From 606652ca088634e4532728e0705584c47cebf02c Mon Sep 17 00:00:00 2001 From: Cameron Gutman Date: Fri, 1 Aug 2008 12:19:18 +0000 Subject: [PATCH] * Fix many memory leaks by unmapping MDL pages when UnlockAndMaybeComplete and LostSocket are called with Status != STATUS_PENDING This change should probably be merged to trunk before 0.3.6 svn path=/branches/aicom-network-fixes/; revision=35001 --- drivers/network/afd/afd/bind.c | 8 ++++---- drivers/network/afd/afd/connect.c | 13 ++++++------- drivers/network/afd/afd/context.c | 8 ++++---- drivers/network/afd/afd/info.c | 10 +++++----- drivers/network/afd/afd/listen.c | 12 ++++++------ drivers/network/afd/afd/lock.c | 15 +++++---------- drivers/network/afd/afd/main.c | 8 ++++---- drivers/network/afd/afd/read.c | 28 +++++++++++++++------------- drivers/network/afd/afd/select.c | 12 ++++++------ drivers/network/afd/afd/write.c | 30 ++++++++++++++++-------------- drivers/network/afd/include/afd.h | 5 ++--- 11 files changed, 73 insertions(+), 76 deletions(-) diff --git a/drivers/network/afd/afd/bind.c b/drivers/network/afd/afd/bind.c index d11c2a9fa27..73bb6a617ab 100644 --- a/drivers/network/afd/afd/bind.c +++ b/drivers/network/afd/afd/bind.c @@ -48,10 +48,10 @@ AfdBindSocket(PDEVICE_OBJECT DeviceObject, PIRP Irp, AFD_DbgPrint(MID_TRACE,("Called\n")); - if( !SocketAcquireStateLock( FCB ) ) return LostSocket( Irp, FALSE ); + if( !SocketAcquireStateLock( FCB ) ) return LostSocket( Irp ); if( !(BindReq = LockRequest( Irp, IrpSp )) ) return UnlockAndMaybeComplete( FCB, STATUS_NO_MEMORY, - Irp, 0, NULL, FALSE ); + Irp, 0, NULL ); FCB->LocalAddress = TaCopyTransportAddress( &BindReq->Address ); @@ -61,7 +61,7 @@ AfdBindSocket(PDEVICE_OBJECT DeviceObject, PIRP Irp, if( NT_SUCCESS(Status) ) FCB->State = SOCKET_STATE_BOUND; - else return UnlockAndMaybeComplete( FCB, Status, Irp, 0, NULL, FALSE ); + else return UnlockAndMaybeComplete( FCB, Status, Irp, 0, NULL ); AFD_DbgPrint(MID_TRACE,("FCB->Flags %x\n", FCB->Flags)); @@ -87,6 +87,6 @@ AfdBindSocket(PDEVICE_OBJECT DeviceObject, PIRP Irp, if( Status == STATUS_PENDING ) Status = STATUS_SUCCESS; } - return UnlockAndMaybeComplete( FCB, Status, Irp, 0, NULL, TRUE ); + return UnlockAndMaybeComplete( FCB, Status, Irp, 0, NULL ); } diff --git a/drivers/network/afd/afd/connect.c b/drivers/network/afd/afd/connect.c index a93aa6a847d..b451afb172d 100644 --- a/drivers/network/afd/afd/connect.c +++ b/drivers/network/afd/afd/connect.c @@ -71,7 +71,7 @@ static NTSTATUS NTAPI StreamSocketConnectComplete /* I was wrong about this before as we can have pending writes to a not * yet connected socket */ - if( !SocketAcquireStateLock( FCB ) ) return LostSocket( Irp, FALSE ); + if( !SocketAcquireStateLock( FCB ) ) return LostSocket( Irp ); AFD_DbgPrint(MID_TRACE,("Irp->IoStatus.Status = %x\n", Irp->IoStatus.Status)); @@ -137,10 +137,10 @@ AfdStreamSocketConnect(PDEVICE_OBJECT DeviceObject, PIRP Irp, PAFD_CONNECT_INFO ConnectReq; AFD_DbgPrint(MID_TRACE,("Called on %x\n", FCB)); - if( !SocketAcquireStateLock( FCB ) ) return LostSocket( Irp, FALSE ); + if( !SocketAcquireStateLock( FCB ) ) return LostSocket( Irp ); if( !