Intravision/reactos
1
0
Fork 0
mirror of https://github.com/reactos/reactos.git synced 2024-07-08 13:45:06 +00:00
Code Issues Packages Projects Releases Wiki Activity

Big ntuser fix:

Browse source 
- rename ObmXxx functions to UserXxx functions
- remove some macros
- move prototypes to object.h
- implement UserreferenceObjectByHandle creating a reference to the object, used for cursoricon stuff so far
- rewrite object manager functions to reasonably handle references
- dereference cursoricons correctly, so they will really get deleted -> fixes a cursoricon leak
- destroy submenus in NtUserDestroyMenu -> fixes a big menu leak
- free the buffer of the menu text -> fixes a mem leak
- delete old bitmaps in NtUserSetCursorContent -> fixes a bitmap leak
- delete monitor object on failure
Now taskmgr doesn't leak memory anymore. we still leak some user handles here and there even after terminating a process, but it's much better now.

svn path=/trunk/; revision=32336
This commit is contained in:
Timo Kreuzer 2008-02-13 00:46:23 +00:00
parent 8e61015f65
commit a8c044b6cb
18 changed files with 208 additions and 173 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
reactos/subsystems/win32/win32k/include/cursoricon.h
View file

@ -81,7 +81,7 @@ PCURICON_OBJECT FASTCALL UserGetCurIconObject(HCURSOR hCurIcon);
(PSYSTEM_CURSORINFO)((WinStaObj)->SystemCursor) (PSYSTEM_CURSORINFO)((WinStaObj)->SystemCursor)
#define IntReleaseCurIconObject(CurIconObj) \ #define IntReleaseCurIconObject(CurIconObj) \
ObmDereferenceObject(CurIconObj) UserDereferenceObject(CurIconObj)
#endif /* _WIN32K_CURSORICON_H */ #endif /* _WIN32K_CURSORICON_H */

2
reactos/subsystems/win32/win32k/include/menu.h
View file

@ -47,7 +47,7 @@ PMENU_OBJECT FASTCALL
IntGetMenuObject(HMENU hMenu); IntGetMenuObject(HMENU hMenu);
#define IntReleaseMenuObject(MenuObj) \ #define IntReleaseMenuObject(MenuObj) \
ObmDereferenceObject(MenuObj) UserDereferenceObject(MenuObj)
BOOL FASTCALL BOOL FASTCALL
IntFreeMenuItem(PMENU_OBJECT MenuObject, PMENU_ITEM MenuItem, IntFreeMenuItem(PMENU_OBJECT MenuObject, PMENU_ITEM MenuItem,

22
reactos/subsystems/win32/win32k/include/object.h
View file

@ -102,8 +102,20 @@ UserAssertLastRef(PVOID obj, const char *file, int line)
#undef USER_ASSERT #undef USER_ASSERT
VOID FASTCALL ObmReferenceObject(PVOID obj); extern PUSER_HANDLE_TABLE gHandleTable;
BOOL FASTCALL ObmDereferenceObject2(PVOID obj); VOID FASTCALL UserReferenceObject(PVOID obj);
PVOID FASTCALL UserReferenceObjectByHandle(HANDLE handle, USER_OBJECT_TYPE type);
BOOL FASTCALL UserDereferenceObject(PVOID obj);
PVOID FASTCALL UserCreateObject(PUSER_HANDLE_TABLE ht, HANDLE* h,USER_OBJECT_TYPE type , ULONG size);
BOOL FASTCALL UserDeleteObject(HANDLE h, USER_OBJECT_TYPE type );
PVOID UserGetObject(PUSER_HANDLE_TABLE ht, HANDLE handle, USER_OBJECT_TYPE type );
HANDLE UserAllocHandle(PUSER_HANDLE_TABLE ht, PVOID object, USER_OBJECT_TYPE type );
BOOL UserFreeHandle(PUSER_HANDLE_TABLE ht, HANDLE handle );
PVOID UserGetNextHandle(PUSER_HANDLE_TABLE ht, HANDLE* handle, USER_OBJECT_TYPE type );
PUSER_HANDLE_ENTRY handle_to_entry(PUSER_HANDLE_TABLE ht, HANDLE handle );
BOOL FASTCALL UserCreateHandleTable();
VOID UserInitHandleTable(PUSER_HANDLE_TABLE ht, PVOID mem, ULONG bytes);
static __inline VOID static __inline VOID
UserRefObjectCo(PVOID obj, PUSER_REFERENCE_ENTRY UserReferenceEntry) UserRefObjectCo(PVOID obj, PUSER_REFERENCE_ENTRY UserReferenceEntry)
@ -114,7 +126,7 @@ UserRefObjectCo(PVOID obj, PUSER_REFERENCE_ENTRY UserReferenceEntry)
ASSERT(W32Thread != NULL); ASSERT(W32Thread != NULL);
ASSERT(UserReferenceEntry != NULL); ASSERT(UserReferenceEntry != NULL);
UserReferenceEntry->obj = obj; UserReferenceEntry->obj = obj;
ObmReferenceObject(obj); UserReferenceObject(obj);
PushEntryList(&W32Thread->ReferencesList, &UserReferenceEntry->Entry); PushEntryList(&W32Thread->ReferencesList, &UserReferenceEntry->Entry);
} }
@ -134,10 +146,10 @@ UserDerefObjectCo(PVOID obj)
ASSERT(UserReferenceEntry != NULL); ASSERT(UserReferenceEntry != NULL);
ASSERT(obj == UserReferenceEntry->obj); ASSERT(obj == UserReferenceEntry->obj);
ObmDereferenceObject2(obj); UserDereferenceObject(obj);
} }
HANDLE FASTCALL ObmObjectToHandle(PVOID obj); HANDLE FASTCALL UserObjectToHandle(PVOID obj);
VOID FASTCALL CreateStockObjects (VOID); VOID FASTCALL CreateStockObjects (VOID);
VOID FASTCALL CreateSysColorObjects (VOID); VOID FASTCALL CreateSysColorObjects (VOID);

42
reactos/subsystems/win32/win32k/include/userfuncs.h
View file

@ -7,22 +7,6 @@
PMENU_OBJECT FASTCALL UserGetMenuObject(HMENU hMenu); PMENU_OBJECT FASTCALL UserGetMenuObject(HMENU hMenu);
#if 0
#define ObmDereferenceObject(_obj_) \
{ \
DPRINT1("obj 0x%x dereffed to %i refs\n",_obj_, USER_BODY_TO_HEADER(_obj_)->RefCount-1); \
ObmDereferenceObject2(_obj_); \
}
#endif
#define ObmDereferenceObject(_obj_) ObmDereferenceObject2(_obj_)
#define ASSERT_REFS_CO(_obj_) \ #define ASSERT_REFS_CO(_obj_) \
{ \ { \
LONG ref = USER_BODY_TO_HEADER(_obj_)->RefCount;\ LONG ref = USER_BODY_TO_HEADER(_obj_)->RefCount;\
@ -56,33 +40,7 @@ PMENU_OBJECT FASTCALL UserGetMenuObject(HMENU hMenu);
#define DUMP_REFS(obj) DPRINT1("obj 0x%x, refs %i\n",obj, USER_BODY_TO_HEADER(obj)->RefCount) #define DUMP_REFS(obj) DPRINT1("obj 0x%x, refs %i\n",obj, USER_BODY_TO_HEADER(obj)->RefCount)
VOID FASTCALL ObmReferenceObject(PVOID obj);
BOOL FASTCALL ObmDereferenceObject2(PVOID obj);
PWINDOW_OBJECT FASTCALL IntGetWindowObject(HWND hWnd); PWINDOW_OBJECT FASTCALL IntGetWindowObject(HWND hWnd);
PVOID FASTCALL
ObmCreateObject(PUSER_HANDLE_TABLE ht, HANDLE* h,USER_OBJECT_TYPE type , ULONG size);
BOOL FASTCALL
ObmDeleteObject(HANDLE h, USER_OBJECT_TYPE type );
#define UserRefObject(o) ObmReferenceObject(o)
#define UserDerefObject(o) ObmDereferenceObject(o)
BOOL FASTCALL ObmCreateHandleTable();
/******************** HANDLE.C ***************/
extern PUSER_HANDLE_TABLE gHandleTable;
PUSER_HANDLE_ENTRY handle_to_entry(PUSER_HANDLE_TABLE ht, HANDLE handle );
VOID UserInitHandleTable(PUSER_HANDLE_TABLE ht, PVOID mem, ULONG bytes);
HANDLE UserAllocHandle(PUSER_HANDLE_TABLE ht, PVOID object, USER_OBJECT_TYPE type );
PVOID UserGetObject(PUSER_HANDLE_TABLE ht, HANDLE handle, USER_OBJECT_TYPE type );
PVOID UserFreeHandle(PUSER_HANDLE_TABLE ht, HANDLE handle );
PVOID UserGetNextHandle(PUSER_HANDLE_TABLE ht, HANDLE* handle, USER_OBJECT_TYPE type );
/*************** WINSTA.C ***************/ /*************** WINSTA.C ***************/

