http://bugs.winehq.org/show_bug.cgi?id=19713
lahmbi5675@gmx.de changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |lahmbi5675@gmx.de
--- Comment #25 from lahmbi5675@gmx.de 2009-10-03 12:50:30 --- http://www.winehq.org/pipermail/wine-devel/2009-September/078435.html
Isn't setting commio->iosb->u.Status racy? commio->iosb may be set from wait_for_event() which is called by an extra thread or by io_control(). Couldn't it happen that wait_on starts the thread wait_for_event sets the commio->iosb->u.Status to STATUS_SUCCESS wait_on returns to io_control STATUS_PENDING io_control overwrites commio->iosb->u.Status with STATUS_PENDING
I think io_control() should set commio->iosb->u.Status to STATUS_PENDING before calling wait_on(). After wait_on() io_control() should not set commio->iosb->u.Status if wait_on() returns STATUS_PENDING. Here the idea:
------------------ case IOCTL_SERIAL_WAIT_ON_MASK: if (lpOutBuffer && nOutBufferSize == sizeof(DWORD)) { piosb->u.Status = STATUS_PENDING; piosb->Information = sz; if (!(status = wait_on(hDevice, fd, hEvent, piosb, lpOutBuffer))) sz = sizeof(DWORD); else if (status == STATUS_PENDING) return status; } else status = STATUS_INVALID_PARAMETER; break; -------------------
I'm just pasting this here, so that the idea won't get lost.