Hello,
I am working on a virtual disk driver that enables me to ‘mount’ file images
and present them as drives (e.g. D:). I need help please.
The driver is legacy (non-wdm). I use SCM to load/start/stop/unload. The
driver is working fine except for this behavior: My usermode program is
unable to successfully stop the service. The service gets placed in
STOPPED_PENDING and never gets out of it. My gut tells me that I have
outstanding open handles/references. I think the problem revolves around
VPB->ReferenceCount but I am not sure how to resolve this problem.
Here is my test scenario:
- Start service which calls the driver’s DriverEntry. This results in the
creation of a named FILE_DEVICE_UNKNOWN device object (“\device\vdisk”) +
symlink
- I install the file image via a proprietary IOCTL - this results in the
creation of a named FILE_DEVICE_DISK device object (e.g.
\device\harddisk1\partition0) + symlink (\.\physicaldrive1). It also
launches a thread where the
image file is open.
- I mount partition (e.g. 1) via a proprietary IOCTL - this results in the
creation of a FILE_DEVICE_DISK named device object (e.g.
\device\harddisk1\partition1) + symlink
- I attach a drive letter to the device (DefineDosDevice)
- I detach the drive letter
- I umount partition via proprietary IOCTL - it deletes the device object
(\device\hardidisk1\partition1) + symlink
- I uninstall the file image via proprietary IOCTL - it deletes the device
object + symlink. The thread is terminated
- Stop service which calls the driver’s Unload entry point. The device
object created in (0) is deleted as is its symlink
The test succeeds when I run the test without any delay. I note that
VPB->ReferenceCount is 0 in steps (5) and (6).
The test fails when I introduce a delay (say ‘press any key to continue’)
between (3) and (4). The behavior is the same if I open another console
window or launch “My Computer”. In between those steps, the driver receives
several IRP_MJ_CREATE/IRP_MJ_CLOSE. The Device Object on those calls is
the one created in (2). I also determined that Explorer.exe is generating
those IRP_MJ_xxx calls. Lastly, the VPB refcount at step (5) is around 10.
My conclusion is that Explorer ‘owns’ those references. The question how to
cause Explorer to release those references?
BTW, am I working too hard? My driver needs to support multiple image
formats.
Thanks,
Ghassan Yammine
(5) is insuficient. You also have to dismount filesystem (FSCTL_LOCK_VOLUME, FSCTL_DISMOUNT_VOLUME and FSCTL_UNLOCK_VOLUME). Search ntdev and ntfsd archives for details. Note dismount can fail especially with NTFS mounted because of opened handles. You shouldn’t terminate thread until dismount is successful otherwise data can be lost and you can get nasty messages about missing drive and inablity to write.
The delay probably causes Explorer accesses your drive which in turn causes FS mount.
Best regards,
Michal Vodicka
UPEK, Inc.
[xxxxx@upek.com, http://www.upek.com]
From: xxxxx@lists.osr.com[SMTP:xxxxx@lists.osr.com] on behalf of Ghassan Yammine[SMTP:xxxxx@surgient.com]
Reply To: Windows System Software Devs Interest List
Sent: Tuesday, August 31, 2004 1:43 AM
To: Windows System Software Devs Interest List
Subject: [ntdev] Cannot stop service via SCM
Hello,
I am working on a virtual disk driver that enables me to ‘mount’ file images
and present them as drives (e.g. D:). I need help please.
The driver is legacy (non-wdm). I use SCM to load/start/stop/unload. The
driver is working fine except for this behavior: My usermode program is
unable to successfully stop the service. The service gets placed in
STOPPED_PENDING and never gets out of it. My gut tells me that I have
outstanding open handles/references. I think the problem revolves around
VPB->ReferenceCount but I am not sure how to resolve this problem.
Here is my test scenario:
- Start service which calls the driver’s DriverEntry. This results in the
creation of a named FILE_DEVICE_UNKNOWN device object (“\device\vdisk”) +
symlink
- I install the file image via a proprietary IOCTL - this results in the
creation of a named FILE_DEVICE_DISK device object (e.g.
\device\harddisk1\partition0) + symlink (\.\physicaldrive1). It also
launches a thread where the
image file is open.
