From ReactOS Wiki
Jump to: navigation, search

This is the changelog for ReactOS™ version 0.3.11 (released 16 December, 2009), an open-source operating system designed to be binary executable – and device driver-compatible with Microsoft™ Windows NT™ and subsequent Microsoft operating systems such as Windows 2000™ and Windows XP™. ReactOS is written by the ReactOS development team, and the last previous version of ReactOS was version 0.3.10 (released 5th July, 2009).



Generic 0.3.11 Changes










  • Italian translations for spider, explorer_new, ks.inf, usetup (Gabriel Ilardi)








  • Generic: Updated resources for explorer_new, added english ks.inf (Gabriel Ilardi)





  • Reorganize some headers to make them better match the Platform SDK (Andrew Hill)
  • Move InlineIsEqualGUID to guiddef.h (Andrew Hill)
  • Create new header files shlguid_undoc.h, shlobj_undoc.h, and shlwapi_undoc.h to hold undocumented types, functions, and GUIDs (Andrew Hill)
  • Move some undocumented definitions declared in explorer_new/todo.h and undoc.h to new headers (Andrew Hill)
  • Add definition of RBSTR_CHANGERECT to commctrl.h (Andrew Hill)
  • IDeskBarClient inherits from IOleWindow, not IUnknown (Andrew Hill)
  • HMONITOR was declared in both dxsdk/axextend.idl and wine/wined3d.idl, but not in wtypes.idl where it belongs (Andrew Hill)


  • Make our IDLs files to not specify a [range] tag for string datatypes, and 0,256 range for an unsigned type. Fixes compiling with newer WIDL and (probably) MIDL. (Aleksey Bragin)

Host Tools






Bootloader (FreeLoader)

  • Clear the screen before printing the current path\file. (Gabriel Ilardi, #4877)
  • Display error message when boot sector reading fails. (Andrew Steinborn, #4641)
  • Rework operating system menu, by storing each selection in a structure instead of distinct arrays. As a bonus, entries like LiveCD\reactos="ReactOS" /DEBUGPORT=COM1 /SOS /MININT now work (Hervé Poussineau)
  • Move KiBootTss and KiBootGdt to freeldr.c as this is where they belong -- they are not required for NTLDR/WINLDR boot style and are only used directly in freeldr.c. (Stefan Ginsberg)

Kernel and Executive (NTOSKRNL)

  • Make use of the _SEH2_YIELD macro when returning from an exception instead of pre-initializing status codes and checking them after leaving the SEH block. (Stefan Ginsberg)
  • Don't use ExSystemExceptionFilter in SEH filters if we know the caller is user mode. (Stefan Ginsberg)
  • Fixed the remaining issues for running the MP kernel (only on UP so far). Implemented stubbed code in the scheduler, DPC handling and context switch code and fixed various bugs in the spinlock implementation. (Stefan Ginsberg)
  • Rewrite RtlpCreateAtomHandle to readable code and fix a problem spotted in bug #4788 (Aleksey Bragin)


  • Implement NtUnloadKey2 as a wrapper around internal CM API. (Aleksey Bragin)
  • CmpSelectLeaf fixes: looking into an incorrect cell, returning wrong cell, slightly simplify code and add more comments for clarity. (Aleksey Bragin)


  • Fixed support for sending second chance exceptions to user mode debuggers. (Stefan Ginsberg)


  • Fix a critical bug in ExAllocatePoolWithQuota spotted by msvc. Because of the current POOL_TAGGING mess in wdm.h, ExAllocatePoolWithQuotaTag is defined to ExAllocatePoolWithQuota, so when ExAllocatePoolWithQuota called the with-tag version, it ended up calling _itself_. Fix this by undefining the broken macro.(Stefan Ginsberg)



  • Calling NtLoadDriver on an already loaded driver should fail with STATUS_IMAGE_ALREADY_LOADED. Fixes one test for kmtest driver tests and a bugcheck when loading drivers a second time. (Michael Martin)
  • Don't call ExFreePool for null pointers (Johannes Anderwald)
  • Don't touch the freed buffer in case of an error (Amine Khaldi)
  • Fix IoRegisterDeviceInterface, IoSetDeviceInterfaceState to handle reference strings (Johannes Anderwald)
  • Rewrite failure branch of IopLoadUnloadDriver and remove unneeded code duplication (Aleksey Bragin)


  • Continued the implementation of kernel support for debugging with WinDbg/KD. Implemented missing handling of various functionality in the KD support APIs and fixed missing or broken support in other areas. Debugging ReactOS kernel mode with WinDbg now works quite well. (Stefan Ginsberg)
  • Rename some variables in KD to better match the logic. (Stefan Ginsberg)
  • Implement support for reading and writing physical memory for KD. The implementation uses a reserved mapping page to map the target physical address to. On x86 this page is located at virtual address 0xFFBFF000, and the PTE for this page is the last PTE of the nonpaged pool's PDE. Other architectures may need to reserve the PTE elsewhere. (Stefan Ginsberg)
  • Fix incorrect cache flag check and set in KdpRead/WritePhysicalmemory for write combined requests. The debugger's Uncached flag was checked instead of the Write Combined flag, and the debuggers Write Combine number (0x3) was set instead of Mm's flag (0x20). (Stefan Ginsberg)
  • DBGKD_WAIT_STATE_CHANGE64 is used in KD protocol 5, not number 6 that we use. Protocol 6 uses the DBGKD_ANY_WAIT_STATE_CHANGE structure which is sized according to the largest control-report structure (AMD64_DBGKD_CONTROL_REPORT currently), and is larger than DBGKD_WAIT_STATE_CHANGE64 on x86. This worked because our DBGKD_WAIT_STATE_CHANGE32/64 structures contained incorrect DBGKD_CONTROL_REPORT (used) and CONTEXT (unused) members that sized up the wait-state structure to pass WinDbg's length verification! It actually becomes larger than DBGKD_ANY_WAIT_STATE_CHANGE, but WinDbg only seems bail out only if the structure is too small. Remove the incorrect members from the protocol 5 structures and change to DBGKD_ANY_WAIT_STATE_CHANGE everywhere. Stefan Ginsberg)
  • Use better named and sized variables in KdpTrap for setting the "return register" in the caller's CONTEXT. (Stefan Ginsberg)
  • KdbpCallMainLoop: Add VOID to parameter list (Stefan Ginsberg)
  • Rename the 3 kdsup.c files to kdx86.c, kdx64.c and kdarm.c to differ them from each other. (Stefan Ginsberg)
  • Implement KdpAllowDisable -- just check if any processor breakpoints are set on any processor in the system and disallow the disable if so. The routine is now architecture dependant, so move it to the appropriate files. (Stefan Ginsberg)
  • KD uses STRINGs, not ANSI_STRINGs -- they are the same thing, but let's be consistent. (Stefan Ginsberg)
  • Add STATUS_ASSERTION_FAILURE status code required for NT_ASSERT. (Stefan Ginsberg)
  • Check KdReceivePacket return for KdPacketReceived instead of 0 for correctness. (Stefan Ginsberg)
  • Use KdpDprintf instead of setting CR2 for unhandled cases. (Stefan Ginsberg)
  • Add more variables to KdDebuggerDataBlock. (Stefan Ginsberg)


  • Fix some 64-bit issues and some x86 specificness. (Stefan Ginsberg)
  • Sub out some KdpTrap cases more properly.(Stefan Ginsberg)
  • Implement support for .crash and .reboot. Does not seem to work currently because of weird issues.(Stefan Ginsberg)
  • Implement KdpDprintf to send strings directly to the debugger from inside of KD64. Use it in KdEnterDebugger instead of DbgPrint so we won't try to enter the debugger recursively. (Stefan Ginsberg)
  • Implement KdUpdateDataBlock to set the KeUserCallbackDispatcher pointer in the debugger block after its address is retrieved from ntdll. (Stefan Ginsberg)
  • Don't assume breakpoints are 1 byte long in portable code -- use KD_BREAKPOINT_SIZE and define it per architecture. (Stefan Ginsberg)
  • KdpStub: KdEnableDebugger returns NTSTATUS, not TRUE/FALSE. (Stefan Ginsberg)
  • wdbgexts.h: Properly define CURRENT_KD_SECONDARY_VERSION for AMD64. (Stefan Ginsberg)
  • Make PsNtosImageBase pointer-sized as it should be. (Stefan Ginsberg)
  • Change the definition of KDSTATUS so it is guaranteed to be 32-bit. (Stefan Ginsberg)
  • Fix a critical bug in KiRestoreProcessorControlState: it didn't clear the busy flag in the TSS before reloading the task register, resulting in a GPF if we tried to reload the same register. (Stefan Ginsberg)
  • Add macros for getting and setting special purpose registers (the Program Counter and the "return register") in portable code instead of using #ifdef every time. Do likewise for setting IMAGE_FILE_MACHINE_XXX, using a new IMAGE_FILE_MACHINE_ARCHITECTURE macro. (Stefan Ginsberg)
  • Don't refer to the Program Counter as "Eip" in portable code. (Stefan Ginsberg)


