From 5e45b1eb7af3cc87ea3f24a1df83ab12ebb9e2a3 Mon Sep 17 00:00:00 2001 From: Timo Kreuzer Date: Fri, 18 Feb 2011 15:08:50 +0000 Subject: [PATCH] [WIN32K] Fix a bug in GDIOBJ_LockObj, that would cause a deadlock, when an object was deleted while another thread was waiting to acquire the handle lock. svn path=/trunk/; revision=50804 --- .../subsystems/win32/win32k/objects/gdiobj.c | 21 ++++++++++--------- 1 file changed, 11 insertions(+), 10 deletions(-) diff --git a/reactos/subsystems/win32/win32k/objects/gdiobj.c b/reactos/subsystems/win32/win32k/objects/gdiobj.c index deb62e6ea10..7d2f7414809 100644 --- a/reactos/subsystems/win32/win32k/objects/gdiobj.c +++ b/reactos/subsystems/win32/win32k/objects/gdiobj.c @@ -1005,16 +1005,6 @@ GDIOBJ_LockObj(HGDIOBJ hObj, DWORD ExpectedType) } ProcessId = (HANDLE)((ULONG_PTR)PsGetCurrentProcessId() & ~1); - HandleProcessId = (HANDLE)((ULONG_PTR)Entry->ProcessId & ~1); - - /* Check for invalid owner. */ - if (ProcessId != HandleProcessId && HandleProcessId != NULL) - { - DPRINT1("Tried to lock object (0x%p) of wrong owner! ProcessId = %p, HandleProcessId = %p\n", hObj, ProcessId, HandleProcessId); - GDIDBG_TRACECALLER(); - GDIDBG_TRACEALLOCATOR(hObj); - return NULL; - } /* * Prevent the thread from being terminated during the locking process. @@ -1031,6 +1021,17 @@ GDIOBJ_LockObj(HGDIOBJ hObj, DWORD ExpectedType) for (;;) { + HandleProcessId = (HANDLE)((ULONG_PTR)Entry->ProcessId & ~1); + + /* Check for invalid owner. */ + if (ProcessId != HandleProcessId && HandleProcessId != NULL) + { + DPRINT1("Tried to lock object (0x%p) of wrong owner! ProcessId = %p, HandleProcessId = %p\n", hObj, ProcessId, HandleProcessId); + GDIDBG_TRACECALLER(); + GDIDBG_TRACEALLOCATOR(hObj); + break; + } + /* Lock the handle table entry. */ LockedProcessId = (HANDLE)((ULONG_PTR)HandleProcessId | 0x1); PrevProcId = InterlockedCompareExchangePointer((PVOID*)&Entry->ProcessId,