Sure. I have reproduced the issue, here are both stacks and a list of locks.
kd> !thread 823ca3e8
THREAD 823ca3e8 Cid 0004.0008 Teb: 00000000 Win32Thread: 00000000 WAIT:
(Executive) KernelMode Non-Alertable
f8a8a99c NotificationEvent
IRP List:
822fa6d0: (0006,01fc) Flags: 00000884 Mdl: 00000000
822c1350: (0006,01fc) Flags: 00000884 Mdl: 00000000
Not impersonating
DeviceMap e1005470
Owning Process 823ca660 Image: System
Attached Process N/A Image: N/A
Wait Start TickCount 467 Ticks: 3196 (0:00:00:49.937)
Context Switch Count 454
UserTime 00:00:00.000
KernelTime 00:00:04.890
Start Address nt!Phase1Initialization (0x80685628)
Stack Init f8a8c000 Current f8a8a914 Base f8a8c000 Limit f8a89000 Call 0
Priority 31 BasePriority 8 PriorityDecrement 0 DecrementCount 0
ChildEBP RetAddr Args to Child
f8a8a92c 80500cd6 823ca458 823ca3e8 804f9d62 nt!KiSwapContext+0x2e (FPO:
[Uses EBP] [0,0,4])
f8a8a938 804f9d62 f8a8aa57 00000000 82267a98 nt!KiSwapThread+0x46 (FPO:
[0,0,0])
f8a8a960 f83d389d 00000000 00000000 00000000 nt!KeWaitForSingleObject+0x1c2
(FPO: [Non-Fpo])
f8a8a9ac f83c729d f83c6f82 00000000 f83ce781 sr!SrPostSyncOperation+0x49
(FPO: [Non-Fpo])
f8a8a9b8 f83ce781 82267a98 82265f80 00000000 sr!SrReadBlobInfo+0x19 (FPO:
[0,0,0])
f8a8a9cc f83c73e2 82267a98 82265f80 00000000 sr!SrIsFileEligible+0x3b (FPO:
[Non-Fpo])
f8a8ab6c f83c7aef 82267a98 82265f80 00040020 sr!SrCreateContext+0x13e (FPO:
[Non-Fpo])
f8a8ab98 f83cb169 00000000 82267b90 00040020 sr!SrGetContext+0xc9 (FPO:
[Non-Fpo])
f8a8abe4 f83c9a22 82267a98 00040020 82265f80 sr!SrHandleEvent+0x35 (FPO:
[Non-Fpo])
f8a8ac48 804ee119 00000000 00000003 822fa6d0 sr!SrCreate+0x2fc (FPO:
[Non-Fpo])
f8a8ac58 f83e66c3 82265f80 822fa6e0 822a4030 nt!IopfCallDriver+0x31 (FPO:
[0,0,0])
f8a8ac88 804ee119 82268840 822fa6d0 822fa6d0 fltMgr!FltpCreate+0x1d9 (FPO:
[Non-Fpo])
f8a8ac98 80578616 822a7350 822682b4 f8a8ae40 nt!IopfCallDriver+0x31 (FPO:
[0,0,0])
f8a8ad78 805b4cbc 822a7368 00000000 82268210 nt!IopParseDevice+0xa12 (FPO:
[Non-Fpo])
f8a8ae00 805b1065 00000000 f8a8ae40 00000240 nt!ObpLookupObjectName+0x56a
(FPO: [Non-Fpo])
f8a8ae54 8056b223 00000000 00000000 5450fe00 nt!ObOpenObjectByName+0xeb
(FPO: [Non-Fpo])
f8a8aed0 8056bc10 f8a8b080 00000003 f8a8b068 nt!IopCreateFile+0x407 (FPO:
[Non-Fpo])
f8a8af18 f83e85b9 f8a8b080 00000003 f8a8b068
nt!IoCreateFileSpecifyDeviceObjectHint+0x52 (FPO: [Non-Fpo])
f8a8afc4 f83e8a28 82270d08 822fa008 f8a8b080 fltMgr!FltCreateFileEx+0x113
(FPO: [Non-Fpo])
f8a8b008 f82bc644 82270d08 822fa008 f8a8b080 fltMgr!FltCreateFile+0x36 (FPO:
[Non-Fpo])
f8a8b0b4 f83e78ff f8a8b0d0 00000005 00000008 mydrv!InstanceSetup+0x124 (FPO:
[Non-Fpo]) (CONV: stdcall)
f8a8b0e8 f83e7e86 822fa008 00000005 80544e80
