BUG: Calling IoDeleteDevice May Unexpectedly Unload DriverID: Q216308
|
If a Windows 98 WDM driver's AddDevice routine calls IoCreateDevice followed by IoDeleteDevice, the driver may be unloaded unexpectedly and the memory freed, all before the AddDevice routine finishes execution. This could theoretically allow another thread to prematurely overwrite the driver's memory, causing potential system instability.
Calling IoDeleteDevice results in Ntkern.vxd unloading the driver if the driver's reference count is 0 (zero) and no other threads are in the process of unloading it.
As a workaround, it may be possible to restructure the driver's AddDevice routine so that it does not create the Device Object unnecessarily, thereby avoiding the IoDeleteDevice call.
Rather than calling IoDeleteDevice, the AddDevice routine can return a failure code if necessary. Device Manager will show the device as having an error, but this should not cause a memory leak.
Also, it is safe for the driver to call IoDeleteDevice within an IRP_MN_REMOVE_DEVICE handler.
Microsoft has confirmed this to be a problem in the Microsoft products listed at the beginning of this article. This problem has been fixed for future versions of Windows 98.
See the Windows 98 DDK for more information on IoCreateDevice, IoDeleteDevice, and WDM drivers.
Keywords : kbDDK kbWinOS98bug
Version : Win98:
Platform : Win98
Issue type : kbbug Last Reviewed: March 6, 1999