[ros-bugs] [Bug 713] Ntoskrnl bugcheck when quitting Telnet session
ReactOS.Bugzilla at reactos.com
ReactOS.Bugzilla at reactos.com
Mon Sep 12 09:46:22 CEST 2005
http://reactos.com/bugzilla/show_bug.cgi?id=713
------- Additional Comments From gvg at reactos.com 2005-12-09 09:46 -------
- Telnet opens a socket
- Sending and receiving are handled by different threads, let's call them S and R
- Thread R starts a recv() operation, which is translated to an ioctl on the socket
- No data is available, so thread R blocks, waiting for FileObject->Event
- I type something, which is handled by thread S. Thread S starts a send()
operation.
- Again translated to an ioctl on the socket. Since this is the same socket as
used by S, the FileObject will be the same
- The send can complete immediately, IoCompleteRequest is called which sets the
FileObject->Event.
- Thread R is unblocked, the event it was waiting for was set by thread S.
However, the irp of thread R was never completed. The recv() call returns with
bogus info.
- Thread R starts another recv(). When some data arrives from the server, two
irps are waiting for it. This eventually leads to the crash.
The fundamental problem seems to be multiple overlapping I/O operations which
all use FileObject->Event to signal their completion. I have no idea how to fix
that... Asked for help on ros-dev
--
Configure bugmail: http://reactos.com/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
More information about the Ros-bugs
mailing list