Author: cgutman Date: Fri Jun 24 14:06:48 2011 New Revision: 52441 URL: http://svn.reactos.org/svn/reactos?rev=52441&view=rev Log: [AFD] - Queue the user-mode connect IRP before calling TdiConnect to avoid a race if the TDI_CONNECT IRP is completed before we get a chance to queue the user-mode IRP to accept the connection - Change the non-blocking TDI helper functions to always return STATUS_PENDING if the completion function will be called to avoid duplicate handling of IRPs Modified: trunk/reactos/drivers/network/afd/afd/connect.c trunk/reactos/drivers/network/afd/afd/lock.c trunk/reactos/drivers/network/afd/afd/tdi.c trunk/reactos/drivers/network/afd/include/afd.h Modified: trunk/reactos/drivers/network/afd/afd/connect.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/drivers/network/afd/afd/co… ============================================================================== --- trunk/reactos/drivers/network/afd/afd/connect.c [iso-8859-1] (original) +++ trunk/reactos/drivers/network/afd/afd/connect.c [iso-8859-1] Fri Jun 24 14:06:48 2011 @@ -465,23 +465,30 @@ TargetAddress->UserDataLength = FCB->ConnectDataSize; TargetAddress->Options = FCB->ConnectOptions; TargetAddress->OptionsLength = FCB->ConnectOptionsSize; - - Status = TdiConnect( &FCB->ConnectIrp.InFlightRequest, - FCB->Connection.Object, - TargetAddress, - FCB->ConnectInfo, - &FCB->ConnectIrp.Iosb, - StreamSocketConnectComplete, - FCB ); - - ExFreePool(TargetAddress); - - AFD_DbgPrint(MID_TRACE,("Queueing IRP %x\n", Irp)); - - if( Status == STATUS_PENDING ) { - FCB->State = SOCKET_STATE_CONNECTING; - return LeaveIrpUntilLater( FCB, Irp, FUNCTION_CONNECT ); - } + + FCB->State = SOCKET_STATE_CONNECTING; + + AFD_DbgPrint(MID_TRACE,("Queueing IRP %x\n", Irp)); + Status = QueueUserModeIrp( FCB, Irp, FUNCTION_CONNECT ); + if (Status == STATUS_PENDING) + { + Status = TdiConnect( &FCB->ConnectIrp.InFlightRequest, + FCB->Connection.Object, + TargetAddress, + FCB->ConnectInfo, + &FCB->ConnectIrp.Iosb, + StreamSocketConnectComplete, + FCB ); + } + + if (Status != STATUS_PENDING) + FCB->State = SOCKET_STATE_BOUND; + + ExFreePool(TargetAddress); + + SocketStateUnlock(FCB); + + return Status; } break; Modified: trunk/reactos/drivers/network/afd/afd/lock.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/drivers/network/afd/afd/lo… ============================================================================== --- trunk/reactos/drivers/network/afd/afd/lock.c [iso-8859-1] (original) +++ trunk/reactos/drivers/network/afd/afd/lock.c [iso-8859-1] Fri Jun 24 14:06:48 2011 @@ -287,12 +287,13 @@ return Status; } -NTSTATUS LeaveIrpUntilLater( PAFD_FCB FCB, PIRP Irp, UINT Function ) { +NTSTATUS QueueUserModeIrp(PAFD_FCB FCB, PIRP Irp, UINT Function) +{ NTSTATUS Status; /* Add the IRP to the queue in all cases (so AfdCancelHandler will work properly) */ InsertTailList( &FCB->PendingIrpList[Function], - &Irp->Tail.Overlay.ListEntry ); + &Irp->Tail.Overlay.ListEntry ); /* Acquire the cancel spin lock and check the cancel bit */ IoAcquireCancelSpinLock(&Irp->CancelIrql); @@ -319,6 +320,14 @@ Status = STATUS_CANCELLED; } + return Status; +} + +NTSTATUS LeaveIrpUntilLater( PAFD_FCB FCB, PIRP Irp, UINT Function ) { + NTSTATUS Status; + + Status = QueueUserModeIrp(FCB, Irp, Function); + SocketStateUnlock( FCB ); return Status; Modified: trunk/reactos/drivers/network/afd/afd/tdi.