[User32|Win32k]

[reactos.git] / reactos / subsystems / win32 / win32k / ntuser / msgqueue.c
diff --git a/reactos/subsystems/win32/win32k/ntuser/msgqueue.c b/reactos/subsystems/win32/win32k/ntuser/msgqueue.c

index 430b2c6..e737127 100644 (file)
--- a/reactos/subsystems/win32/win32k/ntuser/msgqueue.c
+++ b/reactos/subsystems/win32/win32k/ntuser/msgqueue.c
@@ -20,6 +20,8 @@
  /* GLOBALS *******************************************************************/
  
  static PAGED_LOOKASIDE_LIST MessageLookasideList;
+MOUSEMOVEPOINT MouseHistoryOfMoves[64];
+INT gcur_count = 0;
  
  /* FUNCTIONS *****************************************************************/
  
@@ -39,6 +41,106 @@ MsqInitializeImpl(VOID)
     return(STATUS_SUCCESS);
  }
  
+DWORD FASTCALL UserGetKeyState(DWORD key)
+{
+   DWORD ret = 0;
+   PTHREADINFO pti;
+   PUSER_MESSAGE_QUEUE MessageQueue;
+
+   pti = PsGetCurrentThreadWin32Thread();
+   MessageQueue = pti->MessageQueue;
+
+   if( key < 0x100 )
+   {
+       ret = ((DWORD)(MessageQueue->KeyState[key] & KS_DOWN_BIT) << 8 ) |
+            (MessageQueue->KeyState[key] & KS_LOCK_BIT);
+   }
+
+   return ret;
+}
+
+/* change the input key state for a given key */
+static void set_input_key_state( PUSER_MESSAGE_QUEUE MessageQueue, UCHAR key, BOOL down )
+{
+    if (down)
+    {
+        if (!(MessageQueue->KeyState[key] & KS_DOWN_BIT)) 
+        {
+            MessageQueue->KeyState[key] ^= KS_LOCK_BIT;
+        }
+        MessageQueue->KeyState[key] |= KS_DOWN_BIT;
+    }
+    else
+    {
+        MessageQueue->KeyState[key] &= ~KS_DOWN_BIT;
+    }
+}
+
+/* update the input key state for a keyboard message */
+static void update_input_key_state( PUSER_MESSAGE_QUEUE MessageQueue, MSG* msg )
+{
+    UCHAR key;
+    BOOL down = 0;
+
+    switch (msg->message)
+    {
+    case WM_LBUTTONDOWN:
+        down = 1;
+        /* fall through */
+    case WM_LBUTTONUP:
+        set_input_key_state( MessageQueue, VK_LBUTTON, down );
+        break;
+    case WM_MBUTTONDOWN:
+        down = 1;
+        /* fall through */
+    case WM_MBUTTONUP:
+        set_input_key_state( MessageQueue, VK_MBUTTON, down );
+        break;
+    case WM_RBUTTONDOWN:
+        down = 1;
+        /* fall through */
+    case WM_RBUTTONUP:
+        set_input_key_state( MessageQueue, VK_RBUTTON, down );
+        break;
+    case WM_XBUTTONDOWN:
+        down = 1;
+        /* fall through */
+    case WM_XBUTTONUP:
+        if (msg->wParam == XBUTTON1) 
+            set_input_key_state( MessageQueue, VK_XBUTTON1, down );
+        else if (msg->wParam == XBUTTON2) 
+            set_input_key_state( MessageQueue, VK_XBUTTON2, down );
+        break;
+    case WM_KEYDOWN:
+    case WM_SYSKEYDOWN:
+        down = 1;
+        /* fall through */
+    case WM_KEYUP:
+    case WM_SYSKEYUP:
+        key = (UCHAR)msg->wParam;
+        set_input_key_state( MessageQueue, key, down );
+        switch(key)
+        {
+        case VK_LCONTROL:
+        case VK_RCONTROL:
+            down = (MessageQueue->KeyState[VK_LCONTROL] | MessageQueue->KeyState[VK_RCONTROL]) & KS_DOWN_BIT;
+            set_input_key_state( MessageQueue, VK_CONTROL, down );
+            break;
+        case VK_LMENU:
+        case VK_RMENU:
+            down = (MessageQueue->KeyState[VK_LMENU] | MessageQueue->KeyState[VK_RMENU]) & KS_DOWN_BIT;
+            set_input_key_state( MessageQueue, VK_MENU, down );
+            break;
+        case VK_LSHIFT:
+        case VK_RSHIFT:
+            down = (MessageQueue->KeyState[VK_LSHIFT] | MessageQueue->KeyState[VK_RSHIFT]) & KS_DOWN_BIT;
+            set_input_key_state( MessageQueue, VK_SHIFT, down );
+            break;
+        }
+        break;
+    }
+}
+
  HANDLE FASTCALL
  IntMsqSetWakeMask(DWORD WakeMask)
  {
@@ -121,7 +223,7 @@ ClearMsgBitsMask(PUSER_MESSAGE_QUEUE Queue, UINT MessageBits)
     pti = Queue->Thread->Tcb.Win32Thread;
  
     if (MessageBits & QS_KEY)
-   {
+   {  
        if (--Queue->nCntsQBits[QSRosKey] == 0) ClrMask |= QS_KEY;
     }
     if (MessageBits & QS_MOUSEMOVE) // ReactOS hard coded.
@@ -189,10 +291,11 @@ MsqPostMouseMove(PUSER_MESSAGE_QUEUE MessageQueue, MSG* Msg)
  }
  