(ConnectReq = LockRequest( Irp, IrpSp )) ) return UnlockAndMaybeComplete( FCB, STATUS_NO_MEMORY, Irp, - 0, NULL, FALSE ); + 0, NULL ); AFD_DbgPrint(MID_TRACE,("Connect request:\n")); #if 0 @@ -177,11 +177,10 @@ AfdStreamSocketConnect(PDEVICE_OBJECT DeviceObject, PIRP Irp, if( NT_SUCCESS(Status) ) FCB->State = SOCKET_STATE_BOUND; else - return UnlockAndMaybeComplete( FCB, Status, Irp, 0, NULL, - TRUE ); + return UnlockAndMaybeComplete( FCB, Status, Irp, 0, NULL ); } else return UnlockAndMaybeComplete - ( FCB, STATUS_NO_MEMORY, Irp, 0, NULL, TRUE ); + ( FCB, STATUS_NO_MEMORY, Irp, 0, NULL ); } /* Drop through to SOCKET_STATE_BOUND */ case SOCKET_STATE_BOUND: @@ -228,5 +227,5 @@ AfdStreamSocketConnect(PDEVICE_OBJECT DeviceObject, PIRP Irp, break; } - return UnlockAndMaybeComplete( FCB, Status, Irp, 0, NULL, TRUE ); + return UnlockAndMaybeComplete( FCB, Status, Irp, 0, NULL ); } diff --git a/drivers/network/afd/afd/context.c b/drivers/network/afd/afd/context.c index 2c9055f7408..18744884ed0 100644 --- a/drivers/network/afd/afd/context.c +++ b/drivers/network/afd/afd/context.c @@ -20,7 +20,7 @@ AfdGetContext( PDEVICE_OBJECT DeviceObject, PIRP Irp, PAFD_FCB FCB = FileObject->FsContext; UINT ContextSize = IrpSp->Parameters.DeviceIoControl.OutputBufferLength; - if( !SocketAcquireStateLock( FCB ) ) return LostSocket( Irp, FALSE ); + if( !SocketAcquireStateLock( FCB ) ) return LostSocket( Irp ); if( FCB->ContextSize < ContextSize ) ContextSize = FCB->ContextSize; @@ -33,7 +33,7 @@ AfdGetContext( PDEVICE_OBJECT DeviceObject, PIRP Irp, AFD_DbgPrint(MID_TRACE,("Returning %x\n", Status)); - return UnlockAndMaybeComplete( FCB, Status, Irp, 0, NULL, FALSE ); + return UnlockAndMaybeComplete( FCB, Status, Irp, 0, NULL ); } NTSTATUS STDCALL @@ -43,7 +43,7 @@ AfdSetContext( PDEVICE_OBJECT DeviceObject, PIRP Irp, PFILE_OBJECT FileObject = IrpSp->FileObject; PAFD_FCB FCB = FileObject->FsContext; - if( !SocketAcquireStateLock( FCB ) ) return LostSocket( Irp, FALSE ); + if( !SocketAcquireStateLock( FCB ) ) return LostSocket( Irp ); if( FCB->ContextSize < IrpSp->Parameters.DeviceIoControl.InputBufferLength ) { @@ -64,5 +64,5 @@ AfdSetContext( PDEVICE_OBJECT DeviceObject, PIRP Irp, AFD_DbgPrint(MID_TRACE,("Returning %x\n", Status)); - return UnlockAndMaybeComplete( FCB, Status, Irp, 0, NULL, FALSE ); + return UnlockAndMaybeComplete( FCB, Status, Irp, 0, NULL ); } diff --git a/drivers/network/afd/afd/info.c b/drivers/network/afd/afd/info.c index 7e3d5e8d44a..9a3ead68093 100644 --- a/drivers/network/afd/afd/info.c +++ b/drivers/network/afd/afd/info.c @@ -26,7 +26,7 @@ AfdGetInfo( PDEVICE_OBJECT DeviceObject, PIRP Irp, _SEH_TRY { if( !SocketAcquireStateLock( FCB ) ) { - Status = LostSocket( Irp, FALSE ); + Status = LostSocket( Irp ); _SEH_YIELD(return Status); } @@ -69,7 +69,7 @@ AfdGetInfo( PDEVICE_OBJECT DeviceObject, PIRP Irp, AFD_DbgPrint(MID_TRACE,("Returning %x\n", Status)); - return UnlockAndMaybeComplete( FCB, Status, Irp, 0, NULL, FALSE ); + return UnlockAndMaybeComplete( FCB, Status, Irp, 0, NULL ); } NTSTATUS STDCALL @@ -84,11 +84,11 @@ AfdGetSockOrPeerName( PDEVICE_OBJECT DeviceObject, PIRP Irp, AFD_DbgPrint(MID_TRACE,("Called on %x\n", FCB)); - if( !SocketAcquireStateLock( FCB ) ) return LostSocket( Irp, FALSE ); + if( !SocketAcquireStateLock( FCB ) ) return LostSocket( Irp ); if( FCB->AddressFile.Object == NULL) { return UnlockAndMaybeComplete( FCB, STATUS_UNSUCCESSFUL, Irp, 0, - NULL, FALSE ); + NULL ); } Mdl = IoAllocateMdl @@ -159,5 +159,5 @@ AfdGetSockOrPeerName( PDEVICE_OBJECT DeviceObject, PIRP Irp, AFD_DbgPrint(MID_TRACE,("Returning %x\n", Status)); - return UnlockAndMaybeComplete( FCB, Status, Irp, 0, NULL, FALSE ); + return UnlockAndMaybeComplete( FCB, Status, Irp, 0, NULL ); } diff --git a/drivers/network/afd/afd/listen.c b/drivers/network/afd/afd/listen.c index f00c686cf17..166e2a6f912 100644 --- a/drivers/network/afd/afd/listen.c +++ b/drivers/network/afd/afd/listen.c @@ -157,16 +157,16 @@ NTSTATUS AfdListenSocket(PDEVICE_OBJECT DeviceObject, PIRP Irp, AFD_DbgPrint(MID_TRACE,("Called on %x\n", FCB)); - if( !SocketAcquireStateLock( FCB ) ) return LostSocket( Irp, FALSE ); + if( !SocketAcquireStateLock( FCB ) ) return LostSocket( Irp ); if( !(ListenReq = LockRequest( Irp, IrpSp )) ) return UnlockAndMaybeComplete( FCB, STATUS_NO_MEMORY, Irp, - 0, NULL, FALSE ); + 0, NULL ); if( FCB->State != SOCKET_STATE_BOUND ) { Status = STATUS_UNSUCCESSFUL; AFD_DbgPrint(MID_TRACE,("Could not listen an unbound socket\n")); - return UnlockAndMaybeComplete( FCB, Status, Irp, 0, NULL, TRUE ); + return UnlockAndMaybeComplete( FCB, Status, Irp, 0, NULL ); } FCB->DelayedAccept = ListenReq->UseDelayedAcceptance; @@ -198,7 +198,7 @@ NTSTATUS AfdListenSocket(PDEVICE_OBJECT DeviceObject, PIRP Irp, Status = STATUS_SUCCESS; AFD_DbgPrint(MID_TRACE,("Returning %x\n", Status)); - return UnlockAndMaybeComplete( FCB, Status, Irp, 0, NULL, TRUE ); + return UnlockAndMaybeComplete( FCB, Status, Irp, 0, NULL ); } NTSTATUS AfdWaitForListen( PDEVICE_OBJECT DeviceObject, PIRP Irp, @@ -209,7 +209,7 @@ NTSTATUS AfdWaitForListen( PDEVICE_OBJECT DeviceObject, PIRP Irp, AFD_DbgPrint(MID_TRACE,("Called\n")); - if( !SocketAcquireStateLock( FCB ) ) return LostSocket( Irp, FALSE ); + if( !SocketAcquireStateLock( FCB ) ) return LostSocket( Irp ); if( !IsListEmpty( &FCB->PendingConnections ) ) { PLIST_ENTRY PendingConn = FCB->PendingConnections.Flink; @@ -246,7 +246,7 @@ NTSTATUS AfdAccept( PDEVICE_OBJECT DeviceObject, PIRP Irp, AFD_DbgPrint(MID_TRACE,("Called\n")); - if( !SocketAcquireStateLock( FCB ) ) return LostSocket( Irp, FALSE ); + if( !SocketAcquireStateLock( FCB ) ) return LostSocket( Irp ); FCB->EventsFired &= ~AFD_EVENT_ACCEPT; diff --git a/drivers/network/afd/afd/lock.c