FltSetInformationFile won't rename a directory?

NTFSD Folk:

I’ve run across something that I’d like to know if it’s a known problem.

I want to rename a directory using FltSetInformationFile, but it kept
hanging – just never returned from the call. I tried variations (renaming
a file works fine) and I’m certain that there are no handles open to the
directory or any subdirectories or files therein.

To confirm this, I changed to ZwSetInformationFile and it worked fine for
renaming files or directories. (I’m using that as a workaround for now.)

Has anybody used FltSetInformationFile to successfully rename a directory?

Ken

Where is it hanging? That should show up in the debugger rather
trivially and might provide some additional insight into what is
happening.

Regards,

Tony

Tony Mason
Consulting Partner
OSR Open Systems Resources, Inc.
http://www.osr.com

-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Ken Cross
Sent: Wednesday, November 09, 2005 7:11 AM
To: ntfsd redirect
Subject: [ntfsd] FltSetInformationFile won’t rename a directory?

NTFSD Folk:

I’ve run across something that I’d like to know if it’s a known problem.

I want to rename a directory using FltSetInformationFile, but it kept
hanging – just never returned from the call. I tried variations
(renaming
a file works fine) and I’m certain that there are no handles open to the
directory or any subdirectories or files therein.

To confirm this, I changed to ZwSetInformationFile and it worked fine
for
renaming files or directories. (I’m using that as a workaround for
now.)

Has anybody used FltSetInformationFile to successfully rename a
directory?

Ken

Questions? First check the IFS FAQ at
https://www.osronline.com/article.cfm?id=17

You are currently subscribed to ntfsd as: xxxxx@osr.com
To unsubscribe send a blank email to xxxxx@lists.osr.com

It’s hanging in the FltSetInformationFile routine. I single-step to that
point and it never returns.

Ken

-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Tony Mason
Sent: Wednesday, November 09, 2005 7:30 AM
To: Windows File Systems Devs Interest List
Subject: RE: [ntfsd] FltSetInformationFile won’t rename a directory?

Where is it hanging? That should show up in the debugger rather
trivially and might provide some additional insight into what is
happening.

Regards,

Tony

Tony Mason
Consulting Partner
OSR Open Systems Resources, Inc.
http://www.osr.com

-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Ken Cross
Sent: Wednesday, November 09, 2005 7:11 AM
To: ntfsd redirect
Subject: [ntfsd] FltSetInformationFile won’t rename a directory?

NTFSD Folk:

I’ve run across something that I’d like to know if it’s a known problem.

I want to rename a directory using FltSetInformationFile, but it kept
hanging – just never returned from the call. I tried variations
(renaming
a file works fine) and I’m certain that there are no handles open to the
directory or any subdirectories or files therein.

To confirm this, I changed to ZwSetInformationFile and it worked fine
for
renaming files or directories. (I’m using that as a workaround for
now.)

Has anybody used FltSetInformationFile to successfully rename a
directory?

Ken

Questions? First check the IFS FAQ at
https://www.osronline.com/article.cfm?id=17

You are currently subscribed to ntfsd as: xxxxx@osr.com
To unsubscribe send a blank email to xxxxx@lists.osr.com

Questions? First check the IFS FAQ at
https://www.osronline.com/article.cfm?id=17

You are currently subscribed to ntfsd as: unknown lmsubst tag argument: ‘’
To unsubscribe send a blank email to xxxxx@lists.osr.com

> It’s hanging in the FltSetInformationFile routine. I single-step to that

point and it never returns.

Yes, but FltSetInformationFile is not one instruction,
it does many things. We need to know
where exactly the thread who called. Break the target
operating system and list stack trace for the thread who
called FltSetInformation. Then tell us where is it hanging.

L.

I’m afraid it doesn’t help much:

kd> kb
ChildEBP RetAddr Args to Child
804717e0 80468705 00000001 f9d5be02 000000d1
nt!RtlpBreakWithStatusInstruction
804717e0 80069b02 00000001 f9d5be02 000000d1 nt!KeUpdateSystemTime+0x161
80471864 804643bc 0000000e 00000000 00000000 hal!HalProcessorIdle+0x2
ffdff800 80480f64 00000001 00000000 000064ba nt!KiIdleLoop+0x10
ffdff804 00000000 00000000 000064ba 000064ba nt!KiTimerExpireDpc+0x4

I tried kb=ebp, kb=eip, kb=esp and they give similar results.

Let me clarify one thing: the entire system isn’t hung, just my minifilter.
FltSetInformationFile just never returns. Of course, since my minifilter
processes all disk I/O, anything that requires disk hangs. But anything in
memory (like a command-line prompt) still works OK.

I think I’ve done most of the things to rule out something stupid on my part
(always a possibility ;-):

• I use FltSetInformationFile several other places with no problem
• FltSetInformationFile works fine renaming a file
• ZwSetInformationFile works fine renaming a directory using (essentially)
  the same arguments that I pass to FltSetInformationFile

It’s only when FltSetInformationFile is used to rename a directory that I’ve
hit this problem. (FYI, it’s a “simple” rename, where the
FILE_RENAME_INFORMATION just contains the new name of the directory.)

I presume that FltSetInformationFile calls ZwSetInformationFile, so it must
be doing something else internally.

Like I said, I can use ZwSetInformationFile as a workaround, but
FltSetInformationFile is the “right” thing to use.

Ken

-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Ladislav Zezula
Sent: Wednesday, November 09, 2005 7:47 AM
To: Windows File Systems Devs Interest List
Subject: Re: [ntfsd] FltSetInformationFile won’t rename a directory?

It’s hanging in the FltSetInformationFile routine. I single-step to that
point and it never returns.

Yes, but FltSetInformationFile is not one instruction,
it does many things. We need to know
where exactly the thread who called. Break the target
operating system and list stack trace for the thread who
called FltSetInformation. Then tell us where is it hanging.

L.

Questions? First check the IFS FAQ at
https://www.osronline.com/article.cfm?id=17

You are currently subscribed to ntfsd as: xxxxx@comcast.net
To unsubscribe send a blank email to xxxxx@lists.osr.com

Ken,

I don’t think we want to see the thread that is running when you break
in - we want to see the hung thread. If you know the application you
were running you can pick it out of the running process list (“!process
0 0”). Otherwise you can do a full system process/thread dump
(“!process 0 7”) or you can use “!stacks” to try and find the
interesting thread.

If it is a lock-based deadlock (which is a distinct possibility) you can
also use “!locks” to see it.

I hope this helps.

Regards,

Tony

Tony Mason
Consulting Partner
OSR Open Systems Resources, Inc.
http://www.osr.com

-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Ken Cross
Sent: Wednesday, November 09, 2005 8:24 AM
To: ntfsd redirect
Subject: RE: [ntfsd] FltSetInformationFile won’t rename a directory?

I’m afraid it doesn’t help much:

kd> kb
ChildEBP RetAddr Args to Child
804717e0 80468705 00000001 f9d5be02 000000d1
nt!RtlpBreakWithStatusInstruction
804717e0 80069b02 00000001 f9d5be02 000000d1 nt!KeUpdateSystemTime+0x161
80471864 804643bc 0000000e 00000000 00000000 hal!HalProcessorIdle+0x2
ffdff800 80480f64 00000001 00000000 000064ba nt!KiIdleLoop+0x10
ffdff804 00000000 00000000 000064ba 000064ba nt!KiTimerExpireDpc+0x4

I tried kb=ebp, kb=eip, kb=esp and they give similar results.

Let me clarify one thing: the entire system isn’t hung, just my
minifilter.
FltSetInformationFile just never returns. Of course, since my
minifilter
processes all disk I/O, anything that requires disk hangs. But anything
in
memory (like a command-line prompt) still works OK.

I think I’ve done most of the things to rule out something stupid on my
part
(always a possibility ;-):

• I use FltSetInformationFile several other places with no problem
• FltSetInformationFile works fine renaming a file
• ZwSetInformationFile works fine renaming a directory using
  (essentially)
  the same arguments that I pass to FltSetInformationFile

It’s only when FltSetInformationFile is used to rename a directory that
I’ve
hit this problem. (FYI, it’s a “simple” rename, where the
FILE_RENAME_INFORMATION just contains the new name of the directory.)

I presume that FltSetInformationFile calls ZwSetInformationFile, so it
must
be doing something else internally.

Like I said, I can use ZwSetInformationFile as a workaround, but
FltSetInformationFile is the “right” thing to use.

Ken

-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Ladislav Zezula
Sent: Wednesday, November 09, 2005 7:47 AM
To: Windows File Systems Devs Interest List
Subject: Re: [ntfsd] FltSetInformationFile won’t rename a directory?

It’s hanging in the FltSetInformationFile routine. I single-step to
that
point and it never returns.

Yes, but FltSetInformationFile is not one instruction,
it does many things. We need to know
where exactly the thread who called. Break the target
operating system and list stack trace for the thread who
called FltSetInformation. Then tell us where is it hanging.

L.

Questions? First check the IFS FAQ at
https://www.osronline.com/article.cfm?id=17

You are currently subscribed to ntfsd as: xxxxx@comcast.net
To unsubscribe send a blank email to xxxxx@lists.osr.com

Questions? First check the IFS FAQ at
https://www.osronline.com/article.cfm?id=17

You are currently subscribed to ntfsd as: xxxxx@osr.com
To unsubscribe send a blank email to xxxxx@lists.osr.com

Tony:

Thanks for the help, but it appears that there ain’t much there. The
application is just cmd.exe, where I type “ren c:\x y”, where c:\x is a
directory.