fltMgr!FltpDoInstanceSetupNotification+0x4b (FPO: [Non-Fpo])
f8a8b148 f83e8211 82270d08 82267c18 00000005 fltMgr!FltpInitInstance+0x272
(FPO: [Non-Fpo])
f8a8b1b8 f83e831c 82270d08 82267c18 00000005
fltMgr!FltpCreateInstanceFromName+0x295 (FPO: [Non-Fpo])
f8a8b220 f83ef342 82270d08 82267c18 00000005
fltMgr!FltpEnumerateRegistryInstances+0xf4 (FPO: [Non-Fpo])
f8a8b270 f83e66da 82267c18 822a9888 822c1360
fltMgr!FltpDoFilterNotificationForNewVolume+0xe4 (FPO: [Non-Fpo])
f8a8b2a4 804ee119 82268840 822c1350 822c1350 fltMgr!FltpCreate+0x1f0 (FPO:
[Non-Fpo])
f8a8b2b4 80578616 822a7350 823c837c f8a8b45c nt!IopfCallDriver+0x31 (FPO:
[0,0,0])
f8a8b394 805b4cbc 822a7368 00000000 823c82d8 nt!IopParseDevice+0xa12 (FPO:
[Non-Fpo])
f8a8b41c 805b1065 00000000 f8a8b45c 00000240 nt!ObpLookupObjectName+0x56a
(FPO: [Non-Fpo])
f8a8b470 8056b223 00000000 00000000 00008200 nt!ObOpenObjectByName+0xeb
(FPO: [Non-Fpo])
f8a8b4ec 8056bb9a f8a8b664 00110080 f8a8b644 nt!IopCreateFile+0x407 (FPO:
[Non-Fpo])
f8a8b548 8056f3c1 f8a8b664 00110080 f8a8b644 nt!IoCreateFile+0x8e (FPO:
[Non-Fpo])
f8a8b588 8053d638 f8a8b664 00110080 f8a8b644 nt!NtOpenFile+0x27 (FPO:
[Non-Fpo])
f8a8b588 804fe6b9 f8a8b664 00110080 f8a8b644 nt!KiFastCallEntry+0xf8 (FPO:
[0,0] TrapFrame @ f8a8b5a8)
f8a8b618 8068f3fd f8a8b664 00110080 f8a8b644 nt!ZwOpenFile+0x11 (FPO:
[6,0,0])
f8a8b668 8068b821 f8a8b68c f8a8b67c 00000000 nt!IopFileUtilRename+0x7b (FPO:
[Non-Fpo])
f8a8b69c 80687b8f 00034000 00000000 00000000
nt!PpLastGoodDoBootProcessing+0x61 (FPO: [Non-Fpo])
f8a8b83c 80685fdd 80087000 00000000 823ca3e8 nt!IoInitSystem+0x759 (FPO:
[Non-Fpo])
f8a8bdac 805c6160 80087000 00000000 00000000 nt!Phase1Initialization+0x9b5
(FPO: [Non-Fpo])
kd> !thread 823c9530
THREAD 823c9530 Cid 0004.001c Teb: 00000000 Win32Thread: 00000000 WAIT:
(Executive) KernelMode Non-Alertable
822e9130 SynchronizationEvent
823c9620 NotificationTimer
IRP List:
822c1008: (0006,01fc) Flags: 00000884 Mdl: 00000000
Not impersonating
DeviceMap e1005470
Owning Process 823ca660 Image: System
Attached Process N/A Image: N/A
Wait Start TickCount 3571 Ticks: 92 (0:00:00:01.437)
Context Switch Count 17
UserTime 00:00:00.000
KernelTime 00:00:00.000
Start Address nt!ExpWorkerThread (0x80534b02)
Stack Init f8aa8000 Current f8aa7834 Base f8aa8000 Limit f8aa5000 Call 0
Priority 13 BasePriority 13 PriorityDecrement 0 DecrementCount 0
ChildEBP RetAddr Args to Child
f8aa784c 80500cd6 823c95a0 823c9530 804f9d62 nt!KiSwapContext+0x2e (FPO:
[Uses EBP] [0,0,4])
f8aa7858 804f9d62 00000000 82267ee8 823c9530 nt!KiSwapThread+0x46 (FPO:
[0,0,0])
f8aa7880 80532388 00000000 00000000 00000000 nt!KeWaitForSingleObject+0x1c2
(FPO: [Non-Fpo])
