From aec110d5145d8a8d3ecc6249da31b0c312d6f5cf Mon Sep 17 00:00:00 2001
From: Timo Kreuzer <timo.kreuzer@reactos.org>
Date: Sun, 8 Jul 2012 22:06:23 +0000
Subject: [PATCH] [FREELDR] Allocate the ARC_DISK_SIGNATURE structures from the
 heap instead of putting them into the initial loader block allocation, since
 the number of disks changes later. Fixes memory corrruption and boot breakage
 when 3 hdds are connected.

[NTOSKRNL]
Remove a hack that disabled unloading drivers, which didn't work because of memory corruption from freeldr. This works now, too.

See issue #7139 for more details.

svn path=/trunk/; revision=56860
---
 reactos/boot/freeldr/freeldr/include/winldr.h |  1 -
 reactos/boot/freeldr/freeldr/windows/winldr.c | 26 +++++++++----------
 reactos/ntoskrnl/io/iomgr/driver.c            |  8 ++----
 3 files changed, 15 insertions(+), 20 deletions(-)

diff --git a/reactos/boot/freeldr/freeldr/include/winldr.h b/reactos/boot/freeldr/freeldr/include/winldr.h
index 58e0057f374..3a123ea99ba 100644
--- a/reactos/boot/freeldr/freeldr/include/winldr.h
+++ b/reactos/boot/freeldr/freeldr/include/winldr.h
@@ -71,7 +71,6 @@ typedef struct _LOADER_SYSTEM_BLOCK
     CHAR NtBootPathName[MAX_PATH+1];
     CHAR NtHalPathName[MAX_PATH+1];
     ARC_DISK_INFORMATION ArcDiskInformation;
-    ARC_DISK_SIGNATURE_EX ArcDiskSignature[];
 } LOADER_SYSTEM_BLOCK, *PLOADER_SYSTEM_BLOCK;
 
 extern PLOADER_SYSTEM_BLOCK WinLdrSystemBlock;
diff --git a/reactos/boot/freeldr/freeldr/windows/winldr.c b/reactos/boot/freeldr/freeldr/windows/winldr.c
index d13f28db468..25eaa15ed12 100644
--- a/reactos/boot/freeldr/freeldr/windows/winldr.c
+++ b/reactos/boot/freeldr/freeldr/windows/winldr.c
@@ -48,12 +48,9 @@ VOID
 AllocateAndInitLPB(PLOADER_PARAMETER_BLOCK *OutLoaderBlock)
 {
 	PLOADER_PARAMETER_BLOCK LoaderBlock;
-	ULONG SystemBlockSize;
 
 	/* Allocate and zero-init the LPB */
-	SystemBlockSize = sizeof(LOADER_SYSTEM_BLOCK) +
-	                  reactos_disk_count * sizeof(ARC_DISK_SIGNATURE_EX);
-	WinLdrSystemBlock = MmAllocateMemoryWithType(SystemBlockSize,
+	WinLdrSystemBlock = MmAllocateMemoryWithType(sizeof(LOADER_SYSTEM_BLOCK),
                                                  LoaderSystemBlock);
 	if (WinLdrSystemBlock == NULL)
 	{
@@ -135,26 +132,27 @@ WinLdrInitializePhase1(PLOADER_PARAMETER_BLOCK LoaderBlock,
 	/* Convert ARC disk information from freeldr to a correct format */
 	for (i = 0; i < reactos_disk_count; i++)
 	{
-		PARC_DISK_SIGNATURE ArcDiskSig;
+		PARC_DISK_SIGNATURE_EX ArcDiskSig;
 
-		/* Get the ARC structure */
-		ArcDiskSig = &WinLdrSystemBlock->ArcDiskSignature[i].DiskSignature;
+		/* Allocate the ARC structure */
+		ArcDiskSig = HeapAllocate(FrLdrDefaultHeap,
+                                  sizeof(ARC_DISK_SIGNATURE_EX),
+                                 'giSD');
 
 		/* Copy the data over */
-		ArcDiskSig->Signature = reactos_arc_disk_info[i].Signature;
-		ArcDiskSig->CheckSum = reactos_arc_disk_info[i].CheckSum;
+		ArcDiskSig->DiskSignature.Signature = reactos_arc_disk_info[i].Signature;
+		ArcDiskSig->DiskSignature.CheckSum = reactos_arc_disk_info[i].CheckSum;
 
 		/* Copy the ARC Name */
-		ArcDiskSig->ArcName = WinLdrSystemBlock->ArcDiskSignature[i].ArcName;
 		strncpy(ArcDiskSig->ArcName, reactos_arc_disk_info[i].ArcName, MAX_PATH);
-		ArcDiskSig->ArcName = PaToVa(ArcDiskSig->ArcName);
+		ArcDiskSig->DiskSignature.ArcName = PaToVa(ArcDiskSig->ArcName);
 
 		/* Mark partition table as valid */
-		ArcDiskSig->ValidPartitionTable = TRUE;
+		ArcDiskSig->DiskSignature.ValidPartitionTable = TRUE;
 
 		/* Insert into the list */
 		InsertTailList(&LoaderBlock->ArcDiskInformation->DiskSignatureListHead,
-			&ArcDiskSig->ListEntry);
+		               &ArcDiskSig->DiskSignature.ListEntry);
 	}
 
 	/* Convert all list's to Virtual address */
@@ -639,7 +637,9 @@ LoadAndBootWindowsCommon(
 
 	WinLdrpDumpMemoryDescriptors(LoaderBlockVA);
 	WinLdrpDumpBootDriver(LoaderBlockVA);
+#ifndef _M_AMD64
 	WinLdrpDumpArcDisks(LoaderBlockVA);
+#endif
 
 	//FIXME: If I substitute this debugging checkpoint, GCC will "optimize away" the code below
 	//while (1) {};
diff --git a/reactos/ntoskrnl/io/iomgr/driver.c b/reactos/ntoskrnl/io/iomgr/driver.c
index d3d938ea79e..ba23a12bd9a 100644
--- a/reactos/ntoskrnl/io/iomgr/driver.c
+++ b/reactos/ntoskrnl/io/iomgr/driver.c
@@ -76,16 +76,12 @@ IopDeleteDriver(IN PVOID ObjectBody)
         DriverExtension = NextDriverExtension;
     }
 
-#if 0
     /* Check if the driver image is still loaded */
     if (DriverObject->DriverSection)
     {
         /* Unload it */
         MmUnloadSystemImage(DriverObject->DriverSection);
     }
-#else
-    DPRINT1("HACK: Not unloading the driver image due to critical bugs!\n");
-#endif
 
     /* Check if it has a name */
     if (DriverObject->DriverName.Buffer)
@@ -283,7 +279,7 @@ IopNormalizeImagePath(
       /* Free caller's string */
       ExFreePoolWithTag(InputImagePath.Buffer, TAG_RTLREGISTRY);
    }
- 
+
    DPRINT("Normalized image path is '%wZ' for service '%wZ'\n", ImagePath, ServiceName);
 
    return STATUS_SUCCESS;
@@ -526,7 +522,7 @@ IopInitializeDriverModule(
       DPRINT("IopCreateDriver() failed (Status 0x%08lx)\n", Status);
       return Status;
    }
-   
+
    MmFreeDriverInitialization((PLDR_DATA_TABLE_ENTRY)Driver->DriverSection);
 
    /* Set the driver as initialized */