1. get rid of the global thread list and group threads in processes instead
2. get rid of all reactos-specific fields in the E/KTHREAD structure and make them match the 2k layout
3. identify threads (and later processes) using a client id table (which should propably be replaced by a global handle table instead)
4. disabled thread event pair functions by default (NT4 only) as they require a field in the ETHREAD structure that is not present in later versions

reactos/ntoskrnl

diff -u -r1.143 -r1.144
--- Makefile	23 Sep 2004 11:27:58 -0000	1.143
+++ Makefile	28 Sep 2004 15:02:28 -0000	1.144
@@ -1,4 +1,4 @@

-# $Id: Makefile,v 1.143 2004/09/23 11:27:58 ekohl Exp $

+# $Id: Makefile,v 1.144 2004/09/28 15:02:28 weiden Exp $

 #
 # ReactOS Operating System
 #

@@ -61,6 +61,9 @@

 # no native setjmp/longjmp in the kernel
 CFLAGS += -D_SEH_NO_NATIVE_NLG
 

+# enable thread event pair features (NT4 only!)
+# CFLAGS += -D_ENABLE_THRDEVTPAIR
+

 CFLAGS += $(STD_CFLAGS)
 ASFLAGS += $(STD_ASFLAGS)
 RCFLAGS += $(STD_RCFLAGS)

@@ -249,6 +252,7 @@

 
 # Process Manager (Ps)
 OBJECTS_PS = \

+	ps/cid.o \

 	ps/create.o \
 	ps/debug.o \
 	ps/idle.o \

reactos/ntoskrnl/ex

diff -u -r1.45 -r1.46
--- sysinfo.c	18 Aug 2004 20:41:03 -0000	1.45
+++ sysinfo.c	28 Sep 2004 15:02:28 -0000	1.46
@@ -1,4 +1,4 @@

-/* $Id: sysinfo.c,v 1.45 2004/08/18 20:41:03 navaraf Exp $

+/* $Id: sysinfo.c,v 1.46 2004/09/28 15:02:28 weiden Exp $

  *
  * COPYRIGHT:       See COPYING in the top level directory
  * PROJECT:         ReactOS kernel

@@ -622,7 +622,7 @@

           while (current_entry != &pr->ThreadListHead)
                {
                  current = CONTAINING_RECORD(current_entry, ETHREAD,

-                                               Tcb.ProcessThreadListEntry);

+                                             ThreadListEntry);

 
                  SpiCur->Threads[i].KernelTime.QuadPart = current->Tcb.KernelTime * 100000LL;
                  SpiCur->Threads[i].UserTime.QuadPart = current->Tcb.UserTime * 100000LL;

reactos/ntoskrnl/include/internal

diff -u -r1.41 -r1.42
--- ex.h	9 Sep 2004 18:51:16 -0000	1.41
+++ ex.h	28 Sep 2004 15:02:28 -0000	1.42
@@ -99,11 +99,13 @@

 
 /* OTHER FUNCTIONS **********************************************************/
 

+#ifdef _ENABLE_THRDEVTPAIR

 VOID
 ExpSwapThreadEventPair(
 	IN struct _ETHREAD* Thread,
 	IN struct _KEVENT_PAIR* EventPair
 	);

+#endif /* _ENABLE_THRDEVTPAIR */

 
 LONGLONG 
 FASTCALL

reactos/ntoskrnl/include/internal

diff -u -r1.68 -r1.69
--- ps.h	22 Sep 2004 22:31:46 -0000	1.68
+++ ps.h	28 Sep 2004 15:02:29 -0000	1.69
@@ -16,7 +16,7 @@

  *  along with this program; if not, write to the Free Software
  *  Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
  */

-/* $Id: ps.h,v 1.68 2004/09/22 22:31:46 weiden Exp $

+/* $Id: ps.h,v 1.69 2004/09/28 15:02:29 weiden Exp $

  *
  * FILE:            ntoskrnl/ke/kthread.c
  * PURPOSE:         Process manager definitions

@@ -96,13 +96,13 @@

    UCHAR             Alerted[2];          /* 2E */
    UCHAR             Iopl;                /* 30 */
    UCHAR             NpxState;            /* 31 */

-   UCHAR             Saturation;          /* 32 */

+   CHAR              Saturation;          /* 32 */

    CHAR              Priority;            /* 33 */
    KAPC_STATE        ApcState;            /* 34 */
    ULONG             ContextSwitches;     /* 4C */

-   ULONG             WaitStatus;          /* 50 */

+   LONG              WaitStatus;          /* 50 */

    KIRQL             WaitIrql;            /* 54 */

-   UCHAR             WaitMode;            /* 55 */

+   CHAR              WaitMode;            /* 55 */

    UCHAR             WaitNext;            /* 56 */
    UCHAR             WaitReason;          /* 57 */
    PKWAIT_BLOCK      WaitBlockList;       /* 58 */

@@ -114,12 +114,12 @@

    UCHAR             Quantum;             /* 6B */
    KWAIT_BLOCK       WaitBlock[4];        /* 6C */
    PVOID             LegoData;            /* CC */

-   LONG              KernelApcDisable;    /* D0 */

+   ULONG             KernelApcDisable;    /* D0 */

    KAFFINITY         UserAffinity;        /* D4 */
    UCHAR             SystemAffinityActive;/* D8 */
    UCHAR             PowerState;          /* D9 */
    UCHAR             NpxIrql;             /* DA */

-   UCHAR             Pad;                 /* DB */

+   UCHAR             Pad[1];              /* DB */

    SSDT_ENTRY        *ServiceTable;       /* DC */
    PKQUEUE           Queue;               /* E0 */
    KSPIN_LOCK        ApcQueueLock;        /* E4 */

@@ -131,8 +131,8 @@

    UCHAR             KernelStackResident; /* 11E */
    UCHAR             NextProcessor;       /* 11F */
    PVOID             CallbackStack;       /* 120 */

-   BOOL              Win32Thread;         /* 124 */
-   struct _KTRAP_FRAME*      TrapFrame;   /* 128 */

+   struct _W32THREAD *Win32Thread;        /* 124 */
+   struct _KTRAP_FRAME *TrapFrame;        /* 128 */

    PKAPC_STATE       ApcStatePointer[2];  /* 12C */
    UCHAR             EnableStackSwap;     /* 134 */
    UCHAR             LargeStack;          /* 135 */

@@ -153,13 +153,6 @@

    UCHAR             SuspendCount;        /* 1AD */
    UCHAR             IdealProcessor;      /* 1AE */
    UCHAR             DisableBoost;        /* 1AF */

-   
-   /*
-    * Below here are thread structure members that are specific to ReactOS
-    */
-   
-   /* Added by Phillip Susi for list of threads in a process */
-   LIST_ENTRY        ProcessThreadListEntry;         /* 1B0 */

 } KTHREAD;
 
 #include <poppack.h>

@@ -171,63 +164,61 @@

 #define	FSRTL_FAST_IO_TOP_LEVEL_IRP		(0x04)
 #define	FSRTL_MAX_TOP_LEVEL_IRP_FLAG		(0x04)
 

+#ifndef __USE_W32API

 typedef struct
 {

-  PACCESS_TOKEN Token;                              // 0x0
-  BOOLEAN CopyOnOpen;                               // 0x4
-  BOOLEAN EffectiveOnly;                            // 0x5
-  UCHAR Pad[2];                                     // 0x6
-  SECURITY_IMPERSONATION_LEVEL Level;               // 0x8
-} PS_IMPERSONATION_INFO, *PPS_IMPERSONATION_INFO;

+  PACCESS_TOKEN Token;
+  BOOLEAN CopyOnOpen;
+  BOOLEAN EffectiveOnly;
+  SECURITY_IMPERSONATION_LEVEL Level;
+} PS_IMPERSONATION_INFORMATION, *PPS_IMPERSONATION_INFORMATION;
+#endif

 
 #include <pshpack1.h>
 
 typedef struct _ETHREAD
 {

-  KTHREAD Tcb;                                      /* 000 */
-  TIME CreateTime;                                  /* 1B0/1B8 */
-  union
-  {
-    TIME ExitTime;                                  /* 1B8/1E4 */
-    LIST_ENTRY LpcReplyChain;                       /* 1B8/1E4 */
-  } u1;
-  NTSTATUS ExitStatus;                              /* 1C0/1EC */
-  LIST_ENTRY PostBlockList;                         /* 1C4/1F0 */
-  LIST_ENTRY TerminationPortList;                   /* 1CC/1F8 */
-  KSPIN_LOCK ActiveTimerListLock;                   /* 1D4/200 */
-  LIST_ENTRY ActiveTimerListHead;                   /* 1D8/204 */
-  CLIENT_ID Cid;                                    /* 1E0/20C */
-  KSEMAPHORE LpcReplySemaphore;                     /* 1E8/214 */
-  PVOID LpcReplyMessage;                            /* 1FC/228 */
-  PLARGE_INTEGER LpcReplyMessageId;                 /* 200/22C */
-  ULONG PerformanceCounterLow;                      /* 204/230 */
-  PPS_IMPERSONATION_INFO ImpersonationInfo;         /* 208/234 */
-  LIST_ENTRY IrpList;                               /* 20C/238 */
-  PIRP TopLevelIrp;                                 /* 214/240 */
-  PDEVICE_OBJECT DeviceToVerify;                    /* 218/244 */
-  ULONG ReadClusterSize;                            /* 21C/248 */
-  UCHAR ForwardClusterOnly;                         /* 220/24C */
-  UCHAR DisablePageFaultClustering;                 /* 221/24D */
-  UCHAR DeadThread;                                 /* 222/24E */
-  UCHAR HasTerminated;                              /* 223/24F */
-  PVOID EventPair;                                  /* 224/250 */
-  ACCESS_MASK GrantedAccess;                        /* 228/254 */
-  struct _EPROCESS* ThreadsProcess;                 /* 22C/258 */
-  PKSTART_ROUTINE StartAddress;                     /* 230/25C */
-  union
-  {
-    LPTHREAD_START_ROUTINE Win32StartAddress;       /* 234/260 */
-    ULONG LpcReceiveMessageId;                      /* 234/260 */
-  } u2;
-  UCHAR LpcExitThreadCalled;                        /* 238/264 */
-  UCHAR HardErrorsAreDisabled;                      /* 239/265 */
-  UCHAR LpcReceivedMsgIdValid;                      /* 23A/266 */
-  BOOLEAN ActiveImpersonationInfo;                  /* 23B/267 */
-  ULONG PerformanceCountHigh;                       /* 23C/268 */
-
-
-  struct _W32THREAD* Win32Thread;
-  

+  KTHREAD Tcb;
+  TIME CreateTime;
+  USHORT NestedFaultCount;
+  UCHAR ApcNeeded;
+  TIME ExitTime;
+  LIST_ENTRY LpcReplyChain;
+  NTSTATUS ExitStatus;
+  PVOID OfsChain;
+  LIST_ENTRY PostBlockList;
+  LIST_ENTRY TerminationPortList;
+  KSPIN_LOCK ActiveTimerListLock;
+  LIST_ENTRY ActiveTimerListHead;
+  CLIENT_ID Cid;
+  KSEMAPHORE LpcReplySemaphore;
+  PVOID LpcReplyMessage;
+  ULONG LpcReplyMessageId;
+  ULONG PerformanceCountLow;
+  PPS_IMPERSONATION_INFORMATION ImpersonationInfo;
+  LIST_ENTRY IrpList;
+  PIRP TopLevelIrp;
+  PDEVICE_OBJECT DeviceToVerify;
+  ULONG ReadClusterSize;
+  UCHAR ForwardClusterOnly;
+  UCHAR DisablePageFaultClustering;
+  UCHAR DeadThread;
+  UCHAR HideFromDebugger;
+  ULONG HasTerminated;
+#ifdef _ENABLE_THRDEVTPAIR
+  PVOID EventPair;
+#endif /* _ENABLE_THRDEVTPAIR */
+  ACCESS_MASK GrantedAccess;
+  struct _EPROCESS *ThreadsProcess;
+  PKSTART_ROUTINE StartAddress;
+  LPTHREAD_START_ROUTINE Win32StartAddress;
+  ULONG LpcReceivedMessageId;
+  UCHAR LpcExitThreadCalled;
+  UCHAR HardErrorsAreDisabled;
+  UCHAR LpcReceivedMsgIdValid;
+  UCHAR ActiveImpersonationInfo;
+  ULONG PerformanceCountHigh;
+  LIST_ENTRY ThreadListEntry;

 } ETHREAD;
 
 #include <poppack.h>

@@ -459,8 +450,10 @@

 VOID PiInitApcManagement(VOID);
 VOID STDCALL PiDeleteThread(PVOID ObjectBody);
 VOID PsReapThreads(VOID);