  • Get rid of the KDB_MODULE_INFO and operate with LDR_DATA_TABLE_ENTRYs directly.
    This saves us from some copy steps and unneeded search operations. (Colin Finck)
  • Don't duplicate code in KdbpSymFindModule and KdbpSymFindUserModule. Use a helper function instead and call it twice from KdbpSymFindModule. (Colin Finck)
  • Get rid of KdbpSymFindModuleByAddress, KdbpSymFindModuleByName and KdbpSymFindModuleByIndex. Instead use a single KdbpSymFindModule for all three variants. (Colin Finck)
  • Remove some unused functions and defines. (Colin Finck)
  • KdbInitialize can now assume that the 2nd entry in the Load Order list is HAL, just like ExpLoadBootSymbols and KD does, so get the Loader Entry directly instead of searching for it. (Stefan Ginsberg)
  • Define correctly sized KDDEBUGGER_DATA64 for our kernel (needs to be done in a better way). (Stefan Ginsberg)
  • Use _WIN64 instead of _M_AMD64 when determining if we need to set the DBGKD_VERS_FLAG_PTR64 flag. (Stefan Ginsberg)
  • Correct and clarify the comment documenting under what conditions we pass user mode exceptions to the kernel debugger. (Stefan Ginsberg)


  • Fixed a bug in KeDetachProcess and KeUnstackDetachProcess that caused a switch from the original process to itself instead of switching from the attached process. (Stefan Ginsberg)
  • Removed a hack from KiGetMachineBootPointers and set the TSS selector properly in KiRosPrepareForSystemStartup instead for FreeLdr boot style. (Stefan Ginsberg)
  • Fixed a critical bug in KeFindConfigurationEntry; it passed NULL to KeFindConfigurationNextEntry which expected a pointer to a value containing NULL. This was hidden by the FreeLdr boot style as that boot style maps NULL, but got exposed by WinLdr boot style as NULL is not mapped there. (Stefan Ginsberg)
  • Add generic KeInvalidateTlbEntry to invalidate a single TLB entry for a given address instead of flushing the whole TLB. Used by the debugger physical memory support as invalidating the whole TLB for every map and unmap of its debug PTE would incur significant overhead for large copies. Replace direct usage of __invlpg() with this in x86 code too. (Stefan Ginsberg)
  • Correct the value of SIZE_OF_FX_REGISTERS -- it was 4 times too low which resulted in KeContextToTrapFrame not properly clearing out the XMM register area. Correct the define and move it out from ke.h to x86's ketypes.h and use it in the FXSAVE format structure. Also remove the IOPM definitions from ke.h as they have been in the NDK for a while. (Stefan Ginsberg)
  • Use ZwCurrentProcess() instead of -1 or 0xFFFFFFFF (which is incorrect for 64-bit) for the ProcessId parameter of DbgLoad/UnloadImageSymbols to clarify what is being passed. Don't use ZwCurrentProcess() in KeBugCheckWithTf for the pointer parameter of DbgUnLoadImageSymbols either. Use MAXULONG_PTR casted to PVOID instead. (Stefan Ginsberg)
  • Don't use KeBugCheck(0) -- 0 is an invalid bugcode. Use a proper bugcode, DbgBreakPoint or UNIMPLEMENTED instead depending on how the old call was used. (Stefan Ginsberg)
  • Define DBG_STATUS_CONTROL_C for assembly code and use it in KeUpdateSystemTime. (Stefan Ginsberg)


  • Implement NtReplyPort based on NtReplyWaitReceivePortEx and LpcReplyPort. (Aleksey Bragin)
  • Implement NtRequestPort based on NtRequestWaitReplyPort and LpcRequestPort. (Aleksey Bragin)