f8aa78bc 805327e7 00000000 804f6f2c f8aa7918 nt!ExpWaitForResource+0xd2
(FPO: [Non-Fpo])
f8aa78cc f83ef29b 82267ee8 00000001 822ac358
nt!ExAcquireResourceExclusiveLite+0x6f (FPO: [Non-Fpo])
f8aa7918 f83e66da 82267c18 822ac358 822c1018
fltMgr!FltpDoFilterNotificationForNewVolume+0x3d (FPO: [Non-Fpo])
f8aa794c 804ee119 82268840 822c1008 822c1008 fltMgr!FltpCreate+0x1f0 (FPO:
[Non-Fpo])
f8aa795c 80578616 822a7350 82266a4c f8aa7b04 nt!IopfCallDriver+0x31 (FPO:
[0,0,0])
f8aa7a3c 805b4cbc 822a7368 00000000 822669a8 nt!IopParseDevice+0xa12 (FPO:
[Non-Fpo])
f8aa7ac4 805b1065 00000000 f8aa7b04 00000240 nt!ObpLookupObjectName+0x56a
(FPO: [Non-Fpo])
f8aa7b18 8056b223 00000000 00000000 00000000 nt!ObOpenObjectByName+0xeb
(FPO: [Non-Fpo])
f8aa7b94 8056bb9a f8aa7d3c 00120089 f8aa7d14 nt!IopCreateFile+0x407 (FPO:
[Non-Fpo])
f8aa7bf0 8056e2ac f8aa7d3c 00120089 f8aa7d14 nt!IoCreateFile+0x8e (FPO:
[Non-Fpo])
f8aa7c30 8053d638 f8aa7d3c 00120089 f8aa7d14 nt!NtCreateFile+0x30 (FPO:
[Non-Fpo])
f8aa7c30 804fe08d f8aa7d3c 00120089 f8aa7d14 nt!KiFastCallEntry+0xf8 (FPO:
[0,0] TrapFrame @ f8aa7c64)
f8aa7cd4 f83cc2c4 f8aa7d3c 00120089 f8aa7d14 nt!ZwCreateFile+0x11 (FPO:
[11,0,0])
f8aa7d44 f83c6fbb e1495400 f8aa7d5c 000003f2 sr!SrGetSystemVolume+0x7a (FPO:
[Non-Fpo])
f8aa7d64 f83d3839 00000000 8055b0c0 f8aa7dac sr!SrReadBlobInfoWorker+0x39
(FPO: [Non-Fpo])
f8aa7d74 80534c02 f8a8a980 00000000 823c9530 sr!SrSyncOpWorker+0xf (FPO:
[Non-Fpo])
f8aa7dac 805c6160 f8a8a980 00000000 00000000 nt!ExpWorkerThread+0x100 (FPO:
[Non-Fpo])
f8aa7ddc 80541dd2 80534b02 00000000 00000000 nt!PspSystemThreadStartup+0x34
(FPO: [Non-Fpo])
00000000 00000000 00000000 00000000 00000000 nt!KiThreadStartup+0x16
kd> !locks
**** DUMP OF ALL RESOURCE OBJECTS ****
KD: Scanning for held locks…
Resource @ 0x82267ee8 Exclusively owned
Contention Count = 1
NumberOfExclusiveWaiters = 1
Threads: 823ca3e8-01<*>
Threads Waiting On Exclusive Access:
823c9530
KD: Scanning for held locks.
Resource @ 0x82270a58 Shared 1 owning threads
Threads: 823c92bb-01<*> *** Actual Thread 823c92b8
268 total locks, 2 locks currently held
“Alexandru Carp” wrote in message
news:xxxxx@ntfsd…
Hi Dmitry,
Could you please post the stacks of the two threads (the one waiting for the
event and the work item where FltMgr is waiting) ?
Also, let me get this straight. From a previous email I understand that what
you are trying to do is create a directory on the volume. If the directory
already exists you can open it but if you try to create it you will hang. Is
this correct ?
What do you do with the directory you’ve just opened/created ? Do you try to
create a file in it ? If so, does that succeed when the directory exists ?
