Fascinating, as I certainly don’t recall working for Microsoft 10 years ago (nor specifics of the conversation or bashing of you on my behalf, though the latter details about the conversation I suppose I could have forgotten). Perhaps you mean someone else, or perhaps you have a reference (link) to the conversation in question?
Speaking generally, I don’t think that keeping a METHOD_DIRECT IRP pending is a “system-undefined method”, and it should work for some semblance of shared memory between a single app and a driver if correctly applied (which is the tricky part). All of the usual downsides of shared memory still apply - having to invent your own mechanism for signaling that the shared memory region needs to be examined, having to carefully capture the contents from the shared memory window, ensuring that nested notifications stack properly, ensuring that partially written data is not misinterpreted, ensuring that notifications are not lost when multiple become pending before the first is consumed (and that the proper memory barriers are in place for writes into the shared buffer), etc…
The inverted call mechanism has some nice attributes: It ensures that data attached to notifications from a driver to a user mode process are atomic with respect to the signal that there is data available to process, it can automatically leverage the completion port mechanism to distribute work user mode-side across a pool of worker threads, and consuming the resultant requests is simple and straightforward, and typically “safer”, with less to go wrong and less room for subtle problems that may only show up on stressed systems under load, and so on.
Now, while effort has taken to ensure that the underlying mechanisms are reasonably efficient from the system’s perspective, the niceties of a single pended IRP per request model do incur some amount of overhead. So too does the implementation of a shared memory window, which comes with a number of engineering trade-offs. Given the right specific circumstances, and with enough time spent implementing a shared memory mechanism to maximize performance while keeping it robust, I could certainly believe that it could perform better than the typical “inverted call” model. I can also believe that in many circumstances, the difference will be for all intents and purposes in the noise (or not substantially meaningful for the application), and the inverted call mechanism ends up being the more rational engineering choice due to simplicity of the model, with the engineering time to robustly implement a high performance shared memory mechanism being better spent on the unique capabilities of the driver.
So my advice would be to pick the best tool for the job, and to choose thoughtfully based on the situation. I would advise the simpler inverted call mechanism by default as a good enough “general purpose” choice, unless there are extenuating (hopefully data-backed) circumstances that show that it is inadequate. Just as with picking between TCP and UDP for an application’s network protocol, there is a greater freedom to specialize the implementation with UDP (as with a shared memory window), but in many (not all, but many) circumstances, this comes with substantial engineering costs to get the implementation right and properly tested under adverse conditions etc., and consequently, in many cases, not having to re-implement your own congestion control, sequencing, retransmit, etc. mechanisms is often well worth the potential lost performance of using TCP instead of UDP.
-----Original Message-----
From: xxxxx@lists.osr.com [mailto:xxxxx@lists.osr.com] On Behalf Of xxxxx@hotmail.com
Sent: Saturday, May 27, 2017 3:38 AM
To: Windows System Software Devs Interest List
Subject: RE:[ntdev] ZwMapViewOfSection’s BaseAddress is unaccessable
> See https://www.osr.com/nt-insider/2013-issue1/inverted-call-model-kmdf/
> for a description of the inverted call.
Please note that the “technology” that you are promoting is already sort of outdated - AFAIK, these days they’ve got a new one that is called 'big honking IRP". Basically, you just rely upon an IOCTL of METHOD_ DIRECT type that you never complete, effectively getting a shared memory buffer between an app and a driver. Ask Peter for more details.
Certainly, an access to it still has to be synchronised somehow, but this is already another story.
In fact, you can even use your beloved inverted calls for this purpose. However, beware - when I suggested something similar (in fact, exactly this very thing, but anyway) for the purpose of emulating SIGIO functionality under Windows 10 years ago Mr.Johnson from MSFT told me he could not see any advantage of using anything other than system-defined methods. What makes IRP completion " a system-undefined method" is just above me - you should ask Mr.Johnson about it…
In any case, I guess I can be proud of myself - after all,a trick that I suggested (and got bashed for at the time, of course) somehow turned into a “blessed technology” 10 years later. Funny,ugh…
Anton Bassov
—
NTDEV is sponsored by OSR
Visit the list online at: http:
MONTHLY seminars on crash dump analysis, WDF, Windows internals and software drivers!
Details at http:
To unsubscribe, visit the List Server section of OSR Online at http:</http:></http:></http:>