[Carlbyte]

I'm dealing with a few issues about writing data to file. Some doubts arose about ZwFlushBuffersFile function. Which is the case when to use this? If I use the sequence of functions below is not enough? I read the documentation from microsoft but it was not clear enough.

Openfile (file ... writefile (file ... closefile (file ...

Thanks

[EP_X0FF]

http://msdn.microsoft.com/en-us/library ... s.85).aspx

see Remarks for a detailed description how it works.

I'm dealing with a few issues about writing data to file. Some doubts arose about ZwFlushBuffersFile function. Which is the case when to use this? If I use the sequence of functions below is not enough? I read the documentation from microsoft but it was not clear enough.

Openfile (file ... writefile (file ... closefile (file ...

Thanks

[Carlbyte]

Thanks..

I have a question that when I call the function ZwWriteFile and then I need to call the function again this occurring BSOD.

IF NT_SUCCESS (ZwWriteFile ()) THEN
ZwWriteFile ()

CreateFile with flags FILE_WRITE_DATA | FILE_READ_DATA

Access without syncing because I have several threads reading data in this file.

I thought in flushbuffers, but do not know if it is the case. Anyone with any tips?

[Vrtule]

I think it would be best to look at your code directly.

[Carlbyte]

if I disable the second ZwWriteFile the bsod does not occur. The error does not occur when I install the driver, the code works normally. But when I restart the computer, so the system loads the driver, BSOD occurs.

[Vrtule]

Well, I still think it would be more effective to look at your code. For now, we can only have some ideas why you are encountering the BSOD. Personally, I think you are passing an invalid buffer to one of the function parameters. Maybe, the buffer is not strictly invalid but it might be sometimes.

[EP_X0FF]

!analyze -v over your minidump after BSOD and post here.

[Carlbyte]

The error is PAGE_FAULT_IN_NONPAGED_AREA, but I think the error is being caused by some other factor. The input buffer in this case is a local variable of the function that calls ZwWriteFile. Was experiencing the same problem with ZwReadFile function and the problem was only solved when I used WaitForSingleObject, so the question flushbuffer.

The purpose of this post is whether missing something about parameters / calls for writing to file.

Anyway, thanks for the help

[Vrtule]

Remember that if you are doing an asynchronous read/write (or other operation that uses buffers for input/output) the buffer(s) usually must remain valid until the operation completes (not until the function initiating the asynchronous operation returns, this is usually not sufficient).

[Carlbyte]

this may be a possibility, so a local variable can generate such a bsod.

It's a good chance ... still checking !!!

Thanks