Come Here For The Fundamentals
 Whether you're new to writing drivers on Windows, or you just want to bone-up on some core concepts, this is the section you'll want.
The Basics contains articles on fundamental concepts of Windows driver writing and systems internals. From articles on basic techniques to answers to your frequently asked questions, you'll find it here.
It's All About The Basics
OSR Staff (Read 827 times)
Check this section for information that's fundamental to driver development on Windows.
Where's The Checked Build?
Hector J. Rodriguez (Read 56874 times)
Lookin' to download Checked Builds for Windows 2000, Windows XP, or Windows Server 2003, or any of their service packs? Here are the pointers you need.
The Community Steps Up: VisualDDK
The NT Insider, Volume 16, Issue 4, Nov-Dec 2009 (Read 2347 times)
Folks have been talking about finding ways to take advantage of the Visual Studio interface for driver development and debugging for years. Finally, someone in the community has stepped up to offer an alternative.
Win7 Mysteries: Crash Dump Oddities
The NT Insider, Volume 16, Issue 4, Nov-Dec 2009 (Read 1781 times)
The "newness" of Win7 will likely continue for some time, as will instances of kernel devs finding interesting "features" that will require re-learning of how their daily work is carried out. This article covers some changes in how Win7 systems take crash dumps.
Don't Waste Your Time: You Can Afford a USB Analyzer
The NT Insider, Vol 15, Issue 3, Sept - Oct 2008 (Read 1538 times)
A digression into USB analyzers and why you don't have to back up a dump truck full of money to obtain an easy-to-use analyzer for your USB-specific development needs.
Kernel Mode Basics: Splay Trees
The NT Insider, Vol 15, Issue 1, March - April 2008 (Read 3116 times)
Another article in a continuing series on Windows kernel mode basics, this issue's topic is that of Windows "Splay Trees".
A Common Topic Explained - Sharing Memory Between Drivers and Applications
The NT Insider, Vol 14, Issue 4, November - December 2007 (Read 14889 times)
At one time or another, most driver writers will have the need to share memory between a driver and a user-mode program...
Kernel-Mode Basics: Windows Linked Lists
The NT Insider, Vol 14, Issue 3, September - October 2007 (Read 5182 times)
What? You weren't born knowing how InsertHeadList works, and what LIST_ENTRY does? Well, let us tell you then.
MmGetSystemRoutineAddress IS BROKEN!?
OSR Staff (Read 11968 times)
Yikes! Can it be that the widely publicized and used function MmGetSystemRoutineAddress can blue screen on XP SP2?? Well...
Starting Out: M Versus F
The NT Insider, Vol 14, Issue 2, March - April 2007 (Read 2517 times)
Developing Windows WDM drivers is often described as an enormous vertical climb that requires a great amount of knowledge and experience. Can you be a competent driver developer if you just learn WDF, or do you still have to expend the effort required to learn all the details of WDM? That's the question we'll explore in this article.
More on MDLs - MDLs Are Opaque
The NT Insider, Vol 13, Issue 2, March - April 2006 (Read 15393 times)
If MDLs are opaque, what's the right way to gain access to their contents? This article, a follow-on to our article on MDLs, discusses the various methods that are provided for access to the fields in the MDL object.
USB 2.0 Debugging
OSR Staff (Read 28269 times)
Did you know that debugging over USB 2.0 actually works? Well, it does.
Getting DbgPrint Output To Appear In Longhorn
Hector J. Rodriguez (Read 44260 times)
You build the checked version of your driver and run it on Vista for the first time. And, what happens? You don't see any of your driver's DbgPrint messages displayed in WinDbg! What happened? Let me tell you (updated for build 5308, the Feb CTP)...
Look Out For Vista -- Testing Drivers on 5308
Hector J. Rodriguez (Read 19137 times)
Started using Vista for testing your drivers yet? If not, you'll have a few little things you need to figure out. Like, how to log on as Administrator, enable debugging or install a partially checked build.
Download The Server 2003 SP1 DDK (and KMDF)
Hector J. Rodriguez (Read 21470 times)
The DDK has always been available "free" -- But it's been years since it was available for immediate download. But, guess what? It's back!!
Beware the (boot)strap
Hector J. Rodriguez (Read 9672 times)
Living with 64-bit Windows has its pitfalls. Of course, one way to deal with this is to keep two different versions installed - but beware if you try to do this from the same boot image.
Partially Checked Service Packs
Hector J. Rodriguez (Read 16467 times)
If you need a hint as to how you use the checked-build downloads that Microsoft provides, check out this note, with contributions from community member and driver expert Jim Donelson.
Why Is The IRQL Always 0xFF When I Do !PCR?
Hector J. Rodriguez (Read 12719 times)
When you're in the debugger, and you type !PCR, the IRQL that's shown is always 0xFF. Can you logically conclude from this that the system had interrupts disabled when it crashed? Microsoft's Jake Oshins gives us the story.
No Deadlock Verification on x64 UP Systems
Hector J. Rodriguez (Read 8010 times)
Deadlock verification is a feature of Driver Verifier that monitors the order in which your driver acquires various locks. It's a great feature. Just don't expect it to work on single processor x64 (i.e. Windows-64) systems.
Don't __try to Catch The DbgBreakPoint(...) Exception
Hector J. Rodriguez (Read 8877 times)
I've used it myself. Now, it seems, it hasn't worked the way I thought it worked for years. Community members Ralph Shnelvar and Jamey Kirby discovered a cool bug related to trying to catch the exception raised by DbgBreakPoint()
Need help with WPP tracing?
Hector J. Rodriguez (Read 9304 times)
WPP got you down? It seems like everyone wants to using WPP tracing, but not everyone is able to get it working. Here's a three pack of tips from the battlefront that might save you some time...
