kernel32: Write the wait handle before executing the callback

System Internals / WINE - Rémi Bernon [codeweavers.com] - 11 February 2021 21:26 UTC

Otherwise we may execute the callback before the value is actually returned from RegisterWaitForSingleObject.

Gears Tactics shares a pointer to the returned handle with its callbacks and calls UnregisterWait from there. This creates a race condition that sometimes causes a double free.

Wine-Bug: https://bugs.winehq.org/show_bug.cgi?id=47843

b922b5aeef1 kernel32: Write the wait handle before executing the callback.
dlls/kernel32/sync.c | 3 ++-
dlls/kernel32/tests/thread.c | 61 ++++++++++++++++++++++++++++++++++++++++++++
dlls/ntdll/threadpool.c | 3 +++
3 files changed, 66 insertions(+), 1 deletion(-)

Upstream: source.winehq.org

Related WINE Activity

winegstreamer: Support wg_transform output format change events
Rémi Bernon

ntdll: Support activatableClass activation context elements
Rémi Bernon

kernelbase: Implement internal KernelBaseGetGlobalData
Rémi Bernon

xinput1_3: Use WM_DEVICECHANGE device path to add or remove devices
Rémi Bernon

Recent WINE Activity

winegstreamer: Support wg_transform output format change events
Rémi Bernon

mshtml: Implement ontimeout event for XMLHttpRequest
Gabriel Ivăncescu

mshtml: Implement timeout for XMLHttpRequest
Gabriel Ivăncescu

Release 7.9.
Alexandre Julliard

wined3d: Add support for sysmem-clearing float32 formats
Stefan Dösinger

kernel32: Write the wait handle before executing the callback

System Internals / WINE - Rémi Bernon [codeweavers.com] - 11 February 2021 21:26 UTC

Related WINE Activity

Share

Recent WINE Activity