http://bugs.winehq.org/show_bug.cgi?id=29552 Anastasius Focht <focht(a)gmx.net> changed: What |Removed |Added ---------------------------------------------------------------------------- Component|build-env |shell32 --- Comment #3 from Anastasius Focht <focht(a)gmx.net> 2012-01-07 14:15:41 CST --- Hello GyB, --- quote --- The crash occurs with the default -O2. --- quote --- Ok, I was building with default compiler settings but not Fedora distribution compiler flags ("rpm --eval %{optflags}" -> "-g -O2") hence I didn't get the crash. The optimization level leads to different stack usage/local variable values so "-fomit-frame-pointer" actually hides another bug. The problem is hidden in shell32 get_known_folder_path_by_id() The installer calls IKnownFolder::GetPath() but doesn't initialize the out parameter explicitly (lives on stack some frames up). Depending on previous calls stack usage there is a chance to encounter garbage. It looks for game tasks folder using IKnownFolderManager as part of gameux registration. "C:\users\Public\Microsoft\Windows\GameExplorer" doesn't exist in clean WINEPREFIX. --- snip --- Wine-dbg>bt Backtrace: =>0 0x739da051 SHGetFolderPathAndSubDirW+0x5e1(hwndOwner=(nil), nFolder=0x58, hToken=0x0(nil), dwFlags=0, pszSubPath=0x0(nil), pszPath="C:\users\Public\Microsoft\Windows\GameExplorer") [/home/focht/projects/wine/wine-git/dlls/shell32/shellpath.c:2252] in shell32 (0x00f5e384) 1 0x739da8f1 SHGetFolderPathW+0x40(hwndOwner=(nil), nFolder=0x58, hToken=0x0(nil), dwFlags=0, pszPath="C:\users\Public\Microsoft\Windows\GameExplorer") [/home/focht/projects/wine/wine-git/dlls/shell32/shellpath.c:2086] in shell32 (0x00f5e3b4) 2 0x739dcb71 SHGetKnownFolderPath+0x1d0(rfid=0x168218, flags=0, token=0x0(nil), path=0xf5e760) [/home/focht/projects/wine/wine-git/dlls/shell32/shellpath.c:3033] in shell32 (0x00f5e624) 3 0x739dcd9b get_known_folder_path_by_id+0x18a(folderId=0x168218, lpRegistryPath=<internal error>, dwFlags=0, ppszPath=0xf5e760) [/home/focht/projects/wine/wine-git/dlls/shell32/shellpath.c:3511] in shell32 (0x00f5e6d4) 4 0x739dd67a knownfolder_GetPath+0x79(iface=0x168210, dwFlags=0, ppszPath=0xf5e760) [/home/focht/projects/wine/wine-git/dlls/shell32/shellpath.c:3534] in shell32 (0x00f5e724) 5 0x00f6625a in games (+0x6259) (0x00f5e774) --- snip --- Because of this, the out parameter is never allocated/copied to. Source: http://source.winehq.org/git/wine.git/blob/a603e9871e21888216672003e2455dfac... If there was any regression it would be this commit: http://source.winehq.org/git/wine.git/commitdiff/08186a9c26e954aea26ad0129ca... which dereferenced "ppszPath" out parameter without looking at HRESULT value (from SHGetKnownFolderPath -> SHGetFolderPathW ...). Regards -- Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email Do not reply to this email, post in Bugzilla using the above URL to reply. ------- You are receiving this mail because: ------- You are watching all bug changes.