+VOID PsInitializeThreadReaper(VOID);
+VOID PsQueueThreadReap(PETHREAD Thread);

 NTSTATUS 

-PsInitializeThread(HANDLE ProcessHandle,

+PsInitializeThread(PEPROCESS Process,

 		   PETHREAD* ThreadPtr,
 		   PHANDLE ThreadHandle,
 		   ACCESS_MASK DesiredAccess,

@@ -503,7 +496,7 @@

 
 VOID 
 KeInitializeThread(PKPROCESS Process, PKTHREAD Thread, BOOLEAN First);

-NTSTATUS KeReleaseThread(PETHREAD Thread);

+NTSTATUS KeReleaseThread(PKTHREAD Thread);

 
 VOID
 STDCALL

@@ -520,6 +513,8 @@

 
 VOID STDCALL PiDeleteProcess(PVOID ObjectBody);
 VOID PsReapThreads(VOID);

+VOID PsInitializeThreadReaper(VOID);
+VOID PsQueueThreadReap(PETHREAD Thread);

 VOID PsUnfreezeOtherThread(PETHREAD Thread);
 VOID PsFreezeOtherThread(PETHREAD Thread);
 VOID PsFreezeProcessThreads(PEPROCESS Process);

@@ -555,8 +550,7 @@

 VOID
 PsInitialiseSuspendImplementation(VOID);
 

-extern ULONG PiNrThreadsAwaitingReaping;
-

+extern LONG PiNrThreadsAwaitingReaping;

 
 NTSTATUS
 PsInitWin32Thread (PETHREAD Thread);

@@ -643,6 +637,32 @@

 
 VOID INIT_FUNCTION PsInitJobManagment(VOID);
 

+/* CID */
+
+typedef struct _CID_OBJECT
+{
+  LONG ref;
+  HANDLE Handle;
+  LIST_ENTRY Entry;
+  LONG Lock;
+  union
+  {
+    struct _EPROCESS *Process;
+    struct _ETHREAD *Thread;
+    PVOID Object;
+  } Obj;
+} CID_OBJECT, *PCID_OBJECT;
+
+NTSTATUS PsCreateCidHandle(PVOID Object, POBJECT_TYPE ObjectType, PHANDLE Handle);
+NTSTATUS PsDeleteCidHandle(HANDLE CidHandle, POBJECT_TYPE ObjectType);
+PCID_OBJECT PsLockCidHandle(HANDLE CidHandle, POBJECT_TYPE ObjectType);
+VOID PsUnlockCidObject(PCID_OBJECT CidObject);
+
+#define ETHREAD_TO_KTHREAD(pEThread) (&(pEThread)->Tcb)
+#define KTHREAD_TO_ETHREAD(pKThread) (CONTAINING_RECORD((pKThread), ETHREAD, Tcb))
+#define EPROCESS_TO_KPROCESS(pEProcess) (&(pEProcess)->Pcb)
+#define KPROCESS_TO_EPROCESS(pKProcess) (CONTAINING_RECORD((pKProcess), EPROCESS, Pcb))
+

 #endif /* ASSEMBLER */
 
 #endif /* __INCLUDE_INTERNAL_PS_H */

reactos/ntoskrnl/kd

diff -u -r1.23 -r1.24
--- gdbstub.c	15 Aug 2004 16:39:04 -0000	1.23
+++ gdbstub.c	28 Sep 2004 15:02:29 -0000	1.24
@@ -87,8 +87,6 @@

 #define NDEBUG
 #include <internal/debug.h>
 

-extern LIST_ENTRY PiThreadListHead;
-

 
 /************************************************************************/
 /* BUFMAX defines the maximum number of characters in inbound/outbound buffers*/

@@ -108,6 +106,8 @@

 static PETHREAD GspDbgThread;
 static PETHREAD GspEnumThread;
 

+extern LIST_ENTRY PsProcessListHead;
+

 /* Number of Registers.  */
 #define NUMREGS	16
 

@@ -650,14 +650,6 @@

       /* All threads */
       ThreadInfo = NULL;
     }

-    else if (strcmp (Data, "0") == 0)
-    {
-       /* Pick any thread, pick the first thread,
-        * which is what most people are interested in
-        */
-       ThreadInfo = CONTAINING_RECORD (PiThreadListHead.Flink,
-         ETHREAD, Tcb.ThreadListEntry);
-    }

     else
     {
       ULONG ThreadId;

@@ -747,32 +739,89 @@

   }
   else if (strncmp (Command, "fThreadInfo", 11) == 0)
   {

+    PEPROCESS Process;
+    PLIST_ENTRY AThread, AProcess;

     PCHAR ptr = &GspOutBuffer[1];
 
     /* Get first thread id */

-    GspOutBuffer[0] = 'm';
-    GspEnumThread = CONTAINING_RECORD (PiThreadListHead.Flink,
-      ETHREAD, Tcb.ThreadListEntry);
-    Value = (ULONG) GspEnumThread->Cid.UniqueThread;
-    GspLong2Hex (&ptr, Value);

+    GspEnumThread = NULL;
+    AProcess = PsProcessListHead.Flink;
+    while(AProcess != &PsProcessListHead)
+    {
+      Process = CONTAINING_RECORD(AProcess, EPROCESS, ProcessListEntry);
+      AThread = Process->ThreadListHead.Flink;
+      if(AThread != &Process->ThreadListHead)
+      {
+        GspEnumThread = CONTAINING_RECORD (Process->ThreadListHead.Flink,
+                                           ETHREAD, ThreadListEntry);
+        break;
+      }
+      AProcess = AProcess->Flink;
+    }
+    if(GspEnumThread != NULL)
+    {
+      GspOutBuffer[0] = 'm';
+      Value = (ULONG) GspEnumThread->Cid.UniqueThread;
+      GspLong2Hex (&ptr, Value);
+    }
+    else
+    {
+      /* FIXME - what to do here? This case should never happen though, there
+                 should always be at least one thread on the system... */
+      /* GspOutBuffer[0] = 'l'; */
+    }

   }
   else if (strncmp (Command, "sThreadInfo", 11) == 0)
   {

+    PEPROCESS Process;
+    PLIST_ENTRY AThread, AProcess;

     PCHAR ptr = &GspOutBuffer[1];
 
     /* Get next thread id */

-    if ((GspEnumThread) && (GspEnumThread->Tcb.ThreadListEntry.Flink != PiThreadListHead.Flink))

+    if (GspEnumThread != NULL)

     {

-      GspEnumThread = CONTAINING_RECORD (GspEnumThread->Tcb.ThreadListEntry.Flink,
-        ETHREAD, Tcb.ThreadListEntry);
-	    GspOutBuffer[0] = 'm';
-	    Value = (ULONG) GspEnumThread->Cid.UniqueThread;
-      GspLong2Hex (&ptr, Value);

+      /* find the next thread */
+      Process = GspEnumThread->ThreadsProcess;
+      if(GspEnumThread->ThreadListEntry.Flink != &Process->ThreadListHead)
+      {
+        GspEnumThread = CONTAINING_RECORD (GspEnumThread->ThreadListEntry.Flink,
+                                           ETHREAD, ThreadListEntry);
+      }
+      else
+      {
+        PETHREAD Thread = NULL;
+        AProcess = Process->ProcessListEntry.Flink;
+        while(AProcess != &PsProcessListHead)
+        {
+          Process = CONTAINING_RECORD(AProcess, EPROCESS, ProcessListEntry);
+          AThread = Process->ThreadListHead.Flink;
+          if(AThread != &Process->ThreadListHead)
+          {
+            Thread = CONTAINING_RECORD (Process->ThreadListHead.Flink,
+                                        ETHREAD, ThreadListEntry);
+            break;
+          }
+          AProcess = AProcess->Flink;
+        }
+        GspEnumThread = Thread;
+      }
+
+      if(GspEnumThread != NULL)
+      {
+        /* return the ID */
+        GspOutBuffer[0] = 'm';
+        Value = (ULONG) GspEnumThread->Cid.UniqueThread;
+        GspLong2Hex (&ptr, Value);
+      }
+      else
+      {
+        GspOutBuffer[0] = 'l';
+      }
+    }
+    else
+    {
+      GspOutBuffer[0] = 'l';

     }

-		else
-		{
-	    GspOutBuffer[0] = 'l';
-		}

   }
   else if (strncmp (Command, "ThreadExtraInfo", 15) == 0)
   {

reactos/ntoskrnl/ke

diff -u -r1.61 -r1.62
--- apc.c	20 Sep 2004 08:17:44 -0000	1.61
+++ apc.c	28 Sep 2004 15:02:29 -0000	1.62
@@ -36,7 +36,6 @@

 /* GLOBALS *******************************************************************/
 
 KSPIN_LOCK PiApcLock;

-extern KSPIN_LOCK PiThreadListLock;

 
 VOID PsTerminateCurrentThread(NTSTATUS ExitStatus);
 

reactos/ntoskrnl/ke

diff -u -r1.45 -r1.46
--- bug.c	15 Aug 2004 16:39:05 -0000	1.45
+++ bug.c	28 Sep 2004 15:02:29 -0000	1.46
@@ -16,7 +16,7 @@

  *  along with this program; if not, write to the Free Software
  *  Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
  */

-/* $Id: bug.c,v 1.45 2004/08/15 16:39:05 chorns Exp $

+/* $Id: bug.c,v 1.46 2004/09/28 15:02:29 weiden Exp $

  *
  * PROJECT:         ReactOS kernel
  * FILE:            ntoskrnl/ke/bug.c

@@ -40,8 +40,6 @@

 static LIST_ENTRY BugcheckCallbackListHead = {NULL,NULL};
 static ULONG InBugCheck;
 

-VOID PsDumpThreads(VOID);
-

 /* FUNCTIONS *****************************************************************/
 
 VOID INIT_FUNCTION

reactos/ntoskrnl/ke

diff -u -r1.52 -r1.53
--- kthread.c	27 Aug 2004 10:24:04 -0000	1.52
+++ kthread.c	28 Sep 2004 15:02:29 -0000	1.53
@@ -16,7 +16,7 @@

  *  along with this program; if not, write to the Free Software
  *  Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
  */

-/* $Id: kthread.c,v 1.52 2004/08/27 10:24:04 hbirr Exp $

+/* $Id: kthread.c,v 1.53 2004/09/28 15:02:29 weiden Exp $

  *
  * FILE:            ntoskrnl/ke/kthread.c
  * PURPOSE:         Microkernel thread support

@@ -76,7 +76,7 @@

 }
 
 NTSTATUS 

-KeReleaseThread(PETHREAD Thread)

+KeReleaseThread(PKTHREAD Thread)

 /*
  * FUNCTION: Releases the resource allocated for a thread by
  * KeInitializeThread

@@ -85,20 +85,23 @@

 {
   extern unsigned int init_stack;
 

-  if (Thread->Tcb.StackLimit != (ULONG)&init_stack)

+  /* FIXME - lock the process */
+  RemoveEntryList(&Thread->ThreadListEntry);
+  
+  if (Thread->StackLimit != (ULONG)&init_stack)

     {       
       MmLockAddressSpace(MmGetKernelAddressSpace());
       MmFreeMemoryArea(MmGetKernelAddressSpace(),

-		       (PVOID)Thread->Tcb.StackLimit,

+		       (PVOID)Thread->StackLimit,

 		       MM_STACK_SIZE,
 		       KeFreeStackPage,
 		       NULL);
       MmUnlockAddressSpace(MmGetKernelAddressSpace());
     }

-  Thread->Tcb.StackLimit = 0;
-  Thread->Tcb.InitialStack = NULL;
-  Thread->Tcb.StackBase = NULL;
-  Thread->Tcb.KernelStack = NULL;

+  Thread->StackLimit = 0;
+  Thread->InitialStack = NULL;
+  Thread->StackBase = NULL;
+  Thread->KernelStack = NULL;

   return(STATUS_SUCCESS);
 }
 

@@ -274,7 +277,7 @@

   Thread->KernelStackResident = 1;
   Thread->NextProcessor = 0;
   Thread->CallbackStack = NULL;

-  Thread->Win32Thread = 0;

+  Thread->Win32Thread = NULL;

   Thread->TrapFrame = NULL;
   Thread->ApcStatePointer[OriginalApcEnvironment] = &Thread->ApcState;
   Thread->ApcStatePointer[AttachedApcEnvironment] = &Thread->SavedApcState;

@@ -304,16 +307,10 @@

 		  KernelMode,
 		  NULL);
   KeInitializeSemaphore(&Thread->SuspendSemaphore, 0, 128);

-  Thread->ThreadListEntry.Flink = NULL;
-  Thread->ThreadListEntry.Blink = NULL;

+  InsertTailList(&Process->ThreadListHead,
+                 &Thread->ThreadListEntry);

   Thread->FreezeCount = 0;
   Thread->SuspendCount = 0;

