On Mon Mar 18 23:43:42 2024 +0000, Jinoh Kang wrote:
`root_directory` is a global pointer. Removing all references to it will free the directory object, and the pointer will become dangling. The only way to achieve this is to delete every named object, which is, yes, not that practical. Does this mean that we can introduce another global pointer that works in a similar manner? !3103 introduces a global pointer to a permanent shared mapping, and deleting it will lead to the same kind of bug: not only use-after-free but also rendering win32u unusuable. I submitted this MR mainly so that I can learn how serious upstream is about the "wineserver crash = bug" rule.
I guess wineserver crash is serious, but probably different ways of fixing it are possible. If it is not achievable without breaking everything before due to some other bugs, maybe fixing something earlier in that sequence is more valuable? Maybe it is just me, but fixing some select consequences of the total breakage looks like a pointless exercise to me.