Win16Mutex

Hi!

Since Win9x mail list seems to be dead, I will post that question here.
Sorry for OOT (kinda).

How can I check from a VxD that Win16Mutex is acquired? And I also remember
that there was some kind of Win32Mutex that has the same effect (prevents
the driver from calling into Ring3). Can anybody confirm or decline that?

Thanks in advance,

Vladimir


You are currently subscribed to ntfsd as: $subst(‘Recip.EmailAddr’)
To unsubscribe send a blank email to leave-ntfsd-$subst(‘Recip.MemberIDChar’)@lists.osr.com

OK, let me rephrase the question :wink:

How can I get to Thread Information Block (TIB) or Thread Database (TDB)
structure from VxD? I know that it’s possible (because SoftIce displays that
information). This is really a stopper for me so I would highly appreciate
any hints on this matter!

TIA,

Vladimir

-----Original Message-----
From: Chtchetkine, Vladimir [mailto:xxxxx@Starbase.com]
Sent: Friday, March 02, 2001 4:40 PM
To: File Systems Developers
Subject: [ntfsd] Win16Mutex

Hi!

Since Win9x mail list seems to be dead, I will post that question here.
Sorry for OOT (kinda).

How can I check from a VxD that Win16Mutex is acquired? And I also remember
that there was some kind of Win32Mutex that has the same effect (prevents
the driver from calling into Ring3). Can anybody confirm or decline that?

Thanks in advance,

Vladimir


You are currently subscribed to ntfsd as: xxxxx@Starbase.com
To unsubscribe send a blank email to leave-ntfsd-$subst(‘Recip.MemberIDChar’)@lists.osr.com


You are currently subscribed to ntfsd as: $subst(‘Recip.EmailAddr’)
To unsubscribe send a blank email to leave-ntfsd-$subst(‘Recip.MemberIDChar’)@lists.osr.com

Win16MutexI do not have the information handy and it has been almost a year
since I have dealt with Windoze 9x. However, if you can locate the copy of
Matt Pietrek’s book titled “Windows 95 System Programming Secrets”, you will
find all of the information that you need. A few of the addresses and data
structures have changed from 95 to 98+, but those are easy to locate and
change based on the version of the OS.

Anyway, if you follow the data structures outlined in Pietrek’s book, you
can find your way to the WIN16MUTEX.

The WIN16MUTEX is a nasty little bugger. IF you are executing IOS code and
are wanting to check for the WIN16MUTEX to see if you re going to dead-lock,
good luck. If you have any luck, please let me know.

Jamey

-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com]On Behalf Of Chtchetkine, Vladimir
Sent: Sunday, March 04, 2001 9:17 AM
To: File Systems Developers
Subject: [ntfsd] RE: Win16Mutex

OK, let me rephrase the question :wink:

How can I get to Thread Information Block (TIB) or Thread Database (TDB)
structure from VxD? I know that it’s possible (because SoftIce displays that
information). This is really a stopper for me so I would highly appreciate
any hints on this matter!

TIA,

Vladimir
-----Original Message-----
From: Chtchetkine, Vladimir [mailto:xxxxx@Starbase.com]
Sent: Friday, March 02, 2001 4:40 PM
To: File Systems Developers
Subject: [ntfsd] Win16Mutex

Hi!

Since Win9x mail list seems to be dead, I will post that question here.
Sorry for OOT (kinda).

How can I check from a VxD that Win16Mutex is acquired? And I also
remember that there was some kind of Win32Mutex that has the same effect
(prevents the driver from calling into Ring3). Can anybody confirm or
decline that?

