[CRT] Fix MSVC version of call_handler

standard-compliant

drivers/wdm/audio/backpln/portcls/CMakeLists.txt

@@ -56,6 +56,9 @@ add_library(portcls MODULE
     portcls.rc
     ${CMAKE_CURRENT_BINARY_DIR}/portcls.def)
 
+if(NOT MSVC)
+    target_compile_options(portcls PRIVATE "-Wno-class-memaccess")
+endif()
 if(USE_CLANG_CL)
     target_compile_options(portcls PRIVATE "-Wno-missing-braces")
 endif()

drivers/wdm/audio/backpln/portcls/connection.cpp

@@ -25,36 +25,19 @@ RtlCreateUnicodeString(
 );
 
 
-class CUnregisterPhysicalConnection : public IUnregisterPhysicalConnection
+class CUnregisterPhysicalConnection : public CUnknownImpl<IUnregisterPhysicalConnection>
 {
 public:
     STDMETHODIMP QueryInterface( REFIID InterfaceId, PVOID* Interface);
 
-    STDMETHODIMP_(ULONG) AddRef()
-    {
-        InterlockedIncrement(&m_Ref);
-        return m_Ref;
-    }
-    STDMETHODIMP_(ULONG) Release()
-    {
-        InterlockedDecrement(&m_Ref);
-
-        if (!m_Ref)
-        {
-            delete this;
-            return 0;
-        }
-        return m_Ref;
-    }
     IMP_IUnregisterPhysicalConnection;
 
     CUnregisterPhysicalConnection(IUnknown *OuterUnknown){}
 
-    virtual ~CUnregisterPhysicalConnection(){}
+    virtual ~CUnregisterPhysicalConnection()
-
+    {
-protected:
+        RtlFillMemory(this, sizeof(*this), 0xCC);
-    LONG m_Ref;
+    }
-
 };
 
 NTSTATUS

drivers/wdm/audio/backpln/portcls/dma_slave.cpp

@@ -14,7 +14,7 @@
 
 #include <debug.h>
 
-class CDmaChannelInit : public IDmaChannelInit
+class CDmaChannelInit : public CUnknownImpl<IDmaChannelInit>
 {
 public:
     inline
@@ -26,31 +26,18 @@ public:
     {
         PVOID P = ExAllocatePoolWithTag(PoolType, Size, Tag);
         if (P)
-            RtlZeroMemory(P, Size);
+            RtlSecureZeroMemory(P, Size);
         return P;
     }
 
     STDMETHODIMP QueryInterface( REFIID InterfaceId, PVOID* Interface);
 
-    STDMETHODIMP_(ULONG) AddRef()
-    {
-        InterlockedIncrement(&m_Ref);
-        return m_Ref;
-    }
-    STDMETHODIMP_(ULONG) Release()
-    {
-        InterlockedDecrement(&m_Ref);
-
-        if (!m_Ref)
-        {
-            delete this;
-            return 0;
-        }
-        return m_Ref;
-    }
     IMP_IDmaChannelInit;
     CDmaChannelInit(IUnknown * OuterUnknown){}
-    virtual ~CDmaChannelInit(){}
+    virtual ~CDmaChannelInit()
+    {
+        RtlFillMemory(this, sizeof(*this), 0xCC);
+    }
 
 protected:
 
@@ -75,8 +62,6 @@ protected:
     BOOLEAN m_WriteToDevice;
 
     friend IO_ALLOCATION_ACTION NTAPI AdapterControl(IN PDEVICE_OBJECT  DeviceObject, IN PIRP  Irp, IN PVOID  MapRegisterBase, IN PVOID  Context);
-
-    LONG m_Ref;
 };
 
 

drivers/wdm/audio/backpln/portcls/drm_port.cpp

@@ -14,34 +14,17 @@
 
 #include <debug.h>
 
-class CDrmPort2 : public IDrmPort2
+class CDrmPort2 : public CUnknownImpl<IDrmPort2>
 {
 public:
     STDMETHODIMP QueryInterface( REFIID InterfaceId, PVOID* Interface);
 
-    STDMETHODIMP_(ULONG) AddRef()
-    {
-        InterlockedIncrement(&m_Ref);
-        return m_Ref;
-    }
-    STDMETHODIMP_(ULONG) Release()
-    {
-        InterlockedDecrement(&m_Ref);
-
-        if (!m_Ref)
-        {
-            delete this;
-            return 0;
-        }
-        return m_Ref;
-    }
     IMP_IDrmPort2;
     CDrmPort2(IUnknown *OuterUnknown){}
-    virtual ~CDrmPort2(){}
+    virtual ~CDrmPort2()
-
+    {
-protected:
+        RtlFillMemory(this, sizeof(*this), 0xCC);
-    LONG m_Ref;
+    }
-
 };
 
 NTSTATUS

drivers/wdm/audio/backpln/portcls/filter_dmus.cpp

@@ -14,36 +14,22 @@
 
 #include <debug.h>
 
-class CPortFilterDMus : public IPortFilterDMus
+class CPortFilterDMus : public CUnknownImpl<IPortFilterDMus>
 {
 public:
     STDMETHODIMP QueryInterface( REFIID InterfaceId, PVOID* Interface);
 
-    STDMETHODIMP_(ULONG) AddRef()
-    {
-        InterlockedIncrement(&m_Ref);
-        return m_Ref;
-    }
-    STDMETHODIMP_(ULONG) Release()
-    {
-        InterlockedDecrement(&m_Ref);
-
-        if (!m_Ref)
-        {
-            delete this;
-            return 0;
-        }
-        return m_Ref;
-    }
     IMP_IPortFilterDMus;
     CPortFilterDMus(IUnknown *OuterUnknown){}
-    virtual ~CPortFilterDMus(){}
+    virtual ~CPortFilterDMus()
+    {
+        RtlFillMemory(this, sizeof(*this), 0xCC);
+    }
 
 protected:
     IPortDMus* m_Port;
     IPortPinDMus ** m_Pins;
     SUBDEVICE_DESCRIPTOR * m_Descriptor;
-    LONG m_Ref;
 };
 
