Details
-
Bug
-
Resolution: Fixed
-
Major
-
None
Description
This happens on testbot irregularly. I think this is an example, but not 100% sure if it's the same thing:
https://www.reactos.org/sites/all/modules/reactos/testman/detail.php?id=17273578&prev=17270874
My way to reproduce this is to have several concurrent instances of rosautotest run the various pipe tests (i.e. run the following batch file in 3-4 command prompts)
:a
|
rosautotest kernel32 pipe
|
rosautotest ntdll pipe
|
rosautotest rpcrt4
|
rosautotest kmtest NpfsReadWrite
|
rosautotest kmtest NpfsCreate
|
rosautotest kmtest NpfsConnect
|
goto a
|
Example backtrace:
kd> kp
|
ChildEBP RetAddr
|
f802da70 f87f645d npfs!IoSetCancelRoutine(struct _IRP * Irp = 0x0000002b, <function> * CancelRoutine = 0x00000000)+0xc [c:\ros\reactos-clean\reactos\include\ddk\wdm.h @ 13950]
|
f802daa0 f87fb3d5 npfs!NpRemoveDataQueueEntry(struct _NP_DATA_QUEUE * DataQueue = 0xe14adaa4, unsigned char Flag = 0x01 '', struct _LIST_ENTRY * List = 0xf802dba4 [ 0xf802dba4 - 0xf802dba4 ])+0x1cd [c:\ros\reactos-clean\reactos\drivers\filesystems\npfs\datasup.c @ 149]
|
f802db18 f87facb2 npfs!NpReadDataQueue(struct _NP_DATA_QUEUE * DataQueue = 0xe14adaa4, unsigned char Peek = 0x00 '', unsigned char ReadOverflowOperation = 0x00 '', void * Buffer = 0x0012f530, unsigned long BufferSize = 0x3ff, unsigned long Mode = 0, struct _NP_CCB * Ccb = 0xe14ada70, struct _LIST_ENTRY * List = 0xf802dba4 [ 0xf802dba4 - 0xf802dba4 ])+0x2b5 [c:\ros\reactos-clean\reactos\drivers\filesystems\npfs\readsup.c @ 129]
|
f802db7c f87faf32 npfs!NpCommonRead(struct _FILE_OBJECT * FileObject = 0xb1027170, void * Buffer = 0x0012f530, unsigned long BufferSize = 0x3ff, struct _IO_STATUS_BLOCK * IoStatus = 0xf802dbb4, struct _IRP * Irp = 0xb0f9ae90, struct _LIST_ENTRY * List = 0xf802dba4 [ 0xf802dba4 - 0xf802dba4 ])+0x1f2 [c:\ros\reactos-clean\reactos\drivers\filesystems\npfs\read.c @ 98]
|
f802dbc4 80485c30 npfs!NpFsdRead(struct _DEVICE_OBJECT * DeviceObject = 0xb124c398, struct _IRP * Irp = 0xb0f9ae90)+0xe2 [c:\ros\reactos-clean\reactos\drivers\filesystems\npfs\read.c @ 181]
|
f802dbec 8047b6ac nt!IofCallDriver(struct _DEVICE_OBJECT * DeviceObject = 0xb124c398, struct _IRP * Irp = 0xb0f9ae90)+0xc0 [c:\ros\reactos-clean\reactos\ntoskrnl\io\iomgr\irp.c @ 1204]
|
f802dc1c 8047ee1c nt!IopPerformSynchronousRequest(struct _DEVICE_OBJECT * DeviceObject = 0xb124c398, struct _IRP * Irp = 0xb0f9ae90, struct _FILE_OBJECT * FileObject = 0xb1027170, unsigned char Deferred = 0x01 '', char PreviousMode = 0n1 '', unsigned char SynchIo = 0x01 '', _IOP_TRANSFER_TYPE TransferType = IopReadTransfer (0))+0xdc [c:\ros\reactos-clean\reactos\ntoskrnl\io\iomgr\iofunc.c @ 135]
