usb camera filter driver

This is a multi-part message in MIME format.

------=_NextPart_000_0043_01C7BEEE.4FAA4040
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable

Hi Everybody,

I write usb camera filter driver, i see toaster filter example in DDK =
and make the same. but i have a problem when use mode application access =
filter driver by IOCL.

Following is kernel mode code is create object control

NTSTATUS
FilterCreateControlObject(
IN PDEVICE_OBJECT DeviceObject
)
{
UNICODE_STRING ntDeviceName;
UNICODE_STRING symbolicLinkName;
PCONTROL_DEVICE_EXTENSION deviceExtension;
NTSTATUS status =3D STATUS_UNSUCCESSFUL;
UNICODE_STRING sddlString;

//PAGED_CODE();

//
// Using unsafe function so that the IRQL remains at PASSIVE_LEVEL.
// IoCreateDeviceSecure & IoCreateSymbolocLink must be called at
// PASSIVE_LEVEL.
//
ExAcquireFastMutexUnsafe(&ControlMutex);

//
// If this is a first instance of the device, then create a =
controlobject.
// and register dispatch points to handle ioctls.
//
if(1 =3D=3D ++InstanceCount)
{
DbgPrint("Start Create Object\n");
//
// Initialize the unicode strings
//
RtlInitUnicodeString(&ntDeviceName, NTDEVICE_NAME_STRING);
RtlInitUnicodeString(&symbolicLinkName, SYMBOLIC_NAME_STRING);

//
// Initialize a security descriptor string. Refer to SDDL docs in =
theSDK
// for more info.
//
RtlInitUnicodeString(&sddlString, L"D:P(A;;GA;;;SY)(A;;GA;;;BA)");

//
// Create a named deviceobject so that applications or drivers
// can directly talk to us without going through the entire stack.
// This call could fail if there are not enough resources or
// another deviceobject of same name exits (name collision).
// Let us use the new IoCreateDeviceSecure and specify a security
// descriptor (SD) that allows only System and Admin groups to access =
the
// control device. Let us also specify a unique guid to allow =
administrators
// to change the SD if he desires to do so without changing the =
driver.
// The SD will be stored in
// HKLM\SYSTEM\CCSet\Control\Class\<GUID>\Properties\Security
// An admin can overide the SD specified in the below call by =
modifying
// the registry.
//=20

status =3D IoCreateDeviceSecure(DeviceObject->DriverObject,
sizeof(CONTROL_DEVICE_EXTENSION),
&ntDeviceName,
FILE_DEVICE_UNKNOWN,
FILE_DEVICE_SECURE_OPEN,
FALSE,
&sddlString,=20
(LPCGUID)&GUID_SD_FILTER_CONTROL_OBJECT,
&ControlDeviceObject
);

if(NT_SUCCESS(status)) {
=20
ControlDeviceObject->Flags |=3D DO_BUFFERED_IO;

status =3D IoCreateSymbolicLink(&symbolicLinkName, &ntDeviceName);

if(!NT_SUCCESS(status)) {
IoDeleteDevice(ControlDeviceObject);
DebugPrint(("IoCreateSymbolicLink failed %x\n", status));
goto End;
}

deviceExtension =3D ControlDeviceObject->DeviceExtension;
deviceExtension->Type =3D DEVICE_TYPE_CDO;
deviceExtension->ControlData =3D NULL;
deviceExtension->Deleted =3D FALSE;

ControlDeviceObject->Flags &=3D ~DO_DEVICE_INITIALIZING;

}else {
DebugPrint(("IoCreateDevice failed %x\n", status));
}
=20

DbgPrint("End Create Object\n");
}

End:
=20
ExReleaseFastMutexUnsafe(&ControlMutex);
return status;
}

Following is user mode application to access filter driver by IOCL:

HANDLE hdevice =3D CreateFile(TEXT("\\\\.\\UsbcameraFilter"), =
GENERIC_READ, 0, NULL, OPEN_EXISTING, 0, NULL);
if (hdevice =3D=3D INVALID_HANDLE_VALUE)
{
printf("Unable to open UsbcameraFilter device - error %d\n", =
GetLastError());
return 1;
}

When i run debug user mode application it display error in WinDbg is:
Access violation - code c0000005 (!!! second chance !!!)

nt!IofCallDriver+0x24:

804ec046 8b7108 mov esi,[ecx+0x8]

I don't know why, Everyone have experience about write usb camera filter =
driver pls help me, thanks very alot.