-  
-  /*
-   * Initialize ReactOS specific members
-   */
-  Thread->ProcessThreadListEntry.Flink = NULL;
-  Thread->ProcessThreadListEntry.Blink = NULL;

    
    /*
     * Do x86 specific part

reactos/ntoskrnl/ke

diff -u -r1.77 -r1.78
--- timer.c	21 Aug 2004 21:19:06 -0000	1.77
+++ timer.c	28 Sep 2004 15:02:29 -0000	1.78
@@ -1,4 +1,4 @@

-/* $Id: timer.c,v 1.77 2004/08/21 21:19:06 tamlin Exp $

+/* $Id: timer.c,v 1.78 2004/09/28 15:02:29 weiden Exp $

  *
  * COPYRIGHT:      See COPYING in the top level directory
  * PROJECT:        ReactOS kernel

@@ -65,7 +65,6 @@

 
 /* must raise IRQL to PROFILE_LEVEL and grab spin lock there, to sync with ISR */
 

-extern ULONG PiNrRunnableThreads;

 extern HANDLE PsIdleThreadHandle;
 
 #define MICROSECONDS_PER_TICK (10000)

reactos/ntoskrnl/ke/i386

diff -u -r1.17 -r1.18
--- tskswitch.S	31 Aug 2004 20:17:18 -0000	1.17
+++ tskswitch.S	28 Sep 2004 15:02:29 -0000	1.18
@@ -158,7 +158,7 @@

 	 */
 	sti
 	

-	push	$_PiThreadListLock

+	push	$_PiThreadLock

 	call	_KeReleaseSpinLockFromDpcLevel@4
 	
 	cmpl	$0, _PiNrThreadsAwaitingReaping

reactos/ntoskrnl/nt

diff -u -r1.22 -r1.23
--- evtpair.c	15 Aug 2004 16:39:09 -0000	1.22
+++ evtpair.c	28 Sep 2004 15:02:29 -0000	1.23
@@ -1,4 +1,4 @@

-/* $Id: evtpair.c,v 1.22 2004/08/15 16:39:09 chorns Exp $

+/* $Id: evtpair.c,v 1.23 2004/09/28 15:02:29 weiden Exp $

  *
  * COPYRIGHT:       See COPYING in the top level directory
  * PROJECT:         ReactOS kernel

@@ -330,6 +330,8 @@

    return(STATUS_SUCCESS);
 }
 

+#ifdef _ENABLE_THRDEVTPAIR
+

 /*
  * Author: Skywing (skywing@valhallalegends.com), 09/08/2003
  * Note that the eventpair spinlock must be acquired when setting the thread

@@ -465,4 +467,30 @@

 	KeReleaseSpinLock(&ExThreadEventPairSpinLock, Irql);
 }
 

+#else /* !_ENABLE_THRDEVTPAIR */
+
+NTSTATUS
+NTSYSAPI
+NTAPI
+NtSetLowWaitHighThread(
+	VOID
+	)
+{
+        DPRINT1("NtSetLowWaitHighThread() not supported anymore (NT4 only)!\n");
+        return STATUS_NOT_IMPLEMENTED;
+}
+
+NTSTATUS
+NTSYSAPI
+NTAPI
+NtSetHighWaitLowThread(
+	VOID
+	)
+{
+        DPRINT1("NtSetHighWaitLowThread() not supported anymore (NT4 only)!\n");
+        return STATUS_NOT_IMPLEMENTED;
+}
+
+#endif /* _ENABLE_THRDEVTPAIR */
+

 /* EOF */

reactos/ntoskrnl/ob

diff -u -r1.61 -r1.62
--- handle.c	24 Sep 2004 16:18:28 -0000	1.61
+++ handle.c	28 Sep 2004 15:02:29 -0000	1.62
@@ -16,7 +16,7 @@

  *  along with this program; if not, write to the Free Software
  *  Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
  */

-/* $Id: handle.c,v 1.61 2004/09/24 16:18:28 weiden Exp $

+/* $Id: handle.c,v 1.62 2004/09/28 15:02:29 weiden Exp $

  *
  * COPYRIGHT:          See COPYING in the top level directory
  * PROJECT:            ReactOS kernel

@@ -414,11 +414,13 @@

 	       {
 		  POBJECT_HEADER Header = BODY_TO_HEADER(ObjectBody);
 		  

-		  if (Header->ObjectType == PsProcessType ||

+#if 0
+                  if (Header->ObjectType == PsProcessType ||

 		      Header->ObjectType == PsThreadType)
 		    {
 		       DPRINT("Deleting handle to %x\n", ObjectBody);
 		    }

+#endif

 		  
 		  ObReferenceObjectByPointer(ObjectBody,
 					     0,

reactos/ntoskrnl/ps

diff -N cid.c
--- /dev/null	1 Jan 1970 00:00:00 -0000
+++ cid.c	28 Sep 2004 15:02:29 -0000	1.1
@@ -0,0 +1,183 @@

+/* $Id: cid.c,v 1.1 2004/09/28 15:02:29 weiden Exp $
+ *
+ * COPYRIGHT:         See COPYING in the top level directory
+ * PROJECT:           ReactOS kernel
+ * FILE:              ntoskrnl/ps/clientid.c
+ * PURPOSE:           Client ID (CID) management
+ * PROGRAMMER:        Thomas Weidenmueller <w3seek@reactos.com>
+ * REVISION HISTORY:
+ *              9/20/2004: Created
+ */
+
+/* INCLUDES ******************************************************************/
+
+#include <ntoskrnl.h>
+#define NDEBUG
+#include <internal/debug.h>
+
+/* GLOBALS ******************************************************************/
+
+/*
+ * FIXME - use a global handle table instead!
+ */
+
+KSPIN_LOCK CidLock;
+LIST_ENTRY CidHead;
+KEVENT CidReleaseEvent;
+LONG CidCounter = 0;
+LARGE_INTEGER ShortDelay, LongDelay;
+
+#define TAG_CIDOBJECT TAG('C', 'I', 'D', 'O')
+
+/* FUNCTIONS *****************************************************************/
+
+VOID INIT_FUNCTION
+PsInitClientIDManagment(VOID)
+{
+   InitializeListHead(&CidHead);
+   KeInitializeSpinLock(&CidLock);
+   KeInitializeEvent(&CidReleaseEvent, SynchronizationEvent, FALSE);
+   ShortDelay.QuadPart = -100LL;
+   LongDelay.QuadPart = -100000LL;
+}
+
+VOID
+PspReferenceCidObject(PCID_OBJECT Object)
+{
+  InterlockedIncrement(&Object->ref);
+}
+
+VOID
+PspDereferenceCidObject(PCID_OBJECT Object)
+{
+  if(InterlockedDecrement(&Object->ref) == 0)
+  {
+    ExFreePool(Object);
+  }
+}
+
+NTSTATUS
+PsCreateCidHandle(PVOID Object, POBJECT_TYPE ObjectType, PHANDLE Handle)
+{
+  KIRQL oldIrql;
+  PCID_OBJECT cido = ExAllocatePoolWithTag(NonPagedPool,
+                                           sizeof(CID_OBJECT),
+                                           TAG_CIDOBJECT);
+  if(cido != NULL)
+  {
+    cido->ref = 1;
+    cido->Lock = 0;
+    cido->Obj.Object = Object;
+
+    KeAcquireSpinLock(&CidLock, &oldIrql);
+    cido->Handle = (HANDLE)(++CidCounter);
+    InsertTailList(&CidHead, &cido->Entry);
+    KeReleaseSpinLock(&CidLock, oldIrql);
+
+    *Handle = cido->Handle;
+    return STATUS_SUCCESS;
+  }
+  
+  return STATUS_INSUFFICIENT_RESOURCES;
+}
+
+NTSTATUS
+PsDeleteCidHandle(HANDLE CidHandle, POBJECT_TYPE ObjectType)
+{
+  PCID_OBJECT cido, Found = NULL;
+  PLIST_ENTRY Current;
+  KIRQL oldIrql;
+  
+  if(CidHandle == NULL)
+  {
+    return STATUS_INVALID_PARAMETER;
+  }
+  
+  KeAcquireSpinLock(&CidLock, &oldIrql);
+  Current = CidHead.Flink;
+  while(Current != &CidHead)
+  {
+    cido = CONTAINING_RECORD(Current, CID_OBJECT, Entry);
+    if(cido->Handle == CidHandle)
+    {
+      RemoveEntryList(&cido->Entry);
+      cido->Handle = NULL;
+      Found = cido;
+      break;
+    }
+    Current = Current->Flink;
+  }
+  KeReleaseSpinLock(&CidLock, oldIrql);
+
+  if(Found != NULL)
+  {
+    PspDereferenceCidObject(Found);
+    return STATUS_SUCCESS;
+  }
+
+  return STATUS_UNSUCCESSFUL;
+}
+
+PCID_OBJECT
+PsLockCidHandle(HANDLE CidHandle, POBJECT_TYPE ObjectType)
+{
+  PCID_OBJECT cido, Found = NULL;
+  PLIST_ENTRY Current;
+  KIRQL oldIrql;
+  
+  if(CidHandle == NULL)
+  {
+    return NULL;
+  }
+  
+  KeAcquireSpinLock(&CidLock, &oldIrql);
+  Current = CidHead.Flink;
+  while(Current != &CidHead)
+  {
+    cido = CONTAINING_RECORD(Current, CID_OBJECT, Entry);
+    if(cido->Handle == CidHandle)
+    {
+      Found = cido;
+      PspReferenceCidObject(Found);
+      break;
+    }
+    Current = Current->Flink;
+  }
+  KeReleaseSpinLock(&CidLock, oldIrql);
+  
+  if(Found != NULL)
+  {
+    BOOL GotLock;
+    ULONG Attempt = 0;
+    do
+    {
+      if(InterlockedCompareExchange(&Found->Lock, 1, 0) == 0)
+      {
+        /* got the lock, bail */
+        break;
+      }
+
+      if(Attempt++ >= 1)
+      {
+        /* wait a little longer */
+        KeDelayExecutionThread(KernelMode, FALSE, &LongDelay);
+      }
+      else
+      {
+        /* try again, just wait shortly */
+        KeDelayExecutionThread(KernelMode, FALSE, &ShortDelay);
+      }
+    } while(!GotLock);
+  }
+  
+  return Found;
+}
+
+VOID
+PsUnlockCidObject(PCID_OBJECT CidObject)
+{
+  InterlockedExchange(&CidObject->Lock, 0);
+  PspDereferenceCidObject(CidObject);
+}
+
+/* EOF */

reactos/ntoskrnl/ps

diff -u -r1.80 -r1.81
--- create.c	31 Aug 2004 06:08:38 -0000	1.80
+++ create.c	28 Sep 2004 15:02:29 -0000	1.81
@@ -1,4 +1,4 @@

-/* $Id: create.c,v 1.80 2004/08/31 06:08:38 navaraf Exp $

+/* $Id: create.c,v 1.81 2004/09/28 15:02:29 weiden Exp $

  *
  * COPYRIGHT:              See COPYING in the top level directory
  * PROJECT:                ReactOS kernel

@@ -27,12 +27,7 @@

 
 /* GLOBAL *******************************************************************/
 

-static ULONG PiNextThreadUniqueId = 0;
-
-extern KSPIN_LOCK PiThreadListLock;
-extern ULONG PiNrThreads;
-
-extern LIST_ENTRY PiThreadListHead;

+extern KSPIN_LOCK PiThreadLock;

 
 #define MAX_THREAD_NOTIFY_ROUTINE_COUNT    8
 

@@ -138,7 +133,7 @@

   if (Thread->ImpersonationInfo == NULL)
     {
       Thread->ImpersonationInfo = ExAllocatePool (NonPagedPool,

-						  sizeof(PS_IMPERSONATION_INFO));

+						  sizeof(PS_IMPERSONATION_INFORMATION));

     }
 
   Thread->ImpersonationInfo->Level = ImpersonationLevel;

@@ -380,28 +375,28 @@

 VOID STDCALL
 PiDeleteThread(PVOID ObjectBody)
 {

-  KIRQL oldIrql;

   PETHREAD Thread;

+  PEPROCESS Process;

 
   Thread = (PETHREAD)ObjectBody;
 
   DPRINT("PiDeleteThread(ObjectBody %x)\n",ObjectBody);
 

-  ObDereferenceObject(Thread->ThreadsProcess);

+  Process = Thread->ThreadsProcess;

   Thread->ThreadsProcess = NULL;
 

-  KeAcquireSpinLock(&PiThreadListLock, &oldIrql);
-  PiNrThreads--;
-  RemoveEntryList(&Thread->Tcb.ThreadListEntry);
-  KeReleaseSpinLock(&PiThreadListLock, oldIrql);

