https://bugs.winehq.org/show_bug.cgi?id=51438
--- Comment #4 from Bernhard Übelacker bernhardu@mailbox.org --- Created attachment 70297 --> https://bugs.winehq.org/attachment.cgi?id=70297 51438_debugging.txt
I experimented a little with rr and found this free happens inside wineserver.
I did also the git bisect, which points to this commit:
Author: Erich E. Hoover erich.e.hoover@gmail.com Date: Thu Jan 16 21:02:11 2014 -0700 server: Add support for deleting junction points with RemoveDirectory. https://github.com/wine-staging/wine-staging/blob/master/patches/ntdll-Junct...
Attached file contains also a valgrind run (just of wineserver), that points it out clearly:
Invalid free() / delete / delete[] / realloc() at 0x48399AB: free (in vgpreload_memcheck-amd64-linux.so) by 0x12EF62: inode_destroy (fd.c:1174) by 0x142910: release_object (object.c:441) ... Address 0x605c840 is 0 bytes inside a block of size 123 free'd at 0x48399AB: free (in vgpreload_memcheck-amd64-linux.so) by 0x132EB9: set_fd_name (fd.c:2829) by 0x133DE6: req_set_fd_name_info (fd.c:3165) ... Block was alloc'd at at 0x483877F: malloc (in vgpreload_memcheck-amd64-linux.so) by 0x491EE4A: strdup (strdup.c:42) by 0x130D64: dup_fd_name (fd.c:1863) by 0x131674: open_fd (fd.c:2098) ...