Jump-start your project by learning from devs who
write Windows drivers and file systems every day.
Take an OSR seminar!

OSR is Hiring! Click here to find out more.

Upcoming OSR Seminars:
Writing WDF Drivers for Windows Lab, Palo Alto, CA 28 April-2 May, 2014
Advanced WDF Driver Lab, Palo Alto, CA 5-8 May, 2014
Developing File Systems for Windows, Boston/Waltham, MA 13-16 May, 2014
Windows Internals & Software Drivers Lab, Dulles/Sterling, VA, CA 23-27 June, 2014


Go Back   OSR Online Lists > ntdev
Welcome, Guest
You must login to post to this list
  Message 1 of 29  
10 Jan 07 07:09
nayan Kumar
xxxxxx@hotmail.com
Join Date: 26 Jun 2006
Posts To This List: 90
How to communicate from kernel mode to user mod app

Hi All, i want to know is there any way so that i can send a message from kernel mode to user mode app for notification. i have requirment of notifing the user mode app with interrupt register value when i am getting any interrupt that has been generated from my device.as far as handling interrupt is concern i am doing that successfully in kernel side . i also want to know how to use callback function feature for communicating with the user mode application. any pointer tutorial that can help me to solve this problem. Best Regards Nayan _________________________________________________________________ Catch all the cricketing action right here. Live score, match reports, photos et al. http://content.msn.co.in/Sports/Cricket/Default.aspx
  Message 2 of 29  
10 Jan 07 07:21
Maxim S. Shatskih
xxxxxx@storagecraft.com
Join Date: 20 Feb 2003
Posts To This List: 9274
Re: How to communicate from kernel mode to user mod app

Send the overlapped IOCTL from the app. In the driver, pend it till there will be a need to send a message. When such a need occurs, fill the IOCTL IRP's buffer and complete the IRP. Do not forget to provide the IRP cancellation in this driver, or the app will be unable to exit. This technique is called the "inverted call". -- Maxim Shatskih, Windows DDK MVP StorageCraft Corporation xxxxx@storagecraft.com http://www.storagecraft.com "nayan kumar" <xxxxx@hotmail.com> wrote in message news:85937@ntdev... > Hi All, > i want to know is there any way so that i can send a message from > kernel mode to user mode app for notification. i have requirment of notifing > the user mode app with interrupt register value when i am getting any > interrupt that has been generated from my device.as far as handling > interrupt is concern i am doing that successfully in kernel side . > > i also want to know how to use callback function feature for communicating > with the user mode application. > <...excess quoted lines suppressed...>
  Message 3 of 29  
10 Jan 07 07:25
Jeff Henkels
xxxxxx@macromail.net
Join Date: 10 Sep 2003
Posts To This List: 8
Re: How to communicate from kernel mode to user mod app

"nayan kumar" <xxxxx@hotmail.com> wrote in message news:85937@ntdev... > Hi All, > i want to know is there any way so that i can send a message from > kernel mode to user mode app for notification. i have requirment of > notifing the user mode app with interrupt register value when i am getting > any interrupt that has been generated from my device.as far as handling > interrupt is concern i am doing that successfully in kernel side . > > i also want to know how to use callback function feature for communicating > with the user mode application. > <...excess quoted lines suppressed...> Communication from kernel to user mode is usually done via the inverted call technique. See http://www.osronline.com/article.cfm?id=94 for an example.
  Message 4 of 29  
10 Jan 07 08:39
Mike Kemp
xxxxxx@sintefex.com
Join Date: 30 May 2006
Posts To This List: 239
Re: How to communicate from kernel mode to user mod app

Another way (rather than wait on an overlapped call) is to pass in an event from the user code. (This is thanks to Walter Oney, see "Programming the MS Windows Driver Model, 2nd ed) The kernel needs to get a safe reference to the event the user passes in... PKEVENT pkNotifyAppEvent; ntStatus = ObReferenceObjectByHandle(userEvent, EVENT_MODIFY_STATE, *ExEventObjectType, Irp->RequestorMode, (PVOID*) &pkNotifyAppEvent, NULL); //if okay pDeviceExtension->pNotifyApp = pkNotifyAppEvent; //...don't forget to deref once finished with... The kernel can set this event when the user must take same action: KeSetEvent(pDeviceExtension->pNotifyAppEvent, EVENT_INCREMENT, FALSE); A user mode thread can wait on the event and when it is triggered, call into the driver to find out what the result was. while(true) { //can wait forever but you may want to check every 100mS if you should give up result = WaitForSingleObject(userEvent, 100); //wait up to 100mS // if it happened, inquire here } This way the user inquires rather than being "called back" by the kernel, which I doubt is possible. - Mike ----- Original Message ----- From: nayan kumar To: Windows System Software Devs Interest List Sent: Wednesday, January 10, 2007 12:08 PM Subject: [ntdev] How to communicate from kernel mode to user mod app Hi All, i want to know is there any way so that i can send a message from kernel mode to user mode app for notification. i have requirment of notifing the user mode app with interrupt register value when i am getting any interrupt that has been generated from my device.as far as handling interrupt is concern i am doing that successfully in kernel side . i also want to know how to use callback function feature for communicating with the user mode application. any pointer tutorial that can help me to solve this problem. Best Regards Nayan _________________________________________________________________ Catch all the cricketing action right here. Live score, match reports, photos et al. http://content.msn.co.in/Sports/Cricket/Default.aspx --- Questions? First check the Kernel Driver FAQ at http://www.osronline.com/article.cfm?id=256 To unsubscribe, visit the List Server section of OSR Online at http://www.osronline.com/page.cfm?name=ListServer
  Message 5 of 29  
10 Jan 07 12:29
Doron Holan
xxxxxx@Microsoft.com
Join Date: 08 Sep 2005
Posts To This List: 8860
RE: How to communicate from kernel mode to user mod app

