A DDK sample bug? or not?

A DDK sample bug? or not?

Post by nir140 » Thu, 09 Dec 2004 20:57:26


Hello,

I noted a very common pattern/technique in the DDK sample code:
In a dispatch routine for IRPs like IRP_MN_START_DEVICE, you initilize
an event on the stack that the completion routine is supposed to set.
After the call to the lower driver you wait on that event:

status = IoCallDriver(deviceExtension->NextLowerDriver, pIrp);
if(!NT_SUCCESS(status))
{
ERROR HANDLING...
}

//
// MS: Wait for lower drivers to be done with the pIrp.
// Important thing to
// note here is when you allocate memory for an event in the stack
// you must do a KernelMode wait instead of UserMode to prevent
// the stack from getting paged out.
//
if(status == STATUS_PENDING)
{
KeWaitForSingleObject(
&event,
Executive,
KernelMode,
FALSE,
NULL
);
status = pIrp->IoStatus.Status;
}

You probably have seen this technique.
Seems OK?

What I don't understand is what prevents the stack from being paged out
by the time the completion code tries to set the event if that happens
before the KeWait...() is reached. The only resolution I see is if it is
guaranteed that the completion thread is the same thread of the dispatch
routine (but then why bother with events at all...).

What am I missing?
Thanks,
Nir
 
 
 

A DDK sample bug? or not?

Post by Don Bur » Thu, 09 Dec 2004 22:31:08

As it say's right in the comment, a KernelMode wait means the stack is not
pageable. So the call to KeWaitForSingleObject ensures that the stack is
present.


--
Don Burn (MVP, Windows DDK)
Windows 2k/XP/2k3 Filesystem and Driver Consulting
Remove StopSpam from the email to reply

 
 
 

A DDK sample bug? or not?

Post by nir140 » Thu, 09 Dec 2004 22:57:50


What I meant is: What happens if the stack is paged out between the call
to IoSetCompletionRoutine() (which passes the event as one of its
parameters) and the call to KeWaitForSingleObject(), and what happens if
during this interval the completion routine tries to set the event? Is
that possible?

Thanks,
Nir
 
 
 

A DDK sample bug? or not?

Post by Don Bur » Thu, 09 Dec 2004 23:00:04

No, the stack is only made pageable if you wait for a user event. In normal
operation a kernel stack is not pageable.


--
Don Burn (MVP, Windows DDK)
Windows 2k/XP/2k3 Filesystem and Driver Consulting
Remove StopSpam from the email to reply




not
is
 
 
 

A DDK sample bug? or not?

Post by nir140 » Thu, 09 Dec 2004 23:31:55


Thanks,
That is the piece of information I was missing.
What you mean is that by default the stack is unpageable.

If I understand correctly then this technique has some interesting
implications. It means that driver writers must not cause their stack to
become pageable in their dispatch routines, since they don't control
which drivers are above them.
If I cause the stack to become pageable, and the driver above me happens
to use that technique then he may get a page fault.
Is that correct?

Thanks,
Nir
 
 
 

A DDK sample bug? or not?

Post by Don Bur » Thu, 09 Dec 2004 23:43:33

No, shouldn't happen, your stack will become pageable if you wait for a user
mode event, and when you return from that wait you will have a non-pageable
stack again. Note: it is rare for a driver to wait with UserMode, and for
the most part you shouldn't.

--
Don Burn (MVP, Windows DDK)
Windows 2k/XP/2k3 Filesystem and Driver Consulting
Remove StopSpam from the email to reply




normal
 
 
 

A DDK sample bug? or not?

Post by UGF2ZWwgQS » Fri, 10 Dec 2004 00:09:05


The KPROCESSOR_MODE WaitMode argument in
KeWaitForSingleObject and so on, is exactly what controls
paging of stack. It must be set to KernelMode.
If someone (hope not you) specifies UserMode, his stack
will page out.
--PA
 
 
 

A DDK sample bug? or not?

Post by Maxim S. S » Fri, 10 Dec 2004 01:31:26

> What I don't understand is what prevents the stack from being paged out

A stack cannot be paged out for a thread which is in KerneMode wait.

--
Maxim Shatskih, Windows DDK MVP
StorageCraft Corporation
XXXX@XXXXX.COM
http://www.yqcomputer.com/