Royce Mitchell III wrote:

hbirr@svn.reactos.com wrote:

...

• Initialized an allocated block completely before release the lock.

@@ -719,9 +725,9 @@

{
    if ( (NewBlock = RQueRemove ( &pool->Que[que][align] )) )
    {

•        R_RELEASE_MUTEX(pool);
  
  
        RiUsedInit ( NewBlock, Tag );
        RiUsedInitRedZone ( NewBlock, NumberOfBytes );
  
  
  

•        R_RELEASE_MUTEX(pool);
  
  
        return RHdrToBody(NewBlock);
    }
    queBytes = 16 << que;
  

@@ -865,11 +871,10 @@

NewBlock = (PR_USED)BestBlock;
RiUsedInit ( NewBlock, Tag );

• R_RELEASE_MUTEX(pool);

• /* RtlZeroMemory(RHdrToBody(NewBlock), NumberOfBytes);*/

  RiUsedInitRedZone ( NewBlock, NumberOfBytes );

• R_RELEASE_MUTEX(pool);

  return RHdrToBody(NewBlock);

}

Hartmut,

If you don't mind, I'm curious how this was causing a problem, the stuff that was being initialized outside of the lock shouldn't (in my feeble mind) have been "visible" upon reentry until this block is freed again.

I've add a 'paged pool check thread' which is activated each 10 minutes. The thread allocates a zero size block, which triggers the checking. If the thread does check a new allocated block between releasing the lock and intializing the red zone, I get a wrong hit.

- Hartmut