I'm getting a DRIVER_VERIFIER_IOMANAGER_VIOLATION, trying to restart a Volume that has Volume Shadow copies as Child Devnodes. The error is the following:
DRIVER_VERIFIER_IOMANAGER_VIOLATION (c9)
The IO manager has caught a misbehaving driver.
Arguments:
Arg1: 0000000000000221, An IRP dispatch handler for a PDO has deleted its device object, but the
hardware has not been reported as missing in a bus relations query.
Arg2: fffff801521546b0, The address in the driver's code where the error was detected.
Arg3: ffffd503fac7ec60, IRP address.
Arg4: ffffd503ce1472c0, Device object address.
This only happens when verifying all drivers (ViVerifyAllDrivers set to true). Is trivial to reproduce by creating a Volume Shadow copy in a Removable device and using pnputil to restart the Volume.
From what I've been able to find online about this issue I've seen some people asking about it, being the most interesting the following thread:
https://social.msdn.microsoft.com/Forums/en-US/dfb8aca9-2e7b-4d7a-a221-aeb3cd5ca932/bsod-in-volsnapsys-during-sleep-and-pnp-disable-and-enable-with-io-before-and-after?forum=whck
In that thread the main answer mentions this is a known issue on Win8, I'm wondering if I'm facing the same issue. If that's the case will these be solved at some point, I'm running Win11 21H2 Build 22000.675.
----------
Technical Notes
The problem seems to be related with how the Volume Shadow Devnode is created with just having only a PDO in the DevStack. This seems to make the Stack not to be properly marked in function PipCallDriverAddDevice -- Call to IovUtilMarkStack doesn't set flag 0x10000000 -- This plays a role later on function IovpCallDriver1 when the DeviceObject and DevStack are checked to see if they are marked when IRP_MJ_PNP and IRP_MN_REMOVE_DEVICE. Specially the fact that IovUtilIsInFdoStack returns FALSE which in turn won't set flag 0x10000000 in the VFCallDriverData. Again, this plays a role later after the IRP is processed and the DeviceObject is marked as Deleted -- Seems to be flag 0x4000000 in DeviceObjectExtension flags -- in the VF post processing, function IovpCallDriver2 since flag 0x10000000 was not set in the VFCallDriverData it will enter in a branch where the function seems to check if the LowerDeviceObject matches the DeviceObject the IRP was the target of. And since they match -- Only one device in the Volume Shadow Devstack -- and flag 0x4000000 was set in the VfIoDeleteDevice then the Bugcheck 0x221 will be reported.
Of course, I might be mistaken in many aspects here since I don't know the internals. But that's what I can see that's causing this issue.
Best Regards,
n4r1B
