Author: jimtabor Date: Mon Aug 1 19:13:48 2016 New Revision: 72076
URL: http://svn.reactos.org/svn/reactos?rev=72076&view=rev Log: [NtUser] - Fix a recursion issue while processing posted messages. Related to CORE-10471. Dedicated to Thomas Faber for Free before Use testing. - Pass extra information along with posted messages. - Trigger an event when cursor position has changed.
Modified: trunk/reactos/win32ss/user/ntuser/message.c trunk/reactos/win32ss/user/ntuser/msgqueue.c
Modified: trunk/reactos/win32ss/user/ntuser/message.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/win32ss/user/ntuser/message... ============================================================================== --- trunk/reactos/win32ss/user/ntuser/message.c [iso-8859-1] (original) +++ trunk/reactos/win32ss/user/ntuser/message.c [iso-8859-1] Mon Aug 1 19:13:48 2016 @@ -1078,6 +1078,10 @@
if (pMsg->message != WM_PAINT && pMsg->message != WM_QUIT) { + if (!RtlEqualMemory(&pti->ptLast, &pMsg->pt, sizeof(POINT))) + { + pti->TIF_flags |= TIF_MSGPOSCHANGED; + } pti->timeLast = pMsg->time; pti->ptLast = pMsg->pt; } @@ -1278,6 +1282,7 @@ LPARAM lParam ) { ULONG_PTR Result = 0; + if (co_IntSendMessageTimeout(hWnd, Msg, wParam, lParam, SMTO_NORMAL, 0, &Result)) { return (LRESULT)Result;
Modified: trunk/reactos/win32ss/user/ntuser/msgqueue.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/win32ss/user/ntuser/msgqueu... ============================================================================== --- trunk/reactos/win32ss/user/ntuser/msgqueue.c [iso-8859-1] (original) +++ trunk/reactos/win32ss/user/ntuser/msgqueue.c [iso-8859-1] Mon Aug 1 19:13:48 2016 @@ -15,6 +15,7 @@
static PPAGED_LOOKASIDE_LIST pgMessageLookasideList; static PPAGED_LOOKASIDE_LIST pgSendMsgLookasideList; +INT PostMsgCount = 0; INT SendMsgCount = 0; PUSER_MESSAGE_QUEUE gpqCursor; ULONG_PTR gdwMouseMoveExtraInfo = 0; @@ -743,20 +744,23 @@
RtlZeroMemory(Message, sizeof(*Message)); RtlMoveMemory(&Message->Msg, Msg, sizeof(MSG)); - + PostMsgCount++; return Message; }
VOID FASTCALL MsqDestroyMessage(PUSER_MESSAGE Message) { + TRACE("Post Destroy %d\n",PostMsgCount) if (Message->pti == NULL) { ERR("Double Free Message\n"); return; } + RemoveEntryList(&Message->ListEntry); Message->pti = NULL; ExFreeToPagedLookasideList(pgMessageLookasideList, Message); + PostMsgCount--; }
PUSER_SENT_MESSAGE FASTCALL @@ -820,7 +824,6 @@ pti->QuitPosted = 1; pti->exitCode = PostedMessage->Msg.wParam; } - RemoveEntryList(&PostedMessage->ListEntry); ClearMsgBitsMask(pti, PostedMessage->QS_Flags); MsqDestroyMessage(PostedMessage); CurrentEntry = pti->PostedMessagesListHead.Flink; @@ -1374,6 +1377,7 @@ Message->QS_Flags = MessageBits; Message->pti = pti; MsqWakeQueue(pti, MessageBits, TRUE); + TRACE("Post Message %d\n",PostMsgCount); }
VOID FASTCALL @@ -1468,7 +1472,7 @@ } }
-BOOL co_IntProcessMouseMessage(MSG* msg, BOOL* RemoveMessages, BOOL* NotForUs, UINT first, UINT last) +BOOL co_IntProcessMouseMessage(MSG* msg, BOOL* RemoveMessages, BOOL* NotForUs, LONG_PTR ExtraInfo, UINT first, UINT last) { MSG clk_msg; POINT pt; @@ -1653,6 +1657,12 @@ } }
+ if (pti->TIF_flags & TIF_MSGPOSCHANGED) + { + pti->TIF_flags &= ~TIF_MSGPOSCHANGED; + IntNotifyWinEvent(EVENT_OBJECT_LOCATIONCHANGE, NULL, OBJID_CLIENT, CHILDID_SELF, 0); + } + /* message is accepted now (but still get dropped) */
