Since our MmNotPresentFault handler and kin need to lock the associated MADDRESS_SPACE, we often need to lock an address space when it's already been locked. Until now, this has caused a recursive acquisition of a kernel mutex.
The current kernel bugchecks for me when running the wget binary here:
http://www.superheterodyne.net/reactos/mm_edit/wget.exe
So I've added a boolean to MADDRESS_SPACE to specify that it's been locked and propogated its use (and also disentangled this flag from the one specifying that pages are locked in various cases).
The patch is here:
http://www.superheterodyne.net/reactos/mm_edit/mm.diff
There's a sore spot in section.c at line 684 where I got a bugcheck, but it was easy enough to check for a NULL region. This probably isn't right however.
jimtabor was seeing bugchecks at startup that are at least apparently solved by this patch, but I'm sure that those more in tune with the kernel can weigh in on whether we should do something like this or whether the real problem is deeper or different.