2
reactos/subsystems/win32/win32k/main/dllmain.c
View file

@ -289,7 +289,7 @@ Win32kThreadCallback(struct _ETHREAD *Thread,
{ {
PUSER_REFERENCE_ENTRY ref = CONTAINING_RECORD(e, USER_REFERENCE_ENTRY, Entry); PUSER_REFERENCE_ENTRY ref = CONTAINING_RECORD(e, USER_REFERENCE_ENTRY, Entry);
DPRINT("thread clean: remove reference obj 0x%x\n",ref->obj); DPRINT("thread clean: remove reference obj 0x%x\n",ref->obj);
ObmDereferenceObject(ref->obj); UserDereferenceObject(ref->obj);
e = PopEntryList(&Win32Thread->ReferencesList); e = PopEntryList(&Win32Thread->ReferencesList);
} }

13
reactos/subsystems/win32/win32k/ntuser/accelerator.c
View file

@ -348,7 +348,7 @@ NtUserCreateAcceleratorTable(
RETURN( (HACCEL) 0 ); RETURN( (HACCEL) 0 );
} }
Accel = ObmCreateObject(gHandleTable, (PHANDLE)&hAccel, otAccel, sizeof(ACCELERATOR_TABLE)); Accel = UserCreateObject(gHandleTable, (PHANDLE)&hAccel, otAccel, sizeof(ACCELERATOR_TABLE));
if (Accel == NULL) if (Accel == NULL)
{ {
@ -362,7 +362,8 @@ NtUserCreateAcceleratorTable(
Accel->Table = ExAllocatePoolWithTag(PagedPool, EntriesCount * sizeof(ACCEL), TAG_ACCEL); Accel->Table = ExAllocatePoolWithTag(PagedPool, EntriesCount * sizeof(ACCEL), TAG_ACCEL);
if (Accel->Table == NULL) if (Accel->Table == NULL)
{ {
ObmDeleteObject(hAccel, otAccel); UserDereferenceObject(Accel);
UserDeleteObject(hAccel, otAccel);
SetLastNtError(STATUS_NO_MEMORY); SetLastNtError(STATUS_NO_MEMORY);
RETURN( (HACCEL) 0); RETURN( (HACCEL) 0);
} }
@ -371,7 +372,8 @@ NtUserCreateAcceleratorTable(
if (!NT_SUCCESS(Status)) if (!NT_SUCCESS(Status))
{ {
ExFreePool(Accel->Table); ExFreePool(Accel->Table);
ObmDeleteObject(hAccel, otAccel); UserDereferenceObject(Accel);
UserDeleteObject(hAccel, otAccel);
SetLastNtError(Status); SetLastNtError(Status);
RETURN((HACCEL) 0); RETURN((HACCEL) 0);
} }
@ -411,13 +413,14 @@ NtUserDestroyAcceleratorTable(
RETURN( FALSE); RETURN( FALSE);
} }
ObmDeleteObject(hAccel, otAccel);
if (Accel->Table != NULL) if (Accel->Table != NULL)
{ {
ExFreePool(Accel->Table); ExFreePool(Accel->Table);
Accel->Table = NULL;
} }
UserDeleteObject(hAccel, otAccel);
RETURN( TRUE); RETURN( TRUE);
CLEANUP: CLEANUP:

10
reactos/subsystems/win32/win32k/ntuser/callproc.c
View file

@ -39,7 +39,7 @@ WNDPROC
GetCallProcHandle(IN PCALLPROC CallProc) GetCallProcHandle(IN PCALLPROC CallProc)
{ {
/* FIXME - check for 64 bit architectures... */ /* FIXME - check for 64 bit architectures... */
return (WNDPROC)((ULONG_PTR)ObmObjectToHandle(CallProc) | 0xFFFF0000); return (WNDPROC)((ULONG_PTR)UserObjectToHandle(CallProc) | 0xFFFF0000);
} }
VOID VOID
@ -47,9 +47,9 @@ DestroyCallProc(IN PDESKTOP Desktop,
IN OUT PCALLPROC CallProc) IN OUT PCALLPROC CallProc)
{ {
/* FIXME - use new object manager! */ /* FIXME - use new object manager! */
HANDLE Handle = ObmObjectToHandle(CallProc); HANDLE Handle = UserObjectToHandle(CallProc);
ObmDeleteObject(Handle, UserDeleteObject(Handle,
otCallProc); otCallProc);
} }
@ -61,7 +61,7 @@ CloneCallProc(IN PDESKTOP Desktop,
HANDLE Handle; HANDLE Handle;
/* FIXME - use new object manager! */ /* FIXME - use new object manager! */
NewCallProc = (PCALLPROC)ObmCreateObject(gHandleTable, NewCallProc = (PCALLPROC)UserCreateObject(gHandleTable,
&Handle, &Handle,
otCallProc, otCallProc,
sizeof(CALLPROC)); sizeof(CALLPROC));
@ -87,7 +87,7 @@ CreateCallProc(IN PDESKTOP Desktop,
HANDLE Handle; HANDLE Handle;
/* FIXME - use new object manager! */ /* FIXME - use new object manager! */
NewCallProc = (PCALLPROC)ObmCreateObject(gHandleTable, NewCallProc = (PCALLPROC)UserCreateObject(gHandleTable,
&Handle, &Handle,
otCallProc, otCallProc,
sizeof(CALLPROC)); sizeof(CALLPROC));