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/drivers/network/afd/afd/td… ============================================================================== --- trunk/reactos/drivers/network/afd/afd/tdi.c [iso-8859-1] (original) +++ trunk/reactos/drivers/network/afd/afd/tdi.c [iso-8859-1] Fri Jun 24 14:06:48 2011 @@ -325,7 +325,6 @@ */ { PDEVICE_OBJECT DeviceObject; - NTSTATUS Status; AFD_DbgPrint(MAX_TRACE, ("Called\n")); @@ -360,9 +359,9 @@ ConnectionCallInfo, /* Request connection information */ ConnectionReturnInfo); /* Return connection information */ - Status = TdiCall(*Irp, DeviceObject, NULL, Iosb); - - return Status; + TdiCall(*Irp, DeviceObject, NULL, Iosb); + + return STATUS_PENDING; } @@ -380,7 +379,6 @@ { PDEVICE_OBJECT DeviceObject; IO_STATUS_BLOCK Iosb; - NTSTATUS Status; KEVENT Event; PIRP Irp; @@ -415,9 +413,7 @@ NULL, AddressHandle); - Status = TdiCall(Irp, DeviceObject, &Event, &Iosb); - - return Status; + return TdiCall(Irp, DeviceObject, &Event, &Iosb); } NTSTATUS TdiDisassociateAddressFile( @@ -432,7 +428,6 @@ { PDEVICE_OBJECT DeviceObject; IO_STATUS_BLOCK Iosb; - NTSTATUS Status; KEVENT Event; PIRP Irp; @@ -465,9 +460,7 @@ NULL, NULL); - Status = TdiCall(Irp, DeviceObject, &Event, &Iosb); - - return Status; + return TdiCall(Irp, DeviceObject, &Event, &Iosb); } NTSTATUS TdiListen @@ -489,7 +482,6 @@ */ { PDEVICE_OBJECT DeviceObject; - NTSTATUS Status; AFD_DbgPrint(MAX_TRACE, ("Called\n")); @@ -523,9 +515,9 @@ *RequestConnectionInfo, /* Request connection information */ *ReturnConnectionInfo); /* Return connection information */ - Status = TdiCall(*Irp, DeviceObject, NULL /* Don't wait for completion */, Iosb); - - return Status; + TdiCall(*Irp, DeviceObject, NULL /* Don't wait for completion */, Iosb); + + return STATUS_PENDING; } @@ -549,7 +541,6 @@ { PDEVICE_OBJECT DeviceObject; IO_STATUS_BLOCK Iosb; - NTSTATUS Status; KEVENT Event; PIRP Irp; @@ -587,9 +578,7 @@ Handler, Context); - Status = TdiCall(Irp, DeviceObject, &Event, &Iosb); - - return Status; + return TdiCall(Irp, DeviceObject, &Event, &Iosb); } @@ -670,7 +659,6 @@ { PDEVICE_OBJECT DeviceObject; IO_STATUS_BLOCK Iosb; - NTSTATUS Status; KEVENT Event; PIRP Irp; @@ -705,9 +693,7 @@ QueryType, MdlBuffer); - Status = TdiCall(Irp, DeviceObject, &Event, &Iosb); - - return Status; + return TdiCall(Irp, DeviceObject, &Event, &Iosb); } NTSTATUS TdiQueryInformationEx( @@ -897,7 +883,6 @@ PVOID CompletionContext ) { PDEVICE_OBJECT DeviceObject; - NTSTATUS Status = STATUS_SUCCESS; PMDL Mdl; ASSERT(*Irp == NULL); @@ -960,11 +945,11 @@ Flags, /* Flags */ BufferLength); /* Length of data */ - Status = TdiCall(*Irp, DeviceObject, NULL, Iosb); + TdiCall(*Irp, DeviceObject, NULL, Iosb); /* Does not block... The MDL is deleted in the receive completion routine. */ - return Status; + return STATUS_PENDING; } NTSTATUS TdiReceive( @@ -977,7 +962,6 @@ PIO_COMPLETION_ROUTINE CompletionRoutine, PVOID CompletionContext) { - NTSTATUS Status = STATUS_SUCCESS; PDEVICE_OBJECT DeviceObject; PMDL Mdl; @@ -1028,7 +1012,7 @@ AFD_DbgPrint(MIN_TRACE, ("MmProbeAndLockPages() failed.