[Bug 7286] wineserver aborts in release_object because obj->refcount is 0

Wine Bugs wine-bugs at winehq.org
Wed Jan 31 00:14:42 CST 2007


------- Additional Comments From mk144210 at bcm.tmc.edu  2007-31-01 00:14 -------
Here is the deep problem. Now I need to figure out how to solve it:

The problem is that a thread cannot be sent an APC from within an
end_wait for it's timeout. The reason is that the end_wait function,
while it is destroying objects, does not in any way remove these objects
from its own wait queue (which took me a while to figure out, it removes
each wait object's "entry" from the "entries", but in the entries at the
end of the thread_wait structure all the objects stay put and the count
does too until the very end of the function). When the first end_wait is
called as a timeout, it starts freeing objects that I guess the thread
was waiting for, and the directory object, in its removal function,
sends APCs to its change queue (still not really sure what this is, but
maybe processes that are waiting for it to change? Seems kind of a
duplicate of the initial wait in this case though), which ends up seeing
no other APCs queued for that thread, and la ti da let's wake it up.
end_wait is called, sees that it has a count of 1 to free up, and again
calls the free function for that one object.

Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

More information about the wine-bugs mailing list