The call actually comes from a kernel thread started by
FltQueueGenericWorkItem, so I’m not sure of the best way to track that down.

My driver isn’t doing anything with locks, so if it’s lock contention, it
ain’t coming from me.

FWIW, here’s the output from windbg:

kd> !stacks
…
[CMD.EXE]
66c.0005b4 8114eda0 0000756 BLOCKED nt!KiSwapThread
Kernel stack currently not resident.
f40e3c4c 8042c2ad nt!KeWaitForSingleObject(8114ef88, 00000011,
f40e3d01)+0x1a1
f40e3d50 804c54a4 nt!NtRequestWaitReplyPort(00000024, 0012fcd0,
0012fcd0)+0x75a
f40e3d50 80464f84 nt!KiSystemService(00000024, 0012fcd0,
0012fcd0)+0xc4
0012fca0 77f88b77 NTDLL!NtRequestWaitReplyPort(00000000, 00000000,
00000000)+0xb

kd> !thread 8114eda0
THREAD 8114eda0 Cid 66c.5b4 Teb: 7ffde000 Win32Thread: a2227b98 WAIT:
(WrLpcReply) UserMode Non-Alertable
8114ef88 Semaphore Limit 0x1
Waiting for reply to LPC MessageId 00000edf:
Pending LPC Reply Message:
e27dd3d1: [60800000,04000000]
Not impersonating
Owning Process 8114f020
Wait Start TickCount 42180 Elapsed Ticks: 1878
Context Switch Count 923 LargeStack
UserTime 0:00:00.0015
KernelTime 0:00:00.0359
Start Address 0x7c57b70c
Win32 Start Address 0x4ad1a610
Stack Init f40e4000 Current f40e3c0c Base f40e4000 Limit f40e1000 Call 0
Priority 8 BasePriority 8 PriorityDecrement 0 DecrementCount 0
Kernel stack not resident.

ChildEBP RetAddr Args to Child
f40e3c24 8042c2ad 8114ef88 8114ef58 8114eda0 nt!KiSwapThread+0xc5
f40e3c4c 804c54a4 8114ef88 00000011 f40e3d01 nt!KeWaitForSingleObject+0x1a1
f40e3d50 80464f84 00000024 0012fcd0 0012fcd0 nt!NtRequestWaitReplyPort+0x75a
f40e3d50 77f88b77 00000024 0012fcd0 0012fcd0 nt!KiSystemService+0xc4
0012fca0 00000000 00000000 00000000 00000000
NTDLL!NtRequestWaitReplyPort+0xb

kd> !locks
**** DUMP OF ALL RESOURCE OBJECTS ****
KD: Scanning for held locks…

Resource @ nt!CmpRegistryLock (0x80474460) Shared 1 owning threads
Contention Count = 21
NumberOfExclusiveWaiters = 1
Threads: 8181cb20-01<*>

Threads Waiting On Exclusive Access:
812f6840
KD: Scanning for held locks…

Resource @ 0x817f84f4 Exclusively owned
Contention Count = 55
NumberOfSharedWaiters = 3
NumberOfExclusiveWaiters = 1
Threads: 8181c020-01<*> 81163da0-01 812a7da0-01 8181cb20-01

Threads Waiting On Exclusive Access:
8181d8a0
KD: Scanning for held locks…

Resource @ 0x81819340 Shared 1 owning threads
Threads: 8181d623-01<*> *** Actual Thread 8181D620
KD: Scanning for held
locks…

Resource @ 0x812475c0 Shared 1 owning threads
Threads: 8181dda3-01<*> *** Actual Thread 8181DDA0
3464 total locks, 4 locks currently held

The problem is trivial to reproduce and doesn’t *seem* to be related to my
driver. So unless someone can confirm that they’ve successfully done a
directory rename with FltSetInformationFile, I’m just going to use
ZwSetInformationFile for now and get back to work…

Ken

-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Tony Mason
Sent: Wednesday, November 09, 2005 9:08 AM
To: Windows File Systems Devs Interest List
Subject: RE: [ntfsd] FltSetInformationFile won’t rename a directory?

Ken,

I don’t think we want to see the thread that is running when you break
in - we want to see the hung thread. If you know the application you
were running you can pick it out of the running process list (“!process
0 0”). Otherwise you can do a full system process/thread dump
(“!process 0 7”) or you can use “!stacks” to try and find the
interesting thread.

If it is a lock-based deadlock (which is a distinct possibility) you can
also use “!locks” to see it.

I hope this helps.

Regards,

Tony

Tony Mason
Consulting Partner
OSR Open Systems Resources, Inc.
http://www.osr.com

-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Ken Cross
Sent: Wednesday, November 09, 2005 8:24 AM
To: ntfsd redirect
Subject: RE: [ntfsd] FltSetInformationFile won’t rename a directory?

I’m afraid it doesn’t help much:

kd> kb
ChildEBP RetAddr Args to Child
804717e0 80468705 00000001 f9d5be02 000000d1
nt!RtlpBreakWithStatusInstruction
804717e0 80069b02 00000001 f9d5be02 000000d1 nt!KeUpdateSystemTime+0x161
80471864 804643bc 0000000e 00000000 00000000 hal!HalProcessorIdle+0x2
ffdff800 80480f64 00000001 00000000 000064ba nt!KiIdleLoop+0x10
ffdff804 00000000 00000000 000064ba 000064ba nt!KiTimerExpireDpc+0x4

I tried kb=ebp, kb=eip, kb=esp and they give similar results.

Let me clarify one thing: the entire system isn’t hung, just my
minifilter.
FltSetInformationFile just never returns. Of course, since my
minifilter
processes all disk I/O, anything that requires disk hangs. But anything
in
memory (like a command-line prompt) still works OK.

I think I’ve done most of the things to rule out something stupid on my
part
(always a possibility ;-):

• I use FltSetInformationFile several other places with no problem
• FltSetInformationFile works fine renaming a file
• ZwSetInformationFile works fine renaming a directory using
  (essentially)
  the same arguments that I pass to FltSetInformationFile

It’s only when FltSetInformationFile is used to rename a directory that
I’ve
hit this problem. (FYI, it’s a “simple” rename, where the
FILE_RENAME_INFORMATION just contains the new name of the directory.)

I presume that FltSetInformationFile calls ZwSetInformationFile, so it
must
be doing something else internally.

Like I said, I can use ZwSetInformationFile as a workaround, but
FltSetInformationFile is the “right” thing to use.

Ken

-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Ladislav Zezula
Sent: Wednesday, November 09, 2005 7:47 AM
To: Windows File Systems Devs Interest List
Subject: Re: [ntfsd] FltSetInformationFile won’t rename a directory?

It’s hanging in the FltSetInformationFile routine. I single-step to
that
point and it never returns.

Yes, but FltSetInformationFile is not one instruction,
it does many things. We need to know
where exactly the thread who called. Break the target
operating system and list stack trace for the thread who
called FltSetInformation. Then tell us where is it hanging.

L.

Questions? First check the IFS FAQ at
https://www.osronline.com/article.cfm?id=17

You are currently subscribed to ntfsd as: xxxxx@comcast.net
To unsubscribe send a blank email to xxxxx@lists.osr.com

Questions? First check the IFS FAQ at
https://www.osronline.com/article.cfm?id=17

You are currently subscribed to ntfsd as: xxxxx@osr.com
To unsubscribe send a blank email to xxxxx@lists.osr.com

Questions? First check the IFS FAQ at
https://www.osronline.com/article.cfm?id=17

You are currently subscribed to ntfsd as: unknown lmsubst tag argument: ‘’
To unsubscribe send a blank email to xxxxx@lists.osr.com

IIRC !locks is for ERESOURCE locks only.

Maxim Shatskih, Windows DDK MVP
StorageCraft Corporation
xxxxx@storagecraft.com
http://www.storagecraft.com

----- Original Message -----
From: “Tony Mason”
To: “Windows File Systems Devs Interest List”
Sent: Wednesday, November 09, 2005 5:07 PM
Subject: RE: [ntfsd] FltSetInformationFile won’t rename a directory?

Ken,

I don’t think we want to see the thread that is running when you break
in - we want to see the hung thread. If you know the application you
were running you can pick it out of the running process list (“!process
0 0”). Otherwise you can do a full system process/thread dump
(“!process 0 7”) or you can use “!stacks” to try and find the
interesting thread.

If it is a lock-based deadlock (which is a distinct possibility) you can
also use “!locks” to see it.

I hope this helps.

Regards,

Tony

Tony Mason
Consulting Partner
OSR Open Systems Resources, Inc.
http://www.osr.com

-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Ken Cross
Sent: Wednesday, November 09, 2005 8:24 AM
To: ntfsd redirect
Subject: RE: [ntfsd] FltSetInformationFile won’t rename a directory?

I’m afraid it doesn’t help much:

kd> kb
ChildEBP RetAddr Args to Child
804717e0 80468705 00000001 f9d5be02 000000d1
nt!RtlpBreakWithStatusInstruction
804717e0 80069b02 00000001 f9d5be02 000000d1 nt!KeUpdateSystemTime+0x161
80471864 804643bc 0000000e 00000000 00000000 hal!HalProcessorIdle+0x2
ffdff800 80480f64 00000001 00000000 000064ba nt!KiIdleLoop+0x10
ffdff804 00000000 00000000 000064ba 000064ba nt!KiTimerExpireDpc+0x4

I tried kb=ebp, kb=eip, kb=esp and they give similar results.

Let me clarify one thing: the entire system isn’t hung, just my
minifilter.
FltSetInformationFile just never returns. Of course, since my
minifilter
processes all disk I/O, anything that requires disk hangs. But anything
in
memory (like a command-line prompt) still works OK.

I think I’ve done most of the things to rule out something stupid on my
part
(always a possibility ;-):

- I use FltSetInformationFile several other places with no problem
- FltSetInformationFile works fine renaming a file
- ZwSetInformationFile works fine renaming a directory using
(essentially)
the same arguments that I pass to FltSetInformationFile

It’s only when FltSetInformationFile is used to rename a directory that
I’ve
hit this problem. (FYI, it’s a “simple” rename, where the
FILE_RENAME_INFORMATION just contains the new name of the directory.)

I presume that FltSetInformationFile calls ZwSetInformationFile, so it
must
be doing something else internally.

Like I said, I can use ZwSetInformationFile as a workaround, but
FltSetInformationFile is the “right” thing to use.

Ken

-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Ladislav Zezula
Sent: Wednesday, November 09, 2005 7:47 AM
To: Windows File Systems Devs Interest List
Subject: Re: [ntfsd] FltSetInformationFile won’t rename a directory?

> It’s hanging in the FltSetInformationFile routine. I single-step to
that
> point and it never returns.

Yes, but FltSetInformationFile is not one instruction,
it does many things. We need to know
where exactly the thread who called. Break the target
operating system and list stack trace for the thread who
called FltSetInformation. Then tell us where is it hanging.

L.

—
Questions? First check the IFS FAQ at
https://www.osronline.com/article.cfm?id=17

You are currently subscribed to ntfsd as: xxxxx@comcast.net
To unsubscribe send a blank email to xxxxx@lists.osr.com

—
Questions? First check the IFS FAQ at
https://www.osronline.com/article.cfm?id=17

You are currently subscribed to ntfsd as: xxxxx@osr.com
To unsubscribe send a blank email to xxxxx@lists.osr.com

—
Questions? First check the IFS FAQ at
https://www.osronline.com/article.cfm?id=17

You are currently subscribed to ntfsd as: unknown lmsubst tag argument: ‘’
To unsubscribe send a blank email to xxxxx@lists.osr.com

Here’s a quick piece of code that will reproduce the problem. (Note that
the filter and instance must be defined somewhere.)

It does the equivalent of “ren c:\x y” where c:\x is a directory, and it
reproduces the problem quite nicely.

Replacing FltSetInformationFile with ZwSetInformationFile fixes it.

UNICODE_STRING s1 = RTL_CONSTANT_STRING( L"\??\C:\x" );
FILE_RENAME_INFORMATION r1 = { FALSE, NULL, 2, L’y’ };
OBJECT_ATTRIBUTES objAttributes;
IO_STATUS_BLOCK IoSb;
PFILE_OBJECT foIn;
NTSTATUS status;
HANDLE hOld;

DbgBreakPoint();

InitializeObjectAttributes(
&objAttributes,
&s1,
OBJ_KERNEL_HANDLE | OBJ_CASE_INSENSITIVE,
0,
NULL );

status = FltCreateFile(
FKFilter, // Filter
RepositoryInstance, // Instance
&hOld, // File handle
GENERIC_ALL | DELETE, // Desired access
&objAttributes, // Attributes
&IoSb, // IO Status Block
NULL, // Allocation size
0, // File attributes
0, // File share
FILE_OPEN, // The file must exist
FILE_DIRECTORY_FILE, // Create options
NULL, // EA buffer
0, // EA size
IO_IGNORE_SHARE_ACCESS_CHECK ); // Options

if( NT_SUCCESS(status) )
{
ObReferenceObjectByHandle( hOld, 0, NULL, KernelMode, &foIn, NULL );

//
// This seems to always hang:
//
status = FltSetInformationFile( RepositoryInstance, foIn, &r1,
sizeof(r1), FileRenameInformation );

FltClose( hOld );
ObDereferenceObject( foIn );
}

Ken

-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Maxim S. Shatskih
Sent: Wednesday, November 09, 2005 11:09 AM
To: Windows File Systems Devs Interest List
Subject: Re: [ntfsd] FltSetInformationFile won’t rename a directory?

IIRC !locks is for ERESOURCE locks only.

Maxim Shatskih, Windows DDK MVP
StorageCraft Corporation
xxxxx@storagecraft.com
http://www.storagecraft.com

----- Original Message -----
From: “Tony Mason”
To: “Windows File Systems Devs Interest List”
Sent: Wednesday, November 09, 2005 5:07 PM
Subject: RE: [ntfsd] FltSetInformationFile won’t rename a directory?

Ken,

I don’t think we want to see the thread that is running when you break
in - we want to see the hung thread. If you know the application you
were running you can pick it out of the running process list (“!process
0 0”). Otherwise you can do a full system process/thread dump
(“!process 0 7”) or you can use “!stacks” to try and find the
interesting thread.

If it is a lock-based deadlock (which is a distinct possibility) you can
also use “!locks” to see it.

I hope this helps.

Regards,

Tony

Tony Mason
Consulting Partner
OSR Open Systems Resources, Inc.
http://www.osr.com

-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Ken Cross
Sent: Wednesday, November 09, 2005 8:24 AM
To: ntfsd redirect
Subject: RE: [ntfsd] FltSetInformationFile won’t rename a directory?

I’m afraid it doesn’t help much:

kd> kb
ChildEBP RetAddr Args to Child
804717e0 80468705 00000001 f9d5be02 000000d1
nt!RtlpBreakWithStatusInstruction
804717e0 80069b02 00000001 f9d5be02 000000d1 nt!KeUpdateSystemTime+0x161
80471864 804643bc 0000000e 00000000 00000000 hal!HalProcessorIdle+0x2
ffdff800 80480f64 00000001 00000000 000064ba nt!KiIdleLoop+0x10
ffdff804 00000000 00000000 000064ba 000064ba nt!KiTimerExpireDpc+0x4

I tried kb=ebp, kb=eip, kb=esp and they give similar results.

Let me clarify one thing: the entire system isn’t hung, just my
minifilter.
FltSetInformationFile just never returns. Of course, since my
minifilter
processes all disk I/O, anything that requires disk hangs. But anything
in
memory (like a command-line prompt) still works OK.

I think I’ve done most of the things to rule out something stupid on my
part
(always a possibility ;-):

- I use FltSetInformationFile several other places with no problem
- FltSetInformationFile works fine renaming a file
- ZwSetInformationFile works fine renaming a directory using
(essentially)
the same arguments that I pass to FltSetInformationFile

It’s only when FltSetInformationFile is used to rename a directory that
I’ve
hit this problem. (FYI, it’s a “simple” rename, where the
FILE_RENAME_INFORMATION just contains the new name of the directory.)

I presume that FltSetInformationFile calls ZwSetInformationFile, so it
must
be doing something else internally.

Like I said, I can use ZwSetInformationFile as a workaround, but
FltSetInformationFile is the “right” thing to use.

Ken

-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Ladislav Zezula
Sent: Wednesday, November 09, 2005 7:47 AM
To: Windows File Systems Devs Interest List
Subject: Re: [ntfsd] FltSetInformationFile won’t rename a directory?

> It’s hanging in the FltSetInformationFile routine. I single-step to
that
> point and it never returns.

Yes, but FltSetInformationFile is not one instruction,
it does many things. We need to know
where exactly the thread who called. Break the target
operating system and list stack trace for the thread who
called FltSetInformation. Then tell us where is it hanging.

L.

—
Questions? First check the IFS FAQ at
https://www.osronline.com/article.cfm?id=17

You are currently subscribed to ntfsd as: xxxxx@comcast.net
To unsubscribe send a blank email to xxxxx@lists.osr.com

—
Questions? First check the IFS FAQ at
https://www.osronline.com/article.cfm?id=17

You are currently subscribed to ntfsd as: xxxxx@osr.com
To unsubscribe send a blank email to xxxxx@lists.osr.com

—
Questions? First check the IFS FAQ at
https://www.osronline.com/article.cfm?id=17

You are currently subscribed to ntfsd as: unknown lmsubst tag argument: ‘’
To unsubscribe send a blank email to xxxxx@lists.osr.com

—
Questions? First check the IFS FAQ at
https://www.osronline.com/article.cfm?id=17

You are currently subscribed to ntfsd as: xxxxx@comcast.net
To unsubscribe send a blank email to xxxxx@lists.osr.com

Ken

So its not a thread in cmd.exe … so !process 0 7 or !stacks, find your
thread, shoudl be distinctive if FltXxx is on the stack, and post the stack
trace for that thread?

Cheers
Lyndon

“Ken Cross” wrote in message news:xxxxx@ntfsd…
> Tony:
>
> Thanks for the help, but it appears that there ain’t much there. The
> application is just cmd.exe, where I type “ren c:\x y”, where c:\x is a
> directory.
>
> The call actually comes from a kernel thread started by
> FltQueueGenericWorkItem, so I’m not sure of the best way to track that
> down.
>
> My driver isn’t doing anything with locks, so if it’s lock contention, it
> ain’t coming from me.
>
> FWIW, here’s the output from windbg:
>
>
> kd> !stacks
> …
> [CMD.EXE]
> 66c.0005b4 8114eda0 0000756 BLOCKED nt!KiSwapThread
> Kernel stack currently not resident.
> f40e3c4c 8042c2ad nt!KeWaitForSingleObject(8114ef88, 00000011,
> f40e3d01)+0x1a1
> f40e3d50 804c54a4 nt!NtRequestWaitReplyPort(00000024, 0012fcd0,
> 0012fcd0)+0x75a
> f40e3d50 80464f84 nt!KiSystemService(00000024, 0012fcd0,
> 0012fcd0)+0xc4
> 0012fca0 77f88b77 NTDLL!NtRequestWaitReplyPort(00000000,
> 00000000,
> 00000000)+0xb
>
> kd> !thread 8114eda0
> THREAD 8114eda0 Cid 66c.5b4 Teb: 7ffde000 Win32Thread: a2227b98 WAIT:
> (WrLpcReply) UserMode Non-Alertable
> 8114ef88 Semaphore Limit 0x1
> Waiting for reply to LPC MessageId 00000edf:
> Pending LPC Reply Message:
> e27dd3d1: [60800000,04000000]
> Not impersonating
> Owning Process 8114f020
> Wait Start TickCount 42180 Elapsed Ticks: 1878
> Context Switch Count 923 LargeStack
> UserTime 0:00:00.0015
> KernelTime 0:00:00.0359
> Start Address 0x7c57b70c
> Win32 Start Address 0x4ad1a610
> Stack Init f40e4000 Current f40e3c0c Base f40e4000 Limit f40e1000 Call 0
> Priority 8 BasePriority 8 PriorityDecrement 0 DecrementCount 0
> Kernel stack not resident.
>
> ChildEBP RetAddr Args to Child
> f40e3c24 8042c2ad 8114ef88 8114ef58 8114eda0 nt!KiSwapThread+0xc5
> f40e3c4c 804c54a4 8114ef88 00000011 f40e3d01
> nt!KeWaitForSingleObject+0x1a1
> f40e3d50 80464f84 00000024 0012fcd0 0012fcd0
> nt!NtRequestWaitReplyPort+0x75a
> f40e3d50 77f88b77 00000024 0012fcd0 0012fcd0 nt!KiSystemService+0xc4
> 0012fca0 00000000 00000000 00000000 00000000
> NTDLL!NtRequestWaitReplyPort+0xb
>
> kd> !locks
> DUMP OF ALL RESOURCE OBJECTS
> KD: Scanning for held locks…
>
> Resource @ nt!CmpRegistryLock (0x80474460) Shared 1 owning threads
> Contention Count = 21
> NumberOfExclusiveWaiters = 1
> Threads: 8181cb20-01<>
>
> Threads Waiting On Exclusive Access:
> 812f6840
> KD: Scanning for held locks…
>
> Resource @ 0x817f84f4 Exclusively owned
> Contention Count = 55
> NumberOfSharedWaiters = 3
> NumberOfExclusiveWaiters = 1
> Threads: 8181c020-01<> 81163da0-01 812a7da0-01 8181cb20-01
>
> Threads Waiting On Exclusive Access:
> 8181d8a0
> KD: Scanning for held locks…
>
> Resource @ 0x81819340 Shared 1 owning threads
> Threads: 8181d623-01<> Actual Thread 8181D620
> KD: Scanning for held
> locks…
>
> Resource @ 0x812475c0 Shared 1 owning threads
> Threads: 8181dda3-01<> Actual Thread 8181DDA0
> 3464 total locks, 4 locks currently held
>
>
>
>
>
> The problem is trivial to reproduce and doesn’t seem to be related to my
> driver. So unless someone can confirm that they’ve successfully done a
> directory rename with FltSetInformationFile, I’m just going to use
> ZwSetInformationFile for now and get back to work…
>
> Ken
>
>
> -----Original Message-----
> From: xxxxx@lists.osr.com
> [mailto:xxxxx@lists.osr.com] On Behalf Of Tony Mason
> Sent: Wednesday, November 09, 2005 9:08 AM
> To: Windows File Systems Devs Interest List
> Subject: RE: [ntfsd] FltSetInformationFile won’t rename a directory?
>
> Ken,
>
> I don’t think we want to see the thread that is running when you break
> in - we want to see the hung thread. If you know the application you
> were running you can pick it out of the running process list (“!process
> 0 0”). Otherwise you can do a full system process/thread dump
> (“!process 0 7”) or you can use “!stacks” to try and find the
> interesting thread.
>
> If it is a lock-based deadlock (which is a distinct possibility) you can
> also use “!locks” to see it.
>
> I hope this helps.
>
> Regards,
>
> Tony
>
> Tony Mason
> Consulting Partner
> OSR Open Systems Resources, Inc.
> http://www.osr.com
>
>
> -----Original Message-----
> From: xxxxx@lists.osr.com
> [mailto:xxxxx@lists.osr.com] On Behalf Of Ken Cross
> Sent: Wednesday, November 09, 2005 8:24 AM
> To: ntfsd redirect
> Subject: RE: [ntfsd] FltSetInformationFile won’t rename a directory?
>
> I’m afraid it doesn’t help much:
>
> kd> kb
> ChildEBP RetAddr Args to Child
> 804717e0 80468705 00000001 f9d5be02 000000d1
> nt!RtlpBreakWithStatusInstruction
> 804717e0 80069b02 00000001 f9d5be02 000000d1 nt!KeUpdateSystemTime+0x161
> 80471864 804643bc 0000000e 00000000 00000000 hal!HalProcessorIdle+0x2
> ffdff800 80480f64 00000001 00000000 000064ba nt!KiIdleLoop+0x10
> ffdff804 00000000 00000000 000064ba 000064ba nt!KiTimerExpireDpc+0x4
>
>
> I tried kb=ebp, kb=eip, kb=esp and they give similar results.
>
> Let me clarify one thing: the entire system isn’t hung, just my
> minifilter.
> FltSetInformationFile just never returns. Of course, since my
> minifilter
> processes all disk I/O, anything that requires disk hangs. But anything
> in
> memory (like a command-line prompt) still works OK.
>
> I think I’ve done most of the things to rule out something stupid on my
> part
> (always a possibility ;-):
>
> - I use FltSetInformationFile several other places with no problem
> - FltSetInformationFile works fine renaming a file
> - ZwSetInformationFile works fine renaming a directory using
> (essentially)
> the same arguments that I pass to FltSetInformationFile
>
> It’s only when FltSetInformationFile is used to rename a directory that
> I’ve
> hit this problem. (FYI, it’s a “simple” rename, where the
> FILE_RENAME_INFORMATION just contains the new name of the directory.)
>
> I presume that FltSetInformationFile calls ZwSetInformationFile, so it
> must
> be doing something else internally.
>
> Like I said, I can use ZwSetInformationFile as a workaround, but
> FltSetInformationFile is the “right” thing to use.
>
> Ken
>
>
> -----Original Message-----
> From: xxxxx@lists.osr.com
> [mailto:xxxxx@lists.osr.com] On Behalf Of Ladislav Zezula
> Sent: Wednesday, November 09, 2005 7:47 AM
> To: Windows File Systems Devs Interest List
> Subject: Re: [ntfsd] FltSetInformationFile won’t rename a directory?
>
>> It’s hanging in the FltSetInformationFile routine. I single-step to
> that
>> point and it never returns.
>
> Yes, but FltSetInformationFile is not one instruction,
> it does many things. We need to know
> where exactly the thread who called. Break the target
> operating system and list stack trace for the thread who
> called FltSetInformation. Then tell us where is it hanging.
>
> L.
>
>
> —
> Questions? First check the IFS FAQ at
> https://www.osronline.com/article.cfm?id=17
>
> You are currently subscribed to ntfsd as: xxxxx@comcast.net
> To unsubscribe send a blank email to xxxxx@lists.osr.com
>
>
>
> —
> Questions? First check the IFS FAQ at
> https://www.osronline.com/article.cfm?id=17
>
> You are currently subscribed to ntfsd as: xxxxx@osr.com
> To unsubscribe send a blank email to xxxxx@lists.osr.com
>
> —
> Questions? First check the IFS FAQ at
> https://www.osronline.com/article.cfm?id=17
>
> You are currently subscribed to ntfsd as: unknown lmsubst tag argument: ‘’
> To unsubscribe send a blank email to xxxxx@lists.osr.com
>
>
>

Lyndon:

At this point I’m fairly convinced that even if I did find it, it wouldn’t
do any good. (Or at least it wouldn’t be something I could fix myself.)

It’s simple to reproduce (see the code I submitted earlier), and the
workaround with ZwSetInformationFile is acceptable for now.

So I’ll leave it to MS to figure out. I’m sure they need a few more things
to work on…

Ken

-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Lyndon J Clarke
Sent: Wednesday, November 09, 2005 12:04 PM
To: Windows File Systems Devs Interest List
Subject: Re:[ntfsd] FltSetInformationFile won’t rename a directory?

Ken

So its not a thread in cmd.exe … so !process 0 7 or !stacks, find your
thread, shoudl be distinctive if FltXxx is on the stack, and post the stack
trace for that thread?

