https://bugs.winehq.org/show_bug.cgi?id=51484
--- Comment #5 from François Gouget fgouget@codeweavers.com --- Created attachment 73908 --> https://bugs.winehq.org/attachment.cgi?id=73908 Comment out all non-essential parts to reproduce the crash in Wine
Running this test with WINEDEBUG=heap makes the crash on exit almost systematically reproducible. From that I found that test_simple_playing() is to blame and more specifically the code up to the rifffile IDirectMusicLoader8_GetObject() call. See the attached patch for details.
Here are the traces I get with that patch:
0418:trace:heap:RtlAllocateHeap handle 01B70000, flags 0, size 0x8a, return 01B71CB0, status 0. 0418:err:sync:RtlLeaveCriticalSection section 00140074 "dlls/ntdll/heap.c: main process heap section" is not acquired ... 0418:trace:heap:RtlAllocateHeap handle 00140000, flags 0, size 0x20, return 00193BE0, status 0. 0418:err:sync:RtlLeaveCriticalSection section 00140074 "dlls/ntdll/heap.c: main process heap section" is not acquired ... 0418:trace:heap:RtlFreeHeap handle 00140000, flags 0, ptr 00157A30, return 1, status 0. 0418:err:sync:RtlLeaveCriticalSection section 00140074 "dlls/ntdll/heap.c: main process heap section" is not acquired 0418:trace:heap:RtlFreeHeap handle 00140000, flags 0, ptr 00157A68, return 1, status 0. 0418:err:sync:RtlLeaveCriticalSection section 00140074 "dlls/ntdll/heap.c: main process heap section" is not acquired ... 0418:trace:heap:RtlFreeHeap handle 00140000, flags 0, ptr 00157DE8, return 1, status 0. 0418:err:sync:RtlLeaveCriticalSection section 00140074 "dlls/ntdll/heap.c: main process heap section" is not acquired ... 0418:trace:heap:RtlFreeHeap handle 00140000, flags 0, ptr 00158210, return 1, status 0. 0418:err:heap:validate_free_block heap 00140000, block 00194D90: invalid next block back pointer ... right after the dump ... 0418:err:sync:RtlLeaveCriticalSection section 00140074 "dlls/ntdll/heap.c: main process heap section" is not acquired ... right after one more dump ... 0430:err:virtual:virtual_setup_exception stack overflow 900 bytes addr 0x7bc56a8d stack 0x1e90c7c (0x1e90000-0x1e91000-0x2090000)
I think it's that stack overflow that causes the crash on exit. However it's likely caused by the previous heap trouble.