IoGetLowerDeviceObject(…) fails when my device is not a filesystem device. And please notice that the famous tool “devicetree” and the windbg command “devstack” can list out the device stack. So how do they get the lower device in stack?
ok, I find that while I am trying to realize my product, a lot of traps occur. Please help me. If we are in one country, I think I will be happy to serve you a good dinner after my product is finished.
Check out DeviceObjectExtension->DeviceObject.
Haibo
-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of xxxxx@sina.com
Sent: Thursday, March 19, 2009 3:17 PM
To: Windows System Software Devs Interest List
Subject: [ntdev] How to get the lower device in stack?
IoGetLowerDeviceObject(…) fails when my device is not a filesystem device.
And please notice that the famous tool “devicetree” and the windbg command
“devstack” can list out the device stack. So how do they get the lower
device in stack?
NTDEV is sponsored by OSR
For our schedule of WDF, WDM, debugging and other seminars visit:
http://www.osr.com/seminars
To unsubscribe, visit the List Server section of OSR Online at
http://www.osronline.com/page.cfm?name=ListServer
But struct DEVOBJ_EXTENSION is undocumented. And I find some device’s DeviceObjectExtension->DeviceObject is just pointing to itself.
Sorry, It should be DeviceObjectExtension->AttachedTo.
typedef struct _DEVOBJ_EXTENSION {
CSHORT Type;
USHORT Size;
//
// Public part of the DeviceObjectExtension structure
//
PDEVICE_OBJECT DeviceObject; // owning device object
…
ULONG ExtensionFlags;
…
PDEVICE_OBJECT AttachedTo;
…
} DEVOBJ_EXTENSION, *PDEVOBJ_EXTENSION;.
IoGetLowerDeviceObject first check ExtensionFlags for pending unload or
delete, then return AttachedTo.
Haibo
-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of xxxxx@sina.com
Sent: Thursday, March 19, 2009 4:25 PM
To: Windows System Software Devs Interest List
Subject: RE:[ntdev] How to get the lower device in stack?
But struct DEVOBJ_EXTENSION is undocumented. And I find some device’s
DeviceObjectExtension->DeviceObject is just pointing to itself.
NTDEV is sponsored by OSR
For our schedule of WDF, WDM, debugging and other seminars visit:
http://www.osr.com/seminars
To unsubscribe, visit the List Server section of OSR Online at
http://www.osronline.com/page.cfm?name=ListServer
Sorry, But I still find AttachedTo doesn’t point to a device as follows:
3: kd> dt _DEVOBJ_EXTENSION 8995c778
nt!_DEVOBJ_EXTENSION
+0x000 Type : 3
+0x002 Size : 0
+0x004 DeviceObject : 0x8995c6c0 _DEVICE_OBJECT
+0x008 PowerFlags : 0x899f32d0
+0x00c Dope : 0x8995c778 _DEVICE_OBJECT_POWER_EXTENSION
+0x010 ExtensionFlags : 0x899c0f18
+0x014 DeviceNode : 0x00000002
+0x018 AttachedTo : 0x00040001 _DEVICE_OBJECT
+0x01c StartIoCount : 0
+0x020 StartIoKey : -1986672744
+0x024 StartIoFlags : 0x8995c798
+0x028 Vpb : 0xffffffff _VPB
3: kd> !devobj 00040001
00040001: Could not read device object or _DEVICE_OBJECT not found
Post the asm code for IoGetLowerDeviceObject from windbg.
Haibo
-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of xxxxx@sina.com
Sent: Thursday, March 19, 2009 4:52 PM
To: Windows System Software Devs Interest List
Subject: RE:[ntdev] How to get the lower device in stack?
Sorry, But I still find AttachedTo doesn’t point to a device as
follows:
3: kd> dt _DEVOBJ_EXTENSION 8995c778
nt!_DEVOBJ_EXTENSION
+0x000 Type : 3
+0x002 Size : 0
+0x004 DeviceObject : 0x8995c6c0 _DEVICE_OBJECT
+0x008 PowerFlags : 0x899f32d0
+0x00c Dope : 0x8995c778 _DEVICE_OBJECT_POWER_EXTENSION
+0x010 ExtensionFlags : 0x899c0f18
+0x014 DeviceNode : 0x00000002
+0x018 AttachedTo : 0x00040001 _DEVICE_OBJECT
+0x01c StartIoCount : 0
+0x020 StartIoKey : -1986672744
+0x024 StartIoFlags : 0x8995c798
+0x028 Vpb : 0xffffffff _VPB
3: kd> !devobj 00040001
00040001: Could not read device object or _DEVICE_OBJECT not found
NTDEV is sponsored by OSR
For our schedule of WDF, WDM, debugging and other seminars visit:
http://www.osr.com/seminars
To unsubscribe, visit the List Server section of OSR Online at
http://www.osronline.com/page.cfm?name=ListServer
here you are:
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
3: kd> u IoGetLowerDeviceObject
nt!IoGetLowerDeviceObject:
804f189a 8bff mov edi,edi
804f189c 55 push ebp
804f189d 8bec mov ebp,esp
804f189f 53 push ebx
804f18a0 56 push esi
804f18a1 6a0a push 0Ah
804f18a3 59 pop ecx
804f18a4 ff1528914d80 call dword ptr [nt!_imp_KeAcquireQueuedSpinLock (804d9128)]
3: kd> u
nt!IoGetLowerDeviceObject+0x10:
804f18aa 8ad8 mov bl,al
804f18ac 8b4508 mov eax,dword ptr [ebp+8]
804f18af 8b80b0000000 mov eax,dword ptr [eax+0B0h]
804f18b5 33f6 xor esi,esi
804f18b7 f640100f test byte ptr [eax+10h],0Fh
804f18bb 7510 jne nt!IoGetLowerDeviceObject+0x33 (804f18cd)
804f18bd 8b4018 mov eax,dword ptr [eax+18h]
804f18c0 85c0 test eax,eax
3: kd> u
nt!IoGetLowerDeviceObject+0x28:
804f18c2 7409 je nt!IoGetLowerDeviceObject+0x33 (804f18cd)
804f18c4 8bf0 mov esi,eax
804f18c6 8bce mov ecx,esi
804f18c8 e8e15b0300 call nt!ObfReferenceObject (805274ae)
804f18cd 6a0a push 0Ah
804f18cf 8ad3 mov dl,bl
804f18d1 59 pop ecx
804f18d2 ff1530914d80 call dword ptr [nt!_imp_KeReleaseQueuedSpinLock (804d9130)]
3: kd> u
nt!IoGetLowerDeviceObject+0x3e:
804f18d8 8bc6 mov eax,esi
804f18da 5e pop esi
804f18db 5b pop ebx
804f18dc 5d pop ebp
804f18dd c20400 ret 4
804f18e0 cc int 3
804f18e1 cc int 3
804f18e2 cc int 3
Put again, more clear:
;;;;;;;;;;;;;;;;;;;;;;;;;;;
804f189a 8bff mov edi,edi
804f189c 55 push ebp
804f189d 8bec mov ebp,esp
804f189f 53 push ebx
804f18a0 56 push esi
804f18a1 6a0a push 0Ah
804f18a3 59 pop ecx
804f18a4 ff1528914d80 call dword ptr [nt!_imp_KeAcquireQueuedSpinLock (804d9128)]
804f18aa 8ad8 mov bl,al
804f18ac 8b4508 mov eax,dword ptr [ebp+8]
804f18af 8b80b0000000 mov eax,dword ptr [eax+0B0h]
804f18b5 33f6 xor esi,esi
804f18b7 f640100f test byte ptr [eax+10h],0Fh
804f18bb 7510 jne nt!IoGetLowerDeviceObject+0x33 (804f18cd)
804f18bd 8b4018 mov eax,dword ptr [eax+18h]
804f18c0 85c0 test eax,eax
804f18c2 7409 je nt!IoGetLowerDeviceObject+0x33 (804f18cd)
804f18c4 8bf0 mov esi,eax
804f18c6 8bce mov ecx,esi
804f18c8 e8e15b0300 call nt!ObfReferenceObject (805274ae)
804f18cd 6a0a push 0Ah
804f18cf 8ad3 mov dl,bl
804f18d1 59 pop ecx
804f18d2 ff1530914d80 call dword ptr [nt!_imp_KeReleaseQueuedSpinLock (804d9130)]
804f18d8 8bc6 mov eax,esi
804f18da 5e pop esi
804f18db 5b pop ebx
804f18dc 5d pop ebp
804f18dd c20400 ret 4
IoGetLowerDeviceObject will exit from
804f18b7 f640100f test byte ptr [eax+10h],0Fh
(ExtensionFlags & 0x0F)
I think the data is corrupt, coz ExtensionFlags cannot be 0x899c0f18 which
looks like an address.
Haibo
-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of xxxxx@sina.com
Sent: Thursday, March 19, 2009 5:05 PM
To: Windows System Software Devs Interest List
Subject: RE:[ntdev] How to get the lower device in stack?