I Hooked Up The Debugger Using 1394, and NOW...
Hector J. Rodriguez (Read 12828 times)
If you've hooked up the debugger via 1394, you reboot, and your target system is running vvvveeeeeerrrryyyy sllooooowwww or you keep losing your debugger connection, here's why.
WHICH DDK Do I Use??
Hector J. Rodriguez (Read 15493 times)
"Hector... Which DDK and build environment do I use for drivers that are for Windows XP 64-Bit Edition for the X64?" I knew it had to be confusing, because this was a member of the OSR staff asking me this question. OK, let me explain it again...
Getting Started Writing Windows Drivers
OSR Staff (Read 177482 times)
Would you believe this is among the most frequently read articles on OSR Online? It is, with over twenty thousand people having read it so far.
So, you want to learn how to write Windows device drivers but you're not sure where to start? Having assisted thousands of developers get up to speed on writing drivers, we figured it was about time that we offered some "getting started" resources to newbie driver writers. While not intended to be an exhaustive driver writer FAQ, the list below is a compilation of common questions (and answers, of course!) we hear from those new to the driver space.
Last Updated: 14 March 2005
Device Manager Error Codes
Hector J. Rodriquez (Read 14982 times)
Have you ever wondered what the Device Manager Error Codes mean? A recent KB article explains each Error Code and provides solutions.
Bugchecks Explained: NO_MORE_IRP_STACK_LOCATIONS
OSR Staff (Read 67706 times)
What causes the NO_MORE_IRP_STACK_LOCATIONS bugcheck? In our continuing series of articles on common bugcheck codes, we reveal all.
Bugchecks Explained: KERNEL_DATA_INPAGE_ERROR
OSR Staff (Read 66365 times)
Did your system ever die with KERNEL_DATA_INPAGE_ERROR? Here's what it means.
Bugchecks Explained: PAGE_FAULT_IN_NONPAGED_AREA
OSR Staff (Read 206093 times)
Ever wonder what causes the particularly illogical sounding bugcheck PAGE_FAULT_IN_NONPAGED_AREA? Here are the details, including how to debug the problem and what you might need to look at in your driver to fix it.
Bugchecks Explained: PFN_LIST_CORRUPT
OSR Staff (Read 264731 times)
Ever wonder what causes the bugcheck PFN_LIST_CORRUPT? Here are the details.
How Do I Replace A System File? Try .KDFILES
OSR Staff (Read 15667 times)
The DDK and IFS Kit include buildable drivers but the system file protection feature in Windows makes it difficult to replace the file. This article describes a simple techinque, using the kernel debugger, to replace that file and bypass system file protection.
DDI's That Raise An Exception
(Read 7574 times)
Most Windows Driver Development Interfaces (DDIs) indicate their success or failure by returning a status. But did you know that some also raise exceptions? Here's the list, thanks to NTDEV/NTFSD member (and driver expert) Nick Ryan.
Kernel Driver Frequestly Asked Questions (FAQ)
By The Members of NTDEV and NTFSD (Read 29880 times)
The members of the NTDEV and NTFSD lists answer countless questions on the basic techniques of driver writing. This article is an on-going attempt to capture many of the Frequently Asked Questions and their answers.
Changes from Win2K to WinXP
OSR Staff (Read 17056 times)
When the question came up on the the NTDEV List Server forum recently about what new Driver Development Interfaces (DDIs) were added between Windows 2000 and Windows XP we became both amused and intrigued. We were amused because nobody here could remember that far back. We were intrigued at what we found when we actually spent some time looking into the answer.
Which DDIs Were Introduced In Which DDK?
OSR Staff (Read 11931 times)
If you're writing drivers that work across multiple versions of Windows, you might want to know which DDIs were introduced with each version of Windows, starting with Windows 2000. Here's that table, alphabetically arranged. We will keep this list updated as new versions of the DDK are introduced. So, you can count on this being a "standard feature" here on OSR Online.
Exactly What Is A Driver?
OSR Staff (Read 29264 times)
This article just describes what a driver basically is...a newbie perspective...
What is a Thread?
OSR Staff (Read 17668 times)
This article describes the basics of the term thread and how it is used within Windows.
What is Real Mode?
OSR Staff (Read 22397 times)
The x86 (IA-32) processor can run in different addressing modes, one of which is called Real Mode. This article provides a basic description of real mode processing and its applicability to modern Windows.
What Are Rings
OSR Staff (Read 18871 times)
A term that is still sometimes heard with respect to windows is "ring". This short article explains the term and how it applies to modern Windows...
So What Is A Page Fault?
OSR Staff (Read 103537 times)
Windows is a Demand Paged Virtual Memory System. This means it relies upon a page translation mechanism to map from the memory addresses used by the CPU to the memory addresses used by the computer. This article explains one of the basic concepts in this process - the "page fault".
Resolving Symbol Problems in WinDBG
OSR Staff (Read 60448 times)
Setting up symbols for the WinDBG debugger is often something that gives first time users a problem. This article discusses the basics of setting up symbols with WinDBG and how to diagnose problems.
Rules for Irp Dispatching and Completion Routines
By The Members of NTDEV and NTFSD (Read 18727 times)
If you're new to writing Windows drivers, you probably think IRP handling is "no big thing." After all, you just call IoMarkIrpPending if you need to, and return an appropriate status from your dispatch routine, right? And IRP completion routines probably seem pretty straight forward too, right?
Well, surprise! Once you get beyond the basics, the details of IRP handling is a mine field. Sometimes even trying to do something "simple" can get you in trouble!
This artile presents a set of rules on IRP handling that were developed by the expert members of the Windows system software community (via the NTDEV and NTFSD lists). Read 'em, follow 'em, and you'll stay out of trouble (and save yourself a ton of time in the process).
|
|