Which OS are we talking about ?
I’ll look at that code path while waiting for your answers, maybe something
jumps at me.
Regards,
Alex.
This posting is provided “AS IS” with no warranties, and confers no rights.
-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Dmitry G
Sent: Wednesday, January 14, 2009 12:23 AM
To: Windows File Systems Devs Interest List
Subject: Re:[ntfsd] InstanceSetupCallback with FltCreateFileEx
Pavel, thanks for the reply.
Actually, I did and the situation is the following:
Looks like SR dispatches a work item which should signal an event later. The
thread in the context of which my InstanceSetup and SR work is therefore
blocked. The work item dispatched by the SR tries to create a file somewhere
and this action makes the FltMgr activate my InstanceSetup again from
another thread. But since the first thread haven’t returned a status (ATTACH
or DON’T ATTACH) yet, FltMgr is stuck waiting for a resource which I suppose
is my driver: The only way I found to overcome this obstacle is using
IoCreateFileSpecifyDeviceObjectHint, bypassing everything between FltMgr and
NTFS and thus I am not being caught by the SR.
Is this a correct operation on behalf of my driver?
Why doesn’t FltMgr handle this recursion properly?
It would be much appreciated if anyone from Microsoft responded.
Regards,
Dmitry.
“Dmitry G” wrote in message news:xxxxx@ntfsd…
> Hi, all
> My minifilter belongs to the subset of boot start drivers (StartType = 0)
> and it also allows automatic attachments (flags = 0). Recently I am
> observing the following problem:
> The system calls my InstanceSetup callback upon first IO (as promised by
> the DDK)
> and from observing the third param to IoCreateFile, I understand it
> represents \SystemRoot\LastGood.
> I am trying to create a directory using FltCreateFileEx() on the volume
> above which I am being mounted.
> The problem is SR seems to be intercepting this action and hangs the
> calling thread afterwards.
>
> The disposition for FltCreateFileEx are FILE_OPEN_IF. If I am just opening
> the directory
> (which was created earlier by some user mode app) using the FILE_OPEN
> disposition everything is fine.
>
> 1. What can it be waiting for?
> 2. Is it possible to create directories/files in an InstanceSetup
> callback?
>
> Any help would be much appreciated.
> Regards,
> Dmitry
>
> 0: kd> !thread 819b65b8
> THREAD 819b65b8 Cid 0004.0008 Teb: 00000000 Win32Thread: 00000000 WAIT:
> (Executive) KernelMode Non-Alertable
> f9dc28b4 NotificationEvent
> IRP List:
> 819808f8: (0006,01b4) Flags: 00000884 Mdl: 00000000
> 81980e48: (0006,01b4) Flags: 00000884 Mdl: 00000000
> Not impersonating
> DeviceMap e10006b0
> Owning Process 819b6830 Image: System
> Attached Process N/A Image: N/A
> Wait Start TickCount 1697 Ticks: 81 (0:00:00:01.265)
> Context Switch Count 236
> UserTime 00:00:00.000
> KernelTime 00:00:19.078
> Start Address nt!Phase1Initialization (0x8069790c)
> Stack Init f9dc4000 Current f9dc282c Base f9dc4000 Limit f9dc1000 Call 0
> Priority 31 BasePriority 8 PriorityDecrement 0 DecrementCount 0
> ChildEBP RetAddr Args to Child
> f9dc2844 80503846 819b6628 819b65b8 804fb078 nt!KiSwapContext+0x2f (FPO:
> [Uses EBP] [0,0,4])
> f9dc2850 804fb078 f9dc296f 00000000 8198a5f8 nt!KiSwapThread+0x8a (FPO:
> [0,0,0])
> f9dc2878 f97c489d 00000000 00000000 00000000
> nt!KeWaitForSingleObject+0x1c2 (FPO: [Non-Fpo])