- I mount partition (e.g. 1) via a proprietary IOCTL - this results in the
creation of a FILE_DEVICE_DISK named device object (e.g.
\device\harddisk1\partition1) + symlink
- I attach a drive letter to the device (DefineDosDevice)
- I detach the drive letter
- I umount partition via proprietary IOCTL - it deletes the device object
(\device\hardidisk1\partition1) + symlink
- I uninstall the file image via proprietary IOCTL - it deletes the device
object + symlink. The thread is terminated
- Stop service which calls the driver’s Unload entry point. The device
object created in (0) is deleted as is its symlink
The test succeeds when I run the test without any delay. I note that
VPB->ReferenceCount is 0 in steps (5) and (6).
The test fails when I introduce a delay (say ‘press any key to continue’)
between (3) and (4). The behavior is the same if I open another console
window or launch “My Computer”. In between those steps, the driver receives
several IRP_MJ_CREATE/IRP_MJ_CLOSE. The Device Object on those calls is
the one created in (2). I also determined that Explorer.exe is generating
those IRP_MJ_xxx calls. Lastly, the VPB refcount at step (5) is around 10.
My conclusion is that Explorer ‘owns’ those references. The question how to
cause Explorer to release those references?
BTW, am I working too hard? My driver needs to support multiple image
formats.
Thanks,
Ghassan Yammine
Questions? First check the Kernel Driver FAQ at http://www.osronline.com/article.cfm?id=256
You are currently subscribed to ntdev as: xxxxx@upek.com
To unsubscribe send a blank email to xxxxx@lists.osr.com
For me, it would be a good idea to forget about this driver unloading. Just
put it to some “idle” state with zero disks on it.
Maxim Shatskih, Windows DDK MVP
StorageCraft Corporation
xxxxx@storagecraft.com
http://www.storagecraft.com
“Ghassan Yammine” wrote in message
news:…
> Hello,
>
> I am working on a virtual disk driver that enables me to ‘mount’ file images
> and present them as drives (e.g. D:). I need help please.
> The driver is legacy (non-wdm). I use SCM to load/start/stop/unload. The
> driver is working fine except for this behavior: My usermode program is
> unable to successfully stop the service. The service gets placed in
> STOPPED_PENDING and never gets out of it. My gut tells me that I have
> outstanding open handles/references. I think the problem revolves around
> VPB->ReferenceCount but I am not sure how to resolve this problem.
>
> Here is my test scenario:
>
> 0) Start service which calls the driver’s DriverEntry. This results in the
> creation of a named FILE_DEVICE_UNKNOWN device object (“\device\vdisk”) +
> symlink
> 1) I install the file image via a proprietary IOCTL - this results in the
> creation of a named FILE_DEVICE_DISK device object (e.g.
> \device\harddisk1\partition0) + symlink (\.\physicaldrive1). It also
> launches a thread where the
> image file is open.
> 2) I mount partition (e.g. 1) via a proprietary IOCTL - this results in the
> creation of a FILE_DEVICE_DISK named device object (e.g.
> \device\harddisk1\partition1) + symlink
> 3) I attach a drive letter to the device (DefineDosDevice)
> 4) I detach the drive letter
> 5) I umount partition via proprietary IOCTL - it deletes the device object
> (\device\hardidisk1\partition1) + symlink
> 6) I uninstall the file image via proprietary IOCTL - it deletes the device
> object + symlink. The thread is terminated
> 7) Stop service which calls the driver’s Unload entry point. The device
> object created in (0) is deleted as is its symlink
>
> The test succeeds when I run the test without any delay. I note that
> VPB->ReferenceCount is 0 in steps (5) and (6).
>
> The test fails when I introduce a delay (say ‘press any key to continue’)
> between (3) and (4). The behavior is the same if I open another console
> window or launch “My Computer”. In between those steps, the driver receives
> several IRP_MJ_CREATE/IRP_MJ_CLOSE. The Device Object on those calls is
> the one created in (2). I also determined that Explorer.exe is generating
> those IRP_MJ_xxx calls. Lastly, the VPB refcount at step (5) is around 10.
> My conclusion is that Explorer ‘owns’ those references. The question how to
> cause Explorer to release those references?
>
> BTW, am I working too hard? My driver needs to support multiple image
> formats.
