From: Jeffrey Altman Date: Sat, 29 Dec 2012 20:58:06 +0000 (-0500) Subject: Windows: Decrement Fcb OpenHandleCount while locked X-Git-Tag: upstream/1.8.0_pre1^2~1626 X-Git-Url: https://git.michaelhowe.org/gitweb/?a=commitdiff_plain;h=e297a00dfca21103672ab97145895cabf97112a8;p=packages%2Fo%2Fopenafs.git Windows: Decrement Fcb OpenHandleCount while locked AFSCleanup performs tests on the Fcb Open Handle Count to determine when to perform final cleanup tasks on the last handle close. The test is protected by holding the Fcb Resource. If the Open Handle Count is decremented after dropping the Resource, it creates a race with other threads that might be blocked entering AFSCleanup to close their handle on the same object. Change-Id: I0403d8aeafd736484728a25c5c48ab28e8b8a804 Reviewed-on: http://gerrit.openafs.org/8863 Tested-by: BuildBot Reviewed-by: Jeffrey Altman Tested-by: Jeffrey Altman --- diff --git a/src/WINNT/afsrdr/kernel/lib/AFSCleanup.cpp b/src/WINNT/afsrdr/kernel/lib/AFSCleanup.cpp index d8d31c5ff..6c8668c9e 100644 --- a/src/WINNT/afsrdr/kernel/lib/AFSCleanup.cpp +++ b/src/WINNT/afsrdr/kernel/lib/AFSCleanup.cpp @@ -154,9 +154,11 @@ AFSCleanup( IN PDEVICE_OBJECT LibDeviceObject, AFSAcquireExcl( &pFcb->NPFcb->Resource, TRUE); - ASSERT( pFcb->OpenHandleCount != 0); + FsRtlNotifyCleanup( pControlDeviceExt->Specific.Control.NotifySync, + &pControlDeviceExt->Specific.Control.DirNotifyList, + pCcb); - AFSReleaseResource( &pFcb->NPFcb->Resource); + ASSERT( pFcb->OpenHandleCount != 0); lCount = InterlockedDecrement( &pFcb->OpenHandleCount); @@ -166,9 +168,7 @@ AFSCleanup( IN PDEVICE_OBJECT LibDeviceObject, pFcb, lCount); - FsRtlNotifyCleanup( pControlDeviceExt->Specific.Control.NotifySync, - &pControlDeviceExt->Specific.Control.DirNotifyList, - pCcb); + AFSReleaseResource( &pFcb->NPFcb->Resource); break; } @@ -1071,8 +1071,6 @@ AFSCleanup( IN PDEVICE_OBJECT LibDeviceObject, lCount); } - AFSReleaseResource( &pFcb->NPFcb->Resource); - lCount = InterlockedDecrement( &pFcb->OpenHandleCount); AFSDbgLogMsg( AFS_SUBSYSTEM_FCB_REF_COUNTING, @@ -1081,6 +1079,8 @@ AFSCleanup( IN PDEVICE_OBJECT LibDeviceObject, pFcb, lCount); + AFSReleaseResource( &pFcb->NPFcb->Resource); + break; } @@ -1372,8 +1372,6 @@ AFSCleanup( IN PDEVICE_OBJECT LibDeviceObject, lCount); } - AFSReleaseResource( &pFcb->NPFcb->Resource); - lCount = InterlockedDecrement( &pFcb->OpenHandleCount); AFSDbgLogMsg( AFS_SUBSYSTEM_FCB_REF_COUNTING, @@ -1382,6 +1380,8 @@ AFSCleanup( IN PDEVICE_OBJECT LibDeviceObject, pFcb, lCount); + AFSReleaseResource( &pFcb->NPFcb->Resource); + break; } @@ -1418,8 +1418,6 @@ AFSCleanup( IN PDEVICE_OBJECT LibDeviceObject, lCount); } - AFSReleaseResource( &pFcb->NPFcb->Resource); - lCount = InterlockedDecrement( &pFcb->OpenHandleCount); AFSDbgLogMsg( AFS_SUBSYSTEM_FCB_REF_COUNTING, @@ -1428,13 +1426,15 @@ AFSCleanup( IN PDEVICE_OBJECT LibDeviceObject, pFcb, lCount); + AFSReleaseResource( &pFcb->NPFcb->Resource); + break; } default: AFSDbgLogMsg( AFS_SUBSYSTEM_FILE_PROCESSING, - AFS_TRACE_LEVEL_WARNING, + AFS_TRACE_LEVEL_ERROR, "AFSCleanup Processing unknown node type %d\n", pFcb->Header.NodeTypeCode);