|
f802dce0 8053e729 nt!NtReadFile(void * FileHandle = 0x000005fc, void * Event = 0x00000000, <function> * ApcRoutine = 0x00000000, void * ApcContext = 0x00000000, struct _IO_STATUS_BLOCK * IoStatusBlock = 0x0012f398, void * Buffer = 0x0012f530, unsigned long Length = 0x3ff, union _LARGE_INTEGER * ByteOffset = 0x00000000, unsigned long * Key = 0x00000000)+0x5ac [c:\ros\reactos-clean\reactos\ntoskrnl\io\iomgr\iofunc.c @ 2392]
|
f802dd14 8053e23d nt!KiSystemCallTrampoline(void * Handler = 0x8047e870, void * Arguments = 0x0012f374, unsigned long StackBytes = 0x24)+0x19 [c:\ros\reactos-clean\reactos\ntoskrnl\include\internal\i386\ke.h @ 725]
|
f802dd5c 80403e03 nt!KiSystemServiceHandler(struct _KTRAP_FRAME * TrapFrame = 0xf802dd64, void * Arguments = 0x0012f374)+0x23d [c:\ros\reactos-clean\reactos\ntoskrnl\ke\i386\traphdlr.c @ 1707]
|
f802dd5c 7c92d01e nt!KiFastCallEntry+0x8c
|
0012f368 7c951cc9 ntdll!KiFastSystemCallRet
|
0012f36c 77db173e ntdll!NtReadFile+0xc
|
0012f3b4 0040d27a kernel32!ReadFile(void * hFile = 0x000005fc, void * lpBuffer = 0x0012f530, unsigned long nNumberOfBytesToRead = 0x3ff, unsigned long * lpNumberOfBytesRead = 0x0012fae0, struct _OVERLAPPED * lpOverlapped = 0x00000000)+0x18e [c:\ros\reactos-clean\reactos\dll\win32\kernel32\client\file\rw.c @ 203]
|
0012faf8 0040d874 rosautotest!CWineTest::RunTest(class CTestInfo * TestInfo = 0x0013f4a0)+0x1da [c:\ros\reactos-clean\reactos\modules\rostests\rosautotest\cwinetest.cpp @ 307]
|
0012fba8 0040f5c7 rosautotest!CWineTest::Run(void)+0x214 [c:\ros\reactos-clean\reactos\modules\rostests\rosautotest\cwinetest.cpp @ 374]
|
0012ff1c 00452dc5 rosautotest!wmain(int argc = 2, wchar_t ** argv = 0x0013abf8)+0x1f7 [c:\ros\reactos-clean\reactos\modules\rostests\rosautotest\main.cpp @ 81]
|
0012ffb4 00452b6f rosautotest!__tmainCRTStartup(void)+0x245 [c:\ros\reactos-clean\reactos\lib\sdk\crt\startup\crtexe.c @ 307]
|
0012ffc0 77d8ebd7 rosautotest!wmainCRTStartup(void)+0x1f [c:\ros\reactos-clean\reactos\lib\sdk\crt\startup\crtexe.c @ 196]
|
0012fff0 00000000 kernel32!BaseProcessStartup(<function> * lpStartAddress = 0x00452b50)+0x57 [c:\ros\reactos-clean\reactos\dll\win32\kernel32\client\proc.c @ 478]
|
kd> ?? QueueEntry
|
struct _NP_DATA_QUEUE_ENTRY * 0xb0fb2d68
|
+0x000 QueueEntry : _LIST_ENTRY [ 0xb0fb2d38 - 0xe14adaa4 ]
|
+0x008 DataEntryType : 0
|
+0x00c Irp : 0x0000002b _IRP
|
+0x010 QuotaInEntry : 0
|
+0x014 ClientSecurityContext : (null)
|
+0x018 DataSize : 1
|