Exetools  

Go Back   Exetools > General > General Discussion

Notices

Reply
 
Thread Tools Display Modes
  #1  
Old 08-09-2004, 08:52
aldente aldente is offline
VIP
 
Join Date: Jul 2003
Posts: 266
Rept. Given: 27
Rept. Rcvd 7 Times in 5 Posts
Thanks Given: 35
Thanks Rcvd at 10 Times in 9 Posts
aldente Reputation: 7
Modifying Kernel Mode Driver for Hyper Threading

Hello!

My problem is: the Kernel Mode Driver of my USB-ISDN-card often crashes, when hyperthreading is enabled and system is busy:

When I am connected to the internet, and I compress 2GB-files with Winrar (best compression), open a folder with some videos (which are then shown in Explorer), letting Overnet calculate its checksums and playing back a video in PowerDVD at the same time, the driver crashes my whole system.

This does not happen when Hyper Threading is disabled (although the system is then incredibly slow).

Error Code is: 0x100000d1 (0x00000048, 0x00000002, 0x00000000, 0xf45cae42)

File is AGFUCAPI.SYS, Adress F45CAE42 base at F45C8000.

The USB-ISDN-Card is a Agfeo AC14 WebPhonie (www.agfeo.de), and the nasty driver developers are obviously unable, to patch their damned a driver, not to crash on a system with enabled Hyper Threading.

I know about the problem, that USB-Drivers have to run in Kernel Mode: there are obviously many other people having similar problems (with other devices, of course).

So my question: Is it possible, to tell windows to run a specific Kernel Mode Driver just un ONE cpu, or is it possible to patch the driver to run just on ONE cpu, or is it possible to modifiy the driver, not to crash on a hyperthreading system (without its source code)???

Unfortunately I don't know, how to find the offset of the driver-file, or i would have disassembled it myself to have a look at it.
Reply With Quote
  #2  
Old 08-09-2004, 08:59
JMI JMI is offline
Leader
 
Join Date: Jan 2002
Posts: 1,627
Rept. Given: 5
Rept. Rcvd 199 Times in 99 Posts
Thanks Given: 0
Thanks Rcvd at 96 Times in 94 Posts
JMI Reputation: 100-199 JMI Reputation: 100-199
A first useful question is did you attempt to search for clues on the net about these problems and/or the error codes related to what you are seeing? I don't know much about your issue, I'm just wondering what you may have already done to try to solve the problem.

Regards,
__________________
JMI
Reply With Quote
  #3  
Old 08-09-2004, 09:05
aldente aldente is offline
VIP
 
Join Date: Jul 2003
Posts: 266
Rept. Given: 27
Rept. Rcvd 7 Times in 5 Posts
Thanks Given: 35
Thanks Rcvd at 10 Times in 9 Posts
aldente Reputation: 7
I found a lot of other people with that problem (for example here: _http://www.chip.de/forum/thread.html?bwthreadid=510358) but no solution.
And there are many other people complaining about BSODs with bad USB-Drivers.

I found out myself, that it definately has to do with hyperthreading.

And I know, its possible to run processes just on a specific cpu.
So I just wonder, whether its also possible, to do so with kernel mode drivers.
Reply With Quote
  #4  
Old 08-09-2004, 17:32
peleon peleon is offline
Friend
 
Join Date: Sep 2003
Posts: 174
Rept. Given: 0
Rept. Rcvd 7 Times in 1 Post
Thanks Given: 0
Thanks Rcvd at 7 Times in 7 Posts
peleon Reputation: 7
Hello,

Well, i think that there is not much to do on that "incompatible" driver for HT without the sources. That problem should be handled by the driver developer (did you download the latest version of the driver?)

Meanwhile, you just can disable HT in the BIOS or forget about that USB device meanwhile a new update for HT is done.

That's what happens when bad device drivers programmers do their drivers and forget about test them on multiprocessor systems.

Regards
Reply With Quote
  #5  
Old 08-09-2004, 18:46
dyn!o's Avatar
dyn!o dyn!o is offline
Friend
 
Join Date: Nov 2003
Location: Own mind
Posts: 214
Rept. Given: 1
Rept. Rcvd 1 Time in 1 Post
Thanks Given: 8
Thanks Rcvd at 0 Times in 0 Posts
dyn!o Reputation: 1
Big_or_what:
forcing KMD software to run only on a single processor should be not a problem, but... on MP oriented environments. I have been writing parallel applications using Intel Compiler 7 with OpenMP standard. SP mode settings (ranges) should be made during the compilation of the software - source stage. If you are using multiprocessor environments to build your app, then you can set SP mode easily, by yourself.

The other situation is in "usual" Microsoft Windows environment and standard compilers like Visual C++ and Borland C++ which doesn't allow to design and build multiprocessor applications with shared memory architecture (planned to run on parallel systems). There is no "force SP" like option in VC/Borland.

The last question is a patch. Theoritically it sounds pretty possible, but I wonder if thread manipulation (HT must switch between them) on KMD is a wise idea .

Regards.
Reply With Quote
  #6  
Old 08-09-2004, 20:04
aldente aldente is offline
VIP
 
Join Date: Jul 2003
Posts: 266
Rept. Given: 27
Rept. Rcvd 7 Times in 5 Posts
Thanks Given: 35
Thanks Rcvd at 10 Times in 9 Posts
aldente Reputation: 7
The big problem is, that I don't expect that there will be a new driver (and there will be one, it probably still has that error) and of course I don't have it's sources.

Disabling Hyper Threading is also a quite bad solution.

And I am dependend on that USB-device, I need it to connect to the internet.

I would not mind against a patch for the KMD - the worst thing that could happen is a BSOD

I just don't know, how to patch it
Reply With Quote
  #7  
Old 08-09-2004, 21:55
homersux
 
Posts: n/a
This does not happen when Hyper Threading is disabled (although the system is then incredibly slow).

Error Code is: 0x100000d1 (0x00000048, 0x00000002, 0x00000000, 0xf45cae42)

File is AGFUCAPI.SYS, Adress F45CAE42 base at F45C8000.

Based on this information, you should be able to disassemble the driver file agfucapi.sys, you can use livekd+kd to help you decide where this driver is loaded (probably f45c8000). For some reason this bug check line is different from what w2k displays normally, so I am guessing you are not using w2k. There are a few ways to go to figure out the reason of the crash. The best way is to enable crash dump and use windbg (or kd) on the crashdump to analyze the state of the computer/driver at the moment of the crash. kd will give you a detailed stack trace at the moment of the crash.

Another approach is to use softice to bpx the offending the intruction with some condition (preferrably after a crashdump analysis of possible causes of the crash).

Since .sys file is normally a valid PE file, you should be able to disassemble it and look around the virtual
offset ae42-8000 (raw offset can be calculated from this virtual offset of course). In any event, this sounds like a bad driver that has thread-unsafe code, so you should pay attention to the global variable references in the dead listing.
Reply With Quote
  #8  
Old 08-11-2004, 12:10
r3L4x
 
Posts: n/a
um, i have a thought. stop doing so much processor intensive shit at the same time!
Reply With Quote
  #9  
Old 08-13-2004, 10:11
aldente aldente is offline
VIP
 
Join Date: Jul 2003
Posts: 266
Rept. Given: 27
Rept. Rcvd 7 Times in 5 Posts
Thanks Given: 35
Thanks Rcvd at 10 Times in 9 Posts
aldente Reputation: 7
hey, I bought this processor to use it!!

what i mentioned above was just a test.

BTW: I LOVE MICROSOFT! They gave me fast and free support for my pirated copy of WinXP:

They proposed to read this KB-article:

htt-protocol://support.microsoft.com/?id=252867

this filter on my device, binding the irq-handling to only one cpu, and there were no more chrashes when burning the cpu with my "test" and running a game at the same time!

i'll do more testing tomorrow, as it's already 04:12AM here, but I guess this helped!
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Hades:Windows kernel driver lets reverse engineers monitor user and kernel mode code sh3dow Source Code 0 05-12-2016 03:15
How to pass the large data in kernel mode to user mode? benina General Discussion 3 03-06-2010 04:50
Kernel Mode Driver for NT SPeY General Discussion 12 04-22-2004 15:34


All times are GMT +8. The time now is 08:45.


Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX, chessgod101
( 1998 - 2024 )