[NTOSKRNL]

- Add some missing return value checks
- Add some annotations
- Fix format specifiers
- Fix variable scope conflicts
- Fix possible closing of a NULL handle
- Use ObCloseHandle instead of ZwClose

svn path=/trunk/; revision=57954

reactos/ntoskrnl/cache/section/data.c

@@ -154,9 +154,10 @@ MiZeroFillSection(PVOID Address, PLARGE_INTEGER FileOffsetPtr, ULONG Length)
     DPRINT("Pulling zero pages for %08x%08x-%08x%08x\n",
            FileOffset.u.HighPart, FileOffset.u.LowPart,
            End.u.HighPart, End.u.LowPart);
+
     while (FileOffset.QuadPart < End.QuadPart)
     {
-        PVOID Address;
+        PVOID CurrentAddress;
         ULONG_PTR Entry;
 
         if (!NT_SUCCESS(MmRequestPageMemoryConsumer(MC_CACHE, TRUE, &Page)))
@@ -169,14 +170,14 @@ MiZeroFillSection(PVOID Address, PLARGE_INTEGER FileOffsetPtr, ULONG Length)
         if (Entry == 0)
         {
             MmSetPageEntrySectionSegment(Segment, &FileOffset, MAKE_PFN_SSE(Page));
-            Address = ((PCHAR)MemoryArea->StartingAddress) + FileOffset.QuadPart - FirstMapped.QuadPart;
+            CurrentAddress = ((PCHAR)MemoryArea->StartingAddress) + FileOffset.QuadPart - FirstMapped.QuadPart;
 
             OldIrql = KeAcquireQueuedSpinLock(LockQueuePfnLock);
             MmReferencePage(Page);
             KeReleaseQueuedSpinLock(LockQueuePfnLock, OldIrql);
 
-            MmCreateVirtualMapping(NULL, Address, PAGE_READWRITE, &Page, 1);
+            MmCreateVirtualMapping(NULL, CurrentAddress, PAGE_READWRITE, &Page, 1);
-            MmInsertRmap(Page, NULL, Address);
+            MmInsertRmap(Page, NULL, CurrentAddress);
         }
         else
         {

reactos/ntoskrnl/cache/section/fault.c

@@ -102,11 +102,12 @@ the page is present.
 
 NTSTATUS
 NTAPI
-MmNotPresentFaultCachePage(PMMSUPPORT AddressSpace,
+MmNotPresentFaultCachePage (
-                           MEMORY_AREA* MemoryArea,
+    _In_ PMMSUPPORT AddressSpace,
-                           PVOID Address,
+    _In_ MEMORY_AREA* MemoryArea,
-                           BOOLEAN Locked,
+    _In_ PVOID Address,
-                           PMM_REQUIRED_RESOURCES Required)
+    _In_ BOOLEAN Locked,
+    _Inout_ PMM_REQUIRED_RESOURCES Required)
 {
     NTSTATUS Status;
     PVOID PAddress;
@@ -317,11 +318,12 @@ In the ultimate form of this code, CoW is reenabled.
 
 NTSTATUS
 NTAPI
-MiCowCacheSectionPage(PMMSUPPORT AddressSpace,
+MiCowCacheSectionPage (
-                      PMEMORY_AREA MemoryArea,
+    _In_ PMMSUPPORT AddressSpace,
-                      PVOID Address,
+    _In_ PMEMORY_AREA MemoryArea,
-                      BOOLEAN Locked,
+    _In_ PVOID Address,
-                      PMM_REQUIRED_RESOURCES Required)
+    _In_ BOOLEAN Locked,
+    _Inout_ PMM_REQUIRED_RESOURCES Required)
 {
     PMM_SECTION_SEGMENT Segment;
     PFN_NUMBER NewPage, OldPage;
@@ -422,8 +424,8 @@ MiCowCacheSectionPage(PMMSUPPORT AddressSpace,
 
     DPRINT("Allocated page %x\n", NewPage);
 
-   /* Unshare the old page */
+    /* Unshare the old page */
-   MmDeleteRmap(OldPage, Process, PAddress);
+    MmDeleteRmap(OldPage, Process, PAddress);
 
    /* Copy the old page */
     DPRINT("Copying\n");
@@ -474,10 +476,13 @@ by fault handling, making recursive fault handling possible when required.
 
