yes, the IRQL == PASSIVE_LEVEL, i call ZwOpenFile in a system thread and
never raise irql,
when i use windbg to analyze the lock, the cmd output’s like this:
(my driver is backupex, the thread startup proc is FilterThread)
==================================================================
kd> !locks
**** DUMP OF ALL RESOURCE OBJECTS ****
KD: Scanning for held locks…
Resource @ 0x814824f4 Exclusively owned
Contention Count = 2
NumberOfSharedWaiters = 1
Threads: 81473760-02<*> 8144f900-01
KD: Scanning for held locks.
Resource @ 0x81462368 Exclusively owned
Threads: 81473760-01<*>
KD: Scanning for held locks.
Resource @ 0x813f66e8 Exclusively owned
Threads: 81473760-01<*>
KD: Scanning for held locks.
Resource @ 0x8146ef40 Shared 1 owning threads
Threads: 81472623-01<*> *** Actual Thread 81472620
KD: Scanning for held locks…
229 total locks, 4 locks currently held
kd> !locks -v 814824f4
Resource @ 0x814824f4 Exclusively owned
Contention Count = 2
NumberOfSharedWaiters = 1
Threads: 81473760-02<*>
THREAD 81473760 Cid 8.4 Teb: 00000000 Win32Thread: 00000000 WAIT:
(Executive) KernelMode Non-Alertable
f7422b98 NotificationEvent
IRP List:
813ace68: (0006,0190) Flags: 00000884 Mdl: 00000000
814543e8: (0006,0094) Flags: 00000000 Mdl: 00000000
Not impersonating
Owning Process 814739e0
Wait Start TickCount 863 Elapsed Ticks: 5774
Context Switch Count 770
UserTime 0:00:00.0000
KernelTime 0:00:06.0937
Start Address nt!IoWMISuggestInstanceName (0x8054aca6)
Stack Init f7424000 Current f74226c0 Base f7424000 Limit f7421000 Call
0
Priority 31 BasePriority 8 PriorityDecrement 0 DecrementCount 0
ChildEBP RetAddr Args to Child
f7422700 bfedf6d6 f7422b98 00000000 00000000 nt!RtlMoveMemory+0x136d
f74228d0 bfee1598 81462d28 81451148 813f6e08 Ntfs+0x16d6
f7422c58 bfee1dc2 81462d28 81451148 00000000 Ntfs+0x3598
f7422cc4 8041f54b 81482020 81451148 813f6cf8 Ntfs+0x3dc2
f7422cec 8043bd9d 813f6cf8 f7422d14 f7422d94
nt!IoBuildSynchronousFsdRequest+0x8f
f7422dac 8043ba52 e14c2040 e14c2044 00000019
nt!MmDisableModifiedWriteOfSection+0x914
f7422de8 80410f39 813f6dd4 e14c2040 00001000
nt!MmDisableModifiedWriteOfSection+0x5c9
f7422eac bff15345 813f6dd4 f7422f48 00001000 nt!CcFlushCache+0x353
f7422fb8 bff1570f e149b4e8 e14bebe8 e149b4e8
Ntfs!NtfsCreateInternalStreamCommon+0xb7ea
f7422fdc bff07b6b e149b4e8 e14bebe8 e149b4e8
Ntfs!NtfsCreateInternalStreamCommon+0xbbb4
f7423004 bff07a84 e149b4e8 ffffffff 7fffffff Ntfs!NtfsMapStream+0x7823
f7423050 bfef5c2f e1451088 ffffffff 7fffffff Ntfs!NtfsMapStream+0x773c
f7423130 bfef5998 81483b88 814820f0 00000001
Ntfs!NtfsRaiseStatus+0x110dd
f74231a8 bff02b12 81483b88 813ace68 81482020
Ntfs!NtfsRaiseStatus+0x10e46
f7423240 8041f54b 81482020 813ace68 813ace78 Ntfs!NtfsMapStream+0x27ca
f74233dc 8044e27e 8145a730 00000000 f7423488
nt!IoBuildSynchronousFsdRequest+0x8f
f7423448 804957ae 00000000 f7423500 00000040
nt!ObFindHandleForObject+0x5e3
f7423558 804a78b8 00000000 00000000 8149a000 nt!ObOpenObjectByName+0xb3
