Hi everybody, I am implementing file system filter driver. I started by making modifications to Rajeev Nagar’s sample so much of the work was already done.
I am having this problem. When I attach to a device (by IoAttachDeviceByPointer) I save a pointer to the target device. Then when a FastIoDetachDevice call is intercepted I detach by calling IoDetachDevice passing as parameter the target device saved before not the target device I receive in the FastIoDetachDevice intercepted function. This part of the code is from the original (by Nagar), so it is must be ok. Well, the system crashes when I try to detach.
I have an idea about where the bug might be. The device I am trying to attach to already has another device attached to it. So I try to attach to device A, but I really attach to device B which is at the top of the stack, so I am saving device A as the target device. When FastIoDetachDevice is called I command IoDetachDevice passing device A as parameter, then comes the crash.
What must I do? Call IoDetachDevice with the target device at the top of the stack (that is the one I receive in the FastIoDetachDevice function)? I will try that but I wanted to ask first because I am going to make modifications to a code that I did not write.
Thanks.
Ok, now I have read the documentation and learned that IoAttachDeviceByPointer is obsolete I must use IoAttachDeviceToDeviceStack.
Thanks.
Use IoAttachDeviceToDeviceStackSafe in XP and newer. This is because there
is a problem (for file system filter drivers) where they write code like:
MyDeviceExtension->DeviceToCall =
IoAttachDeviceToDeviceStack(MyDeviceObject, FsdDeviceObject);
And after the I/O Manager attaches but BEFORE this call returns, an IRP
arrives in your driver. At that point, your driver probably does something
like:
return IoCallDriver(MyDeviceExtension->DeviceToCall, IrpToPassDown);
And BOOM - the system dies.
Of course, it only does this when this narrow timing window gets hit. To
resolve this (prior to Windows XP) you have to serialize between these two
paths. Something like:
If (!MyDeviceExtension->DeviceToCall) {
KeWaitForSingleObject(&MyDeviceExtension->AttachCompletedEvent,
Executive, KernelMode, FALSE, NULL);
}
return IoCallDriver(MyDeviceExtension->DeviceToCall, IrpToPassDown);
and, of course set the event after completing the attach operation:
KeSetEvent(&MyDeviceExtension->AttachCompletedEvent, EVENT_INCREMENT,
FALSE);
In Windows XP and .NET you no longer need this, you can just simply call:
Status = IoAttachDeviceToDeviceStackSafe(MyDeviceObject, FsdDeviceObject,
&MyDeviceExtension->DeviceToCall);
The I/O Manager will now serialize the attach and subsequent calls to the
device.
Regards,
Tony
Tony Mason
Consulting Partner
OSR Open Systems Resources, Inc.
http://www.osr.com http:
-----Original Message-----
From: Ratmil Torres [mailto:xxxxx@seg.inf.cu]
Sent: Wednesday, October 02, 2002 6:42 PM
To: File Systems Developers
Subject: [ntfsd] Blue Screen on FastIoDetachDevice
Ok, now I have read the documentation and learned that
IoAttachDeviceByPointer is obsolete I must use IoAttachDeviceToDeviceStack.
Thanks.
—
You are currently subscribed to ntfsd as: xxxxx@osr.com
To unsubscribe send a blank email to %%email.unsub%%</http:>
IoAttachDeviceByPointer is obsolete, use IoAttachDeviceToDeviceStack instead. It will return the “really next” device object, which is, BTW, necessary for PnP/WDM.
Max
----- Original Message -----
From: Ratmil Torres
To: File Systems Developers
Sent: Thursday, October 03, 2002 2:21 AM
Subject: [ntfsd] Blue Screen on FastIoDetachDevice
Hi everybody, I am implementing file system filter driver. I started by making modifications to Rajeev Nagar’s sample so much of the work was already done.
I am having this problem. When I attach to a device (by IoAttachDeviceByPointer) I save a pointer to the target device. Then when a FastIoDetachDevice call is intercepted I detach by calling IoDetachDevice passing as parameter the target device saved before not the target device I receive in the FastIoDetachDevice intercepted function. This part of the code is from the original (by Nagar), so it is must be ok. Well, the system crashes when I try to detach.
I have an idea about where the bug might be. The device I am trying to attach to already has another device attached to it. So I try to attach to device A, but I really attach to device B which is at the top of the stack, so I am saving device A as the target device. When FastIoDetachDevice is called I command IoDetachDevice passing device A as parameter, then comes the crash.
What must I do? Call IoDetachDevice with the target device at the top of the stack (that is the one I receive in the FastIoDetachDevice function)? I will try that but I wanted to ask first because I am going to make modifications to a code that I did not write.
Thanks.
You are currently subscribed to ntfsd as: xxxxx@storagecraft.com
To unsubscribe send a blank email to %%email.unsub%%