Re: [PATCH 0/3] MR1559: ntoskrnl.exe: Prevent blocking if kernel timer is reset in DPC.

On Mon Nov 28 21:55:48 2022 +0000, Zebediah Figura wrote:

I'm a bit concerned about this change, because my assumption—although I never tried to validate it—is that KeSetTimerEx() should probably act as a fence, i.e. it shouldn't be possible for an earlier callback to execute simultaneously or after it's returned. In this case that could result in a non-periodic DPC executing twice, which seems dangerous.

Note that 1/3 won't actually help you, because we could already be in ke_timer_complete_proc() but not executing the callback yet.