David,

------=_NextPart_000_0043_01C7BEEE.4FAA4040
Content-Type: text/html;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=3DContent-Type content=3D"text/html; =
charset=3Diso-8859-1">
<META content=3D"MSHTML 6.00.2900.2180" name=3DGENERATOR>
<STYLE></STYLE>
</HEAD>
<BODY>
<DIV><FONT face=3DArial size=3D2>Hi Everybody,</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2>I write usb camera filter driver, i see =
toaster=20
filter example in DDK and make the same. but i have a problem when use =
mode=20
application access filter driver by IOCL.</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2>Following is kernel mode code is =
create object=20
control</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial=20
size=3D2>NTSTATUS<BR>FilterCreateControlObject(<BR>   &nbs=
p;   =20
IN PDEVICE_OBJECT =
DeviceObject<BR>       =20
)<BR>{<BR> UNICODE_STRING    ntDeviceName;<BR>&n=
bsp;UNICODE_STRING    symbolicLinkName;<BR> PCON=
TROL_DEVICE_EXTENSION deviceExtension;<BR> NTSTATUS  =
   status=20
=3D=20
STATUS_UNSUCCESSFUL;<BR> UNICODE_STRING    sddlS=
tring;</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2> //PAGED_CODE();</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2> //<BR> // Using unsafe =
function so that=20
the IRQL remains at PASSIVE_LEVEL.<BR> // IoCreateDeviceSecure =
&=20
IoCreateSymbolocLink must be called at<BR> //=20
PASSIVE_LEVEL.<BR> //<BR> ExAcquireFastMutexUnsafe(&Control=
Mutex);</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2> //<BR> // If this is a first =
instance of=20
the device, then create a controlobject.<BR> // and register =
dispatch=20
points to handle ioctls.<BR> //<BR> if(1 =3D=3D=20
++InstanceCount)<BR> {<BR>  DbgPrint("Start Create=20
Object\n");<BR>  //<BR>  // Initialize the unicode=20
strings<BR>  //<BR>  RtlInitUnicodeString(&ntDevi=
ceName,=20
NTDEVICE_NAME_STRING);<BR>  RtlInitUnicodeString(&symbolicL=
inkName,=20
SYMBOLIC_NAME_STRING);</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2>  //<BR>  // =
Initialize a=20
security descriptor string. Refer to SDDL docs in =
theSDK<BR>  // for=20
more=20
info.<BR>  //<BR>  RtlInitUnicodeString(&sddlStri=
ng,=20
L"D:P(A;;GA;;;SY)(A;;GA;;;BA)");</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2>  //<BR>  // Create =
a named=20
deviceobject so that applications or drivers<BR>  // can =
directly talk=20
to us without going through the entire stack.<BR>  // This =
call could=20
fail if there are not enough resources or<BR>  // another =
deviceobject=20
of same name exits (name collision).<BR>  // Let us use the =
new=20
IoCreateDeviceSecure and specify a security<BR>  // descriptor =
(SD)=20
that allows only System and Admin groups to access the<BR>  // =
control=20
device. Let us also specify a unique guid to allow=20
administrators<BR>  // to change the SD if he desires to do so =
without=20
changing the driver.<BR>  // The SD will be stored=20
in<BR>  //=20
HKLM\SYSTEM\CCSet\Control\Class\<GUID>\Properties\Security<BR>&nbsp=
; //=20
An admin can overide the SD specified in the below call by=20
modifying<BR>  // the registry.<BR>  // =
</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2>   status =3D=20
IoCreateDeviceSecure(DeviceObject->DriverObject,<BR>   =
      sizeof(CONTROL_DEVICE_EXTENSION),<BR>=
         &ntDeviceName,<=
BR>         FILE_DEVICE_UNKN=
OWN,<BR>         FILE_DEVICE=
_SECURE_OPEN,<BR>         FA=
LSE,<BR>         &sddlSt=
ring,=20
<BR>         (LPCGUID)&G=
UID_SD_FILTER_CONTROL_OBJECT,<BR>      &nbs=
p;  &ControlDeviceObject<BR>     &=
nbsp;   );</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial =
size=3D2>   if(NT_SUCCESS(status))=20
{<BR>    <BR>    ControlDeviceObj=
ect->Flags=20
|=3D DO_BUFFERED_IO;</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2>    status =3D=20
IoCreateSymbolicLink(&symbolicLinkName, =
&ntDeviceName);</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial =
size=3D2>    if(!NT_SUCCESS(status))=20
{<BR>     IoDeleteDevice(ControlDeviceObject);<B=
R>     DebugPrint(("IoCreateSymbolicLink=20
failed %x\n", status));<BR>     goto=20
End;<BR>    }</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2>    deviceExtension =
=3D=20
ControlDeviceObject->DeviceExtension;<BR>    devic=
eExtension->Type=20
=3D =
DEVICE_TYPE_CDO;<BR>    deviceExtension->ControlDa=
ta =3D=20
NULL;<BR>    deviceExtension->Deleted =3D=20
FALSE;</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial=20
size=3D2>    ControlDeviceObject->Flags &=3D=20
~DO_DEVICE_INITIALIZING;</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2>   }else=20
{<BR>    DebugPrint(("IoCreateDevice failed %x\n",=20
status));<BR>   }<BR>  </FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2>  DbgPrint("End Create=20
Object\n");<BR> }</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial=20
size=3D2>End:<BR> <BR> ExReleaseFastMutexUnsafe(&ControlMut=
ex);<BR> return=20
status;<BR>}</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2>Following is user mode application to =
access filter=20
driver by IOCL:</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2>HANDLE hdevice =3D =
CreateFile(TEXT("</FONT><A><FONT=20
face=3DArial size=3D2>\\\\.\\UsbcameraFilter</FONT></A><FONT =
face=3DArial size=3D2>"),=20
GENERIC_READ, 0, NULL, OPEN_EXISTING, 0, NULL);<BR> if (hdevice =
=3D=3D=20
INVALID_HANDLE_VALUE)<BR> {<BR>  printf("Unable to open=20
UsbcameraFilter device - error %d\n", =
GetLastError());<BR>  return=20
1;<BR> }</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2>When i run debug user mode application =
it display=20
error in WinDbg is:</FONT></DIV>
<DIV>
<P><FONT face=3DArial size=3D2>Access violation - code c0000005 (!!! =
second chance=20
!!!)</FONT></P>
<P><FONT face=3DArial size=3D2>nt!IofCallDriver+0x24:</FONT></P>
<P><FONT face=3DArial size=3D2>804ec046 8b7108 mov =
esi,[ecx+0x8]</FONT></P>
<P><FONT face=3DArial size=3D2>I don't know why, Everyone =
have experience about=20
write usb camera filter driver pls help me, thanks very alot.</FONT></P>
<P><FONT face=3DArial size=3D2>David,</FONT></P></DIV></BODY></HTML>

------=_NextPart_000_0043_01C7BEEE.4FAA4040--

Tim
Thu Jul 05 23:11:02 CDT 2007

"David" <thuong101277@yahoo.com> wrote:
>
>I write usb camera filter driver, i see toaster filter example in DDK
>and make the same. but i have a problem when use mode application access
>filter driver by IOCL.

If you think the problem is related to sending an IOCTL, then why did you
show us the IoCreateDevice code?

> ExReleaseFastMutexUnsafe(&ControlMutex);

Did you actually initialize ControlMutex somewhere?

>Following is user mode application to access filter driver by IOCL:
>
>HANDLE hdevice = CreateFile(TEXT("\\\\.\\UsbcameraFilter"), GENERIC_READ, 0, NULL, OPEN_EXISTING, 0, NULL);
> if (hdevice == INVALID_HANDLE_VALUE)
> {
> printf("Unable to open UsbcameraFilter device - error %d\n", GetLastError());
> return 1;
> }

No, that doesn't send an ioctl. That just opens the filter.

>When i run debug user mode application it display error in WinDbg is:
>Access violation - code c0000005 (!!! second chance !!!)
>
>nt!IofCallDriver+0x24:
>
>804ec046 8b7108 mov esi,[ecx+0x8]
>
>I don't know why, Everyone have experience about write usb camera
>filter driver pls help me, thanks very alot.

