Module: wine Branch: master Commit: 3f52b3a7413e9e0e9a29dd57c24bc66569690fca URL: https://source.winehq.org/git/wine.git/?a=commit;h=3f52b3a7413e9e0e9a29dd57c...
Author: Rémi Bernon rbernon@codeweavers.com Date: Mon May 30 19:57:55 2022 +0200
ntdll: Correctly free pending pointer in RtlDestroyHeap.
It's allocated from the heap itself, should be freed even for the main process heap, and before destroying the CS or notifying valgrind of used block being freed.
Signed-off-by: Rémi Bernon rbernon@codeweavers.com
---
dlls/ntdll/heap.c | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-)
diff --git a/dlls/ntdll/heap.c b/dlls/ntdll/heap.c index f9cdb6d8c26..57ceff9cdd1 100644 --- a/dlls/ntdll/heap.c +++ b/dlls/ntdll/heap.c @@ -1431,6 +1431,7 @@ HANDLE WINAPI RtlDestroyHeap( HANDLE heap ) HEAP *heapPtr = HEAP_GetPtr( heap ); SUBHEAP *subheap, *next; ARENA_LARGE *arena, *arena_next; + struct block **pending, **tmp; SIZE_T size; void *addr;
@@ -1443,6 +1444,15 @@ HANDLE WINAPI RtlDestroyHeap( HANDLE heap ) } if (!heapPtr) return heap;
+ if ((pending = heapPtr->pending_free)) + { + heapPtr->pending_free = NULL; + for (tmp = pending; *tmp && tmp != pending + MAX_FREE_PENDING; ++tmp) + if ((subheap = find_subheap( heap, *tmp, FALSE ))) + free_used_block( subheap, *tmp ); + RtlFreeHeap( heap, 0, pending ); + } + if (heap == processHeap) return heap; /* cannot delete the main process heap */
/* remove it from the per-process list */ @@ -1470,7 +1480,6 @@ HANDLE WINAPI RtlDestroyHeap( HANDLE heap ) NtFreeVirtualMemory( NtCurrentProcess(), &addr, &size, MEM_RELEASE ); } notify_free_all( &heapPtr->subheap ); - RtlFreeHeap( GetProcessHeap(), 0, heapPtr->pending_free ); size = 0; addr = heap; NtFreeVirtualMemory( NtCurrentProcess(), &addr, &size, MEM_RELEASE );