Freigeben über


A Hole In My Head

Doron Holan's musings on drivers and other nibbles and bits

KMDF V1.1 is now available

Windows 2000 support for everyone who asked: https://www.microsoft.com/whdc/driver/wdf/KMDF_pkg.mspx...

Author: Doron Holan [MSFT] Date: 05/11/2006

OS differences when ejecting an unstarted PDO

One of the, errr, joys of owning the PnP state machine in KMDF is that I must be compatible with all...

Author: Doron Holan [MSFT] Date: 05/10/2006

How to break in at the call site that invokes the break point

I think everyone at some point in time wants to embed a break point in there code, whether it be for...

Author: Doron Holan [MSFT] Date: 05/08/2006

Debugger commands (gu) that make my life easier

It's a quick one today. One of the great features about windbg is that it has a return to caller...

Author: Doron Holan [MSFT] Date: 05/05/2006

Why does /FASTDETECT exist and how did it get its name?

/FASTDETECT is a command line flag in a boot.ini entry. It started showing up in Windows 2000 (W2K)...

Author: Doron Holan [MSFT] Date: 05/03/2006

How to test PnP state changes in your driver

I'm still getting back into the flow of things at work, so I will start off this week with a simpler...

Author: Doron Holan [MSFT] Date: 05/02/2006

My leave is over

I am back at work. Things are a bit out of order having been gone for a month, but hopefully I will...

Author: Doron Holan [MSFT] Date: 05/01/2006

Programming Note

I will be on parental leave for the month of April :). While I have written up articles to post...

Author: Doron Holan [MSFT] Date: 03/31/2006

Debugger commands (!bpid) that make my life easier (part 6)

Today's kernel debugger command is "!bpid", break on process id. This command will break into an...

Author: Doron Holan [MSFT] Date: 03/30/2006

Debugger commands (dps, dpp) that make my life easier (part 5)

Today's debugger command is "dps" (display pointers and symbols). You might be familiar with the...

Author: Doron Holan [MSFT] Date: 03/28/2006

Avoiding #defines for constant data and using enums instead

I think that the C preprocessor is a very powerful tool, but I like to limit my use of #defines. I...

Author: Doron Holan [MSFT] Date: 03/27/2006

Debugger commands (!sd) that make my life easier (part 3.1)

Peter Wieland informed me that you can actually find the security descriptor (SD) using !object, you...

Author: Doron Holan [MSFT] Date: 03/23/2006

Debugger commands (dt, ??) that make my life easier (part 4)

Today I will cover how to look at type information from the command line of windbg/kd. You can do...

Author: Doron Holan [MSFT] Date: 03/22/2006

Debugger commands (!object) that make my life easier (part 3)

Today I am going to write about !object. One of the tools you can get from sysinternals is...

Author: Doron Holan [MSFT] Date: 03/21/2006

Real life usage of loading a driver as a dump file

Today I got a callstack via email (from the NTDEV list), but no dump file. I needed to determine if...

Author: Doron Holan [MSFT] Date: 03/20/2006

Debugger commands (!poaction, !poreqlist) that make my life easier (part 2)

Today's commands are related to power, they are:!poreqlist !poaction !podev (covered in the last...

Author: Doron Holan [MSFT] Date: 03/17/2006

Debugger commands (!drvobj, !devobj, !podev, !devstack) that make my life easier (part 1)

Over the next few days I'll talk about different debugger commands which I use to make driver...

Author: Doron Holan [MSFT] Date: 03/15/2006

How to debug missing imports at driver load time

Debugging when your driver fails to load can be exasperating, especially if it is due to a missing...

Author: Doron Holan [MSFT] Date: 03/13/2006

Loading your driver in user mode

One of the very cool features of windbg/kd is that you can load any PE file as a dump file. That...

Author: Doron Holan [MSFT] Date: 03/10/2006

Great articles on DMA

Peter Wieland has started a blog. Peter sits around the corner from me and works on UMDF (which...

Author: Doron Holan [MSFT] Date: 03/10/2006

Beware the shiny light that is MmIsAddressValid

This came up on NTDEV today and has come up in the past (both in the community and internally on the...

Author: Doron Holan [MSFT] Date: 03/09/2006

The return value from RtlCompareMemory and memcmp do not mean the same thing!

When I was working on the Bluetooth core, I got this mistake the first time I tried to compare 2...

Author: Doron Holan [MSFT] Date: 03/06/2006

String buffers and IRQL

If you look at the docs for many Rtl string functions, you will see that they are callable only at...

Author: Doron Holan [MSFT] Date: 03/03/2006

How can a NULL terminated string be misinterpreted in a UNICODE_STRING?

A NULL terminated string can be mismisinterpreted if the Length field contains the NULL part of the...

Author: Doron Holan [MSFT] Date: 03/01/2006

How to correctly initialize a UNICODE_STRING

In the past if you wanted to delcare a UNICODE_STRING and buffer on the stack, you had to manually...

Author: Doron Holan [MSFT] Date: 02/27/2006

ntstrsafe.h now contains safe functions for UNICODE_STRING too!

I don't think this is a well publicized feature, but the Server 2003 SP1 DDK contains a new version...

Author: Doron Holan [MSFT] Date: 02/27/2006

For my final entry in surprise removal week (did anyone sense a theme :) ?), let's talk about...

Author: Doron Holan [MSFT] Date: 02/24/2006

How should I handle my hardware when processing IRP_MN_SURPRSISE_REMOVAL?

The quick answer answer that you must assume your hardware is present and at least probe the...

Author: Doron Holan [MSFT] Date: 02/20/2006

Do I have to handle IRP_MN_SURPRISE_REMOVAL?

You might think that just because your device is root enumerated or is plugged into fix slot (llike...

Author: Doron Holan [MSFT] Date: 02/20/2006

Why does my device interface disappear when I replug my device back in?

This is a side affect of not unregistering your device interface during surprise removal. If you do...

Author: Doron Holan [MSFT] Date: 02/20/2006

When should I disable my device interface & deregister with WMI?

Last week I talked about how a device interfaces and WMI instances are made unique by the kernel....

Author: Doron Holan [MSFT] Date: 02/20/2006

I like FORCEINLINE

For kernel mode code, if I have choice between using a #define or a FORCEINLINE function, the...

Author: Doron Holan [MSFT] Date: 02/17/2006

Why KMDF does not have a callback for IRP_MN_QUERY_POWER/SystemPowerState

I was going to blog about this after I had some KMDF entries under my belt, but Raymond Chen got...

Author: Doron Holan [MSFT] Date: 02/17/2006

How are WMI instance IDs guaranteed to be unique?

This is related to today's previous topic of how the manager makes device interface GUIDs unique....

Author: Doron Holan [MSFT] Date: 02/16/2006

How are device interface strings guaranteed to be unique?

When you register a device interface GUID, you get back a symbolic link name which is the link...

Author: Doron Holan [MSFT] Date: 02/16/2006

Why am I not seeing any new device notifications when calling RegisterDeviceNotification?

Let's define this simple worker function which registers for device interface arrival notifications...

Author: Doron Holan [MSFT] Date: 02/15/2006

Glossary

This is meant to be an organic document that grows over time. If the term you are looking for is not...

Author: Doron Holan [MSFT] Date: 02/14/2006

DeviceSuggestions

If you would like me to write about a topic that relates to WDM, the kernel, debugging, WDF, KMDF,...

Author: Doron Holan [MSFT] Date: 02/14/2006

PDOs, part 1

Definition: A PDO is a Physical Device Object. This entry is not going into how to enumerate a PDO...

Author: Doron Holan [MSFT] Date: 02/14/2006

KMDF v1.1 announced and it supports Windows 2000!

We've been working on it since we RTW'ed v1.0 late last year and v1.1 is now "official." V1.1...

Author: Doron Holan [MSFT] Date: 02/14/2006

Intro

A bit about me: I grew up in the Bay Area and got my B.S in CSc from Cal Poly, SLO I have been...

Author: Doron Holan [MSFT] Date: 02/13/2006

<Previous