Uploaded image for project: 'Core ReactOS'
  1. Core ReactOS
  2. CORE-16370

[ShellBtrfs] MountMgrCleanup(): Page fault at high IRQL was 2, address 19

    XMLWordPrintable

Details

    Description

      reactos-bootcd-0.4.13-dev-1072-geaf24cc-x86-gcc-lin-dbg

      1. Install ReactOS on a Btrfs partition.
      2. Open Drive C properties.
      3. Click 'Btrfs > Devices... > Add devices...'.
      3r. Crash.

      ReactOS includes ShellBtrfs v1.1 currently.

      Reproduced with upstream v1.4 binaries (driver and shellext).
      Plus, same crash clicking new 'Btrfs > Change drive letter...'.

      I don't know whether ShellBtrfs is somewhat a culprit or a trigger only.

      (ntoskrnl/mm/mmfault.c:122) Page fault at high IRQL was 2, address 19
      		 
      [7h
      		 
      Entered debugger on last-chance exception (Exception Code: 0xc0000006) (Unknown/User defined exception)
      		 
      kdb:> bt
      		 
      Eip:
      		 
      * <mountmgr.sys:b016 (drivers/filters/mountmgr/mountmgr.c:1743 (MountMgrCleanup))>
      		 
      Frames:
      		 
      * <ntoskrnl.exe:72750 (ntoskrnl/io/iomgr/irp.c:1286 (IofCallDriver))>
      		 
      Couldn't access memory at 0xFCC93BD8!

      NB: first-chance crashes at the same place.

      https://git.reactos.org/?p=reactos.git;a=blob;f=drivers/filters/mountmgr/mountmgr.c;hb=HEAD#l1737

      1710 MountMgrCleanup(IN PDEVICE_OBJECT DeviceObject,
      		 
      ...
      		 
      1738     /* Otherwise, cancel all the IRPs */
      		 
      1739     NextEntry = &(DeviceExtension->IrpListHead);
      		 
      1740     do
      		 
      1741     {
      		 
      1742         ListIrp = CONTAINING_RECORD(NextEntry, IRP, Tail.Overlay.ListEntry);
      		 
      1743         if (IoGetCurrentIrpStackLocation(ListIrp)->FileObject == FileObject)
      		 
      1744         {
      		 
      1745             ListIrp->Cancel = TRUE;
      		 
      1746             ListIrp->CancelIrql = OldIrql;
      		 
      1747             ListIrp->CancelRoutine = NULL;
      		 
      1748             MountMgrCancel(DeviceObject, ListIrp);
      		 
      1749 
      1750             IoAcquireCancelSpinLock(&OldIrql);
      		 
      1751         }
      		 
      1752 
      1753         NextEntry = NextEntry->Flink;
      		 
      1754     }
      		 
      1755     while (NextEntry != &(DeviceExtension->IrpListHead));

      Attachments

        Activity

          People

            Heis Spiter Pierre Schweitzer
            Serge Gautherie Serge Gautherie
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: