First off, thanks for the help on my earlier questions. Thanks to answers, examples, and experimentation, I have a kernel mode USB filter driver and an additional control device that user mode can access to interact with the filter, though I have more work to finish that actual interaction.
I followed an OSR Online example article to create the filter with control device(http://www.osronline.com/article.cfm?id=446), and I have a question regarding a point the author stresses very strongly. In the source, there is a comment that says the following:
“The filter driver examples in the WDF distribution indicate
that the proper way to clean up a control device is to
call WdfObjectDelete on it when the last filter device goes
away. Unfortunately, this is entirely unsafe and prone to
BSODing. The problem is that the call to WdfObjectDelete
completely tears down the control device, regardless of
whether or not a user mode application has an open HANDLE to
it. If the user mode application then proceeds to do ANY
operations against the open HANDLE, the system will BSOD when
the framework accesses the (now dead) WDFDEVICE.”
It seems that the article was talking about WDF 1.0, and I believe the latest is version 1.9. Is this warning still applicable, or is there a way around it? If I have a filter driver with an associated control device, is there someway I can be absolutely sure it is safe to delete the control device (once the physical device goes away)? The comments elsewhere in the file make it seem like even if you try to synchronize open/close notifications, there can be a race condition, and the user mode ends up with a handle to a deleted device.
Ideally I would like my control device to go away whenever the device is removed, especially since I am creating new driver versions and installing them over the existing one. I assume that would cause problems if I already had a control device that was created once and never went away.
If it helps, my physical device is USB, and I could look into the possibility of using the safe USB device removal options, if that works for filter drivers.
v1.9 fixes this issue (actually fixed in a previous release).
d
dent from a phpne with no keynoard
-----Original Message-----
From: xxxxx@gmail.com
Sent: November 12, 2010 9:02 PM
To: Windows System Software Devs Interest List
Subject: [ntdev] Safely deleting control device that user mode has opened
First off, thanks for the help on my earlier questions. Thanks to answers, examples, and experimentation, I have a kernel mode USB filter driver and an additional control device that user mode can access to interact with the filter, though I have more work to finish that actual interaction.
I followed an OSR Online example article to create the filter with control device(http://www.osronline.com/article.cfm?id=446), and I have a question regarding a point the author stresses very strongly. In the source, there is a comment that says the following:
“The filter driver examples in the WDF distribution indicate
that the proper way to clean up a control device is to
call WdfObjectDelete on it when the last filter device goes
away. Unfortunately, this is entirely unsafe and prone to
BSODing. The problem is that the call to WdfObjectDelete
completely tears down the control device, regardless of
whether or not a user mode application has an open HANDLE to
it. If the user mode application then proceeds to do ANY
operations against the open HANDLE, the system will BSOD when
the framework accesses the (now dead) WDFDEVICE.”
It seems that the article was talking about WDF 1.0, and I believe the latest is version 1.9. Is this warning still applicable, or is there a way around it? If I have a filter driver with an associated control device, is there someway I can be absolutely sure it is safe to delete the control device (once the physical device goes away)? The comments elsewhere in the file make it seem like even if you try to synchronize open/close notifications, there can be a race condition, and the user mode ends up with a handle to a deleted device.
Ideally I would like my control device to go away whenever the device is removed, especially since I am creating new driver versions and installing them over the existing one. I assume that would cause problems if I already had a control device that was created once and never went away.
If it helps, my physical device is USB, and I could look into the possibility of using the safe USB device removal options, if that works for filter drivers.
—
NTDEV is sponsored by OSR
For our schedule of WDF, WDM, debugging and other seminars visit:
http://www.osr.com/seminars
To unsubscribe, visit the List Server section of OSR Online at http://www.osronline.com/page.cfm?name=ListServer
Good grief that was a quick response, thanks. Do I need to do any special code to make sure it is safe?
As in, is it safe to just plain call WdfObjectDelete when EvtCleanupCallback tells me the last filter device has been removed, even if usermode has an open handle to the control device? Does the user start receiving errors if they continue using that handle, then?
Thanks very much for your patience!