Recently I had an old generic text printer that would work fine on 98 and not XP. After doing lots of internal checking I found that the printer is at fault and its returning offline/busy/no errors instead of online/busy/no errors. I will resolder the board later. But there does seem to be a mysterious flag thats tested that also fixes the problem. Inside parport.sys, there is reference to:
mov eax, 1;
cmp eax, DS:0FFDF02C0;
Now this is in the _SppWrite routine I found that out through symbols but help! What is this value it is always compared with 1. Why is it an absolute address that is not in the VA space of the sys itself. How can I figure out what it is. I made Softice System debugger and had it bpmd for writes to that address in the init string. Well no dice still. And theres a good chance it may be hardware setting. But its at an absolute address. I dont understand how a sys file can reference something like that. Its also referenced in HAL.DLL and NTOSKRNL.EXE. You guys are the experts so I was wondering if you could guide me in the right direction here or perhaps you know what this value means. Any help would be much appreciated even though it might not be the right fix...it has sure sparked my curiousity.

Snatch

Hi Snatch,

I think You found a reference to either a static variable within the kernel mode driver of that printer, or to a hardware register, which is mapped by the driver into the virtual address room of NT/2k/XP.

For reference I'd advise You to read the book 'NT device driver development' by Viscarola and Mason. It explains quite in detail how the mapping of the different address ranges is implemented in NT.

The functions related to the mapping of IO buffers is described in chapter 1.4.4 Address Mappings and MDLs into the Win2k DDK, the same should apply to XP. W.r.t. the hardware resources one might start from the description of the PnP manager.

Concerning the fact, that there is an absolute reference to the register/memory address (whichever it is :-) I am not very surprised. Isn't there something very similar to relocation off DLLs when device drivers are started. I.d. I would expect the OS to replace all the relative addresses to the correct absolute ones when the driver is loaded.

I am shure, that this board isn't the optimum place to ask this question. There are usenet news groups, which are specialised in NT/2k/XP driver development, and I guess there You would receive more concise explanation.

Best regards,
- Vox.

Well I figured it out. Thanks to ordering the Windows DDK from Microsoft. The file ntddk.h contains:

#define KI_USER_SHARED_DATA 0xffdf0000
#define SharedUserData ((KUSER_SHARED_DATA * const) KI_USER_SHARED_DATA)


It actually is an absolute memory address suprisingly. KUSER_SHARED_DATA is a structure in memory at that address. Thus problem solved thanks much tough.

Snatch

It specifically points to this enum in the structure:

//
// Alternative system architecture. Example: NEC PC98xx on x86
//

ALTERNATIVE_ARCHITECTURE_TYPE AlternativeArchitecture;

typedef enum _ALTERNATIVE_ARCHITECTURE_TYPE {
StandardDesign, // None == 0 == standard design
NEC98x86, // NEC PC98xx series on X86
EndAlternatives // past end of known alternatives
} ALTERNATIVE_ARCHITECTURE_TYPE;


So somehow making the processor think it was an NEC PC98xx series made my printer work. Anyway I have taken the printer apart desoldered the chip and rejumpered it the problem was the printer was designed wrong and returned busy instead of busy and online like most printers (0x8 instead of 0x18). This caused the printer to try to recapture the port hence 1 character per second printer. Thanks for the help. Good old Win DDK can solve miracles sometimes.

Snatch