>
> Thanks,
>
> Ghassan Yammine
>
>
>
> —
> Questions? First check the Kernel Driver FAQ at
http://www.osronline.com/article.cfm?id=256
>
> You are currently subscribed to ntdev as: xxxxx@storagecraft.com
> To unsubscribe send a blank email to xxxxx@lists.osr.com
Thanks, the FSCTL commands did the trick!
Regards,
Ghassan Yammine
“Michal Vodicka” wrote in message
news:xxxxx@ntdev…
(5) is insuficient. You also have to dismount filesystem (FSCTL_LOCK_VOLUME,
FSCTL_DISMOUNT_VOLUME and FSCTL_UNLOCK_VOLUME). Search ntdev and ntfsd
archives for details. Note dismount can fail especially with NTFS mounted
because of opened handles. You shouldn’t terminate thread until dismount is
successful otherwise data can be lost and you can get nasty messages about
missing drive and inablity to write.
The delay probably causes Explorer accesses your drive which in turn causes
FS mount.
Best regards,
Michal Vodicka
UPEK, Inc.
[xxxxx@upek.com, http://www.upek.com]
> ----------
> From:
xxxxx@lists.osr.com[SMTP:xxxxx@lists.osr.com] on
behalf of Ghassan Yammine[SMTP:xxxxx@surgient.com]
> Reply To: Windows System Software Devs Interest List
> Sent: Tuesday, August 31, 2004 1:43 AM
> To: Windows System Software Devs Interest List
> Subject: [ntdev] Cannot stop service via SCM
>
> Hello,
>
> I am working on a virtual disk driver that enables me to ‘mount’ file
images
> and present them as drives (e.g. D:). I need help please.
> The driver is legacy (non-wdm). I use SCM to load/start/stop/unload. The
> driver is working fine except for this behavior: My usermode program is
> unable to successfully stop the service. The service gets placed in
> STOPPED_PENDING and never gets out of it. My gut tells me that I have
> outstanding open handles/references. I think the problem revolves around
> VPB->ReferenceCount but I am not sure how to resolve this problem.
>
> Here is my test scenario:
>
> 0) Start service which calls the driver’s DriverEntry. This results in
the
> creation of a named FILE_DEVICE_UNKNOWN device object (“\device\vdisk”) +
> symlink
> 1) I install the file image via a proprietary IOCTL - this results in the
> creation of a named FILE_DEVICE_DISK device object (e.g.
> \device\harddisk1\partition0) + symlink (\.\physicaldrive1). It also
> launches a thread where the
> image file is open.
> 2) I mount partition (e.g. 1) via a proprietary IOCTL - this results in
the
> creation of a FILE_DEVICE_DISK named device object (e.g.
> \device\harddisk1\partition1) + symlink
> 3) I attach a drive letter to the device (DefineDosDevice)
> 4) I detach the drive letter
> 5) I umount partition via proprietary IOCTL - it deletes the device object
> (\device\hardidisk1\partition1) + symlink
> 6) I uninstall the file image via proprietary IOCTL - it deletes the
device
> object + symlink. The thread is terminated
> 7) Stop service which calls the driver’s Unload entry point. The device
> object created in (0) is deleted as is its symlink
>
> The test succeeds when I run the test without any delay. I note that
> VPB->ReferenceCount is 0 in steps (5) and (6).
>
> The test fails when I introduce a delay (say ‘press any key to continue’)
> between (3) and (4). The behavior is the same if I open another console
> window or launch “My Computer”. In between those steps, the driver
receives
> several IRP_MJ_CREATE/IRP_MJ_CLOSE. The Device Object on those calls is
> the one created in (2). I also determined that Explorer.exe is generating
> those IRP_MJ_xxx calls. Lastly, the VPB refcount at step (5) is around
10.
> My conclusion is that Explorer ‘owns’ those references. The question how
to
> cause Explorer to release those references?
>
> BTW, am I working too hard? My driver needs to support multiple image
> formats.
>
> Thanks,
>
> Ghassan Yammine
>
>
>
> —
> Questions? First check the Kernel Driver FAQ at
http://www.osronline.com/article.cfm?id=256
>
> You are currently subscribed to ntdev as: xxxxx@upek.com
> To unsubscribe send a blank email to xxxxx@lists.osr.com
>
Why? We have very similar driver and unloading works well for years. The only problem is unload must not be initiated until all drives are dismounted. No problem with driver which doesn’t have unload handler in this state but on user mode side (net stop is confused). But if I remember correctly, sc works always well.