Thanks in advance,

Vladimir


You are currently subscribed to ntfsd as: xxxxx@Starbase.com
To unsubscribe send a blank email to leave-ntfsd-$subst(‘Recip.MemberIDChar’)@lists.osr.com

You are currently subscribed to ntfsd as: xxxxx@storagecraft.com
To unsubscribe send a blank email to leave-ntfsd-$subst(‘Recip.MemberIDChar’)@lists.osr.com


You are currently subscribed to ntfsd as: $subst(‘Recip.EmailAddr’)
To unsubscribe send a blank email to leave-ntfsd-$subst(‘Recip.MemberIDChar’)@lists.osr.com

Hello Vladimir,

Provided that you’re in the context of a win32 thread this should
work:

pTib NAKED GetTib()
{
__asm {
mov eax, fs:[0x18]
ret
}
}

pTDB NAKED GetTDB()
{
__asm {
mov eax,fs:[0x18]
sub eax, 0x10
ret
}
}

The TIB is in win9x pointed to by FS:0 in a win32 thread context. This
is somewhat difficult to reference in C code so fortunately an
ordinary flat pointer is contained within the TIB at position 0x18.
Regarding the TDB we can utilize the fact that the TIB is itself a
member of the TDB and thus the TDB’s address is relative to the tib’s
in a linear fashion. Beyound the limited documentation provided in
ntddk.h for nt version 3.51 this is all undocumented and I’ve not
verified that this sticks beyound version 98 First edition. A good
however somewhat old reference is Pietrek’s Windows 95 Systems
Programming Secrets.

Regards,
Anders Fogh

Sunday, March 04, 2001, 9:17:26 AM, you wrote:

CV> OK, let me rephrase the question :wink:

CV> How can I get to Thread Information Block (TIB) or Thread Database (TDB)
CV> structure from VxD? I know that it’s possible (because SoftIce displays that
CV> information). This is really a stopper for me so I would highly appreciate
CV> any hints on this matter!

CV> TIA,

CV> Vladimir

CV> -----Original Message-----
CV> From: Chtchetkine, Vladimir [mailto:xxxxx@Starbase.com]
CV> Sent: Friday, March 02, 2001 4:40 PM
CV> To: File Systems Developers
CV> Subject: [ntfsd] Win16Mutex

CV> Hi!

CV> Since Win9x mail list seems to be dead, I will post that question here.
CV> Sorry for OOT (kinda).

CV> How can I check from a VxD that Win16Mutex is acquired? And I also remember
CV> that there was some kind of Win32Mutex that has the same effect (prevents
CV> the driver from calling into Ring3). Can anybody confirm or decline that?

CV> Thanks in advance,

CV> Vladimir

CV> —
CV> You are currently subscribed to ntfsd as: xxxxx@Starbase.com
CV> To unsubscribe send a blank email to leave-ntfsd-$subst(‘Recip.MemberIDChar’)@lists.osr.com

CV> —
CV> You are currently subscribed to ntfsd as: xxxxx@flaffer.com
CV> To unsubscribe send a blank email to leave-ntfsd-$subst(‘Recip.MemberIDChar’)@lists.osr.com


Best regards,
Anders mailto:xxxxx@flaffer.com


You are currently subscribed to ntfsd as: $subst(‘Recip.EmailAddr’)
To unsubscribe send a blank email to leave-ntfsd-$subst(‘Recip.MemberIDChar’)@lists.osr.com

RE: [ntfsd] RE: Win16MutexI did not mean for it to sound sarcastic. Only
that I have not had much luck trying to prevent the deadlock. So what if I
know that the WIN16MUTEX is held. how does that tell me what to do next? If
it is a WIN16 application or DLL that is requesting I/O, the I/O must be
processed and completed with the WIN16MUTEX held. What would you be
returning? How would you make the request get re-issued without the
WIN16MUTEX held.

I am very interested in what you have to say on the matter and what you
discover. I have some drivers I would like to revisit if new information on
dealing with the WIN16MUTEX is discovered.

Jamey
-----Original Message-----
From: Chtchetkine, Vladimir [mailto:xxxxx@Starbase.com]
Sent: Sunday, March 04, 2001 2:41 PM
To: 'Jamey Kirby ’
Subject: RE: [ntfsd] RE: Win16Mutex

Jamey: thanks for the tip, but the book you’re referring, although is very
usefull, doesn’t give me a clue how to get what I need in Ring0. It explains
how to get needed structures in Ring3, but I can’t use that in VxD.

IF you are executing IOS code and are wanting to check for the
> WIN16MUTEX to see if you re going to dead-lock, good luck.

