Local variables?

Hi,

If local variables are declared, say in function DriverLoad(), in what
memory are stored? For example.

DriverLoad(…)
{
int x = 100;
.
.
}

Are they located on the stack? If so how much stack space is available for
this function and other functions such as DriverUnload() and the IRP
functions?

Would I be right in thinking that when DriverLoad() is called it will not be
called again until DriverUnload() been called? Do either of these functions
need to be re-entrant?

Please tell me if I am using the wrong newsgroup for this question!

Regards FarmerJo

On the stack, unless you allocate dynamic storage for them, like:

char * x = new char[10];

or

char * x = (char *) malloc(10);

or

char * x = (char *) ExAllocatePool(NonPagedPool, 10);

for example.

I don’t know how big the kernel stack is these days, but it’s not really
useful information anyway, because what matters is how much space is
left on the stack at the point of any particular call.

I assume you mean ‘DriverEntry,’ by ‘DriverLoad;’ if so, it is only
called once, as far as I know.

Good luck,

mm

FarmerJo wrote:

Hi,

If local variables are declared, say in function DriverLoad(), in what
memory are stored? For example.

DriverLoad(…)
{
int x = 100;
.
.
}

Are they located on the stack? If so how much stack space is available for
this function and other functions such as DriverUnload() and the IRP
functions?

Would I be right in thinking that when DriverLoad() is called it will not be
called again until DriverUnload() been called? Do either of these functions
need to be re-entrant?

Please tell me if I am using the wrong newsgroup for this question!

Regards FarmerJo

FarmerJo wrote:

If local variables are declared, say in function DriverLoad(), in what
memory are stored? For example.

DriverLoad(…)
{
int x = 100;
.
.
}

On the stack.

Are they located on the stack? If so how much stack space is available for
this function and other functions such as DriverUnload() and the IRP
functions?

I believe the official message is that a driver should count on having
no more than a page of stack space - 4k bytes. Remember that, in many
cases, a driver is “borrowing” stack from another process.

And that’s 4k for everything, not 4k per routine. Extending the stack
requires a page fault, and lots of driver code cannot be paged.

Would I be right in thinking that when DriverLoad() is called it will not be
called again until DriverUnload() been called? Do either of these functions
need to be re-entrant?

Yes. No. DriverEntry and DriverUnload are called once per driver, not
once per device. DriverEntry is called when the .sys file loads,
DriverUnload is called just before the .sys file unloads.

Please tell me if I am using the wrong newsgroup for this question!

This is the wrong newsgroup for this question. :wink: This mailing list is
for questions and issues about windbg and friends. For general driver
development questions, the ntdev list at osr.com is a good choice, along
with the microsoft.public.development.drivers newsgroup.


Tim Roberts, xxxxx@probo.com
Providenza & Boekelheide, Inc.

and if i hadnt read your post i would have responded use dv for
looking at local variables in windbg :slight_smile: without this smilie

On 3/19/08, Tim Roberts wrote:
> FarmerJo wrote:
> > If local variables are declared, say in function DriverLoad(), in what
> > memory are stored? For example.
> >
> > DriverLoad(…)
> > {
> > int x = 100;
> > .
> > .
> > }
> >
>
> On the stack.
>
> > Are they located on the stack? If so how much stack space is available for
> > this function and other functions such as DriverUnload() and the IRP
> > functions?
> >
>
> I believe the official message is that a driver should count on having
> no more than a page of stack space - 4k bytes. Remember that, in many
> cases, a driver is “borrowing” stack from another process.
>
> And that’s 4k for everything, not 4k per routine. Extending the stack
> requires a page fault, and lots of driver code cannot be paged.
>
> > Would I be right in thinking that when DriverLoad() is called it will not
> be
> > called again until DriverUnload() been called? Do either of these
> functions
> > need to be re-entrant?
> >
>
> Yes. No. DriverEntry and DriverUnload are called once per driver, not
> once per device. DriverEntry is called when the .sys file loads,
> DriverUnload is called just before the .sys file unloads.
>
> > Please tell me if I am using the wrong newsgroup for this question!
> >
>
> This is the wrong newsgroup for this question. :wink: This mailing list is
> for questions and issues about windbg and friends. For general driver
> development questions, the ntdev list at osr.com is a good choice, along
> with the microsoft.public.development.drivers newsgroup.
>
> –
> Tim Roberts, xxxxx@probo.com
> Providenza & Boekelheide, Inc.
>
>
> —
> You are currently subscribed to windbg as: xxxxx@gmail.com
> To unsubscribe send a blank email to xxxxx@lists.osr.com
>