  VOID FASTCALL
-co_MsqInsertMouseMessage(MSG* Msg)
+co_MsqInsertMouseMessage(MSG* Msg, DWORD flags, ULONG_PTR dwExtraInfo, BOOL Hook)
  {
     LARGE_INTEGER LargeTickCount;
     MSLLHOOKSTRUCT MouseHookData;
+   PDESKTOP pDesk;
     PWND pwnd, pwndDesktop;
  
     KeQueryTickCount(&LargeTickCount);
@@ -218,24 +321,38 @@ co_MsqInsertMouseMessage(MSG* Msg)
           break;
     }
  
-   MouseHookData.flags = 0;
+   MouseHookData.flags = flags; // LLMHF_INJECTED
     MouseHookData.time = Msg->time;
-   MouseHookData.dwExtraInfo = 0;
+   MouseHookData.dwExtraInfo = dwExtraInfo;
  
     /* If the hook procedure returned non zero, dont send the message */
-   if (co_HOOK_CallHooks(WH_MOUSE_LL, HC_ACTION, Msg->message, (LPARAM) &MouseHookData))
-      return;
+   if (Hook)
+   {
+      if (co_HOOK_CallHooks(WH_MOUSE_LL, HC_ACTION, Msg->message, (LPARAM) &MouseHookData))
+         return;
+   }
  
     /* Get the desktop window */
     pwndDesktop = UserGetDesktopWindow();
     if(!pwndDesktop)
         return;
  
+   /* Set hit somewhere on the desktop */
+   pDesk = pwndDesktop->head.rpdesk;
+   pDesk->htEx = HTNOWHERE;
+   pDesk->spwndTrack = pwndDesktop;
+
     /* Check if the mouse is captured */
     Msg->hwnd = IntGetCaptureWindow();
     if(Msg->hwnd != NULL)
     {
         pwnd = UserGetWindowObject(Msg->hwnd);
+       if ((pwnd->style & WS_VISIBLE) && 
+            IntPtInWindow(pwnd, Msg->pt.x, Msg->pt.y))
+       {
+          pDesk->htEx = HTCLIENT;
+          pDesk->spwndTrack = pwnd;
+       }
     }
     else
     {
@@ -244,10 +361,18 @@ co_MsqInsertMouseMessage(MSG* Msg)
              pwnd != NULL;
              pwnd = pwnd->spwndNext )
         {
-           if((pwnd->style & WS_VISIBLE) &&
+           if ( pwnd->state2 & WNDS2_INDESTROY || pwnd->state & WNDS_DESTROYED )
+           {
+              DPRINT("The Window is in DESTROY!\n");
+              continue;
+           }
+
+           if((pwnd->style & WS_VISIBLE) && 
                IntPtInWindow(pwnd, Msg->pt.x, Msg->pt.y))
             {
                 Msg->hwnd = pwnd->head.h;
+               pDesk->htEx = HTCLIENT;
+               pDesk->spwndTrack = pwnd;
                 break;
             }
         }
@@ -267,6 +392,13 @@ co_MsqInsertMouseMessage(MSG* Msg)
             MsqPostMessage(pwnd->head.pti->MessageQueue, Msg, TRUE, QS_MOUSEBUTTON);
         }
     }
+
+   /* Do GetMouseMovePointsEx FIFO. */
+   MouseHistoryOfMoves[gcur_count].x = Msg->pt.x;
+   MouseHistoryOfMoves[gcur_count].y = Msg->pt.y;
+   MouseHistoryOfMoves[gcur_count].time = Msg->time;
+   MouseHistoryOfMoves[gcur_count].dwExtraInfo = dwExtraInfo;
+   if (gcur_count++ == 64) gcur_count = 0; // 0 - 63 is 64, FIFO forwards.
  }
  
  //
@@ -331,6 +463,7 @@ co_MsqPostKeyboardMessage(UINT uMsg, WPARAM wParam, LPARAM lParam)
           FocusMessageQueue->Desktop->pDeskInfo->LastInputWasKbd = TRUE;
  
           Msg.pt = gpsi->ptCursor;
+         update_input_key_state(FocusMessageQueue, &Msg);
           MsqPostMessage(FocusMessageQueue, &Msg, TRUE, QS_KEY);
     }
     else
@@ -349,6 +482,8 @@ MsqPostHotKeyMessage(PVOID Thread, HWND hWnd, WPARAM wParam, LPARAM lParam)
     MSG Mesg;
     LARGE_INTEGER LargeTickCount;
     NTSTATUS Status;
+   INT id;
+   DWORD Type;
  
     Status = ObReferenceObjectByPointer (Thread,
                                          THREAD_ALL_ACCESS,
@@ -371,14 +506,17 @@ MsqPostHotKeyMessage(PVOID Thread, HWND hWnd, WPARAM wParam, LPARAM lParam)
        return;
     }
  
-   Mesg.hwnd = hWnd;
-   Mesg.message = WM_HOTKEY;
-   Mesg.wParam = wParam;
-   Mesg.lParam = lParam;
+   id = wParam; // Check for hot keys unrelated to the hot keys set by RegisterHotKey.
+
+   Mesg.hwnd    = hWnd;
+   Mesg.message = id != IDHOT_REACTOS ? WM_HOTKEY : WM_SYSCOMMAND;
+   Mesg.wParam  = id != IDHOT_REACTOS ? wParam    : SC_HOTKEY;
+   Mesg.lParam  = id != IDHOT_REACTOS ? lParam    : (LPARAM)hWnd;
+   Type         = id != IDHOT_REACTOS ? QS_HOTKEY : QS_POSTMESSAGE;
     KeQueryTickCount(&LargeTickCount);
-   Mesg.time = MsqCalculateMessageTime(&LargeTickCount);
-   Mesg.pt = gpsi->ptCursor;
-   MsqPostMessage(Window->head.pti->MessageQueue, &Mesg, FALSE, QS_HOTKEY);
+   Mesg.time    = MsqCalculateMessageTime(&LargeTickCount);
+   Mesg.pt      = gpsi->ptCursor;
+   MsqPostMessage(Window->head.pti->MessageQueue, &Mesg, FALSE, Type);
     UserDereferenceObject(Window);
     ObDereferenceObject (Thread);
  
@@ -406,49 +544,13 @@ MsqDestroyMessage(PUSER_MESSAGE Message)
     ExFreeToPagedLookasideList(&MessageLookasideList, Message);
  }
  
-VOID FASTCALL
-MsqDestroySentMessage(PUSER_MESSAGE_QUEUE MessageQueue, PUSER_SENT_MESSAGE SentMessage)
-{
-   /* remove the message from the dispatching list if needed */
-   if (SentMessage->DispatchingListEntry.Flink != NULL)
-   {
-      RemoveEntryList(&SentMessage->DispatchingListEntry);
-   }
-
-   /* wake the sender's thread */
-   if (SentMessage->CompletionEvent != NULL)
-   {
-      KeSetEvent(SentMessage->CompletionEvent, IO_NO_INCREMENT, FALSE);
-   }
-   
-   /* dereference message queues */
-   IntDereferenceMessageQueue(MessageQueue);
-   if (SentMessage->SenderQueue)
-   {
-      IntDereferenceMessageQueue(SentMessage->SenderQueue);
-   }
-   if (SentMessage->CallBackSenderQueue)
-   {
-      IntDereferenceMessageQueue(SentMessage->CallBackSenderQueue);
-   }
-
-   /* free lParam if needed */
-   if (SentMessage->HasPackedLParam == TRUE && SentMessage->Msg.lParam)
-   {
-      ExFreePool((PVOID)SentMessage->Msg.lParam);
-   }
-
-   /* free the message */
-   ExFreePoolWithTag(SentMessage, TAG_USRMSG);
-}
-
  BOOLEAN FASTCALL
  co_MsqDispatchOneSentMessage(PUSER_MESSAGE_QUEUE MessageQueue)
  {
     PUSER_SENT_MESSAGE SaveMsg, Message;
     PLIST_ENTRY Entry;
-   LRESULT Result;
     PTHREADINFO pti;
+   LRESULT Result = 0;
  
     if (IsListEmpty(&MessageQueue->SentMessagesListHead))
     {
@@ -492,6 +594,28 @@ co_MsqDispatchOneSentMessage(PUSER_MESSAGE_QUEUE MessageQueue)
                                      Message->Msg.wParam,
                                      Message->Msg.lParam);
     }
+   else if ((Message->CompletionCallback)
+       && (Message->CallBackSenderQueue == MessageQueue))
+   {   /* Call the callback routine */
+      if (Message->QS_Flags & QS_SMRESULT)
+      {
+         co_IntCallSentMessageCallback(Message->CompletionCallback,
+                                       Message->Msg.hwnd,
+                                       Message->Msg.message,
+                                       Message->CompletionCallbackContext,
+                                       Message->lResult);
+         /* Set callback to NULL to prevent reentry */
+         Message->CompletionCallback = NULL;
+      }
+      else
+      {
+         /* The message has not been processed yet, reinsert it. */
+         RemoveEntryList(&Message->ListEntry);
+         InsertTailList(&Message->CallBackSenderQueue->SentMessagesListHead, &Message->ListEntry);
+         DPRINT("Callback Message not processed yet. Requeuing the message\n");
+         return (FALSE);
+      }
+   }
     else
     {  /* Call the window procedure. */
        Result = co_IntSendMessage( Message->Msg.hwnd,
@@ -504,11 +628,30 @@ co_MsqDispatchOneSentMessage(PUSER_MESSAGE_QUEUE MessageQueue)
        to be cleaned up on thread termination anymore */
     RemoveEntryList(&Message->ListEntry);
  