79
reactos/subsystems/win32/win32k/ntuser/cursoricon.c
View file

@ -71,7 +71,7 @@ IntGetCursorLocation(PWINSTATION_OBJECT WinSta, POINT *loc)
return TRUE; return TRUE;
} }
/* This function creates a reference for the object! */
PCURICON_OBJECT FASTCALL UserGetCurIconObject(HCURSOR hCurIcon) PCURICON_OBJECT FASTCALL UserGetCurIconObject(HCURSOR hCurIcon)
{ {
PCURICON_OBJECT CurIcon; PCURICON_OBJECT CurIcon;
@ -82,7 +82,7 @@ PCURICON_OBJECT FASTCALL UserGetCurIconObject(HCURSOR hCurIcon)
return NULL; return NULL;
} }
CurIcon = (PCURICON_OBJECT)UserGetObject(gHandleTable, hCurIcon, otCursorIcon); CurIcon = (PCURICON_OBJECT)UserReferenceObjectByHandle(hCurIcon, otCursorIcon);
if (!CurIcon) if (!CurIcon)
{ {
/* we never set ERROR_INVALID_ICON_HANDLE. lets hope noone ever checks for it */ /* we never set ERROR_INVALID_ICON_HANDLE. lets hope noone ever checks for it */
@ -90,7 +90,7 @@ PCURICON_OBJECT FASTCALL UserGetCurIconObject(HCURSOR hCurIcon)
return NULL; return NULL;
} }
ASSERT(USER_BODY_TO_HEADER(CurIcon)->RefCount >= 0); ASSERT(USER_BODY_TO_HEADER(CurIcon)->RefCount >= 1);
return CurIcon; return CurIcon;
} }
@ -151,10 +151,14 @@ IntSetCursor(PWINSTATION_OBJECT WinSta, PCURICON_OBJECT NewCursor,
if (!NewCursor && (CurInfo->CurrentCursorObject || ForceChange)) if (!NewCursor && (CurInfo->CurrentCursorObject || ForceChange))
{ {
if (NULL != CurInfo->CurrentCursorObject && CurInfo->ShowingCursor) if (NULL != CurInfo->CurrentCursorObject)
{ {
/* Remove the cursor if it was displayed */ UserDereferenceObject(CurInfo->CurrentCursorObject);
IntEngMovePointer(SurfObj, -1, -1, &GDIDEV(SurfObj)->Pointer.Exclude); if (CurInfo->ShowingCursor)
{
/* Remove the cursor if it was displayed */
IntEngMovePointer(SurfObj, -1, -1, &GDIDEV(SurfObj)->Pointer.Exclude);
}
} }
GDIDEV(SurfObj)->Pointer.Status = SPS_ACCEPT_NOEXCLUDE; GDIDEV(SurfObj)->Pointer.Status = SPS_ACCEPT_NOEXCLUDE;
@ -239,6 +243,7 @@ IntSetCursor(PWINSTATION_OBJECT WinSta, PCURICON_OBJECT NewCursor,
} }
CurInfo->ShowingCursor = CURSOR_SHOWING; CurInfo->ShowingCursor = CURSOR_SHOWING;
CurInfo->CurrentCursorObject = NewCursor; CurInfo->CurrentCursorObject = NewCursor;
UserReferenceObject(NewCursor);
} }
else else
{ {
@ -365,14 +370,14 @@ IntFindExistingCurIconObject(PWINSTATION_OBJECT WinSta, HMODULE hModule,
LIST_FOR_EACH(CurIcon, &gCurIconList, CURICON_OBJECT, ListEntry) LIST_FOR_EACH(CurIcon, &gCurIconList, CURICON_OBJECT, ListEntry)
{ {
// if(NT_SUCCESS(ObmReferenceObjectByPointer(Object, otCursorIcon))) //<- huh???? // if(NT_SUCCESS(UserReferenceObjectByPointer(Object, otCursorIcon))) //<- huh????
// ObmReferenceObject( CurIcon); // UserReferenceObject( CurIcon);
// { // {
if((CurIcon->hModule == hModule) && (CurIcon->hRsrc == hRsrc)) if((CurIcon->hModule == hModule) && (CurIcon->hRsrc == hRsrc))
{ {
if(cx && ((cx != CurIcon->Size.cx) || (cy != CurIcon->Size.cy))) if(cx && ((cx != CurIcon->Size.cx) || (cy != CurIcon->Size.cy)))
{ {
// ObmDereferenceObject(CurIcon); // UserDereferenceObject(CurIcon);
continue; continue;
} }
if (! ReferenceCurIconByProcess(CurIcon)) if (! ReferenceCurIconByProcess(CurIcon))
@ -383,7 +388,7 @@ IntFindExistingCurIconObject(PWINSTATION_OBJECT WinSta, HMODULE hModule,
return CurIcon; return CurIcon;
} }
// } // }
// ObmDereferenceObject(CurIcon); // UserDereferenceObject(CurIcon);
} }
@ -396,7 +401,7 @@ IntCreateCurIconHandle(PWINSTATION_OBJECT WinSta)
PCURICON_OBJECT CurIcon; PCURICON_OBJECT CurIcon;
HANDLE hCurIcon; HANDLE hCurIcon;
CurIcon = ObmCreateObject(gHandleTable, &hCurIcon, otCursorIcon, sizeof(CURICON_OBJECT)); CurIcon = UserCreateObject(gHandleTable, &hCurIcon, otCursorIcon, sizeof(CURICON_OBJECT));
if(!CurIcon) if(!CurIcon)
{ {
@ -410,15 +415,13 @@ IntCreateCurIconHandle(PWINSTATION_OBJECT WinSta)
if (! ReferenceCurIconByProcess(CurIcon)) if (! ReferenceCurIconByProcess(CurIcon))
{ {
DPRINT1("Failed to add process\n"); DPRINT1("Failed to add process\n");
ObmDeleteObject(hCurIcon, otCursorIcon); UserDeleteObject(hCurIcon, otCursorIcon);
ObmDereferenceObject(CurIcon); UserDereferenceObject(CurIcon);
return NULL; return NULL;
} }
InsertHeadList(&gCurIconList, &CurIcon->ListEntry); InsertHeadList(&gCurIconList, &CurIcon->ListEntry);
ObmDereferenceObject(CurIcon);
return CurIcon; return CurIcon;
} }
@ -484,20 +487,24 @@ IntDestroyCurIconObject(PWINSTATION_OBJECT WinSta, PCURICON_OBJECT CurIcon, BOOL
bmpMask = CurIcon->IconInfo.hbmMask; bmpMask = CurIcon->IconInfo.hbmMask;
bmpColor = CurIcon->IconInfo.hbmColor; bmpColor = CurIcon->IconInfo.hbmColor;
Ret = ObmDeleteObject(CurIcon->Self, otCursorIcon);
/* delete bitmaps */ /* delete bitmaps */
if(bmpMask) if(bmpMask)
{ {
GDIOBJ_SetOwnership(GdiHandleTable, bmpMask, PsGetCurrentProcess()); GDIOBJ_SetOwnership(GdiHandleTable, bmpMask, PsGetCurrentProcess());
NtGdiDeleteObject(bmpMask); NtGdiDeleteObject(bmpMask);
CurIcon->IconInfo.hbmMask = NULL;
} }
if(bmpColor) if(bmpColor)
{ {
GDIOBJ_SetOwnership(GdiHandleTable, bmpColor, PsGetCurrentProcess()); GDIOBJ_SetOwnership(GdiHandleTable, bmpColor, PsGetCurrentProcess());
NtGdiDeleteObject(bmpColor); NtGdiDeleteObject(bmpColor);
CurIcon->IconInfo.hbmColor = NULL;
} }
/* We were given a pointer, no need to keep the reference anylonger! */
UserDereferenceObject(CurIcon);
Ret = UserDeleteObject(CurIcon->Self, otCursorIcon);
return Ret; return Ret;
} }
@ -516,8 +523,8 @@ IntCleanupCurIcons(struct _EPROCESS *Process, PW32PROCESS Win32Process)
LIST_FOR_EACH_SAFE(CurIcon, tmp, &gCurIconList, CURICON_OBJECT, ListEntry) LIST_FOR_EACH_SAFE(CurIcon, tmp, &gCurIconList, CURICON_OBJECT, ListEntry)
{ {
// ObmReferenceObject(CurIcon); // UserReferenceObject(CurIcon);
// if(NT_SUCCESS(ObmReferenceObjectByPointer(Object, otCursorIcon))) // if(NT_SUCCESS(UserReferenceObjectByPointer(Object, otCursorIcon)))
{ {
LIST_FOR_EACH(ProcessData, &CurIcon->ProcessList, CURICON_PROCESS, ListEntry) LIST_FOR_EACH(ProcessData, &CurIcon->ProcessList, CURICON_PROCESS, ListEntry)
{ {
@ -529,7 +536,7 @@ IntCleanupCurIcons(struct _EPROCESS *Process, PW32PROCESS Win32Process)
} }
} }
// ObmDereferenceObject(Object); // UserDereferenceObject(Object);
} }
@ -607,6 +614,7 @@ NtUserCreateCursorIconHandle(PICONINFO IconInfo OPTIONAL, BOOL Indirect)
} }
} }
UserDereferenceObject(CurIcon);
ObDereferenceObject(WinSta); ObDereferenceObject(WinSta);
RETURN( Ret); RETURN( Ret);
@ -698,6 +706,7 @@ NtUserGetIconInfo(
else else
SetLastNtError(Status); SetLastNtError(Status);
UserDereferenceObject(CurIcon);
ObDereferenceObject(WinSta); ObDereferenceObject(WinSta);
RETURN( Ret); RETURN( Ret);
@ -749,6 +758,8 @@ NtUserGetIconSize(
else else
SetLastNtError(Status); // maybe not, test this SetLastNtError(Status); // maybe not, test this
UserDereferenceObject(CurIcon);
cleanup: cleanup:
DPRINT("Leave NtUserGetIconSize, ret=%i\n", bRet); DPRINT("Leave NtUserGetIconSize, ret=%i\n", bRet);
UserLeave(); UserLeave();
@ -950,6 +961,7 @@ NtUserDestroyCursor(
} }
ret = IntDestroyCurIconObject(WinSta, CurIcon, FALSE); ret = IntDestroyCurIconObject(WinSta, CurIcon, FALSE);
/* Note: IntDestroyCurIconObject will remove our reference for us! */
ObDereferenceObject(WinSta); ObDereferenceObject(WinSta);
RETURN(ret); RETURN(ret);
@ -1099,6 +1111,7 @@ NtUserSetCursor(
OldCursor = IntSetCursor(WinSta, CurIcon, FALSE); OldCursor = IntSetCursor(WinSta, CurIcon, FALSE);
UserDereferenceObject(CurIcon);
ObDereferenceObject(WinSta); ObDereferenceObject(WinSta);
RETURN(OldCursor); RETURN(OldCursor);
@ -1117,9 +1130,10 @@ BOOL
STDCALL STDCALL
NtUserSetCursorContents( NtUserSetCursorContents(
HANDLE hCurIcon, HANDLE hCurIcon,
PICONINFO IconInfo) PICONINFO UnsafeIconInfo)
{ {
PCURICON_OBJECT CurIcon; PCURICON_OBJECT CurIcon;
ICONINFO IconInfo;
PBITMAPOBJ bmp; PBITMAPOBJ bmp;
PWINSTATION_OBJECT WinSta; PWINSTATION_OBJECT WinSta;
NTSTATUS Status; NTSTATUS Status;
@ -1142,13 +1156,26 @@ NtUserSetCursorContents(
} }
/* Copy fields */ /* Copy fields */
Status = MmCopyFromCaller(&CurIcon->IconInfo, IconInfo, sizeof(ICONINFO)); Status = MmCopyFromCaller(&IconInfo, UnsafeIconInfo, sizeof(ICONINFO));
if(!NT_SUCCESS(Status)) if(!NT_SUCCESS(Status))
{ {
SetLastNtError(Status); SetLastNtError(Status);
goto done; goto done;
} }
/* Delete old bitmaps */
if (CurIcon->IconInfo.hbmColor != IconInfo.hbmColor)
{
NtGdiDeleteObject(CurIcon->IconInfo.hbmColor);
}
if (CurIcon->IconInfo.hbmMask != IconInfo.hbmMask)
{
NtGdiDeleteObject(CurIcon->IconInfo.hbmMask);
}
/* Copy new IconInfo field */
CurIcon->IconInfo = IconInfo;
bmp = BITMAPOBJ_LockBitmap(CurIcon->IconInfo.hbmColor); bmp = BITMAPOBJ_LockBitmap(CurIcon->IconInfo.hbmColor);
if(bmp) if(bmp)
{ {
@ -1174,6 +1201,10 @@ NtUserSetCursorContents(
done: done:
if (CurIcon)
{
UserDereferenceObject(CurIcon);
}
ObDereferenceObject(WinSta); ObDereferenceObject(WinSta);
RETURN( Ret); RETURN( Ret);
@ -1265,6 +1296,7 @@ NtUserSetCursorIconData(
else else
Ret = TRUE; Ret = TRUE;
UserDereferenceObject(CurIcon);
ObDereferenceObject(WinSta); ObDereferenceObject(WinSta);
RETURN( Ret); RETURN( Ret);
@ -1346,6 +1378,7 @@ NtUserSetCursorIconData(
} }
done: done:
UserDereferenceObject(CurIcon);
ObDereferenceObject(WinSta); ObDereferenceObject(WinSta);
RETURN( Ret); RETURN( Ret);
@ -1764,6 +1797,8 @@ NtUserDrawIconEx(
hbrFlickerFreeDraw, hbrFlickerFreeDraw,
diFlags); diFlags);
UserDereferenceObject(pIcon);
UserLeave(); UserLeave();
return Ret; return Ret;
} }