+  PsDeleteCidHandle(Thread->Cid.UniqueThread, PsThreadType);

-  KeReleaseThread(Thread);

+  KeReleaseThread(ETHREAD_TO_KTHREAD(Thread));
+  
+  ObDereferenceObject(Process);
+  

   DPRINT("PiDeleteThread() finished\n");
 }
 
 
 NTSTATUS

-PsInitializeThread(HANDLE ProcessHandle,

+PsInitializeThread(PEPROCESS Process,

 		   PETHREAD* ThreadPtr,
 		   PHANDLE ThreadHandle,
 		   ACCESS_MASK	DesiredAccess,

@@ -411,34 +406,19 @@

    PETHREAD Thread;
    NTSTATUS Status;
    KIRQL oldIrql;

-   PEPROCESS Process;

-   /*
-    * Reference process
-    */
-   if (ProcessHandle != NULL)
-     {
-	Status = ObReferenceObjectByHandle(ProcessHandle,
-					   PROCESS_CREATE_THREAD,
-					   PsProcessType,
-					   UserMode,
-					   (PVOID*)&Process,
-					   NULL);
-	if (Status != STATUS_SUCCESS)
-	  {
-	     DPRINT("Failed at %s:%d\n",__FILE__,__LINE__);
-	     return(Status);
-	  }
-	DPRINT( "Creating thread in process %x\n", Process );
-     }
-   else

+   if (Process == NULL)

      {
 	Process = PsInitialSystemProcess;

-	ObReferenceObjectByPointer(Process,
-				   PROCESS_CREATE_THREAD,
-				   PsProcessType,
-				   UserMode);

      }

+
+   /*
+    * Reference process
+    */
+   ObReferenceObjectByPointer(Process,
+                              PROCESS_CREATE_THREAD,
+                              PsProcessType,
+                              KernelMode);

    
    /*
     * Create and initialize thread

@@ -454,9 +434,21 @@

 			   (PVOID*)&Thread);
    if (!NT_SUCCESS(Status))
      {

-	return(Status);

+        ObDereferenceObject (Process);
+        return(Status);

      }
 

+  /* create a client id handle */
+  Status = PsCreateCidHandle(Thread, PsThreadType, &Thread->Cid.UniqueThread);
+  if (!NT_SUCCESS(Status))
+    {
+      ObDereferenceObject (Thread);
+      ObDereferenceObject (Process);
+      return Status;
+    }
+  Thread->ThreadsProcess = Process;
+  Thread->Cid.UniqueProcess = (HANDLE)Thread->ThreadsProcess->UniqueProcessId;
+  

   Status = ObInsertObject ((PVOID)Thread,
 			   NULL,
 			   DesiredAccess,

@@ -466,27 +458,23 @@

   if (!NT_SUCCESS(Status))
     {
       ObDereferenceObject (Thread);

+      ObDereferenceObject (Process);

       return Status;
     }
 
    DPRINT("Thread = %x\n",Thread);

-   
-   PiNrThreads++;
-   

+

    KeInitializeThread(&Process->Pcb, &Thread->Tcb, First);

-   Thread->ThreadsProcess = Process;

    InitializeListHead(&Thread->TerminationPortList);
    KeInitializeSpinLock(&Thread->ActiveTimerListLock);
    InitializeListHead(&Thread->IrpList);

-   Thread->Cid.UniqueThread = (HANDLE)InterlockedIncrement(
-					      (LONG *)&PiNextThreadUniqueId);
-   Thread->Cid.UniqueProcess = (HANDLE)Thread->ThreadsProcess->UniqueProcessId;
-   Thread->DeadThread = 0;
-   Thread->Win32Thread = 0;

+   Thread->DeadThread = FALSE;
+   Thread->HasTerminated = FALSE;
+   Thread->Tcb.Win32Thread = NULL;

    DPRINT("Thread->Cid.UniqueThread %d\n",Thread->Cid.UniqueThread);
    
 

-   Thread->Tcb.BasePriority = (CHAR)Thread->ThreadsProcess->Pcb.BasePriority;

+   Thread->Tcb.BasePriority = (CHAR)Process->Pcb.BasePriority;

    Thread->Tcb.Priority = Thread->Tcb.BasePriority;
 
    /*

@@ -499,11 +487,10 @@

    Thread->LpcExitThreadCalled = FALSE;
    Thread->LpcReceivedMsgIdValid = FALSE;
 

-   KeAcquireSpinLock(&PiThreadListLock, &oldIrql);
-   InsertTailList(&Thread->ThreadsProcess->ThreadListHead, 
-		  &Thread->Tcb.ProcessThreadListEntry);
-   InsertTailList(&PiThreadListHead, &Thread->Tcb.ThreadListEntry);
-   KeReleaseSpinLock(&PiThreadListLock, oldIrql);

+   KeAcquireSpinLock(&PiThreadLock, &oldIrql);
+   InsertTailList(&Process->ThreadListHead,
+		  &Thread->ThreadListEntry);
+   KeReleaseSpinLock(&PiThreadLock, oldIrql);

 
    *ThreadPtr = Thread;
 

@@ -661,6 +648,7 @@

 	       PUSER_STACK UserStack,
 	       BOOLEAN CreateSuspended)
 {

+  PEPROCESS Process;

   PETHREAD Thread;
   PTEB TebBase;
   NTSTATUS Status;

@@ -669,12 +657,26 @@

   DPRINT("NtCreateThread(ThreadHandle %x, PCONTEXT %x)\n",
 	 ThreadHandle,ThreadContext);
 

-  Status = PsInitializeThread(ProcessHandle,

+  Status = ObReferenceObjectByHandle(ProcessHandle,
+                                     PROCESS_CREATE_THREAD,
+                                     PsProcessType,
+                                     UserMode,
+                                     (PVOID*)&Process,
+                                     NULL);
+  if(!NT_SUCCESS(Status))
+  {
+    return(Status);
+  }
+
+  Status = PsInitializeThread(Process,

 			      &Thread,
 			      ThreadHandle,
 			      DesiredAccess,
 			      ObjectAttributes,
 			      FALSE);

+
+  ObDereferenceObject(Process);
+

   if (!NT_SUCCESS(Status))
     {
       return(Status);

@@ -778,7 +780,7 @@

    DPRINT("PsCreateSystemThread(ThreadHandle %x, ProcessHandle %x)\n",
 	    ThreadHandle,ProcessHandle);
    

-   Status = PsInitializeThread(ProcessHandle,

+   Status = PsInitializeThread(NULL,

 			       &Thread,
 			       ThreadHandle,
 			       DesiredAccess,

reactos/ntoskrnl/ps

diff -u -r1.75 -r1.76
--- kill.c	14 Sep 2004 18:37:40 -0000	1.75
+++ kill.c	28 Sep 2004 15:02:29 -0000	1.76
@@ -1,4 +1,4 @@

-/* $Id: kill.c,v 1.75 2004/09/14 18:37:40 gvg Exp $

+/* $Id: kill.c,v 1.76 2004/09/28 15:02:29 weiden Exp $

  *
  * COPYRIGHT:       See COPYING in the top level directory
  * PROJECT:         ReactOS kernel

@@ -17,45 +17,78 @@

 
 /* GLOBALS *******************************************************************/
 

-extern ULONG PiNrThreads;
-extern ULONG PiNrRunnableThreads;
-extern KSPIN_LOCK PiThreadListLock;
-extern LIST_ENTRY PiThreadListHead;

+extern KSPIN_LOCK PiThreadLock;

 extern KSPIN_LOCK PiApcLock;
 
 VOID PsTerminateCurrentThread(NTSTATUS ExitStatus);
 
 #define TAG_TERMINATE_APC   TAG('T', 'A', 'P', 'C')
 

+LIST_ENTRY ThreadsToReapHead;
+

 /* FUNCTIONS *****************************************************************/
 
 VOID

+PsInitializeThreadReaper(VOID)
+{
+  InitializeListHead(&ThreadsToReapHead);
+}
+
+VOID
+PsReapThreads(VOID)
+{
+  KIRQL oldlvl;
+  PETHREAD Thread;
+  PLIST_ENTRY ListEntry;
+
+  KeAcquireSpinLock(&PiThreadLock, &oldlvl);
+  while((ListEntry = RemoveHeadList(&ThreadsToReapHead)) != &ThreadsToReapHead)
+  {
+    PiNrThreadsAwaitingReaping--;
+    KeReleaseSpinLock(&PiThreadLock, oldlvl);
+    
+    Thread = CONTAINING_RECORD(ListEntry, ETHREAD, TerminationPortList);
+
+    ObDereferenceObject(Thread);
+
+    KeAcquireSpinLock(&PiThreadLock, &oldlvl);
+  }
+  KeReleaseSpinLock(&PiThreadLock, oldlvl);
+}
+
+VOID
+PsQueueThreadReap(PETHREAD Thread)
+{
+  InsertTailList(&ThreadsToReapHead, &Thread->TerminationPortList);
+  PiNrThreadsAwaitingReaping++;
+}
+
+VOID

 PiTerminateProcessThreads(PEPROCESS Process,
 			  NTSTATUS ExitStatus)
 {
    KIRQL oldlvl;
    PLIST_ENTRY current_entry;

-   PETHREAD current;

+   PETHREAD current, CurrentThread = PsGetCurrentThread();

    
    DPRINT("PiTerminateProcessThreads(Process %x, ExitStatus %x)\n",
 	  Process, ExitStatus);
    

-   KeAcquireSpinLock(&PiThreadListLock, &oldlvl);

+   KeAcquireSpinLock(&PiThreadLock, &oldlvl);

 
    current_entry = Process->ThreadListHead.Flink;
    while (current_entry != &Process->ThreadListHead)
      {
 	current = CONTAINING_RECORD(current_entry, ETHREAD,

-				    Tcb.ProcessThreadListEntry);
-	if (current != PsGetCurrentThread() &&
-	    current->DeadThread == 0)

+				    ThreadListEntry);
+	if (current != CurrentThread && current->HasTerminated == 0)

 	  {
 	     DPRINT("Terminating %x, current thread: %x, "
 		    "thread's process: %x\n", current, PsGetCurrentThread(), 
 		    current->ThreadsProcess);

-	     KeReleaseSpinLock(&PiThreadListLock, oldlvl);

+	     KeReleaseSpinLock(&PiThreadLock, oldlvl);

 	     PsTerminateOtherThread(current, ExitStatus);

-	     KeAcquireSpinLock(&PiThreadListLock, &oldlvl);

+	     KeAcquireSpinLock(&PiThreadLock, &oldlvl);

 	     current_entry = Process->ThreadListHead.Flink;
 	  }
 	else

@@ -63,49 +96,11 @@

 	     current_entry = current_entry->Flink;
 	  }
      }

-   KeReleaseSpinLock(&PiThreadListLock, oldlvl);

+   KeReleaseSpinLock(&PiThreadLock, oldlvl);

    DPRINT("Finished PiTerminateProcessThreads()\n");
 }
 
 VOID

-PsReapThreads(VOID)
-{
-   PLIST_ENTRY current_entry;
-   PETHREAD current;
-   KIRQL oldIrql;
-   
-   KeAcquireSpinLock(&PiThreadListLock, &oldIrql);
-   
-   current_entry = PiThreadListHead.Flink;
-   
-   while (current_entry != &PiThreadListHead)
-     {
-	current = CONTAINING_RECORD(current_entry, ETHREAD, 
-				    Tcb.ThreadListEntry);
-	
-	current_entry = current_entry->Flink;
-	
-	if (current->Tcb.State == THREAD_STATE_TERMINATED_1)
-	  {
-	     PiNrThreadsAwaitingReaping--;
-	     current->Tcb.State = THREAD_STATE_TERMINATED_2;
-
-             /*
-              An unbelievably complex chain of events would cause a system crash
-              if PiThreadListLock was still held when the thread object is about
-              to be destroyed
-             */
-             KeReleaseSpinLock(&PiThreadListLock, oldIrql);
-	     ObDereferenceObject(current);
-             KeAcquireSpinLock(&PiThreadListLock, &oldIrql);
-
-	     current_entry = PiThreadListHead.Flink;
-	  }
-     }
-   KeReleaseSpinLock(&PiThreadListLock, oldIrql);
-}
-
-VOID

 PsTerminateCurrentThread(NTSTATUS ExitStatus)
 /*
  * FUNCTION: Terminates the current thread

@@ -133,19 +128,19 @@

                      (ULONG) CurrentThread);
      }
 

-   KeAcquireSpinLock(&PiThreadListLock, &oldIrql);

+   KeAcquireSpinLock(&PiThreadLock, &oldIrql);

 
    DPRINT("terminating %x\n",CurrentThread);
 
    CurrentThread->ExitStatus = ExitStatus;

-   KeQuerySystemTime((PLARGE_INTEGER)&CurrentThread->u1.ExitTime);

