[Bug 31723] New: Heap corruption crash on exit from notepad under WINEDEBUG=warn+heap

wine-bugs at winehq.org wine-bugs at winehq.org
Mon Sep 17 09:30:02 CDT 2012


http://bugs.winehq.org/show_bug.cgi?id=31723

             Bug #: 31723
           Summary: Heap corruption crash on exit from notepad under
                    WINEDEBUG=warn+heap
           Product: Wine
           Version: 1.5.12
          Platform: x86
        OS/Version: Linux
            Status: NEW
          Severity: normal
          Priority: P2
         Component: user32
        AssignedTo: wine-bugs at winehq.org
        ReportedBy: dank at kegel.com
    Classification: Unclassified


Found while looking at bug 31353.

In wine-1.5.13, if I do
   echo x > foo.txt
   WINEDEBUG=warn+heap wine notepad foo.txt
and then exit notepad, it crashes with the following stack trace:

Unhandled exception: page fault on read access to 0xfeeefef6 in 32-bit code
(0x7db24356).
Backtrace:
=>0 ScriptStringFree+0x36(pssa=0x161bcc) [dlls/usp10/usp10.c:2320]
  1 EditWndProc_common+0x1119(hwnd=<?>, msg=<?>, wParam=<?>, lParam=<?>,
unicode=<?>) [dlls/user32/edit.c:375]
  2 EditWndProcW+0x3a(hwnd=0x10076, msg=0x82, wParam=0, lParam=0)
[dlls/user32/winproc.c:1081]

'winetricks usp10' does not work around it.

wine-1.4 does not have the problem.

git log on edit.c shows the most recent commit is

user32: Release uniscribe data on Edit control destruction (valgrind).
author    Nikolay Sivov <nsivov at codeweavers.com>    
Tue, 4 Sep 2012 19:06:17 +0000 (23:06 +0400)
commit    6b1946154831c4537b9fffc4994cb0273db55918
user32: Release uniscribe data on Edit control destruction (valgrind).

Reverting that gets rid of the crash.

-- 
Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email
Do not reply to this email, post in Bugzilla using the
above URL to reply.
------- You are receiving this mail because: -------
You are watching all bug changes.



More information about the wine-bugs mailing list