contribute/Default.aspx
    >
    >



    ---
    Questions? First check the Kernel Driver FAQ at
    http://www.osronline.com/article.cfm?id=256

    To unsubscribe, visit the List Server section of OSR Online at
    http://www.osronline.com/page.cfm?name=ListServer
  • anton_bassovanton_bassov Posts: 4,777
    Don,

    > Bob did a nice general do not go there. I want to explain a few of
    > the reasons this code is REALLY BAD.

    Both you and Bob seem to have overlooked one important detail - on x86 architecture, privileged code cannot call unprivileged one. Period. There are only 3 ways how this transition can get done, i.e. IRETD, SYSEXIT and far RET (irrelevant under Windows). In the OP's case, the callback that resides in the user address space will be treated as privileged code if it gets invoked from the kernel mode, because CALL does not affect CS register. Under XP and above, user-to kernel mode transition is done as SYSENTER, and this instruction can be executed only by non-privileged code.
    Now imagine what is going to happen if this callback tries to make any system call - privileged code
    executes SYSENTER and ...... BANG!!!!!!!

    Therefore, unless his callback does not make any system calls, the whole thing could not have worked even on *SINGLE* occasion - even if callback gets invoked in context of the right thread and no page faults occur, it is still bound to crash....

    Anton Bassov
  • Hi All,
    Thanks to all for your valuable suggesion.

    I already mention in my post that while finding some tutorial or stuff about
    communicating with user mode app from kernel mode i got that sample and i
    just tried for my knowledge purpose weather its working or not .only this is
    the reason that i tried that for checking although i started implementing
    inverted call for getting my work done i dont have any issue at all with
    inverted call.

    If this is not the best way to increase our knowledge level then i am really
    very sorry that i am heading in wrong direction.if you expert people can
    give me right direction for learning anything new about which we are unknown
    i would be very thankful to you.

    Best Regards
    Nayan



    >From: "Martin O'Brien" <xxxxx@evitechnology.com>
    >Reply-To: "Windows System Software Devs Interest List"
    ><xxxxx@lists.osr.com>
    >To: "Windows System Software Devs Interest List" <xxxxx@lists.osr.com>
    >Subject: Re:[ntdev] RE:How to communicate from kernel mode to user mod app
    >Date: Fri, 12 Jan 2007 17:33:13 -0500
    >
    >NAYAN:
    >
    >I can't recall if you are developing a driver for actual hardware. If
    >you are, then disregard what follows, as it will not help you.
    >
    >You can download Microsoft VirtualPC (I believe that it is still free).
    > This will allow you to emulate and debug a target operating system all
    >on your development machine. It is not a ideal solution, but, given
    >your constraints, it is your only option, as not having no kernel
    >debugger at all is fatal, SoftICE is not made any more and costs more
    >than another machine anyway, and local kernel debugging with WinDbg is
    >basically useless.
    >
    >In any case:
    >
    >WinDbg:
    >
    >http://www.microsoft.com/whdc/devtools/debugging/installx86.mspx
    >
    >VirtualPC:
    >
    >http://www.microsoft.com/downloads/details.aspx?FamilyId=6D58729D-DFA8-40BF-AFAF-20BCB7F01CD1&displaylang=en
    >
    >This link tells how to setup WinDbg for use with a VM.
    >
    >http://support.microsoft.com/kb/871171
    >
    >The constraints that lack of resources are imposing are indeed totally
    >untenable. That being said, I seriously doubt it is a choice, so I hope
    >this helps.
    >
    >Best of luck,
    >
    >mm
    >
    >
    >http://support.microsoft.com/kb/871171
    > >>> xxxxx@seagate.com 2007-01-12 16:52 >>>
    >How anyone can expect to do kernel development without an effective
    >debug
    >capability is a mystery.
    >
    >All we can tell you is, oh yeah, you have a kernel mode exception that
    >is
    >not handled. Probably you have an access denied (C0000005) and quite
    >possibly a bogus pointer (23210BE). Now ... if you had WinDbg up and
    >running
    >there is a whole herd of analytical tools available that can be called
    >forth
    >to find out what went bump in the night. But ... you don't have the
    >resources for WinDbg, so really, about all that can be done is to
    >scratch
    >various parts of our anatomy and wonder why a kernel developer doesn't
    >have
    >the resources to do their work.
    >
    >--
    >The personal opinion of
    >Gary G. Little
    >
    >"nayan kumar" <xxxxx@hotmail.com> wrote in message
    >news:xxxxx@ntdev...
    > > Hi All,
    > > First of all thnaks to all people for their valuable
    >suggesion. I
    > > started implementing your suggesion. In between i googled about this
    >and
    > > found some stuff with the help of that i tried to implement callback
    >
    > > function for sending data from kernel to user mode application.I am
    >facing
    > > some problem with it and want to discuss it with you people just for
    >my
    > > knowledge. For the first time callback function gets called properly
    >no
    > > issue at all.but when i get interrupt for the second time that time i
    >am
    > > getting BSOD .due to lack of resources i am not able to use windbg
    >but i
    > > am writting down the text which appears on my computer screen.it is
    >as
    > > follows
    > >
    > > STOP : 0x0000001E (0xC0000005,0x023210BE,0x00000000,0x023210BE)
    > >
    > > KMODE_EXCEPTION_NOT_HANDLED
    > >
    > > Beginning dump of physical memory
    > >
    > > when i tried for the second time that time i got the crash again but
    >this
    > > time the text appears on my computer screen was quite diffrent from
    >the
    > > previous one which is as follows
    > >
    > > STOP : 0x000000B8 (0x00000000,0x00000000,0x00000000,0x00000000)
    > >
    > > A wait operation attach process or yield was attempt from DPC
    >routine
    > >
    > > Beginning dump of physical memory
    > >
    > > i appreciate if you expert people can help me to get rid from this
    >BSOD
    > > and making the driver work properly.
    > >
    > > Best Regards
    > > Nayan
    > >
    > > _________________________________________________________________
    > > Always wanted to be a writer? Here's your chance!
    > > http://content.msn.co.in/Contribute/Default.aspx
    > >
    > >
    >
    >
    >
    >---
    >Questions? First check the Kernel Driver FAQ at
    >http://www.osronline.com/article.cfm?id=256
    >
    >To unsubscribe, visit the List Server section of OSR Online at
    >http://www.osronline.com/page.cfm?name=ListServer
    >
    >---
    >Questions? First check the Kernel Driver FAQ at
    >http://www.osronline.com/article.cfm?id=256
    >
    >To unsubscribe, visit the List Server section of OSR Online at
    >http://www.osronline.com/page.cfm?name=ListServer