 NTSTATUS

drivers/wdm/audio/backpln/portcls/filter_topology.cpp

@@ -14,36 +14,22 @@
 
 #include <debug.h>
 
-class CPortFilterTopology : public IPortFilterTopology
+class CPortFilterTopology : public CUnknownImpl<IPortFilterTopology>
 {
 public:
     STDMETHODIMP QueryInterface( REFIID InterfaceId, PVOID* Interface);
 
-    STDMETHODIMP_(ULONG) AddRef()
-    {
-        InterlockedIncrement(&m_Ref);
-        return m_Ref;
-    }
-    STDMETHODIMP_(ULONG) Release()
-    {
-        InterlockedDecrement(&m_Ref);
-
-        if (!m_Ref)
-        {
-            delete this;
-            return 0;
-        }
-        return m_Ref;
-    }
     IMP_IPortFilterTopology;
     CPortFilterTopology(IUnknown *OuterUnknown){}
-    virtual ~CPortFilterTopology(){}
+    virtual ~CPortFilterTopology()
+    {
+        RtlFillMemory(this, sizeof(*this), 0xCC);
+    }
 
 protected:
     IPortTopology * m_Port;
     SUBDEVICE_DESCRIPTOR * m_Descriptor;
     ISubdevice * m_SubDevice;
-    LONG m_Ref;
 };
 
 

drivers/wdm/audio/backpln/portcls/filter_wavecyclic.cpp

@@ -14,37 +14,23 @@
 
 #include <debug.h>
 
-class CPortFilterWaveCyclic : public IPortFilterWaveCyclic
+class CPortFilterWaveCyclic : public CUnknownImpl<IPortFilterWaveCyclic>
 {
 public:
     STDMETHODIMP QueryInterface( REFIID InterfaceId, PVOID* Interface);
 
-    STDMETHODIMP_(ULONG) AddRef()
-    {
-        InterlockedIncrement(&m_Ref);
-        return m_Ref;
-    }
-    STDMETHODIMP_(ULONG) Release()
-    {
-        InterlockedDecrement(&m_Ref);
-
-        if (!m_Ref)
-        {
-            delete this;
-            return 0;
-        }
-        return m_Ref;
-    }
     IMP_IPortFilterWaveCyclic;
     CPortFilterWaveCyclic(IUnknown *OuterUnknown){}
-    virtual ~CPortFilterWaveCyclic(){}
+    virtual ~CPortFilterWaveCyclic()
+    {
+        RtlFillMemory(this, sizeof(*this), 0xCC);
+    }
 
 protected:
     IPortWaveCyclic* m_Port;
     IPortPinWaveCyclic ** m_Pins;
     SUBDEVICE_DESCRIPTOR * m_Descriptor;
     ISubdevice * m_SubDevice;
-    LONG m_Ref;
 };
 
 NTSTATUS

drivers/wdm/audio/backpln/portcls/filter_wavepci.cpp

@@ -14,37 +14,22 @@
 
 #include <debug.h>
 
-class CPortFilterWavePci : public IPortFilterWavePci
+class CPortFilterWavePci : public CUnknownImpl<IPortFilterWavePci>
 {
 public:
     STDMETHODIMP QueryInterface( REFIID InterfaceId, PVOID* Interface);
 
-    STDMETHODIMP_(ULONG) AddRef()
-    {
-        InterlockedIncrement(&m_Ref);
-        return m_Ref;
-    }
-    STDMETHODIMP_(ULONG) Release()
-    {
-        InterlockedDecrement(&m_Ref);
-
-        if (!m_Ref)
-        {
-            delete this;
-            return 0;
-        }
-        return m_Ref;
-    }
     IMP_IPortFilterPci;
     CPortFilterWavePci(IUnknown *OuterUnknown){}
-    virtual ~CPortFilterWavePci(){}
+    virtual ~CPortFilterWavePci()
+    {
+        RtlFillMemory(this, sizeof(*this), 0xCC);
+    }
 
 protected:
     IPortWavePci* m_Port;
     IPortPinWavePci ** m_Pins;
     SUBDEVICE_DESCRIPTOR * m_Descriptor;
-
-    LONG m_Ref;
 };
 
 NTSTATUS

drivers/wdm/audio/backpln/portcls/filter_wavert.cpp

@@ -14,38 +14,23 @@
 
 #include <debug.h>
 
-class CPortFilterWaveRT : public IPortFilterWaveRT
+class CPortFilterWaveRT : public CUnknownImpl<IPortFilterWaveRT>
 {
 public:
     STDMETHODIMP QueryInterface( REFIID InterfaceId, PVOID* Interface);
 
-    STDMETHODIMP_(ULONG) AddRef()
-    {
-        InterlockedIncrement(&m_Ref);
-        return m_Ref;
-    }
-    STDMETHODIMP_(ULONG) Release()
-    {
-        InterlockedDecrement(&m_Ref);
-
-        if (!m_Ref)
-        {
-            delete this;
-            return 0;
-        }
-        return m_Ref;
-    }
     IMP_IPortFilterWaveRT;
     CPortFilterWaveRT(IUnknown *OuterUnknown){}
-    virtual ~CPortFilterWaveRT(){}
+    virtual ~CPortFilterWaveRT()
+    {
+        RtlFillMemory(this, sizeof(*this), 0xCC);
+    }
 
 protected:
 
-
     IPortWaveRT* m_Port;
     IPortPinWaveRT ** m_Pins;
     SUBDEVICE_DESCRIPTOR * m_Descriptor;
-    LONG m_Ref;
 };
 
 NTSTATUS

drivers/wdm/audio/backpln/portcls/interrupt.cpp

@@ -21,30 +21,17 @@ typedef struct
     PVOID DynamicContext;
 }SYNC_ENTRY, *PSYNC_ENTRY;
 
-class CInterruptSync : public IInterruptSync
+class CInterruptSync : public CUnknownImpl<IInterruptSync>
 {
 public:
     STDMETHODIMP QueryInterface( REFIID InterfaceId, PVOID* Interface);
 
-    STDMETHODIMP_(ULONG) AddRef()
-    {
-        InterlockedIncrement(&m_Ref);
-        return m_Ref;
-    }
-    STDMETHODIMP_(ULONG) Release()
-    {
-        InterlockedDecrement(&m_Ref);
-
-        if (!m_Ref)
-        {
-            delete this;
-            return 0;
-        }
-        return m_Ref;
-    }
     IMP_IInterruptSync;
     CInterruptSync(IUnknown *OuterUnknown){}
-    virtual ~CInterruptSync(){}
+    virtual ~CInterruptSync()
+    {
+        RtlFillMemory(this, sizeof(*this), 0xCC);
+    }
 
 public:
 
