No, there is a difference between a “paging IO request” and a “paging file
request”. See this: http://www.osronline.com/article.cfm?article=17#Q25
Thanks,
Alex.
On Thu, May 29, 2014 at 11:38 AM, wrote:
> When they say a “paging IO request” I assume that we’re talking about the
> OS reading or writing to pagefile.sys ?
>
> First, I match the file name - so I know that the read is particularly for
> myfile.txt, and these reads all occur immediately after I open the file in
> notepad. Each and every one of them fails with that error.
>
> —
> NTFSD is sponsored by OSR
>
> OSR is hiring!! Info at http://www.osr.com/careers
>
> For our schedule of debugging and file system seminars visit:
> http://www.osr.com/seminars
>
> To unsubscribe, visit the List Server section of OSR Online at
> http://www.osronline.com/page.cfm?name=ListServer
>
Ok, Thanks for that pointer. From what I am thinking, that means that loading an executable could be a paging IO request? So, what I’m doing is double clicking on a txt file which invokes notepad. In my filter, I’m looking for IRP_MJ_READs that have file information where the name of the file matches my .txt file - so I’m not looking at reads for the .exe, just the .txt. When I match up the read and the .txt file, that’s when I try to pend the read - I want to put them on hold briefly while I do some writes to the file. These are what is failing when I try to put it off as a work item. Am I going about this the wrong way? Can you think of a way to put the reads on hold while I do some writes? Why would the reads from that txt file be paging IO?
No, waiting for a reply from FltSendMessage shouldn’t prevent IO in general
(or anything else). It’s not the call to FltSendMessage() that’s the
problem, it is the context in which you’re waiting. If all the IO goes
through a single thread and you block it somehow (using FltSendMessage() or
KeWaitXxx() or whatever) then other IO won’t get through… So take a look
at the thread you’re in when you do this (!thread in the debugger).
Thanks,
Alex.
On Thu, May 29, 2014 at 2:53 PM, wrote:
> Hi Tony - I posted at the same time you did… But your great reply leads
> me to another question:
>
> When I tried to block the thread upon receipt of the IRP_MJ_READ for my
> .txt file (waiting for a reply from FltSendMessage), the application was
> unable to do any WriteFiles. After observing that, I made the assumption
> that ‘pausing’ the IRP_MJ_READ was effectively halting the IO, and that
> write requests wouldn’t go through (or any other IO requests) while the
> filter was blocked in the pre-callback. Is this assumption correct? Or
> could I have been doing something else wrong?
>
> Or could it be that blocking in this way, (waiting for a reply for
> FltSendMessage) is the thing that is preventing other IO from being
> performed?
>
> —
> NTFSD is sponsored by OSR
>
> OSR is hiring!! Info at http://www.osr.com/careers
>
> For our schedule of debugging and file system seminars visit:
> http://www.osr.com/seminars
>
> To unsubscribe, visit the List Server section of OSR Online at
> http://www.osronline.com/page.cfm?name=ListServer
>
Ok. I did try to spawn a separate thread in the application with the sole job of writing to the file, but that didn’t seem to change anything. Perhaps I did something wrong - I’ll check it again tomorrow. Thanks for all the pointers! Much appreciated.
I don’t think this is a thread issue. I think this is a locking issue in the memory manager. Have you looked at what your blocked write thread is doing? I’d bet anything that it is sitting in the memory manager waiting for that read page fault to be satisfied… (something like MiInPageComplete()…)
Tony
OSR
I’ll admit that the brutal part of this project is that my workstation is Linux. I had short time to throw together a technology demo to see if we could use my idea to implement our plan. Thus I’m using a couple of Windows VMs as my dev machine and my target. On day 1, I tried to get WinDBG working between two VMs (I’ve done it plenty of times using a single VM and windows as the host, with WinDBG running on the host), but I wasn’t able to do it easily and felt the pressure to not spend too much time on it. Thus I’m building this minifilter with DebugView as my only debugging tool. I know, I know… Well at least minifilters can be demand started.