(allow me to take the liberty of asking a few more questions for doron)
I presume this is I/O to a particular file? How are you opening the
file? Are you using NtOpenFile/IoCreateFile & then converting the
handle into a file object? What options are you specifying when you
create the file.
-p
-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Dan Kyler
Sent: Wednesday, March 08, 2006 12:55 PM
To: Windows System Software Devs Interest List
Subject: Re: [ntdev] KMDF driver leaking MDLs
Ntfs local disk.
----- Original Message -----
From: “Doron Holan”
To: “Windows System Software Devs Interest List”
Sent: Wednesday, March 08, 2006 12:48 PM
Subject: RE: [ntdev] KMDF driver leaking MDLs
Also, to make sure I repro with the same steps, what filesystem are you
reading/writing to (and is it a local or remote disk)?
Thx
d
-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Dan Kyler
Sent: Wednesday, March 08, 2006 10:24 AM
To: Windows System Software Devs Interest List
Subject: Re: [ntdev] KMDF driver leaking MDLs
Thanks!
- Dan.
----- Original Message -----
From: “Doron Holan”
To: “Windows System Software Devs Interest List”
Sent: Wednesday, March 08, 2006 11:03 AM
Subject: RE: [ntdev] KMDF driver leaking MDLs
Yes, this will get fixed for KMDF v1.1.
Thx
d
-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Dan Kyler
Sent: Wednesday, March 08, 2006 6:26 AM
To: Windows System Software Devs Interest List
Subject: Re: [ntdev] KMDF driver leaking MDLs
Hi Doron,
I added this code to my completion routine as a workaround, and it
eliminates the leak. I do this just before deleting the request object:
Irp = WdfRequestWdmGetIrp (
Request);
while (Irp->MdlAddress != NULL)
{
PMDL NextMdl;
NextMdl = Irp->MdlAddress->Next;
MmUnlockPages( Irp->MdlAddress );
IoFreeMdl( Irp->MdlAddress );
Irp->MdlAddress = NextMdl;
}
I think this will work for me for now. Can you file a KMDF bug report
on
this?
Thanks,
- Dan.
----- Original Message -----
From: “Dan Kyler”
To: “Windows System Software Devs Interest List”
Sent: Wednesday, March 08, 2006 7:00 AM
Subject: Re: [ntdev] KMDF driver leaking MDLs
> Hi Doron,
>
> On the first diagnostics you requested, the EvtDestroy routines are
being
> called for both the requests, and the memory objects. MDLs are still
> leaking. KMDF verifier has not reported anything.
>
>>the WDFIOTARGET you are sending I/O to is a devobj with DIRECT_IO set
>>right?
>
> No. The target is a file. The filesystem DO has Flags=0. The
underlying
> volume DO does have DIRECT_IO set.
>
> I believe that the MDLs in question are being created by the
filesystem.
> It is the responsibility of the caller of IoFreeIrp (i.e. the original
Irp
> creator) to free the Mdl. I think KMDF may be missing that. If I
were to
> do this in WDM (which it looks like I may have to…) my completion
> routine would look like this:
>
> NTSTATUS
> WriteCompletion (
> IN PDEVICE_OBJECT DeviceObject,
> IN PIRP Irp,
> IN PVOID Context)
> {
> while (Irp->MdlAddress != NULL)
> {
> PMDL NextMdl;
>
> NextMdl = Irp->MdlAddress->Next;
> MmUnlockPages( Irp->MdlAddress );
> IoFreeMdl( Irp->MdlAddress );
> Irp->MdlAddress = NextMdl;
> }
>
> IoFreeIrp (
> Irp);
>
> return STATUS_MORE_PROCESSING_REQUIRED;
> }
>
> Thanks,
> - Dan.
>
> P.S. Spellcheck wants to change MdlAddress to Maladies 
>
> ----- Original Message -----
> From: “Doron Holan”
> To: “Windows System Software Devs Interest List”
> Sent: Tuesday, March 07, 2006 10:18 PM
> Subject: RE: [ntdev] KMDF driver leaking MDLs
>
>
> There is code in KMDF to see if we ever leak PMDLs (b/c DV doesn’t
track
> that and I had a bug in the Bluetooth core which leaked PMDLs and was
> not found until the v1.1 release), but I will double verify that
> tomorrow. Just to make sure that I am reproducing the same setup, the
> WDFIOTARGET you are sending I/O to is a devobj with DIRECT_IO set
right?
>
> Thx
> d
>
> – I can spell, I just can’t type.
>
> -----Original Message-----
> From: xxxxx@lists.osr.com
> [mailto:xxxxx@lists.osr.com] On Behalf Of Dan Kyler
> Sent: Tuesday, March 07, 2006 9:01 PM
> To: Windows System Software Devs Interest List
> Subject: Re: [ntdev] KMDF driver leaking MDLs
>
>>How are you verifying that an PMDL is leaked?
>
> !poolused shows a gazillion Mdls, and the system runs out of system
> PTEs, causing calls to fail with STATUS_INSUFFICIENT_RESOURCES. A
> sampling of the MDLs in question (!poolfind) shows that they are very
> likely for my I/O’s, because all my I/O’s are 0x10 bytes long, as is
> every MDL I’ve looked at (there’s 192371 of them, so I haven’t checked
> out every one). Also, I set breakpoints on my dispatch and completion
> routines, and verified that the !poolused mdl count goes up by one
when
> my IO is issued, and does not go down after my completion routine.