I don't like the shared event for two reasons 1) there is no data associated with it so you still have to send the IOCTL 2) there is no count associated with it, so if 2 interrupts occurred before the wait on the event was satisfied by the application, the app does not know about the data from the 2nd interrupt Pending the IOCTL satifies the requirements very well. The app can still wait on an IOCTL or synchronous I/O call and then when the wait is satisfied, the data is in hand. d
  Message 6 of 29  
10 Jan 07 13:56
Maxim S. Shatskih
xxxxxx@storagecraft.com
Join Date: 20 Feb 2003
Posts To This List: 9274
Re: How to communicate from kernel mode to user mod app

> A user mode thread can wait on the event and when it is triggered, call into > the driver to find out what the result was. ...which is by far more coding then inverted call. Event objects are good if you do not need to transfer any data at all, only to signal that something occured. -- Maxim Shatskih, Windows DDK MVP StorageCraft Corporation xxxxx@storagecraft.com http://www.storagecraft.com
  Message 7 of 29  
11 Jan 07 04:21
Mike Kemp
xxxxxx@sintefex.com
Join Date: 30 May 2006
Posts To This List: 239
Re: Re:How to communicate from kernel mode to user mod app

Signalling a user event to the app is a useful option if you are already doing a lot of non overlapped i/o and you don't want to change to overlapped to handle this activity. It's easy to buffer up a number of realtime events in the kernel and fetch them in one go each time the app has time to attend to them. It's pretty responsive, probably because the thread waiting on the event gets a priority boost when signalled specifically to allow it to respond quickly (at least so it is claimed). I've found it useful for receiving relatively low priority information that is not part of the device's main activity. If it's a new design probably best to follow the others' advice though... Mike ----- Original Message ----- From: Maxim S. Shatskih Newsgroups: ntdev To: Windows System Software Devs Interest List Sent: Wednesday, January 10, 2007 6:56 PM Subject: Re:[ntdev] How to communicate from kernel mode to user mod app > A user mode thread can wait on the event and when it is triggered, call > into > the driver to find out what the result was. ...which is by far more coding then inverted call. Event objects are good if you do not need to transfer any data at all, only to signal that something occured. -- Maxim Shatskih, Windows DDK MVP StorageCraft Corporation xxxxx@storagecraft.com http://www.storagecraft.com --- Questions? First check the Kernel Driver FAQ at http://www.osronline.com/article.cfm?id=256 To unsubscribe, visit the List Server section of OSR Online at http://www.osronline.com/page.cfm?name=ListServer
  Message 8 of 29  
11 Jan 07 10:02
ntdev member 26176
xxxxxx@writeme.com
Join Date:
Posts To This List: 252
RE: How to communicate from kernel mode to user mod app

To support opinion of Doron and Max: hardware interrupts these days tend to become messages that carry data. Example: PCI express, MSI.
  Message 9 of 29  
11 Jan 07 12:12
nayan Kumar
xxxxxx@hotmail.com
Join Date: 26 Jun 2006
Posts To This List: 90
RE:How to communicate from kernel mode to user mod app

Hi All, First of all thnaks to all people for their valuable suggesion. I started implementing your suggesion. In between i googled about this and found some stuff with the help of that i tried to implement callback function for sending data from kernel to user mode application.I am facing some problem with it and want to discuss it with you people just for my knowledge. For the first time callback function gets called properly no issue at all.but when i get interrupt for the second time that time i am getting BSOD .due to lack of resources i am not able to use windbg but i am writting down the text which appears on my computer screen.it is as follows STOP : 0x0000001E (0xC0000005,0x023210BE,0x00000000,0x023210BE) KMODE_EXCEPTION_NOT_HANDLED Beginning dump of physical memory when i tried for the second time that time i got the crash again but this time the text appears on my computer screen was quite diffrent from the previous one which is as follows STOP : 0x000000B8 (0x00000000,0x00000000,0x00000000,0x00000000) A wait operation attach process or yield was attempt from DPC routine Beginning dump of physical memory i appreciate if you expert people can help me to get rid from this BSOD and making the driver work properly. Best Regards Nayan _________________________________________________________________ Always wanted to be a writer? Here's your chance! http://content.msn.co.in/Contribute/Default.aspx
  Message 10 of 29  
11 Jan 07 12:53
Tim Roberts
xxxxxx@probo.com
Join Date: 28 Jan 2005
Posts To This List: 8994
Re: How to communicate from kernel mode to user mod app

