- Fix flaw in win32k hardware message queue which used KMUTEX instead of KMUTANT, thus double-disabling Kernel APCs during the parsing of the queue, which would result in actually deliving hardware message callbacks with Kernel APCs disabled when going to user-mode. This was detected when my new user-mode callback rewrite added checks for this situation, and it originally caused a bugcheck. Since the message queue code is now fixed, the bugcheck has been re-enabled, hopefully no other such violations will be detected (I was able to run/install firefox for a couple of minutes and there was no APC_INDEX_MISMATCH crash). Fixes bug 1272, and thanks to Filip for doing some late-night IRC analysis with me.

svn path=/trunk/; revision=20846
2025-08-02 14:58:27 +00:00 · 2006-01-14 08:49:10 +00:00 · 2006-01-14 08:49:10 +00:00 · fde02cbbc1
commit fde02cbbc1
parent da88b5bcd7
2 changed files with 3 additions and 5 deletions
--- a/reactos/ntoskrnl/ke/i386/usercall_asm.S
+++ b/reactos/ntoskrnl/ke/i386/usercall_asm.S
@ -87,7 +87,6 @@ _KiCallUserMode@8:

 AtPassive:

-#if 0
    /* Make sure that we are not attached and that APCs are not disabled */
    movzx eax, byte ptr [ebx+KTHREAD_APC_STATE_INDEX]
    mov edx, [ebx+KTHREAD_COMBINED_APC_DISABLE]
@ -104,7 +103,6 @@ InvalidIndex:
    push 0
    push APC_INDEX_MISMATCH
    call _KeBugCheckEx@20
-#endif
 ApcsEnabled:
 #endif

--- a/reactos/subsys/win32k/ntuser/msgqueue.c
+++ b/reactos/subsys/win32k/ntuser/msgqueue.c
@ -46,7 +46,7 @@ static KSPIN_LOCK SystemMessageQueueLock;

 static ULONG volatile HardwareMessageQueueStamp = 0;
 static LIST_ENTRY HardwareMessageQueueHead;
-static KMUTEX HardwareMessageQueueLock;
+static KMUTANT HardwareMessageQueueLock;

 static KEVENT HardwareMessageEvent;

@ -60,7 +60,7 @@ static PAGED_LOOKASIDE_LIST TimerLookasideList;
  KeReleaseSpinLock(&SystemMessageQueueLock, OldIrql)

 #define IntUnLockSystemHardwareMessageQueueLock(Wait) \
-  KeReleaseMutex(&HardwareMessageQueueLock, Wait)
+  KeReleaseMutant(&HardwareMessageQueueLock, IO_NO_INCREMENT, FALSE, Wait)

 /* FUNCTIONS *****************************************************************/

@ -122,7 +122,7 @@ MsqInitializeImpl(VOID)
   InitializeListHead(&HardwareMessageQueueHead);
   KeInitializeEvent(&HardwareMessageEvent, NotificationEvent, 0);
   KeInitializeSpinLock(&SystemMessageQueueLock);
-   KeInitializeMutex(&HardwareMessageQueueLock, 0);
+   KeInitializeMutant(&HardwareMessageQueueLock, 0);

   ExInitializePagedLookasideList(&MessageLookasideList,
                                  NULL,