18 Feb
2011
18 Feb
'11
3:08 p.m.
Author: tkreuzer
Date: Fri Feb 18 15:08:50 2011
New Revision: 50804
URL: http://svn.reactos.org/svn/reactos?rev=50804&view=rev
Log:
[WIN32K]
Fix a bug in GDIOBJ_LockObj, that would cause a deadlock, when an object was deleted while
another thread was waiting to acquire the handle lock.
Modified:
trunk/reactos/subsystems/win32/win32k/objects/gdiobj.c
Modified: trunk/reactos/subsystems/win32/win32k/objects/gdiobj.c
URL:
http://svn.reactos.org/svn/reactos/trunk/reactos/subsystems/win32/win32k/ob…
==============================================================================
--- trunk/reactos/subsystems/win32/win32k/objects/gdiobj.c [iso-8859-1] (original)
+++ trunk/reactos/subsystems/win32/win32k/objects/gdiobj.c [iso-8859-1] Fri Feb 18
15:08:50 2011
@@ -1005,16 +1005,6 @@
}
ProcessId = (HANDLE)((ULONG_PTR)PsGetCurrentProcessId() & ~1);
- HandleProcessId = (HANDLE)((ULONG_PTR)Entry->ProcessId & ~1);
-
- /* Check for invalid owner. */
- if (ProcessId != HandleProcessId && HandleProcessId != NULL)
- {
- DPRINT1("Tried to lock object (0x%p) of wrong owner! ProcessId = %p,
HandleProcessId = %p\n", hObj, ProcessId, HandleProcessId);
- GDIDBG_TRACECALLER();
- GDIDBG_TRACEALLOCATOR(hObj);
- return NULL;
- }
/*
* Prevent the thread from being terminated during the locking process.
@@ -1031,6 +1021,17 @@
for (;;)
{
+ HandleProcessId = (HANDLE)((ULONG_PTR)Entry->ProcessId & ~1);
+
+ /* Check for invalid owner. */
+ if (ProcessId != HandleProcessId && HandleProcessId != NULL)
+ {
+ DPRINT1("Tried to lock object (0x%p) of wrong owner! ProcessId = %p,
HandleProcessId = %p\n", hObj, ProcessId, HandleProcessId);
+ GDIDBG_TRACECALLER();
+ GDIDBG_TRACEALLOCATOR(hObj);
+ break;
+ }
+
/* Lock the handle table entry. */
LockedProcessId = (HANDLE)((ULONG_PTR)HandleProcessId | 0x1);
PrevProcId = InterlockedCompareExchangePointer((PVOID*)&Entry->ProcessId,