MarkingQueuedIrps rule (wdm)

The MarkingQueuedIrps rule specifies that the driver calls IoMarkIrpPending for an IRP that requires further processing only while holding a spin lock. This rule applies only when the driver adds the IRP to a driver-managed queue.

Specifically, the driver violates this rule only when all of the following events occur.

• The driver calls KeAcquireSpinLock or KeAcquireInStackQueuedSpinLock to acquire a spin lock.

• The driver calls one of the following routines to add an IRP to a driver-managed queue:

  • InsertHeadList
  • InsertTailList
  • KeInsertDeviceQueue
  • KeInsertQueueDpc
  • KeInsertByKeyDeviceQueue

• The driver calls KeReleaseSpinLock or KeReleaseInStackQueuedSpinLock to release the spin lock before it calls IoMarkIrpPending.

• The driver returns a status of STATUS_PENDING for the IRP.

Drivers should call IoMarkIrpPending for a queued IRP only while holding a spin lock. Otherwise, an IRP could be dequeued, completed by another driver routine, and freed by the system before the call to IoMarkIrpPending occurs, thereby causing a crash.

For more information, see Synchronizing IRP Cancellation.

Driver model: WDM

How to test

At compile time
Run Static Driver Verifier and specify the MarkingQueuedIrps rule. Use the following steps to run an analysis of your code: Prepare your code (use role type declarations). Run Static Driver Verifier. View and analyze the results. For more information, see Using Static Driver Verifier to Find Defects in Drivers.

Applies to

InsertHeadList IoCallDriver IoMarkIrpPending KeAcquireInStackQueuedSpinLock KeAcquireSpinLock KeInsertByKeyDeviceQueue KeInsertDeviceQueue KeInsertQueueDpc KeReleaseInStackQueuedSpinLock KeReleaseSpinLock PoCallDriver RemoveHeadList