[Bug 54562] New: The 64-bit oleaut32:usrmarshal crashes in Wine

23 Feb 2023


      https://bugs.winehq.org/show_bug.cgi?id=54562
Bug ID: 54562
           Summary: The 64-bit oleaut32:usrmarshal crashes in Wine
           Product: Wine
           Version: unspecified
          Hardware: x86-64
                OS: Linux
            Status: NEW
          Severity: normal
          Priority: P2
         Component: oleaut32
          Assignee: wine-bugs@winehq.org
          Reporter: fgouget@codeweavers.com
      Distribution: ---
The 64-bit oleaut32:usrmarshal crashes in Wine:
usrmarshal.c:572: Test marked todo: Unexpected refcount 4
Unhandled exception: page fault on read access to 0xffffffffffffffff in 64-bit
code (0x00000062138b51).
[...]
Backtrace:
=>0 0x00000062138b51 LPSAFEARRAY_UserUnmarshal+0xa1(pFlags=00000000009AFA10,
Buffer=0000000000ABA614, ppsa=0000000000AE24A0)
[Z:\home\winetest\tools\testbot\var\wine\dlls\oleaut32\usrmarshal.c:1073] in
oleaut32 (0x00000000000014)
  1 0x000000621394c4 VARIANT_UserUnmarshal+0x454(pFlags=00000000009AFA10,
Buffer=0000000000ABA5D0, pvar=<internal error>)
[Z:\home\winetest\tools\testbot\var\wine\dlls\oleaut32\usrmarshal.c:575] in
oleaut32 (0x000000009af9b0)
  2 0x0000000044f9e0 in oleaut32_test (+0x4f9e0) (0x000000009af928)
  3 0x0000000045110b in oleaut32_test (+0x5110b) (0x00000000ab44b5)
  4 0x0000000050d92b in oleaut32_test (+0x10d92b) (0x00000000ab44b5)
  5 0x0000000050d187 in oleaut32_test (+0x10d187) (0000000000000000)
  6 0x0000007b6293d9 BaseThreadInitThunk+0x9(unknown=<internal error>,
entry=<internal error>, arg=<internal error>)
[Z:\home\winetest\tools\testbot\var\wine\dlls\kernel32\thread.c:61] in kernel32
(0000000000000000)
  7 0x00000170061143 __wine_pop_frame(entry=000000000050D120,
arg=00000000003F0000)
[Z:\home\winetest\tools\testbot\var\wine\include\wine\exception.h:277] in ntdll
(0000000000000000)
  8 0x00000170061143 RtlUserThreadStart+0x83(entry=[<register RSP not
accessible in this frame>, arg=[<register RSP not accessible in this frame>)
[Z:\home\winetest\tools\testbot\var\wine\dlls\ntdll\thread.c:295] in ntdll
(0000000000000000)
0x00000062138b51 LPSAFEARRAY_UserUnmarshal+0xa1
[Z:\home\winetest\tools\testbot\var\wine\dlls\oleaut32\usrmarshal.c:1073] in
oleaut32: cmpw    (%rcx),%ax
1073        if(*ppsa && (*ppsa)->cDims==wiresa->cDims)
See https://test.winehq.org/data/patterns.html#oleaut32:usrmarshal
A bisect shows that this crash started with the commit below:
commit 27665f35e4da13bac1e4dd8948a65f484c9dadfa
Author: Rémi Bernon rbernon@codeweavers.com
Date:   Sat Feb 11 09:43:30 2023 +0100
ntdll: Implement Low Fragmentation Heap frontend.
This implements the reduced fragmentation from the heap frontend, by
    carving smaller blocks out of larger allocated blocks.
The super block and each sub-block are all flagged with BLOCK_FLAG_LFH.
The super-block (struct group) uses a standard struct block header, as
    well as a list entry to be linked in free list, and a free bit map to
    track free sub-blocks.
Sub-blocks reference their super block through the base_offset, instead
    of the subheap, using the block size as radix.
-- 
Do not reply to this email, post in Bugzilla using the
above URL to reply.
You are receiving this mail because:
You are watching all bug changes.

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

2003

2002

2001

[Bug 54562] New: The 64-bit oleaut32:usrmarshal crashes in Wine