nayan kumar wrote: > Hi All, > First of all thnaks to all people for their valuable > suggesion. I started implementing your suggesion. In between i googled > about this and found some stuff with the help of that i tried to > implement callback function for sending data from kernel to user mode > application.I am facing some problem with it and want to discuss it > with you people just for my knowledge. For the first time callback > function gets called properly no issue at all.but when i get interrupt > for the second time that time i am getting BSOD .due to lack of > resources i am not able to use windbg but i am writting down the text <...excess quoted lines suppressed...> This is a general protection fault, meaning that you accessed an invalid address. In this case, the address is 0x023210BE, which is a user-mode address. When you say you "implement callback function", you don't literally mean that you called from kernel mode into user mode, do you? When you get an interrupt, the original process is almost certainly no longer in memory, so none of the user-mode addresses will have any meaning. You cannot possibly hope to debug this without WinDBG. "Lack of resources" is not a good enough reason. I have a laptop I bought in 1999 with a 233MHz Pentium-II running Windows 2000 that works perfectly well as a WinDBG host. Surely you can borrow a 5-year-old laptop that is no longer being used. Why don't you show us what your interrupt code looks like. Maybe something will stand out. -- Tim Roberts, xxxxx@probo.com Providenza & Boekelheide, Inc.
  Message 11 of 29  
12 Jan 07 02:43
nayan Kumar
xxxxxx@hotmail.com
Join Date: 26 Jun 2006
Posts To This List: 90
Re: How to communicate from kernel mode to user mod app

Hi Tim, Thanks for your reply.I certainly accept this that i am a kid before you expert people in this area .Please dont mind. here is the code from driver part //declaration typedef ULONG (*PCALLBACK_ROUTINE)(UHORT,USHORT); typedef struct _JIN_SD_DESIGNER_FDO_DATA { ULONG CallbackAddress; PCALLBACK_ROUTINE KernelCallback; }JIN_SD_DESIGNER_FDO_DATA, *PJIN_SD_DESIGNER_FDO_DATA; NTSTATUS JinSdDesignerDispatchIoctl(IN PDEVICE_OBJECT pDeviceObject,IN PIRP pIrp) { PIO_STACK_LOCATION pIrpStack; NTSTATUS ntStatus= STATUS_SUCCESS; PJIN_SD_DESIGNER_FDO_DATA pFdoData; pFdoData = (PJIN_SD_DESIGNER_FDO_DATA) pDeviceObject->DeviceExtension; pIrpStack = IoGetCurrentIrpStackLocation (pIrp); switch(pIrpStack->Parameters.DeviceIoControl.IoControlCode) { case IOCTL_SET_EVENT_HANDLE: DbgPrint ("\nJinSdDesigner:\t IOCTL_SET_EVENT_HANDLE \n"); pFdoData->CallbackAddress = ((ULONG*) pIrpStack->Parameters.DeviceIoControl.Type3InputBuffer)[0]; pFdoData->KernelCallback = NULL; pFdoData->KernelCallback = (PCALLBACK_ROUTINE) pFdoData->CallbackAddress; if(pFdoData->KernelCallback == NULL) { DbgPrint ("\nJinSdDesigner:\t Invalid Function Pointer \n"); DbgPrint("\nJinSdDesigner:\t Error at File:- %s,\n Line:-( %d): \n", __FILE__, __LINE__); pIrp->IoStatus.Information = 0; ntStatus = STATUS_INVALID_USER_BUFFER; goto EXIT; } DbgPrint("\nJinSdDesigner:\t Valid Function Pointer\n"); pIrp->IoStatus.Information = ntStatus; break; default: ntStatus = STATUS_INVALID_DEVICE_REQUEST; DbgPrint ("\nJinSdDesigner:\t Inside default case\n"); } EXIT: pIrp->IoStatus.Status = ntStatus; IoCompleteRequest (pIrp, IO_NO_INCREMENT); DbgPrint ("\nJinSdDesigner:\t <--- %s \n",__FUNCTION__); return ntStatus; } BOOLEAN JinSdDesignerInterruptHandler(IN PKINTERRUPT pkInterupt,IN PVOID pVoidServiceContext) { PJIN_SD_DESIGNER_FDO_DATA pFdoData; BOOLEAN bInterruptRecognized = FALSE; pFdoData = (PJIN_SD_DESIGNER_FDO_DATA) pVoidServiceContext; DbgPrint ("\nJinSdDesigner:\t %s---> \n",__FUNCTION__); if(bInterruptRecognized = JinSdDesignerAcknowledgeInterrupt(pFdoData)) IoRequestDpc(pFdoData->Self, NULL, pFdoData); DbgPrint ("\nJinSdDesigner:\t <--- %s \n",__FUNCTION__); return bInterruptRecognized; } VOID JinSdDesignerDpcForIsr(IN PKDPC pkDpc,IN PDEVICE_OBJECT pDeviceObject,IN PIRP pIrpSystemArgument1,IN PVOID pVoidSystemArgument2) { PJIN_SD_DESIGNER_FDO_DATA pFdoData; KIRQL CurIrql; ULONG RetVal=0; pFdoData = (PJIN_SD_DESIGNER_FDO_DATA) pDeviceObject->DeviceExtension; DbgPrint ("\nJinSdDesigner:\t %s---> \n",__FUNCTION__); RetVal = 777; DbgPrint("\nJinSdDesigner:\t Before calling call back function\n"); DbgPrint ("\nJinSdDesigner:\tCallback Function Return value:-(%u)\n",RetVal); CurIrql = KeGetCurrentIrql(); KeLowerIrql(PASSIVE_LEVEL); RetVal = pFdoData->KernelCallback(pFdoData->usNormalInterruptRegisterData,pFdoData->usErro rInterruptRegisterData); KeRaiseIrql(CurIrql,&CurIrql); DbgPrint("\nJinSdDesigner:\t After calling call back function\n"); DbgPrint ("\nJinSdDesigner:\tCallback Function Return value:-(%u)\n",RetVal); DbgPrint ("\nJinSdDesigner:\t <--- %s \n",__FUNCTION__); } if u need some more clarification please let me know. i am very much keen to know the reason why i am getting BSOD for the second time. Best Regards Nayan _________________________________________________________________ MSN cricket features 'Cricketer of the Month' http://content.msn.co.in/Sports/Cricket/Default.aspx
  Message 12 of 29  
12 Jan 07 09:40
ntdev member 31002
xxxxxx@microsoft.com
Join Date:
Posts To This List: 539
RE: How to communicate from kernel mode to user mod app