+   KeQuerySystemTime((PLARGE_INTEGER)&CurrentThread->ExitTime);

    KeCancelTimer(&CurrentThread->Tcb.Timer);
  
    /* Remove the thread from the thread list of its process */

-   RemoveEntryList(&CurrentThread->Tcb.ProcessThreadListEntry);

+   RemoveEntryList(&CurrentThread->ThreadListEntry);

    Last = IsListEmpty(&CurrentProcess->ThreadListHead);
 

-   KeReleaseSpinLock(&PiThreadListLock, oldIrql);

+   KeReleaseSpinLock(&PiThreadLock, oldIrql);

 
    /* Notify subsystems of the thread termination */
    PspRunCreateThreadNotifyRoutines(CurrentThread, FALSE);

@@ -153,13 +148,12 @@

 
    /* Free the TEB */
    if(CurrentThread->Tcb.Teb)

-    ZwFreeVirtualMemory
-    (
-     NtCurrentProcess(),
-     (PVOID *)&CurrentThread->Tcb.Teb,
-     &Length,
-     MEM_RELEASE
-    );

+   {
+     ZwFreeVirtualMemory(NtCurrentProcess(),
+                         (PVOID *)&CurrentThread->Tcb.Teb,
+                         &Length,
+                         MEM_RELEASE);
+   }

 
    /* abandon all owned mutants */
    current_entry = CurrentThread->Tcb.MutantListHead.Flink;

@@ -187,9 +181,11 @@

     PiTerminateProcess(CurrentProcess, ExitStatus);
    }
 

-   KeAcquireSpinLock(&PiThreadListLock, &oldIrql);

+   KeAcquireSpinLock(&PiThreadLock, &oldIrql);

+#ifdef _ENABLE_THRDEVTPAIR

    ExpSwapThreadEventPair(CurrentThread, NULL); /* Release the associated eventpair object, if there was one */

+#endif /* _ENABLE_THRDEVTPAIR */

    KeRemoveAllWaitsThread (CurrentThread, STATUS_UNSUCCESSFUL, FALSE);
 
    PsDispatchThreadNoLock(THREAD_STATE_TERMINATED_1);

@@ -226,7 +222,7 @@

 		       NTSTATUS ExitStatus)
 /*
  * FUNCTION: Terminate a thread when calling from another thread's context

- * NOTES: This function must be called with PiThreadListLock held

+ * NOTES: This function must be called with PiThreadLock held

  */
 {
   PKAPC Apc;

@@ -235,7 +231,7 @@

   DPRINT("PsTerminateOtherThread(Thread %x, ExitStatus %x)\n",
 	 Thread, ExitStatus);
   

-  Thread->DeadThread = 1;

+  Thread->HasTerminated = TRUE;

   Thread->ExitStatus = ExitStatus;
   Apc = ExAllocatePoolWithTag(NonPagedPool, sizeof(KAPC), TAG_TERMINATE_APC);
   KeInitializeApc(Apc,

@@ -321,6 +317,10 @@

      {
        ObDereferenceObject(Process);
        PsTerminateCurrentThread(ExitStatus);

+       /*
+        * We should never get here!
+        */
+       return(STATUS_SUCCESS);

      }
    ObDereferenceObject(Process);
    return(STATUS_SUCCESS);

@@ -345,15 +345,19 @@

 	return(Status);
      }
    

-   ObDereferenceObject(Thread);
-   

    if (Thread == PsGetCurrentThread())
      {

-	PsTerminateCurrentThread(ExitStatus);

+        /* dereference the thread object before we kill our thread */
+        ObDereferenceObject(Thread);
+        PsTerminateCurrentThread(ExitStatus);
+        /*
+         * We should never get here!
+         */

      }
    else
      {
 	PsTerminateOtherThread(Thread, ExitStatus);

+	ObDereferenceObject(Thread);

      }
    return(STATUS_SUCCESS);
 }

@@ -392,6 +396,7 @@

 	KeReleaseSpinLock(&Thread->ActiveTimerListLock, oldIrql);
 	LpcSendTerminationPort(current->Port, 
 			       Thread->CreateTime);

+	ExFreePool(current);

 	KeAcquireSpinLock(&Thread->ActiveTimerListLock, &oldIrql);
      }
    KeReleaseSpinLock(&Thread->ActiveTimerListLock, oldIrql);

@@ -419,11 +424,19 @@

      }
    
    Request = ExAllocatePool(NonPagedPool, sizeof(EPORT_TERMINATION_REQUEST));

-   Request->Port = TerminationPort;
-   Thread = PsGetCurrentThread();
-   KeAcquireSpinLock(&Thread->ActiveTimerListLock, &oldIrql);
-   InsertTailList(&Thread->TerminationPortList, &Request->ThreadListEntry);
-   KeReleaseSpinLock(&Thread->ActiveTimerListLock, oldIrql);
-   
-   return(STATUS_SUCCESS);

+   if(Request != NULL)
+   {
+     Request->Port = TerminationPort;
+     Thread = PsGetCurrentThread();
+     KeAcquireSpinLock(&Thread->ActiveTimerListLock, &oldIrql);
+     InsertTailList(&Thread->TerminationPortList, &Request->ThreadListEntry);
+     KeReleaseSpinLock(&Thread->ActiveTimerListLock, oldIrql);
+
+     return(STATUS_SUCCESS);
+   }
+   else
+   {
+     ObDereferenceObject(TerminationPort);
+     return(STATUS_INSUFFICIENT_RESOURCES);
+   }

 }

reactos/ntoskrnl/ps

diff -u -r1.141 -r1.142
--- process.c	22 Sep 2004 14:53:26 -0000	1.141
+++ process.c	28 Sep 2004 15:02:29 -0000	1.142
@@ -1,4 +1,4 @@

-/* $Id: process.c,v 1.141 2004/09/22 14:53:26 weiden Exp $

+/* $Id: process.c,v 1.142 2004/09/28 15:02:29 weiden Exp $

  *
  * COPYRIGHT:         See COPYING in the top level directory
  * PROJECT:           ReactOS kernel

@@ -25,7 +25,7 @@

 
 LIST_ENTRY PsProcessListHead;
 static KSPIN_LOCK PsProcessListLock;

-static ULONG PiNextProcessUniqueId = 0;

+static ULONG PiNextProcessUniqueId = 0; /* TODO */

 
 static GENERIC_MAPPING PiProcessMapping = {PROCESS_READ,
 					   PROCESS_WRITE,

@@ -296,6 +296,7 @@

    PsInitialSystemProcess->Pcb.LdtDescriptor[0] = 0;
    PsInitialSystemProcess->Pcb.LdtDescriptor[1] = 0;
    PsInitialSystemProcess->Pcb.BasePriority = PROCESS_PRIO_NORMAL;

+   InitializeListHead(&PsInitialSystemProcess->Pcb.ThreadListHead);

    KeInitializeDispatcherHeader(&PsInitialSystemProcess->Pcb.DispatcherHeader,
 				InternalProcessType,
 				sizeof(EPROCESS),

@@ -318,7 +319,7 @@

 #endif
 
    PsInitialSystemProcess->UniqueProcessId = 

-     InterlockedIncrement((LONG *)&PiNextProcessUniqueId);

+     InterlockedIncrement((LONG *)&PiNextProcessUniqueId); /* TODO */

    PsInitialSystemProcess->Win32WindowStation = (HANDLE)0;
    PsInitialSystemProcess->Win32Desktop = (HANDLE)0;
    

@@ -660,9 +661,10 @@

    KProcess->IopmOffset = 0xffff;
    KProcess->LdtDescriptor[0] = 0;
    KProcess->LdtDescriptor[1] = 0;

+   InitializeListHead(&KProcess->ThreadListHead);

    MmInitializeAddressSpace(Process,
 			    &Process->AddressSpace);

-   Process->UniqueProcessId = InterlockedIncrement((LONG *)&PiNextProcessUniqueId);

+   Process->UniqueProcessId = InterlockedIncrement((LONG *)&PiNextProcessUniqueId); /* TODO */

    Process->InheritedFromUniqueProcessId = 
      (HANDLE)ParentProcess->UniqueProcessId;
    ObCreateHandleTable(ParentProcess,

@@ -1501,7 +1503,7 @@

 			CurrentT = CONTAINING_RECORD(
 					CurrentEntryT,
 					KTHREAD, 

-					Tcb.ThreadListEntry

+					ThreadListEntry

 					);
 			/*
 			 * Write thread data.

reactos/ntoskrnl/ps

diff -u -r1.22 -r1.23
--- psmgr.c	22 Sep 2004 22:31:46 -0000	1.22
+++ psmgr.c	28 Sep 2004 15:02:29 -0000	1.23
@@ -1,4 +1,4 @@

-/* $Id: psmgr.c,v 1.22 2004/09/22 22:31:46 weiden Exp $

+/* $Id: psmgr.c,v 1.23 2004/09/28 15:02:29 weiden Exp $

  *
  * COPYRIGHT:               See COPYING in the top level directory
  * PROJECT:                 ReactOS kernel

@@ -13,6 +13,8 @@

 #define NDEBUG
 #include <internal/debug.h>
 

+VOID INIT_FUNCTION PsInitClientIDManagment(VOID);
+

 /* FUNCTIONS ***************************************************************/
 
 VOID PiShutdownProcessManager(VOID)

@@ -25,6 +27,7 @@

 VOID INIT_FUNCTION
 PiInitProcessManager(VOID)
 {

+   PsInitClientIDManagment();

    PsInitJobManagment();
    PsInitProcessManagment();
    PsInitThreadManagment();

reactos/ntoskrnl/ps

diff -u -r1.133 -r1.134
--- thread.c	19 Aug 2004 21:56:17 -0000	1.133
+++ thread.c	28 Sep 2004 15:02:29 -0000	1.134
@@ -1,4 +1,4 @@

-/* $Id: thread.c,v 1.133 2004/08/19 21:56:17 hbirr Exp $

+/* $Id: thread.c,v 1.134 2004/09/28 15:02:29 weiden Exp $

  *
  * COPYRIGHT:              See COPYING in the top level directory
  * PROJECT:                ReactOS kernel

@@ -28,24 +28,22 @@

 
 /* GLOBALS ******************************************************************/
 

+extern LIST_ENTRY PsProcessListHead;
+

 POBJECT_TYPE EXPORTED PsThreadType = NULL;
 

-KSPIN_LOCK PiThreadListLock;

+KSPIN_LOCK PiThreadLock;
+LONG PiNrThreadsAwaitingReaping = 0;

 
 /*
  * PURPOSE: List of threads associated with each priority level
  */

-LIST_ENTRY PiThreadListHead;

 static LIST_ENTRY PriorityListHead[MAXIMUM_PRIORITY];
 static ULONG PriorityListMask = 0;
 static BOOLEAN DoneInitYet = FALSE;
 static PETHREAD IdleThreads[MAXIMUM_PROCESSORS];

-ULONG PiNrThreads = 0;
-ULONG PiNrReadyThreads = 0;
-static HANDLE PiReaperThreadHandle;

 static KEVENT PiReaperThreadEvent;
 static BOOLEAN PiReaperThreadShouldTerminate = FALSE;

-ULONG PiNrThreadsAwaitingReaping = 0;

 
 static GENERIC_MAPPING PiThreadMapping = {THREAD_READ,
 					  THREAD_WRITE,

@@ -163,8 +161,9 @@

     PETHREAD	Thread
 	)
 {

-	return Thread->Win32Thread;

+	return Thread->Tcb.Win32Thread;

 }

+

 /*
  * @implemented
  */

@@ -207,7 +206,7 @@

 BOOLEAN STDCALL
 PsIsThreadTerminating(IN PETHREAD Thread)
 {

-  return(Thread->DeadThread);

+  return (Thread->HasTerminated ? TRUE : FALSE);

 }
 
 /*

@@ -224,7 +223,7 @@

 }
 
 /*

- * @unimplemented

+ * @implemented

  */                       
 BOOLEAN
 STDCALL

@@ -232,8 +231,7 @@

     PETHREAD	Thread
 	)
 {

-	UNIMPLEMENTED;
-	return FALSE;	

+  return Thread->ActiveImpersonationInfo;

 }
 
 static VOID

@@ -247,7 +245,6 @@

      }
    InsertTailList(&PriorityListHead[Priority], &Thread->Tcb.QueueListEntry);
    PriorityListMask |= (1 << Priority);

-   PiNrReadyThreads++;

 }
 
 static VOID PsRemoveFromThreadList(PETHREAD Thread)

@@ -258,66 +255,62 @@

      {
         PriorityListMask &= ~(1 << Thread->Tcb.Priority);
      }

-   PiNrReadyThreads--;

