Hi,
Here is a list of files that use ntuser/object.c
As you all see, we Dereference more than we Reference! Reference is 0 so we are
using Dereference as a delete? This is a mess! Not once is a Thread referenced!
Thanks,
James
./callproc.c:52: ObmDeleteObject(Handle,
./hook.c:209: ObmDeleteObject(Hook->Self, otHook);
./cursoricon.c:413: ObmDeleteObject(hCurIcon, otCursorIcon);
./cursoricon.c:487: Ret = ObmDeleteObject(CurIcon->Self, otCursorIcon);
./menu.c:320: ObmDeleteObject(Menu->MenuInfo.Self, otMenu);
./window.c:433: ObmDeleteObject(Window->hSelf, otWindow);
./accelerator.c:365: ObmDeleteObject(hAccel, otAccel);
./accelerator.c:374: ObmDeleteObject(hAccel, otAccel);
./accelerator.c:414: ObmDeleteObject(hAccel, otAccel);
./callproc.c:64: NewCallProc = (PCALLPROC)ObmCreateObject(gHandleTable,
./callproc.c:88: NewCallProc = (PCALLPROC)ObmCreateObject(gHandleTable,
./hook.c:113: Hook = ObmCreateObject(gHandleTable, &Handle, otHook,
sizeof(HOOK));
./monitor.c:92: Monitor = ObmCreateObject(gHandleTable, &Handle,
otMonitor, sizeof (MONITOR_OBJECT));
./cursoricon.c:399: CurIcon = ObmCreateObject(gHandleTable,
&hCurIcon, otCursorIcon, sizeof(CURICON_OBJECT));
./menu.c:333: Menu = (PMENU_OBJECT)ObmCreateObject(
./menu.c:442: Menu = (PMENU_OBJECT)ObmCreateObject(
./window.c:1537: ObmCreateObject(gHandleTable, (PHANDLE)&hWnd,
./accelerator.c:351: Accel = ObmCreateObject(gHandleTable,
(PHANDLE)&hAccel, otAccel, sizeof(ACCELERATOR_TABLE));
./input.c:1045: ObmDereferenceObject(DesktopWindow);
./msgqueue.c:776: ObmDereferenceObject(Window);
./hook.c:449: ObmDereferenceObject(HookObj);
./hook.c:455: ObmDereferenceObject(HookObj);
./hook.c:624: ObmDereferenceObject(Hook);
./hook.c:639: ObmDereferenceObject(Hook);
./hook.c:656: ObmDereferenceObject(Hook);
./hook.c:673: ObmDereferenceObject(Hook);
./hook.c:738: ObmDereferenceObject(HookObj);
./monitor.c:119: ObmDereferenceObject(pMonitor);
./cursoricon.c:375:// ObmDereferenceObject(CurIcon);
./cursoricon.c:386:// ObmDereferenceObject(CurIcon);
./cursoricon.c:414: ObmDereferenceObject(CurIcon);
./cursoricon.c:420: ObmDereferenceObject(CurIcon);
./cursoricon.c:532:// ObmDereferenceObject(Object);
./cursoricon.c:369:// ObmReferenceObject( CurIcon);
./cursoricon.c:519:// ObmReferenceObject(CurIcon);
Show replies by date
Hi all,
Good read for those of us that forget how this works,
http://msdn2.microsoft.com/en-us/library/ms725486.aspx
User interface objects support only one handle per object. Processes
cannot inherit or duplicate handles to user objects. Processes in
one session cannot reference a user handle in another session.
There is a theoretical limit of 65,536 user handles per session.
However, the maximum number of user handles that can be opened per
session is usually lower, since it is affected by available memory.
There is also a default per-process limit of user handles. To change
this limit, set the following registry value:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows
NT\CurrentVersion\Windows\USERProcessHandleQuota
This value can be set to a number between 200 and 18,000
Found two bugs and the one pointed out by Stefan100 on IRC.
Thanks,
James