+   /* If the message is a callback, insert it in the callback senders MessageQueue */
+   if (Message->CompletionCallback)
+   {
+      if (Message->CallBackSenderQueue)
+      {
+         Message->lResult = Result;
+         Message->QS_Flags |= QS_SMRESULT;
+
+         /* insert it in the callers message queue */
+         InsertTailList(&Message->CallBackSenderQueue->SentMessagesListHead, &Message->ListEntry);
+         MsqWakeQueue(Message->CallBackSenderQueue, QS_SENDMESSAGE, TRUE);
+         IntDereferenceMessageQueue(Message->CallBackSenderQueue);
+      }
+      return (TRUE);
+   }
+
     /* remove the message from the dispatching list if needed, so lock the sender's message queue */
-   if (Message->DispatchingListEntry.Flink != NULL)
+   if (Message->SenderQueue)
     {
-       RemoveEntryList(&Message->DispatchingListEntry);
-       Message->DispatchingListEntry.Flink = NULL;
+      if (Message->DispatchingListEntry.Flink != NULL)
+      {
+         /* only remove it from the dispatching list if not already removed by a timeout */
+         RemoveEntryList(&Message->DispatchingListEntry);
+      }
     }
     /* still keep the sender's message queue locked, so the sender can't exit the
        MsqSendMessage() function (if timed out) */
@@ -524,24 +667,28 @@ co_MsqDispatchOneSentMessage(PUSER_MESSAGE_QUEUE MessageQueue)
        *Message->Result = Result;
     }
  
+   if (Message->HasPackedLParam == TRUE)
+   {
+      if (Message->Msg.lParam)
+         ExFreePool((PVOID)Message->Msg.lParam);
+   }
+
     /* Notify the sender. */
     if (Message->CompletionEvent != NULL)
     {
        KeSetEvent(Message->CompletionEvent, IO_NO_INCREMENT, FALSE);
-      Message->CompletionEvent = NULL; /* prevent MsqDestroySentMessage from setting this event again */
     }
  
-   /* Call the callback if the message was sent with SendMessageCallback */
-   if (Message->CompletionCallback != NULL)
+   /* if the message has a sender */
+   if (Message->SenderQueue)
     {
-      co_IntCallSentMessageCallback(Message->CompletionCallback,
-                                    Message->Msg.hwnd,
-                                    Message->Msg.message,
-                                    Message->CompletionCallbackContext,
-                                    Result);
+       /* dereference our and the sender's message queue */
+      IntDereferenceMessageQueue(Message->SenderQueue);
+      IntDereferenceMessageQueue(MessageQueue);
     }
  
-   MsqDestroySentMessage(MessageQueue, Message);
+   /* free the message */
+   ExFreePoolWithTag(Message, TAG_USRMSG);
  
     /* do not hangup on the user if this is reentering */
     if (!SaveMsg) pti->pcti->CTI_flags &= ~CTI_INSENDMESSAGE;
@@ -571,14 +718,16 @@ MsqRemoveWindowMessagesFromQueue(PVOID pWindow)
     {
        PostedMessage = CONTAINING_RECORD(CurrentEntry, USER_MESSAGE,
                                          ListEntry);
-      /* set CurrentEntry to next before destroying message */
-      CurrentEntry = CurrentEntry->Flink;
-      
        if (PostedMessage->Msg.hwnd == Window->head.h)
        {
           RemoveEntryList(&PostedMessage->ListEntry);
           ClearMsgBitsMask(MessageQueue, PostedMessage->QS_Flags);
           MsqDestroyMessage(PostedMessage);
+         CurrentEntry = MessageQueue->PostedMessagesListHead.Flink;
+      }
+      else
+      {
+         CurrentEntry = CurrentEntry->Flink;
        }
     }
  
@@ -589,9 +738,6 @@ MsqRemoveWindowMessagesFromQueue(PVOID pWindow)
     {
        SentMessage = CONTAINING_RECORD(CurrentEntry, USER_SENT_MESSAGE,
                                        ListEntry);
-      /* set CurrentEntry to next before destroying message */
-      CurrentEntry = CurrentEntry->Flink;
-      
        if(SentMessage->Msg.hwnd == Window->head.h)
        {
           DPRINT("Notify the sender and remove a message from the queue that had not been dispatched\n");
@@ -599,7 +745,46 @@ MsqRemoveWindowMessagesFromQueue(PVOID pWindow)
           RemoveEntryList(&SentMessage->ListEntry);
           ClearMsgBitsMask(MessageQueue, SentMessage->QS_Flags);
  
