6 Mar
2024
6 Mar
'24
8:08 a.m.
Hmm, i think the clearer version does have a use-after-free problem. If the item is freed in `queue_cancel_item` while `scheduled_item_cancelable_callback`/`waiting_item_cancelable_callback` is running, the latter will use-after-free.
How can this use-after-free happen? If scheduled_item_cancelable_callback() is still running, queue_cancel_item() merely decreases the work item reference count and not actually releasing the object. -- https://gitlab.winehq.org/wine/wine/-/merge_requests/4243#note_63660