Hi,
I am developing a file system minifilter driver that populates some information on receiving the Read request in the Pre Operation callback
The read requests are being processed synchronously.On local copy-paste operation,the information is retrieved accurately.
I am ignoring the Paging Io operations
But when I do a read over the network(accessing the shared folder from another machine),the system crashes with the following bug check
SYSTEM_THREAD_EXCEPTION_NOT_HANDLED (7e)
This is a very common bugcheck. Usually the exception address pinpoints
the driver/function that caused the problem. Always note this address
as well as the link date of the driver/image that contains this address.
Arguments:
Arg1: c0000005, The exception code that was not handled
Arg2: b96a4832, The address that the exception occurred at
Arg3: b923dc08, Exception Record Address
Arg4: b923d904, Context Record Address
MODULE_NAME: srv
FAULTING_MODULE: 80800000 nt
DEBUG_FLR_IMAGE_TIMESTAMP: 45d6a048
EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - The instruction at “0x%08lx” referenced memory at “0x%08lx”. The memory could not be “%s”.
FAULTING_IP:
srv+2832
b96a4832 668b4814 mov cx,word ptr [eax+14h]
EXCEPTION_RECORD: b923dc08 – (.exr 0xffffffffb923dc08)
ExceptionAddress: b96a4832 (srv+0x00002832)
ExceptionCode: c0000005 (Access violation)
ExceptionFlags: 00000000
NumberParameters: 2
Parameter[0]: 00000000
Parameter[1]: 00320048
Attempt to read from address 00320048
APPROACH :processing the read request
if(FAST_ IO || DATA_SYSTEM_BUFFER )
{
//Populate Info into the
Data->Iopb->Parameters.ReadBuffer
}
else
{
if(Irp->MdlAddress != NULL)
{
MmGetSystemAddressForMdlSafe()
//populate the info
}
else
{
FltLockUserBuffer(Data);
MmGetSystemAddressForMdlSafe()
//Populate info
}
}
I have referred the swapBuffers sample program to build on this
OBSERVATIONS:
During a Remote read request the ,the FltLockUserBuffer() fails with STATUS_INVALID_PARAMETER
If I do a FLT_PREOP_COMPLETE ,the copy operation is terminated with above status check :“The paarmeter is incorrect”
If I pass down the request to FSD with FLT_PREOP_SUCCESS_NO_CALLBACK ,the system crashes with the above bugcheck
QUERY :
How do we handle the REMOTE read request ,how should the buffer be accessed and populated ?
Please let me know your inputs.Any help is greatly appreciated
Regards,
Seema