Hi,
I am observing this deadlock on a system (2000 SP4) which has my filter
driver and Etrust anti-virus installed.
I have replaced my driver name with XXXX in the backtrace. In this
particular code path we call
ZwCreateFile from our IRP_MJ_CREATE handler (yucks!, but that is not the
problem here).
It seems that NTFS has acquired a resource exclusively in CREATE and then
while manipulating the
meta data it encounters a page fault. While trying to service the fault it
encounters low stack space
and posts the request to a worker thread. The worker thread now seems to
wait on the same resource
which was acquired by NTFS in CREATE.
This seems kind of buggy to me? Does NTFS depend on acquiring the same lock
recursively, in the context
of the same thread?
It seems that this problem will happen whenever NTFS posts the read request
in this scenario.
Has anyone seen this before or is my interpretation of the problem
incorrect?
Thanks
Resource @ 0x81700929 Exclusively owned
Contention Count = 1
NumberOfSharedWaiters = 1
Threads: 815ae580-02<*>
THREAD 815ae580 Cid 594.5a8 Teb: 7ffdd000 Win32Thread: 00000000
WAIT: (Executive) KernelMode Non-Alertable
814df4a8 NotificationEvent
IRP List:
aafb3e48: (0006,01b4) Flags: 40000884 Mdl: 00000000
aafe7e48: (0006,01b4) Flags: 40000884 Mdl: 00000000
aa0ffe48: (0006,01b4) Flags: 40000884 Mdl: 00000000
Not impersonating
Owning Process 815b5d60
Wait Start TickCount 13118 Elapsed Ticks: 3232947
Context Switch Count 86
UserTime 0:00:00.0000
KernelTime 0:00:00.0078
Start Address 0x7c57b700
Win32 Start Address 0x7c2e4e8d
Stack Init efe4a000 Current efe47830 Base efe4a000 Limit efe47000 Call
0
Priority 14 BasePriority 8 PriorityDecrement 6 DecrementCount 16
ChildEBP RetAddr Args to Child
efe47848 8042c2a9 aafefe48 00000001 00000000 nt!KiSwapThread+0xc5
efe47870 bfe263f6 814df4a8 00000000 00000000 nt!KeWaitForSingleObject+0x1a1
efe47914 80529104 81a50020 aafefe48 82026490 Ntfs!NtfsFsdRead+0x1aa
efe47960 bff7346f 81a51020 80064bec 82026490 nt!IovSpecialIrpCallDriver+0xcd
efe47998 bfecdb9d 81a51020 aafefe48 bfecdb28 XXXX!aaaa
efe479a4 bfecdb28 81a51020 80064bec 82026490 XXXX!bbbb
efe47a04 bfecd40b 815973a8 00000000 81a51020 XXXX!cccc
efe47a5c bfecd12b 81a51020 aafefe48 00000000 XXXX!dddd
efe47ab4 bfec4e0e 81a51020 aafefe48 81a51020 XXXX!eeee
efe47aec bfefebca 81a51020 aafefe48 81a51020 XXXX!ffff
efe47b28 80529104 81a51020 aafefe48 aafeffb4 XXXX!gggg
efe47b74 f0306768 819e09e0 80064bec 8207a1b0 nt!IovSpecialIrpCallDriver+0xcd
WARNING: Stack unwind information not available. Following frames may be
wrong.
