[Bug 37954] Test application using old MSVC++ iostream library crashes on startup ('msvcirt.??0ostrstream@@QAE@XZ' takes one argument)

https://bugs.winehq.org/show_bug.cgi?id=37954

Anastasius Focht focht@gmx.net changed:

What |Removed |Added ---------------------------------------------------------------------------- Keywords| |download Status|UNCONFIRMED |NEW CC| |focht@gmx.net Component|-unknown |msvcirt Summary|Unhandled exception: page |Test application using old |fault on write access to |MSVC++ iostream library |0x0cf00052 in 32-bit code |crashes on startup |(0x00520d30) |('msvcirt.??0ostrstream@@QA | |E@XZ' takes one argument) Ever confirmed|0 |1

--- Comment #1 from Anastasius Focht focht@gmx.net --- Hello folks,

confirming.

Next time please put up a more meaningful summary.

Relevant part of trace log:

--- snip --- ... 0023:Call msvcirt.??0ostrstream@@QAE@XZ(0033fd8c) ret=0040100f 0023:fixme:msvcirt:MSVCIRT_ostrstream_sl_void (0x33fd8c) stub 0023:Ret msvcirt.??0ostrstream@@QAE@XZ() retval=0033fd8c ret=0040100f 0023:Call msvcirt.??1ostrstream@@UAE@XZ(0033fd90) ret=00401019 0023:fixme:msvcirt:MSVCIRT_ostrstream_sl_void (0x33fd90) stub 0023:Ret msvcirt.??1ostrstream@@UAE@XZ() retval=0033fd90 ret=00401019 0023:Call msvcirt.??1ios@@UAE@XZ(0033fd90) ret=00401023 0023:fixme:msvcirt:MSVCIRT_ios_sl_void (0x33fd90) stub 0023:Ret msvcirt.??1ios@@UAE@XZ() retval=0033fd90 ret=00401023 0023:trace:seh:raise_exception code=c0000005 flags=0 addr=0x405000 ip=00405000 tid=0023 0023:trace:seh:raise_exception info[0]=00000001 0023:trace:seh:raise_exception info[1]=00000000 0023:trace:seh:raise_exception eax=00000000 ebx=7b8bf000 ecx=0033fd90 edx=7bceec48 esi=0033feb0 edi=00000000 0023:trace:seh:raise_exception ebp=0033fe20 esp=0033fde4 cs=0023 ds=002b es=002b fs=0063 gs=006b flags=00010212 ... Backtrace: =>0 0x00405000 in test1 (+0x5000) (0x0033fe20) 1 0x7b864ff8 call_process_entry+0xb() in kernel32 (0x0033fe38) ... --- snip ---

The stack gets imbalanced by the first ctor stub, resulting in later crash when leaving 'main'.

Code of test app:

--- snip --- Wine-dbg>disas

0x00401000: subl $88,%esp 0x00401003: leal 0x0(%esp),%ecx ; this 0x00401007: pushl $0x1 ; unknown arg to ctor? 0x00401009: call *0x404090 -> 0x7eff37d4 __thiscall_MSVCIRT_ostrstream_sl_void in msvcirt 0x0040100f: leal 0x8(%esp),%ecx 0x00401013: call *0x404094 -> 0x7eff37d4 __thiscall_MSVCIRT_ostrstream_sl_void in msvcirt 0x00401019: leal 0x8(%esp),%ecx 0x0040101d: call *0x404098 -> 0x7eff3758 __thiscall_MSVCIRT_ios_sl_void in msvcirt 0x00401023: xorl %eax,%eax 0x00401025: addl $88,%esp 0x00401028: ret --- snip --

It seems the MSVC++ 6 compiler generated code which passes an additional argument to 'ostrstream::ostrstream()' ctor.

Regards