    _________________________________________________________________
    Get up-to-date with movies, music and TV. Its happening on MSN Entertainment
    http://content.msn.co.in/Entertainment/Default
  • Hi All,
    Thanks to all for your valuable suggesion.

    I already mention in my post that while finding some tutorial or stuff about
    communicating with user mode app from kernel mode i got that sample and i
    just tried for my knowledge purpose weather its working or not .only this is
    the reason that i tried that for checking although i started implementing
    inverted call for getting my work done i dont have any issue at all with
    inverted call.I asked about that problem from you expert people just to know
    the reason why that was failing because i was unable to find out the reason,
    there is no any other intension behind asking that problem from you people
    because you are expert in this having years of experience.

    Lastly if this is not the best way to increase our knowledge level then i am
    really very sorry that i am heading in wrong direction.if you expert people
    can give me right direction for learning anything new about which we are
    unknown i would be very thankful to you.

    Best Regards
    Nayan

    _________________________________________________________________
    Spice up your IM conversations. New, colorful and animated emoticons. Get
    chatting! http://server1.msn.co.in/SP05/emoticons/
  • Don_BurnDon_Burn Posts: 4,311
    Nayan,

    Like everything else on the internet the samples you find for Windows
    drivers are everything from outstanding to toxix waste. The samples
    Microsoft puts out in the DDK/WDK can be relied on to show good practices,
    the code from Osronline.con, Ndis.com, wd-3.com and sysinternals.com is
    also quite good. After that you have to have be careful, there is some
    excellent code, and some total garbage and in some cases it is on the same
    sites. It is reasonable to ask on a group on the quality of a sample, just
    provide a link to the original.

    For increasing your knowledge, look at the articles on the site I
    listed, plus especially http://www.microsoft.com/whdc/default.mspx the
    Microsoft site for drivers. Use the archives, for example checking the OSR
    archives you would have found lots of discussion of calling user mode over
    the years.

    Of course, if you can take a class from one of the excellent firms that
    offer them, or go to Microsoft's WinHEC or DDC conferences definitely do
    that to increase knowledge and experience.


    --
    Don Burn (MVP, Windows DDK)
    Windows 2k/XP/2k3 Filesystem and Driver Consulting
    http://www.windrvr.com
    Remove StopSpam from the email to reply



    "nayan kumar" wrote in message
    news:xxxxx@ntdev...
    > Hi All,
    > Thanks to all for your valuable suggesion.
    >
    > I already mention in my post that while finding some tutorial or stuff
    > about communicating with user mode app from kernel mode i got that sample
    > and i just tried for my knowledge purpose weather its working or not
    > .only this is the reason that i tried that for checking although i
    > started implementing inverted call for getting my work done i dont have
    > any issue at all with inverted call.I asked about that problem from you
    > expert people just to know the reason why that was failing because i was
    > unable to find out the reason, there is no any other intension behind
    > asking that problem from you people because you are expert in this
    > having years of experience.
    >
    > Lastly if this is not the best way to increase our knowledge level then i
    > am really very sorry that i am heading in wrong direction.if you expert
    > people can give me right direction for learning anything new about which
    > we are unknown i would be very thankful to you.
    >
    > Best Regards
    > Nayan
    >
    > _________________________________________________________________
    > Spice up your IM conversations. New, colorful and animated emoticons. Get
    > chatting! http://server1.msn.co.in/SP05/emoticons/
    >
    >
  • NAYAN:

    You've have no reason to apologize. These lists, while very useful,
    can at times be significantly populated with a lot of self-serving
    criticism for a variety of reasons; I have certainly been guilty of that
    at times. There is no reason to feel bad, because, while what you are
    attempting is basically impossible and unreasonable, we all started
    somewhere, and the bottom line is that no one on this list had a gun to
    his or her head and had to respond to your question; he or she could
    have just not answered, or, as many did, just give you the facts.

    Best of luck,

    mm

    >>> xxxxx@hotmail.com 2007-01-13 09:03 >>>
    Hi All,
    Thanks to all for your valuable suggesion.

    I already mention in my post that while finding some tutorial or stuff
    about
    communicating with user mode app from kernel mode i got that sample and
    i
    just tried for my knowledge purpose weather its working or not .only
    this is
    the reason that i tried that for checking although i started
    implementing
    inverted call for getting my work done i dont have any issue at all
    with
    inverted call.I asked about that problem from you expert people just to
    know
    the reason why that was failing because i was unable to find out the
    reason,
    there is no any other intension behind asking that problem from you
    people
    because you are expert in this having years of experience.

    Lastly if this is not the best way to increase our knowledge level then
    i am
    really very sorry that i am heading in wrong direction.if you expert
    people
    can give me right direction for learning anything new about which we
    are
    unknown i would be very thankful to you.

    Best Regards
    Nayan

    _________________________________________________________________
    Spice up your IM conversations. New, colorful and animated emoticons.
    Get
    chatting! http://server1.msn.co.in/SP05/emoticons/


    ---
    Questions? First check the Kernel Driver FAQ at
    http://www.osronline.com/article.cfm?id=256

    To unsubscribe, visit the List Server section of OSR Online at
    http://www.osronline.com/page.cfm?name=ListServer
  • Tim_RobertsTim_Roberts Posts: 12,567
    Martin O'Brien wrote:
    > You've have no reason to apologize. These lists, while very useful,
    > can at times be significantly populated with a lot of self-serving
    > criticism for a variety of reasons; I have certainly been guilty of that
    > at times. There is no reason to feel bad, because, while what you are
    > attempting is basically impossible and unreasonable, we all started
    > somewhere, and the bottom line is that no one on this list had a gun to
    > his or her head and had to respond to your question; he or she could
    > have just not answered, or, as many did, just give you the facts.
    >

    This may be a point of view thing. When people begin to ask questions
    on a forum like this, they tend to think of it as a telephone
    conversation with an individual expert, one-on-one. In that situation,
    criticism and generalizations can seem daunting and discouraging.

    On the other hand, those of us who have been here a while tend to think
    of this forum as a panel discussion in a large lecture hall, and I think
    that's a better model. Specific questions very often raise issues of
    general concern, and we would be remiss to let the issues go by without
    comment. Also, as I've said before, these posts now live forever in
    various different archives. A year from now, some inexperienced person
    will go looking for the answer to a similar question. If they just see
    an answer with no cautions, they may get the wrong impression.

    So, when someone asks how to use a power drill on a 2x4 that is sitting
    on their lap, I'll explain how to do it, but I'm also going to feel free
    to explain why a sawhorse is a much better idea.

    --
    Tim Roberts, xxxxx@probo.com
    Providenza & Boekelheide, Inc.

    Tim Roberts, [email protected]
    Providenza & Boekelheide, Inc.

  • Fair enough and agreed. My basic observation about these sorts of
    questions and issue with them is that they tend to produce the amazingly
    long threads about very little, which wouldn't really matter, except
    that, at least for me, these lists, while invaluable, can take a long
    time to get through.

    mm

    >>> xxxxx@probo.com 2007-01-15 13:07 >>>
    Martin O'Brien wrote:
    > You've have no reason to apologize. These lists, while very useful,
    > can at times be significantly populated with a lot of self-serving
    > criticism for a variety of reasons; I have certainly been guilty of
    that
    > at times. There is no reason to feel bad, because, while what you
    are
    > attempting is basically impossible and unreasonable, we all started
    > somewhere, and the bottom line is that no one on this list had a gun
    to
    > his or her head and had to respond to your question; he or she could
    > have just not answered, or, as many did, just give you the facts.
    >

    This may be a point of view thing. When people begin to ask questions
    on a forum like this, they tend to think of it as a telephone
    conversation with an individual expert, one-on-one. In that
    situation,
    criticism and generalizations can seem daunting and discouraging.