efe47bd0 8041f125 00000000 00000000 80064bd4 ino_fltr+0x7768
efe47be4 80440e01 81684a78 8150b3e0 8150b3c0 nt!IoPageRead+0xb1
efe47c24 80449c1c 00000000 de4c4000 c0379310 nt!MiDispatchFault+0x23d
efe47c70 80467c1f 00000000 00000000 00000000 nt!MmAccessFault+0x682
efe47c70 80411785 00000000 00000000 00000000 nt!KiTrap0E+0xc3
efe47d40 bfe39269 81684a78 efe47d74 00001000 nt!CcMapData+0xd9
efe47d64 bfe3b069 815693a8 e1a3d418 00004000 Ntfs!NtfsMapStream+0x4b
efe47d94 bfe3b52a 815693a8 0000000c 00000004 Ntfs!ReadIndexBuffer+0x8b
efe47dc0 bfe7c705 815693a8 efe480c0 e1b8d488 Ntfs!FindFirstIndexEntry+0x1be
efe47ec8 bfe5a670 815693a8 e1a3d418 e1b8d488 Ntfs!NtfsFindIndexEntry+0x61
efe47efc bfe66134 815693a8 e1a3d418 efe48101 Ntfs!NtfsLookupEntry+0x9c
efe48204 bfe36278 815693a8 aafb3e48 efe48278 Ntfs!NtfsCommonCreate+0x1ab8
efe482b8 80529104 81a50020 aafb3e48 82026490 Ntfs!NtfsFsdCreate+0x186
efe48304 bff7346f 81a51020 80064bec 82026490 nt!IovSpecialIrpCallDriver+0xcd
efe4833c bfecdb9d 81a51020 aafb3e48 bfecdb28 XXXX!aaaa
efe48348 bfecdb28 81a51020 80064bec 82026490 XXXX!bbbb
efe483a8 bfecd40b 815973a8 00000000 81a51020 XXXX!cccc
efe48400 bfecd12b 81a51020 aafb3e48 00000000 XXXX!dddd
efe48458 bfec4d2e 81a51020 aafb3e48 81a51020 XXXX!eeee
efe48490 bff71aa6 81a51020 aafb3e48 81a51020 XXXX!ffff
efe484cc 80529104 81a51020 aafb3e48 aafb3e48 XXXX!gggg
efe48518 f030af1a 819e09e0 80064bec 8207a1b0 nt!IovSpecialIrpCallDriver+0xcd
efe4857c 80529104 819e09e0 aafb3e48 efe48948 ino_fltr+0xbf1a
efe485c8 804bf984 804824e0 804beec6 efe488cc nt!IovSpecialIrpCallDriver+0xcd
efe48758 8045086f 82050330 00000000 efe48810 nt!IopParseDevice+0xabe
efe487d0 804d599e 00000000 8204d400 00000240 nt!ObpLookupObjectName+0x4e7
efe488e0 8049f9f3 00000000 00000000 80474600 nt!ObOpenObjectByName+0xc8
efe489bc 8049f598 efe48b4c 00000080 efe48b14 nt!IopCreateFile+0x407
efe48a04 804a827b efe48b4c 00000080 efe48b14 nt!IoCreateFile+0x36
efe48a44 80464f84 efe48b4c 00000080 efe48b14 nt!NtOpenFile+0x25
efe48a44 8042fe87 efe48b4c 00000080 efe48b14 nt!KiSystemService+0xc4
efe48ad4 f030468f efe48b4c 00000080 efe48b14 nt!ZwOpenFile+0xb
efe48b40 f0309c8d 815ae580 8173aaf0 0000001d ino_fltr+0x568f
efe48bb0 80529104 0000001d aafe7e48 efe48f7c ino_fltr+0xac8d
efe48bfc 804bf984 804824e0 804beec6 efe48f00 nt!IovSpecialIrpCallDriver+0xcd
efe48d8c 8045086f 82050330 00000000 efe48e44 nt!IopParseDevice+0xabe
efe48e04 804d599e 00000000 8204d400 00000240 nt!ObpLookupObjectName+0x4e7
efe48f14 8049f9f3 00000000 00000000 814e7600 nt!ObOpenObjectByName+0xc8
efe48ff0 8049f598 efe491b8 80000000 efe49160 nt!IopCreateFile+0x407
efe49038 804a6fe0 efe491b8 80000000 efe49160 nt!IoCreateFile+0x36
efe49078 80464f84 efe491b8 80000000 efe49160 nt!NtCreateFile+0x2e
efe49078 8042fa53 efe491b8 80000000 efe49160 nt!KiSystemService+0xc4
efe4911c bff1c950 efe491b8 80000000 efe49160 nt!ZwCreateFile+0xb
efe4918c bff19c35 efe491b8 e1b02410 00000004 XXXX!aaaa
efe491a0 bff1a225 efe491b8 e1b02410 00000004 XXXX!bbbb
efe491bc bff11d28 e1b02410 efe4922c 00000000 XXXX!cccc
efe491f0 bff31fac e1b02410 efe4922c 00000000 XXXX!dddd
efe4923c bff31d88 e19a1a90 e1a805f0 00000000 XXXX!eeee
efe49254 bff31c1d e19a1a90 00000000 00000000 XXXX!ffff
efe49268 bff31636 e19a1a90 e1a9aa50 00000000 XXXX!gggg