-         MsqDestroySentMessage(MessageQueue, SentMessage);
+         /* if it is a callback and this queue is not the sender queue, dereference queue */
+         if ((SentMessage->CompletionCallback) && (SentMessage->CallBackSenderQueue != MessageQueue))
+         {
+            IntDereferenceMessageQueue(SentMessage->CallBackSenderQueue);
+         }
+         /* Only if the message has a sender was the queue referenced */
+         if ((SentMessage->SenderQueue)
+            && (SentMessage->DispatchingListEntry.Flink != NULL))
+         {
+            RemoveEntryList(&SentMessage->DispatchingListEntry);
+         }
+
+         /* wake the sender's thread */
+         if (SentMessage->CompletionEvent != NULL)
+         {
+            KeSetEvent(SentMessage->CompletionEvent, IO_NO_INCREMENT, FALSE);
+         }
+
+         if (SentMessage->HasPackedLParam == TRUE)
+         {
+            if (SentMessage->Msg.lParam)
+               ExFreePool((PVOID)SentMessage->Msg.lParam);
+         }
+
+         /* if the message has a sender */
+         if (SentMessage->SenderQueue)
+         {
+            /* dereference our and the sender's message queue */
+            IntDereferenceMessageQueue(MessageQueue);
+            IntDereferenceMessageQueue(SentMessage->SenderQueue);
+         }
+
+         /* free the message */
+         ExFreePoolWithTag(SentMessage, TAG_USRMSG);
+
+         CurrentEntry = MessageQueue->SentMessagesListHead.Flink;
+      }
+      else
+      {
+         CurrentEntry = CurrentEntry->Flink;
        }
     }
  }
@@ -610,7 +795,7 @@ co_MsqSendMessage(PUSER_MESSAGE_QUEUE MessageQueue,
                    UINT uTimeout, BOOL Block, INT HookMessage,
                    ULONG_PTR *uResult)
  {
-   PTHREADINFO pti;
+   PTHREADINFO pti, ptirec;
     PUSER_SENT_MESSAGE Message;
     KEVENT CompletionEvent;
     NTSTATUS WaitStatus;
@@ -629,11 +814,13 @@ co_MsqSendMessage(PUSER_MESSAGE_QUEUE MessageQueue,
  
     pti = PsGetCurrentThreadWin32Thread();
     ThreadQueue = pti->MessageQueue;
+   ptirec = MessageQueue->Thread->Tcb.Win32Thread;
     ASSERT(ThreadQueue != MessageQueue);
-
+   ASSERT(ptirec->pcti); // Send must have a client side to receive it!!!!
+   
     Timeout.QuadPart = (LONGLONG) uTimeout * (LONGLONG) -10000;
  
-   /* FIXME - increase reference counter of sender's message queue here - isn't it done? */
+   /* FIXME - increase reference counter of sender's message queue here */
  
     Message->Msg.hwnd = Wnd;
     Message->Msg.message = Msg;
@@ -643,9 +830,9 @@ co_MsqSendMessage(PUSER_MESSAGE_QUEUE MessageQueue,
     Message->Result = &Result;
     Message->lResult = 0;
     Message->QS_Flags = 0;
-   IntReferenceMessageQueue(ThreadQueue);
     Message->SenderQueue = ThreadQueue;
     Message->CallBackSenderQueue = NULL;
+   IntReferenceMessageQueue(ThreadQueue);
     Message->CompletionCallback = NULL;
     Message->CompletionCallbackContext = 0;
     Message->HookMessage = HookMessage;
@@ -714,7 +901,7 @@ co_MsqSendMessage(PUSER_MESSAGE_QUEUE MessageQueue,
              Entry = Entry->Flink;
           }
  
-         DPRINT("MsqSendMessage (blocked) timed out\n");
+         DPRINT("MsqSendMessage (blocked) timed out 1\n");
        }
        while (co_MsqDispatchOneSentMessage(ThreadQueue))
           ;
@@ -774,7 +961,7 @@ co_MsqSendMessage(PUSER_MESSAGE_QUEUE MessageQueue,
                 Entry = Entry->Flink;
              }
  
-            DPRINT("MsqSendMessage timed out\n");
+            DPRINT("MsqSendMessage timed out 2\n");
              break;
           }
           while (co_MsqDispatchOneSentMessage(ThreadQueue))
@@ -847,7 +1034,7 @@ static void MsqSendParentNotify( PWND pwnd, WORD event, WORD idChild, POINT pt )
          if (pwndParent == pwndDesktop) break;
          pt.x += pwnd->rcClient.left - pwndParent->rcClient.left;
          pt.y += pwnd->rcClient.top - pwndParent->rcClient.top;
-
+        
          pwnd = pwndParent;
          co_IntSendMessage( UserHMGetHandle(pwnd), WM_PARENTNOTIFY,
                        MAKEWPARAM( event, idChild ), MAKELPARAM( pt.x, pt.y ) );
@@ -889,7 +1076,7 @@ BOOL co_IntProcessMouseMessage(MSG* msg, BOOL* RemoveMessages, UINT first, UINT
      }
  
