[ros-diffs] [tkreuzer] 33843: fix checks for deleted gdi objects and add GDI_DEBUG function to trace the deleter of an object.

Wed Jun 4 01:56:09 CEST 2008

Author: tkreuzer
Date: Tue Jun  3 18:56:09 2008
New Revision: 33843

URL: http://svn.reactos.org/svn/reactos?rev=33843&view=rev
Log:
fix checks for deleted gdi objects and add GDI_DEBUG function to trace the deleter of an object.

Modified:
    trunk/reactos/subsystems/win32/win32k/objects/gdidbg.c
    trunk/reactos/subsystems/win32/win32k/objects/gdiobj.c

Modified: trunk/reactos/subsystems/win32/win32k/objects/gdidbg.c
URL: http://svn.reactos.org/svn/reactos/trunk/reactos/subsystems/win32/win32k/objects/gdidbg.c?rev=33843&r1=33842&r2=33843&view=diff
==============================================================================

--- trunk/reactos/subsystems/win32/win32k/objects/gdidbg.c [iso-8859-1] (original)
+++ trunk/reactos/subsystems/win32/win32k/objects/gdidbg.c [iso-8859-1] Tue Jun  3 18:56:09 2008
@@ -7,6 +7,7 @@
 #define GDI_STACK_LEVELS 12
 static ULONG GDIHandleAllocator[GDI_HANDLE_COUNT][GDI_STACK_LEVELS+1];
 static ULONG GDIHandleLocker[GDI_HANDLE_COUNT][GDI_STACK_LEVELS+1];
+static ULONG GDIHandleDeleter[GDI_HANDLE_COUNT][GDI_STACK_LEVELS+1];
 struct DbgOpenGDIHandle
 {
     ULONG idx;
@@ -236,16 +237,21 @@
 #define GDIDBG_TRACECALLER() \
   DPRINT1("-> called from:\n"); \
   KeRosDumpStackFrames(NULL, 20);
-#define GDIDBG_TRACEALLOCATOR(index) \
+#define GDIDBG_TRACEALLOCATOR(handle) \
   DPRINT1("-> allocated from:\n"); \
-  KeRosDumpStackFrames(GDIHandleAllocator[index], GDI_STACK_LEVELS);
-#define GDIDBG_TRACELOCKER(index) \
+  KeRosDumpStackFrames(GDIHandleAllocator[GDI_HANDLE_GET_INDEX(handle)], GDI_STACK_LEVELS);
+#define GDIDBG_TRACELOCKER(handle) \
   DPRINT1("-> locked from:\n"); \
-  KeRosDumpStackFrames(GDIHandleLocker[index], GDI_STACK_LEVELS);
-#define GDIDBG_CAPTUREALLOCATOR(index) \
-  CaptureStackBackTace((PVOID*)GDIHandleAllocator[index], GDI_STACK_LEVELS);
-#define GDIDBG_CAPTURELOCKER(index) \
-  CaptureStackBackTace((PVOID*)GDIHandleLocker[index], GDI_STACK_LEVELS);
+  KeRosDumpStackFrames(GDIHandleLocker[GDI_HANDLE_GET_INDEX(handle)], GDI_STACK_LEVELS);
+#define GDIDBG_TRACEDELETER(handle) \
+  DPRINT1("-> deleted from:\n"); \
+  KeRosDumpStackFrames(GDIHandleDeleter[GDI_HANDLE_GET_INDEX(handle)], GDI_STACK_LEVELS);
+#define GDIDBG_CAPTUREALLOCATOR(handle) \
+  CaptureStackBackTace((PVOID*)GDIHandleAllocator[GDI_HANDLE_GET_INDEX(handle)], GDI_STACK_LEVELS);
+#define GDIDBG_CAPTURELOCKER(handle) \
+  CaptureStackBackTace((PVOID*)GDIHandleLocker[GDI_HANDLE_GET_INDEX(handle)], GDI_STACK_LEVELS);
+#define GDIDBG_CAPTUREDELETER(handle) \
+  CaptureStackBackTace((PVOID*)GDIHandleDeleter[GDI_HANDLE_GET_INDEX(handle)], GDI_STACK_LEVELS);
 #define GDIDBG_DUMPHANDLETABLE() \
   IntDumpHandleTable(GdiHandleTable)
 #define GDIDBG_INITLOOPTRACE() \
@@ -263,9 +269,11 @@
 #define GDIDBG_TRACELOCKER(index)
 #define GDIDBG_CAPTUREALLOCATOR(index)
 #define GDIDBG_CAPTURELOCKER(index)
+#define GDIDBG_CAPTUREDELETER(handle)
 #define GDIDBG_DUMPHANDLETABLE()
 #define GDIDBG_INITLOOPTRACE()
 #define GDIDBG_TRACELOOP(Handle, PrevThread, Thread)
+#define GDIDBG_TRACEDELETER(handle)
 