This sounds very sarcastic. So, do yuu mind to explain what you really
mean? Why do you think that knowing that win16mutex is aquired will not help
me preventing deadlock?

Regards,

Vladimir

-----Original Message-----
From: Jamey Kirby
To: File Systems Developers
Sent: 3/4/01 2:01 PM
Subject: [ntfsd] RE: Win16Mutex

I do not have the information handy and it has been almost a year since
I have dealt with Windoze 9x. However, if you can locate the copy of
Matt Pietrek’s book titled “Windows 95 System Programming Secrets”, you
will find all of the information that you need. A few of the addresses
and data structures have changed from 95 to 98+, but those are easy to
locate and change based on the version of the OS.

Anyway, if you follow the data structures outlined in Pietrek’s book,
you can find your way to the WIN16MUTEX.

The WIN16MUTEX is a nasty little bugger. IF you are executing IOS code
and are wanting to check for the WIN16MUTEX to see if you re going to
dead-lock, good luck. If you have any luck, please let me know.

Jamey

-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com]On Behalf Of Chtchetkine,
Vladimir
Sent: Sunday, March 04, 2001 9:17 AM
To: File Systems Developers
Subject: [ntfsd] RE: Win16Mutex

OK, let me rephrase the question :wink:

How can I get to Thread Information Block (TIB) or Thread Database (TDB)
structure from VxD? I know that it’s possible (because SoftIce displays
that information). This is really a stopper for me so I would highly
appreciate any hints on this matter!

TIA,

Vladimir

-----Original Message-----
From: Chtchetkine, Vladimir [mailto:xxxxx@Starbase.com]
Sent: Friday, March 02, 2001 4:40 PM
To: File Systems Developers
Subject: [ntfsd] Win16Mutex

Hi!

Since Win9x mail list seems to be dead, I will post that question here.
Sorry for OOT (kinda).

How can I check from a VxD that Win16Mutex is acquired? And I also
remember that there was some kind of Win32Mutex that has the same effect
(prevents the driver from calling into Ring3). Can anybody confirm or
decline that?

Thanks in advance,

Vladimir


You are currently subscribed to ntfsd as: xxxxx@Starbase.com
To unsubscribe send a blank email to leave-ntfsd-$subst(‘Recip.MemberIDChar’)@lists.osr.com


You are currently subscribed to ntfsd as: xxxxx@storagecraft.com
To unsubscribe send a blank email to leave-ntfsd-$subst(‘Recip.MemberIDChar’)@lists.osr.com


You are currently subscribed to ntfsd as: xxxxx@Starbase.com
To unsubscribe send a blank email to leave-ntfsd-$subst(‘Recip.MemberIDChar’)@lists.osr.com


You are currently subscribed to ntfsd as: $subst(‘Recip.EmailAddr’)
To unsubscribe send a blank email to leave-ntfsd-$subst(‘Recip.MemberIDChar’)@lists.osr.com

I had the same problem few years ago with Win32Mutex on Windows 95 (because
I was calling back ring 3) In order to avoid the deadlock, I think you
simply have to hack it.
If you find the location where Win32Mutex was grabbed, you can somehow come
up with the way to trap it into your driver when thread hits the
code. Once the thread is in your driver, you can do few necessary checking
and do something to avoid grabbing the lock (skip the code? or something
like that…)

The issues are of course: You have to make sure whether your code still
work with different windows OS versions. The system may become unstable.

It is very undesirable to change the OS behavior. But as far as I know
there are not any better solution to avoid the dead lock. I do not know
the story for Windows 98, etc though…

For Win16Mutex, it seemed like the mutex was grabbed from lots of
places. But I did not have to deal with it.

At 03:13 PM 03/04/2001 -0800, you wrote:

I did not mean for it to sound sarcastic. Only that I have not had much
luck trying to prevent the deadlock. So what if I know that the WIN16MUTEX
is held. how does that tell me what to do next? If it is a WIN16
application or DLL that is requesting I/O, the I/O must be processed and
completed with the WIN16MUTEX held. What would you be returning? How would
you make the request get re-issued without the WIN16MUTEX held.

