windows - blue screen error: DRIVER_RETURNED_HOLDING_CANCEL_LOCK -

i write driver in windows 7. , use pedding irp send event application driver. key code like:

pirp peddingirp;  ...  void ptdrivercancelirp(in pdevice_object deviceobject, in pirp irp )  {      unreferenced_parameter(deviceobject);      kdprint(( "[wenz] user message cancel irp....\n" ));      if ( irp == peddingirp)         peddingirp = null;       irp->iostatus.status = status_cancelled;      irp->iostatus.information = 0;      iocompleterequest(irp,io_no_increment);  }  ...  ntstatus devicecontrol( pdevice_object deviceobject, pirp irp ) {     ...     switch ( irpsp->parameters.deviceiocontrol.iocontrolcode )     {         ...     case ioctl_notify_state:     irp->iostatus.information = 0;     irp->iostatus.status = status_pending;     iomarkirppending(irp);      peddingirp = irp;         iosetcancelroutine(irp, ptdrivercancelirp);      return status_pending;         ...     }     ... } 

it works when event notify application. when uninstall driver, blue screen error occurs: driver has returnned cancellation call holding global cancel lock. error code id 0x011b. use windbg trace it, , trace happens in "ptdrivercancelirp" function.

dose lock relaoted error? don't know why? how fix it?

p.s. driver no error in windows xp

a cancel routine responsible release cancel spinlock. use ioreleasecancelspinlock that.

void ptdrivercancelirp(in pdevice_object deviceobject, in pirp irp )  {      unreferenced_parameter(deviceobject);      kdprint(( "[wenz] user message cancel irp....\n" ));      if ( irp == peddingirp)         peddingirp = null;       ioreleasecancelspinlock(); // release cancel spinlock      irp->iostatus.status = status_cancelled;      irp->iostatus.information = 0;      iocompleterequest(irp,io_no_increment);  }