REFERENCE_BY_POINTER (18)
Arguments:
Arg1: 0000000000000000, Object type of the object whose reference count is being lowered
Arg2: ffffb686dcf273e0, Object whose reference count is being lowered
Arg3: 0000000000000010, Reserved
Arg4: 0000000000000001, Reserved
The reference count of an object is illegal for the current state of the object.
fffff50d2051ec18 fffff805
262bf74b : 0000000000000018 00000000
00000000 ffffb686dcf273e0 00000000
00000010 : nt!KeBugCheckEx
fffff50d2051ec20 fffff805
40f132b3 : ffffb686e0b08920 00000000
00000002 deadbeefdeadbeef ffffb687
6c7c70c0 : nt!ObReferenceObjectByPointer+0x1d999b
fffff50d2051ec60 fffff805
4118f5fb : 0000000000000111 ffffb686
a1e36500 0000000000000889 fffff805
411cc29a : OpenZFS!vflush+0x193 [C:\src\openzfs\module\os\windows\spl\spl-vnode.c @ 1503]
try {
Status = ObReferenceObjectByPointer(
fileobject,
0,
*IoFileObjectType,
KernelMode);
} except(EXCEPTION_EXECUTE_HANDLER) {
Status = GetExceptionCode();
}
2: kd> dt fileobject
Local var @ 0xfffff50d2051eca0 Type _FILE_OBJECT*
0xffffb686dcf273e0 +0x000 Type : 0n5 +0x002 Size : 0n216 +0x008 DeviceObject : 0xffffb686
dd1cdb10 _DEVICE_OBJECT
+0x010 Vpb : 0xffffb686e3feb4e0 _VPB +0x018 FsContext : 0xffffb686
a3f82008 Void
+0x020 FsContext2 : 0xffffb686aa6d40d0 Void +0x028 SectionObjectPointer : 0xffffb686
a3f82098 _SECTION_OBJECT_POINTERS
+0x030 PrivateCacheMap : (null)
+0x038 FinalStatus : 0n132
+0x040 RelatedFileObject : (null)
+0x048 LockOperation : 0 ‘’
+0x049 DeletePending : 0 ‘’
+0x04a ReadAccess : 0x1 ‘’
+0x04b WriteAccess : 0x1 ‘’
+0x04c DeleteAccess : 0x1 ‘’
+0x04d SharedRead : 0 ‘’
+0x04e SharedWrite : 0 ‘’
+0x04f SharedDelete : 0 ‘’
+0x050 Flags : 0x44442
+0x058 FileName : _UNICODE_STRING “\curtin\cut_Assignment1_Semester1_2020.git\logs\refs\heads”
+0x068 CurrentByteOffset : _LARGE_INTEGER 0x0
+0x070 Waiters : 0
+0x074 Busy : 0
+0x078 LastLock : (null)
+0x080 Lock : _KEVENT
+0x098 Event : _KEVENT
+0x0b0 CompletionContext : (null)
+0x0b8 IrpListLock : 0
+0x0c0 IrpList : _LIST_ENTRY [ 0xffffb686dcf274a0 - 0xffffb686
dcf274a0 ]
+0x0d0 FileObjectExtension : (null)
2: kd> !object 0xffffb686`dcf273e0
Object: ffffb686dcf273e0 Type: (ffffb68692d34d20) File
ObjectHeader: ffffb686dcf273b0 (new version)
HandleCount: 0 PointerCount: 1
Directory Object: 00000000 Name: \curtin\cut.git\logs\refs\heads {Volume{f6c8424b-073d-3824-9868-}
Isn’t PointerCount:1 and HandleCount:0 perfectly valid? I’m calling ObReferenceObjectByPointer() to increase PointerCount so I can use “fileobject”. Is there something I need to call
before ObReferenceObjectByPointer()? Or, is it something else wrong, and this is just when it reports it to me? Why does it keep saying “lowered” in the text, ObReferenceObjectByPointer() is increasing it right?