You're going to have to do better than that. We can't read your mind. The
code you posted doesn't even call IofCallDriver. Show us the whole
!analyze -v output and the code that's crashing.
--
Tim Roberts, timr@probo.com
Providenza & Boekelheide, Inc.

David
Fri Jul 06 00:29:27 CDT 2007

This is a multi-part message in MIME format.

------=_NextPart_000_0053_01C7BFC9.532F29C0
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable

Hi Tim Roberts,
Thank you very much,

I will answer your question

1. If you think the problem is related to sending an IOCTL, then why did =
you
show us the IoCreateDevice code?

No, i just call function: HANDLE hdevice =3D =
CreateFile(TEXT("\\\\.\\UsbcameraFilter"), GENERIC_READ, 0, NULL, =
OPEN_EXISTING, 0, NULL),
then it ocurred error, and i think error at kernel mode and i see in =
WinDbg is:

Access violation - code c0000005 (!!! second chance !!!)

nt!IofCallDriver+0x24:

804ec046 8b7108 mov esi,[ecx+0x8]

That is all

2. Did you actually initialize ControlMutex somewhere?
I inited ControlMutex at DriverEntry function, following is DriverEntry =
function:

NTSTATUS
DriverEntry(
IN PDRIVER_OBJECT DriverObject,
IN PUNICODE_STRING RegistryPath
)
/*++

Routine Description:
=20
Installable driver initialization entry point.
This entry point is called directly by the I/O system.

Arguments:

DriverObject - pointer to the driver object

RegistryPath - pointer to a unicode string representing the path,
to driver-specific key in the registry.

Return Value:

STATUS_SUCCESS if successfull,
STATUS_UNSUCCESSFUL otherwise.
*/
{
NTSTATUS status =3D STATUS_SUCCESS;
ULONG ulIndex;
PDRIVER_DISPATCH * dispatch;

UNREFERENCED_PARAMETER (RegistryPath);

DebugPrint(("Entered the Driver Entry\n"));

//
// Create dispatch point
//
for(ulIndex =3D 0, dispatch =3D DriverObject->MajorFunction;
ulIndex <=3D IRP_MJ_MAXIMUM_FUNCTION;
ulIndex++, dispatch++)
{
*dispatch =3D FilterPass;
}
=20
DriverObject->MajorFunction[IRP_MJ_PNP] =3D FilterDispatchPnp;
DriverObject->MajorFunction[IRP_MJ_POWER] =3D FilterDispatchPower;
DriverObject->DriverExtension->AddDevice =3D FilterAddDevice;
DriverObject->DriverUnload =3D FilterUnload;

#ifdef IOCTL_INTERFACE
=20
/*DriverObject->MajorFunction[IRP_MJ_CREATE] =3D=20
DriverObject->MajorFunction[IRP_MJ_CLOSE] =3D=20
DriverObject->MajorFunction[IRP_MJ_CLEANUP] =3D=20
DriverObject->MajorFunction[IRP_MJ_DEVICE_CONTROL] =3D =
FilterDispatchIo;
=20
//=20
// Mutex is to synchronize multiple threads creating & deleting
// control deviceobjects.
////*/
ExInitializeFastMutex(&ControlMutex);

#endif

DbgPrint("Exits the Driver Entry\n");

return status;
}

3. You're going to have to do better than that. We can't read your =
mind. The
code you posted doesn't even call IofCallDriver. Show us the whole
!analyze -v output and the code that's crashing.

I do not know where code crashing, my code write the same toater filter =
in the DDK exmaple(C:\WINDDK\3790.1830\src\general\toaster\filter), i =
install filter driver successfull, and try unplug ang pulg webcam the =
see DbgPrint code in the WinDbg follwing:
Entered the Driver Entry

Exits the Driver Entry

AddDevice PDO (0x81a88e68) FDO (0x81a07728)

AddDevice: 81a07728 to 818f12c8->81a88e68=20

Start FilterDispatchPnp=20

DEFAULT=20

End FilterDispatchPnp=20

Start FilterDispatchPnp=20

DEFAULT=20

End FilterDispatchPnp=20

Start FilterDispatchPnp=20

DEFAULT=20

End FilterDispatchPnp=20

Start FilterDispatchPnp=20

Start IRP_MN_START_DEVICE=20

Call FilterCreateControlObject

End IRP_MN_START_DEVICE=20

Start FilterDispatchPnp=20

DEFAULT=20

End FilterDispatchPnp=20

Start FilterDispatchPnp=20

DEFAULT=20

End FilterDispatchPnp=20

Start FilterDispatchPnp=20

DEFAULT=20

End FilterDispatchPnp=20

Start FilterDispatchPnp=20

DEFAULT=20

End FilterDispatchPnp

Error just occure when i run my application(user mode), and just call =
CreateFile(TEXT("\\\\.\\UsbcameraFilter"), GENERIC_READ, 0, NULL, =
OPEN_EXISTING, 0, NULL);
then it occure error.

David,

"Tim Roberts" <timr@probo.com> wrote in message =
news:mufr831c357j3i28tudaifuh6i4s713j85@4ax.com...
> "David" <thuong101277@yahoo.com> wrote:
>>
>>I write usb camera filter driver, i see toaster filter example in DDK
>>and make the same. but i have a problem when use mode application =
access
>>filter driver by IOCL.
>=20
> If you think the problem is related to sending an IOCTL, then why did =
you
> show us the IoCreateDevice code?
>=20
>> ExReleaseFastMutexUnsafe(&ControlMutex);
>=20
> Did you actually initialize ControlMutex somewhere?
>=20
>>Following is user mode application to access filter driver by IOCL:
>>
>>HANDLE hdevice =3D CreateFile(TEXT("\\\\.\\UsbcameraFilter"), =
GENERIC_READ, 0, NULL, OPEN_EXISTING, 0, NULL);
>> if (hdevice =3D=3D INVALID_HANDLE_VALUE)
>> {
>> printf("Unable to open UsbcameraFilter device - error %d\n", =
GetLastError());
>> return 1;
>> }
>=20
> No, that doesn't send an ioctl. That just opens the filter.
>=20
>>When i run debug user mode application it display error in WinDbg is:
>>Access violation - code c0000005 (!!! second chance !!!)
>>
>>nt!IofCallDriver+0x24:
>>
>>804ec046 8b7108 mov esi,[ecx+0x8]
>>
>>I don't know why, Everyone have experience about write usb camera=20
>>filter driver pls help me, thanks very alot.
>=20
> You're going to have to do better than that. We can't read your mind. =
The
> code you posted doesn't even call IofCallDriver. Show us the whole
> !analyze -v output and the code that's crashing.
> --=20
> Tim Roberts, timr@probo.com
> Providenza & Boekelheide, Inc.
------=_NextPart_000_0053_01C7BFC9.532F29C0
Content-Type: text/html;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=3DContent-Type content=3D"text/html; =
charset=3Diso-8859-1">
<META content=3D"MSHTML 6.00.2900.2180" name=3DGENERATOR>
<STYLE></STYLE>
</HEAD>
<BODY>
<DIV><FONT face=3DArial size=3D2>Hi Tim Roberts,</FONT></DIV>
<DIV><FONT face=3DArial size=3D2>Thank you very much,</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2>I will answer your =
question</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2>1. If you think the problem is related =
to sending=20
an IOCTL, then why did you<BR>show us the IoCreateDevice =
code?</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2>No, i just call function: HANDLE =
hdevice =3D=20
CreateFile(TEXT("</FONT><A><FONT face=3DArial=20
size=3D2>\\\\.\\UsbcameraFilter</FONT></A><FONT face=3DArial =
size=3D2>"),=20
GENERIC_READ, 0, NULL, OPEN_EXISTING, 0, NULL),<BR>then it ocurred =
error, and i=20
think error at kernel mode and i see in WinDbg is:</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2>Access violation - code c0000005 (!!! =
second chance=20
!!!)<BR><BR>nt!IofCallDriver+0x24:<BR><BR>804ec046 8b7108 mov=20
esi,[ecx+0x8]<BR></FONT></DIV>
<DIV><FONT face=3DArial size=3D2>That is all</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2>2. Did you actually initialize =
ControlMutex=20
somewhere?<BR>I inited ControlMutex at DriverEntry function, following =
is=20
DriverEntry function:</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial =
size=3D2>NTSTATUS<BR>DriverEntry(<BR>   IN=20
PDRIVER_OBJECT DriverObject,<BR>   IN PUNICODE_STRING=20
RegistryPath<BR>   )<BR>/*++</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2>Routine =
Description:<BR> <BR> Installable=20
driver initialization entry point.<BR> This entry point is called =
directly=20
by the I/O system.</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2>Arguments:</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2> DriverObject - pointer to the =
driver=20
object</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2> RegistryPath - pointer to a =
unicode string=20
representing the path,<BR>       to=20
driver-specific key in the registry.</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2>Return Value:</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2> STATUS_SUCCESS if=20
successfull,<BR> STATUS_UNSUCCESSFUL=20
otherwise.<BR>*/<BR>{<BR> NTSTATUS   status =3D=20
STATUS_SUCCESS;<BR> ULONG    ulIndex;<BR> P=
DRIVER_DISPATCH =20
* dispatch;</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2> UNREFERENCED_PARAMETER=20
(RegistryPath);</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2> DebugPrint(("Entered the Driver=20
Entry\n"));</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2> //<BR> // Create dispatch=20
point<BR> //<BR> for(ulIndex =3D 0, dispatch =3D=20
DriverObject->MajorFunction;<BR>  ulIndex <=3D=20
IRP_MJ_MAXIMUM_FUNCTION;<BR>  ulIndex++,=20
dispatch++)<BR>  {<BR>   *dispatch =3D=20
FilterPass;<BR>  }<BR>  <BR> DriverObject->Ma=
jorFunction[IRP_MJ_PNP]  =3D=20
FilterDispatchPnp;<BR> DriverObject->MajorFunction[IRP_MJ_POWER]&=
nbsp;=3D=20
FilterDispatchPower;<BR> DriverObject->DriverExtension->AddDev=
ice =3D=20
FilterAddDevice;<BR> DriverObject->DriverUnload   =
  =3D=20
FilterUnload;</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2>#ifdef=20
IOCTL_INTERFACE<BR> <BR> /*DriverObject->MajorFunction[IRP_M=
J_CREATE]=20
=3D <BR> DriverObject->MajorFunction[IRP_MJ_CLOSE] =3D=20
<BR> DriverObject->MajorFunction[IRP_MJ_CLEANUP] =3D=20
<BR> DriverObject->MajorFunction[IRP_MJ_DEVICE_CONTROL] =3D=20
FilterDispatchIo;<BR> <BR> // <BR> // Mutex is to =
synchronize=20
multiple threads creating & deleting<BR> // control=20
deviceobjects.<BR> ////*/<BR> ExInitializeFastMutex(&Contro=
lMutex);</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2>#endif</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2> DbgPrint("Exits the Driver=20
Entry\n");</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2> return status;<BR>}</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2>3. You're going to have to do better =
than=20
that.  We can't read your mind.  The<BR>code you posted =
doesn't even=20
call IofCallDriver.  Show us the whole<BR>!analyze -v output and =
the code=20
that's crashing.<BR></FONT></DIV>
<DIV><FONT face=3DArial size=3D2>I do not know where code crashing, my =
code write=20
the same toater filter in the DDK=20
exmaple(C:\WINDDK\3790.1830\src\general\toaster\filter), i install =
filter driver=20
successfull, and try unplug ang pulg webcam the see DbgPrint code in the =
WinDbg=20
follwing:</FONT></DIV>
<DIV>
<P><FONT face=3DArial color=3D#ff0000 size=3D2>Entered the Driver =
Entry</FONT></P>
<P><FONT face=3DArial color=3D#ff0000 size=3D2>Exits the Driver =
Entry</FONT></P>
<P><FONT face=3DArial color=3D#ff0000 size=3D2>AddDevice PDO =
(0x81a88e68) FDO=20
(0x81a07728)</FONT></P>
<P><FONT face=3DArial color=3D#ff0000 size=3D2>AddDevice: 81a07728 to=20
818f12c8->81a88e68 </FONT></P>
<P><FONT face=3DArial color=3D#ff0000 size=3D2>Start FilterDispatchPnp =
</FONT></P>
<P><FONT face=3DArial color=3D#ff0000 size=3D2>DEFAULT </FONT></P>
<P><FONT face=3DArial color=3D#ff0000 size=3D2>End FilterDispatchPnp =
</FONT></P>
<P><FONT face=3DArial color=3D#ff0000 size=3D2>Start FilterDispatchPnp =
</FONT></P>
<P><FONT face=3DArial color=3D#ff0000 size=3D2>DEFAULT </FONT></P>
<P><FONT face=3DArial color=3D#ff0000 size=3D2>End FilterDispatchPnp =
</FONT></P>
<P><FONT face=3DArial color=3D#ff0000 size=3D2>Start FilterDispatchPnp =
</FONT></P>
<P><FONT face=3DArial color=3D#ff0000 size=3D2>DEFAULT </FONT></P>
<P><FONT face=3DArial color=3D#ff0000 size=3D2>End FilterDispatchPnp =
</FONT></P>
<P><FONT face=3DArial color=3D#ff0000 size=3D2>Start FilterDispatchPnp =
</FONT></P>
<P><FONT face=3DArial color=3D#ff0000 size=3D2>Start IRP_MN_START_DEVICE =
</FONT></P>
<P><FONT face=3DArial color=3D#ff0000 size=3D2>Call=20
FilterCreateControlObject</FONT></P>
<P><FONT face=3DArial color=3D#ff0000 size=3D2>End IRP_MN_START_DEVICE =
</FONT></P>
<P><FONT face=3DArial color=3D#ff0000 size=3D2>Start FilterDispatchPnp =
</FONT></P>
<P><FONT face=3DArial color=3D#ff0000 size=3D2>DEFAULT </FONT></P>
<P><FONT face=3DArial color=3D#ff0000 size=3D2>End FilterDispatchPnp =
</FONT></P>
<P><FONT face=3DArial color=3D#ff0000 size=3D2>Start FilterDispatchPnp =
</FONT></P>
<P><FONT face=3DArial color=3D#ff0000 size=3D2>DEFAULT </FONT></P>
<P><FONT face=3DArial color=3D#ff0000 size=3D2>End FilterDispatchPnp =
</FONT></P>
<P><FONT face=3DArial color=3D#ff0000 size=3D2>Start FilterDispatchPnp =
</FONT></P>
<P><FONT face=3DArial color=3D#ff0000 size=3D2>DEFAULT </FONT></P>
<P><FONT face=3DArial color=3D#ff0000 size=3D2>End FilterDispatchPnp =
</FONT></P>
<P><FONT face=3DArial color=3D#ff0000 size=3D2>Start FilterDispatchPnp =
</FONT></P>
<P><FONT face=3DArial color=3D#ff0000 size=3D2>DEFAULT </FONT></P>
<P><FONT face=3DArial color=3D#ff0000 size=3D2>End =
FilterDispatchPnp</FONT></P>
<P><FONT face=3DArial size=3D2>Error just occure when i run my =
application(user=20
mode), and just call CreateFile(TEXT("<A><FONT face=3DArial=20
size=3D2>\\\\.\\UsbcameraFilter</FONT></A><FONT face=3DArial =
size=3D2>"),=20
GENERIC_READ, 0, NULL, OPEN_EXISTING, 0, NULL);<BR>then it occure=20
error.</FONT></FONT></P></DIV>
<DIV><FONT face=3DArial size=3D2>David,</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2>"Tim Roberts" <</FONT><A=20
href=3D"mailto:timr@probo.com"><FONT face=3DArial=20
size=3D2>timr@probo.com</FONT></A><FONT face=3DArial size=3D2>> wrote =
in message=20
</FONT><A href=3D"news:mufr831c357j3i28tudaifuh6i4s713j85@4ax.com"><FONT =

