Hi -
While testing my driver on Windows 2003 Enterprise Server (checked
build) I ran into the following:
*** Assertion Failed: HandleTable != NULL
*** Source File: d:\svr03rtm\base\ntos\ob\obref.c, line 1217
What my driver is doing is this: it opens a handle and attaches to a
process of interest (which is typically cmd.exe), then attempts to
ObReferenceObjectByHandle for a handle beloging to the process. Most of
the time it works just fine. However, sometimes I seem to hit
a race condition when the ORBH is called while the process is being
terminated - then I get this assertion. The assertion is not benign
- the system would crash if continue.
The process structure at this point looks like this:
0: kd> !process 114
Searching for Process with Cid == 114
PROCESS 83fb4020 SessionId: 0 Cid: 0114 Peb: 7ffdf000 ParentCid:
07b0
DirBase: 35c4b000 ObjectTable: 00000000 HandleCount: 0.
Image: cmd.exe
VadRoot 846bc498 Vads 30 Clone 0 Private 73. Modified 586. Locked 0.
DeviceMap e20716a8
Token e119ec48
ElapsedTime 0:00:00.0382
UserTime 0:00:00.0000
KernelTime 0:00:00.0078
QuotaPoolUsage[PagedPool] 13276
QuotaPoolUsage[NonPagedPool] 1200
Working Set Sizes (now,min,max) (439, 50, 345) (1756KB, 200KB,
1380KB)
PeakWorkingSetSize 443
VirtualSize 11 Mb
PeakVirtualSize 15 Mb
PageFaultCount 444
MemoryPriority BACKGROUND
BasePriority 8
CommitCharge 359
So, I’d expect ORBH to return an error code rather than crash. Unless
I’m missing something I should (or should not!) do to get it safe.
Could someone with access to obref.c comment on this please? (Note the
same code works fine on W2K).
Thank you in advance,
- Vitaly