      DPRINT("Got mouse message for 0x%x, hittest: 0x%x\n", msg->hwnd, hittest );
-
+    
      if (pwndMsg == NULL || pwndMsg->head.pti != pti)
      {
          /* Remove and ignore the message */
@@ -959,7 +1146,7 @@ BOOL co_IntProcessMouseMessage(MSG* msg, BOOL* RemoveMessages, UINT first, UINT
             }
          }
  
-        if (!((first ==  0 && last == 0) || (message >= first || message <= last)))
+        if (!((first ==  0 && last == 0) || (message >= first || message <= last))) 
          {
              DPRINT("Message out of range!!!\n");
              RETURN(FALSE);
@@ -1010,8 +1197,6 @@ BOOL co_IntProcessMouseMessage(MSG* msg, BOOL* RemoveMessages, UINT first, UINT
  
      /* message is accepted now (but may still get dropped) */
  
-    pti->rpdesk->htEx = hittest; /* Now set the capture hit. */
-
      event.message = msg->message;
      event.time    = msg->time;
      event.hwnd    = msg->hwnd;
@@ -1082,8 +1267,8 @@ BOOL co_IntProcessMouseMessage(MSG* msg, BOOL* RemoveMessages, UINT first, UINT
  
              if (pwndTop && pwndTop != pwndDesktop)
              {
-                LONG ret = co_IntSendMessage( msg->hwnd,
-                                              WM_MOUSEACTIVATE,
+                LONG ret = co_IntSendMessage( msg->hwnd, 
+                                              WM_MOUSEACTIVATE, 
                                                (WPARAM)UserHMGetHandle(pwndTop),
                                                MAKELONG( hittest, msg->message));
                  switch(ret)
@@ -1128,6 +1313,27 @@ BOOL co_IntProcessKeyboardMessage(MSG* Msg, BOOL* RemoveMessages)
  {
      EVENTMSG Event;
  
+    if (Msg->message == WM_KEYDOWN || Msg->message == WM_SYSKEYDOWN ||
+        Msg->message == WM_KEYUP || Msg->message == WM_SYSKEYUP)
+    {
+        switch (Msg->wParam)
+        {
+            case VK_LSHIFT: case VK_RSHIFT:
+                Msg->wParam = VK_SHIFT;
+                break;
+            case VK_LCONTROL: case VK_RCONTROL:
+                Msg->wParam = VK_CONTROL;
+                break;
+            case VK_LMENU: case VK_RMENU:
+                Msg->wParam = VK_MENU;
+                break;
+            case VK_F10:
+                if (Msg->message == WM_KEYUP) Msg->message = WM_SYSKEYUP;
+                if (Msg->message == WM_KEYDOWN) Msg->message = WM_SYSKEYDOWN;
+                break;
+        }
+    }
+
      Event.message = Msg->message;
      Event.hwnd    = Msg->hwnd;
      Event.time    = Msg->time;
@@ -1237,7 +1443,7 @@ co_MsqPeekHardwareMessage(IN PUSER_MESSAGE_QUEUE MessageQueue,
  
      CurrentMessage = CONTAINING_RECORD(CurrentEntry, USER_MESSAGE,
                                            ListEntry);
-    do
+    do 
      {
          if (IsListEmpty(CurrentEntry)) break;
          if (!CurrentMessage) break;
@@ -1252,6 +1458,7 @@ co_MsqPeekHardwareMessage(IN PUSER_MESSAGE_QUEUE MessageQueue,
  
             if (Remove)
             {
+               update_input_key_state(MessageQueue, pMsg);
                 RemoveEntryList(&CurrentMessage->ListEntry);
                 ClearMsgBitsMask(MessageQueue, CurrentMessage->QS_Flags);
                 MsqDestroyMessage(CurrentMessage);
@@ -1283,7 +1490,7 @@ MsqPeekMessage(IN PUSER_MESSAGE_QUEUE MessageQueue,
     PLIST_ENTRY CurrentEntry;
     PUSER_MESSAGE CurrentMessage;
     PLIST_ENTRY ListHead;
-
+   
     CurrentEntry = MessageQueue->PostedMessagesListHead.Flink;
     ListHead = &MessageQueue->PostedMessagesListHead;
  
