I think there should be used self defined Allocate routine instead of
ExAllocatePoolWithTag.
This routine is extremely simple and would look like this:
#include <ntifs.h>
PVOID
SafeAllocatePoolWithTag (
IN POOL_TYPE PoolType,
IN ULONG Length,
IN ULONG Tag
)
{
PVOID Result;
Result = ExAllocatePoolWithTag(PoolType, Length, Tag);
if (Result == NULL && (PoolType & 1) == NonPagedPool)
{
Result = ExAllocatePoolWithTag(PoolType |
MUST_SUCCEED_POOL_TYPE_MASK, Length, Tag);
}
return Result;
}
In this case Flags (in call to ExInitializeNPagedLookasideList) should
be zero or POOL_RAISE_IF_ALLOCATION_FAILURE.
This routine does a good job and I think non paged pool must succeed
is not unneccessary wasted.
Paul
> -----P?vodn? zpr?va-----
> Od: Taed Nelson [SMTP:xxxxx@vertical.com]
> Odesl?no: 10. kv?tna 2000 0:16
> Komu: NT Developers Interest List
> P?edm?t: [ntdev] RE: Example with ExInitializeNPagedLookasideList
> with Non PagedPoolMus tSucceed will blue screen.
>
> While I agree that it isn’t a “hidden danger waiting to happen” in this
> particular SCSI case, I do think that anyone else’s code that copied the
> same flag is scary. For example, for us, the bad code has been in the
> field
> for 2 years – it wasn’t until a particularly heavy load showed up that
> the
> entire “must succeed” pool got used up and the system blue screened.
> Worse
> yet, the external load didn’t go away, and so the system kept rebooting
> for
> the customer every 15 minutes after it came up.
>
> The thing that bugs me is that that example source code (the only example
> of
> that function) did not follow the rules that are given in the DDK
> documenation:
> – the flag that they passed was invalid; they should have used
> POOL_RAISE_IF_ALLOCATION_FAILURE, which I’m assuming is the same value
> [oddly, I could not find it in any header files]
> – there was not comment in the code saying that they were doing
> something weird
> – the “usage guidelines” for the must succeed pool specifically say
> that it is to be used ONLY for emergency situations after the normal pool
> allocation has failed, and that it is for temporary use only and must be
> freed as soon as possible.
>
>
>
> > -----Original Message-----
> > From: Paul Bunn [mailto:xxxxx@ultrabac.com]
> > Sent: Tuesday, 09 May, 2000 2:25 PM
> > To: NT Developers Interest List
> > Subject: [ntdev] RE: Example with ExInitializeNPagedLookasideList with
> > Non PagedPoolMus tSucceed will blue screen.
> >
> >
> > I don’t think it’s a bug in the CLASS driver (just sloppy
> > programming –
> > programmers too lazy to do implement specific KeBugCheckEx
> > calls) – since
> > every disk and tape driver is using this code, it is
> > obviously robust. The
> > class drivers dependent on
> > ScsiClassInitializeSrbLookasideList do not ask
> > for more than 4 elements, so the resource usage is extremely light.
> >
> > Regards,
> >
> > Paul Bunn, UltraBac.com, 425-644-6000
> > Microsoft MVP - WindowsNT/2000
> > http://www.ultrabac.com
> >
> >
> > -----Original Message-----
> > From: Taed Nelson [mailto:xxxxx@vertical.com]
> > Sent: Tuesday, May 09, 2000 11:08 AM
> > To: NT Developers Interest List
> > Subject: [ntdev] Example with ExInitializeNPagedLookasideList with
> > NonPagedPoolMus tSucceed will blue screen.
> >
> >
> > [I have already submitted this bug to the DDK bug reports, <br>> > but thought I’d<br>> > share it with all of you, since it’s potentially very bad. I suggest<br>> > everyone search their code base for the same bug!]
> >
> > The only code example of ExInitializeNPagedLookasideList in
> > either the NT
> > 4.0 DDK or MSDN is in CLASS.C, which is a SCSI driver. However, this
> > example specifies the flag NonPagedPoolMustSucceed.
> >
> > There are two problems with this.
> >
> > First, that flag is not valid. The documentation for
> > ExInitializeNPagedLookasideList clearly states that the flags
> > should nearly
> > always be 0, except for the rare POOL_RAISE_IF_ALLOCATION_FAILURE.
> >
> > Second, if the flag NonPagedPoolMustSucceed is specified, all
> > allocations
> > for that lookaside list (not just the initialization) will be
> > from the “must
> > succeed” pool.
> >
> > The “must succeed” pool is a very scarce resource, which is
> > only about 16 KB
> > large. If the lookaside list happens to exhaust that memory,
> > it will cause
> > a blue screen, namely event 0x00000041, MUST_SUCCEED_POOL_EMPTY.
> >
> > A programmer here had copied the code from the DDK for our
> > project, and we
> > would get that blue screen under high load. It took us a few
> > days to track
> > it down to using the “must succeed” pool instead of the normal pool.
> >
> > I feel that is a serious bug in the CLASS.C code, which will
> > cause bugs in
> > other people’s code since it is the only example of the
> > ExInitializeNPagedLookasideList function.
> >
> > —
> > You are currently subscribed to ntdev as: xxxxx@vertical.com
> > To unsubscribe send a blank email to $subst(‘Email.Unsub’)
> >
>
> —
> You are currently subscribed to ntdev as: xxxxx@sodatsw.cz
> To unsubscribe send a blank email to $subst(‘Email.Unsub’)</ntifs.h>