22
reactos/subsystems/win32/win32k/ntuser/hook.c
View file

@ -112,7 +112,7 @@ IntAddHook(PETHREAD Thread, int HookId, BOOLEAN Global, PWINSTATION_OBJECT WinSt
} }
} }
Hook = ObmCreateObject(gHandleTable, &Handle, otHook, sizeof(HOOK)); Hook = UserCreateObject(gHandleTable, &Handle, otHook, sizeof(HOOK));
if (NULL == Hook) if (NULL == Hook)
{ {
return NULL; return NULL;
@ -215,7 +215,7 @@ IntFreeHook(PHOOKTABLE Table, PHOOK Hook, PWINSTATION_OBJECT WinStaObj)
} }
/* Close handle */ /* Close handle */
ObmDeleteObject(Hook->Self, otHook); UserDeleteObject(Hook->Self, otHook);
} }
/* remove a hook, freeing it if the chain is not in use */ /* remove a hook, freeing it if the chain is not in use */
@ -441,7 +441,7 @@ NtUserCallNextHookEx(
RETURN( FALSE); RETURN( FALSE);
} }
//Status = ObmReferenceObjectByHandle(gHandleTable, Hook, //Status = UserReferenceObjectByHandle(gHandleTable, Hook,
// otHookProc, (PVOID *) &HookObj); // otHookProc, (PVOID *) &HookObj);
ObDereferenceObject(WinStaObj); ObDereferenceObject(WinStaObj);
@ -462,13 +462,13 @@ NtUserCallNextHookEx(
if (NULL != HookObj->Thread && (HookObj->Thread != PsGetCurrentThread())) if (NULL != HookObj->Thread && (HookObj->Thread != PsGetCurrentThread()))
{ {
DPRINT1("Thread mismatch\n"); DPRINT1("Thread mismatch\n");
ObmDereferenceObject(HookObj); UserDereferenceObject(HookObj);
SetLastWin32Error(ERROR_INVALID_HANDLE); SetLastWin32Error(ERROR_INVALID_HANDLE);
RETURN( 0); RETURN( 0);
} }
NextObj = IntGetNextHook(HookObj); NextObj = IntGetNextHook(HookObj);
ObmDereferenceObject(HookObj); UserDereferenceObject(HookObj);
if (NULL != NextObj) if (NULL != NextObj)
{ {
DPRINT1("Calling next hook not implemented\n"); DPRINT1("Calling next hook not implemented\n");
@ -637,7 +637,7 @@ NtUserSetWindowsHookEx(
Status = MmCopyFromCaller(&ModuleName, UnsafeModuleName, sizeof(UNICODE_STRING)); Status = MmCopyFromCaller(&ModuleName, UnsafeModuleName, sizeof(UNICODE_STRING));
if (! NT_SUCCESS(Status)) if (! NT_SUCCESS(Status))
{ {
ObmDereferenceObject(Hook); UserDereferenceObject(Hook);
IntRemoveHook(Hook, WinStaObj, FALSE); IntRemoveHook(Hook, WinStaObj, FALSE);
if (NULL != Thread) if (NULL != Thread)
{ {
@ -652,7 +652,7 @@ NtUserSetWindowsHookEx(
TAG_HOOK); TAG_HOOK);
if (NULL == Hook->ModuleName.Buffer) if (NULL == Hook->ModuleName.Buffer)
{ {
ObmDereferenceObject(Hook); UserDereferenceObject(Hook);
IntRemoveHook(Hook, WinStaObj, FALSE); IntRemoveHook(Hook, WinStaObj, FALSE);
if (NULL != Thread) if (NULL != Thread)
{ {
@ -669,7 +669,7 @@ NtUserSetWindowsHookEx(
if (! NT_SUCCESS(Status)) if (! NT_SUCCESS(Status))
{ {
ExFreePool(Hook->ModuleName.Buffer); ExFreePool(Hook->ModuleName.Buffer);
ObmDereferenceObject(Hook); UserDereferenceObject(Hook);
IntRemoveHook(Hook, WinStaObj, FALSE); IntRemoveHook(Hook, WinStaObj, FALSE);
if (NULL != Thread) if (NULL != Thread)
{ {
@ -686,7 +686,7 @@ NtUserSetWindowsHookEx(
Hook->Ansi = Ansi; Hook->Ansi = Ansi;
Handle = Hook->Self; Handle = Hook->Self;
ObmDereferenceObject(Hook); UserDereferenceObject(Hook);
ObDereferenceObject(WinStaObj); ObDereferenceObject(WinStaObj);
RETURN( Handle); RETURN( Handle);
@ -738,7 +738,7 @@ NtUserUnhookWindowsHookEx(
RETURN( FALSE); RETURN( FALSE);
} }
// Status = ObmReferenceObjectByHandle(gHandleTable, Hook, // Status = UserReferenceObjectByHandle(gHandleTable, Hook,
// otHookProc, (PVOID *) &HookObj); // otHookProc, (PVOID *) &HookObj);
if (!(HookObj = IntGetHookObject(Hook))) if (!(HookObj = IntGetHookObject(Hook)))
{ {
@ -751,7 +751,7 @@ NtUserUnhookWindowsHookEx(
IntRemoveHook(HookObj, WinStaObj, FALSE); IntRemoveHook(HookObj, WinStaObj, FALSE);
ObmDereferenceObject(HookObj); UserDereferenceObject(HookObj);
ObDereferenceObject(WinStaObj); ObDereferenceObject(WinStaObj);
RETURN( TRUE); RETURN( TRUE);

