[Bug 48732] How to Survive crashes on start (fullscreen mode)

[WineHQ Bugzilla]

https://bugs.winehq.org/show_bug.cgi?id=48732

--- Comment #3 from Gabriel Ivăncescu <gabrielopcode at gmail.com> ---
I haven't been able to reproduce it either, but from your log it seems it
crashes in a different thread immediately after put_Owner.

However, while mine didn't crash, this is the surrounding log to put_Owner:

0035:trace:quartz:FilterGraph2_RemoveFilter Disconnect 2: 00000001
0035:trace:strmbase:filter_inner_Release 17A9F688 decreasing refcount to 2.
0035:trace:strmbase:IEnumPinsImpl_Next (17AA04B0)->(1, 00EFACC4, 00000000)
0035:trace:strmbase:IEnumPinsImpl_Release (17AA04B0)->(): new ref = 0
0035:trace:strmbase:filter_inner_Release 17A9F688 decreasing refcount to 1.
0035:trace:strmbase:filter_JoinFilterGraph (17A9F688)->(00000000, (null))
0035:trace:strmbase:filter_SetSyncSource (17A9F688)->(00000000)
0035:trace:strmbase:filter_inner_Release 17A9F688 decreasing refcount to 0.
0035:trace:strmbase:BaseControlWindowImpl_put_Owner window 17A9F988, owner 0.
0035:trace:strmbase:filter_inner_Release 17A9F688 decreasing refcount to
4294967295.
0035:trace:strmbase:sink_Disconnect pin 17A9F7D4.
0035:trace:strmbase:SeekInner_Release (17A9E268)->(): new ref = 0
0035:trace:quartz:Inner_Release (17A9E1C8)->(): new ref = 0


Note the refcount decrease to 4294967295 (underflow to -1), that's clearly a
refcount bug somewhere and is probably the reason for the crash
(use-after-free).

For extra info: the app has no prior owner on the window (it's NULL) and the
window's thread ID is the same as the thread from where put_Owner is called
from.

-- 
Do not reply to this email, post in Bugzilla using the
above URL to reply.
You are receiving this mail because:
You are watching all bug changes.