[NTOSKRNL] Map the VACB in kernel space before inserting it in lists.
authorPierre Schweitzer <pierre@reactos.org>
Sun, 8 Apr 2018 16:45:38 +0000 (18:45 +0200)
committerPierre Schweitzer <pierre@reactos.org>
Sun, 15 Apr 2018 20:52:53 +0000 (22:52 +0200)
The avoids race conditions where attempts to read from disk to
not fully initialized VACB were performed.
Also, added more debug prints in such situations.

CORE-14349

ntoskrnl/cc/copy.c
ntoskrnl/cc/view.c

index c39b214..a70e0ab 100644 (file)
@@ -110,6 +110,7 @@ CcReadVirtualAddress (
     _SEH2_EXCEPT (EXCEPTION_EXECUTE_HANDLER)
     {
         Status = _SEH2_GetExceptionCode();
+        DPRINT1("MmProbeAndLockPages failed with: %lx for %p (%p, %p)\n", Status, Mdl, Vacb, Vacb->BaseAddress);
         KeBugCheck(CACHE_MANAGER);
     } _SEH2_END;
 
@@ -186,6 +187,7 @@ CcWriteVirtualAddress (
     _SEH2_EXCEPT (EXCEPTION_EXECUTE_HANDLER)
     {
         Status = _SEH2_GetExceptionCode();
+        DPRINT1("MmProbeAndLockPages failed with: %lx for %p (%p, %p)\n", Status, Mdl, Vacb, Vacb->BaseAddress);
         KeBugCheck(CACHE_MANAGER);
     } _SEH2_END;
 
index c835a03..1ec4c35 100644 (file)
@@ -752,6 +752,17 @@ CcRosCreateVacb (
     InitializeListHead(&current->CacheMapVacbListEntry);
     InitializeListHead(&current->DirtyVacbListEntry);
     InitializeListHead(&current->VacbLruListEntry);
+
+    CcRosVacbIncRefCount(current);
+
+    Status = CcRosMapVacbInKernelSpace(current);
+    if (!NT_SUCCESS(Status))
+    {
+        CcRosVacbDecRefCount(current);
+        ExFreeToNPagedLookasideList(&VacbLookasideList, current);
+        return Status;
+    }
+
     CcRosAcquireVacbLock(current, NULL);
     KeAcquireGuardedMutex(&ViewLock);
 
@@ -784,9 +795,10 @@ CcRosCreateVacb (
                         current);
             }
 #endif
+            CcRosVacbDecRefCount(*Vacb);
             CcRosReleaseVacbLock(*Vacb);
             KeReleaseGuardedMutex(&ViewLock);
-            ExFreeToNPagedLookasideList(&VacbLookasideList, *Vacb);
+            CcRosInternalFreeVacb(*Vacb);
             *Vacb = current;
             CcRosAcquireVacbLock(current, NULL);
             return STATUS_SUCCESS;
@@ -813,7 +825,6 @@ CcRosCreateVacb (
     }
     KeReleaseSpinLock(&SharedCacheMap->CacheMapLock, oldIrql);
     InsertTailList(&VacbLruListHead, &current->VacbLruListEntry);
-    CcRosVacbIncRefCount(current);
     KeReleaseGuardedMutex(&ViewLock);
 
     MI_SET_USAGE(MI_USAGE_CACHE);
@@ -838,17 +849,6 @@ CcRosCreateVacb (
     /* Reference it to allow release */
     CcRosVacbIncRefCount(current);
 
-    Status = CcRosMapVacbInKernelSpace(current);
-    if (!NT_SUCCESS(Status))
-    {
-        RemoveEntryList(&current->CacheMapVacbListEntry);
-        RemoveEntryList(&current->VacbLruListEntry);
-        CcRosReleaseVacb(SharedCacheMap, current, FALSE,
-                         FALSE, FALSE);
-        CcRosVacbDecRefCount(current);
-        ExFreeToNPagedLookasideList(&VacbLookasideList, current);
-    }
-
     return Status;
 }