2
reactos/subsystems/win32/win32k/ntuser/input.c
View file

@ -1058,7 +1058,7 @@ IntMouseInput(MOUSEINPUT *mi)
MousePos.x = DesktopWindow->Wnd->ClientRect.right - 1; MousePos.x = DesktopWindow->Wnd->ClientRect.right - 1;
if(MousePos.y >= DesktopWindow->Wnd->ClientRect.bottom) if(MousePos.y >= DesktopWindow->Wnd->ClientRect.bottom)
MousePos.y = DesktopWindow->Wnd->ClientRect.bottom - 1; MousePos.y = DesktopWindow->Wnd->ClientRect.bottom - 1;
ObmDereferenceObject(DesktopWindow); UserDereferenceObject(DesktopWindow);
} }
if(MousePos.x < 0) if(MousePos.x < 0)

19
reactos/subsystems/win32/win32k/ntuser/menu.c
View file

@ -238,6 +238,7 @@ IntFreeMenuItem(PMENU_OBJECT Menu, PMENU_ITEM MenuItem,
} }
/* Free memory */ /* Free memory */
ExFreePool(MenuItem->Text.Buffer);
ExFreePool(MenuItem); ExFreePool(MenuItem);
return TRUE; return TRUE;
@ -317,9 +318,10 @@ IntDestroyMenuObject(PMENU_OBJECT Menu,
Window->Wnd->IDMenu = 0; Window->Wnd->IDMenu = 0;
} }
} }
ObmDeleteObject(Menu->MenuInfo.Self, otMenu); // UserDereferenceObject(Menu);
BOOL ret = UserDeleteObject(Menu->MenuInfo.Self, otMenu);
ObDereferenceObject(WindowStation); ObDereferenceObject(WindowStation);
return TRUE; return ret;
} }
} }
return FALSE; return FALSE;
@ -330,7 +332,7 @@ IntCreateMenu(PHANDLE Handle, BOOL IsMenuBar)
{ {
PMENU_OBJECT Menu; PMENU_OBJECT Menu;
Menu = (PMENU_OBJECT)ObmCreateObject( Menu = (PMENU_OBJECT)UserCreateObject(
gHandleTable, Handle, gHandleTable, Handle,
otMenu, sizeof(MENU_OBJECT)); otMenu, sizeof(MENU_OBJECT));
@ -438,7 +440,7 @@ IntCloneMenu(PMENU_OBJECT Source)
if(!Source) if(!Source)
return NULL; return NULL;
Menu = (PMENU_OBJECT)ObmCreateObject( Menu = (PMENU_OBJECT)UserCreateObject(
gHandleTable, &hMenu, gHandleTable, &hMenu,
otMenu, sizeof(MENU_OBJECT)); otMenu, sizeof(MENU_OBJECT));
@ -1457,6 +1459,7 @@ HMENU FASTCALL UserCreateMenu(BOOL PopupMenu)
{ {
PWINSTATION_OBJECT WinStaObject; PWINSTATION_OBJECT WinStaObject;
HANDLE Handle; HANDLE Handle;
PMENU_OBJECT Menu;
NTSTATUS Status; NTSTATUS Status;
PEPROCESS CurrentProcess = PsGetCurrentProcess(); PEPROCESS CurrentProcess = PsGetCurrentProcess();
@ -1479,12 +1482,14 @@ HMENU FASTCALL UserCreateMenu(BOOL PopupMenu)
SetLastNtError(Status); SetLastNtError(Status);
return (HMENU)0; return (HMENU)0;
} }
IntCreateMenu(&Handle, !PopupMenu); Menu = IntCreateMenu(&Handle, !PopupMenu);
UserDereferenceObject(Menu);
ObDereferenceObject(WinStaObject); ObDereferenceObject(WinStaObject);
} }
else else
{ {
IntCreateMenu(&Handle, !PopupMenu); Menu = IntCreateMenu(&Handle, !PopupMenu);
UserDereferenceObject(Menu);
} }
return (HMENU)Handle; return (HMENU)Handle;
@ -1566,7 +1571,7 @@ NtUserDestroyMenu(
RETURN( FALSE); RETURN( FALSE);
} }
RETURN( IntDestroyMenuObject(Menu, FALSE, TRUE)); RETURN( IntDestroyMenuObject(Menu, TRUE, TRUE));
CLEANUP: CLEANUP:
DPRINT("Leave NtUserDestroyMenu, ret=%i\n",_ret_); DPRINT("Leave NtUserDestroyMenu, ret=%i\n",_ret_);

8
reactos/subsystems/win32/win32k/ntuser/message.c
View file

@ -582,12 +582,12 @@ co_IntTranslateMouseMessage(PUSER_MESSAGE_QUEUE ThreadQueue, LPMSG Msg, USHORT *
} }
/* eat the message */ /* eat the message */
UserDerefObject(Wnd); UserDereferenceObject(Wnd);
UserDerefObjectCo(DesktopWindow); UserDerefObjectCo(DesktopWindow);
UserDerefObjectCo(Window); UserDerefObjectCo(Window);
return TRUE; return TRUE;
} }
UserDerefObject(Wnd); UserDereferenceObject(Wnd);
} }
UserDerefObjectCo(DesktopWindow); UserDerefObjectCo(DesktopWindow);
@ -800,7 +800,7 @@ MessageFound:
// if(MsgWindow) // if(MsgWindow)
// { // {
// UserDerefObject(MsgWindow); // UserDereferenceObject(MsgWindow);
// } // }
return TRUE; return TRUE;
@ -1584,7 +1584,7 @@ co_IntDoSendMessage(HWND hWnd,
/* Must be handled by other thread */ /* Must be handled by other thread */
// if (HWND_BROADCAST != hWnd) // if (HWND_BROADCAST != hWnd)
// { // {
// UserDerefObject(Window); // UserDereferenceObject(Window);
// } // }
Info.HandledByKernel = TRUE; Info.HandledByKernel = TRUE;
UserModeMsg.hwnd = hWnd; UserModeMsg.hwnd = hWnd;

7
reactos/subsystems/win32/win32k/ntuser/monitor.c
View file

@ -89,7 +89,7 @@ IntCreateMonitorObject()
HANDLE Handle; HANDLE Handle;
PMONITOR_OBJECT Monitor; PMONITOR_OBJECT Monitor;
Monitor = ObmCreateObject(gHandleTable, &Handle, otMonitor, sizeof (MONITOR_OBJECT)); Monitor = UserCreateObject(gHandleTable, &Handle, otMonitor, sizeof (MONITOR_OBJECT));
if (Monitor == NULL) if (Monitor == NULL)
{ {
return NULL; return NULL;
@ -116,7 +116,7 @@ void
IntDestroyMonitorObject(IN PMONITOR_OBJECT pMonitor) IntDestroyMonitorObject(IN PMONITOR_OBJECT pMonitor)
{ {
RtlFreeUnicodeString(&pMonitor->DeviceName); RtlFreeUnicodeString(&pMonitor->DeviceName);
ObmDereferenceObject(pMonitor); UserDereferenceObject(pMonitor);
} }
@ -178,6 +178,8 @@ IntAttachMonitor(IN GDIDEVICE *pGdiDevice,
if (!RtlCreateUnicodeString(&Monitor->DeviceName, Buffer)) if (!RtlCreateUnicodeString(&Monitor->DeviceName, Buffer))
{ {
DPRINT("Couldn't duplicate monitor name!\n"); DPRINT("Couldn't duplicate monitor name!\n");
UserDereferenceObject(Monitor);
UserDeleteObject(Monitor->Handle, otMonitor);
return STATUS_INSUFFICIENT_RESOURCES; return STATUS_INSUFFICIENT_RESOURCES;
} }
@ -199,6 +201,7 @@ IntAttachMonitor(IN GDIDEVICE *pGdiDevice,
} }
Monitor->Prev = p; Monitor->Prev = p;
} }
UserDereferenceObject(Monitor);
return STATUS_SUCCESS; return STATUS_SUCCESS;
} }