> f9dc28c4 f97b829d f97b7f82 00000000 f97bf781 sr!SrPostSyncOperation+0x49
> (FPO: [Non-Fpo])
> f9dc28d0 f97bf781 8198a5f8 81980870 00000000 sr!SrReadBlobInfo+0x19 (FPO:
> [0,0,0])
> f9dc28e4 f97b83e2 8198a5f8 81980870 1ea91c01 sr!SrIsFileEligible+0x3b
> (FPO: [Non-Fpo])
> f9dc2a84 f97b8aef 8198a5f8 81980870 00020080 sr!SrCreateContext+0x13e
> (FPO: [Non-Fpo])
> f9dc2ab0 f97bc169 00000000 8198a6f0 00020080 sr!SrGetContext+0xc9 (FPO:
> [Non-Fpo])
> f9dc2afc f97baa22 8198a5f8 00020080 81980870 sr!SrHandleEvent+0x35 (FPO:
> [Non-Fpo])
> f9dc2b60 804ef19f 00000000 00000003 819808f8 sr!SrCreate+0x2fc (FPO:
> [Non-Fpo])
> f9dc2b70 f97d76c3 81980870 81980908 8198ddf0 nt!IopfCallDriver+0x31 (FPO:
> [0,0,0])
> f9dc2ba0 804ef19f 8198ac88 819808f8 819808f8 fltMgr!FltpCreate+0x1d9 (FPO:
> [Non-Fpo])
> f9dc2bb0 805831fa 8198e3b0 8198ae9c f9dc2d48 nt!IopfCallDriver+0x31 (FPO:
> [0,0,0])
> f9dc2c90 805bf450 8198e3c8 00000000 8198adf8 nt!IopParseDevice+0xa12 (FPO:
> [Non-Fpo])
> f9dc2d08 805bb9dc 00000000 f9dc2d48 00000240 nt!ObpLookupObjectName+0x53c
> (FPO: [Non-Fpo])
> f9dc2d5c 80576033 00000000 00000000 99f56000 nt!ObOpenObjectByName+0xea
> (FPO: [Non-Fpo])
> f9dc2dd8 80576a20 f9dc2fd0 00100001 f9dc2fb0 nt!IopCreateFile+0x407 (FPO:
> [Non-Fpo])
> f9dc2e20 f97d95b9 f9dc2fd0 00100001 f9dc2fb0
> nt!IoCreateFileSpecifyDeviceObjectHint+0x52 (FPO: [Non-Fpo])
> f9dc2ecc f97d9a28 8198b780 81980ab8 f9dc2fd0 fltMgr!FltCreateFileEx+0x113
> (FPO: [Non-Fpo])
> f9dc2f10 f96ba775 8198b780 81980ab8 f9dc2fd0 fltMgr!FltCreateFile+0x36
> (FPO: [Non-Fpo])
> f9dc2f58 f96ba9bb 8198b780 81980ab8 f9dc2fd0 mydrv!CreateFile+0x45 (FPO:
> [Non-Fpo]) (CONV: stdcall)
> *
> *
> *
> f9dc3064 f96ad678 8198b780 81980ab8 8198a880 mydrv!InitDirs+0x156 (FPO:
> [Non-Fpo]) (CONV: stdcall)
> f9dc30c0 f97d88ff f9dc30dc 00000005 00000008 mydrv!InstanceSetupCB+0x158
> (FPO: [Non-Fpo]) (CONV: stdcall)
> f9dc30f4 f97d8e86 81980ab8 00000005 8054b968
> fltMgr!FltpDoInstanceSetupNotification+0x4b (FPO: [Non-Fpo])
> f9dc3154 f97d9211 8198b780 8198a880 00000005 fltMgr!FltpInitInstance+0x272
> (FPO: [Non-Fpo])
> f9dc31c4 f97d931c 8198b780 8198a880 00000005
> fltMgr!FltpCreateInstanceFromName+0x295 (FPO: [Non-Fpo])
> f9dc322c f97e0342 8198b780 8198a880 00000005
> fltMgr!FltpEnumerateRegistryInstances+0xf4 (FPO: [Non-Fpo])
> f9dc327c f97d76da 8198a880 8198e5c0 81980e58
> fltMgr!FltpDoFilterNotificationForNewVolume+0xe4 (FPO: [Non-Fpo])
> f9dc32b0 804ef19f 8198ac88 81980e48 81980e48 fltMgr!FltpCreate+0x1f0 (FPO:
> [Non-Fpo])
> f9dc32c0 805831fa 8198e3b0 819bee64 f9dc3458 nt!IopfCallDriver+0x31 (FPO:
> [0,0,0])
> f9dc33a0 805bf450 8198e3c8 00000000 819bedc0 nt!IopParseDevice+0xa12 (FPO:
> [Non-Fpo])
> f9dc3418 805bb9dc 00000000 f9dc3458 00000240 nt!ObpLookupObjectName+0x53c
> (FPO: [Non-Fpo])
> f9dc346c 80576033 00000000 00000000 00008200 nt!ObOpenObjectByName+0xea
> (FPO: [Non-Fpo])
> f9dc34e8 805769aa f9dc3660 00110080 f9dc3640 nt!IopCreateFile+0x407 (FPO:
> [Non-Fpo])
> f9dc3544 8057a1a9 f9dc3660 00110080 f9dc3640 nt!IoCreateFile+0x8e (FPO:
> [Non-Fpo])
> f9dc3584 8054162c f9dc3660 00110080 f9dc3640 nt!NtOpenFile+0x27 (FPO:
> [Non-Fpo])
> f9dc3584 8050065d f9dc3660 00110080 f9dc3640 nt!KiFastCallEntry+0xfc (FPO:
> [0,0] TrapFrame @ f9dc35a4)
> f9dc3614 806a1825 f9dc3660 00110080 f9dc3640 nt!ZwOpenFile+0x11 (FPO:
> [6,0,0])
>
> 0: kd> !irp 819808f8
> Irp is active with 9 stacks 9 is current (= 0x81980a88)
> No Mdl: No System Buffer: Thread 819b65b8: Irp stack trace.