>
>>Also,
>>Register an EvtObjectDestroy() callback on both the WDFMEMORY and
>>WDFREQUEST. Are they being called?
>
> I’ll try that. I’m assuming that they are being called, because
(again)
> I’m
> assuming that those objects consume pool, and there is no evidence of
> any
> large consumption besides MDLs.
>
>>If so, then the objects are being
>>destroyed and the leak could very well be in KMDF. Did you try running
>>with DV enabled on your driver and wdf0100.sys and the KMDF verifier?
>
> I have DV enabled on both my driver and wdf01000. I didn’t know about
> the
> KMDF verifier thing. I’ll turn that on too.
>
> Thanks,
> - Dan.
>
> ----- Original Message -----
> From: “Doron Holan”
> To: “Windows System Software Devs Interest List”
> Sent: Tuesday, March 07, 2006 8:52 PM
> Subject: RE: [ntdev] KMDF driver leaking MDLs
>
>
> How are you verifying that an PMDL is leaked?
>
> Register an EvtObjectDestroy() callback on both the WDFMEMORY and
> WDFREQUEST. Are they being called? If so, then the objects are being
> destroyed and the leak could very well be in KMDF. Did you try running
> with DV enabled on your driver and wdf0100.sys and the KMDF verifier?
>
> To enable the KMDF verifier, add the following
>
> HKLM\system\currentcontrolset\services<driver>\parameters\wdf
> “VerifierOn” : REG_DWORD : 0x01
>
> Before the driver is loaded.
>
> Thx
> d
>
> -----Original Message-----
> From: xxxxx@lists.osr.com
> [mailto:xxxxx@lists.osr.com] On Behalf Of Dan Kyler
> Sent: Tuesday, March 07, 2006 5:16 PM
> To: Windows System Software Devs Interest List
> Subject: [ntdev] KMDF driver leaking MDLs
>
> My KMDF Volume class filter driver is leaking MDLs (and therefore
system
>
> PTEs).
>
> In the context of a system worker thread, I do the following:
>
> Call WdfRequestCreate with an IO target that is an NTFS file.
> Call Wdf MemoryCreatePreallocated with a nonpaged pool address and
> length of
> 0x10
> Call WdfIoTargetFormatRequestForWrite with the aforementioned target,
> request, and memory objects
> Call WdfRequestSetCompletionRoutine on the request
> Call WdfRequestSend
>
> In the completion routine, I do the following:
>
> Call WdfObjectDelete on the memory object
> Call WdfObjectDelete on the request object
>
> An MDL is leaked each time this happens.
>
> I have tried making the request the parent of the memory and
eliminating
> the
> delete of the memory object, with no effect.
>
> The KMDF documentation indicates that I should not be explicitly
dealing
>
> with MDLs, and I can’t find a routine like WdfMemoryFreeTheMdl, so my
> thinking was that this would be done for me by the framework.
>
> What am I missing?
>
> Thanks,
> - Dan.
>
>
>
> —
> Questions? First check the Kernel Driver FAQ at
> http://www.osronline.com/article.cfm?id=256
>
> To unsubscribe, visit the List Server section of OSR Online at
> http://www.osronline.com/page.cfm?name=ListServer
>
>
> —
> Questions? First check the Kernel Driver FAQ at
> http://www.osronline.com/article.cfm?id=256
>
> To unsubscribe, visit the List Server section of OSR Online at
> http://www.osronline.com/page.cfm?name=ListServer
>
>
>
> —
> Questions? First check the Kernel Driver FAQ at
> http://www.osronline.com/article.cfm?id=256
>
> To unsubscribe, visit the List Server section of OSR Online at
> http://www.osronline.com/page.cfm?name=ListServer
>
>
> —
> Questions? First check the Kernel Driver FAQ at
> http://www.osronline.com/article.cfm?id=256
>
> To unsubscribe, visit the List Server section of OSR Online at
> http://www.osronline.com/page.cfm?name=ListServer
>
>
> —
> Questions? First check the Kernel Driver FAQ at
> http://www.osronline.com/article.cfm?id=256
>
> To unsubscribe, visit the List Server section of OSR Online at
> http://www.osronline.com/page.cfm?name=ListServer
—
Questions? First check the Kernel Driver FAQ at
http://www.osronline.com/article.cfm?id=256
To unsubscribe, visit the List Server section of OSR Online at
http://www.osronline.com/page.cfm?name=ListServer
—
Questions? First check the Kernel Driver FAQ at
http://www.osronline.com/article.cfm?id=256
To unsubscribe, visit the List Server section of OSR Online at
http://www.osronline.com/page.cfm?name=ListServer
—
Questions? First check the Kernel Driver FAQ at
http://www.osronline.com/article.cfm?id=256
To unsubscribe, visit the List Server section of OSR Online at
http://www.osronline.com/page.cfm?name=ListServer
—
Questions? First check the Kernel Driver FAQ at
http://www.osronline.com/article.cfm?id=256
To unsubscribe, visit the List Server section of OSR Online at
http://www.osronline.com/page.cfm?name=ListServer
—
Questions? First check the Kernel Driver FAQ at
http://www.osronline.com/article.cfm?id=256
To unsubscribe, visit the List Server section of OSR Online at
http://www.osronline.com/page.cfm?name=ListServer