The short answer is that this is poor practice at best. Your "callback" is to an address that is unknown and unknowable at the time you are making it [that's what "arbitrary context" means when DPCs are discussed]. You are lucky it even worked once [it means your Dpc happened to run in the context of the process that gave you that address the first time it ran]. Also, we provide a number of fine development aids (PFD, Driver Verifier, SDC, etc), all of which will tell you that lowering Irql to PASSIVE_LEVEL in a Dpc routine is forbidden- period. We do our best to keep code like this out of our operating system, and would really appreciate it if you would extend us the same courtesy. No slam against them intended [I've used it plenty over the years myself], but just because you can google it, it doesn't mean it's worth the time it took to read it. You may get stronger feedback than this [I nearly exploded when I read the code, but I suspected it was what you were doing from the bugchecks you were mentioning, and for the benefit of the doubt, I'm assuming you simply didn't realize how wrong this approach is].
  Message 13 of 29  
12 Jan 07 09:55
Don Burn
xxxxxx@acm.org
Join Date:
Posts To This List: 3179
Re: How to communicate from kernel mode to user mod app

Nayan, Bob did a nice general do not go there. I want to explain a few of the reasons this code is REALLY BAD. These are from simplest to hardest to fix: 1. You lower IRQL in the DPC routine, this breaks the locking of the kernel. You can never do this, if you are not the one who raised IRQL by a KeRaiseIrql call, then do not lower it. On a uniprocessor you have just turned off all spin locks, and on a multiprocessor you have mess things up well so crashes and deadlocks the likely result. 2. As Bob mentioned, DPC's run in arbitrary context, this means you cannot rely on the address your IOCTL passed in, since the program with that address maybe swapped out, or at least not running and the address you get is for another process. So the address can be totally invalid, and fail. 3. Even if you fix the above, you have opened a large security hole. The code in the kernel is trusted, now you are allowing any process that wants to run at the trusted level. Basically, this code will allow any MALWARE writer to completely take over the computer. As a number of people suggested, you should go to the inverted call. Instead of having the IOCTL pass a pointer to a routine, pend the IOCTL and complete it in the DPC routine, to signal the event. Any method trying to call directly into user code, is going to never be safe and reliable. -- Don Burn (MVP, Windows DDK) Windows 2k/XP/2k3 Filesystem and Driver Consulting http://www.windrvr.com Remove StopSpam from the email to reply "nayan kumar" <xxxxx@hotmail.com> wrote in message news:86053@ntdev... > Hi Tim, > Thanks for your reply.I certainly accept this that i am a kid > before you expert people in this area .Please dont mind. > > here is the code from driver part > > > //declaration > typedef ULONG (*PCALLBACK_ROUTINE)(UHORT,USHORT); > <...excess quoted lines suppressed...>
  Message 14 of 29  
12 Jan 07 10:08
ntdev member 31002
xxxxxx@microsoft.com
Join Date:
Posts To This List: 539
RE: How to communicate from kernel mode to user mod app

Typo- SDV (not SDC), of course. This may help understand the problem (although it's a bit abstracted and simplified- hope that doesn't lead to eventual confusion): all user-mode processes on your system have the same virtual address range- how that maps to physical memory addresses is controlled by "page tables" used by the processor. There are tables for each process, so what an address means depends upon which table is in use on the processor executing your Dpc. Your callback address is probably a different piece of code (or data, or even an invalid address) in each process running on the machine. An interrupt has to be handled quickly, and Dpcs also need to be fast. Because of this, they get handled ASAP, in the address space of whatever process is executing at the time they get called. So your callback to a user mode address from a Dpc is a roll of the dice- it could execute anything or nothing. It is just the wrong way to solve your problem. Please use the inverted call method described earlier. Or at least explain why it doesn't meet your needs.
  Message 15 of 29  
12 Jan 07 10:21
ntdev member 31002
xxxxxx@microsoft.com
Join Date:
Posts To This List: 539
RE: Re:How to communicate from kernel mode to user mod app

