Author: tkreuzer Date: Fri Feb 18 15:08:50 2011 New Revision: 50804
URL: http://svn.reactos.org/svn/reactos?rev=50804&view=rev Log: [WIN32K] Fix a bug in GDIOBJ_LockObj, that would cause a deadlock, when an object was deleted while another thread was waiting to acquire the handle lock.
Modified: trunk/reactos/subsystems/win32/win32k/objects/gdiobj.c
Modified: trunk/reactos/subsystems/win32/win32k/objects/gdiobj.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/subsystems/win32/win32k/obj... ============================================================================== --- trunk/reactos/subsystems/win32/win32k/objects/gdiobj.c [iso-8859-1] (original) +++ trunk/reactos/subsystems/win32/win32k/objects/gdiobj.c [iso-8859-1] Fri Feb 18 15:08:50 2011 @@ -1005,16 +1005,6 @@ }
ProcessId = (HANDLE)((ULONG_PTR)PsGetCurrentProcessId() & ~1); - HandleProcessId = (HANDLE)((ULONG_PTR)Entry->ProcessId & ~1); - - /* Check for invalid owner. */ - if (ProcessId != HandleProcessId && HandleProcessId != NULL) - { - DPRINT1("Tried to lock object (0x%p) of wrong owner! ProcessId = %p, HandleProcessId = %p\n", hObj, ProcessId, HandleProcessId); - GDIDBG_TRACECALLER(); - GDIDBG_TRACEALLOCATOR(hObj); - return NULL; - }
/* * Prevent the thread from being terminated during the locking process. @@ -1031,6 +1021,17 @@
for (;;) { + HandleProcessId = (HANDLE)((ULONG_PTR)Entry->ProcessId & ~1); + + /* Check for invalid owner. */ + if (ProcessId != HandleProcessId && HandleProcessId != NULL) + { + DPRINT1("Tried to lock object (0x%p) of wrong owner! ProcessId = %p, HandleProcessId = %p\n", hObj, ProcessId, HandleProcessId); + GDIDBG_TRACECALLER(); + GDIDBG_TRACEALLOCATOR(hObj); + break; + } + /* Lock the handle table entry. */ LockedProcessId = (HANDLE)((ULONG_PTR)HandleProcessId | 0x1); PrevProcId = InterlockedCompareExchangePointer((PVOID*)&Entry->ProcessId,