 #endif /* GDI_DEBUG */
 

Modified: trunk/reactos/subsystems/win32/win32k/objects/gdiobj.c
URL: http://svn.reactos.org/svn/reactos/trunk/reactos/subsystems/win32/win32k/objects/gdiobj.c?rev=33843&r1=33842&r2=33843&view=diff
==============================================================================
--- trunk/reactos/subsystems/win32/win32k/objects/gdiobj.c [iso-8859-1] (original)
+++ trunk/reactos/subsystems/win32/win32k/objects/gdiobj.c [iso-8859-1] Tue Jun  3 18:56:09 2008
@@ -171,6 +171,7 @@
     if ((Entry->Type & GDI_ENTRY_BASETYPE_MASK) == 0)
     {
         DPRINT1("%s: Attempted to lock object 0x%x that is deleted!\n", Function, hObj);
+        GDIDBG_TRACEDELETER(hObj);
     }
     else if (GDI_HANDLE_GET_REUSECNT(hObj) != GDI_ENTRY_GET_REUSECNT(Entry->Type))
     {
@@ -527,6 +528,7 @@
                 /* Now it's time to free the memory */
                 GDIOBJ_FreeObj(Object, TypeIndex);
 
+                GDIDBG_CAPTUREDELETER(hObj);
                 return Ret;
             }
             else
@@ -589,7 +591,7 @@
     INT Index = GDI_HANDLE_GET_INDEX(hObject);
     PGDI_TABLE_ENTRY Entry = &GdiHandleTable->Entries[Index];
     // We check to see if the objects are knocking on deaths door.
-    if ((Entry->Type & ~GDI_ENTRY_REUSE_MASK) != 0 && Entry->KernelData != NULL)
+    if ((Entry->Type & GDI_ENTRY_BASETYPE_MASK) != 0)
         return FALSE;
     else
     {
@@ -747,7 +749,8 @@
         DPRINT1("Attempted to lock object 0x%x of wrong type (Handle: 0x%x, requested: 0x%x)\n",
                 hObj, HandleType, ExpectedType);
         GDIDBG_TRACECALLER();
-        GDIDBG_TRACEALLOCATOR(GDI_HANDLE_GET_INDEX(hObj));
+        GDIDBG_TRACEALLOCATOR(hObj);
+        GDIDBG_TRACEDELETER(hObj);
         return NULL;
     }
 
@@ -1009,7 +1012,7 @@
 
         Entry = GDI_HANDLE_GET_ENTRY(GdiHandleTable, ObjectHandle);
         Ret = Entry->KernelData != NULL &&
-              (Entry->Type & ~GDI_ENTRY_REUSE_MASK) != 0 &&
+              (Entry->Type & GDI_ENTRY_BASETYPE_MASK) != 0 &&
               (HANDLE)((ULONG_PTR)Entry->ProcessId & ~0x1) == ProcessId;
 
         return Ret;
@@ -1179,7 +1182,7 @@
         {
             PW32THREAD PrevThread;
 
-            if ((Entry->Type & ~GDI_ENTRY_REUSE_MASK) != 0 && Entry->KernelData != NULL)
+            if ((Entry->Type & GDI_ENTRY_BASETYPE_MASK) != 0)
             {
                 POBJ Object = Entry->KernelData;
 
@@ -1309,7 +1312,7 @@
             PW32THREAD PrevThread;
             POBJ Object;
 
-            if ((FromEntry->Type & ~GDI_ENTRY_REUSE_MASK) != 0 && FromEntry->KernelData != NULL)
+            if ((FromEntry->Type & GDI_ENTRY_BASETYPE_MASK) != 0)
             {
                 Object = FromEntry->KernelData;
 