f742362c 804a361e f7423744 00120089 f7423724 nt!IoCreateFile+0x1ad
f742366c 80461691 f7423744 00120089 f7423724 nt!NtOpenFile+0x25
f742368c e10029b0 f7423700 f74236f4 00000000
nt!ExReleaseResourceForThread+0xbd5
f74236ac ffffffff f74236c0 80461604 00000000 +0xe10029b0
00000000 00000000 00000000 00000000 00000000 +0xffffffff
8144f900-01
THREAD 8144f900 Cid 8.58 Teb: 00000000 Win32Thread: 00000000 WAIT:
(Executive) KernelMode Non-Alertable
81341568 Semaphore Limit 0x7fffffff
8144f9e8 NotificationTimer
IRP List:
81344648: (0006,0190) Flags: 00000884 Mdl: 00000000
813414a8: (0006,0094) Flags: 00000000 Mdl: 00000000
Not impersonating
Owning Process 814739e0
Wait Start TickCount 6460 Elapsed Ticks: 177
Context Switch Count 37
UserTime 0:00:00.0000
KernelTime 0:00:06.0609
Start Address BackupEx!FilterThread (0xf741e2a0)
Stack Init f747c000 Current f747a938 Base f747c000 Limit f7479000 Call
0
Priority 16 BasePriority 8 PriorityDecrement 0 DecrementCount 0
ChildEBP RetAddr Args to Child
f747a978 80417148 81341568 00000000 00000000 nt!RtlMoveMemory+0x136d
f747a9b8 804167d4 81482da8 81482da8 f747ad54
nt!ExIsResourceAcquiredSharedLite+0x359
f747a9d0 8041670d 814824f4 81341568 f747acf4
nt!ExAcquireResourceSharedLite+0x10a
f747a9e0 bff00cea 814824f4 00000001 813447b4
nt!ExAcquireResourceSharedLite+0x43
f747acf4 bff029fd 81482da8 81344648 f747ad54 Ntfs!NtfsMapStream+0x9a2
f747ad94 8041f54b 81482020 81344648 81344658 Ntfs!NtfsMapStream+0x26b5
f747af30 8044e27e 8145a730 00000000 f747afdc
nt!IoBuildSynchronousFsdRequest+0x8f
f747af9c 804957ae 00000000 f747b000 00000040
nt!ObFindHandleForObject+0x5e3
f747b0ac 804a78b8 00000000 00000000 bff74000 nt!ObOpenObjectByName+0xb3
f747b180 804a361e f747b45c 00000020 f747b470 nt!IoCreateFile+0x1ad
f747b1c0 80461691 f747b45c 00000020 f747b470 nt!NtOpenFile+0x25
f747b1e0 00000000 00000000 00000000 00000000
nt!ExReleaseResourceForThread+0xbd5
1 total locks, 1 locks currently held
“Slava Imameyev” дÈëÏûÏ¢ÐÂÎÅ:xxxxx@ntdev…
> You are write.
> Are you calling ZwOpenFile on IRQL == PASSIVE_LEVEL?
> If you call ZwOpenFile on APC_LEVEL it may hang because APC are blocked.
>
> “Xu Ge” wrote in message news:xxxxx@ntdev…
>>I think that the os will mount the filesystem when i call ZwOpenFile,
>> Am i wrong ?
>>
>>
>> “Roman Kudinov” дÈëÏûÏ¢ÐÂÎÅ:xxxxx@ntdev…
>>> Probably Filesystem is not yet mounted when you call ZwOpenFile?
>>>
>>>
>>> “Xu Ge” ÓÏÏÂÝÉ?ÓÏÏÂÝÉÌÁ ?ÎÏ×ÏÓÔÑÈ ÓÌÅÄÕÀÝÅ?
>>> news:xxxxx@ntdev…
>>>> hi, all
>>>> i have a volume upper filter dirver based toaster filter driver,
>>>> which to handle the volume C 's read and write requests,
>>>> for other volumes i just passthru. and before the first
>>>> read and write request for volume C arrived, i try to use
>>>> ZwOpenFile to open a file belongs to other volume (eg: volume D),
>>>> but ZwOpenFile never return.
>>>>
>>>> so what am i doing wrong?
>>>>
>>>>
>>>>
>>>>
>>>
>>>
>>>
>>
>>
>>
>
>
>