  • NtAllocateVirtualMemory: Add check to make sure that BaseAddress + RegionSize is inside MemoryArea. For AllocationType of MEM_RESET add FIXME's and return STATUS_SUCCESS, without modifying attributes of region. Fixes 2 kernel32 virtual tests. (Michael Martin)
  • NtMapViewOfSection: When referencing the section object by handle, don't assume access mask of SECTION_MAP_READ. Access mask must be determined from page protection attributes passed in Protect parameter. Fixes 5 winetests for kernel32 virtual. (Michael Martin)
  • MiReserveAlignedSystemPtes: Add missing lock release (Johannes Anderwald)
  • Fixed recursive spinlock acquisition in the Memory Manager introduced by the rewrite: the old Mm calls certain routines for performing operations on PFNs, and those routines acquire the PFN lock, while the new Mm holds the PFN lock while working with PFNs, including calling those routines. Moved out spinlock acquire/release to the callers of those functions instead. (Stefan Ginsberg)
  • Added missing spinlock release to MiReserveAlignedSystemPtes. (Stefan Ginsberg)
  • Added missing synchronization for PsLoadedModuleList in certain cases. (Stefan Ginsberg)
  • Fix MmGrowKernelStack to check for available space. Timo Kreuzer)
  • Fix inverted if condition in TEB initialization (MmCreateTeb), spotted by Stefan. (Aleksey Bragin)
  • Rewrite MmPageEntireDriver in a better way, fix bugs. (Aleksey Bragin)
  • Make SystemUnloadGdiDriverInformation take the opaque SectionPointer (which is really the Loader Entry) from the SYSTEM_GDI_DRIVER_INFORMATION structure returned in SystemLoadGdiDriverInformation so it doesn't need to loop the loaded module list to find it. (Stefan Ginsberg)
  • Remove some externs from related variables in the code -- we use something called "headers".(Stefan Ginsberg)
  • Disable the MiCacheImageSymbols call in MmLoadSystemImage for KD too as this hack is required for rossym rather than KDBG. Fixes detection of non-boot driver images by WinDbg. (Stefan Ginsberg)
  • Add another hack to freeldr.c to make sure that HAL is the second entry in the Load Order list -- detect if it isn't and insert it as the second entry manually if it isn't. (Stefan Ginsberg)
  • Add MmIsSessionAddress stub and use it from KD handle session space properly in the Memory Query API, and ASSERT that we are not trying to do a copy to/from session space in MmDbgCopyMemory as we don't handle it properly. Put this in mmdbg.c for now as we don't implement session space, and it is only called from KD right now. (Stefan Ginsberg)
  • Get rid of the MmFreeLdr* variables too. These have been deprecated for some time now. (Stefan Ginsberg)
  • The ModuleObject and ImageBaseAddress parameters of MmLoadSystemImage are not optional so don't treat them as such, and don't zero initialize them as callers shouldn't rely on this. (Stefan Ginsberg)
  • Set LDRP_ENTRY_NATIVE instead of LDRP_COMPAT_DATABASE_PROCESSED to mark the image as a native image. Also fix the value of LDRP_ENTRY_NATIVE. (Stefan Ginsberg)
  • Fix definition of LDR_DATA_TABLE_ENTRY -- the Checksum member should be in the union too. (Stefan Ginsberg)
  • Remove some unnecessary externs for stuff we now define globally in the kernel headers. (Stefan Ginsberg)
  • Move some x86 only stuff from global ke.h and ke_x.h to the x86 dependent ke.h. Remove DR_ACTIVE_MASK as it has been deprecated/unused for a while now. (Stefan Ginsberg)
  • The physical memory support relies on several Mm variables and structures to be properly set up. Add a new flag, MiDbgReadyForPhysical, and set it when the debugger support can handle physical memory requests. (Stefan Ginsberg)
  • Protect this page with a Memory Area to make the old Mm keep its dirty hands off it. (Stefan Ginsberg)
  • Does not support I/O space or cache flags yet. (Stefan Ginsberg)
  • Fix implementation of MmIsAddressValid (at least for x86; other architectures will need more checks). Just check the Address' PDE and PTE valid bits instead of using Memory Areas. (Stefan Ginsberg)
  • Add missing ASSERTs to ensure the Memory Areas for paged pool, the PCR page, and the Shared User Data page are created. (Stefan Ginsberg)
  • Add missing Memory Area for the 2 pages HAL currently uses for its own mappings on x86 -- previously, those pages could have been allocated by other parts of the OS, which would have resulted in serious corruptions. (Stefan Ginsberg)
  • Add 'simple' implementation of MmDbgCopyMemory to read/write virtual memory in a somewhat safe way (still no support for physical memory). Properly implement KdpCopyMemoryChunks as a wrapper around MmDbgCopyMemory and make most of the remaining unsafe copies use it instead of RtlCopyMemory. This fixes most of the remaining crashes during KD debugging as WinDbg/KD relies on the kernel support to handle bad addresses. (Stefan Ginsberg)
  • Stub out the remaining missing global variables for the debugger data block -- fixes some cases of WinDbg failures and gives it a chance to handle errors instead of failing on a NULL read. Several of these variables are for functionality we don't yet implement, so I tried to put them where they are "least wrong". Everything besides the MmLoadedUserImageList variable is left unitialized -- KD should mostly be able to handle this properly. (Stefan Ginsberg)
  • ExceptionRecord32To64 should be available for both 32 and 64 bit builds (and it shouldn't be a forceinline). Get rid of CopyExceptionRecord and determine if we need to convert or can just copy it directly instead. (Stefan Ginsberg)
  • Don't check Nt/DbgQueryDebugFilterState for zero or nonzero -- it actually returns TRUE, FALSE or STATUS_INVALID_PARAMETER_1! Check for != TRUE in preparation for proper implementation of NtSet/QueryDebugFilterState. (Stefan Ginsberg)
  • Fix Format parameter of DbgPrintReturnControlC -- it is const like the other DbgPrint* routines. (Stefan Ginsberg)
  • Be consistent with the types used in debug.c and don't set local variables to zero if we are going to return to caller -- this doesn't seem to be required anymore. (Stefan Ginsberg)
  • Fix DebugService and DebugService2: DebugService should take a ULONG followed by 4 pointers and DebugService2 doesn't return anything. (Stefan Ginsberg)
  • Remove some unused and deprecated macros from the network stack that did this. (Stefan Ginsberg)
  • Add several missing assertions documented on the MSDN page "Checked Build ASSERTs" (Stefan Ginsberg)
  • Fix a typo in MmProbeAndLockPages; assignment within an ASSERT isn't such a good idea! (was harmless though) (Stefan Ginsberg)
  • Get rid of MmStats -- most of the fields weren't used anymore and we have duplicates for most of the ones that are still in use; (Stefan Ginsberg)
  • NrTotalPages -> MmNumberOfPhysicalPages (Stefan Ginsberg)
  • NrFreePages -> MmAvailablePages (new) (Stefan Ginsberg)
  • Get rid of NrSystemPages. Its value was only respected in MmInitializePageList at boot, even though it got updated later. Use a local variable in MmInitializePageList instead. (Stefan Ginsberg)
  • Fix SystemBasicInformation to use the correct variables for physical page information. Also, don't set ResidentSystemCodePage in the SystemPerformanceInformation query to some random incorrect Mm value. We don't depend this value anywhere in ReactOS currently, so just set it to 0. (Stefan Ginsberg)
  • Fix recursive spinlock acquisition in Mm caused by locking inconsistency between ARM3 and the old ReactOS Mm. The old Mm calls certain routines to modify PFN entries (lock, unlock, reference, dereference, etc) and acquires/releases the PFN lock inside those functions (which is extremely inefficient as you can't, for example, have to acquire/release the PFN lock twice to reference and lock the same page), while ARM3 synchronizes differently and holds the lock while calling those routines, resulting in a recursive lock attempt on MP (which works on UP because spinlocks are just IRQL raise/lower there). Move out locking from MmAllocPage, MmReference/DereferencePage and MmLock/UnlockPage to the callers to be consistent with ARM3. (Stefan Ginsberg)
  • Add missing PFN locking to MmFreePagesFromMdl and MiAllocatePoolPages. (Stefan Ginsberg)
  • Get rid of MmLockPageUnsafe and MmReferencePageUnsafe. The "safe" routines just forwarded to the unsafe versions -- call them directly instead. Remove unused MmAcquirePageListLock/MmReleasePageListLock (Stefan Ginsberg)
  • MmInitMemoryAreas doesn't exist anymore so don't try to put it in .INIT. (Stefan Ginsberg)
  • Remove duplicate MmHighestPhysicalPage (the other being in init.c) -- we still ended up with only 1 global however, so this doesn't really change anything (Stefan Ginsberg)
  • MmArmInitSystem: Define MiNonPagedPoolStart and MiNonPagedPoolLength externs compatibly (Stefan Ginsberg)
  • MmpDeleteSection can be called for a Section Object before it is fully set up (when ObDereferenceObject is called before all fields are initialized), and it will now crash due to a bogus, nonintialized Segment/ImageSection pointer. Always zero out the whole buffer to prevent this. Fixes the kernel32 loader Winetest. (Stefan Ginsberg)
  • Implement ARM3 page fault handling. (ros-arm-bringup)
  • Paged pool PTEs are demand zero PTEs while the memory hasn't been accessed -- this is the only type of fault supported. (ros-arm-bringup)
  • Because paged pool PDEs are also demand-paged, added code to handle demand paging of PDEs as well.(ros-arm-bringup)
  • Also, because paged pool is non-resident, but can be accessed from any process, we need a mechanism to sync up the kernel's page directory with the per-process one, on demand. This is done at startup, but other processes may have paged in paged pool that another process knows nothing about when he faults. (ros-arm-bringup)
  • Assert if we get a user-mode fault, a transition fault, or a soft fault, since these shouldn't happen.(ros-arm-bringup)
  • Disable APCs while dispatching faults, and pseudo-use the working set lock.(ros-arm-bringup)
  • Assert if we get write errors on read-only pages, since we don't use those in ARM3 yet. (ros-arm-bringup)
  • Assert if we have a paged out PTE, this shouldn't happen yet. (ros-arm-bringup)
  • Enable test to see if we can touch a paged pool allocation. (ros-arm-bringup)
  • Add some simple code to handle paged pool page allocation and freeing in MiAllocatePoolPages and MiFreePoolPages. (ros-arm-bringup)
  • Allocation does not support paged pool expansion yet, so we're limited to the initial 4 MB that are initialized on startup. (ros-arm-bringup)
  • Collapse MmInit1 into MmInitSystem. (ros-arm-bringup)
  • Check for ARM3-owned memory areas during a page fault, and crash the system as this shouldn't happen yet. (ros-arm-bringup)
  • Use portable PTE macro instead of setting the owner bit directly, fixing an ARM port build issue. (ros-arm-bringup)
  • Fix a bug in memory area creation: Static memory areas had the static flag embedded in their type, so code that was switch()ing on the type would fail to recognize the actual type, because MEMORY_AREA_STATIC was ORed in. (ros-arm-bringup)
  • Add a new memory area type: MEMORY_AREA_OWNED_BY_ARM3. This will allow us to instruct the ReactOS Memory MAnager to "Back. The Fuck. Off." during page faults and such, so we can handle page faults inside ARM3-owned PTEs ourselves. (ros-arm-bringup)
  • Create all memory areas in one shot in MmCreateSystemMemoryAreas (get rid of MiInitPageDirectoryMap and MiInitPagedPool memory area creation). (ros-arm-bringup)
  • Dump the kernel address space after all this is done, in a MmDbg function in mm.This cleans up ARM3 of some ROS-specific code, and also collapses Phase 1 and 2 into a single phase. (ros-arm-bringup)
  • Fix calculations error in the setup of the paged pool bitmap. (ros-arm-bringup)
  • Initialize the paged pool guarded mutex. (ros-arm-bringup)
  • Add helper routines ExLock/UnlockPool to either acquire the NPP QSL or the PP GM depending on the pool descriptor, instead of hardcoding the NPP QSL. (ros-arm-bringup)
  • Implement InitializePool for the PagedPool case. (ros-arm-bringup)
  • Now call InitializePool for PagedPool as well. (ros-arm-bringup)
  • Get rid of mm/mmsup.c and move some of the ROS-internal functions better where they belong. (ros-arm-bringup)
  • Add ARM3/mmsup.c for miscellaneous function helper functions. (ros-arm-bringup)
  • MiDoMappedcopy: The MDL should have 16 pages total, so MI_MAPPED_COPY_PAGES should be 14, not 16, to account for the MDL page itself, and the extra add-on page. (ros-arm-bringup)
  • MiDoMappedCopy: Check for working set quota exception. (ros-arm-bringup)
  • NtRead/WriteVirtualMemory: Do not attempt to do any work if the size is 0. (ros-arm-bringup)
  • NtRead/WriteVirtualMemory: Do not return SEH status if we fail to write the number of bytes read/written -- return the function status. (ros-arm-bringup)
  • NtProtectVirtualMemory: Protect the memory while attached to the target process. (ros-arm-bringup)
  • NtProtectVirtualMemory: Do not return SEH status if we fail to write the number of bytes protected -- return the function status. (ros-arm-bringup)
  • NtLock/UnlockVirtualMemory: Fix incorrect function definition. The last parameter is a bitfield. The middle two parameters are pointers, not values. (ros-arm-bringup)
  • VirtualLock/Unlock: Fix calling NtLock/UnlockVirtualMemory with new correct function definitions. Call with MAP_PROCESS. (ros-arm-bringup)
  • NtLock/UnlockVirtualMemory: Apply SEH. Validate flags. Validate parameters. (ros-arm-bringup)
  • NtLock/UnlockVirtualMemory: Attach to the process while doing the operation. Reference the process. (ros-arm-bringup)
  • NtLock/UnlockVirtualMemory: Check for SE_LOCK_MEMORY_PRIVILEGE if MAP_SYSTEM is specified. (ros-arm-bringup)
  • Move MAP_SYSTEM and MAP_PROCESS from ntifs.h to mmtypes.h in NDK. (ros-arm-bringup)
  • NtLock/UnlockVirtualMemory: Return success and semi-legitimate return values saying nothing was actually done. (ros-arm-bringup)
  • NtFlushVirtualMemory: Apply SEH. Validate flags. Validate parameters. Call MmFlushVirtualMemory. (ros-arm-bringup)
  • NtFlushVirtualMemory: Reference the process. (ros-arm-bringup)
  • NtFlushVirtualMemory: Return success and semi-legitimate return values indicating nothing was flushed. (ros-arm-bringup)
  • NtGetWriteWatch: Fix function prototype. (ros-arm-bringup)
  • NtGet/ResetWriteWatch: Apply SEH instead of hacked parameter checks. Validate parameters. (ros-arm-bringup)
  • NtGet/ResetWriteWatch: Reference the process. (ros-arm-bringup)
  • NtGet/ResetWriteWatch: Return semi-legitimate return values indicating nothing was written to. (ros-arm-bringup)
  • Set up PEB and TEB under SEH to handle possible paging errors (which are legitimate). Also touch the image under SEH to handle image paging errors (also legitimate). (ros-arm-bringup)
  • Should avoid kernel panics in cases where the executable is damaged, invalid, or impossible to page in. (ros-arm-bringup)
  • Initialize more PEB fields. (ros-arm-bringup)
  • Add new INITIAL_PEB structure to support fork() in the future. Also fixes the fact we don't create a PEB for the system process anymore. (ros-arm-bringup)
  • Create PEB while attached to the process. (ros-arm-bringup)
  • Handle UP-only images, and set correct affinity mask in the PEB. (ros-arm-bringup)
  • Set session ID instead of session structure (currently zero). (ros-arm-bringup)
  • Set correct TIB version in the TEB. Due to a historical oddity, the NT TIB identifies itself as '0x1e00', which is 30 shifted 8 bits. 30 is the version identifier of OS/2 3.0, the original 32-bit target of the Windows NT effort. (ros-arm-bringup)
  • Handle initial TEB correctly for fork(). (ros-arm-bringup)
  • Move AWE APIs to procsup.c instea of section.c since they are unrelated. (ros-arm-bringup)
  • Move the rewritten PEB/TEB functions to ARM3's procsup.c. (ros-arm-bringup)
  • Create a double-mapping PTE for the shared user data region and fault it in whenever a process touches that address. (ros-arm-bringup)
  • Remove the old hack which used the PCR's page frame number to create a fake PTE each time to reference it, basing on the fact that the shared user data region was on the same page as the PCR on certain architectures. (ros-arm-bringup)
  • Create \dev\physmem section during section initialization, not later. (ros-arm-bringup)
  • Setup SharedUserData settings during Phase 0, not Phase 1. Fixes an old bug where the Inbv driver assumed ReactOS was in "server mode" simply because the default SharedUserData->NtProductType was "0" (which is an invalid product type, but it's != NtProductTypeNt). Also fixed it such that this reports NtProductServer, which is what ReactOS reports to be (Windows 2003 Server SP 1). (ros-arm-bringup)
  • Initialize the modified page writer and balancer thread in phase 1, not phase 2.(ros-arm-bringup)
  • Delete the blaoted, overweight and slow nonpaged pool implementation. (ros-arm-bringup)
  • Plug-in support to use the ARM nonpaged pool instead. (ros-arm-bringup)