Cheers
Lyndon

“Ken Cross” wrote in message news:xxxxx@ntfsd…
> Tony:
>
> Thanks for the help, but it appears that there ain’t much there. The
> application is just cmd.exe, where I type “ren c:\x y”, where c:\x is a
> directory.
>
> The call actually comes from a kernel thread started by
> FltQueueGenericWorkItem, so I’m not sure of the best way to track that
> down.
>
> My driver isn’t doing anything with locks, so if it’s lock contention, it
> ain’t coming from me.
>
> FWIW, here’s the output from windbg:
>
>
> kd> !stacks
> …
> [CMD.EXE]
> 66c.0005b4 8114eda0 0000756 BLOCKED nt!KiSwapThread
> Kernel stack currently not resident.
> f40e3c4c 8042c2ad nt!KeWaitForSingleObject(8114ef88, 00000011,
> f40e3d01)+0x1a1
> f40e3d50 804c54a4 nt!NtRequestWaitReplyPort(00000024, 0012fcd0,
> 0012fcd0)+0x75a
> f40e3d50 80464f84 nt!KiSystemService(00000024, 0012fcd0,
> 0012fcd0)+0xc4
> 0012fca0 77f88b77 NTDLL!NtRequestWaitReplyPort(00000000,
> 00000000,
> 00000000)+0xb
>
> kd> !thread 8114eda0
> THREAD 8114eda0 Cid 66c.5b4 Teb: 7ffde000 Win32Thread: a2227b98 WAIT:
> (WrLpcReply) UserMode Non-Alertable
> 8114ef88 Semaphore Limit 0x1
> Waiting for reply to LPC MessageId 00000edf:
> Pending LPC Reply Message:
> e27dd3d1: [60800000,04000000]
> Not impersonating
> Owning Process 8114f020
> Wait Start TickCount 42180 Elapsed Ticks: 1878
> Context Switch Count 923 LargeStack
> UserTime 0:00:00.0015
> KernelTime 0:00:00.0359
> Start Address 0x7c57b70c
> Win32 Start Address 0x4ad1a610
> Stack Init f40e4000 Current f40e3c0c Base f40e4000 Limit f40e1000 Call 0
> Priority 8 BasePriority 8 PriorityDecrement 0 DecrementCount 0
> Kernel stack not resident.
>
> ChildEBP RetAddr Args to Child
> f40e3c24 8042c2ad 8114ef88 8114ef58 8114eda0 nt!KiSwapThread+0xc5
> f40e3c4c 804c54a4 8114ef88 00000011 f40e3d01
> nt!KeWaitForSingleObject+0x1a1
> f40e3d50 80464f84 00000024 0012fcd0 0012fcd0
> nt!NtRequestWaitReplyPort+0x75a
> f40e3d50 77f88b77 00000024 0012fcd0 0012fcd0 nt!KiSystemService+0xc4
> 0012fca0 00000000 00000000 00000000 00000000
> NTDLL!NtRequestWaitReplyPort+0xb
>
> kd> !locks
> DUMP OF ALL RESOURCE OBJECTS
> KD: Scanning for held locks…
>
> Resource @ nt!CmpRegistryLock (0x80474460) Shared 1 owning threads
> Contention Count = 21
> NumberOfExclusiveWaiters = 1
> Threads: 8181cb20-01<>
>
> Threads Waiting On Exclusive Access:
> 812f6840
> KD: Scanning for held locks…
>
> Resource @ 0x817f84f4 Exclusively owned
> Contention Count = 55
> NumberOfSharedWaiters = 3
> NumberOfExclusiveWaiters = 1
> Threads: 8181c020-01<> 81163da0-01 812a7da0-01 8181cb20-01
>
> Threads Waiting On Exclusive Access:
> 8181d8a0
> KD: Scanning for held locks…
>
> Resource @ 0x81819340 Shared 1 owning threads
> Threads: 8181d623-01<> Actual Thread 8181D620
> KD: Scanning for held
> locks…
>
> Resource @ 0x812475c0 Shared 1 owning threads
> Threads: 8181dda3-01<> Actual Thread 8181DDA0
> 3464 total locks, 4 locks currently held
>
>
>
>
>
> The problem is trivial to reproduce and doesn’t seem to be related to my
> driver. So unless someone can confirm that they’ve successfully done a
> directory rename with FltSetInformationFile, I’m just going to use
> ZwSetInformationFile for now and get back to work…
>
> Ken
>
>
> -----Original Message-----
> From: xxxxx@lists.osr.com
> [mailto:xxxxx@lists.osr.com] On Behalf Of Tony Mason
> Sent: Wednesday, November 09, 2005 9:08 AM
> To: Windows File Systems Devs Interest List
> Subject: RE: [ntfsd] FltSetInformationFile won’t rename a directory?
>
> Ken,
>
> I don’t think we want to see the thread that is running when you break
> in - we want to see the hung thread. If you know the application you
> were running you can pick it out of the running process list (“!process
> 0 0”). Otherwise you can do a full system process/thread dump
> (“!process 0 7”) or you can use “!stacks” to try and find the
> interesting thread.
>
> If it is a lock-based deadlock (which is a distinct possibility) you can
> also use “!locks” to see it.
>
> I hope this helps.
>
> Regards,
>
> Tony
>
> Tony Mason
> Consulting Partner
> OSR Open Systems Resources, Inc.
> http://www.osr.com
>
>
> -----Original Message-----
> From: xxxxx@lists.osr.com
> [mailto:xxxxx@lists.osr.com] On Behalf Of Ken Cross
> Sent: Wednesday, November 09, 2005 8:24 AM
> To: ntfsd redirect
> Subject: RE: [ntfsd] FltSetInformationFile won’t rename a directory?
>
> I’m afraid it doesn’t help much:
>
> kd> kb
> ChildEBP RetAddr Args to Child
> 804717e0 80468705 00000001 f9d5be02 000000d1
> nt!RtlpBreakWithStatusInstruction
> 804717e0 80069b02 00000001 f9d5be02 000000d1 nt!KeUpdateSystemTime+0x161
> 80471864 804643bc 0000000e 00000000 00000000 hal!HalProcessorIdle+0x2
> ffdff800 80480f64 00000001 00000000 000064ba nt!KiIdleLoop+0x10
> ffdff804 00000000 00000000 000064ba 000064ba nt!KiTimerExpireDpc+0x4
>
>
> I tried kb=ebp, kb=eip, kb=esp and they give similar results.
>
> Let me clarify one thing: the entire system isn’t hung, just my
> minifilter.
> FltSetInformationFile just never returns. Of course, since my
> minifilter
> processes all disk I/O, anything that requires disk hangs. But anything
> in
> memory (like a command-line prompt) still works OK.
>
> I think I’ve done most of the things to rule out something stupid on my
> part
> (always a possibility ;-):
>
> - I use FltSetInformationFile several other places with no problem
> - FltSetInformationFile works fine renaming a file
> - ZwSetInformationFile works fine renaming a directory using
> (essentially)
> the same arguments that I pass to FltSetInformationFile
>
> It’s only when FltSetInformationFile is used to rename a directory that
> I’ve
> hit this problem. (FYI, it’s a “simple” rename, where the
> FILE_RENAME_INFORMATION just contains the new name of the directory.)
>
> I presume that FltSetInformationFile calls ZwSetInformationFile, so it
> must
> be doing something else internally.
>
> Like I said, I can use ZwSetInformationFile as a workaround, but
> FltSetInformationFile is the “right” thing to use.
>
> Ken
>
>
> -----Original Message-----
> From: xxxxx@lists.osr.com
> [mailto:xxxxx@lists.osr.com] On Behalf Of Ladislav Zezula
> Sent: Wednesday, November 09, 2005 7:47 AM
> To: Windows File Systems Devs Interest List
> Subject: Re: [ntfsd] FltSetInformationFile won’t rename a directory?
>
>> It’s hanging in the FltSetInformationFile routine. I single-step to
> that
>> point and it never returns.
>
> Yes, but FltSetInformationFile is not one instruction,
> it does many things. We need to know
> where exactly the thread who called. Break the target
> operating system and list stack trace for the thread who
> called FltSetInformation. Then tell us where is it hanging.
>
> L.
>
>
> —
> Questions? First check the IFS FAQ at
> https://www.osronline.com/article.cfm?id=17
>
> You are currently subscribed to ntfsd as: xxxxx@comcast.net
> To unsubscribe send a blank email to xxxxx@lists.osr.com
>
>
>
> —
> Questions? First check the IFS FAQ at
> https://www.osronline.com/article.cfm?id=17
>
> You are currently subscribed to ntfsd as: xxxxx@osr.com
> To unsubscribe send a blank email to xxxxx@lists.osr.com
>
> —
> Questions? First check the IFS FAQ at
> https://www.osronline.com/article.cfm?id=17
>
> You are currently subscribed to ntfsd as: unknown lmsubst tag argument: ‘’
> To unsubscribe send a blank email to xxxxx@lists.osr.com
>
>
>

—
Questions? First check the IFS FAQ at
https://www.osronline.com/article.cfm?id=17

You are currently subscribed to ntfsd as: xxxxx@comcast.net
To unsubscribe send a blank email to xxxxx@lists.osr.com

Yes, it is. But that’s the # 1 lock to use in the file systems path.