 */
 
+_Function_class_(WORKER_THREAD_ROUTINE)
 VOID
 NTAPI
-MmpFaultWorker(PWORK_QUEUE_WITH_CONTEXT WorkItem)
+MmpFaultWorker(PVOID Parameter)
 {
+    PWORK_QUEUE_WITH_CONTEXT WorkItem = Parameter;
+
     DPRINT("Calling work\n");
     WorkItem->Status = WorkItem->Required->DoAcquisition(WorkItem->AddressSpace,
                                                          WorkItem->MemoryArea,
@@ -622,7 +627,7 @@ MmpSectionAccessFaultInner(KPROCESSOR_MODE Mode,
                 KeInitializeEvent(&Context.Wait, NotificationEvent, FALSE);
 
                 ExInitializeWorkItem(&Context.WorkItem,
-                                     (PWORKER_THREAD_ROUTINE)MmpFaultWorker,
+                                     MmpFaultWorker,
                                      &Context);
 
                 DPRINT("Queue work item\n");

reactos/ntoskrnl/cache/section/io.c

@@ -71,6 +71,7 @@ This completion function is really required. Paging io completion does almost
 nothing, including freeing the mdls.
 
 */
+_Function_class_(IO_COMPLETION_ROUTINE)
 NTSTATUS
 NTAPI
 MiSimpleReadComplete(PDEVICE_OBJECT DeviceObject,

reactos/ntoskrnl/cache/section/newmm.h

@@ -251,13 +251,16 @@ NTAPI
 MiFreeSegmentPage(PMM_SECTION_SEGMENT Segment,
                   PLARGE_INTEGER FileOffset);
 
+_Success_(1)
+_When_(return==STATUS_MORE_PROCESSING_REQUIRED, _At_(Required->DoAcquisition, _Post_notnull_))
 NTSTATUS
 NTAPI
-MiCowCacheSectionPage(PMMSUPPORT AddressSpace,
+MiCowCacheSectionPage (
-                      PMEMORY_AREA MemoryArea,
+    _In_ PMMSUPPORT AddressSpace,
-                      PVOID Address,
+    _In_ PMEMORY_AREA MemoryArea,
-                      BOOLEAN Locked,
+    _In_ PVOID Address,
-                      PMM_REQUIRED_RESOURCES Required);
+    _In_ BOOLEAN Locked,
+    _Inout_ PMM_REQUIRED_RESOURCES Required);
 
 NTSTATUS
 NTAPI
@@ -344,13 +347,16 @@ NTSTATUS
 NTAPI
 MmUnmapCacheViewInSystemSpace(PVOID Address);
 
+_Success_(1)
+_When_(return==STATUS_MORE_PROCESSING_REQUIRED, _At_(Required->DoAcquisition, _Post_notnull_))
 NTSTATUS
 NTAPI
-MmNotPresentFaultCachePage(PMMSUPPORT AddressSpace,
+MmNotPresentFaultCachePage (
-                           PMEMORY_AREA MemoryArea,
+    _In_ PMMSUPPORT AddressSpace,
-                           PVOID Address,
+    _In_ MEMORY_AREA* MemoryArea,
-                           BOOLEAN Locked,
+    _In_ PVOID Address,
-                           PMM_REQUIRED_RESOURCES Required);
+    _In_ BOOLEAN Locked,
+    _Inout_ PMM_REQUIRED_RESOURCES Required);
 
 NTSTATUS
 NTAPI

reactos/ntoskrnl/cache/section/sptab.c

@@ -64,6 +64,7 @@ paging machinery.
 
 extern KSPIN_LOCK MiSectionPageTableLock;
 
+_Function_class_(RTL_GENERIC_ALLOCATE_ROUTINE)
 static
 PVOID
 NTAPI
@@ -75,6 +76,7 @@ MiSectionPageTableAllocate(PRTL_GENERIC_TABLE Table, CLONG Bytes)
     return Result;
 }
 
+_Function_class_(RTL_GENERIC_FREE_ROUTINE)
 static
 VOID
 NTAPI
@@ -84,6 +86,7 @@ MiSectionPageTableFree(PRTL_GENERIC_TABLE Table, PVOID Data)
     ExFreePoolWithTag(Data, 'MmPt');
 }
 
