https://bugs.winehq.org/show_bug.cgi?id=36794
Bug ID: 36794 Summary: valgrind shows an invalid free for comctl32/tests/listview.c Product: Wine Version: 1.7.20 Hardware: x86 OS: Linux Status: NEW Keywords: download, source, testcase, valgrind Severity: normal Priority: P2 Component: comctl32 Assignee: wine-bugs@winehq.org Reporter: austinenglish@gmail.com
==4761== Invalid write of size 4 ==4761== at 0x54B71CF: EDIT_WM_KillFocus (edit.c:3566) ==4761== by 0x54BC254: EditWndProc_common (edit.c:5052) ==4761== by 0x552D1D2: EditWndProcA (winproc.c:1077) ==4761== by 0x552A6FD: ??? (winproc.c:173) ==4761== by 0x552A872: call_window_proc (winproc.c:244) ==4761== by 0x552CB8B: CallWindowProcA (winproc.c:955) ==4761== by 0x5185507: CallWindowProcT (listview.c:1566) ==4761== by 0x518F840: EditLblWndProcT (listview.c:5981) ==4761== by 0x518F8FB: EditLblWndProcA (listview.c:6023) ==4761== by 0x552A6FD: ??? (winproc.c:173) ==4761== by 0x552A872: call_window_proc (winproc.c:244) ==4761== by 0x552CB8B: CallWindowProcA (winproc.c:955) ==4761== by 0x4E816AD: editbox_subclass_proc (listview.c:752) ==4761== by 0x552A6FD: ??? (winproc.c:173) ==4761== by 0x552A872: call_window_proc (winproc.c:244) ==4761== by 0x552C89F: WINPROC_CallProcWtoA (winproc.c:858) ==4761== by 0x552CA4A: WINPROC_call_window (winproc.c:902) ==4761== by 0x54E91E8: call_window_proc (message.c:2223) ==4761== by 0x54EC0BA: send_message (message.c:3263) ==4761== by 0x54EC6D8: SendMessageW (message.c:3457) ==4761== Address 0x4ac16bc is 4 bytes inside a block of size 80 free'd ==4761== at 0x7BC4C72C: notify_free (heap.c:263) ==4761== by 0x7BC51071: RtlFreeHeap (heap.c:1762) ==4761== by 0x516BE94: DPA_Destroy (dpa.c:409) ==4761== by 0x5198E64: LISTVIEW_NCDestroy (listview.c:10344) ==4761== by 0x519C0AB: LISTVIEW_WindowProc (listview.c:11669) ==4761== by 0x552A6FD: ??? (winproc.c:173) ==4761== by 0x552A872: call_window_proc (winproc.c:244) ==4761== by 0x552BA60: WINPROC_CallProcAtoW (winproc.c:603) ==4761== by 0x552CC51: CallWindowProcA (winproc.c:961) ==4761== by 0x4E81170: listview_subclass_proc (listview.c:642) ==4761== by 0x552A6FD: ??? (winproc.c:173) ==4761== by 0x552A872: call_window_proc (winproc.c:244) ==4761== by 0x552C89F: WINPROC_CallProcWtoA (winproc.c:858) ==4761== by 0x552CA4A: WINPROC_call_window (winproc.c:902) ==4761== by 0x54E91E8: call_window_proc (message.c:2223) ==4761== by 0x54EC0BA: send_message (message.c:3263) ==4761== by 0x54EC6D8: SendMessageW (message.c:3457) ==4761== by 0x5519439: WIN_DestroyWindow (win.c:967) ==4761== by 0x551C9D1: DestroyWindow (win.c:1884) ==4761== by 0x4E9C784: test_header_notification (listview.c:5217) ==4761==
wine-1.7.20-122-gd2d62cf, no virtual desktop
http://bugs.winehq.org/show_bug.cgi?id=36794
Sebastian Lackner sebastian@fds-team.de changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |sebastian@fds-team.de
--- Comment #1 from Sebastian Lackner sebastian@fds-team.de --- Created attachment 48898 --> http://bugs.winehq.org/attachment.cgi?id=48898 comctl32: Unset window pointer before deallocating the memory (Valgrind).
Can you try this patch, please?
https://bugs.winehq.org/show_bug.cgi?id=36794
--- Comment #2 from Austin English austinenglish@gmail.com --- (In reply to Sebastian Lackner from comment #1)
Created attachment 48898 [details] comctl32: Unset window pointer before deallocating the memory (Valgrind).
Can you try this patch, please?
I can't get the bug to reliably occur in wine-1.7.20-122-gd2d62cf or wine-1.7.21.
https://bugs.winehq.org/show_bug.cgi?id=36794
--- Comment #3 from Austin English austinenglish@gmail.com --- (In reply to Austin English from comment #2)
(In reply to Sebastian Lackner from comment #1)
Created attachment 48898 [details] comctl32: Unset window pointer before deallocating the memory (Valgrind).
Can you try this patch, please?
I can't get the bug to reliably occur in wine-1.7.20-122-gd2d62cf or wine-1.7.21.
With a fresh Fedora install and wine-1.7.32, I'm able to reproduce this again reliably. The patch, however, doesn't help.
https://bugs.winehq.org/show_bug.cgi?id=36794
Thomas Faller tfaller1@gmx.de changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |tfaller1@gmx.de
--- Comment #4 from Thomas Faller tfaller1@gmx.de --- I can't reproduce this issue. Is this still present in your test runs?
https://bugs.winehq.org/show_bug.cgi?id=36794
Austin English austinenglish@gmail.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution|--- |FIXED
--- Comment #5 from Austin English austinenglish@gmail.com --- Not seeing this in wine-1.7.53-211-g28b916b
https://bugs.winehq.org/show_bug.cgi?id=36794
Alexandre Julliard julliard@winehq.org changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |CLOSED
--- Comment #6 from Alexandre Julliard julliard@winehq.org --- Closing bugs fixed in 1.7.54.