This patch has been tested for over 2 months and all known regressions were fixed. (ros-arm-bringup)

  • DebugPool implementation is not compatible with newer nonpaged pool algorithms, so remove support for nonpaged pool debugging. (ros-arm-bringup)
  • Implement the algorithms for pool allocation and de-allocation.(ros-arm-bringup)
  • Initialize MmLowestPhysicalPage to -1, otherwise setting this value will never work properly since we'll never find a page lower than 0 (the default laoder-initialized value). (ros-arm-bringup)
  • Get rid of the concept and tracking of "mapped pages". The MapCount was never checked anywhere in terms of page accounting -- only the reference count is. (ros-arm-bringup)
  • Fix the issue with the system attempting to map page 0 into hyperspace. (ros-arm-bringup)
  • The PTEs for the PFN Database are now created by ARM3. Unlike the old code which create PTE for every page on the machine, ARM3 only creates PTEs to account for pages that should be in the PFN database. (ros-arm-bringup)
  • A second related change is what "pages should be in the PFN database". Previously, reserved or otherwise non-existing (ie: holes) memory regions would get a PFN entry created and marked as "BIOS". This is wasteful and not compatible with Windows: there should not be PFN entries created at all. (ros-arm-bringup)
  • Remove deprecated/old/buggy/unused code. (ros-arm-bringup)
  • Make MxGetNextPage return the lowest free physical page, not the highest. (ros-arm-bringup)
  • Remove MmAllocEarlyPage and use MxGetNextPage instead. (ros-arm-bringup)
  • Initialize the value of MmBootImageSize in ARM3 now.Also fix its value such that it's PDE aligned -- this makes sure that we don't step on any of the boot loader's PDE mappings and can blow everything away later. (ros-arm-bringup)
  • Initialize the MmSystem/User/Probe Addresses in ARM3 as well (no functional change). (ros-arm-bringup)
  • Print out a lot more of the VA ranges in ARM3's Phase 2 initialization. Most of the VA space is now dumped out. (ros-arm-bringup)
  • Write out the code to initialize session space VA ranges.Image space, view space, working set space and pool space values are all calculated properly. (ros-arm-bringup)
  • system view space is initialized and sized. (ros-arm-bringup)
  • Define the paged pool start address, minimum/default size, and add some extra pool header asserts/definitions. (ros-arm-bringup)
  • Define MmPagedPoolInfo to keep track of all paged pool related information (start/end PTEs, VA ranges, allocation/free bitmaps, etc). (ros-arm-bringup)
  • Fixed a lot of comments and added some new ones to provide extra clarity. (ros-arm-bringup)
  • Implement MiBuildPagedPool. (ros-arm-bringup)
  • ARM3 Phase 1 Init now uses pages directly from the physical memory descriptor. (ros-arm-bringup)
  • A new function MxGetNextPage implemented. (ros-arm-bringup)
  • MxGetNextPage can allocate more than just one page however (making it possible to get contiguous physical memory without going through the PFN-based MmAllocateContiguousMemory beast) (ros-arm-bringup)
  • MxGetNextPage will bugcheck with INSTALL_MORE_MEMORY if it runs out of pages. (ros-arm-bringup)
  • Renamed the physical memory descriptor variables to MxFreeDescriptor, MxOldFreeDescriptor instead of MiFreeDescriptor and MiOrgFreeDescriptor (based on NT symbols) (ros-arm-bringup)
  • Nonpaged pool PDEs, PFN database PDEs, and initial nonpaged pool PTEs are now allocated through MxGetNextPage. (ros-arm-bringup)
  • Fix an off by one error in the sizing of MxPfnAllocation. (ros-arm-bringup)
  • The PFN database is now fully "owned" by ARM3 in terms of its PDE mappings and VA location at 0xB0000000. (ros-arm-bringup)
  • Got rid of ARM nonpaged pool allocator test. (ros-arm-bringup)
  • Repositioned ReactOS nonpaged pool (deprecated) after the boot image (used to be after the PFN database). (ros-arm-bringup)
  • Start re-defining the PTE and PDE structures. (ros-arm-bringup)
  • Fix the current arm low-level mm implementation to use the new structures. (ros-arm-bringup)
  • Fix several problems with the System PTE implementation, including the lack of locks.(ros-arm-bringup)
  • Implement the rest of the nonpaged pool allocator, now with support for allocating pages in the nonpaged pool expansion area. (ros-arm-bringup)
  • Deal with the fact that DirectoryTableBase in EPROCESS has now been defined as PULONG instead of LARGE_INTEGER (ros-arm-bringup)
  • Remove ARM-specific hyperspace functions since these are portable now (ros-arm-bringup)
  • Implement a simple nonpaged pool page allocator and deallocator. (ros-arm-bringup)
  • Write a couple lines of code to allocate and free up to 4096 pages (it will stop when it runs out). (ros-arm-bringup)
  • Add a new file which will hold the executive layer above the pool allocator (the Ex* routines). (ros-arm-bringup)
  • Define the POOL_DESCRIPTOR and POOL_HEADER structures for the NT 5.2 pool. (ros-arm-bringup)
  • Define, create, and implement the routine to initialize a pool vector. (ros-arm-bringup)
  • Half-implement MmPageEntireDriver and use it to set the module instance for win32k. (James Tabor)