 }
 
 
 VOID PsDumpThreads(BOOLEAN IncludeSystem)
 {

-   PLIST_ENTRY current_entry;
-   PETHREAD current;
-   ULONG t;
-   ULONG i;
-
-   current_entry = PiThreadListHead.Flink;
-   t = 0;
-
-   while (current_entry != &PiThreadListHead)
-     {
-       PULONG Ebp;
-       PULONG Esp;
-
-       current = CONTAINING_RECORD(current_entry, ETHREAD,
-				   Tcb.ThreadListEntry);
-       t++;
-       if (t > PiNrThreads)
-	 {
-	   DbgPrint("Too many threads on list\n");
-	   return;
-	 }
-       if (IncludeSystem || current->ThreadsProcess->UniqueProcessId >= 6)
-	 {
-	   DbgPrint("current->Tcb.State %d PID.TID %d.%d Name %.8s Stack: \n",
-		    current->Tcb.State,
-		    current->ThreadsProcess->UniqueProcessId,
-		    current->Cid.UniqueThread,
-		    current->ThreadsProcess->ImageFileName);
-	   if (current->Tcb.State == THREAD_STATE_READY ||
-	       current->Tcb.State == THREAD_STATE_SUSPENDED ||
-	       current->Tcb.State == THREAD_STATE_BLOCKED)
-	     {
-	       Esp = (PULONG)current->Tcb.KernelStack;
-	       Ebp = (PULONG)Esp[3];
-	       DbgPrint("Ebp 0x%.8X\n", Ebp);
-	       i = 0;
-	       while (Ebp != 0 && Ebp >= (PULONG)current->Tcb.StackLimit)
-		 {
-		   DbgPrint("%.8X %.8X%s", Ebp[0], Ebp[1],
-			    (i % 8) == 7 ? "\n" : "  ");
-		   Ebp = (PULONG)Ebp[0];
-		   i++;
-		 }
-	       if ((i % 8) != 7)
-		 {
-		   DbgPrint("\n");
-		 }
-	     }
-	 }
-       current_entry = current_entry->Flink;

+   PLIST_ENTRY AThread, AProcess;
+   PEPROCESS Process;
+   PETHREAD Thread;
+   ULONG nThreads = 0;
+   
+   AProcess = PsProcessListHead.Flink;
+   while(AProcess != &PsProcessListHead)
+   {
+     Process = CONTAINING_RECORD(AProcess, EPROCESS, ProcessListEntry);
+     /* FIXME - skip suspended, ... processes? */
+     if((Process != PsInitialSystemProcess) ||
+        (Process == PsInitialSystemProcess && IncludeSystem))
+     {
+       AThread = Process->ThreadListHead.Flink;
+       while(AThread != &Process->ThreadListHead)
+       {
+         Thread = CONTAINING_RECORD(AThread, ETHREAD, ThreadListEntry);
+
+         nThreads++;
+         DbgPrint("Thread->Tcb.State %d PID.TID %d.%d Name %.8s Stack: \n",
+                  Thread->Tcb.State,
+                  Thread->ThreadsProcess->UniqueProcessId,
+                  Thread->Cid.UniqueThread,
+                  Thread->ThreadsProcess->ImageFileName);
+         if(Thread->Tcb.State == THREAD_STATE_READY ||
+            Thread->Tcb.State == THREAD_STATE_SUSPENDED ||
+            Thread->Tcb.State == THREAD_STATE_BLOCKED)
+         {
+           ULONG i = 0;
+           PULONG Esp = (PULONG)Thread->Tcb.KernelStack;
+           PULONG Ebp = (PULONG)Esp[3];
+           DbgPrint("Ebp 0x%.8X\n", Ebp);
+           while(Ebp != 0 && Ebp >= (PULONG)Thread->Tcb.StackLimit)
+           {
+             DbgPrint("%.8X %.8X%s", Ebp[0], Ebp[1], (i % 8) == 7 ? "\n" : "  ");
+             Ebp = (PULONG)Ebp[0];
+             i++;
+           }
+           if((i % 8) != 7)
+           {
+             DbgPrint("\n");
+           }
+         }
+         AThread = AThread->Flink;
+       }

      }

+     AProcess = AProcess->Flink;
+   }

 }
 

-static PETHREAD PsScanThreadList (KPRIORITY Priority, ULONG Affinity)

+static PETHREAD PsScanThreadList(KPRIORITY Priority, ULONG Affinity)

 {
    PLIST_ENTRY current_entry;
    PETHREAD current;

@@ -359,19 +352,19 @@

 VOID STDCALL
 PiReaperThreadMain(PVOID Ignored)
 {

-  while (1)
-    {
-      KeWaitForSingleObject(&PiReaperThreadEvent,
-			    Executive,
-			    KernelMode,
-			    FALSE,
-			    NULL);
-      if (PiReaperThreadShouldTerminate)

+  for(;;)
+  {
+    KeWaitForSingleObject(&PiReaperThreadEvent,
+			  Executive,
+			  KernelMode,
+			  FALSE,
+			  NULL);
+    if (PiReaperThreadShouldTerminate)

 	{
 	  PsTerminateSystemThread(0);
 	}

-      PsReapThreads();
-    }

+    PsReapThreads();
+  }

 }
 
 VOID PsDispatchThreadNoLock (ULONG NewThreadStatus)

@@ -386,15 +379,16 @@

 	   CurrentThread->Cid.UniqueThread, NewThreadStatus, CurrentThread->Tcb.State);
 
    CurrentThread->Tcb.State = (UCHAR)NewThreadStatus;

-   if (CurrentThread->Tcb.State == THREAD_STATE_READY)
-     {

+   switch(NewThreadStatus)
+   {
+     case THREAD_STATE_READY:

 	PsInsertIntoThreadList(CurrentThread->Tcb.Priority,
 			       CurrentThread);

-     }
-   if (CurrentThread->Tcb.State == THREAD_STATE_TERMINATED_1)
-     {
-       PiNrThreadsAwaitingReaping++;
-     }

+	break;
+     case THREAD_STATE_TERMINATED_1:
+	PsQueueThreadReap(CurrentThread);
+	break;
+   }

 
    Affinity = 1 << KeGetCurrentProcessorNumber();
    for (CurrentPriority = HIGH_PRIORITY;

@@ -405,7 +399,7 @@

 	if (Candidate == CurrentThread)
 	  {
 	     Candidate->Tcb.State = THREAD_STATE_RUNNING;

-	     KeReleaseSpinLockFromDpcLevel(&PiThreadListLock);

+	     KeReleaseSpinLockFromDpcLevel(&PiThreadLock);

 	     return;
 	  }
 	if (Candidate != NULL)

@@ -418,17 +412,6 @@

 
 	    OldThread = CurrentThread;
 	    CurrentThread = Candidate;

-#if 0
-            /*
-	     * This code is moved to the end of KiArchContextSwitch.
-	     * It should be execute after the context switch.
-	     */
-	    KeReleaseSpinLockFromDpcLevel(&PiThreadListLock);
-	    if (PiNrThreadsAwaitingReaping > 0)
-	      {
-		PiWakeupReaperThread();
-	      }
-#endif

 
 	    MmUpdatePageDir(PsGetCurrentProcess(),(PVOID)CurrentThread->ThreadsProcess, sizeof(EPROCESS));
 

@@ -450,7 +433,7 @@

 	return;
      }
 

-   KeAcquireSpinLock(&PiThreadListLock, &oldIrql);

+   KeAcquireSpinLock(&PiThreadLock, &oldIrql);

    /*
     * Save wait IRQL
     */

@@ -464,7 +447,7 @@

 {
   KIRQL oldIrql;
 

-  KeAcquireSpinLock(&PiThreadListLock, &oldIrql);

+  KeAcquireSpinLock(&PiThreadLock, &oldIrql);

   if (THREAD_STATE_TERMINATED_1 == Thread->Tcb.State ||
       THREAD_STATE_TERMINATED_2 == Thread->Tcb.State)
     {

@@ -486,7 +469,7 @@

       Thread->Tcb.State = THREAD_STATE_READY;
       PsInsertIntoThreadList(Thread->Tcb.Priority, Thread);
     }

-  KeReleaseSpinLock(&PiThreadListLock, oldIrql);

+  KeReleaseSpinLock(&PiThreadLock, oldIrql);

 }
 
 VOID

@@ -498,7 +481,7 @@

   PETHREAD Thread;
   PKWAIT_BLOCK WaitBlock;
 

-  KeAcquireSpinLock(&PiThreadListLock, &oldIrql);

+  KeAcquireSpinLock(&PiThreadLock, &oldIrql);

 
   KThread = ((PIKPCR) KeGetCurrentKPCR())->CurrentThread;
   Thread = CONTAINING_RECORD (KThread, ETHREAD, Tcb);

@@ -553,13 +536,13 @@

   PLIST_ENTRY current_entry;
   PETHREAD current;
 

-  KeAcquireSpinLock(&PiThreadListLock, &oldIrql);

+  KeAcquireSpinLock(&PiThreadLock, &oldIrql);

 
   current_entry = Process->ThreadListHead.Flink;
   while (current_entry != &Process->ThreadListHead)
     {
       current = CONTAINING_RECORD(current_entry, ETHREAD,

-				  Tcb.ProcessThreadListEntry);

+				  ThreadListEntry);

 
       /*
        * We have to be careful here, we can't just set the freeze the

@@ -569,7 +552,7 @@

       current_entry = current_entry->Flink;
     }
 

-  KeReleaseSpinLock(&PiThreadListLock, oldIrql);

+  KeReleaseSpinLock(&PiThreadLock, oldIrql);

 }
 
 ULONG

@@ -579,7 +562,7 @@

   PLIST_ENTRY current_entry;
   ULONG Count = 0;
 

-  KeAcquireSpinLock(&PiThreadListLock, &oldIrql);

+  KeAcquireSpinLock(&PiThreadLock, &oldIrql);

 
   current_entry = Process->ThreadListHead.Flink;
   while (current_entry != &Process->ThreadListHead)

@@ -588,7 +571,7 @@

       current_entry = current_entry->Flink;
     }
   

-  KeReleaseSpinLock(&PiThreadListLock, oldIrql);

+  KeReleaseSpinLock(&PiThreadLock, oldIrql);

   return Count;
 }
 

@@ -641,7 +624,7 @@

     PVOID	Win32Thread
 	)
 {

-	Thread->Win32Thread = Win32Thread;

+	Thread->Tcb.Win32Thread = Win32Thread;

 }
 
 VOID

@@ -680,19 +663,18 @@

  * FUNCTION: Initialize thread managment
  */
 {

+   HANDLE PiReaperThreadHandle;

    PETHREAD FirstThread;
    ULONG i;
    HANDLE FirstThreadHandle;
    NTSTATUS Status;
 

-   KeInitializeSpinLock(&PiThreadListLock);

+   KeInitializeSpinLock(&PiThreadLock);

    for (i=0; i < MAXIMUM_PRIORITY; i++)
      {
 	InitializeListHead(&PriorityListHead[i]);
      }
 

-   InitializeListHead(&PiThreadListHead);
-

    PsThreadType = ExAllocatePool(NonPagedPool,sizeof(OBJECT_TYPE));
 
    PsThreadType->Tag = TAG('T', 'H', 'R', 'T');

@@ -732,6 +714,7 @@

    /*
     * Create the reaper thread
     */

+   PsInitializeThreadReaper();

    KeInitializeEvent(&PiReaperThreadEvent, SynchronizationEvent, FALSE);
    Status = PsCreateSystemThread(&PiReaperThreadHandle,
 				 THREAD_ALL_ACCESS,

@@ -745,6 +728,8 @@

        DPRINT1("PS: Failed to create reaper thread.\n");
        KEBUGCHECK(0);
      }

+
+   NtClose(PiReaperThreadHandle);

 }
 
 /*

@@ -797,7 +782,7 @@

 	KEBUGCHECK(0);
      }
 

-   KeAcquireSpinLock(&PiThreadListLock, &oldIrql);

+   KeAcquireSpinLock(&PiThreadLock, &oldIrql);

 
    OldPriority = Thread->Priority;
    Thread->BasePriority = Thread->Priority = (CHAR)Priority;

@@ -831,7 +816,7 @@

 	     }
 	 }
      }

-   KeReleaseSpinLock(&PiThreadListLock, oldIrql);

+   KeReleaseSpinLock(&PiThreadLock, oldIrql);

    return(OldPriority);
 }
 

@@ -967,40 +952,26 @@

 			   OUT PEPROCESS *Process OPTIONAL,
 			   OUT PETHREAD *Thread)
 {

-  KIRQL oldIrql;
-  PLIST_ENTRY current_entry;
-  PETHREAD current;

+  PCID_OBJECT CidObject;
+  PETHREAD FoundThread;

