[sir_richard] 48909: [NTOS]: Don't use dangerous MiRemoveHeadList in MDL page allocation, use MiRemoveAnyPage instead. [NTOS]: Don't repurpose pages from the zero/free page list without actually un... - Ros-diffs

27 Sep 2010

Author: sir_richard
Date: Mon Sep 27 17:09:33 2010
New Revision: 48909
URL: http://svn.reactos.org/svn/reactos?rev=48909&view=rev
Log:
[NTOS]: Don't use dangerous MiRemoveHeadList in MDL page allocation, use MiRemoveAnyPage instead.
[NTOS]: Don't repurpose pages from the zero/free page list without actually unlinking the page first! This should fix even more corruptions.
Modified:
    trunk/reactos/ntoskrnl/mm/freelist.c
Modified: trunk/reactos/ntoskrnl/mm/freelist.c
URL: http://svn.reactos.org/svn/reactos/trunk/reactos/ntoskrnl/mm/freelist.c?rev=...
==============================================================================

--- trunk/reactos/ntoskrnl/mm/freelist.c [iso-8859-1] (original)
+++ trunk/reactos/ntoskrnl/mm/freelist.c [iso-8859-1] Mon Sep 27 17:09:33 2010
@@ -229,32 +229,18 @@
         //
         while (PagesFound < PageCount)
         {
-            //
-            // Do we have zeroed pages?
-            //
-            if (MmZeroedPageListHead.Total)
+            /* Grab a page */
+            Page = MiRemoveAnyPage(0);
+            if (Page == 0)
             {
-                //
-                // Grab a zero page
-                //
-                Pfn1 = MiRemoveHeadList(&MmZeroedPageListHead);
-            }
-            else if (MmFreePageListHead.Total)
-            {
-                //
-                // Nope, grab an unzeroed page
-                //
-                Pfn1 = MiRemoveHeadList(&MmFreePageListHead);
-            }
-            else
-            {
-                //
-                // This is not good... hopefully we have at least SOME pages
-                //
+                /* This is not good... hopefully we have at least SOME pages */
                 ASSERT(PagesFound);
                 break;
             }
+            /* Grab the page entry for it */
+            Pfn1 = MiGetPfnEntry(Page);
+            
             //
             // Make sure it's really free
             //
@@ -266,11 +252,6 @@
             Pfn1->u3.e1.StartOfAllocation = 1;
             Pfn1->u3.e1.EndOfAllocation = 1;
             Pfn1->u3.e2.ReferenceCount = 1;
-            
-            //
-            // Decrease available pages
-            //
-            MmAvailablePages--;
//
             // Save it into the MDL
@@ -303,6 +284,9 @@
                 if (MiIsPfnInUse(Pfn1)) continue;
                 if ((Pfn1->u3.e1.PageLocation == ZeroedPageList) != LookForZeroedPages) continue;
+                /* Remove the page from the free or zero list */
+                MiUnlinkFreeOrZeroedPage(Pfn1);
+                
                 //
                 // Sanity checks
                 //
@@ -314,11 +298,6 @@
                 Pfn1->u3.e2.ReferenceCount = 1;
                 Pfn1->u3.e1.StartOfAllocation = 1;
                 Pfn1->u3.e1.EndOfAllocation = 1;
-                                
-                //
-                // Decrease available pages
-                //
-                MmAvailablePages--;
//
                 // Save this page into the MDL

    