Thanks for the summary, Don. Wish I could so as well :).
  Message 16 of 29  
12 Jan 07 10:30
Thomas Divine
xxxxxx@pcausa.com
Join Date: 05 Aug 2010
Posts To This List: 635
RE: How to communicate from kernel mode to user mod app

> -----Original Message----- > From: xxxxx@lists.osr.com [mailto:bounce-275438- > xxxxx@lists.osr.com] On Behalf Of Don Burn > Sent: Friday, January 12, 2007 9:54 AM > To: Windows System Software Devs Interest List > Subject: Re:[ntdev] How to communicate from kernel mode to user mod app > > Nayan, > > Bob did a nice general do not go there. I want to explain a few of <...excess quoted lines suppressed...> [PCAUSA] One additional thought. If you really like the logic of having a callback to in user-mode when driver data is available, study the user-mode asynchronous I/O methods. In particular, look at "asynchronous procedure callbacks" (See ReadFileEx and friends) as well as I/O completion ports (See CreateIoCompletionPort and friends). Both of these user-mode techniques are fairly high performance. AND, in the driver you still handle the inverted call in the same way that most folks are recommending. Good luck, Thomas F. Divine > > -- > Don Burn (MVP, Windows DDK) > Windows 2k/XP/2k3 Filesystem and Driver Consulting > http://www.windrvr.com > Remove StopSpam from the email to reply > > > "nayan kumar" <xxxxx@hotmail.com> wrote in message
  Message 17 of 29  
12 Jan 07 16:57
Gary Little
xxxxxx@seagate.com
Join Date: 30 Nov 2005
Posts To This List: 299
Re: RE:How to communicate from kernel mode to user mod app

How anyone can expect to do kernel development without an effective debug capability is a mystery. All we can tell you is, oh yeah, you have a kernel mode exception that is not handled. Probably you have an access denied (C0000005) and quite possibly a bogus pointer (23210BE). Now ... if you had WinDbg up and running there is a whole herd of analytical tools available that can be called forth to find out what went bump in the night. But ... you don't have the resources for WinDbg, so really, about all that can be done is to scratch various parts of our anatomy and wonder why a kernel developer doesn't have the resources to do their work. -- The personal opinion of Gary G. Little "nayan kumar" <xxxxx@hotmail.com> wrote in message news:86021@ntdev... > Hi All, > First of all thnaks to all people for their valuable suggesion. I > started implementing your suggesion. In between i googled about this and > found some stuff with the help of that i tried to implement callback > function for sending data from kernel to user mode application.I am facing > some problem with it and want to discuss it with you people just for my > knowledge. For the first time callback function gets called properly no > issue at all.but when i get interrupt for the second time that time i am > getting BSOD .due to lack of resources i am not able to use windbg but i > am writting down the text which appears on my computer screen.it is as <...excess quoted lines suppressed...>
  Message 18 of 29  
12 Jan 07 17:34
ntdev member 19760
xxxxxx@evitechnology.com
Join Date:
Posts To This List: 2209
Re:RE:How to communicate from kernel mode to user mod app

NAYAN: I can't recall if you are developing a driver for actual hardware. If you are, then disregard what follows, as it will not help you. You can download Microsoft VirtualPC (I believe that it is still free). This will allow you to emulate and debug a target operating system all on your development machine. It is not a ideal solution, but, given your constraints, it is your only option, as not having no kernel debugger at all is fatal, SoftICE is not made any more and costs more than another machine anyway, and local kernel debugging with WinDbg is basically useless. In any case: WinDbg: http://www.microsoft.com/whdc/devtools/debugging/installx86.mspx VirtualPC: http://www.microsoft.com/downloads/details.aspx?FamilyId=6D58729D-DFA8-40BF-AFAF- 20BCB7F01CD1&displaylang=en This link tells how to setup WinDbg for use with a VM. http://support.microsoft.com/kb/871171 The constraints that lack of resources are imposing are indeed totally untenable. That being said, I seriously doubt it is a choice, so I hope this helps. Best of luck, mm http://support.microsoft.com/kb/871171 >>> xxxxx@seagate.com 2007-01-12 16:52 >>> How anyone can expect to do kernel development without an effective debug capability is a mystery. All we can tell you is, oh yeah, you have a kernel mode exception that is not handled. Probably you have an access denied (C0000005) and quite possibly a bogus pointer (23210BE). Now ... if you had WinDbg up and running there is a whole herd of analytical tools available that can be called forth to find out what went bump in the night. But ... you don't have the resources for WinDbg, so really, about all that can be done is to scratch various parts of our anatomy and wonder why a kernel developer doesn't have the resources to do their work. -- The personal opinion of Gary G. Little "nayan kumar" <xxxxx@hotmail.com> wrote in message news:86021@ntdev... > Hi All, > First of all thnaks to all people for their valuable suggesion. I > started implementing your suggesion. In between i googled about this and > found some stuff with the help of that i tried to implement callback > function for sending data from kernel to user mode application.I am facing > some problem with it and want to discuss it with you people just for my > knowledge. For the first time callback function gets called properly no > issue at all.but when i get interrupt for the second time that time i am > getting BSOD .due to lack of resources i am not able to use windbg but i > am writting down the text which appears on my computer screen.it is as > follows > > STOP : 0x0000001E (0xC0000005,0x023210BE,0x00000000,0x023210BE) > > KMODE_EXCEPTION_NOT_HANDLED > > Beginning dump of physical memory > > when i tried for the second time that time i got the crash again but this > time the text appears on my computer screen was quite diffrent from the > previous one which is as follows > > STOP : 0x000000B8 (0x00000000,0x00000000,0x00000000,0x00000000) > > A wait operation attach process or yield was attempt from DPC routine > > Beginning dump of physical memory > > i appreciate if you expert people can help me to get rid from this BSOD > and making the driver work properly. > > Best Regards > Nayan > > _________________________________________________________________ > Always wanted to be a writer? Here's your chance! > http://content.msn.co.in/Contribute/Default.aspx > > --- Questions? First check the Kernel Driver FAQ at http://www.osronline.com/article.cfm?id=256 To unsubscribe, visit the List Server section of OSR Online at http://www.osronline.com/page.cfm?name=ListServer
  Message 19 of 29  
12 Jan 07 23:12
anton bassov
xxxxxx@hotmail.com
Join Date: 16 Jul 2006
Posts To This List: 3690
RE: How to communicate from kernel mode to user mod app