    On the other hand, those of us who have been here a while tend to
    think
    of this forum as a panel discussion in a large lecture hall, and I
    think
    that's a better model. Specific questions very often raise issues of
    general concern, and we would be remiss to let the issues go by
    without
    comment. Also, as I've said before, these posts now live forever in
    various different archives. A year from now, some inexperienced
    person
    will go looking for the answer to a similar question. If they just
    see
    an answer with no cautions, they may get the wrong impression.

    So, when someone asks how to use a power drill on a 2x4 that is
    sitting
    on their lap, I'll explain how to do it, but I'm also going to feel
    free
    to explain why a sawhorse is a much better idea.

    --
    Tim Roberts, xxxxx@probo.com
    Providenza & Boekelheide, Inc.


    ---
    Questions? First check the Kernel Driver FAQ at
    http://www.osronline.com/article.cfm?id=256

    To unsubscribe, visit the List Server section of OSR Online at
    http://www.osronline.com/page.cfm?name=ListServer
  • Hi All,
    According to your suggession i implemented inverted call for
    sending interrupt register val to user mode app, Although its working fine
    in normal cases but when i call the that function in which i put the
    dequeuing logic from deferred procedure call my system gets restarted.

    at this point i am not able to find out the reason why it is hapening so if
    any one can help me to solve this problem i would be very thankful to you
    people.

    i am taking help from ddk sample in my case path is as follow
    C:\WINDDK\3790.1830\src\general\pcidrv.

    Best Regards
    Nayan

    _________________________________________________________________
    Over 200000 Jobs @ naukri.com ! Choose The Best One
    http://naukri.com/tieups/tieups.php?othersrcp=4358
  • > -----Original Message-----
    > From: xxxxx@lists.osr.com [mailto:bounce-275866-
    > xxxxx@lists.osr.com] On Behalf Of nayan kumar
    > Sent: Wednesday, January 17, 2007 6:33 AM
    > To: Windows System Software Devs Interest List
    > Subject: RE:[ntdev] How to communicate from kernel mode to user mod app
    >
    >
    >
    > Hi All,
    > According to your suggession i implemented inverted call for
    > sending interrupt register val to user mode app, Although its working fine
    > in normal cases but when i call the that function in which i put the
    > dequeuing logic from deferred procedure call my system gets restarted.
    >
    [PCAUSA] All parameters that you pass to the driver during asynchronous I/O
    must persist until the call is completed. If you allocate a parameter on the
    stack instead of from the heap then the stack variable will not exist when
    the call completes. If that happens, the system could crash.

    Examine everything that you pass to the driver and make sure it is allocated
    properly.

    Thomas F. Divine


    > at this point i am not able to find out the reason why it is hapening so
    > if
    > any one can help me to solve this problem i would be very thankful to you
    > people.
    >
    > i am taking help from ddk sample in my case path is as follow
    > C:\WINDDK\3790.1830\src\general\pcidrv.
    >
    > Best Regards
    > Nayan
    >
    > _________________________________________________________________
    > Over 200000 Jobs @ naukri.com ! Choose The Best One
    > http://naukri.com/tieups/tieups.php?othersrcp=4358
    >
    >
    > ---
    > Questions? First check the Kernel Driver FAQ at
    > http://www.osronline.com/article.cfm?id=256
    >
    > To unsubscribe, visit the List Server section of OSR Online at
    > http://www.osronline.com/page.cfm?name=ListServer
  • Hi All,
    Thanks to all people for putting me in comfort zone by giving your
    valuable suggesion.I got success in acomplishing my work.Its working
    properly now.

    I again beg a pardon if any of my queries made you feel embrrassed. Whenever
    i stuck with any problem i usually try everything whatever comes in my mind
    or i get any clue from somewhere else due to my curious nature and the fact
    that i just started swimming in this sea.

    Hopefully you great people will understand this.

    Best Regards
    Nayan

    _________________________________________________________________
    Catch all the cricketing action right here. Live score, match reports,
    photos et al. http://content.msn.co.in/Sports/Cricket/Default.aspx
  • Hi All,
    Thanks to all people for putting me in comfort zone by giving your
    valuable suggesion.I got success in acomplishing my work.Its working
    properly now.

    I again beg a pardon if any of my queries made you feel embrrassed. Whenever
    i stuck with any problem i usually try everything whatever comes in my mind
    or i get any clue from somewhere else due to my curious nature and the fact
    that i just started swimming in this sea.

    Hopefully you great people will understand this.

    Best Regards
    Nayan

    _________________________________________________________________
    Always wanted to be a writer? Here's your chance!
    http://content.msn.co.in/Contribute/Default.aspx
Sign In or Register to comment.

Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!