face=3DArial=20
size=3D2>news:mufr831c357j3i28tudaifuh6i4s713j85@4ax.com</FONT></A><FONT =

face=3DArial size=3D2>...</FONT></DIV><FONT face=3DArial size=3D2>> =
"David"=20
<</FONT><A href=3D"mailto:thuong101277@yahoo.com"><FONT face=3DArial=20
size=3D2>thuong101277@yahoo.com</FONT></A><FONT face=3DArial =
size=3D2>>=20
wrote:<BR>>><BR>>>I write usb camera filter driver, i see =
toaster=20
filter example in DDK<BR>>>and make the same. but i have a problem =
when=20
use mode application access<BR>>>filter driver by IOCL.<BR>> =
<BR>>=20
If you think the problem is related to sending an IOCTL, then why did=20
you<BR>> show us the IoCreateDevice code?<BR>> <BR>>>=20
ExReleaseFastMutexUnsafe(&ControlMutex);<BR>> <BR>> Did you =
actually=20
initialize ControlMutex somewhere?<BR>> <BR>>>Following is user =
mode=20
application to access filter driver by =
IOCL:<BR>>><BR>>>HANDLE=20
hdevice =3D CreateFile(TEXT("</FONT><A><FONT face=3DArial=20
size=3D2>\\\\.\\UsbcameraFilter</FONT></A><FONT face=3DArial =
size=3D2>"),=20
GENERIC_READ, 0, NULL, OPEN_EXISTING, 0, NULL);<BR>>> if (hdevice =
=3D=3D=20
INVALID_HANDLE_VALUE)<BR>>> {<BR>>>  printf("Unable to =
open=20
UsbcameraFilter device - error %d\n", GetLastError());<BR>>>  =
return=20
1;<BR>>> }<BR>> <BR>> No, that doesn't send an ioctl.  =
That=20
just opens the filter.<BR>> <BR>>>When i run debug user mode=20
application it display error in WinDbg is:<BR>>>Access violation - =
code=20
c0000005 (!!! second chance=20
!!!)<BR>>><BR>>>nt!IofCallDriver+0x24:<BR>>><BR>>&gt=
;804ec046=20
8b7108 mov esi,[ecx+0x8]<BR>>><BR>>>I don't know why, =
Everyone have=20
experience about write usb camera <BR>>>filter driver pls help me, =
thanks=20
very alot.<BR>> <BR>> You're going to have to do better than =
that. =20
We can't read your mind.  The<BR>> code you posted doesn't even =
call=20
IofCallDriver.  Show us the whole<BR>> !analyze -v output and =
the code=20
that's crashing.<BR>> -- <BR>> Tim Roberts, </FONT><A=20
href=3D"mailto:timr@probo.com"><FONT face=3DArial=20
size=3D2>timr@probo.com</FONT></A><BR><FONT face=3DArial size=3D2>> =
Providenza=20
& Boekelheide, Inc.</FONT></BODY></HTML>

------=_NextPart_000_0053_01C7BFC9.532F29C0--

David
Fri Jul 06 06:24:07 CDT 2007

Hi Tim Roberts,

Now i have successfull call function:
CreateFile(TEXT("\\\\.\\UsbcameraFilter"), GENERIC_READ, 0, NULL,
OPEN_EXISTING, 0, NULL)

Continue i want get buffer from webcam and display on my application.

