[Bug 48738] New: When running certain Batch files, my Wine cmd.exe reproducible crashes with "page fault on read access" or with "stack overflow in 32-bit code".
https://bugs.winehq.org/show_bug.cgi?id=48738 Bug ID: 48738 Summary: When running certain Batch files, my Wine cmd.exe reproducible crashes with "page fault on read access" or with "stack overflow in 32-bit code". Product: Wine Version: 5.3 Hardware: x86-64 OS: Linux Status: UNCONFIRMED Severity: normal Priority: P2 Component: cmd Assignee: wine-bugs(a)winehq.org Reporter: temp2004(a)freenet.de Distribution: --- Created attachment 66628 --> https://bugs.winehq.org/attachment.cgi?id=66628 Two batch files and the crashdump I think the problem is new since middle of last year, at least reproducible with Wine 5.2 and 5.3. Find attached two small batch files: they should set some environment variables and look for some directories, but they don't reach their end. At real Windows (also when running at VirtualBox) they work properly instead. Scenario: create a directory and store one.bat and two.bat into it. run: wineconsole one.bat If the problem occurs, Wine crashes immediately. ("wine: Unhandled page fault on read access to FFFFFFF0 at address F7D2D3AB (thread 01a8), starting debugger...") The behavior depends very much on the content of the batch files: adding commands or changing the variable's names may prevent it from crashing or may shift the crash to a different line. -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=48738 Louis Lenders <xerox.xerox2000x(a)gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |xerox.xerox2000x(a)gmail.com Status|UNCONFIRMED |NEW Keywords| |download, regression, | |source Ever confirmed|0 |1 Component|cmd |-unknown --- Comment #1 from Louis Lenders <xerox.xerox2000x(a)gmail.com> --- Confirming Works fine in an old wine-4.0 (Staging) I have lying around here, so indeed a regression. Also visible when first doing "wine cmd", and then "one.bat" @OP: Any chance you could do a regression test? Note: + relay shows this below, but trying to use native ucrtbase seems not possible anymore as wineboot fails then/depends on it 0058:Ret ucrtbase.wcschr() retval=00000000 ret=0040155e 0058:Call ucrtbase.wcschr(004250d0 L" \t,=;",00000053) ret=0040155e 0009:Ret gdi32.SetBkColor() retval=00000000 ret=7e9ceb42 0058:Ret ucrtbase.wcschr() retval=00000000 ret=0040155e 0058:Call ucrtbase.wcschr(004250d0 L" \t,=;",00000054) ret=0040155e 0058:Ret ucrtbase.wcschr() retval=00000000 ret=0040155e 0058:Call ucrtbase.wcschr(004250d0 L" \t,=;",00000020) ret=0040155e 0058:Ret ucrtbase.wcschr() retval=004250d0 ret=0040155e 0058:Call ucrtbase.wcschr(004250d0 L" \t,=;",00000020) ret=00401519 0058:Ret ucrtbase.wcschr() retval=004250d0 ret=00401519 0058:Call ucrtbase.wcschr(004250d0 L" \t,=;",00000022) ret=00401519 0058:Ret ucrtbase.wcschr() retval=00000000 ret=00401519 0058:Call ucrtbase.wcschr(004250d0 L" \t,=;",00000022) ret=0040155e 0058:Ret ucrtbase.wcschr() retval=00000000 ret=0040155e 0058:Call ucrtbase.wcschr(004250d0 L" \t,=;",00000020) ret=0040155e 0058:Ret ucrtbase.wcschr() retval=004250d0 ret=0040155e 0058:Call ucrtbase.wcschr(004250d0 L" \t,=;",00000020) ret=00401519 0058:Ret ucrtbase.wcschr() retval=004250d0 ret=00401519 0058:Call ucrtbase.wcschr(004250d0 L" \t,=;",00000028) ret=00401519 0058:Ret ucrtbase.wcschr() retval=00000000 ret=00401519 0058:Call ucrtbase.wcschr(004250d0 L" \t,=;",00000028) ret=0040155e 0058:Ret ucrtbase.wcschr() retval=00000000 ret=0040155e 0058:Call ucrtbase.memcpy(0074a388,0082b268,ff7d4d98) ret=0041ca95 0058:trace:seh:raise_exception code=c0000005 flags=0 addr=0xf7cadc50 ip=f7cadc50 tid=0058 -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=48738 Louis Lenders <xerox.xerox2000x(a)gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Component|-unknown |cmd Regression SHA1| |f238e846e701d2039eceb51f2f6 | |e9d936f8c791c CC| |bernhardu(a)mailbox.org --- Comment #2 from Louis Lenders <xerox.xerox2000x(a)gmail.com> --- (In reply to Louis Lenders from comment #1)
Confirming
Works fine in an old wine-4.0 (Staging) I have lying around here, so indeed a regression. Also visible when first doing "wine cmd", and then "one.bat"
@OP: Any chance you could do a regression test?