+_Function_class_(RTL_GENERIC_COMPARE_ROUTINE)
 static
 RTL_GENERIC_COMPARE_RESULTS
 NTAPI
@@ -341,7 +344,7 @@ MmGetSectionAssociation(PFN_NUMBER Page,
     {
         Segment = PageTable->Segment;
         Offset->QuadPart = PageTable->FileOffset.QuadPart +
-                           (RawOffset << PAGE_SHIFT);
+                           ((ULONG64)RawOffset << PAGE_SHIFT);
     }
 
     return Segment;

reactos/ntoskrnl/cc/pin.c

@@ -242,6 +242,7 @@ CcUnpinRepinnedBcb (
 {
     PINTERNAL_BCB iBcb = Bcb;
 
+    IoStatus->Status = STATUS_SUCCESS;
     if (--iBcb->RefCount == 0)
     {
         IoStatus->Information = 0;

reactos/ntoskrnl/config/cmconfig.c

@@ -67,7 +67,12 @@ CmpInitializeRegistryNode(IN PCONFIGURATION_COMPONENT_DATA CurrentEntry,
 
         /* Convert it to Unicode */
         RtlInitEmptyUnicodeString(&KeyName, Buffer, sizeof(Buffer));
-        RtlAnsiStringToUnicodeString(&KeyName, &TempString, FALSE);
+        Status = RtlAnsiStringToUnicodeString(&KeyName, &TempString, FALSE);
+        if (!NT_SUCCESS(Status))
+        {
+            NtClose(KeyHandle);
+            return Status;
+        }
 
         /* Create the key */
         ParentHandle = KeyHandle;

reactos/ntoskrnl/config/cmdelay.c

@@ -35,6 +35,7 @@ KTIMER CmpDelayDerefKCBTimer;
 
 /* FUNCTIONS *****************************************************************/
 
+_Function_class_(KDEFERRED_ROUTINE)
 VOID
 NTAPI
 CmpDelayCloseDpcRoutine(IN PKDPC Dpc,
@@ -49,6 +50,7 @@ CmpDelayCloseDpcRoutine(IN PKDPC Dpc,
     ExQueueWorkItem(&CmpDelayCloseWorkItem, DelayedWorkQueue);
 }
 
+_Function_class_(WORKER_THREAD_ROUTINE)
 VOID
 NTAPI
 CmpDelayCloseWorker(IN PVOID Context)
@@ -203,6 +205,7 @@ CmpInitializeDelayedCloseTable(VOID)
     KeInitializeTimer(&CmpDelayCloseTimer);
 }
 
+_Function_class_(KDEFERRED_ROUTINE)
 VOID
 NTAPI
 CmpDelayDerefKCBDpcRoutine(IN PKDPC Dpc,
@@ -217,6 +220,7 @@ CmpDelayDerefKCBDpcRoutine(IN PKDPC Dpc,
     ExQueueWorkItem(&CmpDelayDerefKCBWorkItem, DelayedWorkQueue);
 }
 
+_Function_class_(WORKER_THREAD_ROUTINE)
 VOID
 NTAPI
 CmpDelayDerefKCBWorker(IN PVOID Context)

reactos/ntoskrnl/config/cmhook.c

@@ -116,31 +116,31 @@ CmRegisterCallback(IN PEX_CALLBACK_FUNCTION Function,
     ASSERT(Function && Cookie);
 
     Callback = ExAllocatePoolWithTag(PagedPool,
-                                   sizeof(REGISTRY_CALLBACK),
+                                     sizeof(REGISTRY_CALLBACK),
-                                   'bcMC');
+                                     'bcMC');
-    if (Callback != NULL)
+    if (Callback == NULL)
     {
-        /* initialize the callback */
+        return STATUS_INSUFFICIENT_RESOURCES;
-        ExInitializeRundownProtection(&Callback->RundownRef);
-        Callback->Function = Function;
-        Callback->Context = Context;
-        Callback->PendingDelete = FALSE;
-
-        /* add it to the callback list and receive a cookie for the callback */
-        ExAcquireFastMutex(&CmiCallbackLock);
-
-        /* FIXME - to receive a unique cookie we'll just return the pointer to the
-           callback object */
-        Callback->Cookie.QuadPart = (ULONG_PTR)Callback;
-        InsertTailList(&CmiCallbackHead, &Callback->ListEntry);
-
-        ExReleaseFastMutex(&CmiCallbackLock);
-
-        *Cookie = Callback->Cookie;
-        return STATUS_SUCCESS;
     }
 
