I dont hate it. I just prefer other languages. C++ code never looked clean. Sometimes you have to do 10 times the typing to get the same result. Yes its low level process heap data fetching stuff is cool and all but for general purposes other languages do have a better aesthetic look to them. I find myself looking into c++ when I want to achieve the epitomy of performances or for low level programming like in kernel mode for this instance
it's not necessarily people hate c++, in terms of cost benefits when making a web app for corporate use/requirements it would cost a LOT of money and manpower to manually take care of heap memory/garbage collection than using a language that automagically takes care of garbage (java) - but other then that , C++ for firmware / hardware interfacing is still preferred
lol i do failed looking for v2 of kernel pool monitor, then i realized that, the dude on presentation is the developer of it.. omg... gj Pavel Yosifovich, i'm w8 for v2 download link !!! XDD
@@quasa0 again if you do something not supposed to be done to the hardware, then your pc could crash or you could get the blue screen of death "BSOD" which could potentially harm the hardware. that's why.
@@wp-wisdom I'm just wondering if there is a specific scenario how getting like a devision by zero exception in the driver you're coding would corrupt any system things
I dont get why the delete and new operators would not be available. Dont they translate to a call to the kernel? In kernel mode you could override them to call the proper function to free the memory. I also dont get why calling the destructors of global variables is impossible. Wouldnt the destructors be called at the end of main? The compiler should be able to do that for you am I right?
"delete" and "new" (by default of course) do allocate/free a portion of an arena in the userspace, not in the kernel space. Hence, the OS provided functions should be used, those operators could very well be overloaded as well. I don't really know the answer to your second question but it could be related with RAII.
when main() ends in an ordinary program, the execution continues in "CRT main" which calls registrered destructors for global and static objects. As for the drivers, I guess, there is no underlying CRT part, so you'll have to track global/static objects by yourself to call their destuctors.
please indicate how to access my kernel mode driver .sys functions from native c++ code or c# code... i know how to create and install kernel driver .sys but don´t know how to access the kernel driver .sys from applications.. i mean, obviously the drivers .sys are intended to comunicate to hardware devices from the implemented functions it has, so the question is " how to access those implemented functions from c# or c++ code??? that´s the question of million... because if i want to turn on a led in my device connected to USB from c# or c++ code i have to give the order to the driver. right?...
people says "its not possible to run a programm in kernel mode". but ,we know data bases system dont use filessytem but acces direct disk block sector, so why database get installed?
When they say databases don't use file system, they mean that they pass the flags like direct_io, no buffering to files stem which by pass file system cache ; so, your writes go directly to disk;
0) you can totally have C++ globals in drivers 1) AutoLock is unnecessary, there is std::lock_guard. 2) operator bool const() { - is nonsense 3) if (_owner && _handle) should call Traits::IsValid(_handle) 4) _handle = nullptr should call Traits::InvalidHandle() (in fact, GenericHandle shouldn't be using nullptr at all) 5) GenericHandle move ops should be noexcept 6) branching in move-assignment is unnecessary 7) GenericHandle constructor should be explicit 8) return value of NtClose is not checked 9) const wchar_t operator[](... - lol 10) GetUnicodeString should just return UNICODE_STRING by value 11) IComponent needs virtual destructor 12) QueryInterface(IComponent::IID... is broken 13) ComponentBase::QueryInterface does not work if interfaces inherit each other.
0) You can't have them out of the box. You need to call constructors and destructors for global C++ objects, e. g. in DriverEntry and DriverUnload. 8) There is no need for this. If it failed you had an invalid handle. Internally the system ignores the returned value for IRP_MJ_CLEANUP. So there is no way to stop / prevent handle closure.
@@test143000 0) yep, whatever MS CRT does in this case, it is not rocket surgery (it is just a simple loop) and all the sources are available; 8) I'm a simple man - dropping errors on the floor like this will not pass my code review. Either process the error (call BSOD when needed) or write big giant comment explaining why the result is ignored (and I guarantee you this comment will be at least 3 pages long at the end of the review process, and will contain the explanation of why exactly "you had an invalid handle", what are consequences of ignoring the result, architectural implications, current political situation in the country, and all the reasoning for the answer to the ultimate question of life, the universe and everything). Ignoring the return value is not an easy task.
@@CTPATEX 0) You can port a garbage collector to KM. That doesn't mean that it exists in the kernel. So, no C++ globals in KM by default. Also, there is no C++ exceptions handling available in KM to process global constructors errors. So you are missing a point. 8) Calling KeBugCheck on NtClose error or requiring for lengthy comments on missing errors checks can only raise eyebrows among kernel developers. You are really a simple man and you are better to stay away from KM code review.
@@test143000 0) I can port a garbage collector to KM, you can't have globals. Is this what you are saying? What do you mean "exists in the kernel"? Please provide a link to this (or give your own definition if you just invented this for the sake of argument). Your comment about C++ exceptions has nothing to do with anything, please try again. 8) Their eyebrows is your best argument. 👍 If someone's eyebrows are your reliable guide and source of your wisdom, then I can't help. Are you Pavel?
@@CTPATEX It is okay for an amateur to be ignorant about some KM concepts, e.g. there is no support for C++ globals (you need to add it) and NtClose returned status doesn't make a lot of sense and is not checked for the most cases (the NT kernel doesn't check it for example, the reason - IRP_MJ_CLEANUP status is ignored by the system). Relax. BTW I am not Pavel, he doesn't speak Russian.
