Add a check to verify that the TopLevelIrp has not been completed. This
became necessary because on recent Windows kernels, IRP's can have "IRP
extensions", which are freed when an IRP is completed. This can trigger
a recursive CLOSE with a top-level IRP that has been completed, which
can bugcheck the system.
Case in point: the new (Win11) NtCopyFileChunk creates IRP's with
COPY_INFORMATION attached. Upon completion of such an IRP the
SourceFileObject is freed, which results in a recursive IRP_MJ_CLOSE
with a completed top-level IRP, which would lead to a BSOD.
A single line change in FspFsvolQueryDirectoryCopy fixes GitHub issue #475.
This commit also includes a test for detecting duplicate directory entries.
Credit for the investigation and reproduction of this issue goes to GitHub
user @hach-que.
In some rare cases and under load the mapped page writer's TopLevelIrp
may be trashed by some outside component (observed on Windows 10 1909).
For this reason remove an assertion that could trigger in debug builds.
If we have an fsvrt device, mount it via opening the volume.
This ensures that the fsvrt is mounted by the correct fsvol
device early on and remedies a rare case where NTFS crashes
the system when it attempts to mount our fsvrt.
Reference an fsvol device at CREATE time and dereference at CLOSE time,
to ensure that fsvol remains around for DeviceIoControl operations done
after CLEANUP.
DeleteFileW and RemoveDirectoryW in recent versions of Windows 10 have
been changed to perform a FileDispositionInformationEx with POSIX
semantics and if that fails to retry with FileDispositionInformation.
Unfortunately this is done even for legitimate error codes such as
STATUS_DIRECTORY_NOT_EMPTY.
This means that user mode file systems have to do unnecessary CanDelete
checks even when they support FileDispositionInformationEx. The extra
check incurs extra context switches, and in some cases it may also be
costly to compute (e.g. FUSE).
We optimize this away by storing the status of the last CanDelete check
in the FileDesc and then continue returning the same status code for
all checks for the same FileDesc.