@@ -59,8 +46,6 @@ public:
     PVOID m_DynamicContext;
     NTSTATUS m_Status;
 
-    LONG m_Ref;
-
     friend BOOLEAN NTAPI CInterruptSynchronizedRoutine(IN PVOID  ServiceContext);
     friend BOOLEAN NTAPI IInterruptServiceRoutine(IN PKINTERRUPT  Interrupt, IN PVOID  ServiceContext);
 };

drivers/wdm/audio/backpln/portcls/irpstream.cpp

@@ -39,30 +39,17 @@ RemoveHeadList_IRP(
     /* no non canceled irp has been found */
     return NULL;
 }
-class CIrpQueue : public IIrpQueue
+class CIrpQueue : public CUnknownImpl<IIrpQueue>
 {
 public:
     STDMETHODIMP QueryInterface( REFIID InterfaceId, PVOID* Interface);
 
-    STDMETHODIMP_(ULONG) AddRef()
-    {
-        InterlockedIncrement(&m_Ref);
-        return m_Ref;
-    }
-    STDMETHODIMP_(ULONG) Release()
-    {
-        InterlockedDecrement(&m_Ref);
-
-        if (!m_Ref)
-        {
-            delete this;
-            return 0;
-        }
-        return m_Ref;
-    }
     IMP_IIrpQueue;
     CIrpQueue(IUnknown *OuterUnknown){}
-    virtual ~CIrpQueue(){}
+    virtual ~CIrpQueue()
+    {
+        RtlFillMemory(this, sizeof(*this), 0xCC);
+    }
 
 protected:
 
@@ -83,7 +70,6 @@ protected:
 
     ULONG m_CurrentOffset;
     PIRP m_Irp;
-    volatile LONG m_Ref;
 };
 
 typedef struct

drivers/wdm/audio/backpln/portcls/miniport.cpp

@@ -23,7 +23,7 @@ operator new(
 {
     PVOID P = ExAllocatePoolWithTag(PoolType, Size, Tag);
     if (P)
-        RtlZeroMemory(P, Size);
+        RtlSecureZeroMemory(P, Size);
     return P;
 }
 

drivers/wdm/audio/backpln/portcls/miniport_dmus.cpp

@@ -67,12 +67,11 @@ const ULONG      kMPUInputBufferSize = 128;
  * reference counting and aggregation support.
  */
 class CMiniportDMusUART
-:   public IMiniportDMus,
+:   public CUnknownImpl<IMiniportDMus,
-    public IMusicTechnology,
+                        IMusicTechnology,
-    public IPowerNotify
+                        IPowerNotify>
 {
 private:
-    LONG            m_Ref;                  // Reference count
     KSSTATE         m_KSStateInput;         // Miniport state (RUN/PAUSE/ACQUIRE/STOP)
     PPORTDMUS       m_pPort;                // Callback interface.
     PUCHAR          m_pPortBase;            // Base port address.
@@ -105,23 +104,6 @@ private:
 public:
     STDMETHODIMP QueryInterface( REFIID InterfaceId, PVOID* Interface);
 
-    STDMETHODIMP_(ULONG) AddRef()
-    {
-        InterlockedIncrement(&m_Ref);
-        return m_Ref;
-    }
-    STDMETHODIMP_(ULONG) Release()
-    {
-        InterlockedDecrement(&m_Ref);
-
-        if (!m_Ref)
-        {
-            delete this;
-            return 0;
-        }
-        return m_Ref;
-    }
-
     CMiniportDMusUART(IUnknown * Unknown){}
     virtual ~CMiniportDMusUART();
 
@@ -204,10 +186,9 @@ public:
  * so it can expose this interface and CUnknown so it automatically gets
  * reference counting and aggregation support.
  */
-class CMiniportDMusUARTStream :   public IMXF
+class CMiniportDMusUARTStream :   public CUnknownImpl<IMXF>
 {
 private:
-    LONG                m_Ref;                  // Reference Count
     CMiniportDMusUART * m_pMiniport;            // Parent.
     REFERENCE_TIME      m_SnapshotTimeStamp;    // Current snapshot of miniport's input timestamp.
     PUCHAR              m_pPortBase;            // Base port address.
@@ -230,23 +211,6 @@ private:
 public:
     STDMETHODIMP QueryInterface( REFIID InterfaceId, PVOID* Interface);
 
-    STDMETHODIMP_(ULONG) AddRef()
-    {
-        InterlockedIncrement(&m_Ref);
-        return m_Ref;
-    }
-    STDMETHODIMP_(ULONG) Release()
-    {
-        InterlockedDecrement(&m_Ref);
-
-        if (!m_Ref)
-        {
-            delete this;
-            return 0;
-        }
-        return m_Ref;
-    }
-
     virtual ~CMiniportDMusUARTStream();
 
     STDMETHODIMP_(NTSTATUS) Init
@@ -1454,6 +1418,7 @@ CMiniportDMusUART::~CMiniportDMusUART(void)
         m_pPort->Release();
         m_pPort = NULL;
     }
+    RtlFillMemory(this, sizeof(*this), 0xCC);
 }
 
 #ifdef _MSC_VER
@@ -1927,6 +1892,7 @@ CMiniportDMusUARTStream::~CMiniportDMusUARTStream(void)
 
         m_pMiniport->Release();
     }
+    RtlFillMemory(this, sizeof(*this), 0xCC);
 }
 
 #ifdef _MSC_VER

drivers/wdm/audio/backpln/portcls/pin_dmus.cpp

@@ -14,34 +14,21 @@
 
 #include <debug.h>
 
-class CPortPinDMus : public IPortPinDMus
+class CPortPinDMus : public CUnknownImpl<IPortPinDMus>
 {
 public:
     STDMETHODIMP QueryInterface( REFIID InterfaceId, PVOID* Interface);
 
-    STDMETHODIMP_(ULONG) AddRef()
-    {
-        InterlockedIncrement(&m_Ref);
-        return m_Ref;
-    }
-    STDMETHODIMP_(ULONG) Release()
-    {
-        InterlockedDecrement(&m_Ref);
-
-        if (!m_Ref)
-        {
-            delete this;
-            return 0;
-        }
-        return m_Ref;
-    }
     IMP_IPortPinDMus;
     IMP_IServiceSink;
     IMP_IMasterClock;
     IMP_IAllocatorMXF;
 
      CPortPinDMus(IUnknown * OuterUnknown){}
-     virtual ~CPortPinDMus(){}
+     virtual ~CPortPinDMus()
+     {
+         RtlFillMemory(this, sizeof(*this), 0xCC);
+     }
 
 protected:
     VOID TransferMidiDataToDMus();
@@ -76,8 +63,6 @@ protected:
     ULONG m_PostCompleted;
 
     ULONG m_LastTag;
-
-    LONG m_Ref;
 };
 
 typedef struct

drivers/wdm/audio/backpln/portcls/pin_wavecyclic.cpp

@@ -14,8 +14,8 @@
 
 #include <debug.h>
 
-class CPortPinWaveCyclic : public IPortPinWaveCyclic,
+class CPortPinWaveCyclic : public CUnknownImpl<IPortPinWaveCyclic,
-                           public IServiceSink
+                                               IServiceSink>
 {
 public:
     inline
@@ -27,32 +27,19 @@ public:
     {
         PVOID P = ExAllocatePoolWithTag(PoolType, Size, Tag);
         if (P)
-            RtlZeroMemory(P, Size);
+            RtlSecureZeroMemory(P, Size);
         return P;
     }
 
     STDMETHODIMP QueryInterface( REFIID InterfaceId, PVOID* Interface);
 
-    STDMETHODIMP_(ULONG) AddRef()
-    {
-        InterlockedIncrement(&m_Ref);
-        return m_Ref;
-    }
-    STDMETHODIMP_(ULONG) Release()
-    {
-        InterlockedDecrement(&m_Ref);
-
-        if (!m_Ref)
-        {
-            delete this;
-            return 0;
-        }
-        return m_Ref;
-    }
     IMP_IPortPinWaveCyclic;
     IMP_IServiceSink;
     CPortPinWaveCyclic(IUnknown *OuterUnknown){}
-    virtual ~CPortPinWaveCyclic(){}
+    virtual ~CPortPinWaveCyclic()
+    {
+        RtlFillMemory(this, sizeof(*this), 0xCC);
+    }
 
 protected:
 
@@ -100,8 +87,6 @@ protected:
     KSRESET m_ResetState;
 
     ULONG m_Delay;
-
-    LONG m_Ref;
 };
 
 

drivers/wdm/audio/backpln/portcls/pin_wavepci.cpp

@@ -14,34 +14,21 @@
 
 #include <debug.h>
 
-class CPortPinWavePci : public IPortPinWavePci,
+class CPortPinWavePci : public CUnknownImpl<IPortPinWavePci,
-                        public IServiceSink,
+                                            IServiceSink,
-                        public IPortWavePciStream
+                                            IPortWavePciStream>
 {
 public:
     STDMETHODIMP QueryInterface( REFIID InterfaceId, PVOID* Interface);
 
-    STDMETHODIMP_(ULONG) AddRef()
-    {
-        InterlockedIncrement(&m_Ref);
-        return m_Ref;
-    }
-    STDMETHODIMP_(ULONG) Release()
-    {
-        InterlockedDecrement(&m_Ref);
-
-        if (!m_Ref)
-        {
-            delete this;
-            return 0;
-        }
-        return m_Ref;
-    }
     IMP_IPortPinWavePci;
     IMP_IServiceSink;
     IMP_IPortWavePciStream;
     CPortPinWavePci(IUnknown *OuterUnknown) {}
-    virtual ~CPortPinWavePci(){}
+    virtual ~CPortPinWavePci()
+    {
+        RtlFillMemory(this, sizeof(*this), 0xCC);
+    }
 protected:
 
     friend NTSTATUS NTAPI PinWavePciState(IN PIRP Irp, IN PKSIDENTIFIER Request, IN OUT PVOID Data);
@@ -74,8 +61,6 @@ protected:
 
     KSALLOCATOR_FRAMING m_AllocatorFraming;
 
-    LONG m_Ref;
-
     NTSTATUS NTAPI HandleKsProperty(IN PIRP Irp);
     NTSTATUS NTAPI HandleKsStream(IN PIRP Irp);
 };

drivers/wdm/audio/backpln/portcls/pin_wavert.cpp

@@ -14,30 +14,17 @@
 
 #include <debug.h>
 
-class CPortPinWaveRT : public IPortPinWaveRT
+class CPortPinWaveRT : public CUnknownImpl<IPortPinWaveRT>
 {
 public:
     STDMETHODIMP QueryInterface( REFIID InterfaceId, PVOID* Interface);
 
-    STDMETHODIMP_(ULONG) AddRef()
-    {
-        InterlockedIncrement(&m_Ref);
-        return m_Ref;
-    }
-    STDMETHODIMP_(ULONG) Release()
-    {
-        InterlockedDecrement(&m_Ref);
-
-        if (!m_Ref)
-        {
-            delete this;
-            return 0;
-        }
-        return m_Ref;
-    }
     IMP_IPortPinWaveRT;
     CPortPinWaveRT(IUnknown *OuterUnknown){}
-    virtual ~CPortPinWaveRT(){}
+    virtual ~CPortPinWaveRT()
+    {
+        RtlFillMemory(this, sizeof(*this), 0xCC);
+    }
 
 protected:
 
@@ -68,8 +55,6 @@ protected:
     MEMORY_CACHING_TYPE m_CacheType;
     PMDL m_Mdl;
 
-    LONG m_Ref;
-
     NTSTATUS NTAPI HandleKsProperty(IN PIRP Irp);
     NTSTATUS NTAPI HandleKsStream(IN PIRP Irp);
     VOID NTAPI SetStreamState(IN KSSTATE State);

drivers/wdm/audio/backpln/portcls/port_dmus.cpp

@@ -14,32 +14,19 @@
 
 #include <debug.h>
 
-class CPortDMus : public IPortDMus,
+class CPortDMus : public CUnknownImpl<IPortDMus,
-                  public ISubdevice
+                                      ISubdevice>
 {
 public:
     STDMETHODIMP QueryInterface( REFIID InterfaceId, PVOID* Interface);
 
-    STDMETHODIMP_(ULONG) AddRef()
-    {
-        InterlockedIncrement(&m_Ref);
-        return m_Ref;
-    }
-    STDMETHODIMP_(ULONG) Release()
-    {
-        InterlockedDecrement(&m_Ref);
-
-        if (!m_Ref)
-        {
-            delete this;
-            return 0;
-        }
-        return m_Ref;
-    }
     IMP_IPortDMus;
     IMP_ISubdevice;
     CPortDMus(IUnknown *OuterUnknown){}
-    virtual ~CPortDMus(){}
+    virtual ~CPortDMus()
+    {
+        RtlFillMemory(this, sizeof(*this), 0xCC);
+    }
 
 protected:
 
@@ -55,8 +42,6 @@ protected:
     PPCFILTER_DESCRIPTOR m_pDescriptor;
     PSUBDEVICE_DESCRIPTOR m_SubDeviceDescriptor;
 
-    LONG m_Ref;
-
     friend VOID GetDMusMiniport(IN IPortDMus * iface, IN PMINIPORTDMUS * Miniport, IN PMINIPORTMIDI * MidiMiniport);
 
 };

drivers/wdm/audio/backpln/portcls/port_topology.cpp

@@ -14,34 +14,21 @@
 
 #include <debug.h>
 
-class CPortTopology : public IPortTopology,
+class CPortTopology : public CUnknownImpl<IPortTopology,
-                      public ISubdevice,
+                                          ISubdevice,
-                      public IPortEvents
+                                          IPortEvents>
 {
 public:
     STDMETHODIMP QueryInterface( REFIID InterfaceId, PVOID* Interface);
 
-    STDMETHODIMP_(ULONG) AddRef()
-    {
-        InterlockedIncrement(&m_Ref);
-        return m_Ref;
-    }
-    STDMETHODIMP_(ULONG) Release()
-    {
-        InterlockedDecrement(&m_Ref);
-
-        if (!m_Ref)
-        {
-            delete this;
-            return 0;
-        }
-        return m_Ref;
-    }
     IMP_IPortTopology;
     IMP_ISubdevice;
     IMP_IPortEvents;
     CPortTopology(IUnknown *OuterUnknown){}
-    virtual ~CPortTopology(){}
+    virtual ~CPortTopology()
+    {
+        RtlFillMemory(this, sizeof(*this), 0xCC);
+    }
 
 protected:
     BOOL m_bInitialized;
@@ -55,8 +42,6 @@ protected:
     PSUBDEVICE_DESCRIPTOR m_SubDeviceDescriptor;
     IPortFilterTopology * m_Filter;
 
-    LONG m_Ref;
-
     friend PMINIPORTTOPOLOGY GetTopologyMiniport(PPORTTOPOLOGY Port);
 
 };

drivers/wdm/audio/backpln/portcls/port_wavecyclic.cpp

@@ -16,33 +16,21 @@
 
 GUID IID_IDmaChannelSlave;
 
-class CPortWaveCyclic : public IPortWaveCyclic,
+class CPortWaveCyclic : public CUnknownImpl<IPortWaveCyclic,
-                        public IPortEvents,
+                                            IPortEvents,
-                        public ISubdevice
+                                            ISubdevice>
 {
 public:
     STDMETHODIMP QueryInterface( REFIID InterfaceId, PVOID* Interface);
 
-    STDMETHODIMP_(ULONG) AddRef()
-    {
-        InterlockedIncrement(&m_Ref);
-        return m_Ref;
-    }
-    STDMETHODIMP_(ULONG) Release()
-    {
-        InterlockedDecrement(&m_Ref);
-        if (!m_Ref)
-        {
-            //delete this;
-            return 0;
-        }
-        return m_Ref;
-    }
     IMP_IPortWaveCyclic;
     IMP_ISubdevice;
     IMP_IPortEvents;
     CPortWaveCyclic(IUnknown *OuterUnknown){}
-    virtual ~CPortWaveCyclic(){}
+    virtual ~CPortWaveCyclic()
+    {
+        RtlFillMemory(this, sizeof(*this), 0xCC);
+    }
 
 protected:
     PDEVICE_OBJECT m_pDeviceObject;
@@ -53,8 +41,6 @@ protected:
     PSUBDEVICE_DESCRIPTOR m_SubDeviceDescriptor;
     IPortFilterWaveCyclic * m_Filter;
 
-    LONG m_Ref;
-
     friend PMINIPORTWAVECYCLIC GetWaveCyclicMiniport(IN IPortWaveCyclic* iface);
     friend PDEVICE_OBJECT GetDeviceObject(PPORTWAVECYCLIC iface);
 };

drivers/wdm/audio/backpln/portcls/port_wavepci.cpp

@@ -14,36 +14,23 @@
 
 #include <debug.h>
 
-class CPortWavePci : public IPortWavePci,
+class CPortWavePci : public CUnknownImpl<IPortWavePci,
-                     public IPortEvents,
+                                         IPortEvents,
-                     public ISubdevice,
+                                         ISubdevice,
-                     public IServiceSink
+                                         IServiceSink>
 {
 public:
     STDMETHODIMP QueryInterface( REFIID InterfaceId, PVOID* Interface);
 
-    STDMETHODIMP_(ULONG) AddRef()
-    {
-        InterlockedIncrement(&m_Ref);
-        return m_Ref;
-    }
-    STDMETHODIMP_(ULONG) Release()
-    {
-        InterlockedDecrement(&m_Ref);
-
-        if (!m_Ref)
-        {
-            delete this;
-            return 0;
-        }
-        return m_Ref;
-    }
     IMP_IPortWavePci;
     IMP_ISubdevice;
     IMP_IPortEvents;
     IMP_IServiceSink;
     CPortWavePci(IUnknown *OuterUnknown){}
-    virtual ~CPortWavePci() {}
+    virtual ~CPortWavePci()
+    {
+        RtlFillMemory(this, sizeof(*this), 0xCC);
+    }
 
 protected:
 
@@ -59,8 +46,6 @@ protected:
     LIST_ENTRY m_EventList;
     KSPIN_LOCK m_EventListLock;
 
