Is it possible to send SRB requests using KMDF APIs? I'm always getting BSOD for invalid pointer access in storage driver below.
Here are more details...
I have a disk class lower filter driver implemented using KMDF framework. In this driver, at some point I want to read some block on the disk. Since its lower filter, I need to use SRB requests. I follow below steps to do this
1. Create new wdfmemory for SRB requests and initialize all parameters in it including CDB10 etc. Init memory descriptor for this.
2. create new WdfRequest for the target
3. Get IRP pointer for wdfrequest. Set it in srb->OriginalRequest.
4. Allocate buffer to read data. Get new MDL for the buffer, specify IRP from #3
5. Send request down using WdfIoTargetSendInternalIoctlOthersSynchronously() with passing memory descriptor in #1 as OtherArg1 and others as NULL.
What I observed is that the KMDF in WdfIoTargetSendInternalIoctlOthersSynchronously() at some point it calls FxRequestContext::ReleaseAndRestore() in which it frees up IRP and MDLs allocated for this request. This is before sending request down/completion. Due to this driver below when try to access IRP or MDL it crashes.
Not sure why it frees up that requests context.
Also, if create IRP and send it WDM way using IoCallDriver(), it can read the data successfully.
It looks like you're new here. If you want to get involved, click one of these buttons!
|Upcoming OSR Seminars|
|Developing Minifilters||29 July 2019||OSR Seminar Space|
|Writing WDF Drivers||23 Sept 2019||OSR Seminar Space|
|Kernel Debugging||21 Oct 2019||OSR Seminar Space|
|Internals & Software Drivers||18 Nov 2019||Dulles, VA|