Unloadable legacy driver is great at least for debugging.
Best regards,
Michal Vodicka
UPEK, Inc.
[xxxxx@upek.com, http://www.upek.com]
From: xxxxx@lists.osr.com[SMTP:xxxxx@lists.osr.com] on behalf of Maxim S. Shatskih[SMTP:xxxxx@storagecraft.com]
Reply To: Windows System Software Devs Interest List
Sent: Tuesday, August 31, 2004 9:42 AM
To: Windows System Software Devs Interest List
Subject: Re: [ntdev] Cannot stop service via SCM
For me, it would be a good idea to forget about this driver unloading. Just
put it to some “idle” state with zero disks on it.
Maxim Shatskih, Windows DDK MVP
StorageCraft Corporation
xxxxx@storagecraft.com
http://www.storagecraft.com
“Ghassan Yammine” wrote in message
> news:…
> > Hello,
> >
> > I am working on a virtual disk driver that enables me to ‘mount’ file images
> > and present them as drives (e.g. D:). I need help please.
> > The driver is legacy (non-wdm). I use SCM to load/start/stop/unload. The
> > driver is working fine except for this behavior: My usermode program is
> > unable to successfully stop the service. The service gets placed in
> > STOPPED_PENDING and never gets out of it. My gut tells me that I have
> > outstanding open handles/references. I think the problem revolves around
> > VPB->ReferenceCount but I am not sure how to resolve this problem.
> >
> > Here is my test scenario:
> >
> > 0) Start service which calls the driver’s DriverEntry. This results in the
> > creation of a named FILE_DEVICE_UNKNOWN device object (“\device\vdisk”) +
> > symlink
> > 1) I install the file image via a proprietary IOCTL - this results in the
> > creation of a named FILE_DEVICE_DISK device object (e.g.
> > \device\harddisk1\partition0) + symlink (\.\physicaldrive1). It also
> > launches a thread where the
> > image file is open.
> > 2) I mount partition (e.g. 1) via a proprietary IOCTL - this results in the
> > creation of a FILE_DEVICE_DISK named device object (e.g.
> > \device\harddisk1\partition1) + symlink
> > 3) I attach a drive letter to the device (DefineDosDevice)
> > 4) I detach the drive letter
> > 5) I umount partition via proprietary IOCTL - it deletes the device object
> > (\device\hardidisk1\partition1) + symlink
> > 6) I uninstall the file image via proprietary IOCTL - it deletes the device
> > object + symlink. The thread is terminated
> > 7) Stop service which calls the driver’s Unload entry point. The device
> > object created in (0) is deleted as is its symlink
> >
> > The test succeeds when I run the test without any delay. I note that
> > VPB->ReferenceCount is 0 in steps (5) and (6).
> >
> > The test fails when I introduce a delay (say ‘press any key to continue’)
> > between (3) and (4). The behavior is the same if I open another console
> > window or launch “My Computer”. In between those steps, the driver receives
> > several IRP_MJ_CREATE/IRP_MJ_CLOSE. The Device Object on those calls is
> > the one created in (2). I also determined that Explorer.exe is generating
> > those IRP_MJ_xxx calls. Lastly, the VPB refcount at step (5) is around 10.
> > My conclusion is that Explorer ‘owns’ those references. The question how to
> > cause Explorer to release those references?
> >
> > BTW, am I working too hard? My driver needs to support multiple image
> > formats.
> >
> > Thanks,
> >
> > Ghassan Yammine
> >
> >
> >
> > —
> > Questions? First check the Kernel Driver FAQ at>
> http://www.osronline.com/article.cfm?id=256
> >
> > You are currently subscribed to ntdev as: xxxxx@storagecraft.com
> > To unsubscribe send a blank email to xxxxx@lists.osr.com
>
>
> —
> Questions? First check the Kernel Driver FAQ at http://www.osronline.com/article.cfm?id=256
>
> You are currently subscribed to ntdev as: xxxxx@upek.com
> To unsubscribe send a blank email to xxxxx@lists.osr.com
>