-    LONG m_Ref;
-
     friend PDEVICE_OBJECT GetDeviceObjectFromPortWavePci(IPortWavePci* iface);
     friend PMINIPORTWAVEPCI GetWavePciMiniport(PPORTWAVEPCI iface);
 

drivers/wdm/audio/backpln/portcls/port_wavert.cpp

@@ -14,34 +14,21 @@
 
 #include <debug.h>
 
-class CPortWaveRT : public IPortWaveRT,
+class CPortWaveRT : public CUnknownImpl<IPortWaveRT,
-                    public IPortEvents,
+                                        IPortEvents,
-                    public ISubdevice
+                                        ISubdevice>
 {
 public:
     STDMETHODIMP QueryInterface( REFIID InterfaceId, PVOID* Interface);
 
-    STDMETHODIMP_(ULONG) AddRef()
-    {
-        InterlockedIncrement(&m_Ref);
-        return m_Ref;
-    }
-    STDMETHODIMP_(ULONG) Release()
-    {
-        InterlockedDecrement(&m_Ref);
-
-        if (!m_Ref)
-        {
-            delete this;
-            return 0;
-        }
-        return m_Ref;
-    }
     IMP_IPortWaveRT;
     IMP_ISubdevice;
     IMP_IPortEvents;
     CPortWaveRT(IUnknown *OuterUnknown) {}
-    virtual ~CPortWaveRT() {}
+    virtual ~CPortWaveRT()
+    {
+        RtlFillMemory(this, sizeof(*this), 0xCC);
+    }
 
 protected:
 
@@ -57,8 +44,6 @@ protected:
 
     friend PMINIPORTWAVERT GetWaveRTMiniport(IN IPortWaveRT* iface);
     friend PDEVICE_OBJECT GetDeviceObjectFromPortWaveRT(PPORTWAVERT iface);
-
-    LONG m_Ref;
 };
 
 static GUID InterfaceGuids[3] =

drivers/wdm/audio/backpln/portcls/port_wavertstream.cpp

@@ -14,33 +14,17 @@
 
 #include <debug.h>
 
-class CPortWaveRTStreamInit : public IPortWaveRTStreamInit
+class CPortWaveRTStreamInit : public CUnknownImpl<IPortWaveRTStreamInit>
 {
 public:
     STDMETHODIMP QueryInterface( REFIID InterfaceId, PVOID* Interface);
 
-    STDMETHODIMP_(ULONG) AddRef()
-    {
-        InterlockedIncrement(&m_Ref);
-        return m_Ref;
-    }
-    STDMETHODIMP_(ULONG) Release()
-    {
-        InterlockedDecrement(&m_Ref);
-
-        if (!m_Ref)
-        {
-            delete this;
-            return 0;
-        }
-        return m_Ref;
-    }
     IMP_IPortWaveRTStreamInit;
     CPortWaveRTStreamInit(IUnknown *OuterUnknown) {}
-    virtual ~CPortWaveRTStreamInit() {}
+    virtual ~CPortWaveRTStreamInit()
-
+    {
-protected:
+        RtlFillMemory(this, sizeof(*this), 0xCC);
-    LONG m_Ref;
+    }
 
 };
 

drivers/wdm/audio/backpln/portcls/private.hpp

@@ -439,4 +439,37 @@ typedef struct
     PKSOBJECT_CREATE_ITEM CreateItem;
 }DISPATCH_CONTEXT, *PDISPATCH_CONTEXT;
 
+template<typename... Interfaces>
+class CUnknownImpl : public Interfaces...
+{
+private:
+    volatile LONG m_Ref;
+protected:
+    CUnknownImpl() :
+        m_Ref(0)
+    {
+    }
+    virtual ~CUnknownImpl()
+    {
+    }
+public:
+    STDMETHODIMP_(ULONG) AddRef()
+    {
+        ULONG Ref = InterlockedIncrement(&m_Ref);
+        ASSERT(Ref < 0x10000);
+        return Ref;
+    }
+    STDMETHODIMP_(ULONG) Release()
+    {
+        ULONG Ref = InterlockedDecrement(&m_Ref);
+        ASSERT(Ref < 0x10000);
+        if (!Ref)
+        {
+            delete this;
+            return 0;
+        }
+        return Ref;
+    }
+};
+
 #endif /* PORTCLS_PRIVATE_H */

drivers/wdm/audio/backpln/portcls/registry.cpp

@@ -14,30 +14,13 @@
 
 #include <debug.h>
 
-class CRegistryKey : public IRegistryKey
+class CRegistryKey : public CUnknownImpl<IRegistryKey>
 {
 public:
     STDMETHODIMP QueryInterface( REFIID InterfaceId, PVOID* Interface);
 
-    STDMETHODIMP_(ULONG) AddRef()
-    {
-        InterlockedIncrement(&m_Ref);
-        return m_Ref;
-    }
-    STDMETHODIMP_(ULONG) Release()
-    {
-        InterlockedDecrement(&m_Ref);
-
-        if (!m_Ref)
-        {
-            delete this;
-            return 0;
-        }
-        return m_Ref;
-    }
-
     IMP_IRegistryKey;
-    CRegistryKey(IUnknown * OuterUnknown, HANDLE hKey, BOOL CanDelete) : m_hKey(hKey), m_Deleted(FALSE), m_CanDelete(CanDelete), m_Ref(0){}
+    CRegistryKey(IUnknown * OuterUnknown, HANDLE hKey, BOOL CanDelete) : m_hKey(hKey), m_Deleted(FALSE), m_CanDelete(CanDelete) {}
     virtual ~CRegistryKey();
 
 protected:
@@ -45,7 +28,6 @@ protected:
     HANDLE m_hKey;
     BOOL m_Deleted;
     BOOL m_CanDelete;
-    LONG m_Ref;
 };
 
 CRegistryKey::~CRegistryKey()
@@ -55,6 +37,7 @@ CRegistryKey::~CRegistryKey()
          // close key only when has not been deleted yet
          ZwClose(m_hKey);
     }
+    RtlFillMemory(this, sizeof(*this), 0xCC);
 }
 
 

drivers/wdm/audio/backpln/portcls/resource.cpp

@@ -17,31 +17,14 @@
 
 #include <debug.h>
 
-class CResourceList : public IResourceList
+class CResourceList : public CUnknownImpl<IResourceList>
 {
 public:
     STDMETHODIMP QueryInterface( REFIID InterfaceId, PVOID* Interface);
 