-  KeAcquireSpinLock(&PiThreadListLock, &oldIrql);
-
-  current_entry = PiThreadListHead.Flink;
-  while (current_entry != &PiThreadListHead)

+  CidObject = PsLockCidHandle((HANDLE)Cid->UniqueThread, PsThreadType);
+  if(CidObject != NULL)
+  {
+    FoundThread = CidObject->Obj.Thread;
+    ObReferenceObject(FoundThread);
+    
+    if(Process != NULL)

     {

-      current = CONTAINING_RECORD(current_entry,
-				  ETHREAD,
-				  Tcb.ThreadListEntry);
-      if (current->Cid.UniqueThread == Cid->UniqueThread &&
-	  current->Cid.UniqueProcess == Cid->UniqueProcess)
-	{
-	  if (Process != NULL)
-          {
-	    *Process = current->ThreadsProcess;
-            ObReferenceObject(current->ThreadsProcess);
-          }
-
-	  *Thread = current;
-          ObReferenceObject(current);
-
-	  KeReleaseSpinLock(&PiThreadListLock, oldIrql);
-	  return(STATUS_SUCCESS);
-	}
-
-      current_entry = current_entry->Flink;

+      *Process = FoundThread->ThreadsProcess;
+      ObReferenceObject(FoundThread->ThreadsProcess);

     }
 

-  KeReleaseSpinLock(&PiThreadListLock, oldIrql);

+    PsUnlockCidObject(CidObject);
+    return STATUS_SUCCESS;
+  }

-  return(STATUS_INVALID_PARAMETER);

+  return STATUS_INVALID_PARAMETER;

 }
 
 

@@ -1011,32 +982,19 @@

 PsLookupThreadByThreadId(IN PVOID ThreadId,
 			 OUT PETHREAD *Thread)
 {

-  KIRQL oldIrql;
-  PLIST_ENTRY current_entry;
-  PETHREAD current;
-
-  KeAcquireSpinLock(&PiThreadListLock, &oldIrql);
-
-  current_entry = PiThreadListHead.Flink;
-  while (current_entry != &PiThreadListHead)
-    {
-      current = CONTAINING_RECORD(current_entry,
-				  ETHREAD,
-				  Tcb.ThreadListEntry);
-      if (current->Cid.UniqueThread == (HANDLE)ThreadId)
-	{
-	  KeReleaseSpinLock(&PiThreadListLock, oldIrql);
-	  *Thread = current;
-          ObReferenceObject(current);
-	  return(STATUS_SUCCESS);
-	}
-
-      current_entry = current_entry->Flink;
-    }
-
-  KeReleaseSpinLock(&PiThreadListLock, oldIrql);

+  PCID_OBJECT CidObject;
+  
+  CidObject = PsLockCidHandle((HANDLE)ThreadId, PsThreadType);
+  if(CidObject != NULL)
+  {
+    *Thread = CidObject->Obj.Thread;
+    ObReferenceObject(*Thread);
+    
+    PsUnlockCidObject(CidObject);
+    return STATUS_SUCCESS;
+  }

-  return(STATUS_INVALID_PARAMETER);

+  return STATUS_INVALID_PARAMETER;

 }
 
 /*

reactos/ntoskrnl/ps

diff -u -r1.28 -r1.29
--- tinfo.c	15 Aug 2004 16:39:10 -0000	1.28
+++ tinfo.c	28 Sep 2004 15:02:29 -0000	1.29
@@ -1,4 +1,4 @@

-/* $Id: tinfo.c,v 1.28 2004/08/15 16:39:10 chorns Exp $

+/* $Id: tinfo.c,v 1.29 2004/09/28 15:02:29 weiden Exp $

  *
  * COPYRIGHT:       See COPYING in the top level directory
  * PROJECT:         ReactOS kernel

@@ -115,7 +115,8 @@

 	/* Can only be queried */
 	Status = STATUS_INVALID_INFO_CLASS;
 	break;

-	

+
+#ifdef _ENABLE_THRDEVTPAIR

       case ThreadEventPair:
 	{
 	  PKEVENT_PAIR EventPair;

@@ -149,6 +150,13 @@

 	  Status = STATUS_SUCCESS;
 	  break;
 	}

+#else /* !_ENABLE_THRDEVTPAIR */
+      case ThreadEventPair:
+	{
+          Status = STATUS_NOT_IMPLEMENTED;
+	  break;
+	}
+#endif /* _ENABLE_THRDEVTPAIR */

 	
       case ThreadQuerySetWin32StartAddress:
 	if (ThreadInformationLength != sizeof(ULONG))

@@ -156,7 +164,7 @@

 	    Status = STATUS_INFO_LENGTH_MISMATCH;
 	    break;
 	  }

-	Thread->u2.Win32StartAddress = (PVOID)*((PULONG)ThreadInformation);

+	Thread->Win32StartAddress = (PVOID)*((PULONG)ThreadInformation);

 	Status = STATUS_SUCCESS;
 	break;
 

@@ -270,7 +278,7 @@

             TTI->UserTime.QuadPart = Thread->Tcb.UserTime * 100000LL;
             TTI->CreateTime = (TIME) Thread->CreateTime;
             /*This works*/

-	    TTI->ExitTime = (TIME) Thread->u1.ExitTime;

+	    TTI->ExitTime = (TIME) Thread->ExitTime;

 	 
             Status = STATUS_SUCCESS;
             break;

@@ -317,7 +325,7 @@

 	   Status = STATUS_INFO_LENGTH_MISMATCH;
 	   break;
 	 }

-       *((PVOID*)ThreadInformation) = Thread->u2.Win32StartAddress;

+       *((PVOID*)ThreadInformation) = Thread->Win32StartAddress;

        Status = STATUS_SUCCESS;
        break;
 

reactos/ntoskrnl/ps

diff -u -r1.8 -r1.9
--- win32.c	15 Aug 2004 16:39:10 -0000	1.8
+++ win32.c	28 Sep 2004 15:02:29 -0000	1.9
@@ -16,7 +16,7 @@

  *  along with this program; if not, write to the Free Software
  *  Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
  */

-/* $Id: win32.c,v 1.8 2004/08/15 16:39:10 chorns Exp $

+/* $Id: win32.c,v 1.9 2004/09/28 15:02:29 weiden Exp $

  *
  * COPYRIGHT:              See COPYING in the top level directory
  * PROJECT:                ReactOS kernel

@@ -45,7 +45,7 @@

 PW32THREAD STDCALL
 PsGetWin32Thread(VOID)
 {

-  return(PsGetCurrentThread()->Win32Thread);

+  return(PsGetCurrentThread()->Tcb.Win32Thread);

 }
 
 PW32PROCESS STDCALL

@@ -114,14 +114,14 @@

 	}
     }
 

-  if (Thread->Win32Thread == NULL)

+  if (Thread->Tcb.Win32Thread == NULL)

     {

-      Thread->Win32Thread = ExAllocatePool (NonPagedPool,
-					    PspWin32ThreadSize);
-      if (Thread->Win32Thread == NULL)

+      Thread->Tcb.Win32Thread = ExAllocatePool (NonPagedPool,
+						PspWin32ThreadSize);
+      if (Thread->Tcb.Win32Thread == NULL)

 	return STATUS_NO_MEMORY;
 

-      RtlZeroMemory (Thread->Win32Thread,

+      RtlZeroMemory (Thread->Tcb.Win32Thread,

 		     PspWin32ThreadSize);
 
       if (PspWin32ThreadCallback != NULL)

@@ -152,15 +152,15 @@

 VOID
 PsTerminateWin32Thread (PETHREAD Thread)
 {

-  if (Thread->Win32Thread == NULL)
-    return;
-
-  if (PspWin32ThreadCallback != NULL)

+  if (Thread->Tcb.Win32Thread != NULL)
+  {
+    if (PspWin32ThreadCallback != NULL)

     {
       PspWin32ThreadCallback (Thread, FALSE);
     }
 

-  ExFreePool (Thread->Win32Thread);

+    ExFreePool (Thread->Tcb.Win32Thread);
+  }

 }
 
 /* EOF */

reactos/subsys/win32k/include

diff -u -r1.59 -r1.60
--- window.h	27 May 2004 11:47:42 -0000	1.59
+++ window.h	28 Sep 2004 15:02:30 -0000	1.60
@@ -138,8 +138,8 @@

   ObmDereferenceObject(WndObj)
 
 #define IntWndBelongsToThread(WndObj, W32Thread) \

-  (((WndObj->OwnerThread && WndObj->OwnerThread->Win32Thread)) && \
-   (WndObj->OwnerThread->Win32Thread == W32Thread))

+  (((WndObj->OwnerThread && WndObj->OwnerThread->Tcb.Win32Thread)) && \
+   (WndObj->OwnerThread->Tcb.Win32Thread == W32Thread))

 
 #define IntGetWndThreadId(WndObj) \
   WndObj->OwnerThread->Cid.UniqueThread

reactos/subsys/win32k/main

diff -u -r1.79 -r1.80
--- dllmain.c	8 Aug 2004 17:57:34 -0000	1.79
+++ dllmain.c	28 Sep 2004 15:02:30 -0000	1.80
@@ -16,7 +16,7 @@

  *  along with this program; if not, write to the Free Software
  *  Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
  */

-/* $Id: dllmain.c,v 1.79 2004/08/08 17:57:34 weiden Exp $

+/* $Id: dllmain.c,v 1.80 2004/09/28 15:02:30 weiden Exp $

  *
  *  Entry Point for win32k.sys
  */

@@ -135,7 +135,7 @@

 #endif
 
   Process = Thread->ThreadsProcess;

-  Win32Thread = Thread->Win32Thread;

+  Win32Thread = Thread->Tcb.Win32Thread;

   if (Create)
     {
 #if 0

reactos/subsys/win32k/ntuser

diff -u -r1.21 -r1.22
--- desktop.c	15 Sep 2004 20:53:43 -0000	1.21
+++ desktop.c	28 Sep 2004 15:02:30 -0000	1.22
@@ -16,7 +16,7 @@

  *  along with this program; if not, write to the Free Software
  *  Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
  *

- *  $Id: desktop.c,v 1.21 2004/09/15 20:53:43 mf Exp $

+ *  $Id: desktop.c,v 1.22 2004/09/28 15:02:30 weiden Exp $

  *
  *  COPYRIGHT:        See COPYING in the top level directory
  *  PROJECT:          ReactOS kernel

@@ -954,14 +954,14 @@

   {
     /* just return the handle, we queried the desktop handle of a thread running
        in the same context */

-    Ret = Thread->Win32Thread->hDesktop;

+    Ret = Thread->Tcb.Win32Thread->hDesktop;

     ObDereferenceObject(Thread);
     return Ret;
   }
   
   /* get the desktop handle and the desktop of the thread */

-  if(!(hThreadDesktop = Thread->Win32Thread->hDesktop) ||
-     !(DesktopObject = Thread->Win32Thread->Desktop))

+  if(!(hThreadDesktop = Thread->Tcb.Win32Thread->hDesktop) ||
+     !(DesktopObject = Thread->Tcb.Win32Thread->Desktop))

   {
     ObDereferenceObject(Thread);
     DPRINT1("Desktop information of thread 0x%x broken!?\n", dwThreadId);

reactos/subsys/win32k/ntuser

diff -u -r1.8 -r1.9
--- hook.c	10 May 2004 17:07:18 -0000	1.8
+++ hook.c	28 Sep 2004 15:02:30 -0000	1.9
@@ -16,7 +16,7 @@

  *  along with this program; if not, write to the Free Software
  *  Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
  */

-/* $Id: hook.c,v 1.8 2004/05/10 17:07:18 weiden Exp $

+/* $Id: hook.c,v 1.9 2004/09/28 15:02:30 weiden Exp $

  *
  * COPYRIGHT:        See COPYING in the top level directory
  * PROJECT:          ReactOS kernel

@@ -64,7 +64,7 @@

 IntAddHook(PETHREAD Thread, int HookId, BOOLEAN Global, PWINSTATION_OBJECT WinStaObj)
 {
   PHOOK Hook;

-  PHOOKTABLE Table = Global ? GlobalHooks : MsqGetHooks(Thread->Win32Thread->MessageQueue);

+  PHOOKTABLE Table = Global ? GlobalHooks : MsqGetHooks(Thread->Tcb.Win32Thread->MessageQueue);

   HANDLE Handle;
 
   if (NULL == Table)

@@ -80,7 +80,7 @@

         }
       else
         {

-          MsqSetHooks(Thread->Win32Thread->MessageQueue, Table);

+          MsqSetHooks(Thread->Tcb.Win32Thread->MessageQueue, Table);

         }
     }
 

@@ -113,7 +113,7 @@

       return GlobalHooks;
     }
 

-  return MsqGetHooks(Hook->Thread->Win32Thread->MessageQueue);

