Am 05.05.2015 um 22:35 schrieb Ged Murphy:
I don't get is that if I were to write code which uses this API, I would write my callbacks without NTAPI as per the headers. I'm guessing most other devs would too. So how are people building with cdecl and being called by Windows with stdcall without stack issues?
As I said: the compiler (you are supposed to use Visual Studio with a driver project and nothing else, and that will have the option "Calling Convention" set to "__stdcall (/Gz)") will use stdcall by default. So unless you see __cdecl, the function or function pointer is stdcall. Have a look at WDK sample sources. Almost completely lacking NTAPI. If you mess with VS settings or use a different compiler ... well, you are screwed.
Timo