[cgutman] 41600: - Fix a crash that happens when we are running at APC_LEVEL, acquire the recursive mutex (which improperly handled APC_LEVEL), then attempt to access paged pool (or do anything else that depends on Irql < DISPATCH_LEVEL) - Optimize the code for acquiring and releasing the recursive mutex at DISPATCH_LEVEL - Ros-diffs

24 Jun 2009

Author: cgutman
Date: Thu Jun 25 01:57:48 2009
New Revision: 41600
URL: http://svn.reactos.org/svn/reactos?rev=41600&view=rev
Log:
 - Fix a crash that happens when we are running at APC_LEVEL, acquire the recursive mutex (which improperly handled APC_LEVEL), then attempt to access paged pool (or do anything else that depends on Irql < DISPATCH_LEVEL)
 - Optimize the code for acquiring and releasing the recursive mutex at DISPATCH_LEVEL
Modified:
    trunk/reactos/drivers/network/tcpip/recmutex/recmutex.c
Modified: trunk/reactos/drivers/network/tcpip/recmutex/recmutex.c
URL: http://svn.reactos.org/svn/reactos/trunk/reactos/drivers/network/tcpip/recmu...
==============================================================================

--- trunk/reactos/drivers/network/tcpip/recmutex/recmutex.c [iso-8859-1] (original)
+++ trunk/reactos/drivers/network/tcpip/recmutex/recmutex.c [iso-8859-1] Thu Jun 25 01:57:48 2009
@@ -14,6 +14,7 @@
 SIZE_T RecursiveMutexEnter( PRECURSIVE_MUTEX RecMutex, BOOLEAN ToWrite ) {
     NTSTATUS Status = STATUS_SUCCESS;
     PVOID CurrentThread = KeGetCurrentThread();
+    KIRQL CurrentIrql;
/* Wait for the previous user to unlock the RecMutex state.  There might be
      * multiple waiters waiting to change the state.  We need to check each
@@ -27,9 +28,13 @@
    return TRUE;
     }
-    if( KeGetCurrentIrql() == PASSIVE_LEVEL ) {
+    CurrentIrql = KeGetCurrentIrql();
+
+    ASSERT(CurrentIrql <= DISPATCH_LEVEL);
+
+    if( CurrentIrql <= APC_LEVEL ) {
    ExAcquireFastMutex( &RecMutex->Mutex );
-	RecMutex->OldIrql = PASSIVE_LEVEL;
+	RecMutex->OldIrql = CurrentIrql;
    while( RecMutex->Locked ) {
        ExReleaseFastMutex( &RecMutex->Mutex );
        Status = KeWaitForSingleObject( &RecMutex->StateLockedEvent,
@@ -45,7 +50,8 @@
    RecMutex->LockCount++;
    ExReleaseFastMutex( &RecMutex->Mutex );
     } else {
-	KeAcquireSpinLock( &RecMutex->SpinLock, &RecMutex->OldIrql );
+	KeAcquireSpinLockAtDpcLevel( &RecMutex->SpinLock );
+        RecMutex->OldIrql = DISPATCH_LEVEL;
    RecMutex->Locked = TRUE;
    RecMutex->Writer = ToWrite;
    RecMutex->CurrentThread = CurrentThread;
@@ -56,14 +62,13 @@
 }
VOID RecursiveMutexLeave( PRECURSIVE_MUTEX RecMutex ) {
-    if( RecMutex->LockCount == 0 ) {
-	return;
-    } else
-	RecMutex->LockCount--;
+
+    ASSERT(RecMutex->LockCount > 0);
+    RecMutex->LockCount--;
if( !RecMutex->LockCount ) {
    RecMutex->CurrentThread = NULL;
-	if( RecMutex->OldIrql == PASSIVE_LEVEL ) {
+	if( RecMutex->OldIrql <= APC_LEVEL ) {
        ExAcquireFastMutex( &RecMutex->Mutex );
        RecMutex->Locked = FALSE;
        RecMutex->Writer = FALSE;
@@ -71,10 +76,9 @@
    } else {
        RecMutex->Locked = FALSE;
        RecMutex->Writer = FALSE;
-	    KeReleaseSpinLock( &RecMutex->SpinLock, RecMutex->OldIrql );
+	    KeReleaseSpinLockFromDpcLevel( &RecMutex->SpinLock );
    }
-	RecMutex->OldIrql = PASSIVE_LEVEL;
    KePulseEvent( &RecMutex->StateLockedEvent, IO_NETWORK_INCREMENT,
    	      FALSE );
     }

    