[NTOS]: Fix multiple math/logic bugs in the PrototypePTE paths. Caught while trying to switch the Win32k GDI Handle Table to ARM3 sections.

svn path=/trunk/; revision=49209
2025-06-04 17:00:31 +00:00 · 2010-10-19 18:57:30 +00:00 · 2010-10-19 18:57:30 +00:00 · 6f48b81057
commit 6f48b81057
parent ef6bc56d6f
2 changed files with 20 additions and 20 deletions
--- a/reactos/ntoskrnl/mm/ARM3/miarm.h
+++ b/reactos/ntoskrnl/mm/ARM3/miarm.h
@ -241,7 +241,7 @@ extern const ULONG MmProtectToValue[32];
 //
 #define MiProtoPteToPte(x)                  \
    (PMMPTE)((ULONG_PTR)MmPagedPoolStart +  \
-             ((x)->u.Proto.ProtoAddressHigh | (x)->u.Proto.ProtoAddressLow))
+             (((x)->u.Proto.ProtoAddressHigh << 7) | (x)->u.Proto.ProtoAddressLow))
 #endif

 //
@ -624,10 +624,11 @@ MI_MAKE_PROTOTYPE_PTE(IN PMMPTE NewPte,
     * lets us only use 28 bits for the adress of the PTE
     */
    Offset = (ULONG_PTR)PointerPte - (ULONG_PTR)MmPagedPoolStart;
-    
+
    /* 7 bits go in the "low", and the other 21 bits go in the "high" */
    NewPte->u.Proto.ProtoAddressLow = Offset & 0x7F;
-    NewPte->u.Proto.ProtoAddressHigh = Offset & 0xFFFFF80;
+    NewPte->u.Proto.ProtoAddressHigh = (Offset & 0xFFFFFF80) >> 7;
+    ASSERT(MiProtoPteToPte(NewPte) == PointerPte);
 }
 #endif

--- a/reactos/ntoskrnl/mm/ARM3/pagfault.c
+++ b/reactos/ntoskrnl/mm/ARM3/pagfault.c
@ -805,21 +805,23 @@ MmArmAccessFault(IN BOOLEAN StoreInstruction,
            /* Get the prototype PTE! */
            ProtoPte = MiProtoPteToPte(&TempPte);
        }
+        else
+        {        
+            //
+            // We don't implement transition PTEs
+            //
+            ASSERT(TempPte.u.Soft.Transition == 0);
        
-        //
-        // We don't implement transition PTEs
-        //
-        ASSERT(TempPte.u.Soft.Transition == 0);
-        
-        /* Check for no-access PTE */
-        if (TempPte.u.Soft.Protection == MM_NOACCESS)
-        {
-            /* Bad boy, bad boy, whatcha gonna do, whatcha gonna do when ARM3 comes for you! */
-            KeBugCheckEx(PAGE_FAULT_IN_NONPAGED_AREA,
-                         (ULONG_PTR)Address,
-                         StoreInstruction,
-                         (ULONG_PTR)TrapInformation,
-                         1);
+            /* Check for no-access PTE */
+            if (TempPte.u.Soft.Protection == MM_NOACCESS)
+            {
+                /* Bad boy, bad boy, whatcha gonna do, whatcha gonna do when ARM3 comes for you! */
+                KeBugCheckEx(PAGE_FAULT_IN_NONPAGED_AREA,
+                             (ULONG_PTR)Address,
+                             StoreInstruction,
+                             (ULONG_PTR)TrapInformation,
+                             1);
+            }
        }
        
        /* Check for demand page */
@ -874,8 +876,6 @@ MmArmAccessFault(IN BOOLEAN StoreInstruction,
 #endif

    /* First things first, is the PDE valid? */
-//    DPRINT1("The PDE we faulted on: %lx %lx\n", PointerPde, MiAddressToPde(PTE_BASE));
-    //ASSERT(PointerPde != MiAddressToPde(PTE_BASE));
    ASSERT(PointerPde->u.Hard.LargePage == 0);
    if (PointerPde->u.Hard.Valid == 0)
    {
@ -918,7 +918,6 @@ MmArmAccessFault(IN BOOLEAN StoreInstruction,
    if (TempPte.u.Long == (MM_READWRITE << MM_PTE_SOFTWARE_PROTECTION_BITS))
    {
        /* Resolve the fault */
-        //DPRINT1("VAD demand-zero fault: %p\n", Address);
        MiResolveDemandZeroFault(Address,
                                 PointerPte,
                                 CurrentProcess,