[Bug 37954] New: Unhandled exception: page fault on write access to 0x0cf00052 in 32-bit code (0x00520d30)
https://bugs.winehq.org/show_bug.cgi?id=37954 Bug ID: 37954 Summary: Unhandled exception: page fault on write access to 0x0cf00052 in 32-bit code (0x00520d30) Product: Wine Version: 1.7.34 Hardware: x86 OS: Linux Status: UNCONFIRMED Severity: normal Priority: P2 Component: -unknown Assignee: wine-bugs(a)winehq.org Reporter: anonymous.maarten(a)gmail.com Distribution: --- Created attachment 50563 --> https://bugs.winehq.org/attachment.cgi?id=50563 Visual Studio 6 project, binary and wine output log Hey, While trying to implement msvcirt.dll, I stumbled upon a write to a null pointer. The source of the binary is (compiled on Visual Studio 6.0, with option \MT and _MT and _DLL defined) see https://msdn.microsoft.com/en-us/library/aa272081(v=vs.60).aspx #include <strstrea.h> int main() { ostrstream oss; return 0; } The Visual Studio project, binary and console output are bundled in the attached tar. The error is: wine: Unhandled page fault on write access to 0x00000000 at address 0x405000 (thread 000 9), starting debugger... Unhandled exception: page fault on write access to 0x00000000 in 32-bit code (0x00405000 ). In current git all functions called in mscvirt are stubs. I believe that this should not cause a null pointer access. -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=37954 Anastasius Focht <focht(a)gmx.net> changed: What |Removed |Added ---------------------------------------------------------------------------- Keywords| |download Status|UNCONFIRMED |NEW CC| |focht(a)gmx.net Component|-unknown |msvcirt Summary|Unhandled exception: page |Test application using old |fault on write access to |MSVC++ iostream library |0x0cf00052 in 32-bit code |crashes on startup |(0x00520d30) |('msvcirt.??0ostrstream@@QA | |E(a)XZ' takes one argument) Ever confirmed|0 |1 --- Comment #1 from Anastasius Focht <focht(a)gmx.net> --- Hello folks, confirming. Next time please put up a more meaningful summary. Relevant part of trace log: --- snip --- ... 0023:Call msvcirt.??0ostrstream@@QAE(a)XZ(0033fd8c) ret=0040100f 0023:fixme:msvcirt:MSVCIRT_ostrstream_sl_void (0x33fd8c) stub 0023:Ret msvcirt.??0ostrstream@@QAE(a)XZ() retval=0033fd8c ret=0040100f 0023:Call msvcirt.??1ostrstream@@UAE(a)XZ(0033fd90) ret=00401019 0023:fixme:msvcirt:MSVCIRT_ostrstream_sl_void (0x33fd90) stub 0023:Ret msvcirt.??1ostrstream@@UAE(a)XZ() retval=0033fd90 ret=00401019 0023:Call msvcirt.??1ios@@UAE(a)XZ(0033fd90) ret=00401023 0023:fixme:msvcirt:MSVCIRT_ios_sl_void (0x33fd90) stub 0023:Ret msvcirt.??1ios@@UAE(a)XZ() retval=0033fd90 ret=00401023 0023:trace:seh:raise_exception code=c0000005 flags=0 addr=0x405000 ip=00405000 tid=0023 0023:trace:seh:raise_exception info[0]=00000001 0023:trace:seh:raise_exception info[1]=00000000 0023:trace:seh:raise_exception eax=00000000 ebx=7b8bf000 ecx=0033fd90 edx=7bceec48 esi=0033feb0 edi=00000000 0023:trace:seh:raise_exception ebp=0033fe20 esp=0033fde4 cs=0023 ds=002b es=002b fs=0063 gs=006b flags=00010212 ... Backtrace: =>0 0x00405000 in test1 (+0x5000) (0x0033fe20) 1 0x7b864ff8 call_process_entry+0xb() in kernel32 (0x0033fe38) ... --- snip --- The stack gets imbalanced by the first ctor stub, resulting in later crash when leaving 'main'. Code of test app: --- snip --- Wine-dbg>disas 0x00401000: subl $88,%esp 0x00401003: leal 0x0(%esp),%ecx ; this 0x00401007: pushl $0x1 ; unknown arg to ctor? 0x00401009: call *0x404090 -> 0x7eff37d4 __thiscall_MSVCIRT_ostrstream_sl_void in msvcirt 0x0040100f: leal 0x8(%esp),%ecx 0x00401013: call *0x404094 -> 0x7eff37d4 __thiscall_MSVCIRT_ostrstream_sl_void in msvcirt 0x00401019: leal 0x8(%esp),%ecx 0x0040101d: call *0x404098 -> 0x7eff3758 __thiscall_MSVCIRT_ios_sl_void in msvcirt 0x00401023: xorl %eax,%eax 0x00401025: addl $88,%esp 0x00401028: ret --- snip -- It seems the MSVC++ 6 compiler generated code which passes an additional argument to 'ostrstream::ostrstream()' ctor. Regards -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=37954 Austin English <austinenglish(a)gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Keywords| |testcase -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=37954 Nikolay Sivov <bunglehead(a)gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Fixed by SHA1| |9249f393c25cb4dc18869483472 | |e9d135dba351f Resolution|--- |FIXED --- Comment #2 from Nikolay Sivov <bunglehead(a)gmail.com> --- This actually looks fixed, http://source.winehq.org/git/wine.git/commit/9249f393c25cb4dc18869483472e9d1.... -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=37954 Alexandre Julliard <julliard(a)winehq.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |CLOSED --- Comment #3 from Alexandre Julliard <julliard(a)winehq.org> --- Closing bugs fixed in 1.9.17. -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
participants (1)
-
wine-bugs@winehq.org