14
reactos/subsystems/win32/win32k/ntuser/msgqueue.c
View file

@ -282,7 +282,7 @@ co_MsqTranslateMouseMessage(PUSER_MESSAGE_QUEUE MessageQueue, HWND hWnd, UINT Fi
if(Msg == WM_MOUSEWHEEL) if(Msg == WM_MOUSEWHEEL)
{ {
Window = UserGetWindowObject(IntGetFocusWindow()); Window = UserGetWindowObject(IntGetFocusWindow());
if (Window) UserRefObject(Window); if (Window) UserReferenceObject(Window);
} }
else else
{ {
@ -290,7 +290,7 @@ co_MsqTranslateMouseMessage(PUSER_MESSAGE_QUEUE MessageQueue, HWND hWnd, UINT Fi
if(Window == NULL) if(Window == NULL)
{ {
Window = ScopeWin; Window = ScopeWin;
if (Window) UserRefObject(Window); if (Window) UserReferenceObject(Window);
} }
else else
{ {
@ -304,7 +304,7 @@ co_MsqTranslateMouseMessage(PUSER_MESSAGE_QUEUE MessageQueue, HWND hWnd, UINT Fi
/* FIXME - window messages should go to the right window if no buttons are /* FIXME - window messages should go to the right window if no buttons are
pressed */ pressed */
Window = UserGetWindowObject(hCaptureWin); Window = UserGetWindowObject(hCaptureWin);
if (Window) UserRefObject(Window); if (Window) UserReferenceObject(Window);
} }
@ -377,7 +377,7 @@ co_MsqTranslateMouseMessage(PUSER_MESSAGE_QUEUE MessageQueue, HWND hWnd, UINT Fi
IntUnLockHardwareMessageQueue(Window->MessageQueue); IntUnLockHardwareMessageQueue(Window->MessageQueue);
*Freed = FALSE; *Freed = FALSE;
UserDerefObject(Window); UserDereferenceObject(Window);
return(FALSE); return(FALSE);
} }
@ -420,7 +420,7 @@ co_MsqTranslateMouseMessage(PUSER_MESSAGE_QUEUE MessageQueue, HWND hWnd, UINT Fi
IntUnLockHardwareMessageQueue(Window->MessageQueue); IntUnLockHardwareMessageQueue(Window->MessageQueue);
} }
UserDerefObject(Window); UserDereferenceObject(Window);
*Freed = FALSE; *Freed = FALSE;
return(FALSE); return(FALSE);
} }
@ -459,7 +459,7 @@ co_MsqTranslateMouseMessage(PUSER_MESSAGE_QUEUE MessageQueue, HWND hWnd, UINT Fi
} }
} }
UserDerefObject(Window); UserDereferenceObject(Window);
*Freed = FALSE; *Freed = FALSE;
return(TRUE); return(TRUE);
} }
@ -783,7 +783,7 @@ MsqPostHotKeyMessage(PVOID Thread, HWND hWnd, WPARAM wParam, LPARAM lParam)
Mesg.time = MsqCalculateMessageTime(&LargeTickCount); Mesg.time = MsqCalculateMessageTime(&LargeTickCount);
IntGetCursorLocation(WinSta, &Mesg.pt); IntGetCursorLocation(WinSta, &Mesg.pt);
MsqPostMessage(Window->MessageQueue, &Mesg, FALSE, QS_HOTKEY); MsqPostMessage(Window->MessageQueue, &Mesg, FALSE, QS_HOTKEY);
ObmDereferenceObject(Window); UserDereferenceObject(Window);
ObDereferenceObject (Thread); ObDereferenceObject (Thread);
// InsertHeadList(&pThread->MessageQueue->PostedMessagesListHead, // InsertHeadList(&pThread->MessageQueue->PostedMessagesListHead,

2
reactos/subsystems/win32/win32k/ntuser/ntuser.c
View file

@ -44,7 +44,7 @@ NTSTATUS FASTCALL InitUserImpl(VOID)
ExInitializeResourceLite(&UserLock); ExInitializeResourceLite(&UserLock);
if (!ObmCreateHandleTable()) if (!UserCreateHandleTable())
{ {
DPRINT1("Failed creating handle table\n"); DPRINT1("Failed creating handle table\n");
return STATUS_INSUFFICIENT_RESOURCES; return STATUS_INSUFFICIENT_RESOURCES;