-    STDMETHODIMP_(ULONG) AddRef()
-    {
-        InterlockedIncrement(&m_Ref);
-        return m_Ref;
-    }
-    STDMETHODIMP_(ULONG) Release()
-    {
-        InterlockedDecrement(&m_Ref);
-
-        if (!m_Ref)
-        {
-            delete this;
-            return 0;
-        }
-        return m_Ref;
-    }
-
     IMP_IResourceList;
 
-    CResourceList(IUnknown * OuterUnknown) : m_OuterUnknown(OuterUnknown), m_PoolType(NonPagedPool), m_TranslatedResourceList(0), m_UntranslatedResourceList(0), m_NumberOfEntries(0), m_MaxEntries(0), m_Ref(0) {}
+    CResourceList(IUnknown * OuterUnknown) : m_OuterUnknown(OuterUnknown), m_PoolType(NonPagedPool), m_TranslatedResourceList(0), m_UntranslatedResourceList(0), m_NumberOfEntries(0), m_MaxEntries(0) {}
     virtual ~CResourceList();
 
 public:
@@ -51,7 +34,6 @@ public:
     PCM_RESOURCE_LIST m_UntranslatedResourceList;
     ULONG m_NumberOfEntries;
     ULONG m_MaxEntries;
-    LONG m_Ref;
 };
 
 CResourceList::~CResourceList()
@@ -67,6 +49,7 @@ CResourceList::~CResourceList()
         /* Free resource list */
         FreeItem(m_UntranslatedResourceList, TAG_PORTCLASS);
     }
+    RtlFillMemory(this, sizeof(*this), 0xCC);
 }
 
 NTSTATUS
@@ -461,7 +444,7 @@ PcNewResourceSublist(
     /* Store members */
     NewList->m_OuterUnknown = OuterUnknown;
     NewList->m_PoolType = PoolType;
-    NewList->m_Ref = 1;
+    NewList->AddRef();
     NewList->m_NumberOfEntries = 0;
     NewList->m_MaxEntries = MaximumEntries;
 

drivers/wdm/audio/backpln/portcls/service_group.cpp

@@ -29,31 +29,17 @@ typedef struct
     IN PSERVICESINK pServiceSink;
 }GROUP_ENTRY, *PGROUP_ENTRY;
 
-class CServiceGroup : public IServiceGroup
+class CServiceGroup : public CUnknownImpl<IServiceGroup>
 {
 public:
     STDMETHODIMP QueryInterface( REFIID InterfaceId, PVOID* Interface);
 
-    STDMETHODIMP_(ULONG) AddRef()
-    {
-        InterlockedIncrement(&m_Ref);
-        return m_Ref;
-    }
-    STDMETHODIMP_(ULONG) Release()
-    {
-        InterlockedDecrement(&m_Ref);
-
-        if (!m_Ref)
-        {
-            delete this;
-            return 0;
-        }
-        return m_Ref;
-    }
-
     IMP_IServiceGroup;
     CServiceGroup(IUnknown * OuterUnknown);
-    virtual ~CServiceGroup() {}
+    virtual ~CServiceGroup()
+    {
+        RtlFillMemory(this, sizeof(*this), 0xCC);
+    }
 
 protected:
 
@@ -65,9 +51,6 @@ protected:
     KSPIN_LOCK m_Lock;
 
     friend VOID NTAPI IServiceGroupDpc(IN struct _KDPC  *Dpc, IN PVOID  DeferredContext, IN PVOID  SystemArgument1, IN PVOID  SystemArgument2);
-
-    LONG m_Ref;
-
 };
 
 

drivers/wdm/audio/backpln/portcls/unregister.cpp

@@ -14,36 +14,18 @@
 
 #include <debug.h>
 
-class CUnregisterSubdevice : public IUnregisterSubdevice
+class CUnregisterSubdevice : public CUnknownImpl<IUnregisterSubdevice>
 {
 public:
     STDMETHODIMP QueryInterface( REFIID InterfaceId, PVOID* Interface);
 
-    STDMETHODIMP_(ULONG) AddRef()
-    {
-        InterlockedIncrement(&m_Ref);
-        return m_Ref;
-    }
-    STDMETHODIMP_(ULONG) Release()
-    {
-        InterlockedDecrement(&m_Ref);
-
-        if (!m_Ref)
-        {
-            delete this;
-            return 0;
-        }
-        return m_Ref;
-    }
-
-
     IMP_IUnregisterSubdevice;
 
-    CUnregisterSubdevice(IUnknown * OuterUnknown) : m_Ref(0) {}
+    CUnregisterSubdevice(IUnknown * OuterUnknown) {}
-    virtual ~CUnregisterSubdevice(){}
+    virtual ~CUnregisterSubdevice()
-
+    {
-protected:
+        RtlFillMemory(this, sizeof(*this), 0xCC);
-    LONG m_Ref;
+    }
 
 };
 

drivers/wdm/audio/backpln/portcls/version.cpp

@@ -14,42 +14,20 @@
 
 #include <debug.h>
 
-class CPortClsVersion : public IPortClsVersion
+class CPortClsVersion : public CUnknownImpl<IPortClsVersion>
 {
 public:
     STDMETHODIMP QueryInterface( REFIID InterfaceId, PVOID* Interface);
 
-    STDMETHODIMP_(ULONG) AddRef()
-    {
-        InterlockedIncrement(&m_Ref);
-        return m_Ref;
-    }
-    STDMETHODIMP_(ULONG) Release()
-    {
-        InterlockedDecrement(&m_Ref);
-
-        if (!m_Ref)
-        {
-            delete this;
-            return 0;
-        }
-        return m_Ref;
-    }
-
     IMP_IPortClsVersion;
 
     CPortClsVersion(IUnknown *OuterUnknown)
     {
-        m_Ref = 0;
     }
     virtual ~CPortClsVersion()
     {
-
+        RtlFillMemory(this, sizeof(*this), 0xCC);
     }
-
-protected:
-    LONG m_Ref;
-
 };
 
