https://www.reactos.org/forum/viewtopic.php?f=2&t=19396
In it ThFabba talked about how IRPs are asynchronous.
Now I'm not entirely sure if everything in this quote is relevant to this post, but I think the asynchronous part is very relevant.ThFabba wrote: ↑Fri Dec 20, 2019 6:02 pm ......
- IRPs are asynchronous in nature and sometimes they're processed in less-than-obvious ways. For example it's possible for the owner of an IRP to set a completion routine that re-uses the same structure for a completely different operation. In a case like this you may see an initial call to IoCallDriver followed by request completion via IoCompleteRequest -- which then calls the completion routine and initiates another operation by calling IoCallDriver again.
I believe this may be the case for a specific thing I'm looking for. DeviceObject->Flags changes in a way that I think it shouldn't. However, I don't know for certain, because I'm unable to see where it is being modified. This is the bug I filed on Jira CORE-16362, but I want to know how I can find the source of the problem myself and I'm hitting a bit of a wall. A certain piece of memory seems to be being altered somewhere within the code in a way that completely halts progress, but the usually very helpful DPRINT1 statements have been less helpful at this point.
drivers/filesystem/cdfs/deviosup.c
in the function
Code: Select all
_Requires_lock_held_(_Global_critical_region_)
BOOLEAN
CdReadDirDataThroughCache (
_In_ PIRP_CONTEXT IrpContext,
_In_ PIO_RUN Run
)
Code: Select all
if (STATUS_PENDING == Status) {
DPRINT1("CdReadDirDataThroughCache Vcb->TargetDeviceObject->Flags before: %I64x\n", Vcb->TargetDeviceObject->Flags);
(VOID)KeWaitForSingleObject( &Vcb->SectorCacheEvent,
Executive,
KernelMode,
FALSE,
NULL );
DPRINT1("CdReadDirDataThroughCache Vcb->TargetDeviceObject->Flags after: %I64x\n", Vcb->TargetDeviceObject->Flags);
if ((Vcb->TargetDeviceObject->Flags & DO_VERIFY_VOLUME) == 2)
{
Vcb->TargetDeviceObject->Flags -= DO_VERIFY_VOLUME;
}
Status = Vcb->SectorCacheIrp->IoStatus.Status;
}
This is when I run it on real hardware.
Here's the short version:
Code: Select all
(drivers/filesystems/cdfs/deviosup.c:2797) CdReadDirDataThroughCache DeviceObject->Flags before: b49c1d3800000150
(drivers/filesystems/cdfs/deviosup.c:2804) CdReadDirDataThroughCache DeviceObject->Flags after: 152
Code: Select all
(drivers/filesystems/cdfs/deviosup.c:2797) 71 CdReadDirDataThroughCache DeviceObject->Flags: b49c1d3800000150
(ntoskrnl/io/iomgr/file.c:2595) FileName: \Device\MountPointManager
(ntoskrnl/io/iomgr/file.c:359) ParseObject: B4A6DBF8. RemainingName:
(ntoskrnl/io/iomgr/file.c:999) Before IoCallDriver
(ntoskrnl/io/iomgr/irp.c:1265) irp.c start DeviceObject->Flags: f75fc84c00000840
(ntoskrnl/io/iomgr/irp.c:1271) irp.c 0 DeviceObject->Flags: f75fc84c00000840
(ntoskrnl/io/iomgr/irp.c:1275) irp.c 1 DeviceObject->Flags: f75fc84c00000840
(ntoskrnl/io/iomgr/irp.c:1279) irp.c 2 DeviceObject->Flags: f75fc84c00000840
(ntoskrnl/io/iomgr/irp.c:1288) irp.c 5 DeviceObject->Flags: f75fc84c00000840
(ntoskrnl/io/iomgr/irp.c:1291) irp.c 6 DeviceObject->Flags: f75fc84c00000840
