Windows kernel Puns

To the best of my knowledge, on Linux based hosts you can either run a full VM (processor virtualised, VM has its own kernel), or you can run a container which is a lot more lightweight as you can use the running kernel of the host. Whilst on Windows, your only option is to run a full VM. So first question, is this correct?

Second question, if the assumption is correct, why can't you run Windows containers on Windows in a similar fashion? I'm assuming there's an architectural or technological reason, rather than just lack of desire.

Is a kernel module the same as a driver?

From what I've read so far I'm left believing this is the case, but i just wanted to check. The generic title of module rather than being given a title based upon function suggests there are loadable modules that aren't just drivers.

Hi gang !

So my wife has a Ryzen 3200 and it started having bluescreens of death after an AMD drivers update (or so she says).

Computer will blueescreen out of nowhere even at idle.

This usually looks something like that :

System
-	Provider
[ Name]	Microsoft-Windows-Kernel-Power
[ Guid]	{331c3b3a-2005-44c2-ac5e-77220c37d6b4}
EventID	41
Version	8
Level	1
Task	63
Opcode	0
Keywords	0x8000400000000002
-	TimeCreated
[ SystemTime]	2021-12-23T11:01:58.0739415Z
EventRecordID	553
Correlation
-	Execution
[ ProcessID]	4
[ ThreadID]	8
Channel	System
Computer	ARCHIMEDE
-	Security
[ UserID]	S-1-5-18
-	EventData
BugcheckCode	26
BugcheckParameter1	0x61941
BugcheckParameter2	0x20918a0b3f8
BugcheckParameter3	0xd
BugcheckParameter4	0xfffff30ff5687b00
SleepInProgress	0
PowerButtonTimestamp	0
BootAppStatus	0
Checkpoint	0
ConnectedStandbyInProgress	false
SystemSleepTransitionsToOn	0
CsEntryScenarioInstanceId	0
BugcheckInfoFromEFI	false
CheckpointStatus	0
CsEntryScenarioInstanceIdV2	0
LongPowerButtonPressDetected	false

She is running windows 10 64 latest patch :

Windows version: Windows 10, 10.0, version 2009, build: 19044
Windows dir: C:\WINDOWS
Hardware: B450M DS3H, Gigabyte Technology Co., Ltd., B450M DS3H-CF
CPU: AuthenticAMD AMD Ryzen 3 3200G with Radeon Vega Graphics 8664, level: 23
4 logical processors, active mask: 15
RAM: 17126023168 bytes (15,9GB)

Tried figuring it out using "whocrashed", I get stuff like this (usually the first one)

This was probably caused by the following module: ntoskrnl.exe (nt+0x3F70D0)

This was probably caused by the following module: ntkrnlmp.exe (nt!memset+0x39FD4)

Not sure how to proceed, any ideas ? thx for the help, and happy holidays :)

I don’t know if this is witchcraft but yesterday I found outside one dried apricot kernel, 2 small empty paper snippets and an one copper cent at the window of the bathroom which is faced at the staircase of the house so everyone of the tenant here can access. The window is sealed and can’t be opened but I found it strange. We had last year here some refurbishment going on so maybe it’s just from the workers? I threw the apricot kernel and paper pieces away. Only kept the coin and cleaned it. I put some sea salt, cloves and aluminium foil at the window after cleaning all. Anyone has some advice?

Built a pc about a year ago. Now it randomly crashes while using it.

Specs Msi B550 carbon Ryzen 5950x 2-Corsair vengeance pro 3200mhz 32gb Radeon RX6700xt

Played around with single ram stick in different locations. Made sure ports were clean. DRam ez debug light stays white.

Pc comes on fine but during use it will randomly blue screen but the blue screen has weird glitching at the bottom of the screen. Stop code is kernel security check issue.

Is this a windows issue or actually a Ram issue.

After upgrading to 5.15.x I've noticed my VM constantly using 800% CPU, with System CPU Usage going to 100% every few seconds and staying like that for a while.

Is anyone else experiencing this behavior? My config runs on a ThreadRipper, I am not sure if people running other AMD configurations or Intel would be affected.

After several hours of git bisect I have found a found the commit 0f250a646382e017725001a552624be0c86527bf to cause this for me.

If anyone else experiences this behavior, try this Commit Undo

Also, please share if you've experienced this behavior!

I would like to know why windows did not use the Unix kernel for the kernel and developed its own kernel. Why did Windows not use the pioneering Unix kernel as it was, and continued to use its own kernel after the introduction of the Linux kernel?

Many crashes from Fallout 4 are expected, what is not expected is crashing the whole system. In version Win10 you could Task Manager out and end the game when this happened. Now it goes to black and no attempt to start TM brings it up. Other methods tried were New Desktop, WinKey+TAB, CTRL+ALT+DEL, only a restart gets out of this one. Nice job Microsoft, you let a common game bring your OS down. We were told this new version acted like Unix and no one gets to the kernel. Well think again you were occupied by Bethesda.

A few weeks ago I announced the WireGuardNT project, a high performance implementation of WireGuard for the Windows kernel. I would like to turn it on by default within the next month, but in order to do so it really needs to see a lot of testing in diverse environments. And for that we need testers.

In today's release, I've added a checkbox to enable the experimental kernel driver:

https://preview.redd.it/0j3ev27ee5h71.png?width=1360&format=png&auto=webp&s=fef4b05304dcd5311bfd52e78570e8af6391670d

Because the client doesn't ship with the sort of invasive telemetry Windows users are used to having, we don't have a really firm way of knowing "X users have used the kernel driver for Y hours, and only Z problems have occurred." Instead, all we can do is rely on you to tell us, "I tried it for a few days and it worked" or "I tried it for a few days and here's what didn't work."

So, if you're up for some beta testing adventure, please do give this a shot, and leave a note in the comments about your experience. If we continue to have very few bug reports, then it'll be possible to turn this on by default.

Update (2021-09-09): The experimental kernel driver is now enabled for users enrolled in the Windows Insider Program.

Hey guys,

so lately my PC crashes with the code KERNEL_MODE_HEAP_CORRUPTION. It mostly crashes when I try do start a game or a powerful app. I already tried reinstalling every driver but that didn't work. I also did DISM and SFC but also didn't help. I also checked my mdsched.exe and it didn't show any problems. Where could the problem be? I have a razer headset that randomly disconnects bc of a loose cable. But I had it for years and it didn't cause any problems.

Thanks for any help!

Hi all,

Not sure if that's the right place to post this... This is something about a difference between Windows and Linux I've been wondering for a long time and could never find an answer to.

On any Linux distribution, when the kernel is updated, all of the in-tree drivers are recompiled and shipped with it. This also means that if you have any out-of-tree drivers on your system, you need to recompile them as well, hence the birth of DKMS. I totally understand that, since drivers are kernel modules and use the kernel API : it makes sense that they would need to be recompiled along with the whole kernel.

But on all my Windows systems, there's a lot of cases when I needed to use third-party drivers, including but not limited to, graphics cards. I've also had to install other drivers as well for all kinds of different hardware. But in all these years of using Windows (98, XP, 7, 10), with all the updates I've done, there are bound to have been kernel updates. But I never recall needing to go to any manufacturer's website to find an updated version of their drivers due to a Windows update. But Windows drivers also use the kernel API, namely WDM and WDF. So why is recompilation not necessary for them when the kernel is updated ?

Thanks !

EDIT / Thanks to people in the comments, the answer is : because Windows maintains a stable ABI while Linux does not. And there are reasons.