There was also some interesting info in the !locks command output, but I
find that using the debugger remote via e-mail is a tad bit painful.

Regards,

Tony

Tony Mason
Consulting Partner
OSR Open Systems Resources, Inc.
http://www.osr.com

-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Maxim S. Shatskih
Sent: Wednesday, November 09, 2005 11:09 AM
To: ntfsd redirect
Subject: Re: [ntfsd] FltSetInformationFile won’t rename a directory?

IIRC !locks is for ERESOURCE locks only.

Maxim Shatskih, Windows DDK MVP
StorageCraft Corporation
xxxxx@storagecraft.com
http://www.storagecraft.com

----- Original Message -----
From: “Tony Mason”
To: “Windows File Systems Devs Interest List”
Sent: Wednesday, November 09, 2005 5:07 PM
Subject: RE: [ntfsd] FltSetInformationFile won’t rename a directory?

Ken,

I don’t think we want to see the thread that is running when you break
in - we want to see the hung thread. If you know the application you
were running you can pick it out of the running process list (“!process
0 0”). Otherwise you can do a full system process/thread dump
(“!process 0 7”) or you can use “!stacks” to try and find the
interesting thread.

If it is a lock-based deadlock (which is a distinct possibility) you can
also use “!locks” to see it.

I hope this helps.

Regards,

Tony

Tony Mason
Consulting Partner
OSR Open Systems Resources, Inc.
http://www.osr.com

-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Ken Cross
Sent: Wednesday, November 09, 2005 8:24 AM
To: ntfsd redirect
Subject: RE: [ntfsd] FltSetInformationFile won’t rename a directory?

I’m afraid it doesn’t help much:

kd> kb
ChildEBP RetAddr Args to Child
804717e0 80468705 00000001 f9d5be02 000000d1
nt!RtlpBreakWithStatusInstruction
804717e0 80069b02 00000001 f9d5be02 000000d1 nt!KeUpdateSystemTime+0x161
80471864 804643bc 0000000e 00000000 00000000 hal!HalProcessorIdle+0x2
ffdff800 80480f64 00000001 00000000 000064ba nt!KiIdleLoop+0x10
ffdff804 00000000 00000000 000064ba 000064ba nt!KiTimerExpireDpc+0x4

I tried kb=ebp, kb=eip, kb=esp and they give similar results.

Let me clarify one thing: the entire system isn’t hung, just my
minifilter.
FltSetInformationFile just never returns. Of course, since my
minifilter
processes all disk I/O, anything that requires disk hangs. But anything
in
memory (like a command-line prompt) still works OK.

I think I’ve done most of the things to rule out something stupid on my
part
(always a possibility ;-):

- I use FltSetInformationFile several other places with no problem
- FltSetInformationFile works fine renaming a file
- ZwSetInformationFile works fine renaming a directory using
(essentially)
the same arguments that I pass to FltSetInformationFile

It’s only when FltSetInformationFile is used to rename a directory that
I’ve
hit this problem. (FYI, it’s a “simple” rename, where the
FILE_RENAME_INFORMATION just contains the new name of the directory.)

I presume that FltSetInformationFile calls ZwSetInformationFile, so it
must
be doing something else internally.

Like I said, I can use ZwSetInformationFile as a workaround, but
FltSetInformationFile is the “right” thing to use.

Ken

-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Ladislav Zezula
Sent: Wednesday, November 09, 2005 7:47 AM
To: Windows File Systems Devs Interest List
Subject: Re: [ntfsd] FltSetInformationFile won’t rename a directory?

> It’s hanging in the FltSetInformationFile routine. I single-step to
that
> point and it never returns.

Yes, but FltSetInformationFile is not one instruction,
it does many things. We need to know
where exactly the thread who called. Break the target
operating system and list stack trace for the thread who
called FltSetInformation. Then tell us where is it hanging.

L.

—
Questions? First check the IFS FAQ at
https://www.osronline.com/article.cfm?id=17

You are currently subscribed to ntfsd as: xxxxx@comcast.net
To unsubscribe send a blank email to xxxxx@lists.osr.com

—
Questions? First check the IFS FAQ at
https://www.osronline.com/article.cfm?id=17

You are currently subscribed to ntfsd as: xxxxx@osr.com
To unsubscribe send a blank email to xxxxx@lists.osr.com

—
Questions? First check the IFS FAQ at
https://www.osronline.com/article.cfm?id=17

You are currently subscribed to ntfsd as: unknown lmsubst tag argument:
‘’
To unsubscribe send a blank email to xxxxx@lists.osr.com

—
Questions? First check the IFS FAQ at
https://www.osronline.com/article.cfm?id=17

You are currently subscribed to ntfsd as: xxxxx@osr.com
To unsubscribe send a blank email to xxxxx@lists.osr.com

Ken,

I tried your steps to repro the deadlock and it doesn’t reproduce.
(Also, the FilterManager code doesn’t specifically hold/acquire any
locks to do this). If you could (directly) send me the complete output
from !stacks I’d be willing to find the thread for you that is
deadlocked and help resolve this issue. Just because you can’t reproduce
this problem with ZwSetInformation doesn’t mean the root cause of this
problem wont crop up again.

Thanks
Apurva

-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Ken Cross
Sent: Wednesday, November 09, 2005 9:35 AM
To: Windows File Systems Devs Interest List
Subject: RE: [ntfsd] FltSetInformationFile won’t rename a directory?

Lyndon:

At this point I’m fairly convinced that even if I did find it, it
wouldn’t
do any good. (Or at least it wouldn’t be something I could fix myself.)

It’s simple to reproduce (see the code I submitted earlier), and the
workaround with ZwSetInformationFile is acceptable for now.

So I’ll leave it to MS to figure out. I’m sure they need a few more
things
to work on…

Ken

-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Lyndon J Clarke
Sent: Wednesday, November 09, 2005 12:04 PM
To: Windows File Systems Devs Interest List
Subject: Re:[ntfsd] FltSetInformationFile won’t rename a directory?

Ken

So its not a thread in cmd.exe … so !process 0 7 or !stacks, find your

thread, shoudl be distinctive if FltXxx is on the stack, and post the
stack
trace for that thread?

Cheers
Lyndon

“Ken Cross” wrote in message news:xxxxx@ntfsd…
> Tony:
>
> Thanks for the help, but it appears that there ain’t much there. The
> application is just cmd.exe, where I type “ren c:\x y”, where c:\x is
a
> directory.
>
> The call actually comes from a kernel thread started by
> FltQueueGenericWorkItem, so I’m not sure of the best way to track that

