[Bug 51438] Rust compiler crashes with "free(): double free detected in tcache 2" message
WineHQ Bugzilla
wine-bugs at winehq.org
Sat Jul 10 16:39:38 CDT 2021
https://bugs.winehq.org/show_bug.cgi?id=51438
--- Comment #4 from Bernhard Übelacker <bernhardu at mailbox.org> ---
Created attachment 70297
--> https://bugs.winehq.org/attachment.cgi?id=70297
51438_debugging.txt
I experimented a little with rr and found this free happens inside wineserver.
I did also the git bisect, which points to this commit:
Author: Erich E. Hoover <erich.e.hoover at gmail.com>
Date: Thu Jan 16 21:02:11 2014 -0700
server: Add support for deleting junction points with RemoveDirectory.
https://github.com/wine-staging/wine-staging/blob/master/patches/ntdll-Junction_Points/0005-server-Add-support-for-deleting-junction-points-with.patch
Attached file contains also a valgrind run (just of wineserver),
that points it out clearly:
Invalid free() / delete / delete[] / realloc()
at 0x48399AB: free (in vgpreload_memcheck-amd64-linux.so)
by 0x12EF62: inode_destroy (fd.c:1174)
by 0x142910: release_object (object.c:441)
...
Address 0x605c840 is 0 bytes inside a block of size 123 free'd
at 0x48399AB: free (in vgpreload_memcheck-amd64-linux.so)
by 0x132EB9: set_fd_name (fd.c:2829)
by 0x133DE6: req_set_fd_name_info (fd.c:3165)
...
Block was alloc'd at
at 0x483877F: malloc (in vgpreload_memcheck-amd64-linux.so)
by 0x491EE4A: strdup (strdup.c:42)
by 0x130D64: dup_fd_name (fd.c:1863)
by 0x131674: open_fd (fd.c:2098)
...
--
Do not reply to this email, post in Bugzilla using the
above URL to reply.
You are receiving this mail because:
You are watching all bug changes.
More information about the wine-bugs
mailing list