event.message = msg->message; @@ -1665,14 +1675,14 @@ hook.pt = msg->pt; hook.hwnd = msg->hwnd; hook.wHitTestCode = hittest; - hook.dwExtraInfo = 0 /* extra_info */ ; + hook.dwExtraInfo = ExtraInfo; if (co_HOOK_CallHooks( WH_MOUSE, *RemoveMessages ? HC_ACTION : HC_NOREMOVE, message, (LPARAM)&hook )) { hook.pt = msg->pt; hook.hwnd = msg->hwnd; hook.wHitTestCode = hittest; - hook.dwExtraInfo = 0 /* extra_info */ ; + hook.dwExtraInfo = ExtraInfo; co_HOOK_CallHooks( WH_CBT, HCBT_CLICKSKIPPED, message, (LPARAM)&hook );
ERR("WH_MOUSE dropped mouse message!\n"); @@ -1860,11 +1870,11 @@ return Ret; }
-BOOL co_IntProcessHardwareMessage(MSG* Msg, BOOL* RemoveMessages, BOOL* NotForUs, UINT first, UINT last) +BOOL co_IntProcessHardwareMessage(MSG* Msg, BOOL* RemoveMessages, BOOL* NotForUs, LONG_PTR ExtraInfo, UINT first, UINT last) { if ( IS_MOUSE_MESSAGE(Msg->message)) { - return co_IntProcessMouseMessage(Msg, RemoveMessages, NotForUs, first, last); + return co_IntProcessMouseMessage(Msg, RemoveMessages, NotForUs, ExtraInfo, first, last); } else if ( IS_KBD_MESSAGE(Msg->message)) { @@ -1916,6 +1926,7 @@ MSG msg; ULONG_PTR idSave; DWORD QS_Flags; + LONG_PTR ExtraInfo; BOOL Ret = FALSE; PUSER_MESSAGE_QUEUE MessageQueue = pti->MessageQueue;
@@ -1964,18 +1975,18 @@ MessageQueue->idSysPeek = (ULONG_PTR)CurrentMessage;
msg = CurrentMessage->Msg; + ExtraInfo = CurrentMessage->ExtraInfo; QS_Flags = CurrentMessage->QS_Flags;
NotForUs = FALSE;
UpdateKeyStateFromMsg(MessageQueue, &msg); - AcceptMessage = co_IntProcessHardwareMessage(&msg, &Remove, &NotForUs, MsgFilterLow, MsgFilterHigh); + AcceptMessage = co_IntProcessHardwareMessage(&msg, &Remove, &NotForUs, ExtraInfo, MsgFilterLow, MsgFilterHigh);
if (Remove) { - if (CurrentMessage->pti != NULL) + if (CurrentMessage->pti != NULL && (MessageQueue->idSysPeek == (ULONG_PTR)CurrentMessage)) { - RemoveEntryList(&CurrentMessage->ListEntry); MsqDestroyMessage(CurrentMessage); } ClearMsgBitsMask(pti, QS_Flags); @@ -1999,7 +2010,7 @@ } pti->ptLast = msg.pt; pti->timeLast = msg.time; - //MessageQueue->ExtraInfo = ExtraInfo; + MessageQueue->ExtraInfo = ExtraInfo; Ret = TRUE; break; } @@ -2054,7 +2065,6 @@ { if (CurrentMessage->pti != NULL) { - RemoveEntryList(&CurrentMessage->ListEntry); MsqDestroyMessage(CurrentMessage); } ClearMsgBitsMask(pti, QS_Flags); @@ -2183,8 +2193,9 @@ /* cleanup posted messages */ while (!IsListEmpty(&pti->PostedMessagesListHead)) { - CurrentEntry = RemoveHeadList(&pti->PostedMessagesListHead); + CurrentEntry = pti->PostedMessagesListHead.Flink; CurrentMessage = CONTAINING_RECORD(CurrentEntry, USER_MESSAGE, ListEntry); + ERR("Thread Cleanup Post Messages %p\n",CurrentMessage); if (CurrentMessage->dwQEvent) { if (CurrentMessage->dwQEvent == POSTEVENT_NWE) @@ -2271,6 +2282,8 @@ MsqCleanupMessageQueue(PTHREADINFO pti) { PUSER_MESSAGE_QUEUE MessageQueue; + PLIST_ENTRY CurrentEntry; + PUSER_MESSAGE CurrentMessage;
MessageQueue = pti->MessageQueue; MessageQueue->cThreads--; @@ -2279,6 +2292,18 @@ { if (MessageQueue->ptiSysLock == pti) MessageQueue->ptiSysLock = NULL; } + + if (MessageQueue->cThreads == 0) //// Fix a crash related to CORE-10471 testing. + { + /* cleanup posted messages */ + while (!IsListEmpty(&MessageQueue->HardwareMessagesListHead)) + { + CurrentEntry = MessageQueue->HardwareMessagesListHead.Flink; + CurrentMessage = CONTAINING_RECORD(CurrentEntry, USER_MESSAGE, ListEntry); + ERR("MQ Cleanup Post Messages %p\n",CurrentMessage); + MsqDestroyMessage(CurrentMessage); + } + } ////
if (MessageQueue->CursorObject) {