77
reactos/subsystems/win32/win32k/ntuser/object.c
View file

@ -69,7 +69,7 @@ __inline static PUSER_HANDLE_ENTRY alloc_user_entry(PUSER_HANDLE_TABLE ht)
if (ht->nb_handles >= ht->allocated_handles) /* need to grow the array */ if (ht->nb_handles >= ht->allocated_handles) /* need to grow the array */
{ {
/**/ /**/
int i, iFree = 0, iWindow = 0, iMenu = 0, iCursorIcon = 0, int i, iFree = 0, iWindow = 0, iMenu = 0, iCursorIcon = 0,
iHook = 0, iCallProc = 0, iAccel = 0, iMonitor = 0; iHook = 0, iCallProc = 0, iAccel = 0, iMonitor = 0;
/**/ /**/
DPRINT1("Out of user handles! Used -> %i, NM_Handle -> %d\n", usedHandles, ht->nb_handles); DPRINT1("Out of user handles! Used -> %i, NM_Handle -> %d\n", usedHandles, ht->nb_handles);
@ -108,7 +108,7 @@ __inline static PUSER_HANDLE_ENTRY alloc_user_entry(PUSER_HANDLE_TABLE ht)
} }
DPRINT1("Handle Count by Type:\n Free = %d Window = %d Menu = %d CursorIcon = %d Hook = %d\n CallProc = %d Accel = %d Monitor = %d\n", DPRINT1("Handle Count by Type:\n Free = %d Window = %d Menu = %d CursorIcon = %d Hook = %d\n CallProc = %d Accel = %d Monitor = %d\n",
iFree, iWindow, iMenu, iCursorIcon, iHook, iCallProc, iAccel, iMonitor ); iFree, iWindow, iMenu, iCursorIcon, iHook, iCallProc, iAccel, iMonitor );
//#endif //#endif
return NULL; return NULL;
#if 0 #if 0
PUSER_HANDLE_ENTRY new_handles; PUSER_HANDLE_ENTRY new_handles;
@ -198,6 +198,10 @@ HANDLE UserAllocHandle(PUSER_HANDLE_TABLE ht, PVOID object, USER_OBJECT_TYPE typ
entry->pi = UserHandleOwnerByType(type); entry->pi = UserHandleOwnerByType(type);
if (++entry->generation >= 0xffff) if (++entry->generation >= 0xffff)
entry->generation = 1; entry->generation = 1;
/* We have created a handle, which is a reference! */
UserReferenceObject(object);
return entry_to_handle(ht, entry ); return entry_to_handle(ht, entry );
} }
@ -241,18 +245,24 @@ void *get_user_object_handle(PUSER_HANDLE_TABLE ht, HANDLE* handle, USER_OBJECT
return entry->ptr; return entry->ptr;
} }
/* free a user handle and return a pointer to the object */ /* free a user handle */
PVOID UserFreeHandle(PUSER_HANDLE_TABLE ht, HANDLE handle ) BOOL UserFreeHandle(PUSER_HANDLE_TABLE ht, HANDLE handle )
{ {
PUSER_HANDLE_ENTRY entry; PUSER_HANDLE_ENTRY entry;
PVOID object;
if (!(entry = handle_to_entry( ht, handle ))) if (!(entry = handle_to_entry( ht, handle )))
{ {
SetLastNtError( STATUS_INVALID_HANDLE ); SetLastNtError( STATUS_INVALID_HANDLE );
return NULL; return FALSE;
} }
return free_user_entry(ht, entry ); object = free_user_entry(ht, entry );
/* We removed the handle, which was a reference! */
return UserDereferenceObject(object);
return TRUE;
} }
/* return the next user handle after 'handle' that is of a given type */ /* return the next user handle after 'handle' that is of a given type */
@ -284,7 +294,7 @@ PVOID UserGetNextHandle(PUSER_HANDLE_TABLE ht, HANDLE* handle, USER_OBJECT_TYPE
PVOID FASTCALL PVOID FASTCALL
ObmCreateObject(PUSER_HANDLE_TABLE ht, HANDLE* h,USER_OBJECT_TYPE type , ULONG size) UserCreateObject(PUSER_HANDLE_TABLE ht, HANDLE* h,USER_OBJECT_TYPE type , ULONG size)
{ {
HANDLE hi; HANDLE hi;
@ -303,7 +313,7 @@ ObmCreateObject(PUSER_HANDLE_TABLE ht, HANDLE* h,USER_OBJECT_TYPE type , ULONG s
RtlZeroMemory(hdr, size + sizeof(USER_OBJECT_HEADER)); RtlZeroMemory(hdr, size + sizeof(USER_OBJECT_HEADER));
hdr->hSelf = hi; hdr->hSelf = hi;
hdr->RefCount++; //temp hack! hdr->RefCount = 2; // we need this, because we create 2 refs: handle and pointer!
if (h) if (h)
*h = hi; *h = hi;
@ -311,7 +321,7 @@ ObmCreateObject(PUSER_HANDLE_TABLE ht, HANDLE* h,USER_OBJECT_TYPE type , ULONG s
} }
BOOL FASTCALL BOOL FASTCALL
ObmDeleteObject(HANDLE h, USER_OBJECT_TYPE type ) UserDeleteObject(HANDLE h, USER_OBJECT_TYPE type )
{ {
PUSER_OBJECT_HEADER hdr; PUSER_OBJECT_HEADER hdr;
PVOID body = UserGetObject(gHandleTable, h, type); PVOID body = UserGetObject(gHandleTable, h, type);
@ -319,26 +329,14 @@ ObmDeleteObject(HANDLE h, USER_OBJECT_TYPE type )
return FALSE; return FALSE;
hdr = USER_BODY_TO_HEADER(body); hdr = USER_BODY_TO_HEADER(body);
ASSERT(hdr->RefCount >= 0); ASSERT(hdr->RefCount >= 1);
hdr->destroyed = TRUE; hdr->destroyed = TRUE;
if (hdr->RefCount == 0) return UserFreeHandle(gHandleTable, h);
{
UserFreeHandle(gHandleTable, h);
memset(hdr, 0x55, sizeof(USER_OBJECT_HEADER));
UserHeapFree(hdr);
//ExFreePool(hdr);
return TRUE;
}
// DPRINT1("info: something not destroyed bcause refs still left, inuse %i\n",usedHandles);
return FALSE;
} }
VOID FASTCALL ObmReferenceObject(PVOID obj) VOID FASTCALL UserReferenceObject(PVOID obj)
{ {
PUSER_OBJECT_HEADER hdr = USER_BODY_TO_HEADER(obj); PUSER_OBJECT_HEADER hdr = USER_BODY_TO_HEADER(obj);
@ -347,14 +345,29 @@ VOID FASTCALL ObmReferenceObject(PVOID obj)
hdr->RefCount++; hdr->RefCount++;
} }
HANDLE FASTCALL ObmObjectToHandle(PVOID obj)
PVOID FASTCALL UserReferenceObjectByHandle(HANDLE handle, USER_OBJECT_TYPE type)
{
PVOID object;
object = UserGetObject(gHandleTable, handle, type);
if(object)
{
UserReferenceObject(object);
}
return object;
}
HANDLE FASTCALL UserObjectToHandle(PVOID obj)
{ {
PUSER_OBJECT_HEADER hdr = USER_BODY_TO_HEADER(obj); PUSER_OBJECT_HEADER hdr = USER_BODY_TO_HEADER(obj);
return hdr->hSelf; return hdr->hSelf;
} }
BOOL FASTCALL ObmDereferenceObject2(PVOID obj) BOOL FASTCALL UserDereferenceObject(PVOID obj)
{ {
PUSER_OBJECT_HEADER hdr = USER_BODY_TO_HEADER(obj); PUSER_OBJECT_HEADER hdr = USER_BODY_TO_HEADER(obj);
@ -363,17 +376,19 @@ BOOL FASTCALL ObmDereferenceObject2(PVOID obj)
hdr->RefCount--; hdr->RefCount--;
// You can not have a zero here! // You can not have a zero here!
if (!hdr->destroyed && hdr->RefCount == 0) hdr->RefCount++; // BOUNCE!!!!! if (!hdr->destroyed && hdr->RefCount == 0)
{
hdr->RefCount++; // BOUNCE!!!!!
DPRINT1("warning! Dereference to zero without deleting!\n");
}
if (hdr->RefCount == 0 && hdr->destroyed) if (hdr->RefCount == 0 && hdr->destroyed)
{ {
// DPRINT1("info: something destroyed bcaise of deref, in use=%i\n",usedHandles); // DPRINT1("info: something destroyed bcaise of deref, in use=%i\n",usedHandles);
UserFreeHandle(gHandleTable, hdr->hSelf);
memset(hdr, 0x55, sizeof(USER_OBJECT_HEADER)); memset(hdr, 0x55, sizeof(USER_OBJECT_HEADER));
UserHeapFree(hdr); return UserHeapFree(hdr);
//ExFreePool(hdr); //ExFreePool(hdr);
return TRUE; return TRUE;
@ -384,7 +399,7 @@ BOOL FASTCALL ObmDereferenceObject2(PVOID obj)
BOOL FASTCALL ObmCreateHandleTable() BOOL FASTCALL UserCreateHandleTable()
{ {
PVOID mem; PVOID mem;