-    return STATUS_INSUFFICIENT_RESOURCES;
+    /* initialize the callback */
+    ExInitializeRundownProtection(&Callback->RundownRef);
+    Callback->Function = Function;
+    Callback->Context = Context;
+    Callback->PendingDelete = FALSE;
+
+    /* add it to the callback list and receive a cookie for the callback */
+    ExAcquireFastMutex(&CmiCallbackLock);
+
+    /* FIXME - to receive a unique cookie we'll just return the pointer to the
+       callback object */
+    Callback->Cookie.QuadPart = (ULONG_PTR)Callback;
+    InsertTailList(&CmiCallbackHead, &Callback->ListEntry);
+
+    ExReleaseFastMutex(&CmiCallbackLock);
+
+    *Cookie = Callback->Cookie;
+    return STATUS_SUCCESS;
 }
 
 /*

reactos/ntoskrnl/config/cmlazy.c

@@ -118,6 +118,7 @@ CmpDoFlushNextHive(IN BOOLEAN ForceFlush,
     return Result;
 }
 
+_Function_class_(KDEFERRED_ROUTINE)
 VOID
 NTAPI
 CmpEnableLazyFlushDpcRoutine(IN PKDPC Dpc,
@@ -129,6 +130,7 @@ CmpEnableLazyFlushDpcRoutine(IN PKDPC Dpc,
     CmpHoldLazyFlush = FALSE;
 }
 
+_Function_class_(KDEFERRED_ROUTINE)
 VOID
 NTAPI
 CmpLazyFlushDpcRoutine(IN PKDPC Dpc,
@@ -161,6 +163,7 @@ CmpLazyFlush(VOID)
     }
 }
 
+_Function_class_(WORKER_THREAD_ROUTINE)
 VOID
 NTAPI
 CmpLazyFlushWorker(IN PVOID Parameter)

reactos/ntoskrnl/ex/callback.c

@@ -433,7 +433,10 @@ ExCreateCallback(OUT PCALLBACK_OBJECT *CallbackObject,
     }
 
     /* Everything went fine, so return a pointer to the Object */
-    if (NT_SUCCESS(Status)) *CallbackObject = Callback;
+    if (NT_SUCCESS(Status))
+    {
+        *CallbackObject = Callback;
+    }
     return Status;
 }
 

reactos/ntoskrnl/ex/keyedevt.c

@@ -51,6 +51,7 @@ GENERIC_MAPPING ExpKeyedEventMapping =
 
 /* FUNCTIONS *****************************************************************/
 
+_IRQL_requires_max_(APC_LEVEL)
 BOOLEAN
 INIT_FUNCTION
 NTAPI
@@ -116,6 +117,7 @@ ExpInitializeKeyedEvent(
     }
 }
 
+_IRQL_requires_max_(APC_LEVEL)
 NTSTATUS
 NTAPI
 ExpReleaseOrWaitForKeyedEvent(
@@ -203,6 +205,7 @@ ExpReleaseOrWaitForKeyedEvent(
     return STATUS_SUCCESS;
 }
 
+_IRQL_requires_max_(APC_LEVEL)
 NTSTATUS
 NTAPI
 ExpWaitForKeyedEvent(
@@ -219,6 +222,7 @@ ExpWaitForKeyedEvent(
                                          FALSE);
 }
 
+_IRQL_requires_max_(APC_LEVEL)
 NTSTATUS
 NTAPI
 ExpReleaseKeyedEvent(
@@ -235,6 +239,7 @@ ExpReleaseKeyedEvent(
                                          TRUE);
 }
 
+_IRQL_requires_max_(APC_LEVEL)
 NTSTATUS
 NTAPI
 NtCreateKeyedEvent(
@@ -311,6 +316,7 @@ NtCreateKeyedEvent(
     return Status;
 }
 
+_IRQL_requires_max_(APC_LEVEL)
 NTSTATUS
 NTAPI
 NtOpenKeyedEvent(
@@ -359,6 +365,7 @@ NtOpenKeyedEvent(
     return Status;
 }
 
+_IRQL_requires_max_(APC_LEVEL)
 NTSTATUS
 NTAPI
 NtWaitForKeyedEvent(
@@ -401,6 +408,7 @@ NtWaitForKeyedEvent(
     return Status;
 }
 