 

ntoskrnl/mm/ARM3/pool.c

@@ -26,7 +26,7 @@ MM_PAGED_POOL_INFO MmPagedPoolInfo;
 SIZE_T MmAllocatedNonPagedPool;
 SIZE_T MmTotalNonPagedPoolQuota;
 SIZE_T MmTotalPagedPoolQuota;
-ULONG MmSpecialPoolTag;
+ULONG MmSpecialPoolTag = 1;
 ULONG MmConsumedPoolPercentage;
 BOOLEAN MmProtectFreedNonPagedPool;
 SLIST_HEADER MiNonPagedPoolSListHead;

ntoskrnl/mm/ARM3/special.c

@@ -76,18 +76,19 @@ BOOLEAN
 NTAPI
 MmUseSpecialPool(SIZE_T NumberOfBytes, ULONG Tag)
 {
+    static ULONG Seed = 0x5eed1234;
     /* Special pool is not suitable for allocations bigger than 1 page */
     if (NumberOfBytes > (PAGE_SIZE - sizeof(POOL_HEADER)))
     {
         return FALSE;
     }
 
-    if (MmSpecialPoolTag == '*')
+    if (Tag == 'enoN')
     {
         return TRUE;
     }
-
+    Seed = Seed * 16807 % 0x7fffffff;
-    return Tag == MmSpecialPoolTag;
+    return Seed % 11 == 2;
 }
 
 BOOLEAN

sdk/lib/crt/except/i386/cpp.s

@@ -159,7 +159,7 @@ _call_handler:
     push esi
     push edi
     mov ebp, [esp + 24]
-    call dword ptr [esp + 29]
+    call dword ptr [esp + 20]
     pop edi
     pop esi
     pop ebx

win32ss/user/ntuser/win32.h

@@ -105,6 +105,7 @@ typedef struct _THREADINFO
     ULONG_PTR           idLast;
     /* True if a WM_QUIT message is pending. */
     BOOLEAN             QuitPosted;
+    UCHAR _pad[3];
     /* The quit exit code. */
     INT                 exitCode;
     HDESK               hdesk;

win32ss/user/ntuser/window.c

@@ -13,6 +13,62 @@ INT gNestedWindowLimit = 50;
 
 /* HELPER FUNCTIONS ***********************************************************/
 
+/* Detect window list corruption early -- CORE-18002 */
+static void ValidateWindowList(PTHREADINFO pti, PWND WindowToFind, BOOLEAN ExpectToFind)
+{
+#if DBG
+    PLIST_ENTRY Entry;
+    PWND Window;
+    BOOLEAN Found = FALSE;
+    ULONG i;
+
+    Entry = &pti->WindowListHead;
+    i = 0;
+    do
+    {
+        if ((LONG_PTR)Entry >= 0 ||
+            ((ULONG_PTR)Entry & (sizeof(PVOID) - 1)) != 0)
+        {
+            ERR("pti %p window list entry %lu corrupt (%p)\n", pti, i, Entry);
+            ASSERTMSG("Window list corrupt\n", FALSE);
+        }
+        if ((LONG_PTR)Entry->Flink >= 0 ||
+            ((ULONG_PTR)Entry->Flink & (sizeof(PVOID) - 1)) != 0 ||
+            (LONG_PTR)Entry->Blink >= 0 ||
+            ((ULONG_PTR)Entry->Blink & (sizeof(PVOID) - 1)) != 0)
+        {
+            ERR("pti %p window list entry %lu (%p) corrupt (%p, %p)\n", pti, i, Entry, Entry->Flink, Entry->Blink);
+            ASSERTMSG("Window list corrupt\n", FALSE);
+        }
+        if (Entry->Flink->Blink != Entry)
+        {
+            ERR("pti %p window list entry %lu (%p) corrupt (%p, %p), expected (x, %p)\n", pti, i + 1, Entry->Flink, Entry->Flink->Flink, Entry->Flink->Blink, Entry);
+            ASSERTMSG("Window list corrupt\n", FALSE);
+        }
+
+        Window = CONTAINING_RECORD(Entry->Flink, WND, ThreadListEntry);
+        if (Window == WindowToFind)
+        {
+            ASSERTMSG("Window found twice in window list\n", !Found);
+            Found = TRUE;
+        }
+        Entry = Entry->Flink;
+        i++;
+    } while (Entry != &pti->WindowListHead);
+
+    if (ExpectToFind && !Found)
+    {
+        ERR("pti %p window list does not contain expected window %p\n", pti, WindowToFind);
+        ASSERTMSG("Window not found in thread window list\n", FALSE);
+    }
+    else if (!ExpectToFind && Found)
+    {
+        ERR("pti %p window list contains unexpected window %p\n", pti, WindowToFind);
+        ASSERTMSG("Window unexpectedly found in thread window list\n", FALSE);
+    }
+#endif /* DBG */
+}
+
 BOOL FASTCALL UserUpdateUiState(PWND Wnd, WPARAM wParam)
 {
     WORD Action = LOWORD(wParam);
@@ -569,7 +625,11 @@ LRESULT co_UserFreeWindow(PWND Window,
    /* remove the window already at this point from the thread window list so we
       don't get into trouble when destroying the thread windows while we're still
       in co_UserFreeWindow() */
+   ValidateWindowList(Window->head.pti, Window, TRUE);
    RemoveEntryList(&Window->ThreadListEntry);
+   Window->ThreadListEntry.Flink = UlongToPtr(0x0deadff1);
+   Window->ThreadListEntry.Blink = UlongToPtr(0x0deadbb1);
+   ValidateWindowList(Window->head.pti, Window, FALSE);
 
    BelongsToThreadData = IntWndBelongsToThread(Window, ThreadData);
 
@@ -1949,7 +2009,11 @@ PWND FASTCALL IntCreateWindow(CREATESTRUCTW* Cs,
    }
 
    /* Insert the window into the thread's window list. */
-   InsertTailList (&pti->WindowListHead, &pWnd->ThreadListEntry);
+   pWnd->ThreadListEntry.Flink = UlongToPtr(0x0deadff1);
+   pWnd->ThreadListEntry.Blink = UlongToPtr(0x0deadbb1);
+   ValidateWindowList(pti, pWnd, FALSE);
+   InsertTailList(&pti->WindowListHead, &pWnd->ThreadListEntry);
+   ValidateWindowList(pti, pWnd, TRUE);
 
    /* Handle "CS_CLASSDC", it is tested first. */
    if ( (pWnd->pcls->style & CS_CLASSDC) && !(pWnd->pcls->pdce) )