[NTOS:MM]

- Use MmExpansionLock to synchronize changes to MmProcessList. Should fix random crashes in MmDeleteProcessAddressSpace.
CORE-10111 #resolve

svn path=/trunk/; revision=69031

diff --git a/reactos/ntoskrnl/mm/ARM3/miarm.h b/reactos/ntoskrnl/mm/ARM3/miarm.h
index 5ab84f4..73c176c 100644 (file)
--- a/reactos/ntoskrnl/mm/ARM3/miarm.h
+++ b/reactos/ntoskrnl/mm/ARM3/miarm.h
@@ -634,6 +634,8 @@ extern SIZE_T MmSystemLockPagesCount;
 extern ULONG_PTR MmSubsectionBase;
 extern LARGE_INTEGER MmCriticalSectionTimeout;
 extern LIST_ENTRY MmWorkingSetExpansionHead;
+extern KSPIN_LOCK MmExpansionLock;
+extern PETHREAD MiExpansionLockOwner;
 
 FORCEINLINE
 BOOLEAN
@@ -1330,6 +1332,29 @@ MiLockProcessWorkingSetForFault(IN PEPROCESS Process,
     }
 }
 
+FORCEINLINE
+KIRQL
+MiAcquireExpansionLock(VOID)
+{
+    KIRQL OldIrql;
+
+    ASSERT(KeGetCurrentIrql() <= APC_LEVEL);
+    KeAcquireSpinLock(&MmExpansionLock, &OldIrql);
+    ASSERT(MiExpansionLockOwner == NULL);
+    MiExpansionLockOwner = PsGetCurrentThread();
+    return OldIrql;
+}
+
+FORCEINLINE
+VOID
+MiReleaseExpansionLock(KIRQL OldIrql)
+{
+    ASSERT(MiExpansionLockOwner == PsGetCurrentThread());
+    MiExpansionLockOwner = NULL;
+    KeReleaseSpinLock(&MmExpansionLock, OldIrql);
+    ASSERT(KeGetCurrentIrql() <= APC_LEVEL);
+}
+
 //
 // Returns the ProtoPTE inside a VAD for the given VPN
 //

diff --git a/reactos/ntoskrnl/mm/ARM3/procsup.c b/reactos/ntoskrnl/mm/ARM3/procsup.c
index 6774c51..4b4adfd 100644 (file)
--- a/reactos/ntoskrnl/mm/ARM3/procsup.c
+++ b/reactos/ntoskrnl/mm/ARM3/procsup.c
@@ -1178,7 +1178,9 @@ MmCreateProcessAddressSpace(IN ULONG MinWs,
     Pfn1->PteAddress = (PMMPTE)PDE_BASE;
 
     /* Insert us into the Mm process list */
+    OldIrql = MiAcquireExpansionLock();
     InsertTailList(&MmProcessList, &Process->MmProcessLinks);
+    MiReleaseExpansionLock(OldIrql);
 
     /* Get a PTE to map the page directory */
     PointerPte = MiReserveSystemPtes(1, SystemPteSpace);

diff --git a/reactos/ntoskrnl/mm/ARM3/session.c b/reactos/ntoskrnl/mm/ARM3/session.c
index 0b4865d..b794bdb 100644 (file)
--- a/reactos/ntoskrnl/mm/ARM3/session.c
+++ b/reactos/ntoskrnl/mm/ARM3/session.c
@@ -35,29 +35,6 @@ PETHREAD MiExpansionLockOwner;
 
 /* PRIVATE FUNCTIONS **********************************************************/
 
-FORCEINLINE
-KIRQL
-MiAcquireExpansionLock(VOID)
-{
-    KIRQL OldIrql;
-
-    ASSERT(KeGetCurrentIrql() <= APC_LEVEL);
-    KeAcquireSpinLock(&MmExpansionLock, &OldIrql);
-    ASSERT(MiExpansionLockOwner == NULL);
-    MiExpansionLockOwner = PsGetCurrentThread();
-    return OldIrql;
-}
-
-FORCEINLINE
-VOID
-MiReleaseExpansionLock(KIRQL OldIrql)
-{
-    ASSERT(MiExpansionLockOwner == PsGetCurrentThread());
-    MiExpansionLockOwner = NULL;
-    KeReleaseSpinLock(&MmExpansionLock, OldIrql);
-    ASSERT(KeGetCurrentIrql() <= APC_LEVEL);
-}
-
 VOID
 NTAPI
 MiInitializeSessionWsSupport(VOID)

diff --git a/reactos/ntoskrnl/mm/marea.c b/reactos/ntoskrnl/mm/marea.c
index 7927f61..c52cad8 100644 (file)
--- a/reactos/ntoskrnl/mm/marea.c
+++ b/reactos/ntoskrnl/mm/marea.c
@@ -575,13 +575,16 @@ NTSTATUS
 NTAPI
 MmDeleteProcessAddressSpace(PEPROCESS Process)
 {
+    KIRQL OldIrql;
     PVOID Address;
 
     DPRINT("MmDeleteProcessAddressSpace(Process %p (%s))\n", Process,
            Process->ImageFileName);
 
 #ifndef _M_AMD64
+    OldIrql = MiAcquireExpansionLock();
     RemoveEntryList(&Process->MmProcessLinks);
+    MiReleaseExpansionLock(OldIrql);
 #endif
     MmLockAddressSpace(&Process->Vm);