  • Fixed assumptions that memory allocated by ObCreateObject is zero-initialized (it shouldn't be) and removed the object zeroing hack. (Stefan Ginsberg)



  • Add missing synchronization for access to PsLoadedModuleList. Inserting and removing entries to the list was protected by a spinlock, but some places didn't acquire the lock before looping the list when searching for module information. For efficiency, use an executive resource for other access than inserting/removing entries so we can have shared locking in some common cases (spinlock stays so access can be synchronized with DPCs). (Stefan Ginsberg)
  • Fix EngLoad/UnloadImage to do this. Also make EngLoadImage return the pointer to the internal structure as the "handle" so EngUnloadImage doesn't need to loop the driver list to find it. The code is still extremely broken and needs a rewrite.(Stefan Ginsberg)


  • Factor out working code from SeAccessCheck into SepAccessCheck, the lowest level for SeAccessCheck remains SecurityImpersonation, but for NtAccessCheck it's lowered to SecurityIdentification. (Aleksey Bragin, #4169)

Hardware Abstraction Layer (HAL)

  • Reimplemented HalpCalibrateStallExecution with a more accurate implementation to determine the stall count factor for KeStallExecutionProcessor. (Stefan Ginsberg)


NT System Library (NTDLL)

  • Quick implementation of RtlIsThreadWithinLoaderCallout. (James Tabor)

Run Time Library (RTL)

  • Map STATUS_NOT_FOUND to ERROR_NOT_FOUND (Johannes Anderwald)
  • Reimplemented RtlRaiseException and RtlRaiseStatus in assembly for x86 so they do not corrupt non-volatile registers when saving the callers context. (Stefan Ginsberg)
  • Fix stack offset in asm implementations of RtlInterlockedPopEntrySList, RtlInterlockedPushEntrySList and RtlInterlockedFlushSList. (Timo Kreuzer)
  • Make heap functions 64bit safe. (Samuel Serapión)
  • Implement RtlpDidUnicodeToOemWork to check for unmapped characters. Based on a patch by Daniel Zimmerman. (Aleksey Bragin, #4548)
  • Instead of removing FORCEINLINE to make GCC happy (it can't inline functions using va_list), use __inline to merely hint that the function should be inlined. This lets you use RtlStringCbPrintfA and RtlStringCbPrintfExA in multiple source files as the functions aren't static. (Stefan Ginsberg)
  • There is no reason to forceinline all the RtlString* routines -- they are quite big and the compiler should be allowed to optimize here as it likes, so just use __inline. Also add RtlStringCchCopyA and re-enable ASSERTMSG and use it for the stubs. (Stefan Ginsberg)
  • Add missing GUID_CLASS_COMPORT and GUID_SERENUM_BUS_ENUMERATOR to ntddser.h (Stefan Ginsberg)
  • Add driverspecs.h to stub out Driver Verifier annotations (Stefan Ginsberg)

Kernel Mode Drivers

Audio Stack


  • Implement DllInitialize, BdaPropertyGetPinControl, BdaPropertyNodeTypes, BdaPropertyPinTypes, BdaInitFilter, BdaCreateTopology, BdaCheckChanges, BdaCommitChanges, BdaCreateFilterFactory, BdaCreateFilterFactoryEx, BdaCreatePin, BdaMethodCreatePin, BdaFilterFactoryUpdateCacheData, BdaGetChangeState, BdaMethodCreateTopology, BdaMethodDeletePin, BdaPropertyTemplateConnections, BdaStartChanges, BdaUninitFilter, BdaValidateNodeProperty (Johannes Anderwald)
  • Define automation tables for Filter & Pin (Johannes Anderwald)
  • Plug in automation tables when creating a new filter factory / pin (Johannes Anderwald)
  • Add BDA filter context to object bag, so that it gets freed automatically later (Johannes Anderwald)