+  return MsqGetHooks(Hook->Thread->Tcb.Win32Thread->MessageQueue);

 }
 
 /* get the first hook in the chain */

reactos/subsys/win32k/ntuser

diff -u -r1.37 -r1.38
--- input.c	30 Jul 2004 09:42:11 -0000	1.37
+++ input.c	28 Sep 2004 15:02:30 -0000	1.38
@@ -16,7 +16,7 @@

  *  along with this program; if not, write to the Free Software
  *  Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
  */

-/* $Id: input.c,v 1.37 2004/07/30 09:42:11 weiden Exp $

+/* $Id: input.c,v 1.38 2004/09/28 15:02:30 weiden Exp $

  *
  * COPYRIGHT:        See COPYING in the top level directory
  * PROJECT:          ReactOS kernel

@@ -371,11 +371,11 @@

 
 	  FocusThread = FocusQueue->Thread;
 

-	  if (FocusThread && FocusThread->Win32Thread && 
-	      FocusThread->Win32Thread->KeyboardLayout) 

+	  if (FocusThread && FocusThread->Tcb.Win32Thread &&
+	      FocusThread->Tcb.Win32Thread->KeyboardLayout)

 	    {
 	      W32kKeyProcessMessage(&msg,

-				    FocusThread->Win32Thread->KeyboardLayout);

+				    FocusThread->Tcb.Win32Thread->KeyboardLayout);

 	    } 
 	  else
 	    continue;

reactos/subsys/win32k/ntuser

diff -u -r1.73 -r1.74
--- message.c	12 Sep 2004 19:29:22 -0000	1.73
+++ message.c	28 Sep 2004 15:02:30 -0000	1.74
@@ -16,7 +16,7 @@

  *  along with this program; if not, write to the Free Software
  *  Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
  */

-/* $Id: message.c,v 1.73 2004/09/12 19:29:22 gvg Exp $

+/* $Id: message.c,v 1.74 2004/09/28 15:02:30 weiden Exp $

  *
  * COPYRIGHT:        See COPYING in the top level directory
  * PROJECT:          ReactOS kernel

@@ -1154,7 +1154,7 @@

   Status = PsLookupThreadByThreadId((void *)idThread,&peThread);
   
   if( Status == STATUS_SUCCESS ) {

-    pThread = peThread->Win32Thread;

+    pThread = peThread->Tcb.Win32Thread;

     if( !pThread || !pThread->MessageQueue )
       {
 	ObDereferenceObject( peThread );

@@ -1606,18 +1606,18 @@

 BOOL STDCALL
 IntInitMessagePumpHook()
 {

-	PsGetCurrentThread()->Win32Thread->MessagePumpHookValue++;

+	PsGetCurrentThread()->Tcb.Win32Thread->MessagePumpHookValue++;

 	return TRUE;
 }
 
 BOOL STDCALL
 IntUninitMessagePumpHook()
 {

-	if (PsGetCurrentThread()->Win32Thread->MessagePumpHookValue <= 0)

+	if (PsGetCurrentThread()->Tcb.Win32Thread->MessagePumpHookValue <= 0)

 	{
 		return FALSE;
 	}

-	PsGetCurrentThread()->Win32Thread->MessagePumpHookValue--;

+	PsGetCurrentThread()->Tcb.Win32Thread->MessagePumpHookValue--;

 	return TRUE;
 }
 

reactos/subsys/win32k/ntuser

diff -u -r1.85 -r1.86
--- misc.c	13 Sep 2004 21:37:32 -0000	1.85
+++ misc.c	28 Sep 2004 15:02:30 -0000	1.86
@@ -1,4 +1,4 @@

-/* $Id: misc.c,v 1.85 2004/09/13 21:37:32 weiden Exp $

+/* $Id: misc.c,v 1.86 2004/09/28 15:02:30 weiden Exp $

  *
  * COPYRIGHT:        See COPYING in the top level directory
  * PROJECT:          ReactOS kernel

@@ -108,7 +108,7 @@

       break;
     
     case NOPARAM_ROUTINE_DESTROY_CARET:

-      Result = (DWORD)IntDestroyCaret(PsGetCurrentThread()->Win32Thread);

+      Result = (DWORD)IntDestroyCaret(PsGetCurrentThread()->Tcb.Win32Thread);

       break;
     
     case NOPARAM_ROUTINE_INIT_MESSAGE_PUMP:

@@ -422,7 +422,7 @@

     
     case TWOPARAM_ROUTINE_SETGUITHRDHANDLE:
     {

-      PUSER_MESSAGE_QUEUE MsgQueue = PsGetCurrentThread()->Win32Thread->MessageQueue;

+      PUSER_MESSAGE_QUEUE MsgQueue = PsGetCurrentThread()->Tcb.Win32Thread->MessageQueue;

       
       ASSERT(MsgQueue);
       return (DWORD)MsqSetStateWindow(MsgQueue, (ULONG)Param1, (HWND)Param2);

@@ -1087,12 +1087,12 @@

       SetLastWin32Error(ERROR_ACCESS_DENIED);
       return FALSE;
     }

-    Desktop = Thread->Win32Thread->Desktop;

+    Desktop = Thread->Tcb.Win32Thread->Desktop;

   }
   else
   {
     /* get the foreground thread */

-    PW32THREAD W32Thread = PsGetCurrentThread()->Win32Thread;

+    PW32THREAD W32Thread = PsGetCurrentThread()->Tcb.Win32Thread;

     Desktop = W32Thread->Desktop;
     if(Desktop)
     {

reactos/subsys/win32k/ntuser

diff -u -r1.106 -r1.107
--- msgqueue.c	12 Sep 2004 19:29:23 -0000	1.106
+++ msgqueue.c	28 Sep 2004 15:02:30 -0000	1.107
@@ -16,7 +16,7 @@

  *  along with this program; if not, write to the Free Software
  *  Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
  */

-/* $Id: msgqueue.c,v 1.106 2004/09/12 19:29:23 gvg Exp $

+/* $Id: msgqueue.c,v 1.107 2004/09/28 15:02:30 weiden Exp $

  *
  * COPYRIGHT:        See COPYING in the top level directory
  * PROJECT:          ReactOS kernel

@@ -627,7 +627,7 @@

   if (!NT_SUCCESS(Status))
     return;
 

-  Win32Thread = ((PETHREAD)Thread)->Win32Thread;

+  Win32Thread = ((PETHREAD)Thread)->Tcb.Win32Thread;

   if (Win32Thread == NULL || Win32Thread->MessageQueue == NULL)
     {
       ObDereferenceObject ((PETHREAD)Thread);

reactos/subsys/win32k/ntuser

diff -u -r1.85 -r1.86
--- painting.c	24 Sep 2004 15:07:38 -0000	1.85
+++ painting.c	28 Sep 2004 15:02:30 -0000	1.86
@@ -16,7 +16,7 @@

  *  along with this program; if not, write to the Free Software
  *  Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
  *

- *  $Id: painting.c,v 1.85 2004/09/24 15:07:38 navaraf Exp $

+ *  $Id: painting.c,v 1.86 2004/09/28 15:02:30 weiden Exp $

  *
  *  COPYRIGHT:        See COPYING in the top level directory
  *  PROJECT:          ReactOS kernel

@@ -676,7 +676,7 @@

    PTHRDCARETINFO CaretInfo;
    HWND hWndCaret;
 

-   Desktop = PsGetCurrentThread()->Win32Thread->Desktop;

+   Desktop = PsGetCurrentThread()->Tcb.Win32Thread->Desktop;

    CaretInfo = ((PUSER_MESSAGE_QUEUE)Desktop->ActiveMessageQueue)->CaretInfo;
    hWndCaret = CaretInfo->hWnd;
    if (hWndCaret == hWnd ||

reactos/subsys/win32k/ntuser

diff -u -r1.35 -r1.36
--- timer.c	4 Aug 2004 22:31:17 -0000	1.35
+++ timer.c	28 Sep 2004 15:02:30 -0000	1.36
@@ -16,7 +16,7 @@

  *  along with this program; if not, write to the Free Software
  *  Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
  */

-/* $Id: timer.c,v 1.35 2004/08/04 22:31:17 weiden Exp $

+/* $Id: timer.c,v 1.36 2004/09/28 15:02:30 weiden Exp $

  *
  * COPYRIGHT:        See COPYING in the top level directory
  * PROJECT:          ReactOS kernel

@@ -405,7 +405,7 @@

           continue;
         }
         

-        MsqPostMessage(((PW32THREAD)Thread->Win32Thread)->MessageQueue, &MsgTimer->Msg, FALSE);

+        MsqPostMessage(Thread->Tcb.Win32Thread->MessageQueue, &MsgTimer->Msg, FALSE);

         
         ThreadsToDereference[ThreadsToDereferencePos] = Thread;
         ++ThreadsToDereferencePos;

reactos/subsys/win32k/ntuser

diff -u -r1.246 -r1.247
--- window.c	26 Jul 2004 14:58:35 -0000	1.246
+++ window.c	28 Sep 2004 15:02:30 -0000	1.247
@@ -16,7 +16,7 @@

  *  along with this program; if not, write to the Free Software
  *  Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
  */

-/* $Id: window.c,v 1.246 2004/07/26 14:58:35 jimtabor Exp $

+/* $Id: window.c,v 1.247 2004/09/28 15:02:30 weiden Exp $

  *
  * COPYRIGHT:        See COPYING in the top level directory
  * PROJECT:          ReactOS kernel

@@ -267,10 +267,10 @@

 
   RemoveTimersWindow(Window->Self);
   

-  IntLockThreadWindows(Window->OwnerThread->Win32Thread);

+  IntLockThreadWindows(Window->OwnerThread->Tcb.Win32Thread);

   if(Window->Status & WINDOWSTATUS_DESTROYING)
   {

-    IntUnLockThreadWindows(Window->OwnerThread->Win32Thread);

+    IntUnLockThreadWindows(Window->OwnerThread->Tcb.Win32Thread);

     DPRINT("Tried to call IntDestroyWindow() twice\n");
     return 0;
   }

@@ -279,7 +279,7 @@

      don't get into trouble when destroying the thread windows while we're still
      in IntDestroyWindow() */
   RemoveEntryList(&Window->ThreadListEntry);

-  IntUnLockThreadWindows(Window->OwnerThread->Win32Thread);

+  IntUnLockThreadWindows(Window->OwnerThread->Tcb.Win32Thread);

   
   BelongsToThreadData = IntWndBelongsToThread(Window, ThreadData);
   

@@ -382,10 +382,10 @@

   
   IntDestroyScrollBars(Window);
   

-  IntLockThreadWindows(Window->OwnerThread->Win32Thread);

+  IntLockThreadWindows(Window->OwnerThread->Tcb.Win32Thread);

   Window->Status |= WINDOWSTATUS_DESTROYED;
   /* don't remove the WINDOWSTATUS_DESTROYING bit */

-  IntUnLockThreadWindows(Window->OwnerThread->Win32Thread);

+  IntUnLockThreadWindows(Window->OwnerThread->Tcb.Win32Thread);

   
   /* remove the window from the class object */
   IntLockClassWindows(Window->Class);

@@ -527,7 +527,7 @@

   PWINDOW_OBJECT *List, *pWnd;
   ULONG Cnt = 0;
 

-  Win32Thread = Thread->Win32Thread;

+  Win32Thread = Thread->Tcb.Win32Thread;

   Win32Process = Thread->ThreadsProcess->Win32Process;
   
   IntLockThreadWindows(Win32Thread);

@@ -1166,7 +1166,7 @@

       SetLastWin32Error(ERROR_INVALID_PARAMETER);
       return 0;
     }

-    if(!(W32Thread = Thread->Win32Thread))

+    if(!(W32Thread = Thread->Tcb.Win32Thread))

     {
       ObDereferenceObject(Thread);
       DPRINT1("Thread is not a GUI Thread!\n");

@@ -1718,7 +1718,7 @@

     PRTL_USER_PROCESS_PARAMETERS ProcessParams;
     BOOL CalculatedDefPosSize = FALSE;
     

-    IntGetDesktopWorkArea(WindowObject->OwnerThread->Win32Thread->Desktop, &WorkArea);

+    IntGetDesktopWorkArea(WindowObject->OwnerThread->Tcb.Win32Thread->Desktop, &WorkArea);

     
     rc = WorkArea;
     ProcessParams = PsGetCurrentProcess()->Peb->ProcessParameters;

reactos/subsys/win32k

diff -u -r1.4 -r1.5
--- w32k.h	3 Jul 2004 13:55:36 -0000	1.4
+++ w32k.h	28 Sep 2004 15:02:31 -0000	1.5
@@ -17,6 +17,7 @@

 
 #include <internal/ob.h>
 #include <internal/safe.h>

+#include <internal/ps.h>

 
 #include <napi/win32.h>
 #include <ntos.h>