Hello. My driver is a volume class upper filter driver.
To install it, I use the SetupDi* family of function to refresh the volume
dev node. If one of the volumes is busy, the user can choose whether
to reboot or not.
In the LAB, when installing under heavy FS I/O stress, the system hangs.
Attaching windbg, I could see that the driver was installed successfully,
however the machine was always on the same thread.
This is the first time the hang occurs after half a year of testing.
Here is the machine info:
Windows 2000 2195 x86 compatible. No service pack, pentium 3 single cpu.
Here is the process info of the offending thread:
kd> !process 818d6020
PROCESS 818d6020 SessionId: 0 Cid: 03b4 Peb: 7ffdf000 ParentCid: 038c
DirBase: 15e40000 ObjectTable: 81902248 TableSize: 373.
Image: explorer.exe
VadRoot 818bc948 Clone 0 Private 795. Modified 22066. Locked 0.
DeviceMap 820ad008
Process Lock Owned by Thread 81892660
Token e297a490
ElapsedTime 0:18:55.0375
UserTime 0:00:13.0812
KernelTime 0:14:20.0781
QuotaPoolUsage[PagedPool] 40532
QuotaPoolUsage[NonPagedPool] 16100
Working Set Sizes (now,min,max) (1058, 50, 345) (4232KB, 200KB, 1380KB)
PeakWorkingSetSize 2139
VirtualSize 50 Mb
PeakVirtualSize 63 Mb
PageFaultCount 21255
MemoryPriority BACKGROUND
BasePriority 8
CommitCharge 1135
THREAD 81892660 Cid 3b4.400 Teb: 00000000 Win32Thread: 00000000
RUNNING
IRP List:
840be008: (0006,01b4) Flags: 00000000 Mdl: 00000000
83cfd208: (0006,01b4) Flags: 00000000 Mdl: 00000000
83cfd3c8: (0006,01b4) Flags: 00000000 Mdl: 00000000
83cfd588: (0006,01b4) Flags: 00000000 Mdl: 00000000
83cfd748: (0006,01b4) Flags: 00000000 Mdl: 00000000
83cfd908: (0006,01b4) Flags: 00000000 Mdl: 00000000
83cfdac8: (0006,01b4) Flags: 00000000 Mdl: 00000000
83cfdc88: (0006,01b4) Flags: 00000000 Mdl: 00000000
83cfde48: (0006,01b4) Flags: 00000000 Mdl: 00000000
83cfd008: (0006,01b4) Flags: 00000000 Mdl: 00000000
84c7c208: (0006,01b4) Flags: 00000000 Mdl: 00000000
84c7c3c8: (0006,01b4) Flags: 00000000 Mdl: 00000000
84c7c588: (0006,01b4) Flags: 00000000 Mdl: 00000000
84c7c748: (0006,01b4) Flags: 00000000 Mdl: 00000000
84c7c908: (0006,01b4) Flags: 00000000 Mdl: 00000000
84c7cac8: (0006,01b4) Flags: 00000000 Mdl: 00000000
84c7cc88: (0006,01b4) Flags: 00000000 Mdl: 00000000
Not impersonating
Owning Process 818d6020
WaitTime (seconds) 79041
Context Switch Count 8716 LargeStack
UserTime 0:00:12.0093
KernelTime 0:14:15.0015
Start Address KERNEL32!BaseThreadStartThunk (0x77e92c50)
Win32 Start Address SHELL32!FSNotifyThreadProc (0x775a4772)
Stack Init f4246000 Current f4245ae8 Base f4246000 Limit f4243000
Call 0
Priority 16 BasePriority 8 PriorityDecrement 0 DecrementCount 0
ChildEBP RetAddr Args to Child
