FS unavailability and BSOD after waking from hibernation using a Micro SD formatted in btrfs in win 11

[felipejfc]

So I have win handheld device (Rog Ally), that has a built in pci-e card reader, to which I plugged a micro sd formatted in btrfs so that I access it from both windows and Linux. Usage on Linux is perfect. In windows 11, whenever the device hibernates with the micro sd plugged in, after waking it, it will be impossible to use explorer. If when it's hanging like that I pull out the micro sd card, then a BSOD will happen.

Additional info:

• if I put the device to hibernate with the micro sd on, remove the micro sd and then wake the device, it will BSOD right after boot.
• after a clean reboot cycle, everything will come back to work normally

[maharmstone]

Can you send a minidump of the BSOD please?

[felipejfc]

Sure! Sent 3, I think all of them are related to this same BSOD that I'm describing. Here

[maharmstone]

Thanks. The first two dumps are the same issue:

IRQL_NOT_LESS_OR_EQUAL (a)
An attempt was made to access a pageable (or completely invalid) address at an
interrupt request level (IRQL) that is too high.  This is usually
caused by drivers using improper addresses.
If a kernel debugger is available get the stack backtrace.
Arguments:
Arg1: 0000000000000010, memory referenced
Arg2: 0000000000000002, IRQL
Arg3: 0000000000000000, bitfield :
    bit 0 : value 0 = read operation, 1 = write operation
    bit 3 : value 0 = not an execute operation, 1 = execute operation (only on chips which support this level of status)
Arg4: fffff803560ca8e1, address which referenced memory

ffff8d8d`1342e728 fffff806`2ba418a9     : 00000000`0000000a 00000000`00000010 00000000`00000002 00000000`00000000 : nt!KeBugCheckEx
ffff8d8d`1342e730 fffff806`2ba3cf34     : 00000000`00000000 fffff806`2b8939c9 ffff920e`c3a02380 00000000`000000ff : nt!KiBugCheckDispatch+0x69
ffff8d8d`1342e870 fffff806`2b8ca8e1     : 00000000`00000000 ffff920e`c9bd8d90 ffff920e`c95a6d40 ffff920e`c9bd8d90 : nt!KiPageFault+0x474
ffff8d8d`1342ea00 fffff806`2b8ca9e5     : 00000000`00000000 ffff920e`c9bd8d90 ffff920e`e6d07040 00000000`00000000 : nt!IopInsertRemoveDevice+0x5d
ffff8d8d`1342ea30 fffff806`2b888ba5     : 00000000`00000000 fffff806`2b892400 ffff920e`c95a6d40 fffff806`2b888023 : nt!IopCompleteUnloadOrDelete+0x99
ffff8d8d`1342eaf0 fffff806`2bca28d2     : ffff920e`cd149b50 ffff920e`dd9e2ac0 00000000`00000000 ffff920e`e92f3a20 : nt!IopDecrementDeviceObjectRef+0x165
ffff8d8d`1342eb40 fffff806`2bcb68be     : ffff920e`c42252a0 ffff920e`cd149b20 ffff920e`cd149b20 ffff8d8d`1342ed19 : nt!IopDeleteFile+0x1c2
ffff8d8d`1342ebc0 fffff806`2b891e27     : 00000000`00000000 00000000`00000000 ffff8d8d`1342ed19 ffff920e`cd149b50 : nt!ObpRemoveObjectRoutine+0x7e
ffff8d8d`1342ec20 fffff806`2bcb25c4     : 00000000`00000001 00000000`00000001 00000000`00006a30 00000000`00000001 : nt!ObfDereferenceObjectWithTag+0xc7
ffff8d8d`1342ec60 fffff806`2bd49d99     : 00000000`42536f49 fffff806`2b885fdf ffffffff`80006a30 ffff8d8d`1342f028 : nt!ObpCloseHandle+0x2a4
ffff8d8d`1342ed80 fffff806`2ba40fe8     : ffff920e`e6d07040 ffff920e`e1e05010 00000000`00000000 00000000`42536f49 : nt!NtClose+0x39
ffff8d8d`1342edb0 fffff806`2ba31b10     : fffff806`2be37221 00000000`00000017 ffff920e`c95a6d40 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x28
ffff8d8d`1342ef48 fffff806`2be37221     : 00000000`00000017 ffff920e`c95a6d40 00000000`00000000 00000000`00000017 : nt!KiServiceLinkage
ffff8d8d`1342ef50 fffff806`2be287df     : ffff920e`c95a6d40 ffffffff`80006a30 ffff920e`c95a6d40 ffff920e`c95a6e58 : nt!IopInvalidateVolumesForDevice+0x259
ffff8d8d`1342f020 fffff806`2be2647c     : ffffbe06`29e690b0 00000000`00000000 00000000`00000310 00000000`0000030a : nt!IopRemoveDevice+0x15b
ffff8d8d`1342f0d0 fffff806`2be28394     : ffff920e`ca46bc30 00000000`00000000 00000000`00000000 fffff806`2be282d7 : nt!PnpSurpriseRemoveLockedDeviceNode+0xc4
ffff8d8d`1342f130 fffff806`2be28027     : ffff920e`ca46bc30 ffff8d8d`1342f1b0 ffff920e`c95a6d40 00000000`00000004 : nt!PnpDeleteLockedDeviceNode+0x88
ffff8d8d`1342f170 fffff806`2be29276     : ffff920e`c95a6d40 00000002`00000002 00000000`00000000 00000000`00000003 : nt!PnpDeleteLockedDeviceNodes+0xd7
ffff8d8d`1342f1f0 fffff806`2bd50769     : ffff8d8d`1342f330 ffff920e`ca46bc00 ffff920e`d5af5d00 ffffbe06`00000002 : nt!PnpProcessQueryRemoveAndEject+0x1da
ffff8d8d`1342f2d0 fffff806`2bd62a40     : ffffbe06`29e690b0 ffffbe06`2f448190 ffff920e`c4128400 00000000`00000000 : nt!PnpProcessTargetDeviceEvent+0x109
ffff8d8d`1342f300 fffff806`2b8b0c65     : ffff920e`c41284e0 ffff920e`e6d07040 ffff8d8d`1342f480 fffff806`00000000 : nt!PnpDeviceEventWorker+0x2c0
ffff8d8d`1342f380 fffff806`2b8d8dc7     : ffff920e`e6d07040 00000000`00000507 ffff920e`e6d07040 fffff806`2b8b0b10 : nt!ExpWorkerThread+0x155
ffff8d8d`1342f570 fffff806`2ba311e4     : fffff806`28265180 ffff920e`e6d07040 fffff806`2b8d8d70 93fed101`d8fdf400 : nt!PspSystemThreadStartup+0x57
ffff8d8d`1342f5c0 00000000`00000000     : ffff8d8d`13430000 ffff8d8d`13429000 00000000`00000000 00000000`00000000 : nt!KiStartSystemThread+0x34

Possible hints at https://community.osr.com/discussion/143912/bugcheck-0xa-in-iodeletedevice-interesting-problem-to-think-about-for-the-weekend

The third is a use-after-free in btrfs!remove_volume_child, called from a PNP worker thread.

I do intend to revamp the code relating to removable devices at some point, as there's clearly some issues with it.

[JoshDoesStuff]

Hello, Is there any progress on getting this fixed?

-Josh