Don, > Bob did a nice general do not go there. I want to explain a few of > the reasons this code is REALLY BAD. Both you and Bob seem to have overlooked one important detail - on x86 architecture, privileged code cannot call unprivileged one. Period. There are only 3 ways how this transition can get done, i.e. IRETD, SYSEXIT and far RET (irrelevant under Windows). In the OP's case, the callback that resides in the user address space will be treated as privileged code if it gets invoked from the kernel mode, because CALL does not affect CS register. Under XP and above, user-to kernel mode transition is done as SYSENTER, and this instruction can be executed only by non-privileged code. Now imagine what is going to happen if this callback tries to make any system call - privileged code executes SYSENTER and ...... BANG!!!!!!! Therefore, unless his callback does not make any system calls, the whole thing could not have worked even on *SINGLE* occasion - even if callback gets invoked in context of the right thread and no page faults occur, it is still bound to crash.... Anton Bassov
  Message 20 of 29  
13 Jan 07 08:58
nayan Kumar
xxxxxx@hotmail.com
Join Date: 26 Jun 2006
Posts To This List: 90
Re:RE:How to communicate from kernel mode to user mod app

Hi All, Thanks to all for your valuable suggesion. I already mention in my post that while finding some tutorial or stuff about communicating with user mode app from kernel mode i got that sample and i just tried for my knowledge purpose weather its working or not .only this is the reason that i tried that for checking although i started implementing inverted call for getting my work done i dont have any issue at all with inverted call. If this is not the best way to increase our knowledge level then i am really very sorry that i am heading in wrong direction.if you expert people can give me right direction for learning anything new about which we are unknown i would be very thankful to you. Best Regards Nayan >From: "Martin O'Brien" <xxxxx@evitechnology.com> >Reply-To: "Windows System Software Devs Interest List" ><xxxxx@lists.osr.com> >To: "Windows System Software Devs Interest List" <xxxxx@lists.osr.com> >Subject: Re:[ntdev] RE:How to communicate from kernel mode to user mod app >Date: Fri, 12 Jan 2007 17:33:13 -0500 > >NAYAN: > <...excess quoted lines suppressed...> _________________________________________________________________ Get up-to-date with movies, music and TV. Its happening on MSN Entertainment http://content.msn.co.in/Entertainment/Default
  Message 21 of 29  
13 Jan 07 09:04
nayan Kumar
xxxxxx@hotmail.com
Join Date: 26 Jun 2006
Posts To This List: 90
Re:RE:How to communicate from kernel mode to user mod app

Hi All, Thanks to all for your valuable suggesion. I already mention in my post that while finding some tutorial or stuff about communicating with user mode app from kernel mode i got that sample and i just tried for my knowledge purpose weather its working or not .only this is the reason that i tried that for checking although i started implementing inverted call for getting my work done i dont have any issue at all with inverted call.I asked about that problem from you expert people just to know the reason why that was failing because i was unable to find out the reason, there is no any other intension behind asking that problem from you people because you are expert in this having years of experience. Lastly if this is not the best way to increase our knowledge level then i am really very sorry that i am heading in wrong direction.if you expert people can give me right direction for learning anything new about which we are unknown i would be very thankful to you. Best Regards Nayan _________________________________________________________________ Spice up your IM conversations. New, colorful and animated emoticons. Get chatting! http://server1.msn.co.in/SP05/emoticons/
  Message 22 of 29  
13 Jan 07 09:30
Don Burn
xxxxxx@acm.org
Join Date:
Posts To This List: 3179
Re: Re:RE:How to communicate from kernel mode to user mod app

Nayan, Like everything else on the internet the samples you find for Windows drivers are everything from outstanding to toxix waste. The samples Microsoft puts out in the DDK/WDK can be relied on to show good practices, the code from Osronline.con, Ndis.com, wd-3.com and sysinternals.com is also quite good. After that you have to have be careful, there is some excellent code, and some total garbage and in some cases it is on the same sites. It is reasonable to ask on a group on the quality of a sample, just provide a link to the original. For increasing your knowledge, look at the articles on the site I listed, plus especially http://www.microsoft.com/whdc/default.mspx the Microsoft site for drivers. Use the archives, for example checking the OSR archives you would have found lots of discussion of calling user mode over the years. Of course, if you can take a class from one of the excellent firms that offer them, or go to Microsoft's WinHEC or DDC conferences definitely do that to increase knowledge and experience. -- Don Burn (MVP, Windows DDK) Windows 2k/XP/2k3 Filesystem and Driver Consulting http://www.windrvr.com Remove StopSpam from the email to reply "nayan kumar" <xxxxx@hotmail.com> wrote in message news:86089@ntdev... > Hi All, > Thanks to all for your valuable suggesion. > > I already mention in my post that while finding some tutorial or stuff > about communicating with user mode app from kernel mode i got that sample > and i just tried for my knowledge purpose weather its working or not > .only this is the reason that i tried that for checking although i > started implementing inverted call for getting my work done i dont have > any issue at all with inverted call.I asked about that problem from you > expert people just to know the reason why that was failing because i was <...excess quoted lines suppressed...>
  Message 23 of 29  
13 Jan 07 17:47
ntdev member 19760
xxxxxx@evitechnology.com
Join Date:
Posts To This List: 2209
Re:RE:How to communicate from kernel mode to user mod app

NAYAN: You've have no reason to apologize. These lists, while very useful, can at times be significantly populated with a lot of self-serving criticism for a variety of reasons; I have certainly been guilty of that at times. There is no reason to feel bad, because, while what you are attempting is basically impossible and unreasonable, we all started somewhere, and the bottom line is that no one on this list had a gun to his or her head and had to respond to your question; he or she could have just not answered, or, as many did, just give you the facts. Best of luck, mm >>> xxxxx@hotmail.com 2007-01-13 09:03 >>> Hi All, Thanks to all for your valuable suggesion. I already mention in my post that while finding some tutorial or stuff about communicating with user mode app from kernel mode i got that sample and i just tried for my knowledge purpose weather its working or not .only this is the reason that i tried that for checking although i started implementing inverted call for getting my work done i dont have any issue at all with inverted call.I asked about that problem from you expert people just to know the reason why that was failing because i was unable to find out the reason, there is no any other intension behind asking that problem from you people because you are expert in this having years of experience. Lastly if this is not the best way to increase our knowledge level then i am really very sorry that i am heading in wrong direction.if you expert people can give me right direction for learning anything new about which we are unknown i would be very thankful to you. Best Regards Nayan _________________________________________________________________ Spice up your IM conversations. New, colorful and animated emoticons. Get chatting! http://server1.msn.co.in/SP05/emoticons/ --- Questions? First check the Kernel Driver FAQ at http://www.osronline.com/article.cfm?id=256 To unsubscribe, visit the List Server section of OSR Online at http://www.osronline.com/page.cfm?name=ListServer
  Message 24 of 29  
15 Jan 07 13:08
Tim Roberts
xxxxxx@probo.com
Join Date: 28 Jan 2005
Posts To This List: 8994
Re: RE:How to communicate from kernel mode to user mod app

Martin O'Brien wrote: > You've have no reason to apologize. These lists, while very useful, > can at times be significantly populated with a lot of self-serving > criticism for a variety of reasons; I have certainly been guilty of that > at times. There is no reason to feel bad, because, while what you are > attempting is basically impossible and unreasonable, we all started > somewhere, and the bottom line is that no one on this list had a gun to > his or her head and had to respond to your question; he or she could > have just not answered, or, as many did, just give you the facts. > This may be a point of view thing. When people begin to ask questions on a forum like this, they tend to think of it as a telephone conversation with an individual expert, one-on-one. In that situation, criticism and generalizations can seem daunting and discouraging. On the other hand, those of us who have been here a while tend to think of this forum as a panel discussion in a large lecture hall, and I think that's a better model. Specific questions very often raise issues of general concern, and we would be remiss to let the issues go by without comment. Also, as I've said before, these posts now live forever in various different archives. A year from now, some inexperienced person will go looking for the answer to a similar question. If they just see an answer with no cautions, they may get the wrong impression. So, when someone asks how to use a power drill on a 2x4 that is sitting on their lap, I'll explain how to do it, but I'm also going to feel free to explain why a sawhorse is a much better idea. -- Tim Roberts, xxxxx@probo.com Providenza & Boekelheide, Inc.
  Message 25 of 29  
15 Jan 07 15:11
ntdev member 19760
xxxxxx@evitechnology.com
Join Date:
Posts To This List: 2209
Re: RE:How to communicate from kernel mode to user mod app