f4245ab8 804654be 00000001 00000002 000000d1
nt!RtlpBreakWithStatusInstruction
f4245ab8 80430a8a 00000001 00000002 000000d1
nt!KeUpdateSystemTime+0x13e
f4245b54 8042e1fc 00000000 02000000 f4245b94
nt!KiInsertQueueApc+0x81
f4245b64 8041f900 fb7c8b08 818e0c08 00000000
nt!KeInsertQueueApc+0x32
f4245b94 8041de7a 8041dccc fb7c8ac8 80064b6c
nt!IopfCompleteRequest+0x299
f4245c08 8041f5cd 8204e020 fb7c8ac8 8189286c
nt!FsRtlCancelNotify+0x20f
f4245c28 804be006 fb7c8ac8 818d6020 81892660 nt!IoCancelIrp+0x75
f4245c50 8049f4d5 81892660 80064bc4 00000000
nt!IoCancelThreadIo+0x37
f4245d04 804a90c9 00000000 818c6568 80430921 nt!PspExitThread+0x38c
f4245d10 80430921 818c6568 f4245d48 f4245d3c
nt!PsExitSpecialApc+0x1a
f4245d4c 804616fa 00000001 00000000 f4245d64 nt!KiDeliverApc+0x158
f4245d4c 77f831c0 00000001 00000000 f4245d64 nt!KiServiceExit+0x58
00dafe40 77ea11cc 000006ac 00000000 00000000
ntdll!ZwNotifyChangeDirectoryFile+0xb
00dafe6c 775a495d 000006ac 0001006a 00000000
KERNEL32!FindNextChangeNotification+0x23
00daffb4 77e92ca8 00000000 0001006a 00000000
SHELL32!FSNotifyThreadProc+0x228
00daffec 00000000 775a4772 00000000 00000000
KERNEL32!BaseThreadStart+0x52
THREAD 819b4020 Cid 3b4.414 Teb: 7ffab000 Win32Thread: e2b151c8
WAIT: (Executive) UserMode Non-Alertable
818d6090 SynchronizationEvent
Not impersonating
Owning Process 818d6020
WaitTime (seconds) 27675
Context Switch Count 4 LargeStack
UserTime 0:00:00.0000
KernelTime 0:00:00.0000
Start Address KERNEL32!BaseThreadStartThunk (0x77e92c50)
Win32 Start Address webcheck (0x76681757)
Stack Init f3f8e000 Current f3f8dbc8 Base f3f8e000 Limit f3f8b000
Call 0
Priority 16 BasePriority 1 PriorityDecrement 0 DecrementCount 0
Kernel stack not resident.
ChildEBP RetAddr Args to Child
f3f8dbe0 8042d61c 818d6090 818d6020 8046a820 nt!KiSwapThread+0xc5
f3f8dc08 804ae109 818d6090 00000000 00000001
nt!KeWaitForSingleObject+0x1a1
f3f8dc48 804bb2fc 818d6000 00000001 00000003 nt!PsLockProcess+0xae
f3f8dd04 804a90c9 00000000 818f9d88 80430921 nt!PspExitThread+0x8e
f3f8dd10 80430921 818f9d88 f3f8dd48 f3f8dd3c
nt!PsExitSpecialApc+0x1a
f3f8dd4c 804616fa 00000001 00000000 f3f8dd64 nt!KiDeliverApc+0x158
f3f8dd4c 77f87e77 00000001 00000000 f3f8dd64 nt!KiServiceExit+0x58
017cff1c 77e879b2 00000003 017cff44 00000001
ntdll!NtWaitForMultipleObjects+0xb
017cff6c 77e9e68a 017cff44 00000001 00000000
KERNEL32!WaitForMultipleObjectsEx+0xea
017cff84 766817cb 00000003 017cffa8 00000000
KERNEL32!WaitForMultipleObjects+0x17
017cffb4 77e92ca8 00000000 00000000 00d5fa44 webcheck+0x17cb
017cffec 00000000 76681757 00000000 00000000
KERNEL32!BaseThreadStart+0x52
Perhaps someone can explain what’s happenings? It seems stuck during I/O
cancellation.
ERAN.