  • Fix a bug in KsCancelIo which accessed already freed memory (Johannes Anderwald)
  • Activate handling of requests of type KSPROPERTY_TYPE_BASICSUPPORT (Johannes Anderwald)
  • Return correct status code in the GUID_NULL handler (Johannes Anderwald)
  • Store KSPROPERTY_SET in Irp when using KsPropertyHandler (Johannes Anderwald)
  • Fix a bug in KsPinDataIntersection (Johannes Anderwald)
  • Fix a bug when canceling irps (Johannes Anderwald)
  • Fix a critical bug in the counted worker implementation (Johannes Anderwald)
  • Check if NodeId is out of bounds (Johannes Anderwald)
  • Return correct status code (Johannes Anderwald)
  • Retrieve the correct pin name (Johannes Anderwald)
  • Implement KSPROPERTY_PIN_NAME properly (Johannes Anderwald)
  • KsPinPropertyHandler does *NOT* set Status in the IRP (Johannes Anderwald)
  • The Category member is LPGUID not GUID (Johannes Anderwald)
  • Check if there is a category member (Johannes Anderwald)
  • Fix 'Assertion 'WorkItem->List.Flink == NULL' failed at ntoskrnl\ex\work.c' (Johannes Anderwald)
  • Fix a bug spotted by Timo (Johannes Anderwald)
  • Store Object Header in FsContext2 (Johannes Anderwald)
  • Fix allocation of create item entry in KsAllocateObjectCreateItem (Johannes Anderwald)
  • Fix de-referencing in Ks[De]ReferenceSoftwareBusObject & Ks[De]ReferenceBusObject (Johannes Anderwald)
  • Fake success in KsEnableEvent (Johannes Anderwald)
  • Check if the list empty in KspFreeEventList (Johannes Anderwald)
  • Handle GUID_NULL in KspPropertyHandler (Johannes Anderwald)
  • Return STATUS_MORE_ENTRIES if outputbuffer is too small (Johannes Anderwald)
  • Zero struct in KsRegisterWorker (Johannes Anderwald)
  • Fix calling property handler in IKsFilter_DispatchDeviceIoControl Found by (Amine Khaldi)
  • Implement handling of KSPROPERTY_TYPE_BASICSUPPORT (Johannes Anderwald)
  • Fix a few bugs in KsPinPropertyHandler & KsTopologyPropertyHandler (Johannes Anderwald)
  • Implement CBaseUnknown class functions in C! (KJK::Hyperion)
  • Store input buffer in Irp->AssociatedIrp.SystemBuffer (Johannes Anderwald)
  • Implement KsCopyObjectBagItems, KsCreateBusEnumObject, KsProbeStreamIrp, KsGetFirstChild, KsGetNextSibling, IKsFilter_fnAddProcessPin, IKsFilter_fnRemoveProcessPin, KsDispatchSpecificProperty, KsPropertyHandler, KsMergeAutomationTables, KsStreamPointerDelete, KsStreamPointerScheduleTimeout, KsStreamPointerCancelTimeout, KsPinGetFirstCloneStreamPointer, KsStreamPointerGetNextCloneKsPropertyHandlerWithAllocator, KsFastPropertyHandler, KsValidateConnectRequest, IKsPin_DispatchDeviceIoControl, IKsPin_Close, KsQueryInformationFile, KsStreamIo, KsMoveIrpsOnCancelableQueue, KsRegisterFilterWithNoKSPins, _KsEdit, KsCacheMedium, KsHandleSizedListQuery, KsAcquireResetValue, KsCompletePendingRequest, KsAllocateExtraData, KsFreeEventList, KsDisableEvent, KsAddEvent, KsDefaultAddEventHandler, KsPinAttachAndGate, KsPinAttachOrGate, KsPinGetAndGate, KsDeviceSetBusData, KsDeviceGetBusData, KsGetPinFromIrp, KsPinAcquireProcessingMutex, KsPinGetConnectedPinDeviceObject, KsPinGetConnectedFileObject, KsPinGetConnectedPinInterface, KsPinGetNextSiblingPin, KsPinGetParentFilter, KsPinRegisterFrameReturnCallback, KsPinRegisterHandshakeCallback, KsPinRegisterIrpCompletionCallback, KsPinRegisterPowerCallbacks, KsPinReleaseProcessingMutex, KsAcquireControl, KsReleaseControl, KsFilterAddTopologyConnections, KsFilterCreatePinFactory, KsFilterAcquireProcessingMutex, KsFilterReleaseProcessingMutex, KsFilterGetChildPinCount, KsFilterRegisterPowerCallbacks, KsGetFilterFromIrp, KsGetObjectFromFileObject, KsGetObjectFromFileObject, KsGetObjectTypeFromIrp, KsGetParent, KsGetObjectFromFileObject, KsGetObjectFromFileObject, KsGetObjectTypeFromIrp, KsGetParent, KoDriverInitialize, KoDeviceInitialize, KsReferenceBusObject, KsReferenceSoftwareBusObject, KsDereferenceSoftwareBusObject, KsDereferenceBusObject, KsGetFirstChild, KsGetImageNameAndResourceId, KsMapModuleName, KsAcquireDevice, KsReleaseDevice, KsTerminateDevice, KsQueryObjectAccessMask, KsQueryObjectCreateItem, KsQueueWorkItem, KsIncrementCountedWorker, KsDecrementCountedWorker, KsRegisterCountedWorker, KsUnregisterWorker, KsRegisterWorker, KsCancelIo, KsReleaseIrpOnCancelableQueue, KsRemoveIrpFromCancelableQueue, KsRemoveSpecificIrpFromCancelableQueue, KsAddIrpToCancelableQueue, KsCancelRoutine, KsValidateAllocatorCreateRequest, KsValidateClockCreateRequest, KsValidateTopologyNodeCreateRequest, KsAddObjectCreateItemToObjectHeader, KsGetDevice, KsDefaultDispatchPnp, KsDefaultDispatchPower, KsDefaultForwardIrp, KsReadFile, KsSetInformationFile, KsQueryInformationFile, KsCreateAllocator, KsCreateDefaultAllocatorEx, KsValidateAllocatorFramingEx, KsSetDevicePnpAndBaseObject, KsQueryDevicePnpObject, KsSetTargetState, KsSetTargetDeviceObject, KsSetPowerDispatch, KsFreeDeviceHeader, KsFreeObjectHeader, KsAllocateObjectCreateItem, KsFreeObjectCreateItem, KsFreeObjectCreateItemsByContext, KsCreateDefaultSecurity, KsCreateClock, KsCreateDefaultClock, partly implement KsAllocateDefaultClockEx, KsFreeDefaultClock, KsGetDefaultClockState, KsSetDefaultClockState, KsGetDefaultClockTime, KsSetDefaultClockTime, KsInitializeDevice, KsGetDeviceForDeviceObject, KsCreateFilterFactory, KsFilterFactorySetDeviceClassesState, KsFilterFactoryGetSymbolicLink, KsFilterFactoryAddCreateItem, KsLoadResource, KsDispatchQuerySecurity, KsDispatchSetSecurity, KsWriteFile, KsDefaultIoCompletion, KsEnableEvent, KsEnableEventWithAllocator, KsDiscardEvent (Johannes Anderwald)
  • Implement attach of filter factories to the device header (Johannes Anderwald)
  • Filter dispatch is optional, handle it when creating new filters (Johannes Anderwald)
  • Fix allocation check by (Amine Khaldi)
  • Fix uninitialized return value when the list is empty (Johannes Anderwald)
  • Fix a horrible bug where the end of the list wasnt checked by the source list but the destination list by (Amine Khaldi)
  • Acquire Spinlock at dpc level (Johannes Anderwald)
  • Release cancel spinlock at correct level (Johannes Anderwald)
  • Fix a desastreous bug in KsRemoveIrpFromCancelableQueue (Johannes Anderwald)
  • Remove KsGetChildCreateParameter, it is not exported in NT 5.1 KS (Johannes Anderwald)
  • Start Implementing IKsPin interface (Johannes Anderwald)
  • Increment PinInstanceCount when a pin has succcessfully been created (Johannes Anderwald)
  • Initialize pin dispatch table (Johannes Anderwald)
  • Add create items for allocator, clock, node create requests (Johannes Anderwald)
  • Add create item for creation of pins and topology nodes (Johannes Anderwald)
  • Implement pin creation handler (Johannes Anderwald)
  • Copy Filter descriptor for each instantiated filter (Johannes Anderwald)
  • Create object bag for IKsFilter, IKsFilterFactory and IKsDevice (Johannes Anderwald)
  • Fix storing of device descriptor in KsInitializeDriver, KsAddDevice (Johannes Anderwald)
  • Remove DriverEntry as ks is kernel mode dll (Johannes Anderwald)
  • Fix unimplemented tags (Johannes Anderwald)
  • Use double in spec for functions taking longlong arguments (Colin Finck)
  • Use KSQUEUE_SPINLOCK_IRP_STORAGE macro for access the stored spin lock (Johannes Anderwald)
  • Remove old irp queue implementation (Johannes Anderwald)
  • Use KSSTRING instead of hardcoding object class (Johannes Anderwald)
  • Rewrite KSCREATE_ITEM handling to support clocks, nodes, allocators. (Johannes Anderwald)
  • Store create items in list instead of an array. Consequently, the code can be re-used for KSDEVICE_HEADER / KSOBJECT_HEADER functions. (Johannes Anderwald)
  • Implement by using KSBASIC_HEADER struct which must be positioned before its object specific (PKSFILTER, PKSFILTERFACTOR, PKSPIN) (Johannes Anderwald)
  • Remove a hack from KspCreateObjectType (Johannes Anderwald)
  • Return the correct device object in KsQueryDevicePnpObject (Johannes Anderwald)
  • Remove KspClose, KspRead, KspWrite, KspFlushBuffers, KspQuerySecurity, KspSetSecurity and all these IOCTL in KspDispatchIrp (Johannes Anderwald)
  • Rewrite KsDispatchIrp to handle IRP_MJ_CREATE & IRP_MJ_POWER, IRP_MJ_PNP for AV Stream minidrivers and forward IRP_MJ_SYSTEM_CONTROL requests to the registered pnp base object (Johannes Anderwald)
  • Unsupported IOCTLs are now completed with KsDispatchInvalidDeviceRequest (previously leaked) (Johannes Anderwald)
  • Implement registering of device interface for AVStream drivers (Johannes Anderwald)
  • Add KsFilterFactoryUpdateCacheData (Johannes Anderwald)
  • Fix a bug which was responsible for most audio-related crashes (Gregor Schneider)