here you are:
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
3: kd> u IoGetLowerDeviceObject
nt!IoGetLowerDeviceObject:
804f189a 8bff mov edi,edi
804f189c 55 push ebp
804f189d 8bec mov ebp,esp
804f189f 53 push ebx
804f18a0 56 push esi
804f18a1 6a0a push 0Ah
804f18a3 59 pop ecx
804f18a4 ff1528914d80 call dword ptr [nt!_imp_KeAcquireQueuedSpinLock
(804d9128)]
3: kd> u
nt!IoGetLowerDeviceObject+0x10:
804f18aa 8ad8 mov bl,al
804f18ac 8b4508 mov eax,dword ptr [ebp+8]
804f18af 8b80b0000000 mov eax,dword ptr [eax+0B0h]
804f18b5 33f6 xor esi,esi
804f18b7 f640100f test byte ptr [eax+10h],0Fh
804f18bb 7510 jne nt!IoGetLowerDeviceObject+0x33 (804f18cd)
804f18bd 8b4018 mov eax,dword ptr [eax+18h]
804f18c0 85c0 test eax,eax
3: kd> u
nt!IoGetLowerDeviceObject+0x28:
804f18c2 7409 je nt!IoGetLowerDeviceObject+0x33 (804f18cd)
804f18c4 8bf0 mov esi,eax
804f18c6 8bce mov ecx,esi
804f18c8 e8e15b0300 call nt!ObfReferenceObject (805274ae)
804f18cd 6a0a push 0Ah
804f18cf 8ad3 mov dl,bl
804f18d1 59 pop ecx
804f18d2 ff1530914d80 call dword ptr [nt!_imp_KeReleaseQueuedSpinLock
(804d9130)]
3: kd> u
nt!IoGetLowerDeviceObject+0x3e:
804f18d8 8bc6 mov eax,esi
804f18da 5e pop esi
804f18db 5b pop ebx
804f18dc 5d pop ebp
804f18dd c20400 ret 4
804f18e0 cc int 3
804f18e1 cc int 3
804f18e2 cc int 3
NTDEV is sponsored by OSR
For our schedule of WDF, WDM, debugging and other seminars visit:
http://www.osr.com/seminars
To unsubscribe, visit the List Server section of OSR Online at
http://www.osronline.com/page.cfm?name=ListServer
Yes, it judges ExtensionFlags.
And I guess that DeviceTree tool use registry to list out the device stack. DeviceTree doesn’t install any driver.
So I will focus on the windbg command “!devstack”.
And another way, I guess that IoAttachDeviceToDeviceStack(…) will save some info into PDO or anywhere, so maybe I need disassemble this function.
What does !devstack output?
Haibo
-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of xxxxx@sina.com
Sent: Thursday, March 19, 2009 5:23 PM
To: Windows System Software Devs Interest List
Subject: RE:[ntdev] How to get the lower device in stack?
Yes, it judges ExtensionFlags.
And I guess that DeviceTree tool use registry to list out the device stack.
DeviceTree doesn’t install any driver.
So I will focus on the windbg command “!devstack”.
And another way, I guess that IoAttachDeviceToDeviceStack(…) will save
some info into PDO or anywhere, so maybe I need disassemble this function.
NTDEV is sponsored by OSR
For our schedule of WDF, WDM, debugging and other seminars visit:
http://www.osr.com/seminars
To unsubscribe, visit the List Server section of OSR Online at
http://www.osronline.com/page.cfm?name=ListServer
Maybe Microsoft ignores ExtensionFlags in some cases unless filesystem.
Dear Haibo, AttachedDevice in DEVICE_OBJECT may help
AttachedDevice points to upper device, not lower.
Haibo
-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of xxxxx@sina.com
Sent: Thursday, March 19, 2009 5:48 PM
To: Windows System Software Devs Interest List
Subject: RE:[ntdev] How to get the lower device in stack?
Dear Haibo, AttachedDevice in DEVICE_OBJECT may help
NTDEV is sponsored by OSR
For our schedule of WDF, WDM, debugging and other seminars visit:
http://www.osr.com/seminars
To unsubscribe, visit the List Server section of OSR Online at
http://www.osronline.com/page.cfm?name=ListServer
Yes, this is a problem.
But if I can’t find a good way to resolve my problem, I can get the stack info from PDO and save the info to a list. So I can resolve my problem in a not-very-good way.
But for now, I will not give up searching a good way.
Which class of driver are you writing? IoGetLowerDeviceObject should be
work for a non file system driver. Make sure there is a lower device
object under you driver object. If you call IoGetLowerDeviceObject to a
PDO which your bus driver create, it should be fail since it’s the
lowest device object in stack.
thanks
wayne
Xing,
What are you trying to accomplish. You should HAVE the lower device object already, you get it as part of AddDevice processing.
Please, tell us what you’re ultimately trying to accomplish and perhaps we can help,
Peter
OSR
Oh,dears. You are right! What I want is this function:
IoGetDiskDeviceObject(…)
===========
IoGetLowerDeviceObject should be
work for a non file system driver.
yes, I have made a mistake. Both cdfs and cdrom driver have a device named “Cdrom0”. And the cdfs’s “Cdrom0” is a PDO .
=============
Please, tell us what you’re ultimately trying to accomplish and perhaps we can
help
I want to find out in disk level(ftdisk, harddisk, cdrom) the partition letter.
Now my current problem is resolved. Thanks very much!