b/drivers/network/afd/afd/lock.c index b9da3224a99..6ecd4f202d3 100644 --- a/drivers/network/afd/afd/lock.c +++ b/drivers/network/afd/afd/lock.c @@ -235,8 +235,7 @@ VOID SocketStateUnlock( PAFD_FCB FCB ) { NTSTATUS NTAPI UnlockAndMaybeComplete ( PAFD_FCB FCB, NTSTATUS Status, PIRP Irp, UINT Information, - PIO_COMPLETION_ROUTINE Completion, - BOOL ShouldUnlock ) { + PIO_COMPLETION_ROUTINE Completion ) { if( Status == STATUS_PENDING ) { /* We should firstly mark this IRP as pending, because @@ -244,29 +243,25 @@ NTSTATUS NTAPI UnlockAndMaybeComplete before we return from SocketStateUnlock(). */ IoMarkIrpPending( Irp ); SocketStateUnlock( FCB ); - if( ShouldUnlock ) - UnlockRequest( Irp, IoGetCurrentIrpStackLocation( Irp ) ); } else { + if ( Irp->MdlAddress ) UnlockRequest( Irp, IoGetCurrentIrpStackLocation( Irp ) ); SocketStateUnlock( FCB ); Irp->IoStatus.Status = Status; Irp->IoStatus.Information = Information; if( Completion ) Completion( FCB->DeviceExt->DeviceObject, Irp, FCB ); - if( ShouldUnlock ) - UnlockRequest( Irp, IoGetCurrentIrpStackLocation( Irp ) ); IoCompleteRequest( Irp, IO_NETWORK_INCREMENT ); } return Status; } -NTSTATUS LostSocket( PIRP Irp, BOOL ShouldUnlockIrp ) { +NTSTATUS LostSocket( PIRP Irp ) { NTSTATUS Status = STATUS_INVALID_PARAMETER; AFD_DbgPrint(MIN_TRACE,("Called.\n")); Irp->IoStatus.Information = 0; Irp->IoStatus.Status = Status; - if( ShouldUnlockIrp ) - UnlockRequest( Irp, IoGetCurrentIrpStackLocation( Irp ) ); + if ( Irp->MdlAddress ) UnlockRequest( Irp, IoGetCurrentIrpStackLocation( Irp ) ); IoCompleteRequest( Irp, IO_NO_INCREMENT ); return Status; } @@ -274,7 +269,7 @@ NTSTATUS LostSocket( PIRP Irp, BOOL ShouldUnlockIrp ) { NTSTATUS LeaveIrpUntilLater( PAFD_FCB FCB, PIRP Irp, UINT Function ) { InsertTailList( &FCB->PendingIrpList[Function], &Irp->Tail.Overlay.ListEntry ); - return UnlockAndMaybeComplete( FCB, STATUS_PENDING, Irp, 0, NULL, FALSE ); + return UnlockAndMaybeComplete( FCB, STATUS_PENDING, Irp, 0, NULL ); } VOID SocketCalloutEnter( PAFD_FCB FCB ) { diff --git a/drivers/network/afd/afd/main.c b/drivers/network/afd/afd/main.c index ab57ab6e409..0270c4bede4 100644 --- a/drivers/network/afd/afd/main.c +++ b/drivers/network/afd/afd/main.c @@ -257,11 +257,11 @@ AfdDisconnect(PDEVICE_OBJECT DeviceObject, PIRP Irp, NTSTATUS Status; USHORT Flags = 0; - if( !SocketAcquireStateLock( FCB ) ) return LostSocket( Irp, FALSE ); + if( !SocketAcquireStateLock( FCB ) ) return LostSocket( Irp ); if( !(DisReq = LockRequest( Irp, IrpSp )) ) return UnlockAndMaybeComplete( FCB, STATUS_NO_MEMORY, - Irp, 0, NULL, FALSE ); + Irp, 0, NULL ); if (NULL == FCB->RemoteAddress) { @@ -274,7 +274,7 @@ AfdDisconnect(PDEVICE_OBJECT DeviceObject, PIRP Irp, if( !NT_SUCCESS(Status) || !ConnInfo ) return UnlockAndMaybeComplete( FCB, STATUS_NO_MEMORY, - Irp, 0, NULL, TRUE ); + Irp, 0, NULL ); } if( DisReq->DisconnectType & AFD_DISCONNECT_SEND ) @@ -294,7 +294,7 @@ AfdDisconnect(PDEVICE_OBJECT DeviceObject, PIRP Irp, if (ConnInfo) ExFreePool( ConnInfo ); - return UnlockAndMaybeComplete( FCB, Status, Irp, 0, NULL, TRUE ); + return UnlockAndMaybeComplete( FCB, Status, Irp, 0, NULL ); } static NTSTATUS STDCALL diff --git a/drivers/network/afd/afd/read.c b/drivers/network/afd/afd/read.c index 48091aefe7b..05b1339e8e4 100644 --- a/drivers/network/afd/afd/read.c +++ b/drivers/network/afd/afd/read.c @@ -273,21 +273,21 @@ AfdConnectedSocketReadData(PDEVICE_OBJECT DeviceObject, PIRP Irp, AFD_DbgPrint(MID_TRACE,("Called on %x\n", FCB)); - if( !SocketAcquireStateLock( FCB ) ) return LostSocket( Irp, FALSE ); + if( !SocketAcquireStateLock( FCB ) ) return LostSocket( Irp ); if( FCB->State != SOCKET_STATE_CONNECTED && FCB->State != SOCKET_STATE_CONNECTING ) { AFD_DbgPrint(MID_TRACE,("Called recv on wrong kind of socket (s%x)\n", FCB->State)); return UnlockAndMaybeComplete( FCB, STATUS_UNSUCCESSFUL, - Irp, 0, NULL, FALSE ); + Irp, 0, NULL ); } if( FCB->Flags & AFD_ENDPOINT_CONNECTIONLESS ) { AFD_DbgPrint(MID_TRACE,("Receive on connection-less sockets not implemented\n")); return UnlockAndMaybeComplete( FCB, STATUS_NOT_IMPLEMENTED, - Irp, 0, NULL, FALSE ); + Irp, 0, NULL ); } FCB->EventsFired &= ~AFD_EVENT_RECEIVE; @@ -295,7 +295,7 @@ AfdConnectedSocketReadData(PDEVICE_OBJECT DeviceObject, PIRP Irp, if( !(RecvReq = LockRequest( Irp, IrpSp )) ) return UnlockAndMaybeComplete( FCB, STATUS_NO_MEMORY, - Irp, 0, NULL, FALSE ); + Irp, 0, NULL ); AFD_DbgPrint(MID_TRACE,("Recv flags %x\n", RecvReq->AfdFlags)); @@ -306,7 +306,7 @@ AfdConnectedSocketReadData(PDEVICE_OBJECT DeviceObject, PIRP Irp, if( !RecvReq->BufferArray ) { return UnlockAndMaybeComplete( FCB, STATUS_ACCESS_VIOLATION, - Irp, 0, NULL, TRUE ); + Irp, 0, NULL ); } Irp->IoStatus.Status = STATUS_PENDING; @@ -326,7 +326,7 @@ AfdConnectedSocketReadData(PDEVICE_OBJECT DeviceObject, PIRP Irp, RemoveEntryList( &Irp->Tail.Overlay.ListEntry ); UnlockBuffers( RecvReq->BufferArray, RecvReq->BufferCount, FALSE ); return UnlockAndMaybeComplete( FCB, Status, Irp, - TotalBytesCopied, NULL, TRUE ); + TotalBytesCopied, NULL ); } else if( Status == STATUS_PENDING ) { AFD_DbgPrint(MID_TRACE,("Leaving read irp\n")); IoMarkIrpPending( Irp ); @@ -501,6 +501,7 @@ PacketSocketRecvComplete( Status = NextIrp->IoStatus.Status = STATUS_BUFFER_TOO_SMALL; NextIrp->IoStatus.Information = DatagramRecv->Len; UnlockBuffers( RecvReq->BufferArray, RecvReq->BufferCount, TRUE ); + if ( NextIrp->MdlAddress ) UnlockRequest( NextIrp, IoGetCurrentIrpStackLocation( NextIrp ) ); IoCompleteRequest( NextIrp, IO_NETWORK_INCREMENT ); } else { AFD_DbgPrint(MID_TRACE,("Satisfying\n")); @@ -509,6 +510,7 @@ PacketSocketRecvComplete( (PUINT)&NextIrp->IoStatus.Information ); AFD_DbgPrint(MID_TRACE,("Unlocking\n")); UnlockBuffers( RecvReq->BufferArray, RecvReq->BufferCount, TRUE ); + if ( NextIrp->MdlAddress ) UnlockRequest( NextIrp, IoGetCurrentIrpStackLocation( NextIrp ) ); AFD_DbgPrint(MID_TRACE,("Completing\n")); IoCompleteRequest( NextIrp, IO_NETWORK_INCREMENT ); } @@ -557,17 +559,17 @@ AfdPacketSocketReadData(PDEVICE_OBJECT DeviceObject, PIRP Irp, AFD_DbgPrint(MID_TRACE,("Called on %x\n", FCB)); - if( !SocketAcquireStateLock( FCB ) ) return LostSocket( Irp, FALSE ); + if( !SocketAcquireStateLock( FCB ) ) return LostSocket( Irp ); FCB->EventsFired &= ~AFD_EVENT_RECEIVE; /* Check that the socket is bound */ if( FCB->State != SOCKET_STATE_BOUND ) return UnlockAndMaybeComplete - ( FCB, STATUS_UNSUCCESSFUL, Irp, 0, NULL, FALSE ); + ( FCB, STATUS_UNSUCCESSFUL, Irp, 0, NULL ); if( !(RecvReq = LockRequest( Irp, IrpSp )) ) return UnlockAndMaybeComplete - ( FCB, STATUS_NO_MEMORY, Irp, 0, NULL, FALSE ); + ( FCB, STATUS_NO_MEMORY, Irp, 0, NULL ); AFD_DbgPrint(MID_TRACE,("Recv flags %x\n", RecvReq->AfdFlags)); @@ -579,7 +581,7 @@ AfdPacketSocketReadData(PDEVICE_OBJECT DeviceObject, PIRP Irp, if( !RecvReq->BufferArray ) { /* access violation in userspace */ return UnlockAndMaybeComplete - ( FCB, STATUS_ACCESS_VIOLATION, Irp, 0, NULL, FALSE ); + ( FCB, STATUS_ACCESS_VIOLATION, Irp, 0, NULL ); } if( !IsListEmpty( &FCB->DatagramList ) ) { @@ -601,7 +603,7 @@ AfdPacketSocketReadData(PDEVICE_OBJECT DeviceObject, PIRP Irp, PollReeval( FCB->DeviceExt, FCB->FileObject ); return UnlockAndMaybeComplete - ( FCB, Status, Irp, RecvReq->BufferArray[0].len, NULL, TRUE ); + ( FCB, Status, Irp, RecvReq->BufferArray[0].len, NULL ); } else { Status = SatisfyPacketRecvRequest ( FCB, Irp, DatagramRecv, @@ -615,13 +617,13 @@ AfdPacketSocketReadData(PDEVICE_OBJECT DeviceObject, PIRP Irp, PollReeval( FCB->DeviceExt, FCB->FileObject ); return UnlockAndMaybeComplete - ( FCB, Status, Irp, Irp->IoStatus.Information, NULL, TRUE ); + ( FCB, Status, Irp, Irp->IoStatus.Information, NULL ); } } else if( RecvReq->AfdFlags & AFD_IMMEDIATE ) { AFD_DbgPrint(MID_TRACE,("Nonblocking\n")); Status = STATUS_CANT_WAIT; PollReeval( FCB->DeviceExt, FCB->FileObject ); - return UnlockAndMaybeComplete( FCB, Status, Irp, 0, NULL, TRUE ); + return UnlockAndMaybeComplete( FCB, Status, Irp, 0, NULL ); } else { PollReeval( FCB->DeviceExt, FCB->FileObject ); return LeaveIrpUntilLater( FCB, Irp, FUNCTION_RECV ); diff --git a/drivers/network/afd/afd/select.c b/drivers/network/afd/afd/select.c index 6d506bf4b01..3f00167b134 100644 --- a/drivers/network/afd/afd/select.c +++ b/drivers/network/afd/afd/select.c @@ -276,14 +276,14 @@ AfdEventSelect( PDEVICE_OBJECT DeviceObject, PIRP Irp, if ( !EventSelectInfo ) { return UnlockAndMaybeComplete( FCB, STATUS_NO_MEMORY, Irp, - 0, NULL, FALSE ); + 0, NULL ); } AFD_DbgPrint(MID_TRACE,("Called (Event %x Triggers %x)\n", EventSelectInfo->EventObject, EventSelectInfo->Events)); if( !SocketAcquireStateLock( FCB ) ) { - return LostSocket( Irp, TRUE ); + return LostSocket( Irp ); } FCB->EventSelectTriggers = FCB->EventsFired = 0; @@ -309,7 +309,7 @@ AfdEventSelect( PDEVICE_OBJECT DeviceObject, PIRP Irp, AFD_DbgPrint(MID_TRACE,("Returning %x\n", Status)); return