efe49280 bff3179d e130ad90 efe492d0 e130ad90 XXXX!hhhh
efe49298 bff31095 e19cc210 efe492d0 00000000 XXXX!iiii
efe492ac bff30ce6 e19cc210 000009fc 76020000 XXXX!jjjj
efe492d4 bff36ff9 e19cc210 000009fc 76020000 XXXX!kkkk
efe49300 bff36460 00000000 e1bb04d0 efe49324 XXXX!llll
efe4935c bff24eaf 00000000 e1b30bb0 efe494bc XXXX!mmmm
efe49388 bfef0207 815b5d60 00000000 e1b30bb0 XXXX!nnnn
efe494c4 bfeedab4 81507624 815088a8 00000000 XXXX!oooo
efe49548 bfeec4b3 81507624 815088a8 efe49570 XXXX!pppp
efe49584 bfeca251 81507624 815088a8 81507830 XXXX!qqqq
efe495c8 bfecde0c 81fff668 81507624 815088a8 XXXX!rrrr
efe49624 bfecd662 815075e8 efe49668 efe4965e XXXX!ssss
efe49694 bfecd40b 815075e8 00000000 81a51020 XXXX!tttt
efe496ec bfecd12b 81a51020 aa0ffe48 00000000 XXXX!uuuu
efe49744 bfec4d2e 81a51020 aa0ffe48 81a51020 XXXX!vvvv
efe4977c bff71aa6 81a51020 aa0ffe48 81a51020 XXXX!wwww
efe497b8 80529104 81a51020 aa0ffe48 817be0a0 XXXX!xxxx
efe49804 f030af1a 819e09e0 80064bec 8207a1b0 nt!IovSpecialIrpCallDriver+0xcd
efe49868 80529104 0000002a aa0ffe48 efe49c34 ino_fltr+0xbf1a
efe498b4 804bf984 804824e0 804beec6 efe49bb8 nt!IovSpecialIrpCallDriver+0xcd
efe49a44 8045086f 82050330 00000000 efe49afc nt!IopParseDevice+0xabe
efe49abc 804d599e 00000000 8204d400 00000040 nt!ObpLookupObjectName+0x4e7
efe49bcc 8049f9f3 00000000 00000000 8045fb01 nt!ObOpenObjectByName+0xc8
efe49ca8 8049f598 0087f72c 40110080 0087f7e8 nt!IopCreateFile+0x407
efe49cf0 804a6fe0 0087f72c 40110080 0087f7e8 nt!IoCreateFile+0x36
efe49d30 80464f84 0087f72c 40110080 0087f7e8 nt!NtCreateFile+0x2e
efe49d30 77f8f9c5 0087f72c 40110080 0087f7e8 nt!KiSystemService+0xc4
0087f81c 00000000 00000000 00000000 00000000 _TDLL+0xf9c5
THREAD 82048400 Cid 8.58 Teb: 00000000 Win32Thread: 00000000 WAIT:
(Executive) KernelMode Non-Alertable
81fe3e08 Semaphore Limit 0x7fffffff
820484e8 NotificationTimer
Not impersonating
Owning Process 8204dae0
Wait Start TickCount 3245918 Elapsed Ticks: 147
Context Switch Count 12633
UserTime 0:00:00.0000
KernelTime 0:00:00.0000
Start Address nt!FsRtlWorkerThread (0x8041c8cc)
Stack Init eb870000 Current eb86f5c0 Base eb870000 Limit eb86d000 Call
0
Priority 16 BasePriority 8 PriorityDecrement 0 DecrementCount 0
ChildEBP RetAddr Args to Child
eb86f5d8 8042c2a9 00000000 81700928 82048400 nt!KiSwapThread+0xc5
eb86f600 80415082 81fe3e08 00000000 00000000
nt!KeWaitForSingleObject+0x1a1
eb86f640 80414712 eb86f724 81a500f0 e1a3d418
nt!ExpWaitForResource+0x1ac
eb86f658 8041465d 81700928 81fe3e08 eb86f758
nt!ExpAcquireResourceSharedLite+0xb0
eb86f668 bfe221e9 81700928 00000001 e1a3d418
nt!ExAcquireResourceSharedLite+0x41
eb86f758 bfe2bd84 81568828 e1a3d418 00000004
Ntfs!NtfsLookupAllocation+0xa5
eb86f928 bfe22871 81568828 aafefe48 e1a3d418
Ntfs!NtfsPrepareBuffers+0x25e
eb86fafc bfe273c6 81568828 aafefe48 e1a3d418 Ntfs!NtfsNonCachedIo+0x121
eb86fd14 bfe30a9e 81568828 aafefe48 00000000 Ntfs!NtfsCommonRead+0xef0
eb86fd7c 8041c8b4 81568828 814df4a8 814f2d08
Ntfs!NtfsStackOverflowRead+0x72
eb86fd90 8041c907 814f2d08 00000000 00000000
nt!FsRtlStackOverflowRead+0x20
eb86fda8 80454a00 00000000 00000000 00000000 nt!FsRtlWorkerThread+0x3b
eb86fddc 80469212 8041c8cc 00000000 00000000
nt!PspSystemThreadStartup+0x54
00000000 00000000 00000000 00000000 00000000 nt!KiThreadStartup+0x16