Fair enough and agreed. My basic observation about these sorts of questions and issue with them is that they tend to produce the amazingly long threads about very little, which wouldn't really matter, except that, at least for me, these lists, while invaluable, can take a long time to get through. mm >>> xxxxx@probo.com 2007-01-15 13:07 >>> Martin O'Brien wrote: > You've have no reason to apologize. These lists, while very useful, > can at times be significantly populated with a lot of self-serving > criticism for a variety of reasons; I have certainly been guilty of that > at times. There is no reason to feel bad, because, while what you are > attempting is basically impossible and unreasonable, we all started > somewhere, and the bottom line is that no one on this list had a gun to > his or her head and had to respond to your question; he or she could > have just not answered, or, as many did, just give you the facts. > This may be a point of view thing. When people begin to ask questions on a forum like this, they tend to think of it as a telephone conversation with an individual expert, one-on-one. In that situation, criticism and generalizations can seem daunting and discouraging. On the other hand, those of us who have been here a while tend to think of this forum as a panel discussion in a large lecture hall, and I think that's a better model. Specific questions very often raise issues of general concern, and we would be remiss to let the issues go by without comment. Also, as I've said before, these posts now live forever in various different archives. A year from now, some inexperienced person will go looking for the answer to a similar question. If they just see an answer with no cautions, they may get the wrong impression. So, when someone asks how to use a power drill on a 2x4 that is sitting on their lap, I'll explain how to do it, but I'm also going to feel free to explain why a sawhorse is a much better idea. -- Tim Roberts, xxxxx@probo.com Providenza & Boekelheide, Inc. --- Questions? First check the Kernel Driver FAQ at http://www.osronline.com/article.cfm?id=256 To unsubscribe, visit the List Server section of OSR Online at http://www.osronline.com/page.cfm?name=ListServer
  Message 26 of 29  
17 Jan 07 06:33
nayan Kumar
xxxxxx@hotmail.com
Join Date: 26 Jun 2006
Posts To This List: 90
RE:How to communicate from kernel mode to user mod app

Hi All, According to your suggession i implemented inverted call for sending interrupt register val to user mode app, Although its working fine in normal cases but when i call the that function in which i put the dequeuing logic from deferred procedure call my system gets restarted. at this point i am not able to find out the reason why it is hapening so if any one can help me to solve this problem i would be very thankful to you people. i am taking help from ddk sample in my case path is as follow C:\WINDDK\3790.1830\src\general\pcidrv. Best Regards Nayan _________________________________________________________________ Over 200000 Jobs @ naukri.com ! Choose The Best One http://naukri.com/tieups/tieups.php?othersrcp=4358
  Message 27 of 29  
17 Jan 07 07:02
Thomas Divine
xxxxxx@pcausa.com
Join Date: 05 Aug 2010
Posts To This List: 635
RE: How to communicate from kernel mode to user mod app

> -----Original Message----- > From: xxxxx@lists.osr.com [mailto:bounce-275866- > xxxxx@lists.osr.com] On Behalf Of nayan kumar > Sent: Wednesday, January 17, 2007 6:33 AM > To: Windows System Software Devs Interest List > Subject: RE:[ntdev] How to communicate from kernel mode to user mod app > > > > Hi All, <...excess quoted lines suppressed...> [PCAUSA] All parameters that you pass to the driver during asynchronous I/O must persist until the call is completed. If you allocate a parameter on the stack instead of from the heap then the stack variable will not exist when the call completes. If that happens, the system could crash. Examine everything that you pass to the driver and make sure it is allocated properly. Thomas F. Divine > at this point i am not able to find out the reason why it is hapening so > if > any one can help me to solve this problem i would be very thankful to you > people. > > i am taking help from ddk sample in my case path is as follow > C:\WINDDK\3790.1830\src\general\pcidrv. > > Best Regards
  Message 28 of 29  
17 Jan 07 12:50
nayan Kumar
xxxxxx@hotmail.com
Join Date: 26 Jun 2006
Posts To This List: 90
RE: How to communicate from kernel mode to user mod app

Hi All, Thanks to all people for putting me in comfort zone by giving your valuable suggesion.I got success in acomplishing my work.Its working properly now. I again beg a pardon if any of my queries made you feel embrrassed. Whenever i stuck with any problem i usually try everything whatever comes in my mind or i get any clue from somewhere else due to my curious nature and the fact that i just started swimming in this sea. Hopefully you great people will understand this. Best Regards Nayan _________________________________________________________________ Catch all the cricketing action right here. Live score, match reports, photos et al. http://content.msn.co.in/Sports/Cricket/Default.aspx
  Message 29 of 29  
17 Jan 07 13:06
nayan Kumar
xxxxxx@hotmail.com
Join Date: 26 Jun 2006
Posts To This List: 90
Re:How to communicate from kernel mode to user mod app

Hi All, Thanks to all people for putting me in comfort zone by giving your valuable suggesion.I got success in acomplishing my work.Its working properly now. I again beg a pardon if any of my queries made you feel embrrassed. Whenever i stuck with any problem i usually try everything whatever comes in my mind or i get any clue from somewhere else due to my curious nature and the fact that i just started swimming in this sea. Hopefully you great people will understand this. Best Regards Nayan _________________________________________________________________ Always wanted to be a writer? Here's your chance! http://content.msn.co.in/Contribute/Default.aspx
Posting Rules  
You may not post new threads
You may not post replies
You may not post attachments
You must login to OSR Online AND be a member of the ntdev list to be able to post.

All times are GMT -5. The time now is 11:57.


Copyright ©2014, OSR Open Systems Resources, Inc.
Based on vBulletin Copyright ©2000 - 2005, Jelsoft Enterprises Ltd.
Modified under license