+_IRQL_requires_max_(APC_LEVEL)
 NTSTATUS
 NTAPI
 NtReleaseKeyedEvent(

reactos/ntoskrnl/ex/locale.c

@@ -209,7 +209,7 @@ NtSetDefaultLocale(IN BOOLEAN UserProfile,
     HANDLE KeyHandle;
     ULONG ValueLength;
     WCHAR ValueBuffer[20];
-    HANDLE UserKey = NULL;
+    HANDLE UserKey;
     NTSTATUS Status;
     PAGED_CODE();
 
@@ -231,6 +231,7 @@ NtSetDefaultLocale(IN BOOLEAN UserProfile,
                              L"\\Registry\\Machine\\System\\CurrentControlSet"
                              L"\\Control\\Nls\\Language");
         RtlInitUnicodeString(&ValueName, L"Default");
+        UserKey = NULL;
     }
 
     /* Initailize the object attributes */
@@ -286,7 +287,10 @@ NtSetDefaultLocale(IN BOOLEAN UserProfile,
     }
 
     /* Close the user key */
-    ZwClose(UserKey);
+    if (UserKey)
+    {
+        ObCloseHandle(UserKey, KernelMode);
+    }
 
     /* Check for success */
     if (NT_SUCCESS(Status))

reactos/ntoskrnl/ex/timer.c

@@ -133,6 +133,7 @@ ExpDeleteTimer(IN PVOID ObjectBody)
     KeFlushQueuedDpcs();
 }
 
+_Function_class_(KDEFERRED_ROUTINE)
 VOID
 NTAPI
 ExpTimerDpcRoutine(IN PKDPC Dpc,
@@ -355,7 +356,8 @@ NtCancelTimer(IN HANDLE TimerHandle,
             }
             _SEH2_EXCEPT(ExSystemExceptionFilter())
             {
-
+                /* Do nothing */
+                (void)0;
             }
             _SEH2_END;
         }
@@ -445,7 +447,8 @@ NtCreateTimer(OUT PHANDLE TimerHandle,
             }
             _SEH2_EXCEPT(ExSystemExceptionFilter())
             {
-
+                /* Do nothing */
+                (void)0;
             }
             _SEH2_END;
         }
@@ -500,7 +503,8 @@ NtOpenTimer(OUT PHANDLE TimerHandle,
         }
         _SEH2_EXCEPT(ExSystemExceptionFilter())
         {
-
+            /* Do nothing */
+            (void)0;
         }
         _SEH2_END;
     }
@@ -740,7 +744,8 @@ NtSetTimer(IN HANDLE TimerHandle,
             }
             _SEH2_EXCEPT(ExSystemExceptionFilter())
             {
-
+                /* Do nothing */
+                (void)0;
             }
             _SEH2_END;
         }

reactos/ntoskrnl/include/internal/i386/ke.h

@@ -841,8 +841,8 @@ Ki386PerfEnd(VOID)
 {
     extern ULONGLONG BootCyclesEnd, BootCycles;
     BootCyclesEnd = __rdtsc();
-    DbgPrint("Boot took %I64d cycles!\n", BootCyclesEnd - BootCycles);
+    DbgPrint("Boot took %I64u cycles!\n", BootCyclesEnd - BootCycles);
-    DbgPrint("Interrupts: %d System Calls: %d Context Switches: %d\n",
+    DbgPrint("Interrupts: %u System Calls: %u Context Switches: %u\n",
              KeGetCurrentPrcb()->InterruptCount,
              KeGetCurrentPrcb()->KeSystemCalls,
              KeGetContextSwitches(KeGetCurrentPrcb()));

reactos/ntoskrnl/io/iomgr/driver.c

@@ -237,10 +237,12 @@ IopDisplayLoadingMessage(PUNICODE_STRING ServiceName)
  *    The input image path isn't freed on error.
  */
 
-NTSTATUS FASTCALL
+NTSTATUS
+FASTCALL
 IopNormalizeImagePath(
-   IN OUT PUNICODE_STRING ImagePath,
+   _Inout_ _When_(return>=0, _At_(ImagePath->Buffer, _Post_notnull_ __drv_allocatesMem(Mem)))
-   IN PUNICODE_STRING ServiceName)
+        PUNICODE_STRING ImagePath,
+   _In_ PUNICODE_STRING ServiceName)
 {
    UNICODE_STRING InputImagePath;