> cmd flg cl Device File Completion-Context
> [0, 0] 0 0 00000000 00000000 00000000-00000000
>
> Args: 00000000 00000000 00000000 00000000
> [0, 0] 0 0 00000000 00000000 00000000-00000000
>
> Args: 00000000 00000000 00000000 00000000
> [0, 0] 0 0 00000000 00000000 00000000-00000000
>
> Args: 00000000 00000000 00000000 00000000
> [0, 0] 0 0 00000000 00000000 00000000-00000000
>
> Args: 00000000 00000000 00000000 00000000
> [0, 0] 0 0 00000000 00000000 00000000-00000000
>
> Args: 00000000 00000000 00000000 00000000
> [0, 0] 0 0 00000000 00000000 00000000-00000000
>
> Args: 00000000 00000000 00000000 00000000
> [0, 0] 0 0 00000000 00000000 00000000-00000000
>
> Args: 00000000 00000000 00000000 00000000
> [0, 0] 0 0 81916020 00000000 f97b5408-f9dc2b3c
> \FileSystem\Ntfs sr!SrStopProcessingCompletion
> Args: 00000000 00000000 00000000 00000000
>>[0, 0] 0 0 8198a540 81980870 00000000-00000000
> \FileSystem\sr
> Args: f9dc2bdc 03000021 00030010 00000000
> 0: kd> !irp 81980e48
> Irp is active with 9 stacks 9 is current (= 0x81980fd8)
> No Mdl: No System Buffer: Thread 819b65b8: Irp stack trace.
> cmd flg cl Device File Completion-Context
> [0, 0] 0 0 00000000 00000000 00000000-00000000
>
> Args: 00000000 00000000 00000000 00000000
> [0, 0] 0 0 00000000 00000000 00000000-00000000
>
> Args: 00000000 00000000 00000000 00000000
> [0, 0] 0 0 00000000 00000000 00000000-00000000
>
> Args: 00000000 00000000 00000000 00000000
> [0, 0] 0 0 00000000 00000000 00000000-00000000
>
> Args: 00000000 00000000 00000000 00000000
> [0, 0] 0 0 00000000 00000000 00000000-00000000
>
> Args: 00000000 00000000 00000000 00000000
> [0, 0] 0 0 00000000 00000000 00000000-00000000
>
> Args: 00000000 00000000 00000000 00000000
> [0, 0] 0 0 00000000 00000000 00000000-00000000
>
> Args: 00000000 00000000 00000000 00000000
> [0, 0] 0 0 00000000 00000000 00000000-00000000
>
> Args: 00000000 00000000 00000000 00000000
>>[0, 0] 0 0 8198ac88 8198e5c0 00000000-00000000
> \FileSystem\FltMgr
> Args: f9dc32ec 01204022 00070000 00000000
>
>
>
>
—
NTFSD is sponsored by OSR
For our schedule debugging and file system seminars
(including our new fs mini-filter seminar) visit:
http://www.osr.com/seminars
You are currently subscribed to ntfsd as: xxxxx@microsoft.com
To unsubscribe send a blank email to xxxxx@lists.osr.com
