[PATCH 0/1] MR10433: ntdll: Do not keep next handler pointer outside of lock in call_vectored_handlers().
Fixes a regression introduced by 4749bd2bb74902703976acb1b047867819eab939. -- https://gitlab.winehq.org/wine/wine/-/merge_requests/10433
From: Paul Gofman <pgofman@codeweavers.com> Fixes a regression introduced by 4749bd2bb74902703976acb1b047867819eab939. --- dlls/ntdll/exception.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/dlls/ntdll/exception.c b/dlls/ntdll/exception.c index 4f21222ece6..a2b7513bfa3 100644 --- a/dlls/ntdll/exception.c +++ b/dlls/ntdll/exception.c @@ -164,7 +164,6 @@ static LONG call_vectored_handlers( EXCEPTION_RECORD *rec, CONTEXT *context ) while (entry != mark) { handler = CONTAINING_RECORD( entry, VECTORED_HANDLER, entry ); - entry = entry->Flink; ++*handler->count; func = RtlDecodePointer( handler->func ); RtlLeaveCriticalSection( &vectored_handlers_section ); @@ -177,6 +176,7 @@ static LONG call_vectored_handlers( EXCEPTION_RECORD *rec, CONTEXT *context ) TRACE( "handler at %p returned %lx\n", func, ret ); RtlEnterCriticalSection( &vectored_handlers_section ); + entry = entry->Flink; if (!--*handler->count) /* removed during execution */ { RemoveEntryList( &handler->entry ); -- GitLab https://gitlab.winehq.org/wine/wine/-/merge_requests/10433
Current handler is protected by increased reference count while the next one can be deleted or inserted when critical section is released (as it happens in Microsoft Flight Simulator 2024). -- https://gitlab.winehq.org/wine/wine/-/merge_requests/10433#note_133455
participants (1)
-
Paul Gofman -
Paul Gofman (@gofman)