@@ -1296,8 +1503,15 @@ MsqPeekMessage(IN PUSER_MESSAGE_QUEUE MessageQueue,
        if (IsListEmpty(CurrentEntry)) break;
        if (!CurrentMessage) break;
        CurrentEntry = CurrentEntry->Flink;
-
-      if ( ( !Window || Window == HWND_BOTTOM || Window->head.h == CurrentMessage->Msg.hwnd ) &&
+/*
+ MSDN:
+ 1: any window that belongs to the current thread, and any messages on the current thread's message queue whose hwnd value is NULL.
+ 2: retrieves only messages on the current thread's message queue whose hwnd value is NULL.
+ 3: handle to the window whose messages are to be retrieved.
+ */
+      if ( ( !Window || // 1
+            ( Window == HWND_BOTTOM && CurrentMessage->Msg.hwnd == NULL ) || // 2
+            ( Window != HWND_BOTTOM && Window->head.h == CurrentMessage->Msg.hwnd ) ) && // 3
              ( ( ( MsgFilterLow == 0 && MsgFilterHigh == 0 ) && CurrentMessage->QS_Flags & QSflags ) ||
                ( MsgFilterLow <= CurrentMessage->Msg.message && MsgFilterHigh >= CurrentMessage->Msg.message ) ) )
        {
@@ -1324,13 +1538,12 @@ co_MsqWaitForNewMessages(PUSER_MESSAGE_QUEUE MessageQueue, PWND WndFilter,
                           UINT MsgFilterMin, UINT MsgFilterMax)
  {
     NTSTATUS ret;
-
     UserLeaveCo();
-   ret = KeWaitForSingleObject(MessageQueue->NewMessages,
-                              Executive,
-                              UserMode,
-                              FALSE,
-                              NULL);
+   ret = KeWaitForSingleObject( MessageQueue->NewMessages,
+                                UserRequest,
+                                UserMode,
+                                FALSE, 
+                                NULL );
     UserEnterCo();
     return ret;
  }
@@ -1344,6 +1557,15 @@ MsqIsHung(PUSER_MESSAGE_QUEUE MessageQueue)
     return ((LargeTickCount.u.LowPart - MessageQueue->LastMsgRead) > MSQ_HUNG);
  }
  
+VOID
+CALLBACK
+HungAppSysTimerProc(HWND hwnd, UINT uMsg, UINT_PTR idEvent, DWORD dwTime)
+{
+   //DoTheScreenSaver();
+   DPRINT("HungAppSysTimerProc\n");
+   // Process list of windows that are hung and waiting.
+}
+
  BOOLEAN FASTCALL
  MsqInitializeMessageQueue(struct _ETHREAD *Thread, PUSER_MESSAGE_QUEUE MessageQueue)
  {
@@ -1392,7 +1614,7 @@ MsqCleanupMessageQueue(PUSER_MESSAGE_QUEUE MessageQueue)
     PUSER_MESSAGE CurrentMessage;
     PUSER_SENT_MESSAGE CurrentSentMessage;
     PTHREADINFO pti;
-
+   
     pti = MessageQueue->Thread->Tcb.Win32Thread;
  
  
@@ -1412,9 +1634,42 @@ MsqCleanupMessageQueue(PUSER_MESSAGE_QUEUE MessageQueue)
        CurrentSentMessage = CONTAINING_RECORD(CurrentEntry, USER_SENT_MESSAGE,
                                               ListEntry);
  
+      /* if it is a callback and this queue is not the sender queue, dereference queue */
+      if ((CurrentSentMessage->CompletionCallback) && (CurrentSentMessage->CallBackSenderQueue != MessageQueue))
+      {
+         IntDereferenceMessageQueue(CurrentSentMessage->CallBackSenderQueue);
+      }
+
        DPRINT("Notify the sender and remove a message from the queue that had not been dispatched\n");
+      /* Only if the message has a sender was the message in the DispatchingList */
+      if ((CurrentSentMessage->SenderQueue) 
+         && (CurrentSentMessage->DispatchingListEntry.Flink != NULL))
+      {
+         RemoveEntryList(&CurrentSentMessage->DispatchingListEntry);
+      }
+
+      /* wake the sender's thread */
+      if (CurrentSentMessage->CompletionEvent != NULL)
+      {
+         KeSetEvent(CurrentSentMessage->CompletionEvent, IO_NO_INCREMENT, FALSE);
+      }
+
+      if (CurrentSentMessage->HasPackedLParam == TRUE)
+      {
+         if (CurrentSentMessage->Msg.lParam)
+            ExFreePool((PVOID)CurrentSentMessage->Msg.lParam);
+      }
  
-      MsqDestroySentMessage(MessageQueue, CurrentSentMessage);
+      /* if the message has a sender */
+      if (CurrentSentMessage->SenderQueue)
+      {
+         /* dereference our and the sender's message queue */
+         IntDereferenceMessageQueue(MessageQueue);
+         IntDereferenceMessageQueue(CurrentSentMessage->SenderQueue);
+      }
+
+      /* free the message */
+      ExFreePool(CurrentSentMessage);
     }
  
     /* notify senders of dispatching messages. This needs to be cleaned up if e.g.
@@ -1425,9 +1680,42 @@ MsqCleanupMessageQueue(PUSER_MESSAGE_QUEUE MessageQueue)
        CurrentSentMessage = CONTAINING_RECORD(CurrentEntry, USER_SENT_MESSAGE,
                                               ListEntry);
  
+      /* if it is a callback and this queue is not the sender queue, dereference queue */
+      if ((CurrentSentMessage->CompletionCallback) && (CurrentSentMessage->CallBackSenderQueue != MessageQueue))
+      {
+         IntDereferenceMessageQueue(CurrentSentMessage->CallBackSenderQueue);
+      }
+
+      /* remove the message from the dispatching list */
+      if(CurrentSentMessage->DispatchingListEntry.Flink != NULL)
+      {
+         RemoveEntryList(&CurrentSentMessage->DispatchingListEntry);
+      }
+
        DPRINT("Notify the sender, the thread has been terminated while dispatching a message!\n");
  
