I’m calling FltQueryInformationFile in PreWrite of a minifilter like this:
if (!(Data->Iopb->IrpFlags & IRP_PAGING_IO) &&
IoGetTopLevelIrp() == NULL &&
PASSIVE_LEVEL == KeGetCurrentIrql())
{
FltQueryInformationFile();
}
else
{
QueueFltQuery();
}
QueueFltQuery()
{
pPreWriteCxt->PopulateCompleteEvent = &PopulateCompleteEvent;
FltQueueGenericWorkItem(WorkerRoutine, pPreWriteCxt);
KeWaitForSingleObject( &PopulateCompleteEvent)
}
WorkerRoutine()
{
…
KeSetEvent(pPreWriteCxt->PopulateCompleteEvent);
}
This deadlocks at times when queuing is done. The stack shows that Prewrite thread (QueueFltQuery()) is waiting on the event and the WorkerRoutine waits on a system resource which is held by PreWrite.
Is there a way to safely call FltQueryInformationFile in PreWrite? I know that one should call such functions in CREATE path, but if you are loaded after boot is there a way out?
Sajeev
No one seems to be answering - is it because this topic is beaten to death before? I couldn’t find any solution for this problem in the archives.
Sajeev
You’ve learned you can’t do the query in your current thread. So, now you’ve
learned, that your current thread can’t queue the query to another thread,
and wait for the other thread to complete the query. You might like to have
a little think about when the reason for the second approach to deadlock is
the same as the reason for the first approach to deadlock.
wrote in message news:xxxxx@ntfsd…
> I’m calling FltQueryInformationFile in PreWrite of a minifilter like this:
>
> if (!(Data->Iopb->IrpFlags & IRP_PAGING_IO) &&
> IoGetTopLevelIrp() == NULL &&
> PASSIVE_LEVEL == KeGetCurrentIrql())
> {
> FltQueryInformationFile();
> }
> else
> {
> QueueFltQuery();
> }
>
> QueueFltQuery()
> {
> pPreWriteCxt->PopulateCompleteEvent = &PopulateCompleteEvent;
> FltQueueGenericWorkItem(WorkerRoutine, pPreWriteCxt);
> KeWaitForSingleObject( &PopulateCompleteEvent)
> }
>
> WorkerRoutine()
> {
> …
> KeSetEvent(pPreWriteCxt->PopulateCompleteEvent);
> }
>
> This deadlocks at times when queuing is done. The stack shows that
> Prewrite thread (QueueFltQuery()) is waiting on the event and the
> WorkerRoutine waits on a system resource which is held by PreWrite.
>
> Is there a way to safely call FltQueryInformationFile in PreWrite? I know
> that one should call such functions in CREATE path, but if you are loaded
> after boot is there a way out?
>
> Sajeev
>
Lyndon,
By queuing at the least I will be able to acquire locks if required which might not be possible inplace. I agree that if there are some fs locks being held by the caller then it won’t help even if I queue.
I know it will work if I don’t wait, but I need the fileId in PostWrite. Any suggestions?
Sajeev