(ntoskrnl/io/iomgr/irp.c:1293) irp.c 7 DeviceObject->Flags: f75fc84c00000840
(ntoskrnl/io/iomgr/irp.c:1299) irp.c end DeviceObject->Flags: f75fc84c00000840
(ntoskrnl/io/iomgr/irp.c:1300) DeviceObject: B4A6DBF8
(ntoskrnl/io/iomgr/irp.c:1301) Irp: B4CAE4E8
(ntoskrnl/io/iomgr/irp.c:1302) DriverObject->MajorFunction: b4cd11a0
(ntoskrnl/io/iomgr/irp.c:1303) StackPtr->MajorFunction: 0
(ntoskrnl/io/iomgr/irp.c:1348) IofCompleteRequest()
(ntoskrnl/io/iomgr/file.c:1002) After IoCallDriver
(ntoskrnl/io/iomgr/file.c:1067) file.c something something who knows
(ntoskrnl/io/iomgr/file.c:2205) ObjectBody: B4CB69C0
(ntoskrnl/io/iomgr/file.c:2333) 3 file
(ntoskrnl/io/iomgr/irp.c:1265) irp.c start DeviceObject->Flags: f75fca3800000840
(ntoskrnl/io/iomgr/irp.c:1271) irp.c 0 DeviceObject->Flags: f75fca3800000840
(ntoskrnl/io/iomgr/irp.c:1275) irp.c 1 DeviceObject->Flags: f75fca3800000840
(ntoskrnl/io/iomgr/irp.c:1279) irp.c 2 DeviceObject->Flags: f75fca3800000840
(ntoskrnl/io/iomgr/irp.c:1288) irp.c 5 DeviceObject->Flags: f75fca3800000840
(ntoskrnl/io/iomgr/irp.c:1291) irp.c 6 DeviceObject->Flags: f75fca3800000840
(ntoskrnl/io/iomgr/irp.c:1293) irp.c 7 DeviceObject->Flags: f75fca3800000840
(ntoskrnl/io/iomgr/irp.c:1299) irp.c end DeviceObject->Flags: f75fca3800000840
(ntoskrnl/io/iomgr/irp.c:1300) DeviceObject: B4A6DBF8
(ntoskrnl/io/iomgr/irp.c:1301) Irp: B4CAE4E8
(ntoskrnl/io/iomgr/irp.c:1302) DriverObject->MajorFunction: b4cd11a0
(ntoskrnl/io/iomgr/irp.c:1303) StackPtr->MajorFunction: 12
(ntoskrnl/io/iomgr/irp.c:1348) IofCompleteRequest()
(ntoskrnl/io/iomgr/irp.c:1265) irp.c start DeviceObject->Flags: f75fcca400000840
(ntoskrnl/io/iomgr/irp.c:1271) irp.c 0 DeviceObject->Flags: f75fcca400000840
(ntoskrnl/io/iomgr/irp.c:1275) irp.c 1 DeviceObject->Flags: f75fcca400000840
(ntoskrnl/io/iomgr/irp.c:1279) irp.c 2 DeviceObject->Flags: f75fcca400000840
(ntoskrnl/io/iomgr/irp.c:1288) irp.c 5 DeviceObject->Flags: f75fcca400000840
(ntoskrnl/io/iomgr/irp.c:1291) irp.c 6 DeviceObject->Flags: f75fcca400000840
(ntoskrnl/io/iomgr/irp.c:1293) irp.c 7 DeviceObject->Flags: f75fcca400000840
(ntoskrnl/io/iomgr/irp.c:1299) irp.c end DeviceObject->Flags: f75fcca400000840
(ntoskrnl/io/iomgr/irp.c:1300) DeviceObject: B4A6DBF8
(ntoskrnl/io/iomgr/irp.c:1301) Irp: B4CAE4E8
(ntoskrnl/io/iomgr/irp.c:1302) DriverObject->MajorFunction: b4cd11a0
(ntoskrnl/io/iomgr/irp.c:1303) StackPtr->MajorFunction: e
(ntoskrnl/io/iomgr/irp.c:1348) IofCompleteRequest()
(ntoskrnl/io/iomgr/irp.c:1265) irp.c start DeviceObject->Flags: 840
(ntoskrnl/io/iomgr/irp.c:1271) irp.c 0 DeviceObject->Flags: 840
(ntoskrnl/io/iomgr/irp.c:1275) irp.c 1 DeviceObject->Flags: 840
(ntoskrnl/io/iomgr/irp.c:1279) irp.c 2 DeviceObject->Flags: 840
(ntoskrnl/io/iomgr/irp.c:1288) irp.c 5 DeviceObject->Flags: 840
(ntoskrnl/io/iomgr/irp.c:1291) irp.c 6 DeviceObject->Flags: 840
(ntoskrnl/io/iomgr/irp.c:1293) irp.c 7 DeviceObject->Flags: 840
(ntoskrnl/io/iomgr/irp.c:1299) irp.c end DeviceObject->Flags: 840
(ntoskrnl/io/iomgr/irp.c:1300) DeviceObject: B4A6DBF8
(ntoskrnl/io/iomgr/irp.c:1301) Irp: B4CAE4E8
(ntoskrnl/io/iomgr/irp.c:1302) DriverObject->MajorFunction: b4cd11a0