  • Add stubs for unimplmented cases in ScsiPortNotification. (Olaf Siejka)




  • Synched the UniATA Inf to the internal support list. Now ROS can detect all supported SATA Controllers even after 1st stage and properly shows them in the HW Wizard. (Daniel Reimer)
  • Fix a couple of bugs in the uniata ATA code spotted by bearwindows. ICH8/ICH9/ICH10 should be supported now. (Aleksey Bragin)
  • Revert most of the 41684: "-fix support for ICH7,ICH7M,ICH8,ICH8M,ICH9,ICH9R,ICH9M and ICH10 in compat mode". Those controllers should be supported now, and when set to compat mode the driver falls back to UDMA automatically. (Aleksey Bragin)
  • Don't wait so long for drive reset. Reapplying r26470 by Dmitriy Gorbachev. (Aleksey Bragin)


  • Initialize DPC before connecting interrupt with IoConnectInterrupt in ehci_alloc, ohci_alloc and uhci_alloc. Probably fixes crashes on real hardware. (Michael Martin)


  • Add missing exports (Timo Kreuzer)
  • Rewrite VideoPort and Win32k (Eng) event functions to: Use a documented ENG_EVENT structure (thus be compatible with Windows videoprt/win32k) instead of a stupid (PKEVENT) casting everywhere through EngEvent or VideoPort event functions. (Aleksey Bragin)
  • Rewrite VideoPort and Win32k (Eng) event functions to: Implement additional checks for user mapped events in EngDeleteEvent and EngWaitForSingleObject. (Aleksey Bragin)
  • Rewrite VideoPort and Win32k (Eng) event functions to: Implement EngReadStateEvent and EngClearEvent. (Aleksey Bragin)
  • Rewrite VideoPort and Win32k (Eng) event functions to: Provide a better, readable code which matches kernelstyle coding guidelines. (Aleksey Bragin)
  • Rewrite VideoPort and Win32k (Eng) event functions to: Remove (stub out) totally incorrect and buggy map user events support. (Aleksey Bragin)


Static Libraries


  • Initial submit with enough code to compile new browseui classes (Andrew Hill)
  • Added Init and Term to CComModule (Andrew Hill)


  • CmpPrepareKey: Call CmpPrepareKey vice CmpPrepareIndexOfKeys for cell signature of CM_KEY_NODE_SIGNATURE. Fixes ASSERT in cminit.c that occurs on reboot after installing some applications. (Michael Martin)


  • Rewrite time implementation, implement 64bit time support. (Timo Kreuzer)




  • Properly handle multiple monitors by expanding the screensaver window to all monitors (Michael Bruestle)


  • Don't check boot partition during unattended setup if MBR installation is skipped anyway. (Maciej Bialas)
  • Change "MBR" to "bootsector", changed languages are English and Russian. (Aleksey Bragin, #4356)

Win32™ Personality

User mode subsystem server (CSRSS)

  • Create a solid black brush for background color of a ConsoleWindowClass (Aleksey Bragin)
  • Paint the desktop only when getting WM_ERASEBKGND message, and do nothing in WM_PAINT. This is the behavior Windows and Wine implement. (Aleksey Bragin)
  • Add WM_CLOSE stub-handler to desktop background window proc. (Aleksey Bragin)
  • Route unhandled messages to DefWndProc, as it's usually done for every window proc. (Aleksey Bragin)

Kernel-mode subsystem server (Win32K)

  • experimental message handling implementation for ClickLock feature (Matthias Kupfer)
  • KeyboardThreadMain: Set RepeatRate to 1 vice 0. Fixes text input in OpenOffice Writer. (Michael Martin)
  • Various AlphaBlend fixes (Gregor Schneider)
  • Don't try to delete non existing XLateObjects (Gregor Schneider)
  • Implement and optimize FloodFill (Gregor Schneider)
  • Use system wide caret width and height if input parameters are zero (Gregor Schneider, #1559)
  • Fix a typo in EngMovePointer (Gregor Schneider)
  • ChangeDisplaySettings improvements (Gregor Schneider)
  • StretchBlt: Don't access the pattern GetPixel function pointer if it hasn't been set (Gregor Schneider)
  • BitBlt: Only set the pattern function pointer if the pattern surface is valid (Gregor Schneider)
  • Allocate span memory for every clipping type, not only for one (Gregor Schneider)
  • StretchBlt: Copy the source rectangle after checking it, create input rectangle from destination size if source is not used (Gregor Schneider)
  • Various resource and failure fixes (Amine Khaldi, Gregor Schneider)
  • Sync and adapt Wine font metric code for setting first, last, default and break characters (Gregor Schneider)
  • co_IntLoadSysMenuTemplate: only copy buffer if prior operation succeeded (Gregor Schneider, #4803)
  • GetTransform: Add support for more transforms, stub out missing functionality, fix return values (Gregor Schneider)
  • NtGdiGetRasterizerCaps: fix return value on success (Kamil Hornicek)
  • Implement brush realization. (Timo Kreuzer)
  • Rewrite XLATEOBJ implementation. (Timo Kreuzer)
  • Implement EngFileIoControl and EngFileWrite. (Timo Kreuzer)
  • Remove XlatePatternToDest from BLTINFO and DIB code. (Amine Khaldi)
  • Don't cleanup the XLATEOBJ in GreSetPointerShape when it wasn't initialized. (Amine Khaldi)
  • Rewrite (NtUser)SystemParametersInfo implementation. (Timo Kreuzer)
  • Remove syscolor pen support. (Timo Kreuzer)
  • Implement PALETTE_ulGetNearestPaletteIndex, PALETTE_ulGetRGBColorFromIndex, PALETTE_vGetBitMasks. (Timo Kreuzer)
  • Implement GreMovePointer and GreSetPointerShape. (Timo Kreuzer)
  • Fix LIST_FOR_EACH and LIST_FOR_EACH_SAFE. (Timo Kreuzer)
  • UserPostMessage: allow broadcasting of WM_QUIT and post it to the window's message queue instead of the current thread's message queue. (Giannis Adamopoulos, #4058)
  • Don't do callbacks to usermode when holding the lock. Fixes the famous "VMWare video driver installer 2nd stage hang" bug. (Giannis Adamopoulos, #2666)
  • Implement AttachThreadInput, not yet connected to the thread message queue. (James Tabor)
  • Remove Thread from event structure and substitute with thread info from head structure. (James Tabor)
  • Set Process, pass keyboard handle and enable check for user hooks. (James Tabor)
  • Prevent kernel bug check in win32k when calling a hook proc when thread is in cleanup. (James Tabor)
  • Export global DD context size. Create a container for both PDev and EDDG structures. When allocating PDev and add the DD context size if not zero. (James Tabor)
  • Working with Michael Martin to fix the LoadMenu callback bug. MenuName is a variable string buffer and not a pointer. The minimum size is always four bytes. Initialization of the structure, zero out the memory, allowing Intersource check to function as it should. To make it Intersource, use the first word character in the buffer. (James Tabor)
  • Class rewrite. (James Tabor)
  • Patch by Some applications try to set a child as a parent. (James Tabor, #4789)
  • Add win32k support functions for GetCharacterPlacement. (James Tabor)
  • Add callback for client side thread startup. (James Tabor, #4785)
  • Removed W32THREADINFO. (James Tabor)
  • Use correct head structure for event hooks. (James Tabor)
  • Use the correct flag for hidden popup actions. (James Tabor)
  • Implementation of registering system atom listings with table references. Hax Fix: Edit control atom support. (James Tabor, #4705
  • Implement support for HWND_MESSAGE. (James Tabor)
  • Update Xp w32process structure with real names, based on W7U symbols. Ref: (James Tabor)
  • Add initialization of system atoms. (James Tabor)
  • Implement NtUserInitializeClientPfnArrays. (James Tabor)
  • If any dib sections was created, set the flag. (James Tabor)
  • Update UpdateLayeredWindow and Indirect. (James Tabor)
  • Update NtGdiOpenDCW to the newest sdk. (James Tabor)
  • Move PostThreadMessage internals into its own function. (James Tabor)
  • Implement the client shutdown procedure. (James Tabor)
  • Updates and changes to, with one add on and removal: MenuWindowProc (Not supported in kernel space), PopupMenuWndProcA, PostMessage, SendNotifyMessage and win32k hook debugs. (James Tabor)
  • Patch by Smiley <>: Wrong PostMessage and SendNotifyMessage behavior, (James Tabor, #4646)