I am very interested in what you have to say on the matter and what you
discover. I have some drivers I would like to revisit if new information
on dealing with the WIN16MUTEX is discovered.

Jamey
-----Original Message-----
From: Chtchetkine, Vladimir [mailto:xxxxx@Starbase.com]
Sent: Sunday, March 04, 2001 2:41 PM
To: 'Jamey Kirby ’
Subject: RE: [ntfsd] RE: Win16Mutex

Jamey: thanks for the tip, but the book you’re referring, although is very
usefull, doesn’t give me a clue how to get what I need in Ring0. It
explains how to get needed structures in Ring3, but I can’t use that in VxD.
> IF you are executing IOS code and are wanting to check for the
> WIN16MUTEX to see if you re going to dead-lock, good luck.

This sounds very sarcastic. So, do yuu mind to explain what you really
mean? Why do you think that knowing that win16mutex is aquired will not
help me preventing deadlock?
Regards,

Vladimir

-----Original Message-----
From: Jamey Kirby
To: File Systems Developers
Sent: 3/4/01 2:01 PM
Subject: [ntfsd] RE: Win16Mutex

I do not have the information handy and it has been almost a year since
I have dealt with Windoze 9x. However, if you can locate the copy of
Matt Pietrek’s book titled “Windows 95 System Programming Secrets”, you
will find all of the information that you need. A few of the addresses
and data structures have changed from 95 to 98+, but those are easy to
locate and change based on the version of the OS.

Anyway, if you follow the data structures outlined in Pietrek’s book,
you can find your way to the WIN16MUTEX.

The WIN16MUTEX is a nasty little bugger. IF you are executing IOS code
and are wanting to check for the WIN16MUTEX to see if you re going to
dead-lock, good luck. If you have any luck, please let me know.

Jamey

-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxxmailto:xxxxx@lists.osr.com]On
>Behalf Of Chtchetkine,
>Vladimir
>Sent: Sunday, March 04, 2001 9:17 AM
>To: File Systems Developers
>Subject: [ntfsd] RE: Win16Mutex
>
>
>
>OK, let me rephrase the question :wink:
>
>How can I get to Thread Information Block (TIB) or Thread Database (TDB)
>structure from VxD? I know that it’s possible (because SoftIce displays
>that information). This is really a stopper for me so I would highly
>appreciate any hints on this matter!
>
>TIA,
>
>Vladimir
>
>-----Original Message-----
>From: Chtchetkine, Vladimir
>[mailto:xxxxxmailto:xxxxx@Starbase.com]
>Sent: Friday, March 02, 2001 4:40 PM
>To: File Systems Developers
>Subject: [ntfsd] Win16Mutex
>
>
>
>Hi!
>Since Win9x mail list seems to be dead, I will post that question here.
>Sorry for OOT (kinda).
>How can I check from a VxD that Win16Mutex is acquired? And I also
>remember that there was some kind of Win32Mutex that has the same effect
>(prevents the driver from calling into Ring3). Can anybody confirm or
>decline that?
>
>Thanks in advance,
>Vladimir
>—
>You are currently subscribed to ntfsd as: xxxxx@Starbase.com
>To unsubscribe send a blank email to leave-ntfsd-$subst(‘Recip.MemberIDChar’)@lists.osr.com
>—
>You are currently subscribed to ntfsd as: xxxxx@storagecraft.com
>To unsubscribe send a blank email to leave-ntfsd-$subst(‘Recip.MemberIDChar’)@lists.osr.com
>—
>You are currently subscribed to ntfsd as: xxxxx@Starbase.com
>To unsubscribe send a blank email to leave-ntfsd-$subst(‘Recip.MemberIDChar’)@lists.osr.com
>—
>You are currently subscribed to ntfsd as: xxxxx@halcyon.com
>To unsubscribe send a blank email to leave-ntfsd-$subst(‘Recip.MemberIDChar’)@lists.osr.com


You are currently subscribed to ntfsd as: $subst(‘Recip.EmailAddr’)
To unsubscribe send a blank email to leave-ntfsd-$subst(‘Recip.MemberIDChar’)@lists.osr.com</mailto:xxxxx></mailto:xxxxx>