Hello Scott. Thanks for the additional input.
Attempting to do the purge in the paging read path isn’t really a fix.
Nothing says that you’re even going to receive paging reads in this case as
the data could already be present in memory.
Completely agreed. If the FsRtlCreateSectionForDataScan caller never
actually faults in any file content, the scenario “1 through 13” I
described would be back to not being able to force the
DataSectionObject closed.
The IRP_MJ_READ path just appears to be the only synchronous execution
opportunity our redirector currently receives in the customer
scenario, where we even /could/ call MmForceSectionClosed at a time
when the DataSectionObject is populated. We are /sometimes/ seeing
FileBasicInformation being queried against that same FILE_OBJECT, but
not as consistently as the IRP_MJ_READ.
Can you determine the context in which FsRtlCreateSectionForDataScan is
being called?
We believe that the FsRtlCreateSectionForDataScan caller’s premise is
correct and legitimate. We expect they are filtering IRP_MJ_CREATE
and want to perform data inspection at a time when handles cannot yet
be created, because the IRP_MJ_CREATE processing has not completed
from the Windows I/O manager perspective.
- What failure are you ultimately seeing from this? I’m just curious what
the manifestation is that would cause your users/customers to complain
So far, just the symptom of “the application-specific .DLL file is
being held open across the network, even though we have completely
exited the application and no process using that DLL remains running.”
The customer is also having a sporadic “attempting to re-open the
application fails”, but that’s not been proven to be related to this
DataSectionObject behavior (yet).
The “files are being held open 100% of the time after we exit the
application” is just the first behavior they noticed while attempting
to investigate the failure. Which seems like a reasonable expectation
and cause for the customer’s concern, given that this behavior didn’t
happen until & unless the third-party FsRtlCreateSectionForDataScan
caller is also present.
But no, within just the “DataSectionObject control area remains unless
we’re able to force it closed with MmForceSectionClosed”, there is no
overt “failure” occurring from that scenario. Only the underlying
network file handle(s) being left open, which are subjectively “not
supposed to still be open.”
If some other client workstation wanted exclusive access to those
files (as opposed to just shared read-only-execute), the fact that a
workstation “holds those files open indefinitely, until the local
workstation’s memory manager decides its appropriate to free up the
control area” is probably the best way to cast this current behavior
in the light of “being a problem.”
- Can you reproduce the behavior with the third party product and
another file system?
I haven’t proven that yet; it’s a scenario I was going to look at if
we needed to tell the customer “this is just the way it’s going to be”
and assuage their concerns by demonstrating how it’s happening with
other redirectors, too. For a local file system, probably nobody
cares if this is happening.
Not sure what I would see from MRxSMB handling this situation across
the wire. One thought I have along those lines is that any file
system that uses Windows Cache Manager would have “an extra excuse”
for the file still being open even after the application exited.
Which, since we don’t ever CcInitializeCacheMap in our file system,
ostensibly doesn’t apply in our case.
Alan Adams
Client for Open Enterprise Server
Micro Focus
xxxxx@microfocus.com