1. Kernel mode:

Follwing function call by :

DriverObject->MajorFunction[IRP_MJ_CREATE] =
DriverObject->MajorFunction[IRP_MJ_CLOSE] =
DriverObject->MajorFunction[IRP_MJ_CLEANUP] =
DriverObject->MajorFunction[IRP_MJ_DEVICE_CONTROL] =
FilterDispatchIo;

NTSTATUS
FilterDispatchIo(
IN PDEVICE_OBJECT DeviceObject,
IN PIRP Irp
)
{
PIO_STACK_LOCATION irpStack;
NTSTATUS status;
PCONTROL_DEVICE_EXTENSION deviceExtension;
PCOMMON_DEVICE_DATA commonData;

ULONG inSize;
ULONG outSize;
PVOID inBuffer;

PAGED_CODE();

commonData = (PCOMMON_DEVICE_DATA)DeviceObject->DeviceExtension;

//
// Please note that this is a common dispatch point for controlobject
and
// filter deviceobject attached to the pnp stack.
//
if(commonData->Type == DEVICE_TYPE_FIDO) {
//
// We will just the request down as we are not interested in
handling
// requests that come on the PnP stack.
//
return FilterPass(DeviceObject, Irp);
}

ASSERT(commonData->Type == DEVICE_TYPE_CDO);

deviceExtension =
(PCONTROL_DEVICE_EXTENSION)DeviceObject->DeviceExtension;

//
// Else this is targeted at our control deviceobject so let's handle it.
// Here we will handle the IOCTl requests that come from the app.
// We don't have to worry about acquiring remlocks for I/Os that come
// on our control object because the I/O manager takes reference on our
// deviceobject when it initiates a request to our device and that keeps
// our driver from unloading when we have pending I/Os. But we still
// have to watch out for a scenario where another driver can send
// requests to our deviceobject directly without opening an handle.
//
if(!deviceExtension->Deleted) { //if not deleted
status = STATUS_SUCCESS;
Irp->IoStatus.Information = 0;
irpStack = IoGetCurrentIrpStackLocation (Irp);

switch (irpStack->MajorFunction) {
case IRP_MJ_CREATE:
DebugPrint(("Create \n"));
break;

case IRP_MJ_CLOSE:
DebugPrint(("Close \n"));
break;

case IRP_MJ_CLEANUP:
DebugPrint(("Cleanup \n"));
break;

case IRP_MJ_DEVICE_CONTROL:
DebugPrint(("DeviceIoControl\n"));
switch (irpStack->Parameters.DeviceIoControl.IoControlCode)
{
//
//case IOCTL_CUSTOM_CODE:
//
case IOCTL_READ_STREAM_DATA:
DbgPrint("IOCTL_KS_READ_STREAM case\n");

// Input buffer length
inSize = irpStack->Parameters.DeviceIoControl.InputBufferLength;
// Output buffer length
outSize = irpStack->Parameters.DeviceIoControl.OutputBufferLength;
// Input buffer pointer
inBuffer = Irp->AssociatedIrp.SystemBuffer;

DbgPrint("Input Buffer Length : %d\r\n", inSize);
DbgPrint("Output Buffer Length : %d\r\n", outSize);

//status = STATUS_SUCCESS;
break;//*/

default:
DbgPrint("DEFAULT case\n");
status = STATUS_INVALID_PARAMETER;
break;
}
default:
break;
}
} else {
ASSERTMSG(FALSE, "Requests being sent to a dead device\n");
status = STATUS_DEVICE_REMOVED;
}
Irp->IoStatus.Status = status;
IoCompleteRequest (Irp, IO_NO_INCREMENT);
return status;
}

I have questions:
inSize is size of one frame buffer webcam, is it correct?
outSize is the same?
inBuffer it is pointer to one frame buffer webcam, is it correct?

2. My application(user mode)

HANDLE hdevice = CreateFile(TEXT("\\\\.\\MbnxMyFilter"), GENERIC_READ |
GENERIC_WRITE, 0, NULL, OPEN_EXISTING, 0, NULL);
if (hdevice == INVALID_HANDLE_VALUE)
{
printf("Unable to open UsbcameraFilter device - error %d\n",
GetLastError());
return 1;
}

wchar_t answer[512] = {'\0'};
char buffer[1024] = {'\0'};
DWORD junk;
if (DeviceIoControl(hdevice, IOCTL_READ_STREAM_DATA, NULL, 0, answer,
sizeof(answer), &junk, NULL))
{
answer[junk] = 0;
//MessageBoxW(NULL,answer, NULL, 0);
wprintf(L"%s\r\n",answer);
} else
printf("Error %d in call to DeviceIoControl\n", GetLastError());

