Intravision/reactos
1
0
Fork 0
mirror of https://github.com/reactos/reactos.git synced 2025-04-22 13:10:39 +00:00
Code Issues Projects Releases Packages Wiki Activity

[WIN32K]

Browse source 
Fix a bug in the GDI pool code that could lead to list corruption and a failed ASSERT, when an app allocated a large number of DCs or brushes, like AbiWord with more than 1 document open. Also add a few more ASSERTs.

svn path=/trunk/; revision=57973
This commit is contained in:
Timo Kreuzer 2012-12-22 22:22:06 +00:00
parent 56d63e8383
commit af760d9024
1 changed files with 7 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

12
reactos/win32ss/gdi/ntgdi/gdipool.c
View file

@ -155,6 +155,8 @@ GdiPoolAllocate(
/* Yes, remove it from the empty list */ /* Yes, remove it from the empty list */
ple = RemoveHeadList(&pPool->leEmptyList); ple = RemoveHeadList(&pPool->leEmptyList);
pSection = CONTAINING_RECORD(ple, GDI_POOL_SECTION, leInUseLink); pSection = CONTAINING_RECORD(ple, GDI_POOL_SECTION, leInUseLink);
pPool->cEmptySections--;
ASSERT(pSection->cAllocCount == 0);
} }
else else
{ {
@ -166,13 +168,11 @@ GdiPoolAllocate(
pvAlloc = NULL; pvAlloc = NULL;
goto done; goto done;
} }
/* Insert it into the ready list */
InsertHeadList(&pPool->leReadyList, &pSection->leReadyLink);
} }
/* Insert it into the in-use list */ /* Insert it into the in-use and ready list */
InsertHeadList(&pPool->leInUseList, &pSection->leInUseLink); InsertHeadList(&pPool->leInUseList, &pSection->leInUseLink);
InsertHeadList(&pPool->leReadyList, &pSection->leReadyLink);
} }
/* Find and set a single bit */ /* Find and set a single bit */
@ -203,6 +203,7 @@ GdiPoolAllocate(
/* Increase alloc count */ /* Increase alloc count */
pSection->cAllocCount++; pSection->cAllocCount++;
ASSERT(RtlNumberOfSetBits(&pSection->bitmap) == pSection->cAllocCount);
DBG_LOGEVENT(&pPool->slhLog, EVENT_ALLOCATE, pvAlloc); DBG_LOGEVENT(&pPool->slhLog, EVENT_ALLOCATE, pvAlloc);
/* Check if section is now busy */ /* Check if section is now busy */
@ -260,6 +261,7 @@ GdiPoolFree(
/* Decrease allocation count */ /* Decrease allocation count */
pSection->cAllocCount--; pSection->cAllocCount--;
ASSERT(RtlNumberOfSetBits(&pSection->bitmap) == pSection->cAllocCount);
DBG_LOGEVENT(&pPool->slhLog, EVENT_FREE, pvAlloc); DBG_LOGEVENT(&pPool->slhLog, EVENT_FREE, pvAlloc);
/* Check if the section got valid now */ /* Check if the section got valid now */
@ -275,7 +277,7 @@ GdiPoolFree(
RemoveEntryList(&pSection->leInUseLink); RemoveEntryList(&pSection->leInUseLink);
RemoveEntryList(&pSection->leReadyLink); RemoveEntryList(&pSection->leReadyLink);
if (pPool->cEmptySections > 1) if (pPool->cEmptySections >= 1)
{ {
/* Delete the section */ /* Delete the section */
GdiPoolDeleteSection(pPool, pSection); GdiPoolDeleteSection(pPool, pSection);