Hi all,
I have this code that performs CreateFile…+CloseHandle… pair several times
then, there is a call to CreateFile… the handle is kept aside
after that there is a call to CreateFile…+CloseHandle pair again
this last call to close sends IRP_MJ_CLEANUP although it is not the last handle closed
this is problematic from the drivers point of view
why is this happening?
thanks all
Hello,
IRP_MJ_CLEANUP is sent when the file object reference drops to 0. In your code, if you call CreateFile…+CloseHandle always in pairs, you will get this IRP every time you call CloseHandle.
What do you mean by writing “the handle is kept aside”?
Remember, simply copying the handle like below:
HANDLE h1 = ::CreateFile(…);
HANDLE h2 = h1;
does not increment the reference count for the kernel file object
corresponding to h1 (a handle is just an index into an array kept in
each process). In order to do this, you need to use the DuplicateHandle
function on the first handle. Maybe that’s what the problem is in your code?
AP
tomerg22@012.net.il napisał(a):
Hi all,
I have this code that performs CreateFile…+CloseHandle… pair several times
then, there is a call to CreateFile… the handle is kept asideafter that there is a call to CreateFile…+CloseHandle pair again
this last call to close sends IRP_MJ_CLEANUP although it is not the last handle closedthis is problematic from the drivers point of view
why is this happening?thanks all
Questions? First check the Kernel Driver FAQ at http://www.osronline.com/article.cfm?id=256
To unsubscribe, visit the List Server section of OSR Online at http://www.osronline.com/page.cfm?name=ListServer
This explanation is correct iff you substitute “handle count” for “reference
count”.
Note that calling CreateFile multiple times for the same file creates
multiple file objects, each with a handle count of 1. So each CloseHandle
call will generate IRP_MJ_CLEANUP.
When a file object’s reference count drops to 0, IRP_MJ_CLOSE is generated.
In a minifilter, use a stream handle context to represent individual file
objects (one for each CreateFile call). Use a stream context to represent
all file objects with the same SCB/FCB (one for each file that is opened,
regardless of the number of file objects).
-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Aleksander Palka
Sent: Thursday, December 21, 2006 3:20 AM
To: Windows System Software Devs Interest List
Subject: Re: [ntdev] Cleanup received not on last handle close
Hello,
IRP_MJ_CLEANUP is sent when the file object reference drops to 0. In your
code, if you call CreateFile…+CloseHandle always in pairs, you will get
this IRP every time you call CloseHandle.
What do you mean by writing “the handle is kept aside”?
Remember, simply copying the handle like below:
HANDLE h1 = ::CreateFile(…);
HANDLE h2 = h1;
does not increment the reference count for the kernel file object
corresponding to h1 (a handle is just an index into an array kept in
each process). In order to do this, you need to use the DuplicateHandle
function on the first handle. Maybe that’s what the problem is in your code?
AP
tomerg22@012.net.il napisa³(a):
Hi all,
I have this code that performs CreateFile…+CloseHandle… pair several
times then, there is a call to CreateFile… the handle is kept asideafter that there is a call to CreateFile…+CloseHandle pair again this
last call to close sends IRP_MJ_CLEANUP although it is not the last
handle closedthis is problematic from the drivers point of view
why is this happening?thanks all
Questions? First check the Kernel Driver FAQ at
http://www.osronline.com/article.cfm?id=256To unsubscribe, visit the List Server section of OSR Online at
http://www.osronline.com/page.cfm?name=ListServer
Questions? First check the Kernel Driver FAQ at
http://www.osronline.com/article.cfm?id=256
To unsubscribe, visit the List Server section of OSR Online at
http://www.osronline.com/page.cfm?name=ListServer
> after that there is a call to CreateFile…+CloseHandle pair again
this last call to close sends IRP_MJ_CLEANUP although it is not the last
handle
closed
It is the last handle closed on this file object. Another CreateFile created
another file object.
The only ways of incrementing the handle count on the same file object are a)
DuplicateHandle b) handle inheritance by the child process, nothing else.
–
Maxim Shatskih, Windows DDK MVP
StorageCraft Corporation
xxxxx@storagecraft.com
http://www.storagecraft.com