This means, the heap fails to remove the free block, because free block's forward or backward pointer is invalid. Which is a very probably scenario, when an allocated block of heap is overwritten.
WBR, Aleksey.
On Dec 17, 2010, at 5:02 AM, James Tabor wrote:
I've tested my patches with 49720 so far the wine user Dialog works. Upping to 50046 and repeating the test since 50000, this happens,
(subsystems/win32/win32k/ntuser/window.c:2067) co_UserCreateWindowEx(): NCCREATE message failed (subsystems/win32/win32k/ntuser/window.c:2339) co_UserCreateWindowEx failed!
kdb:> bt Eip: ntdll.dll:92b1 lib/rtl/heap.c:358 (RtlpRemoveFreeBlock@16) Frames: ntdll.dll:b189 lib/rtl/heap.c:2193 (RtlAllocateHeap@12) user32.dll:32610 dialog.c:157 (DIALOG_get_info) user32.dll:3369c dialog.c:1577 (DefDlgProcA@16) user32.dll:495dc message.c:1091 (@IntCallWindowProcW@28) user32.dll:49ead message.c:2449 (User32CallWindowProcFromKernel@8) ntdll.dll:7a84 user32.dll:542c5 window.c:409 (CreateWindowExA@48) user32.dll:343bf dialog.c:925 (DIALOG_CreateIndirect) user32.dll:352c0 dialog.c:1764 (DialogBoxParamA@20) <user32_winetest.exe:2055c> <user32_winetest.exe:22065> <user32_winetest.exe:a36e6> <user32_winetest.exe:a38fb> <user32_winetest.exe:a3d95> <user32_winetest.exe:a3dde>
it faults at 0x00000004,,,....
Ros-dev mailing list Ros-dev@reactos.org http://www.reactos.org/mailman/listinfo/ros-dev