RPC Server



Control panel applets









Win32™ Applications



  • Rename a few interfaces in explorer_new to the correct name (Andrew Hill)








Win32™ Libraries


  • Check Input Parameter (fixes a skype crash) (Johannes Anderwald)
  • Fix broken check (Johannes Anderwald)
  • Return proper lengths of required buffer sizes in characters (including the termination NULL character) in LookupAccountSid. Fixes 4 "advapi32_winetest security" failures. (Alexander Yastrebov, #4904)


  • Convert existing classes to C++/ATL (Andrew Hill)
  • Add AddressBand, AddressEditBox, BandProxy, BaseBar, BaseBarSite, BrandBand, InternetToolbar, ShellBrowser, ToolsBand, and TravelLog (Andrew Hill)
  • Add stub implementations of commonbrowser, globalfoldersettings, and regtreeoptions (Andrew Hill)


  • Added 11 new Backs for my bavarian cards dll. Way better than using 12 times the same (Daniel Reimer)


  • Fix a critical bug in TOOLTIPS_NotifyFormat. Its first parameter changed from HWND to infoPtr pointer, however the function was not updated accordingly. (Aleksey Bragin)



  • Implement IDirectSoundCaptureBuffer8::Stop, IDirectSoundCaptureBuffer8::Lock, IDirectSoundCaptureBuffer8::Unlock, IDirectSound8::GetCaps, IDirectSound8::Compact, IDirectSoundCaptureBuffer::GetCaps, IDirectSoundCaptureBuffer::GetCurrentPosition, IDirectSoundCaptureBuffer::GetFormat, IDirectSoundCaptureBuffer::GetStatus, IDirectSoundCaptureBuffer::Start, DirectSoundEnumerateA, DirectSoundEnumerateW, DirectSoundCaptureEnumerateA, DirectSoundCaptureEnumerateW, GetDeviceID (Johannes Anderwald)
  • Implement changing the stream format for secondary buffers (Johannes Anderwald)
  • Fix checking of flags found by Ged Murphy (Johannes Anderwald)
  • Register IDirectSound8, IDirectSoundCapture8 with COM (Johannes Anderwald)
  • Verify if wrong guid is passed in IDirectSound8::Initialize (Johannes Anderwald)
  • Check for invalid guids passed to IDirectSoundCapture::Initialize (Johannes Anderwald)
  • Close pin handle when the capture buffer is released (Johannes Anderwald)
  • Compute a compatible pin format when the format is not supported natively by the driver (Johannes Anderwald)
  • Fix shadowing of global variable (Sylvain Petreolle)
  • Verify that directsound global info has already initialized in IDirectSound8::Initialize (Johannes Anderwald)
  • DllRegisterServer / DllUnregisterServer are taken from Wine DSound implementation (John K. Hohm)
  • Implement stereo to mono channel conversion (Johannes Anderwald)
  • Create a thread which performs the mixing (Johannes Anderwald)
  • Add more checks IDirectSoundCapture::CreateCaptureBuffer (Johannes Anderwald)
  • Implement IDirectSoundNotify interface (Johannes Anderwald)


  • Remove duplicate WToA conversion routine, update the kept version to current Wine (Gregor Schneider)
  • Various resource and failure fixes (Amine Khaldi, Gregor Schneider)
  • GetGlyphOutline: fail if output or transformation matrix buffers are not passed (Gregor Schneider)
  • Prevent possible buffer overrun in TranslateCharsetInfo, (Gregor Schneider, Wine bug #19819)
  • Update metafile structure. (James Tabor)
  • Move GetCharacterPlacement functions into new locations. Implemented GetCharacterPlacementA from wine port. (James Tabor)







  • Schedule a rename operation also for ERROR_USER_MAPPED_FILE. Prevents msi from aborting an install when attempting to overwrite font files. Open Office should now install successfully. (Michael Martin)




  • Handle WGL_SWAP_MAIN_PLANE case in SwapLayerBuffers stub (Kamil Hornicek)
  • Ported wglUseFontOutlines, wglUseFontBitmaps from the glDirect driver (Kamil Hornicek)







  • Add Ext2, GraphApp and X to the list of acknowledged projects. (James Tabor)


  • DIALOG_CreateIndirect: Save the current focused window after sending WM_INITDIALOG as the current window with focus could have been set in the dialog's procedure. Fixes setting focus on Open and Close dialogs to the FileName edit control in OpenOffice. (Michael Martin)
  • GetDlgItem: Change to WINE's implementation as ours was incorrect. Remove function GetDlgItemEnumProc and struct GETDLGITEMINFO as they are no longer needed. Fixes drawing issues in Open and Save dialogs for OpenOffice. (Michael Martin)
  • Fix 2 user32 winstation test failures (Giannis Adamopoulos)
  • Restructure and simplify CreateCursorFromData, allow to create colored icons (Gregor Schneider)
  • Handle WM_SETREDRAW messages differently in the DefWndProc, riched20 regression (Gregor Schneider, #4098)
  • Only set text resource in DefWndProcA on WM_NCCREATE if passed and exists (Gregor Schneider, #4766)
  • Ilya Shpigor: Skip STM_SETIMAGE message if the static control style does not match. (James Tabor)
  • Enable EnhMeta functions. (James Tabor)
  • Wine sync up to 1.1.29 Edit coitrols. (James Tabor)
  • Patch by Smiley <>: remove redundant system calls when window structure is available to user space. (James Tabor)
  • Start Theme Support Interface. (James Tabor)
  • Class rewrite. (James Tabor)
  • Fix a crash in SetMenuInfo. (James Tabor)
  • Patch by Dmitry Timoshkov : Return 0 from DefDlgProc and dialog loop for invalid dialog handles. (James Tabor)
  • Patch by Rein Klazes : Handle WM_PRINTCLIENT message in PopupMenuWndProc(). (James Tabor)
  • Syncing up with current revision of Defdlg.c and Dialog.c from wine. Critical update for class rewrite. (James Tabor)
  • Implement window message is active icon. (James Tabor)
  • Move inline function to local header. (James Tabor)
  • Rename pointer to server information structure. (James Tabor)
  • Fix SetWndContextHlpId call. (James Tabor)
  • Move GetWindowInfo support into user32. Use HWNDPARAM for SetWindowContextHelpId. (James Tabor)
  • Properly set and clear the dialog window flag. (James Tabor)
  • Start initializing client pfn arrays so that they can be loaded into the server information structure and help register class atoms in win32k. (James Tabor)
  • Discontinue the use of thread information for the hook check and use client information.(James Tabor)
  • Implement the client shutdown procedure. (James Tabor)







Regression tests

Versions / Official Changelogs / Community Changelogs
0.0.x Series 0.0.8 | 0.0.9 | 0.0.10 | 0.0.11 | 0.0.12 | 0.0.13 | 0.0.14 | 0.0.15 | 0.0.16 | 0.0.17 | 0.0.18 | 0.0.19 | 0.0.20 | 0.0.21
0.1.x Series 0.1.0 | 0.1.1 | 0.1.2 | 0.1.3 | 0.1.4 | 0.1.5
0.2.x Series 0.2.0 | 0.2.1 | 0.2.2 | 0.2.3 | 0.2.4 | 0.2.5 | 0.2.6 | 0.2.7 | 0.2.8 | 0.2.9
0.3.x Series 0.3.0 | 0.3.1 | 0.3.2 | 0.3.3 | 0.3.4 | 0.3.5 | 0.3.6 | 0.3.7 | 0.3.8 | 0.3.9 | 0.3.10 | 0.3.11 | 0.3.12 | 0.3.13 | 0.3.14 | 0.3.15 | 0.3.16 | 0.3.17
0.4.x Series 0.4.0 | 0.4.1 | 0.4.2 | 0.4.3 | 0.4.4 | 0.4.5 | 0.4.6 | 0.4.7 | 0.4.8 | 0.4.9 | 0.4.10 | 0.4.11 | 0.4.12 | 0.4.13