Windows System Software -- Consulting, Training, Development -- Unique Expertise, Guaranteed Results

Before Posting...
Please check out the Community Guidelines in the Announcements and Administration Category.

User request IRP cancellation

Alex_GrigAlex_Grig Member Posts: 3,238
Is it fair to say that usermode-originated IRPs will not get a cancel request (cancel routine called) while they are in the dispatch routine in the calling thread context, and their cancel routine will always run in the originating thread context?

Comments

  • Doron_HolanDoron_Holan Member - All Emails Posts: 10,435
    Neither assumption is correct. 2 counter reasons
    1) A filter can capture the irp, cancel it in another thread.
    2) The app dies and the io manager cancels io in all threads in another context

    -----Original Message-----
    From: xxxxx@lists.osr.com [mailto:xxxxx@lists.osr.com] On Behalf Of xxxxx@broadcom.com
    Sent: Thursday, June 9, 2016 12:59 PM
    To: Windows System Software Devs Interest List <xxxxx@lists.osr.com>
    Subject: [ntdev] User request IRP cancellation

    Is it fair to say that usermode-originated IRPs will not get a cancel request (cancel routine called) while they are in the dispatch routine in the calling thread context, and their cancel routine will always run in the originating thread context?

    ---
    NTDEV is sponsored by OSR

    Visit the list online at: <http://www.osronline.com/showlists.cfm?list=ntdev>;

    MONTHLY seminars on crash dump analysis, WDF, Windows internals and software drivers!
    Details at <http://www.osr.com/seminars>;

    To unsubscribe, visit the List Server section of OSR Online at <http://www.osronline.com/page.cfm?name=ListServer>;
    d
  • Alex_GrigAlex_Grig Member Posts: 3,238
    1. For a top level driver, does it still hold?
    2. I believe the pending IRP list cancellation runs in the thread's rundown path, which runs in the original thread context. The requests can still complete with non-zero return length, which will require an APC going back to the original thread.

    My understanding is that you can only manage the thread's IRP list reliably (without a cancel spinlock overhead) if you only add and remove IRPs to it in the thread context.

    Then, there are IRPs that complete to an ICP (Io Completion Port, not Insane Clown Posse ;). Do they use an APC at all?
  • Alex_GrigAlex_Grig Member Posts: 3,238
    >1) A filter can capture the irp, cancel it in another thread.

    Only the IRP creator can call IoCancelIrp.

    Also, the "Canceling IRPs" WDK documentation page states that "If an IRP is not completed within 5 minutes, the I/O manager considers the IRP timed out. ". I suppose it's the cancel timeout only.
  • Doron_HolanDoron_Holan Member - All Emails Posts: 10,435
    In general yes, but what the docs are really saying is that if you can guarantee the lifetime of the PIRP when calling IoCancelIrp such that it doesn't race by you in the completion path so you don't touch freed memory, you can call IoCancelIrp in an intermediate driver and that is not the creator of the PIRP. KMDF allows you to do this.

    d

    -----Original Message-----
    From: xxxxx@lists.osr.com [mailto:xxxxx@lists.osr.com] On Behalf Of xxxxx@broadcom.com
    Sent: Thursday, June 9, 2016 1:18 PM
    To: Windows System Software Devs Interest List <xxxxx@lists.osr.com>
    Subject: RE:[ntdev] User request IRP cancellation

    >1) A filter can capture the irp, cancel it in another thread.

    Only the IRP creator can call IoCancelIrp.

    Also, the "Canceling IRPs" WDK documentation page states that "If an IRP is not completed within 5 minutes, the I/O manager considers the IRP timed out. ". I suppose it's the cancel timeout only.


    ---
    NTDEV is sponsored by OSR

    Visit the list online at: <http://www.osronline.com/showlists.cfm?list=ntdev>;

    MONTHLY seminars on crash dump analysis, WDF, Windows internals and software drivers!
    Details at <http://www.osr.com/seminars>;

    To unsubscribe, visit the List Server section of OSR Online at <http://www.osronline.com/page.cfm?name=ListServer>;
    d
  • Doron_HolanDoron_Holan Member - All Emails Posts: 10,435
    1 How can you guarantee you are the top level driver?
    2 you are depending on current implementation, not the documented contract

    What bigger problem are you trying to solve?

    -----Original Message-----
    From: xxxxx@lists.osr.com [mailto:xxxxx@lists.osr.com] On Behalf Of xxxxx@broadcom.com
    Sent: Thursday, June 9, 2016 1:13 PM
    To: Windows System Software Devs Interest List <xxxxx@lists.osr.com>
    Subject: RE:[ntdev] User request IRP cancellation

    1. For a top level driver, does it still hold?
    2. I believe the pending IRP list cancellation runs in the thread's rundown path, which runs in the original thread context. The requests can still complete with non-zero return length, which will require an APC going back to the original thread.

    My understanding is that you can only manage the thread's IRP list reliably (without a cancel spinlock overhead) if you only add and remove IRPs to it in the thread context.

    Then, there are IRPs that complete to an ICP (Io Completion Port, not Insane Clown Posse ;). Do they use an APC at all?

    ---
    NTDEV is sponsored by OSR

    Visit the list online at: <http://www.osronline.com/showlists.cfm?list=ntdev>;

    MONTHLY seminars on crash dump analysis, WDF, Windows internals and software drivers!
    Details at <http://www.osr.com/seminars>;

    To unsubscribe, visit the List Server section of OSR Online at <http://www.osronline.com/page.cfm?name=ListServer>;
    d
  • Alex_GrigAlex_Grig Member Posts: 3,238
    From the WDK docs:

    >An intermediate driver should not arbitrarily call IoCancelIrp unless that driver created the IRP passed in the call. Otherwise, the intermediate driver might cancel an IRP that some higher-level driver is tracking for purposes of its own.

    >1 How can you guarantee you are the top level driver?

    This is a control device object. It might have a DriverVerifier filter on top, but otherwise there is no reason to expect a weird ill-behaving upper filter.
    In general, usermode IRPs have to arrive to the drivers who know how to handle them in the calling thread context and on PASSIVE_LEVEL, otherwise it's impossible to support NEITHER I/O.

    I'm trying to streamline my dispatch routines a bit. It's a control device off NDIS miniport (created by NdisRegisterDeviceEx).
Sign In or Register to comment.

Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Upcoming OSR Seminars
Developing Minifilters 29 July 2019 OSR Seminar Space
Writing WDF Drivers 23 Sept 2019 OSR Seminar Space
Kernel Debugging 21 Oct 2019 OSR Seminar Space
Internals & Software Drivers 18 Nov 2019 Dulles, VA