UnlockAndMaybeComplete( FCB, STATUS_SUCCESS, Irp, - 0, NULL, TRUE ); + 0, NULL ); } NTSTATUS STDCALL @@ -324,18 +324,18 @@ AfdEnumEvents( PDEVICE_OBJECT DeviceObject, PIRP Irp, if ( !EnumReq ) { return UnlockAndMaybeComplete( FCB, STATUS_NO_MEMORY, Irp, - 0, NULL, FALSE ); + 0, NULL ); } if( !SocketAcquireStateLock( FCB ) ) { - return LostSocket( Irp, TRUE ); + return LostSocket( Irp ); } EnumReq->PollEvents = FCB->PollState; RtlZeroMemory( EnumReq->EventStatus, sizeof(EnumReq->EventStatus) ); return UnlockAndMaybeComplete( FCB, STATUS_SUCCESS, Irp, - 0, NULL, TRUE ); + 0, NULL ); } /* * * NOTE ALWAYS CALLED AT DISPATCH_LEVEL * * */ diff --git a/drivers/network/afd/afd/write.c b/drivers/network/afd/afd/write.c index 5236a8c551b..57dc08ef3ba 100644 --- a/drivers/network/afd/afd/write.c +++ b/drivers/network/afd/afd/write.c @@ -74,6 +74,8 @@ static NTSTATUS NTAPI SendComplete NextIrp->IoStatus.Status = Status; NextIrp->IoStatus.Information = 0; + if ( NextIrp->MdlAddress ) UnlockRequest( NextIrp, IoGetCurrentIrpStackLocation( NextIrp ) ); + IoCompleteRequest( NextIrp, IO_NETWORK_INCREMENT ); } @@ -151,7 +153,7 @@ static NTSTATUS NTAPI SendComplete AFD_DbgPrint(MID_TRACE,("Dismissing request: %x\n", Status)); return UnlockAndMaybeComplete( FCB, Status, NextIrp, TotalBytesCopied, - NULL, TRUE ); + NULL ); } else if( NextIrp ) { AFD_DbgPrint(MID_TRACE,("Could not do any more with Irp %x\n", NextIrp)); @@ -211,7 +213,7 @@ AfdConnectedSocketWriteData(PDEVICE_OBJECT DeviceObject, PIRP Irp, AFD_DbgPrint(MID_TRACE,("Called on %x\n", FCB)); - if( !SocketAcquireStateLock( FCB ) ) return LostSocket( Irp, FALSE ); + if( !SocketAcquireStateLock( FCB ) ) return LostSocket( Irp ); FCB->EventsFired &= ~AFD_EVENT_SEND; @@ -223,11 +225,11 @@ AfdConnectedSocketWriteData(PDEVICE_OBJECT DeviceObject, PIRP Irp, /* Check that the socket is bound */ if( FCB->State != SOCKET_STATE_BOUND ) return UnlockAndMaybeComplete( FCB, STATUS_UNSUCCESSFUL, Irp, - 0, NULL, FALSE ); + 0, NULL ); if( !(SendReq = LockRequest( Irp, IrpSp )) ) return UnlockAndMaybeComplete( FCB, STATUS_NO_MEMORY, Irp, 0, - NULL, FALSE ); + NULL ); /* Must lock buffers before handing off user data */ SendReq->BufferArray = LockBuffers( SendReq->BufferArray, @@ -259,12 +261,12 @@ AfdConnectedSocketWriteData(PDEVICE_OBJECT DeviceObject, PIRP Irp, return UnlockAndMaybeComplete( FCB, Status, Irp, SendReq->BufferArray[0].len, - NULL, TRUE ); + NULL ); } if( !(SendReq = LockRequest( Irp, IrpSp )) ) return UnlockAndMaybeComplete - ( FCB, STATUS_NO_MEMORY, Irp, TotalBytesCopied, NULL, FALSE ); + ( FCB, STATUS_NO_MEMORY, Irp, TotalBytesCopied, NULL ); AFD_DbgPrint(MID_TRACE,("Socket state %d\n", FCB->State)); @@ -272,7 +274,7 @@ AfdConnectedSocketWriteData(PDEVICE_OBJECT DeviceObject, PIRP Irp, if( SendReq->AfdFlags & AFD_IMMEDIATE ) { AFD_DbgPrint(MID_TRACE,("Nonblocking\n")); return UnlockAndMaybeComplete - ( FCB, STATUS_CANT_WAIT, Irp, 0, NULL, TRUE ); + ( FCB, STATUS_CANT_WAIT, Irp, 0, NULL ); } else { AFD_DbgPrint(MID_TRACE,("Queuing request\n")); return LeaveIrpUntilLater( FCB, Irp, FUNCTION_SEND ); @@ -323,7 +325,7 @@ AfdConnectedSocketWriteData(PDEVICE_OBJECT DeviceObject, PIRP Irp, AFD_DbgPrint(MID_TRACE,("Empty send\n")); return UnlockAndMaybeComplete - ( FCB, Status, Irp, TotalBytesCopied, NULL, TRUE ); + ( FCB, Status, Irp, TotalBytesCopied, NULL ); } AFD_DbgPrint(MID_TRACE,("Completed %d bytes\n", TotalBytesCopied)); @@ -353,14 +355,14 @@ AfdConnectedSocketWriteData(PDEVICE_OBJECT DeviceObject, PIRP Irp, Status, TotalBytesCopied)); return UnlockAndMaybeComplete - ( FCB, Status, Irp, TotalBytesCopied, NULL, TRUE ); + ( FCB, Status, Irp, TotalBytesCopied, NULL ); } } if( SendReq->AfdFlags & AFD_IMMEDIATE ) { AFD_DbgPrint(MID_TRACE,("Nonblocking\n")); return UnlockAndMaybeComplete - ( FCB, STATUS_CANT_WAIT, Irp, 0, NULL, TRUE ); + ( FCB, STATUS_CANT_WAIT, Irp, 0, NULL ); } else { AFD_DbgPrint(MID_TRACE,("Queuing request\n")); return LeaveIrpUntilLater( FCB, Irp, FUNCTION_SEND ); @@ -378,7 +380,7 @@ AfdPacketSocketWriteData(PDEVICE_OBJECT DeviceObject, PIRP Irp, AFD_DbgPrint(MID_TRACE,("Called on %x\n", FCB)); - if( !SocketAcquireStateLock( FCB ) ) return LostSocket( Irp, FALSE ); + if( !SocketAcquireStateLock( FCB ) ) return LostSocket( Irp ); FCB->EventsFired &= ~AFD_EVENT_SEND; FCB->PollState &= ~AFD_EVENT_SEND; @@ -386,10 +388,10 @@ AfdPacketSocketWriteData(PDEVICE_OBJECT DeviceObject, PIRP Irp, /* Check that the socket is bound */ if( FCB->State != SOCKET_STATE_BOUND ) return UnlockAndMaybeComplete - ( FCB, STATUS_UNSUCCESSFUL, Irp, 0, NULL, FALSE ); + ( FCB, STATUS_UNSUCCESSFUL, Irp, 0, NULL ); if( !(SendReq = LockRequest( Irp, IrpSp )) ) return UnlockAndMaybeComplete - ( FCB, STATUS_NO_MEMORY, Irp, 0, NULL, FALSE ); + ( FCB, STATUS_NO_MEMORY, Irp, 0, NULL ); AFD_DbgPrint (MID_TRACE,("RemoteAddress #%d Type %d\n", @@ -426,6 +428,6 @@ AfdPacketSocketWriteData(PDEVICE_OBJECT DeviceObject, PIRP Irp, AFD_DbgPrint(MID_TRACE,("Dismissing request: %x\n", Status)); return UnlockAndMaybeComplete - ( FCB, Status, Irp, SendReq->BufferArray[0].len, NULL, TRUE ); + ( FCB, Status, Irp, SendReq->BufferArray[0].len, NULL ); } diff --git a/drivers/network/afd/include/afd.h b/drivers/network/afd/include/afd.h index 02a5fa11b60..285907a60af 100644 --- a/drivers/network/afd/include/afd.h +++ b/drivers/network/afd/include/afd.h @@ -206,10 +206,9 @@ UINT SocketAcquireStateLock( PAFD_FCB FCB ); NTSTATUS NTAPI UnlockAndMaybeComplete ( PAFD_FCB FCB, NTSTATUS Status, PIRP Irp, UINT Information, - PIO_COMPLETION_ROUTINE Completion, - BOOL ShouldUnlockIrp ); + PIO_COMPLETION_ROUTINE Completion ); VOID SocketStateUnlock( PAFD_FCB FCB ); -NTSTATUS LostSocket( PIRP Irp, BOOL ShouldUnlockIrp ); +NTSTATUS LostSocket( PIRP Irp ); PAFD_HANDLE LockHandles( PAFD_HANDLE HandleArray, UINT HandleCount ); VOID UnlockHandles( PAFD_HANDLE HandleArray, UINT HandleCount ); PVOID LockRequest( PIRP Irp, PIO_STACK_LOCATION IrpSp );