3. When i run my application and see debug information on WinDbg is:

Input Buffer Length : 0
Output Buffer Length : 1024

4. How i can get correct size of buffer of one frame buffer from webcam???

Thank you very much,

David,

"Tim Roberts" <timr@probo.com> wrote in message
news:mufr831c357j3i28tudaifuh6i4s713j85@4ax.com...
> "David" <thuong101277@yahoo.com> wrote:
>>
>>I write usb camera filter driver, i see toaster filter example in DDK
>>and make the same. but i have a problem when use mode application access
>>filter driver by IOCL.
>
> If you think the problem is related to sending an IOCTL, then why did you
> show us the IoCreateDevice code?
>
>> ExReleaseFastMutexUnsafe(&ControlMutex);
>
> Did you actually initialize ControlMutex somewhere?
>
>>Following is user mode application to access filter driver by IOCL:
>>
>>HANDLE hdevice = CreateFile(TEXT("\\\\.\\UsbcameraFilter"), GENERIC_READ,
>>0, NULL, OPEN_EXISTING, 0, NULL);
>> if (hdevice == INVALID_HANDLE_VALUE)
>> {
>> printf("Unable to open UsbcameraFilter device - error %d\n",
>> GetLastError());
>> return 1;
>> }
>
> No, that doesn't send an ioctl. That just opens the filter.
>
>>When i run debug user mode application it display error in WinDbg is:
>>Access violation - code c0000005 (!!! second chance !!!)
>>
>>nt!IofCallDriver+0x24:
>>
>>804ec046 8b7108 mov esi,[ecx+0x8]
>>
>>I don't know why, Everyone have experience about write usb camera
>>filter driver pls help me, thanks very alot.
>
> You're going to have to do better than that. We can't read your mind.
> The
> code you posted doesn't even call IofCallDriver. Show us the whole
> !analyze -v output and the code that's crashing.
> --
> Tim Roberts, timr@probo.com
> Providenza & Boekelheide, Inc.

Tim
Sat Jul 07 19:43:37 CDT 2007

"David" <thuong101277@yahoo.com> wrote:
>...
>#ifdef IOCTL_INTERFACE
>
> /*DriverObject->MajorFunction[IRP_MJ_CREATE] =
> DriverObject->MajorFunction[IRP_MJ_CLOSE] =
> DriverObject->MajorFunction[IRP_MJ_CLEANUP] =
> DriverObject->MajorFunction[IRP_MJ_DEVICE_CONTROL] = FilterDispatchIo;
>...
>Error just occure when i run my application(user mode), and just call
>CreateFile(TEXT("\\\\.\\UsbcameraFilter"), GENERIC_READ, 0, NULL,
>OPEN_EXISTING, 0, NULL); then it occure error.

Yes, the problem seems very clear now.

You have created a control device, by defining IOCTL_INTERFACE, but you
have /* commented out */ the code that sets up dispatching for
IRP_MJ_CREATE and friends above. So, because of the loop at the beginning,
your IRP_MJ_CREATE will go to FilterPass instead.

FilterPass will just pass the IRP down to the next lower driver using
IoCallDriver. However, your control device does not HAVE a next lower
driver. It stands completely alone. Thus, you pass a null device object
to IoCallDriver, which explodes.
--
Tim Roberts, timr@probo.com
Providenza & Boekelheide, Inc.

Tim
Sat Jul 07 19:57:16 CDT 2007

"David" <thuong101277@yahoo.com> wrote:
>
>Continue i want get buffer from webcam and display on my application.

Why would you do this in a kernel filter driver, instead of in DirectShow,
where it belongs? It is clear that you do not have driver experience, and
you are just going to hurt yourself by continuing.

> //
> // Please note that this is a common dispatch point for control
> // object and
> // filter deviceobject attached to the pnp stack.
> //
> if(commonData->Type == DEVICE_TYPE_FIDO) {
> //
> // We will just the request down as we are not interested in
> // handling requests that come on the PnP stack.
> //
> return FilterPass(DeviceObject, Irp);
> }

Do you see what this does? This says anything that is coming in for your
filter device object will be passed along without processing. That means
that all of the kernel streaming calls will exit here, including
IOCTL_KS_READ_STREAM requests. They all come in on your filter device.

> case IRP_MJ_DEVICE_CONTROL:
> DebugPrint(("DeviceIoControl\n"));
> switch (irpStack->Parameters.DeviceIoControl.IoControlCode)
>{
> case IOCTL_READ_STREAM_DATA:
> DbgPrint("IOCTL_KS_READ_STREAM case\n");
>
> // Input buffer length
> inSize = irpStack->Parameters.DeviceIoControl.InputBufferLength;
> // Output buffer length
> outSize = irpStack->Parameters.DeviceIoControl.OutputBufferLength;
> // Input buffer pointer
> inBuffer = Irp->AssociatedIrp.SystemBuffer;
>
> DbgPrint("Input Buffer Length : %d\r\n", inSize);
> DbgPrint("Output Buffer Length : %d\r\n", outSize);
>...
>
>I have questions:
>inSize is size of one frame buffer webcam, is it correct?
>outSize is the same?
>inBuffer it is pointer to one frame buffer webcam, is it correct?

So, you haven't read the documentation for IOCTL_KS_READ_STREAM at all?
That doesn't make it very appealing for me to help you.

>2. My application(user mode)
>...
> wchar_t answer[512] = {'\0'};
> char buffer[1024] = {'\0'};

Why wchar_t? The data you eventually get back are going to be pixels, not
Unicode characters.

> if (DeviceIoControl(hdevice, IOCTL_READ_STREAM_DATA, NULL, 0, answer,
>sizeof(answer), &junk, NULL))
> {
> answer[junk] = 0;

"junk" returns the number of bytes, not the number of words.

>...
>3. When i run my application and see debug information on WinDbg is:
>
>Input Buffer Length : 0
>Output Buffer Length : 1024

Right. That's exactly what you sent in your ioctl. NULL for the input
buffer, and a 1024-byte buffer for output. What were you expecting?

>4. How i can get correct size of buffer of one frame buffer from webcam???

You have a lot of work ahead of you. Remember that you don't have any idea
what format the frame buffer data is in. As an upper filter to
usbvideo.sys, you will have to intercept and interpret the kernel streaming
property requests to figure that out.
--
Tim Roberts, timr@probo.com
Providenza & Boekelheide, Inc.

David
Sun Jul 08 22:23:05 CDT 2007

Hi Tim Roberts
Thank you very much,

I am newbie, sorry you if i have any questions incorrect.