Had some cpu-cycles left so did it myself; Patch can still be reverted cleanly against current git regards f238e846e701d2039eceb51f2f6e9d936f8c791c is the first bad commit commit f238e846e701d2039eceb51f2f6e9d936f8c791c Author: Bernhard Übelacker <bernhardu(a)mailbox.org> Date: Tue Aug 20 17:04:58 2019 +0200 cmd.exe: Change parsing of the if command to avoid parsing the operators. -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=48738 --- Comment #3 from Bernhard Übelacker <bernhardu(a)mailbox.org> --- Created attachment 66666 --> https://bugs.winehq.org/attachment.cgi?id=66666 Attempt to fix regression in if condition parsing -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=48738 --- Comment #4 from Bernhard Übelacker <bernhardu(a)mailbox.org> --- Sorry for introducing this issue. It looks like bug #47770 is the same issue. Maybe you could check if the attached patch fixes the issue for you? -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=48738 Alistair Leslie-Hughes <leslie_alistair(a)hotmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Keywords| |patch -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=48738 --- Comment #5 from Louis Lenders <xerox.xerox2000x(a)gmail.com> --- (In reply to Bernhard Übelacker from comment #4)
Sorry for introducing this issue. It looks like bug #47770 is the same issue. Maybe you could check if the attached patch fixes the issue for you?
Hi Bernhard, The attached patch fixes the issue/bug for me (so I guess also for the original reporter of this bug). Thanks and regards -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=48738 --- Comment #6 from Bernhard Übelacker <bernhardu(a)mailbox.org> --- Thanks for testing. I submitted the patch here: https://www.winehq.org/pipermail/wine-devel/2020-March/162158.html -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=48738 Gijs Vermeulen <gijsvrm(a)gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Summary|When running certain Batch |cmd.exe crashes when |files, my Wine cmd.exe |running certain batch files |reproducible crashes with | |"page fault on read access" | |or with "stack overflow in | |32-bit code". | -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=48738 Louis Lenders <xerox.xerox2000x(a)gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Fixed by SHA1| |b1e91a36a75fd8ae27a999248aa | |034e69227bc02 Status|NEW |RESOLVED Resolution|--- |FIXED --- Comment #7 from Louis Lenders <xerox.xerox2000x(a)gmail.com> --- This works fine again after b1e91a36a75fd8ae27a999248aa034e69227bc02, no crash in current git Thanks Bernhard!! -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=48738 Alexandre Julliard <julliard(a)winehq.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |CLOSED --- Comment #8 from Alexandre Julliard <julliard(a)winehq.org> --- Closing bugs fixed in 5.8. -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=48738 Michael Stefaniuc <mstefani(a)winehq.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Target Milestone|--- |5.0.x -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=48738 Michael Stefaniuc <mstefani(a)winehq.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Target Milestone|5.0.x |--- --- Comment #9 from Michael Stefaniuc <mstefani(a)winehq.org> --- Removing the 5.0.x milestone from bug fixes included in 5.0.2. -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
participants (1)
-
WineHQ Bugzilla