> down.
>
> My driver isn’t doing anything with locks, so if it’s lock contention,
it
> ain’t coming from me.
>
> FWIW, here’s the output from windbg:
>
>
> kd> !stacks
> …
> [CMD.EXE]
> 66c.0005b4 8114eda0 0000756 BLOCKED nt!KiSwapThread
> Kernel stack currently not resident.
> f40e3c4c 8042c2ad nt!KeWaitForSingleObject(8114ef88,
00000011,
> f40e3d01)+0x1a1
> f40e3d50 804c54a4 nt!NtRequestWaitReplyPort(00000024,
0012fcd0,
> 0012fcd0)+0x75a
> f40e3d50 80464f84 nt!KiSystemService(00000024, 0012fcd0,
> 0012fcd0)+0xc4
> 0012fca0 77f88b77 NTDLL!NtRequestWaitReplyPort(00000000,
> 00000000,
> 00000000)+0xb
>
> kd> !thread 8114eda0
> THREAD 8114eda0 Cid 66c.5b4 Teb: 7ffde000 Win32Thread: a2227b98
WAIT:
> (WrLpcReply) UserMode Non-Alertable
> 8114ef88 Semaphore Limit 0x1
> Waiting for reply to LPC MessageId 00000edf:
> Pending LPC Reply Message:
> e27dd3d1: [60800000,04000000]
> Not impersonating
> Owning Process 8114f020
> Wait Start TickCount 42180 Elapsed Ticks: 1878
> Context Switch Count 923 LargeStack
> UserTime 0:00:00.0015
> KernelTime 0:00:00.0359
> Start Address 0x7c57b70c
> Win32 Start Address 0x4ad1a610
> Stack Init f40e4000 Current f40e3c0c Base f40e4000 Limit f40e1000 Call
0
> Priority 8 BasePriority 8 PriorityDecrement 0 DecrementCount 0
> Kernel stack not resident.
>
> ChildEBP RetAddr Args to Child
> f40e3c24 8042c2ad 8114ef88 8114ef58 8114eda0 nt!KiSwapThread+0xc5
> f40e3c4c 804c54a4 8114ef88 00000011 f40e3d01
> nt!KeWaitForSingleObject+0x1a1
> f40e3d50 80464f84 00000024 0012fcd0 0012fcd0
> nt!NtRequestWaitReplyPort+0x75a
> f40e3d50 77f88b77 00000024 0012fcd0 0012fcd0 nt!KiSystemService+0xc4
> 0012fca0 00000000 00000000 00000000 00000000
> NTDLL!NtRequestWaitReplyPort+0xb
>
> kd> !locks
> DUMP OF ALL RESOURCE OBJECTS
> KD: Scanning for held locks…
>
> Resource @ nt!CmpRegistryLock (0x80474460) Shared 1 owning threads
> Contention Count = 21
> NumberOfExclusiveWaiters = 1
> Threads: 8181cb20-01<>
>
> Threads Waiting On Exclusive Access:
> 812f6840
> KD: Scanning for held locks…
>
> Resource @ 0x817f84f4 Exclusively owned
> Contention Count = 55
> NumberOfSharedWaiters = 3
> NumberOfExclusiveWaiters = 1
> Threads: 8181c020-01<> 81163da0-01 812a7da0-01 8181cb20-01
>
> Threads Waiting On Exclusive Access:
> 8181d8a0
> KD: Scanning for held
locks…
>
> Resource @ 0x81819340 Shared 1 owning threads
> Threads: 8181d623-01<> Actual Thread 8181D620
> KD: Scanning for held
> locks…
>
> Resource @ 0x812475c0 Shared 1 owning threads
> Threads: 8181dda3-01<> Actual Thread 8181DDA0
> 3464 total locks, 4 locks currently held
>
>
>
>
>
> The problem is trivial to reproduce and doesn’t seem to be related
to my
> driver. So unless someone can confirm that they’ve successfully done
a
> directory rename with FltSetInformationFile, I’m just going to use
> ZwSetInformationFile for now and get back to work…
>
> Ken
>
>
> -----Original Message-----
> From: xxxxx@lists.osr.com
> [mailto:xxxxx@lists.osr.com] On Behalf Of Tony Mason
> Sent: Wednesday, November 09, 2005 9:08 AM
> To: Windows File Systems Devs Interest List
> Subject: RE: [ntfsd] FltSetInformationFile won’t rename a directory?
>
> Ken,
>
> I don’t think we want to see the thread that is running when you break
> in - we want to see the hung thread. If you know the application you
> were running you can pick it out of the running process list
(“!process
> 0 0”). Otherwise you can do a full system process/thread dump
> (“!process 0 7”) or you can use “!stacks” to try and find the
> interesting thread.
>
> If it is a lock-based deadlock (which is a distinct possibility) you
can
> also use “!locks” to see it.
>
> I hope this helps.
>
> Regards,
>
> Tony
>
> Tony Mason
> Consulting Partner
> OSR Open Systems Resources, Inc.
> http://www.osr.com
>
>
> -----Original Message-----
> From: xxxxx@lists.osr.com
> [mailto:xxxxx@lists.osr.com] On Behalf Of Ken Cross
> Sent: Wednesday, November 09, 2005 8:24 AM
> To: ntfsd redirect
> Subject: RE: [ntfsd] FltSetInformationFile won’t rename a directory?
>
> I’m afraid it doesn’t help much:
>
> kd> kb
> ChildEBP RetAddr Args to Child
> 804717e0 80468705 00000001 f9d5be02 000000d1
> nt!RtlpBreakWithStatusInstruction
> 804717e0 80069b02 00000001 f9d5be02 000000d1
nt!KeUpdateSystemTime+0x161
> 80471864 804643bc 0000000e 00000000 00000000 hal!HalProcessorIdle+0x2
> ffdff800 80480f64 00000001 00000000 000064ba nt!KiIdleLoop+0x10
> ffdff804 00000000 00000000 000064ba 000064ba nt!KiTimerExpireDpc+0x4
>
>
> I tried kb=ebp, kb=eip, kb=esp and they give similar results.
>
> Let me clarify one thing: the entire system isn’t hung, just my
> minifilter.
> FltSetInformationFile just never returns. Of course, since my
> minifilter
> processes all disk I/O, anything that requires disk hangs. But
anything
> in
> memory (like a command-line prompt) still works OK.
>
> I think I’ve done most of the things to rule out something stupid on
my
> part
> (always a possibility ;-):
>
> - I use FltSetInformationFile several other places with no problem
> - FltSetInformationFile works fine renaming a file
> - ZwSetInformationFile works fine renaming a directory using
> (essentially)
> the same arguments that I pass to FltSetInformationFile
>
> It’s only when FltSetInformationFile is used to rename a directory
that
> I’ve
> hit this problem. (FYI, it’s a “simple” rename, where the
> FILE_RENAME_INFORMATION just contains the new name of the directory.)
>
> I presume that FltSetInformationFile calls ZwSetInformationFile, so it
> must
> be doing something else internally.
>
> Like I said, I can use ZwSetInformationFile as a workaround, but
> FltSetInformationFile is the “right” thing to use.
>
> Ken
>
>
> -----Original Message-----
> From: xxxxx@lists.osr.com
> [mailto:xxxxx@lists.osr.com] On Behalf Of Ladislav
Zezula
> Sent: Wednesday, November 09, 2005 7:47 AM
> To: Windows File Systems Devs Interest List
> Subject: Re: [ntfsd] FltSetInformationFile won’t rename a directory?
>
>> It’s hanging in the FltSetInformationFile routine. I single-step to
> that
>> point and it never returns.
>
> Yes, but FltSetInformationFile is not one instruction,
> it does many things. We need to know
> where exactly the thread who called. Break the target
> operating system and list stack trace for the thread who
> called FltSetInformation. Then tell us where is it hanging.
>
> L.
>
>
> —
> Questions? First check the IFS FAQ at
> https://www.osronline.com/article.cfm?id=17
>
> You are currently subscribed to ntfsd as: xxxxx@comcast.net
> To unsubscribe send a blank email to xxxxx@lists.osr.com
>
>
>
> —
> Questions? First check the IFS FAQ at
> https://www.osronline.com/article.cfm?id=17
>
> You are currently subscribed to ntfsd as: xxxxx@osr.com
> To unsubscribe send a blank email to xxxxx@lists.osr.com
>
> —
> Questions? First check the IFS FAQ at
> https://www.osronline.com/article.cfm?id=17
>
> You are currently subscribed to ntfsd as: unknown lmsubst tag
argument: ‘’
> To unsubscribe send a blank email to xxxxx@lists.osr.com
>
>
>

—
Questions? First check the IFS FAQ at
https://www.osronline.com/article.cfm?id=17

You are currently subscribed to ntfsd as: xxxxx@comcast.net
To unsubscribe send a blank email to xxxxx@lists.osr.com

—
Questions? First check the IFS FAQ at
https://www.osronline.com/article.cfm?id=17

You are currently subscribed to ntfsd as: xxxxx@microsoft.com
To unsubscribe send a blank email to xxxxx@lists.osr.com

> At this point I’m fairly convinced that even if I did find it, it wouldn’t

do any good. (Or at least it wouldn’t be something I could fix myself.)

I disagree. The fact that others weren’t able to reproduce the deadlock
even with code you claim always deadlocks, means that maybe it is
a bug in your driver.

So I’ll leave it to MS to figure out. I’m sure they need a few more
things
to work on…

Maybe, but if I were you, I would like to be sure that
it is not my fault.

L.

Yep. Apurva and I are working on it…

Ken

-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Ladislav Zezula
Sent: Wednesday, November 09, 2005 4:18 PM
To: Windows File Systems Devs Interest List
Subject: Re: [ntfsd] FltSetInformationFile won’t rename a directory?

At this point I’m fairly convinced that even if I did find it, it wouldn’t
do any good. (Or at least it wouldn’t be something I could fix myself.)

I disagree. The fact that others weren’t able to reproduce the deadlock
even with code you claim always deadlocks, means that maybe it is
a bug in your driver.

So I’ll leave it to MS to figure out. I’m sure they need a few more
things
to work on…

Maybe, but if I were you, I would like to be sure that
it is not my fault.

L.

Questions? First check the IFS FAQ at
https://www.osronline.com/article.cfm?id=17

You are currently subscribed to ntfsd as: xxxxx@comcast.net
To unsubscribe send a blank email to xxxxx@lists.osr.com