David,

"Tim Roberts" <timr@probo.com> wrote in message
news:rgc09397jjgee76n9ado3ovng9e14f70eg@4ax.com...
> "David" <thuong101277@yahoo.com> wrote:
>>...
>>#ifdef IOCTL_INTERFACE
>>
>> /*DriverObject->MajorFunction[IRP_MJ_CREATE] =
>> DriverObject->MajorFunction[IRP_MJ_CLOSE] =
>> DriverObject->MajorFunction[IRP_MJ_CLEANUP] =
>> DriverObject->MajorFunction[IRP_MJ_DEVICE_CONTROL] = FilterDispatchIo;
>>...
>>Error just occure when i run my application(user mode), and just call
>>CreateFile(TEXT("\\\\.\\UsbcameraFilter"), GENERIC_READ, 0, NULL,
>>OPEN_EXISTING, 0, NULL); then it occure error.
>
> Yes, the problem seems very clear now.
>
> You have created a control device, by defining IOCTL_INTERFACE, but you
> have /* commented out */ the code that sets up dispatching for
> IRP_MJ_CREATE and friends above. So, because of the loop at the
> beginning,
> your IRP_MJ_CREATE will go to FilterPass instead.
>
> FilterPass will just pass the IRP down to the next lower driver using
> IoCallDriver. However, your control device does not HAVE a next lower
> driver. It stands completely alone. Thus, you pass a null device object
> to IoCallDriver, which explodes.
> --
> Tim Roberts, timr@probo.com
> Providenza & Boekelheide, Inc.

David
Sun Jul 08 22:48:27 CDT 2007

Hi Tim Roberts.
Thank you very much,

I am newbie, i am learning to write driver, sorry you if i have any
questions incorrect.

I will answer your questions:

1. Why would you do this in a kernel filter driver, instead of in
DirectShow,
where it belongs? It is clear that you do not have driver experience, and
you are just going to hurt yourself by continuing.

Answer: I want write filter driver because i want modify webcam stream, my
filter can modify any webcam stream. my application just talk to filter not
talk indirect webcam so i not need use webcam so another application can use
webcam(ex: Skype, Yahoo, Msn ... etc)

2. Do you see what this does? This says anything that is coming in for your
filter device object will be passed along without processing. That means
that all of the kernel streaming calls will exit here, including
IOCTL_KS_READ_STREAM requests. They all come in on your filter device.

Answare: Yes, now i want ask you i must process in FilterPass to handle alot
of requests include IOCTL_KS_READ_STREAM, correct? and i see with
IOCTL_KS_READ_STREAM do not support in the DDK 2003, what replace?.
In DDK 2003 document have little say about IOCTL_KS_READ_STREAM, where that
i can read more about IOCTL_KS_READ_STREAM, can you share it with me?

3. So, you haven't read the documentation for IOCTL_KS_READ_STREAM at all?
That doesn't make it very appealing for me to help you.

Answer: Yes, I just read about IOCTL_KS_READ_STREAM in DDK 2003 document,
and hard to understand about it, in the doc say little about it, can you
share where i can read more about IOCTL_KS_READ_STREAM ?

4. Why wchar_t? The data you eventually get back are going to be pixels,
not
Unicode characters.

Answer: That code i just try to test to see how following code work in the
kernel mode:
inSize = irpStack->Parameters.DeviceIoControl.InputBufferLength;
// Output buffer length
outSize = irpStack->Parameters.DeviceIoControl.OutputBufferLength;
// Input buffer pointer
inBuffer = Irp->AssociatedIrp.SystemBuffer;

4. You have a lot of work ahead of you. Remember that you don't have any
idea
what format the frame buffer data is in. As an upper filter to
usbvideo.sys, you will have to intercept and interpret the kernel streaming
property requests to figure that out.

Answer: Ya, i think so, now i want understand how to webcam and myfilter can
talk together, filter can get buffer data from webcam and can set buffer
data again to webcam.

David,

"Tim Roberts" <timr@probo.com> wrote in message
news:ssc093hujh8do31udjpm3dnq01gkjv918l@4ax.com...
> "David" <thuong101277@yahoo.com> wrote:
>>
>>Continue i want get buffer from webcam and display on my application.
>
> Why would you do this in a kernel filter driver, instead of in DirectShow,
> where it belongs? It is clear that you do not have driver experience, and
> you are just going to hurt yourself by continuing.
>
>> //
>> // Please note that this is a common dispatch point for control
>> // object and
>> // filter deviceobject attached to the pnp stack.
>> //
>> if(commonData->Type == DEVICE_TYPE_FIDO) {
>> //
>> // We will just the request down as we are not interested in
>> // handling requests that come on the PnP stack.
>> //
>> return FilterPass(DeviceObject, Irp);
>> }
>
> Do you see what this does? This says anything that is coming in for your
> filter device object will be passed along without processing. That means
> that all of the kernel streaming calls will exit here, including
> IOCTL_KS_READ_STREAM requests. They all come in on your filter device.
>
>> case IRP_MJ_DEVICE_CONTROL:
>> DebugPrint(("DeviceIoControl\n"));
>> switch
>> (irpStack->Parameters.DeviceIoControl.IoControlCode)
>>{
>> case IOCTL_READ_STREAM_DATA:
>> DbgPrint("IOCTL_KS_READ_STREAM case\n");
>>
>> // Input buffer length
>> inSize = irpStack->Parameters.DeviceIoControl.InputBufferLength;
>> // Output buffer length
>> outSize = irpStack->Parameters.DeviceIoControl.OutputBufferLength;
>> // Input buffer pointer
>> inBuffer = Irp->AssociatedIrp.SystemBuffer;
>>
>> DbgPrint("Input Buffer Length : %d\r\n", inSize);
>> DbgPrint("Output Buffer Length : %d\r\n", outSize);
>>...
>>
>>I have questions:
>>inSize is size of one frame buffer webcam, is it correct?
>>outSize is the same?
>>inBuffer it is pointer to one frame buffer webcam, is it correct?
>
> So, you haven't read the documentation for IOCTL_KS_READ_STREAM at all?
> That doesn't make it very appealing for me to help you.
>
>>2. My application(user mode)
>>...
>> wchar_t answer[512] = {'\0'};
>> char buffer[1024] = {'\0'};
>
> Why wchar_t? The data you eventually get back are going to be pixels, not
> Unicode characters.
>
>> if (DeviceIoControl(hdevice, IOCTL_READ_STREAM_DATA, NULL, 0, answer,
>>s

usb camera filter driver

Re: usb camera filter driver by Tim

Re: usb camera filter driver by David

Re: usb camera filter driver by David

Re: usb camera filter driver by Tim

Re: usb camera filter driver by Tim

Re: usb camera filter driver by David

Re: usb camera filter driver by David