-      MsqDestroySentMessage(MessageQueue, CurrentSentMessage);
+      /* wake the sender's thread */
+      if (CurrentSentMessage->CompletionEvent != NULL)
+      {
+         KeSetEvent(CurrentSentMessage->CompletionEvent, IO_NO_INCREMENT, FALSE);
+      }
+
+      if (CurrentSentMessage->HasPackedLParam == TRUE)
+      {
+         if (CurrentSentMessage->Msg.lParam)
+            ExFreePool((PVOID)CurrentSentMessage->Msg.lParam);
+      }
+
+      /* if the message has a sender */
+      if (CurrentSentMessage->SenderQueue)
+      {
+         /* dereference our and the sender's message queue */
+         IntDereferenceMessageQueue(MessageQueue);
+         IntDereferenceMessageQueue(CurrentSentMessage->SenderQueue);
+      }
+
+      /* free the message */
+      ExFreePool(CurrentSentMessage);
     }
  
     /* tell other threads not to bother returning any info to us */
@@ -1438,7 +1726,6 @@ MsqCleanupMessageQueue(PUSER_MESSAGE_QUEUE MessageQueue)
                                               DispatchingListEntry);
        CurrentSentMessage->CompletionEvent = NULL;
        CurrentSentMessage->Result = NULL;
-      CurrentSentMessage->DispatchingListEntry.Flink = NULL; // yeah!
  
        /* do NOT dereference our message queue as it might get attempted to be
           locked later */
@@ -1488,6 +1775,8 @@ MsqDestroyMessageQueue(PUSER_MESSAGE_QUEUE MessageQueue)
  {
     PDESKTOP desk;
  
+   MessageQueue->QF_flags |= QF_INDESTROY;
+
     /* remove the message queue from any desktops */
     if ((desk = InterlockedExchangePointer((PVOID*)&MessageQueue->Desktop, 0)))
     {
@@ -1498,6 +1787,9 @@ MsqDestroyMessageQueue(PUSER_MESSAGE_QUEUE MessageQueue)
     /* clean it up */
     MsqCleanupMessageQueue(MessageQueue);
  
+   if (MessageQueue->NewMessagesHandle != NULL)
+      ZwClose(MessageQueue->NewMessagesHandle);
+   MessageQueue->NewMessagesHandle = NULL;
     /* decrease the reference counter, if it hits zero, the queue will be freed */
     IntDereferenceMessageQueue(MessageQueue);
  }
@@ -1599,4 +1891,81 @@ MsqSetStateWindow(PUSER_MESSAGE_QUEUE MessageQueue, ULONG Type, HWND hWnd)
     return NULL;
  }
  
+SHORT
+APIENTRY
+NtUserGetKeyState(INT key)
+{
+   DWORD Ret;
+
+   UserEnterExclusive();
+
+   Ret = UserGetKeyState(key);
+
+   UserLeave();
+
+   return Ret;
+}
+
+
+DWORD
+APIENTRY
+NtUserGetKeyboardState(LPBYTE lpKeyState)
+{
+   DWORD ret = TRUE;
+   PTHREADINFO pti;
+   PUSER_MESSAGE_QUEUE MessageQueue;
+
+   UserEnterShared();
+
+   pti = PsGetCurrentThreadWin32Thread();
+   MessageQueue = pti->MessageQueue;
+
+   _SEH2_TRY
+   {
+       ProbeForWrite(lpKeyState,sizeof(MessageQueue->KeyState) ,1);
+       RtlCopyMemory(lpKeyState,MessageQueue->KeyState,sizeof(MessageQueue->KeyState));
+   }
+   _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
+   {
+       SetLastNtError(_SEH2_GetExceptionCode());
+       ret = FALSE;
+   }
+   _SEH2_END;
+
+   UserLeave();
+
+   return ret;
+}
+
+BOOL
+APIENTRY
+NtUserSetKeyboardState(LPBYTE lpKeyState)
+{
+   DWORD ret = TRUE;
+   PTHREADINFO pti;
+   PUSER_MESSAGE_QUEUE MessageQueue;
+
+   UserEnterExclusive();
+
+   pti = PsGetCurrentThreadWin32Thread();
+   MessageQueue = pti->MessageQueue;
+
+   _SEH2_TRY
+   {
+       ProbeForRead(lpKeyState,sizeof(MessageQueue->KeyState) ,1);
+       RtlCopyMemory(MessageQueue->KeyState,lpKeyState,sizeof(MessageQueue->KeyState));
+   }
+   _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
+   {
+       SetLastNtError(_SEH2_GetExceptionCode());
+       ret = FALSE;
+   }
+   _SEH2_END;
+
+   UserLeave();
+
+   return ret;
+}
+
+
  /* EOF */