I’m trying to implement Inverse IRPs for asynchronous communication
from driver to user, while retaining a synchronous (separate) IoControl chain,
by calling CreateFile on the driver twice, once for non-overlapped mode
and once for overlapped mode.
I get a memory access violation in the nt module when completing an
overlapped irp.
Could this be made to work, or should I not expect it to work?
In case it’s not clear, in user mode I get driver handle A for non-overlapped use:
A = CreateFile(…, FILE_ATTIRBUTE_NORMAL, …)
and handle B for overlapped use:
B = CreateFile(…, FILE_FLAG_OVERLAPPED, …)
I use handle A for general DeviceIoControl()
and B to establish the pended-irps in the driver’s manual queue.
When the pended irp is completed with WdfRequestCompleteWithInformation(),
I get: PAGE_FAULT_BEYOND_END_OF_ALLOCATION (cd)
I’ll leave it at that because I expect I may hear that it won’t work anyway.
Thank you all
This should work just fine. From the driver perspective you have no idea if the handle is async or not. Post the output of !analyze -v, I am guessing that you are trashing memory beyond the allocation. IOW, this is a bug in the driver, not a limitation of the OS
d
-----Original Message-----
From: xxxxx@lists.osr.com [mailto:xxxxx@lists.osr.com] On Behalf Of xxxxx@cornell.edu
Sent: Wednesday, March 2, 2016 4:12 PM
To: Windows System Software Devs Interest List
Subject: [ntdev] can I have two handles, sync and async, to driver
I’m trying to implement Inverse IRPs for asynchronous communication from driver to user, while retaining a synchronous (separate) IoControl chain, by calling CreateFile on the driver twice, once for non-overlapped mode and once for overlapped mode.
I get a memory access violation in the nt module when completing an overlapped irp.
Could this be made to work, or should I not expect it to work?
-----
In case it’s not clear, in user mode I get driver handle A for non-overlapped use:
A = CreateFile(…, FILE_ATTIRBUTE_NORMAL, …)
and handle B for overlapped use:
B = CreateFile(…, FILE_FLAG_OVERLAPPED, …)
I use handle A for general DeviceIoControl() and B to establish the pended-irps in the driver’s manual queue.
When the pended irp is completed with WdfRequestCompleteWithInformation(),
I get: PAGE_FAULT_BEYOND_END_OF_ALLOCATION (cd)
I’ll leave it at that because I expect I may hear that it won’t work anyway.
Thank you all
—
NTDEV is sponsored by OSR
Visit the list online at: https:
MONTHLY seminars on crash dump analysis, WDF, Windows internals and software drivers!
Details at https:
To unsubscribe, visit the List Server section of OSR Online at https:</https:></https:></https:>
The problem isn’t the multiple handles. Are you returning data to the user application when you complete the request? The error sounds like you have returned more data than was requested. Check the buffer length and the number of bytes returned via the Information value.
(Also, always best to post the entire !analyze output. There’s a lot there besides just the crash code.)
-scott
OSR
@OSRDrivers
Knowing this wasn’t a design flaw, I found my error.
Thanks very much - again.