Windows System Software -- Consulting, Training, Development -- Unique Expertise, Guaranteed Results
Before Posting...
Please check out the Community Guidelines in the Announcements and Administration Category.More Info on Driver Writing and Debugging
The free OSR Learning Library has more than 50 articles on a wide variety of topics about writing and debugging device drivers and Minifilters. From introductory level to advanced. All the articles have been recently reviewed and updated, and are written using the clear and definitive style you've come to expect from OSR over the years.
Check out The OSR Learning Library at: https://www.osr.com/osr-learning-library/
Using Driver Allocated IRP pool, in this case IRP completion routine can return STATUS_SUCCESS
Hi All,
I am creating IRP pool using LookAsideList and using it in my driver since IRP is being used frequently in my source.
I have a question regarding the return status from the IRP completion.
When driver maintained IRP pool was used, is it valid for the completion routine to return STATUS_SUCCESS to the IO manager?
After reading this article from OSR http://www.osronline.com/article.cfm^id=83.htm it seems returning STATUS_SUCCESS is not a valid return code when driver created irp pool used.
Snippet from the OSR article
"One common instance where a completion routine is used is when a driver creates and manages its own IRP pool. In this case, the I/O completion routine traps the IRP, returns it to the driver’s private IRP pool, and then returns STATUS_MORE_PROCESSING _REQUIRED to the I/O Manager. This causes the I/O Manager to immediately cease processing the IRP completion and leaves the IRP with the driver."
Thanks,
Howdy, Stranger!
| Upcoming OSR Seminars | ||
|---|---|---|
| OSR has suspended in-person seminars due to the Covid-19 outbreak. But, don't miss your training! Attend via the internet instead! | ||
| Internals & Software Drivers | 19-23 June 2023 | Live, Online |
| Writing WDF Drivers | 10-14 July 2023 | Live, Online |
| Kernel Debugging | 16-20 October 2023 | Live, Online |
| Developing Minifilters | 13-17 November 2023 | Live, Online |
Comments
First and foremost, kernel allocated IRPs already come from a lookaside, you are not creating a greater optimization by allocating from your own private lookaside list. You are far better off not creating this complexity and letting the underlying OS handle it.
To your question, since you allocated the irp (which i assume means you are not calling IoAllocateIrp, but rather taking a chunk of memory and calling IoInitializeIrp on it), you can't let the irp complete back to the io manager when you are the last completion routine in the irp stack. you need to return STATUS_MORE_PROCESSING_REQUIRED to tell the IO manager that your completion routine will own the irp after it returns and properly handle its lifetime.
Remember, if you complete an IRP with STATUS_SUCCESS, the I/O manager is going to pass it to the next driver up the stack for handling. If you created the IRP, there ARE no more drivers. The IRP stack will overflow, and tears will ensue.
Tim Roberts, [email protected]probo.com
Providenza & Boekelheide, Inc.
Usually I mock people who cite advice from 25 year old articles. But in this case, that’s one of the best articles we’ve ever published (and, no, I did not write it).
It could definitely use an update, though. And, good heavens… I hate the look of that ancient site.
Peter
Peter Viscarola
OSR
@OSRDrivers
Thanks, Tim. Appreciate your inputs.
Thanks, Doron.