(ntoskrnl/io/iomgr/irp.c:1303) StackPtr->MajorFunction: e
(ntoskrnl/io/iomgr/irp.c:1348) IofCompleteRequest()
(ntoskrnl/io/iomgr/irp.c:1265) irp.c start DeviceObject->Flags: 80a1206000000840
(ntoskrnl/io/iomgr/irp.c:1271) irp.c 0 DeviceObject->Flags: 80a1206000000840
(ntoskrnl/io/iomgr/irp.c:1275) irp.c 1 DeviceObject->Flags: 80a1206000000840
(ntoskrnl/io/iomgr/irp.c:1279) irp.c 2 DeviceObject->Flags: 80a1206000000840
(ntoskrnl/io/iomgr/irp.c:1288) irp.c 5 DeviceObject->Flags: 80a1206000000840
(ntoskrnl/io/iomgr/irp.c:1291) irp.c 6 DeviceObject->Flags: 80a1206000000840
(ntoskrnl/io/iomgr/irp.c:1293) irp.c 7 DeviceObject->Flags: 80a1206000000840
(ntoskrnl/io/iomgr/irp.c:1299) irp.c end DeviceObject->Flags: 80a1206000000840
(ntoskrnl/io/iomgr/irp.c:1300) DeviceObject: B4A6DBF8
(ntoskrnl/io/iomgr/irp.c:1301) Irp: B4CAE4E8
(ntoskrnl/io/iomgr/irp.c:1302) DriverObject->MajorFunction: b4cd11a0
(ntoskrnl/io/iomgr/irp.c:1303) StackPtr->MajorFunction: e
(ntoskrnl/io/iomgr/irp.c:1348) IofCompleteRequest()
(ntoskrnl/io/iomgr/irp.c:1265) irp.c start DeviceObject->Flags: b4cd080800000840
(ntoskrnl/io/iomgr/irp.c:1271) irp.c 0 DeviceObject->Flags: b4cd080800000840
(ntoskrnl/io/iomgr/irp.c:1275) irp.c 1 DeviceObject->Flags: b4cd080800000840
(ntoskrnl/io/iomgr/irp.c:1279) irp.c 2 DeviceObject->Flags: b4cd080800000840
(ntoskrnl/io/iomgr/irp.c:1288) irp.c 5 DeviceObject->Flags: b4cd080800000840
(ntoskrnl/io/iomgr/irp.c:1291) irp.c 6 DeviceObject->Flags: b4cd080800000840
(ntoskrnl/io/iomgr/irp.c:1293) irp.c 7 DeviceObject->Flags: b4cd080800000840
(ntoskrnl/io/iomgr/irp.c:1299) irp.c end DeviceObject->Flags: b4cd080800000840
(ntoskrnl/io/iomgr/irp.c:1300) DeviceObject: B4A6DBF8
(ntoskrnl/io/iomgr/irp.c:1301) Irp: B4CAE4E8
(ntoskrnl/io/iomgr/irp.c:1302) DriverObject->MajorFunction: b4cd11a0
(ntoskrnl/io/iomgr/irp.c:1303) StackPtr->MajorFunction: e
(ntoskrnl/io/iomgr/irp.c:1348) IofCompleteRequest()
(ntoskrnl/io/iomgr/irp.c:1265) irp.c start DeviceObject->Flags: 100000050
(ntoskrnl/io/iomgr/irp.c:1271) irp.c 0 DeviceObject->Flags: 100000050
(ntoskrnl/io/iomgr/irp.c:1275) irp.c 1 DeviceObject->Flags: 100000050
(ntoskrnl/io/iomgr/irp.c:1279) irp.c 2 DeviceObject->Flags: 100000050
(ntoskrnl/io/iomgr/irp.c:1288) irp.c 5 DeviceObject->Flags: 100000050
(ntoskrnl/io/iomgr/irp.c:1291) irp.c 6 DeviceObject->Flags: 100000050
(ntoskrnl/io/iomgr/irp.c:1293) irp.c 7 DeviceObject->Flags: 100000050
(ntoskrnl/io/iomgr/irp.c:1299) irp.c end DeviceObject->Flags: 100000050
(ntoskrnl/io/iomgr/irp.c:1300) DeviceObject: B4A48038
(ntoskrnl/io/iomgr/irp.c:1301) Irp: B49C21F0
(ntoskrnl/io/iomgr/irp.c:1302) DriverObject->MajorFunction: b4ccfd10
(ntoskrnl/io/iomgr/irp.c:1303) StackPtr->MajorFunction: f
(drivers/storage/port/scsiport/scsiport.c:2572) ScsiPortDispatchScsi(DeviceObject B4A48038 Irp B49C21F0)
(drivers/storage/port/scsiport/scsiport.c:2574) 0 DeviceObject->Flags: b49c21f000000050
(ntoskrnl/io/iomgr/irp.c:1348) IofCompleteRequest()
(drivers/storage/port/scsiport/scsiport.c:2825) 1 DeviceObject->Flags: b49c21f000000050
(drivers/filesystems/cdfs/deviosup.c:2804) 72 CdReadDirDataThroughCache DeviceObject->Flags: 152