Uploaded image for project: 'Core ReactOS'
  1. Core ReactOS
  2. CORE-13061

USBSTOR_SendIrp dosen't free the Irp->MdlAddress after USBSTOR_SendInquiryIrp or USBSTOR_SendFormatCapacityIrp request is completed.

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Major
    • Resolution: Fixed
    • Fix Version/s: 0.4.5
    • Component/s: USB
    • Labels:
    • Module:
    • Sprint:
      April 2017

      Description

      When USBSTOR_SendInquiryIrp or USBSTOR_SendFormatCapacityIrp is called, it use USBSTOR_SendIrp which allocates an IRP and a MDL for Request->DataBuffer and set Irp->MdlAddress with that MDL address.
      But before sending request for processing, USBSTOR_SendRequest will once again allocate a MDL for the buffer that represent the request, since this is not a SCSIOP_READ or a SCSIOP_WRITE command.
      When request is complete, the MDL allocated by SBSTOR_SendRequest will be freed. Normaly IoCompleteRequest should free the Irp->MdlAddress(if all completion routines are called), but since we resume processing the IRP(USBSTOR_CompletionRoutine will return STATUS_MORE_PROCESSING_REQUIRED) and after that we call IoFreeIrp on the request IRP for which documentation says that does't free any IRP MDL, the MDL never get released.

      Also I attached a patch as a possible fix.

      Any suggestions?.

        Attachments

          Activity

            People

            • Assignee:
              ThFabba Thomas Faber
              Reporter:
              reactcoder Lesan Ilie
            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: