Closed MartinDrab closed 5 months ago
I ran into some issues during the second day of testing (all worked fine before that), thus, I suspend this PR until I resolve the problems.
I ran into some issues during the second day of testing (all worked fine before that), thus, I suspend this PR until I resolve the problems.
The issues were not related to this bug, thus, I mark this as ready to merge. I did no changes to the code or commit message, just the branch was moved above the master
.
Waiting for CI to pass before merging
The Socket driver stores socket-related data in memory associated with file objects representing the sockets. It uses
WdfObjectReference/WdfObjectDereference
to track ownership and protect sockets being in use from deletion. However, these routines do not affect reference count of the underlyingFILE_OBJECT
structures (served by Object Manager) -- they work only with the reference count of the WDF object wrapped around theFILE_OBJECT
structure. Thus, when the underlyingFILE_OBJECT
is deleted,WdfObjectReference
does not protect the socket context from deallocation.This commit fixes this issue by introducing
VioSockReference
andVioSockDereference
which also work with reference count of the wrappedFILE_OBJECT
structures. Also,VioSockClose
is replaced withVioSockCleanup
– the latter one is invoked when the last handle for a file object (FILE_OBJECT
, notWDFFILEOBJECT
) gets closed (the former one is invoked when the last reference is gone -- which does not happen ifVioSock(De)reference
are used). For usermode, this makes no difference since user applications work only with handles, not pointer references to file objects.