Failed call RemoveHeadList

Hi all

I have created simple thread inside my kernel driver. I used InsertTailList function to add objects into my queue inside my thread.I have created implementation for IoDeviceControl function for link my driver with user application.When i try to get object from not empty queue using RemoveHeadList function my driver failed with BSOD with IRQL_NOT_LESS_OR_EQUAL error.

Section code with using InsertTailList please see below:
(follow code section from my Thread)

KeAcquireInStackQueuedSpinLock(
&gPacketInfoListLock,
&packetInfoListLockHandle
);

InsertTailList(&gPacketInfoList, &packetInfo->listEntry);
packetInfo=NULL;

KeReleaseInStackQueuedSpinLock(&packetInfoListLockHandle);

Section code with using RemoveHeadList please see below:
(follow code section from my implementation IoDeviceControl)

while (!IsListEmpty(&gPacketInfoList))
{

KeAcquireInStackQueuedSpinLock(
&gPacketInfoListLock,
&packetInfoListLockHandle);
listEntry = RemoveHeadList(&gPacketInfoList);
packet = CONTAINING_RECORD(
listEntry,
PACKET_INFO,
listEntry
);
KeReleaseInStackQueuedSpinLock(&packetInfoListLockHandle);
}

Thanks in advance for any help!

You should do a test for IsListEmpty inside of the spin lock, right now
a second thread could remove an item and cause the problem you are
seeing.

Don Burn (MVP, Windows DKD)
Windows Filesystem and Driver Consulting
Website: http://www.windrvr.com
Blog: http://msmvps.com/blogs/WinDrvr

“xxxxx@gmail.com” wrote in message
news:xxxxx@ntdev:

> Hi all
>
> I have created simple thread inside my kernel driver. I used InsertTailList function to add objects into my queue inside my thread.I have created implementation for IoDeviceControl function for link my driver with user application.When i try to get object from not empty queue using RemoveHeadList function my driver failed with BSOD with IRQL_NOT_LESS_OR_EQUAL error.
>
> Section code with using InsertTailList please see below:
> (follow code section from my Thread)
>
> KeAcquireInStackQueuedSpinLock(
> &gPacketInfoListLock,
> &packetInfoListLockHandle
> );
>
> InsertTailList(&gPacketInfoList, &packetInfo->listEntry);
> packetInfo=NULL;
>
> KeReleaseInStackQueuedSpinLock(&packetInfoListLockHandle);
>
> Section code with using RemoveHeadList please see below:
> (follow code section from my implementation IoDeviceControl)
>
> while (!IsListEmpty(&gPacketInfoList))
> {
>
> KeAcquireInStackQueuedSpinLock(
> &gPacketInfoListLock,
> &packetInfoListLockHandle);
> listEntry = RemoveHeadList(&gPacketInfoList);
> packet = CONTAINING_RECORD(
> listEntry,
> PACKET_INFO,
> listEntry
> );
> KeReleaseInStackQueuedSpinLock(&packetInfoListLockHandle);
> }
>
> Thanks in advance for any help!

Is packetInfoListLockHandle a global? If so, it MUST be a local.

The check for IsListEmpty outside of the lock is wrong, it should be

KeAcquireInStackQueuedSpinLock(
&gPacketInfoListLock,
&packetInfoListLockHan

while (!IsListEmpty(&gPacketInfoList))
{

dle);
listEntry = RemoveHeadList(&gPacketInfoList);
packet = CONTAINING_RECORD(
listEntry,
PACKET_INFO,
listEntry
);
}

KeReleaseInStackQueuedSpinLock(&packetInfoListLockHandle);

d

-----Original Message-----
From: xxxxx@lists.osr.com [mailto:xxxxx@lists.osr.com] On Behalf Of xxxxx@gmail.com
Sent: Tuesday, November 23, 2010 1:38 PM
To: Windows System Software Devs Interest List
Subject: [ntdev] Failed call RemoveHeadList

Hi all

I have created simple thread inside my kernel driver. I used InsertTailList function to add objects into my queue inside my thread.I have created implementation for IoDeviceControl function for link my driver with user application.When i try to get object from not empty queue using RemoveHeadList function my driver failed with BSOD with IRQL_NOT_LESS_OR_EQUAL error.

Section code with using InsertTailList please see below:
(follow code section from my Thread)

KeAcquireInStackQueuedSpinLock(
&gPacketInfoListLock,
&packetInfoListLockHandle
);

InsertTailList(&gPacketInfoList, &packetInfo->listEntry);
packetInfo=NULL;

KeReleaseInStackQueuedSpinLock(&packetInfoListLockHandle);

Section code with using RemoveHeadList please see below:
(follow code section from my implementation IoDeviceControl)

while (!IsListEmpty(&gPacketInfoList))
{

KeAcquireInStackQueuedSpinLock(
&gPacketInfoListLock,
&packetInfoListLockHandle);
listEntry = RemoveHeadList(&gPacketInfoList);
packet = CONTAINING_RECORD(
listEntry,
PACKET_INFO,
listEntry
);
KeReleaseInStackQueuedSpinLock(&packetInfoListLockHandle);
}

Thanks in advance for any help!

NTDEV is sponsored by OSR

For our schedule of WDF, WDM, debugging and other seminars visit:
http://www.osr.com/seminars

To unsubscribe, visit the List Server section of OSR Online at http://www.osronline.com/page.cfm?name=ListServer