[Bug 19160] New: Orly's Draw-A-Story demo crashes on startup
http://bugs.winehq.org/show_bug.cgi?id=19160 Summary: Orly's Draw-A-Story demo crashes on startup Product: Wine Version: 1.1.24 Platform: PC URL: http://www.tjande.com/orly/orlydemo.zip OS/Version: Linux Status: UNCONFIRMED Severity: normal Priority: P2 Component: gdi32 AssignedTo: wine-bugs(a)winehq.org ReportedBy: arethusa26(a)gmail.com Created an attachment (id=22147) --> (http://bugs.winehq.org/attachment.cgi?id=22147) Orly's Draw-A-Story demo backtrace With today's Git (wine-1.1.24-537-gfb0275d), when attempting to start the Orly's Draw-A-Story demo, the application immediately crashes in CreateDCA instead of starting as expected. A backtrace is attached. -- Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email Do not reply to this email, post in Bugzilla using the above URL to reply. ------- You are receiving this mail because: ------- You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=19160 Andrew Nguyen <arethusa26(a)gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Keywords| |download -- Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email Do not reply to this email, post in Bugzilla using the above URL to reply. ------- You are receiving this mail because: ------- You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=19160 Nikolay Sivov <bunglehead(a)gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|UNCONFIRMED |NEW Ever Confirmed|0 |1 --- Comment #1 from Nikolay Sivov <bunglehead(a)gmail.com> 2009-07-03 03:57:51 --- (In reply to comment #0)
Created an attachment (id=22147) --> (http://bugs.winehq.org/attachment.cgi?id=22147) [details] Orly's Draw-A-Story demo backtrace
With today's Git (wine-1.1.24-537-gfb0275d), when attempting to start the Orly's Draw-A-Story demo, the application immediately crashes in CreateDCA instead of starting as expected. A backtrace is attached.
I can confirm this. I've tried with same version, backtrace is identical. -- Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email Do not reply to this email, post in Bugzilla using the above URL to reply. ------- You are receiving this mail because: ------- You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=19160 Dmitry Timoshkov <dmitry(a)codeweavers.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Keywords| |win16 -- Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email Do not reply to this email, post in Bugzilla using the above URL to reply. ------- You are receiving this mail because: ------- You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=19160 --- Comment #2 from Trygve Vea <trygve.vea(a)gmail.com> 2011-01-09 12:29:59 CST --- Created an attachment (id=32789) --> (http://bugs.winehq.org/attachment.cgi?id=32789) WINEDEBUG=+seh,+relay Still crashing in wine 1.3.11. Different backtrace. -- Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email Do not reply to this email, post in Bugzilla using the above URL to reply. ------- You are receiving this mail because: ------- You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=19160 Sylvain Petreolle <spetreolle(a)yahoo.fr> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |spetreolle(a)yahoo.fr -- Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email Do not reply to this email, post in Bugzilla using the above URL to reply. ------- You are receiving this mail because: ------- You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=19160 --- Comment #3 from Sylvain Petreolle <spetreolle(a)yahoo.fr> 2012-02-19 16:15:57 CST --- Looks like bug 19508. -- Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email Do not reply to this email, post in Bugzilla using the above URL to reply. ------- You are receiving this mail because: ------- You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=19160 --- Comment #4 from Austin English <austinenglish(a)gmail.com> --- Backtrace: =>0 0xf74f0fcf in libc.so.6 (+0x132fcf) (0x0086e518) 1 0x7ebf447a GdiConvertToDevmodeW+0x149(dmA=<couldn't compute location>) [/home/austin/wine-git/dlls/gdi32/driver.c:848] in gdi32 (0x0086e518) 2 0x7ebc43ee CreateDCA+0xbd(driver=<couldn't compute location>, device=<couldn't compute location>, output=<couldn't compute location>, initData=<couldn't compute location>) [/home/austin/wine-git/dlls/gdi32/dc.c:700] in gdi32 (0x0086e588) 3 0x7e880c51 CreateDC16+0x30(driver=<couldn't compute location>, device=<couldn't compute location>, output=<couldn't compute location>, initData=<couldn't compute location>) [/home/austin/wine-git/dlls/gdi.exe16/gdi.c:1175] in gdi.exe16 (0x0086e5b8) 4 0x7e87bbcb in gdi.exe16 (+0xbbca) (0x0086e5e8) 5 0x7ea82ca6 __wine_call_from_16+0x75() in krnl386.exe16 (0x0086e618) still in wine-1.7.20-33-g3ccaad8 -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=19160 super_man(a)post.com changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |super_man(a)post.com --- Comment #5 from super_man(a)post.com --- Backtrace: =>0 0xf751e19a in libc.so.6 (+0x12e19a) (0x0086e518) 1 0x7ea43000 _DYNAMIC+0x11f() in gdi32 (0x0086e518) wine 1.7.49 -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=19160 joaopa <jeremielapuree(a)yahoo.fr> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |jeremielapuree(a)yahoo.fr --- Comment #6 from joaopa <jeremielapuree(a)yahoo.fr> --- Here is a backtrace with the current git Unhandled exception: page fault on read access to 0x00936d7c in 32-bit code (0xf744cf83). Register dump: CS:0023 SS:002b DS:002b ES:002b FS:0063 GS:006b EIP:f744cf83 ESP:0086e4e8 EBP:0086e538 EFLAGS:00210287( R- -- I S - -P-C) EAX:00927a8c EBX:f74da000 ECX:0000f300 EDX:0018c264 ESI:0018c264 EDI:00000034 Stack dump: 0x0086e4e8: 7eb8d000 7eb22945 0018c264 00927a8c 0x0086e4f8: 0000f300 f7533e8a f76cd000 7eb648a6 0x0086e508: 0086e548 0000009c 0018c188 00dc0006 0x0086e518: 009279f0 0018c188 0000198f 7eb22806 0x0086e528: 0086e550 7eb8d000 00000000 0086e574 0x0086e538: 0086e5a8 7eaf2bae 00000000 0086e574 Backtrace: =>0 0xf744cf83 in libc.so.6 (+0x129f83) (0x0086e538) 1 0x7eb22945 GdiConvertToDevmodeW+0x154(dmA=<couldn't compute location>) [/home/david/wine/dlls/gdi32/driver.c:849] in gdi32 (0x0086e538) 2 0x7eaf2bae CreateDCA+0xbd(driver=<couldn't compute location>, device=<couldn't compute location>, output=<couldn't compute location>, initData=<couldn't compute location>) [/home/david/wine/dlls/gdi32/dc.c:700] in gdi32 (0x0086e5a8) 3 0x7e64d881 CreateDC16+0x20(driver=<couldn't compute location>, device=<couldn't compute location>, output=<couldn't compute location>, initData=<couldn't compute location>) [/home/david/wine/dlls/gdi.exe16/gdi.c:1175] in gdi.exe16 (0x0086e5d8) 4 0x7e648c53 deregister_tm_clones+0x2d2() in gdi.exe16 (0x0086e608) 5 0x7e9b2e4e __wine_call_from_16+0x75() in krnl386.exe16 (0x0086e638) -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=19160 --- Comment #7 from Dmitry Timoshkov <dmitry(a)baikal.ru> --- Created attachment 52081 --> https://bugs.winehq.org/attachment.cgi?id=52081 patch Attached patch fixes particular crash in CreateDC16 due to huge (not initialized dmDriverExtra) field. Application still crashes, but in a different place. -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=19160 Dmitry Timoshkov <dmitry(a)baikal.ru> changed: What |Removed |Added ---------------------------------------------------------------------------- Summary|Orly's Draw-A-Story demo |Orly's Draw-A-Story demo |crashes on startup |crashes on startup | |(dmDriverExtra is not | |initialized) -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=19160 --- Comment #8 from Dmitry Timoshkov <dmitry(a)baikal.ru> --- (In reply to Dmitry Timoshkov from comment #7)
Created attachment 52081 [details] patch
Attached patch fixes particular crash in CreateDC16 due to huge (not initialized dmDriverExtra) field. Application still crashes, but in a different place.
It's worth to note that it's almost impossible to test whether it's correct to modify dmDriverExtra in the application provided buffer, since the target app is 16-bit and the test has to be 16-bit as well. -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=19160 Sebastian Lackner <sebastian(a)fds-team.de> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |sebastian(a)fds-team.de --- Comment #9 from Sebastian Lackner <sebastian(a)fds-team.de> --- (In reply to Dmitry Timoshkov from comment #8)
(In reply to Dmitry Timoshkov from comment #7)
Created attachment 52081 [details] patch
Attached patch fixes particular crash in CreateDC16 due to huge (not initialized dmDriverExtra) field. Application still crashes, but in a different place.
It's worth to note that it's almost impossible to test whether it's correct to modify dmDriverExtra in the application provided buffer, since the target app is 16-bit and the test has to be 16-bit as well.
Did you check if the ->Size field contains a valid value? If it also contains some unusual value, Wine should probably ignore the whole struct. -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=19160 --- Comment #10 from Dmitry Timoshkov <dmitry(a)baikal.ru> --- (In reply to Sebastian Lackner from comment #9)
Did you check if the ->Size field contains a valid value? If it also contains some unusual value, Wine should probably ignore the whole struct.
err:gdi:CreateDC16 dmSize 1209, dmDriverExtra 62208, sizeof(DEVMODEA) 156 All values are in decimal. So, it seems you are right, and dmSize is way too large. But that doesn't mean that whole DEVMODE should be ignored because of that, in win16 days is wasn't unusual to leave some fields not initialized. On the other hand the driver being requested is "DIRDIB" and CreateDC() would fail anyway since it doesn't exist, and ignoring the passed in DEVMODE woudln't change much. -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=19160 --- Comment #11 from super_man(a)post.com --- Still fails wine 1.9.9 and staging 1.9.8 -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=19160 winetest(a)luukku.com changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |winetest(a)luukku.com --- Comment #12 from winetest(a)luukku.com --- As expected still crashes wine 2.11 and staging 2.10. I don't know for what reason staging gives a totally different output. Just wine gives the same or very similar than here before. -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
participants (1)
-
wine-bugs@winehq.org