I on the other hand am fairly convinced you will find a bug in your driver

“Ken Cross” wrote in message news:xxxxx@ntfsd…
> Lyndon:
>
> At this point I’m fairly convinced that even if I did find it, it wouldn’t
> do any good. (Or at least it wouldn’t be something I could fix myself.)
>
> It’s simple to reproduce (see the code I submitted earlier), and the
> workaround with ZwSetInformationFile is acceptable for now.
>
> So I’ll leave it to MS to figure out. I’m sure they need a few more
> things
> to work on…
>
> Ken
>
>
> -----Original Message-----
> From: xxxxx@lists.osr.com
> [mailto:xxxxx@lists.osr.com] On Behalf Of Lyndon J Clarke
> Sent: Wednesday, November 09, 2005 12:04 PM
> To: Windows File Systems Devs Interest List
> Subject: Re:[ntfsd] FltSetInformationFile won’t rename a directory?
>
> Ken
>
> So its not a thread in cmd.exe … so !process 0 7 or !stacks, find your
> thread, shoudl be distinctive if FltXxx is on the stack, and post the
> stack
> trace for that thread?
>
> Cheers
> Lyndon
>
> “Ken Cross” wrote in message news:xxxxx@ntfsd…
>> Tony:
>>
>> Thanks for the help, but it appears that there ain’t much there. The
>> application is just cmd.exe, where I type “ren c:\x y”, where c:\x is a
>> directory.
>>
>> The call actually comes from a kernel thread started by
>> FltQueueGenericWorkItem, so I’m not sure of the best way to track that
>> down.
>>
>> My driver isn’t doing anything with locks, so if it’s lock contention, it
>> ain’t coming from me.
>>
>> FWIW, here’s the output from windbg:
>>
>>
>> kd> !stacks
>> …
>> [CMD.EXE]
>> 66c.0005b4 8114eda0 0000756 BLOCKED nt!KiSwapThread
>> Kernel stack currently not resident.
>> f40e3c4c 8042c2ad nt!KeWaitForSingleObject(8114ef88, 00000011,
>> f40e3d01)+0x1a1
>> f40e3d50 804c54a4 nt!NtRequestWaitReplyPort(00000024, 0012fcd0,
>> 0012fcd0)+0x75a
>> f40e3d50 80464f84 nt!KiSystemService(00000024, 0012fcd0,
>> 0012fcd0)+0xc4
>> 0012fca0 77f88b77 NTDLL!NtRequestWaitReplyPort(00000000,
>> 00000000,
>> 00000000)+0xb
>>
>> kd> !thread 8114eda0
>> THREAD 8114eda0 Cid 66c.5b4 Teb: 7ffde000 Win32Thread: a2227b98 WAIT:
>> (WrLpcReply) UserMode Non-Alertable
>> 8114ef88 Semaphore Limit 0x1
>> Waiting for reply to LPC MessageId 00000edf:
>> Pending LPC Reply Message:
>> e27dd3d1: [60800000,04000000]
>> Not impersonating
>> Owning Process 8114f020
>> Wait Start TickCount 42180 Elapsed Ticks: 1878
>> Context Switch Count 923 LargeStack
>> UserTime 0:00:00.0015
>> KernelTime 0:00:00.0359
>> Start Address 0x7c57b70c
>> Win32 Start Address 0x4ad1a610
>> Stack Init f40e4000 Current f40e3c0c Base f40e4000 Limit f40e1000 Call 0
>> Priority 8 BasePriority 8 PriorityDecrement 0 DecrementCount 0
>> Kernel stack not resident.
>>
>> ChildEBP RetAddr Args to Child
>> f40e3c24 8042c2ad 8114ef88 8114ef58 8114eda0 nt!KiSwapThread+0xc5
>> f40e3c4c 804c54a4 8114ef88 00000011 f40e3d01
>> nt!KeWaitForSingleObject+0x1a1
>> f40e3d50 80464f84 00000024 0012fcd0 0012fcd0
>> nt!NtRequestWaitReplyPort+0x75a
>> f40e3d50 77f88b77 00000024 0012fcd0 0012fcd0 nt!KiSystemService+0xc4
>> 0012fca0 00000000 00000000 00000000 00000000
>> NTDLL!NtRequestWaitReplyPort+0xb
>>
>> kd> !locks
>> DUMP OF ALL RESOURCE OBJECTS
>> KD: Scanning for held locks…
>>
>> Resource @ nt!CmpRegistryLock (0x80474460) Shared 1 owning threads
>> Contention Count = 21
>> NumberOfExclusiveWaiters = 1
>> Threads: 8181cb20-01<>
>>
>> Threads Waiting On Exclusive Access:
>> 812f6840
>> KD: Scanning for held locks…
>>
>> Resource @ 0x817f84f4 Exclusively owned
>> Contention Count = 55
>> NumberOfSharedWaiters = 3
>> NumberOfExclusiveWaiters = 1
>> Threads: 8181c020-01<> 81163da0-01 812a7da0-01 8181cb20-01
>>
>> Threads Waiting On Exclusive Access:
>> 8181d8a0
>> KD: Scanning for held locks…
>>
>> Resource @ 0x81819340 Shared 1 owning threads
>> Threads: 8181d623-01<> Actual Thread 8181D620
>> KD: Scanning for held
>> locks…
>>
>> Resource @ 0x812475c0 Shared 1 owning threads
>> Threads: 8181dda3-01<> Actual Thread 8181DDA0
>> 3464 total locks, 4 locks currently held
>>
>>
>>
>>
>>
>> The problem is trivial to reproduce and doesn’t seem to be related to
>> my
>> driver. So unless someone can confirm that they’ve successfully done a
>> directory rename with FltSetInformationFile, I’m just going to use
>> ZwSetInformationFile for now and get back to work…
>>
>> Ken
>>
>>
>> -----Original Message-----
>> From: xxxxx@lists.osr.com
>> [mailto:xxxxx@lists.osr.com] On Behalf Of Tony Mason
>> Sent: Wednesday, November 09, 2005 9:08 AM
>> To: Windows File Systems Devs Interest List
>> Subject: RE: [ntfsd] FltSetInformationFile won’t rename a directory?
>>
>> Ken,
>>
>> I don’t think we want to see the thread that is running when you break
>> in - we want to see the hung thread. If you know the application you
>> were running you can pick it out of the running process list (“!process
>> 0 0”). Otherwise you can do a full system process/thread dump
>> (“!process 0 7”) or you can use “!stacks” to try and find the
>> interesting thread.
>>
>> If it is a lock-based deadlock (which is a distinct possibility) you can
>> also use “!locks” to see it.
>>
>> I hope this helps.
>>
>> Regards,
>>
>> Tony
>>
>> Tony Mason
>> Consulting Partner
>> OSR Open Systems Resources, Inc.
>> http://www.osr.com
>>
>>
>> -----Original Message-----
>> From: xxxxx@lists.osr.com
>> [mailto:xxxxx@lists.osr.com] On Behalf Of Ken Cross
>> Sent: Wednesday, November 09, 2005 8:24 AM
>> To: ntfsd redirect
>> Subject: RE: [ntfsd] FltSetInformationFile won’t rename a directory?
>>
>> I’m afraid it doesn’t help much:
>>
>> kd> kb
>> ChildEBP RetAddr Args to Child
>> 804717e0 80468705 00000001 f9d5be02 000000d1
>> nt!RtlpBreakWithStatusInstruction
>> 804717e0 80069b02 00000001 f9d5be02 000000d1 nt!KeUpdateSystemTime+0x161
>> 80471864 804643bc 0000000e 00000000 00000000 hal!HalProcessorIdle+0x2
>> ffdff800 80480f64 00000001 00000000 000064ba nt!KiIdleLoop+0x10
>> ffdff804 00000000 00000000 000064ba 000064ba nt!KiTimerExpireDpc+0x4
>>
>>
>> I tried kb=ebp, kb=eip, kb=esp and they give similar results.
>>
>> Let me clarify one thing: the entire system isn’t hung, just my
>> minifilter.
>> FltSetInformationFile just never returns. Of course, since my
>> minifilter
>> processes all disk I/O, anything that requires disk hangs. But anything
>> in
>> memory (like a command-line prompt) still works OK.
>>
>> I think I’ve done most of the things to rule out something stupid on my
>> part
>> (always a possibility ;-):
>>
>> - I use FltSetInformationFile several other places with no problem
>> - FltSetInformationFile works fine renaming a file
>> - ZwSetInformationFile works fine renaming a directory using
>> (essentially)
>> the same arguments that I pass to FltSetInformationFile
>>
>> It’s only when FltSetInformationFile is used to rename a directory that
>> I’ve
>> hit this problem. (FYI, it’s a “simple” rename, where the
>> FILE_RENAME_INFORMATION just contains the new name of the directory.)
>>
>> I presume that FltSetInformationFile calls ZwSetInformationFile, so it
>> must
>> be doing something else internally.
>>
>> Like I said, I can use ZwSetInformationFile as a workaround, but
>> FltSetInformationFile is the “right” thing to use.
>>
>> Ken
>>
>>
>> -----Original Message-----
>> From: xxxxx@lists.osr.com
>> [mailto:xxxxx@lists.osr.com] On Behalf Of Ladislav Zezula
>> Sent: Wednesday, November 09, 2005 7:47 AM
>> To: Windows File Systems Devs Interest List
>> Subject: Re: [ntfsd] FltSetInformationFile won’t rename a directory?
>>
>>> It’s hanging in the FltSetInformationFile routine. I single-step to
>> that
>>> point and it never returns.
>>
>> Yes, but FltSetInformationFile is not one instruction,
>> it does many things. We need to know
>> where exactly the thread who called. Break the target
>> operating system and list stack trace for the thread who
>> called FltSetInformation. Then tell us where is it hanging.
>>
>> L.
>>
>>
>> —
>> Questions? First check the IFS FAQ at
>> https://www.osronline.com/article.cfm?id=17
>>
>> You are currently subscribed to ntfsd as: xxxxx@comcast.net
>> To unsubscribe send a blank email to xxxxx@lists.osr.com
>>
>>
>>
>> —
>> Questions? First check the IFS FAQ at
>> https://www.osronline.com/article.cfm?id=17
>>
>> You are currently subscribed to ntfsd as: xxxxx@osr.com
>> To unsubscribe send a blank email to xxxxx@lists.osr.com
>>
>> —
>> Questions? First check the IFS FAQ at
>> https://www.osronline.com/article.cfm?id=17
>>
>> You are currently subscribed to ntfsd as: unknown lmsubst tag argument:
>> ‘’
>> To unsubscribe send a blank email to xxxxx@lists.osr.com
>>
>>
>>
>
>
>
> —
> Questions? First check the IFS FAQ at
> https://www.osronline.com/article.cfm?id=17
>
> You are currently subscribed to ntfsd as: xxxxx@comcast.net
> To unsubscribe send a blank email to xxxxx@lists.osr.com
>
>
>

> Yep. Apurva and I are working on it…

If you could make the full crash dump available for download,
I would like to look at it. Maybe I will be able to find what’s wrong.

L.