\n")); IoFreeMdl(Mdl); IoCompleteRequest(*Irp, IO_NO_INCREMENT); - *Irp = NULL; + *Irp = NULL; _SEH2_YIELD(return STATUS_INSUFFICIENT_RESOURCES); } _SEH2_END; @@ -1044,14 +1028,11 @@ BufferLength); /* Length of data */ - Status = TdiCall(*Irp, DeviceObject, NULL, Iosb); + TdiCall(*Irp, DeviceObject, NULL, Iosb); /* Does not block... The MDL is deleted in the receive completion routine. */ - AFD_DbgPrint(MID_TRACE,("Status %x Information %d\n", - Status, Iosb->Information)); - - return Status; + return STATUS_PENDING; } @@ -1078,7 +1059,6 @@ */ { PDEVICE_OBJECT DeviceObject; - NTSTATUS Status; PMDL Mdl; ASSERT(*Irp == NULL); @@ -1144,11 +1124,11 @@ Addr, Flags); /* Length of data */ - Status = TdiCall(*Irp, DeviceObject, NULL, Iosb); + TdiCall(*Irp, DeviceObject, NULL, Iosb); /* Does not block... The MDL is deleted in the receive completion routine. */ - return Status; + return STATUS_PENDING; } @@ -1174,7 +1154,6 @@ */ { PDEVICE_OBJECT DeviceObject; - NTSTATUS Status; PMDL Mdl; ASSERT(*Irp == NULL); @@ -1241,11 +1220,11 @@ BufferLength, /* Bytes to send */ Addr); /* Address */ - Status = TdiCall(*Irp, DeviceObject, NULL, Iosb); + TdiCall(*Irp, DeviceObject, NULL, Iosb); /* Does not block... The MDL is deleted in the send completion routine. */ - return Status; + return STATUS_PENDING; } NTSTATUS TdiDisconnect( @@ -1258,7 +1237,6 @@ PTDI_CONNECTION_INFORMATION RequestConnectionInfo, PTDI_CONNECTION_INFORMATION ReturnConnectionInfo) { PDEVICE_OBJECT DeviceObject; - NTSTATUS Status; KEVENT Event; PIRP Irp; @@ -1300,9 +1278,7 @@ RequestConnectionInfo, /* Indication of who to disconnect */ ReturnConnectionInfo); /* Indication of who disconnected */ - Status = TdiCall(Irp, DeviceObject, &Event, Iosb); - - return Status; + return TdiCall(Irp, DeviceObject, &Event, Iosb); } /* EOF */ Modified: trunk/reactos/drivers/network/afd/include/afd.h URL: http://svn.reactos.org/svn/reactos/trunk/reactos/drivers/network/afd/includ… ============================================================================== --- trunk/reactos/drivers/network/afd/include/afd.h [iso-8859-1] (original) +++ trunk/reactos/drivers/network/afd/include/afd.h [iso-8859-1] Fri Jun 24 14:06:48 2011 @@ -302,11 +302,12 @@ PVOID LockRequest( PIRP Irp, PIO_STACK_LOCATION IrpSp ); VOID UnlockRequest( PIRP Irp, PIO_STACK_LOCATION IrpSp ); PVOID GetLockedData( PIRP Irp, PIO_STACK_LOCATION IrpSp ); +NTSTATUS LeaveIrpUntilLater( PAFD_FCB FCB, PIRP Irp, UINT Function ); +NTSTATUS QueueUserModeIrp(PAFD_FCB FCB, PIRP Irp, UINT Function); /* main.c */ VOID OskitDumpBuffer( PCHAR Buffer, UINT Len ); -NTSTATUS LeaveIrpUntilLater( PAFD_FCB FCB, PIRP Irp, UINT Function ); VOID DestroySocket( PAFD_FCB FCB ); VOID NTAPI AfdCancelHandler(PDEVICE_OBJECT DeviceObject, PIRP Irp);