IOCTL IRQL level

WINDBG
1

Hi,
What is the IRQL level of IOCTL interface. The IOCTL is invoked from my application. I do a KeWaitForSingleObject in IOCTL with timeout NULL. I have enabled driver verifier in the target system. My driver crashes at this wait. It says , “cannot wait at DISPATCH_LEVEL” . How come it became dispatch level here? Is it supposed to be PASSIVE LEVEL? Please help.

Thanks,
Subhash

2

The first thing I would do is make a call to KeGetCurrentIrql immediately before your call to KeWaitForSingleObject. Wrap this in an ASSERT and check if the currentIrql==PASSIVE_LEVEL. Work backwards from there. Yes, the IRQL is normally PASSIVE_LEVEL, but that can be raised by calls you might have made such as KeAcquireSpinLock.

----- Original Message -----
From: xxxxx@gmail.com
To: “Kernel Debugging Interest List”
Sent: Monday, March 14, 2011 7:55:43 AM
Subject: [windbg] IOCTL IRQL level

Hi,
What is the IRQL level of IOCTL interface. The IOCTL is invoked from my application. I do a KeWaitForSingleObject in IOCTL with timeout NULL. I have enabled driver verifier in the target system. My driver crashes at this wait. It says , “cannot wait at DISPATCH_LEVEL” . How come it became dispatch level here? Is it supposed to be PASSIVE LEVEL? Please help.

Thanks,
Subhash


WINDBG is sponsored by OSR

For our schedule of WDF, WDM, debugging and other seminars visit:
http://www.osr.com/seminars

To unsubscribe, visit the List Server section of OSR Online at http://www.osronline.com/page.cfm?name=ListServer

3

First have you run PreFast on your driver? If it is something simple like
the driver grabbing a spin lock or other call that raises IRQL PreFast will
find it. If you are prefast clean, then place a breakpoint at the start of
your IOCTL handler, and use !irql to see if you are called at
DISPATCH_LEVEL. If you are not at DISPATCH step through the code using
!irql to localize where the value is changed. If you are at DISPATCH on
entry to the handler, take a look at the stack to see if another driver
could be calling you.

Don Burn (MVP, Windows DKD)
Windows Filesystem and Driver Consulting
Website: http://www.windrvr.com
Blog: http://msmvps.com/blogs/WinDrvr

-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of
xxxxx@gmail.com
Sent: Monday, March 14, 2011 7:56 AM
To: Kernel Debugging Interest List
Subject: [windbg] IOCTL IRQL level

Hi,
What is the IRQL level of IOCTL interface. The IOCTL is invoked from my
application. I do a KeWaitForSingleObject in IOCTL with timeout NULL. I
have enabled driver verifier in the target system. My driver crashes at this
wait. It says , “cannot wait at DISPATCH_LEVEL” . How come it became
dispatch level here? Is it supposed to be PASSIVE LEVEL? Please help.

Thanks,
Subhash

WINDBG is sponsored by OSR

For our schedule of WDF, WDM, debugging and other seminars visit:
http://www.osr.com/seminars

To unsubscribe, visit the List Server section of OSR Online at
http://www.osronline.com/page.cfm?name=ListServer

4

Hi,
Thanks for the reply. I get the IRQL 2 at the very starting of my IOCTL. This is not invoked from any other driver. There is no API that raise the IRQL to DISPATCH_LEVEL.

The stack before IOCTL is given below

Wdf01000!FxIoQueue::DispatchRequestToDriver+0x4b8
Wdf01000!FxIoQueue::DispatchEvents+0x4df
Wdf01000!FxIoQueue::QueueRequest+0x2bc
Wdf01000!FxPkgIo::Dispatch+0x37c
Wdf01000!FxDevice::Dispatch+0xa9
nt!IovCallDriver+0x566
nt!ViFilterDispatchPower+0x62
nt!IovCallDriver+0x566
nt!IopXxxControlFile+0x607
nt!NtDeviceIoControlFile+0x56
nt!KiSystemServiceCopyEnd+0x13

Thanks ,
Subhash

5

Hi,

Read the following about synchronization scope and execution levels.

http://msdn.microsoft.com/en-us/library/ff544763(v=vs.85).aspx

Cheers
Faik

On Tue, Mar 15, 2011 at 10:42 AM, wrote:
> Hi,
> ?Thanks for the reply. I get the IRQL 2 at the very starting of my IOCTL. This is not invoked from any other driver. There is no API that raise the IRQL to DISPATCH_LEVEL.
>
> The stack before IOCTL is given below
>
> Wdf01000!FxIoQueue::DispatchRequestToDriver+0x4b8
> ?Wdf01000!FxIoQueue::DispatchEvents+0x4df
> ?Wdf01000!FxIoQueue::QueueRequest+0x2bc
> ?Wdf01000!FxPkgIo::Dispatch+0x37c
> ?Wdf01000!FxDevice::Dispatch+0xa9
> ?nt!IovCallDriver+0x566
> ?nt!ViFilterDispatchPower+0x62
> ?nt!IovCallDriver+0x566
> ?nt!IopXxxControlFile+0x607
> ?nt!NtDeviceIoControlFile+0x56
> ?nt!KiSystemServiceCopyEnd+0x13
>
>
>
> Thanks ,
> Subhash
>
> —
> WINDBG is sponsored by OSR
>
> For our schedule of WDF, WDM, debugging and other seminars visit:
> http://www.osr.com/seminars
>
> To unsubscribe, visit the List Server section of OSR Online at http://www.osronline.com/page.cfm?name=ListServer
>

6

Awesome… Thanks Faik. I was using WdfSynchronizationScopeDevice. When it is changed to ‘None’, IOCTL stays in passive_level.

Regards,
Subhash

7

Be aware that now all of your top level queue callbacks can run concurrently, where before they were serialized against each other. you probably now have some fun race conditions in your code that you need to fix.

d

-----Original Message-----
From: xxxxx@lists.osr.com [mailto:xxxxx@lists.osr.com] On Behalf Of xxxxx@gmail.com
Sent: Tuesday, March 15, 2011 5:09 AM
To: Kernel Debugging Interest List
Subject: RE:[windbg] IOCTL IRQL level

Awesome… Thanks Faik. I was using WdfSynchronizationScopeDevice. When it is changed to ‘None’, IOCTL stays in passive_level.

Regards,
Subhash

WINDBG is sponsored by OSR

For our schedule of WDF, WDM, debugging and other seminars visit:
http://www.osr.com/seminars

To unsubscribe, visit the List Server section of OSR Online at http://www.osronline.com/page.cfm?name=ListServer

8

yes. There will be race conditions. I wanted to know why it is passive level?

Thanks for the help.

Regards,
Subhash

9

> I wanted to know why it is passive level?

Because handling of i/o requests (system calls) begins at passive level.

–pa