48
reactos/subsystems/win32/win32k/ntuser/window.c
View file

@ -414,7 +414,7 @@ static LRESULT co_UserFreeWindow(PWINDOW_OBJECT Window,
else else
co_UserFreeWindow(Child, ProcessData, ThreadData, SendMessages); co_UserFreeWindow(Child, ProcessData, ThreadData, SendMessages);
UserDerefObject(Child); UserDereferenceObject(Child);
} }
} }
ExFreePool(Children); ExFreePool(Children);
@ -491,8 +491,8 @@ static LRESULT co_UserFreeWindow(PWINDOW_OBJECT Window,
IntUnlinkWindow(Window); IntUnlinkWindow(Window);
UserRefObject(Window); UserReferenceObject(Window);
ObmDeleteObject(Window->hSelf, otWindow); UserDeleteObject(Window->hSelf, otWindow);
IntDestroyScrollBars(Window); IntDestroyScrollBars(Window);
@ -510,7 +510,7 @@ static LRESULT co_UserFreeWindow(PWINDOW_OBJECT Window,
ASSERT(Window->Wnd != NULL); ASSERT(Window->Wnd != NULL);
UserFreeWindowInfo(Window->ti, Window); UserFreeWindowInfo(Window->ti, Window);
UserDerefObject(Window); UserDereferenceObject(Window);
IntClipboardFreeWindow(Window); IntClipboardFreeWindow(Window);
@ -989,7 +989,7 @@ IntSetOwner(HWND hWnd, HWND hWndNewOwner)
if (WndOldOwner) if (WndOldOwner)
{ {
ret = WndOldOwner->hSelf; ret = WndOldOwner->hSelf;
UserDerefObject(WndOldOwner); UserDereferenceObject(WndOldOwner);
} }
else else
{ {
@ -1007,7 +1007,7 @@ IntSetOwner(HWND hWnd, HWND hWndNewOwner)
Wnd->Wnd->Owner = NULL; Wnd->Wnd->Owner = NULL;
} }
UserDerefObject(Wnd); UserDereferenceObject(Wnd);
return ret; return ret;
} }
@ -1042,7 +1042,7 @@ co_IntSetParent(PWINDOW_OBJECT Wnd, PWINDOW_OBJECT WndNewParent)
WndOldParent = Wnd->Parent; WndOldParent = Wnd->Parent;
if (WndOldParent) UserRefObject(WndOldParent); /* caller must deref */ if (WndOldParent) UserReferenceObject(WndOldParent); /* caller must deref */
if (WndNewParent != WndOldParent) if (WndNewParent != WndOldParent)
{ {
@ -1064,9 +1064,9 @@ co_IntSetParent(PWINDOW_OBJECT Wnd, PWINDOW_OBJECT WndNewParent)
} }
else else
{ {
// UserRefObject(InsertAfter); // UserReferenceObject(InsertAfter);
IntLinkWindow(Wnd, WndNewParent, InsertAfter /*prev sibling*/); IntLinkWindow(Wnd, WndNewParent, InsertAfter /*prev sibling*/);
// UserDerefObject(InsertAfter); // UserDereferenceObject(InsertAfter);
} }
} }
@ -1092,7 +1092,7 @@ co_IntSetParent(PWINDOW_OBJECT Wnd, PWINDOW_OBJECT WndNewParent)
// { // {
// if(!IntIsWindow(WndOldParent->hSelf)) // if(!IntIsWindow(WndOldParent->hSelf))
// { // {
// UserDerefObject(WndOldParent); // UserDereferenceObject(WndOldParent);
// return NULL; // return NULL;
// } // }
@ -1607,7 +1607,7 @@ co_IntCreateWindowEx(DWORD dwExStyle,
/* Create the window object. */ /* Create the window object. */
Window = (PWINDOW_OBJECT) Window = (PWINDOW_OBJECT)
ObmCreateObject(gHandleTable, (PHANDLE)&hWnd, UserCreateObject(gHandleTable, (PHANDLE)&hWnd,
otWindow, sizeof(WINDOW_OBJECT)); otWindow, sizeof(WINDOW_OBJECT));
if (Window) if (Window)
{ {
@ -1982,7 +1982,7 @@ AllocErr:
if (!Result) if (!Result)
{ {
/* FIXME: Cleanup. */ /* FIXME: Cleanup. */
DPRINT("IntCreateWindowEx(): NCCREATE message failed.\n"); DPRINT1("IntCreateWindowEx(): NCCREATE message failed. No cleanup performed!\n");
RETURN((HWND)0); RETURN((HWND)0);
} }
@ -2046,7 +2046,7 @@ AllocErr:
if (Result == (LRESULT)-1) if (Result == (LRESULT)-1)
{ {
/* FIXME: Cleanup. */ /* FIXME: Cleanup. */
DPRINT("IntCreateWindowEx(): send CREATE message failed.\n"); DPRINT1("IntCreateWindowEx(): send CREATE message failed. No cleanup performed!\n");
RETURN((HWND)0); RETURN((HWND)0);
} }
@ -2166,7 +2166,11 @@ AllocErr:
CLEANUP: CLEANUP:
if (!_ret_ && Window && Window->Wnd && ti) if (!_ret_ && Window && Window->Wnd && ti)
UserFreeWindowInfo(ti, Window); UserFreeWindowInfo(ti, Window);
if (Window) UserDerefObjectCo(Window); if (Window)
{
UserDerefObjectCo(Window);
UserDereferenceObject(Window);
}
if (ParentWindow) UserDerefObjectCo(ParentWindow); if (ParentWindow) UserDerefObjectCo(ParentWindow);
if (!_ret_ && ti != NULL) if (!_ret_ && ti != NULL)
{ {
@ -2834,7 +2838,7 @@ PWINDOW_OBJECT FASTCALL UserGetAncestor(PWINDOW_OBJECT Wnd, UINT Type)
} }
//temp hack //temp hack
// UserDerefObject(Parent); // UserDereferenceObject(Parent);
WndAncestor = Parent; WndAncestor = Parent;
} }
@ -2935,7 +2939,7 @@ NtUserGetComboBoxInfo(
if (!(Wnd = UserGetWindowObject(hWnd))) if (!(Wnd = UserGetWindowObject(hWnd)))
{ {
RETURN( FALSE ); RETURN( FALSE );
} }
_SEH_TRY _SEH_TRY
{ {
if(pcbi) if(pcbi)
@ -2958,7 +2962,7 @@ NtUserGetComboBoxInfo(
CLEANUP: CLEANUP:
DPRINT("Leave NtUserGetComboBoxInfo, ret=%i\n",_ret_); DPRINT("Leave NtUserGetComboBoxInfo, ret=%i\n",_ret_);
UserLeave(); UserLeave();
END_CLEANUP; END_CLEANUP;
} }
@ -3013,21 +3017,21 @@ NtUserGetListBoxInfo(
{ {
PWINDOW_OBJECT Wnd; PWINDOW_OBJECT Wnd;
DECLARE_RETURN(DWORD); DECLARE_RETURN(DWORD);
DPRINT("Enter NtUserGetListBoxInfo\n"); DPRINT("Enter NtUserGetListBoxInfo\n");
UserEnterShared(); UserEnterShared();
if (!(Wnd = UserGetWindowObject(hWnd))) if (!(Wnd = UserGetWindowObject(hWnd)))
{ {
RETURN( 0 ); RETURN( 0 );
} }
RETURN( (DWORD) co_IntSendMessage( Wnd->hSelf, LB_GETLISTBOXINFO, 0, 0 )); RETURN( (DWORD) co_IntSendMessage( Wnd->hSelf, LB_GETLISTBOXINFO, 0, 0 ));
CLEANUP: CLEANUP:
DPRINT("Leave NtUserGetListBoxInfo, ret=%i\n",_ret_); DPRINT("Leave NtUserGetListBoxInfo, ret=%i\n",_ret_);
UserLeave(); UserLeave();
END_CLEANUP; END_CLEANUP;
} }
@ -3081,7 +3085,7 @@ co_UserSetParent(HWND hWndChild, HWND hWndNewParent)
if (WndOldParent) if (WndOldParent)
{ {
hWndOldParent = WndOldParent->hSelf; hWndOldParent = WndOldParent->hSelf;
UserDerefObject(WndOldParent); UserDereferenceObject(WndOldParent);
} }
return( hWndOldParent); return( hWndOldParent);
@ -4599,7 +4603,7 @@ NtUserWindowFromPoint(LONG X, LONG Y)
RETURN( NULL); RETURN( NULL);
CLEANUP: CLEANUP:
if (Window) UserDerefObject(Window); if (Window) UserDereferenceObject(Window);
if (DesktopWindow) UserDerefObjectCo(DesktopWindow); if (DesktopWindow) UserDerefObjectCo(DesktopWindow);
DPRINT("Leave NtUserWindowFromPoint, ret=%i\n",_ret_); DPRINT("Leave NtUserWindowFromPoint, ret=%i\n",_ret_);

10
reactos/subsystems/win32/win32k/ntuser/winpos.c
View file

@ -1005,14 +1005,14 @@ co_WinPosSetWindowPos(
} }
if (NULL != InsertAfterWindow) if (NULL != InsertAfterWindow)
{ {
UserRefObject(InsertAfterWindow); UserReferenceObject(InsertAfterWindow);
} }
} }
else if (WinPos.hwndInsertAfter == HWND_BOTTOM) else if (WinPos.hwndInsertAfter == HWND_BOTTOM)
{ {
if(ParentWindow->LastChild) if(ParentWindow->LastChild)
{ {
UserRefObject(ParentWindow->LastChild); UserReferenceObject(ParentWindow->LastChild);
InsertAfterWindow = ParentWindow->LastChild; InsertAfterWindow = ParentWindow->LastChild;
} }
else else
@ -1028,7 +1028,7 @@ co_WinPosSetWindowPos(
IntLinkWindow(Window, ParentWindow, InsertAfterWindow); IntLinkWindow(Window, ParentWindow, InsertAfterWindow);
} }
if (InsertAfterWindow != NULL) if (InsertAfterWindow != NULL)
UserDerefObject(InsertAfterWindow); UserDereferenceObject(InsertAfterWindow);
if ((HWND_TOPMOST == WinPos.hwndInsertAfter) if ((HWND_TOPMOST == WinPos.hwndInsertAfter)
|| (0 != (Window->Wnd->ExStyle & WS_EX_TOPMOST) || (0 != (Window->Wnd->ExStyle & WS_EX_TOPMOST)
&& NULL != Window->PrevSibling && NULL != Window->PrevSibling
@ -1588,9 +1588,9 @@ co_WinPosSearchChildren(
continue; continue;
} }
if (*Window) UserDerefObject(*Window); if (*Window) UserDereferenceObject(*Window);
*Window = Current; *Window = Current;
UserRefObject(*Window); UserReferenceObject(*Window);
if (CurrentWnd->Style & WS_MINIMIZE) if (CurrentWnd->Style & WS_MINIMIZE)
{ {