http://bugs.winehq.org/show_bug.cgi?id=26678
Summary: wine beebem.exe crashes in RtlEnterCriticalSection+0x17 with page fault on read access Product: Wine Version: 1.0.1 Platform: x86 OS/Version: Linux Status: UNCONFIRMED Severity: normal Priority: P2 Component: -unknown AssignedTo: wine-bugs@winehq.org ReportedBy: agents@andrewpetermarlow.co.uk
Created an attachment (id=33975) --> (http://bugs.winehq.org/attachment.cgi?id=33975) A dump of all output including register dump, stack dump and backtrace.
beebem is the BBC Micro emulator. When I run it using wine it gives the following error as it crashes:
wine: Unhandled page fault on read access to 0x00000034 at address 0x7bc33647 (thread 0009), starting debugger... Unhandled exception: page fault on read access to 0x00000034 in 32-bit code (0x7bc33647). Register dump: CS:0073 SS:007b DS:007b ES:007b FS:0033 GS:003b EIP:7bc33647 ESP:0032fbf4 EBP:0032fc1c EFLAGS:00210206( - 00 - RIP1) EAX:00000020 EBX:7bc89444 ECX:00436f60 EDX:0000c98a ESI:00000020 EDI:0000fe00
The full log is in the attachment.
This happened when running on Debian 6 (squeeze) with the 1.0.1 version of wine installed by the synaptic package manager.
Regards,
Andrew Marlow
http://bugs.winehq.org/show_bug.cgi?id=26678
--- Comment #1 from Andrew Nguyen arethusa26@gmail.com 2011-04-07 04:43:10 CDT --- Please retest with a newer version of Wine, preferably the latest development version (1.3.17). Is there an available download for the application?
http://bugs.winehq.org/show_bug.cgi?id=26678
Dmitry Timoshkov dmitry@codeweavers.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Summary|wine beebem.exe crashes in |BBC Micro emulator crashes |RtlEnterCriticalSection+0x1 | |7 with page fault on read | |access |
http://bugs.winehq.org/show_bug.cgi?id=26678
--- Comment #2 from Andrew Marlow agents@andrewpetermarlow.co.uk 2011-04-07 06:31:26 CDT --- (In reply to comment #1)
Please retest with a newer version of Wine, preferably the latest development version (1.3.17). Is there an available download for the application?
I tried with the latest official package and it gave the same error. So I built version 1.3.17 from source. It too gave a page fault error but with different dumps and traceback.
-Andrew Marlow
http://bugs.winehq.org/show_bug.cgi?id=26678
--- Comment #3 from Andrew Marlow agents@andrewpetermarlow.co.uk 2011-04-07 06:33:31 CDT --- Created an attachment (id=33978) --> (http://bugs.winehq.org/attachment.cgi?id=33978) dumps and stack trace for page fault error running beebem under wine 1.3.17
The attachment errors3.txt is a dump of all output from running the command: wine beebem.exe with version 1.3.17 of wine.
http://bugs.winehq.org/show_bug.cgi?id=26678
Anastasius Focht focht@gmx.net changed:
What |Removed |Added ---------------------------------------------------------------------------- Keywords| |download, source URL| |http://bbc.nvg.org/emul/Bee | |bEm/BeebEm141.zip CC| |focht@gmx.net
--- Comment #4 from Anastasius Focht focht@gmx.net 2011-04-07 14:55:54 CDT --- Hello,
the zip archive from download link contains the source and a prebuilt binary showing similar crash. Using relay trace and the source (use the source, Luke!) one can deduce the possible cause of crash.
The code quality is pretty bad ... you get sick 8-|
Relevant source snippets:
--- snip video.cpp --- void VideoInit(void) { ... crtclog=fopen("/crtc.log","wb"); }; /* VideoInit */
... void CRTCWrite(int Address, int Value) { ... case 5: CRTC_VerticalTotalAdjust=Value; fprintf(crtclog,"Vertical Total Adjust: %d\n",Value); AdjustVideo(); break; ... --- snip video.cpp ---
The source references CRT stuff but the prebuilt binary doesn't call corresponding CRT functions so it seems CRT was statically linked.
Relay trace (I removes various interleaving trace messages due to multithreaded nature of app):
--- snip --- 0028:Call KERNEL32.CreateFileA(00436c04 "/crtc.log",40000000,00000003,0032fbd0,00000002,00000080,00000000) ret=0042c849 0028:Ret KERNEL32.CreateFileA() retval=ffffffff ret=0042c849 0028:Call KERNEL32.GetLastError() ret=0042c855 0028:Ret KERNEL32.GetLastError() retval=00000005 ret=0042c855 ... 0028:trace:seh:raise_exception code=c0000005 flags=0 addr=0x7bc34bee ip=7bc34bee tid=0028 0028:trace:seh:raise_exception info[0]=00000000 0028:trace:seh:raise_exception info[1]=00000034 0028:trace:seh:raise_exception eax=00000020 ebx=7bca8ff4 ecx=00436f60 edx=0000c98a esi=00000000 edi=0000fe00 0028:trace:seh:raise_exception ebp=0032fb74 esp=0032fb4c cs=0073 ds=007b es=007b fs=0033 gs=003b flags=00010212 0028:trace:seh:call_vectored_handlers calling handler at 0x68d816b6 code=c0000005 flags=0 0028:trace:seh:call_vectored_handlers handler at 0x68d816b6 returned 0 0028:trace:seh:call_stack_handlers calling handler at 0x42b4f4 code=c0000005 flags=0 0028:Call KERNEL32.GetLastError() ret=004287f0 0028:Ret KERNEL32.GetLastError() retval=00000000 ret=004287f0 0028:Call KERNEL32.UnhandledExceptionFilter(0032f630) ret=0042b01b 0028:Call KERNEL32.IsBadCodePtr(68cabfa0) ret=0042de25 0028:Ret KERNEL32.IsBadCodePtr() retval=00000000 ret=0042de25 ... wine: Unhandled page fault on read access to 0x00000034 at address 0x7bc34bee (thread 0028), starting debugger... ... =>0 0x7bc34bee RtlEnterCriticalSection+0x15(crit=0x20) [/opt/projects/wine/wine-git/dlls/ntdll/critsection.c:521] in ntdll (0x0032fb74) 1 0x00424ba9 in beebem (+0x24ba8) (0x0032fbb0) 2 0x00407f84 in beebem (+0x7f83) (0x0032fbcc) 3 0x004040f2 in beebem (+0x40f1) (0x0032fda4) 4 0x004171e3 in beebem (+0x171e2) (0x0032fdd4) 5 0x0042601a in beebem (+0x26019) (0x0032fe60) ... --- snip ---
The log file path "/crtc.log" is invalid letting the initial fopen() fail, returning NULL FILE*. The call to fprintf() is done with NULL FILE*/crtclog resulting in garbage pointer offset (while trying to lock FILE).
It is very likely that this app crashes in Windows too - because of that invalid log file path - making the bug invalid. Someone should verify by running the app from download link on Windows machine.
Regards
http://bugs.winehq.org/show_bug.cgi?id=26678
--- Comment #5 from Andrew Nguyen arethusa26@gmail.com 2011-04-08 07:42:47 CDT --- (In reply to comment #4)
The log file path "/crtc.log" is invalid letting the initial fopen() fail, returning NULL FILE*. The call to fprintf() is done with NULL FILE*/crtclog resulting in garbage pointer offset (while trying to lock FILE).
It is very likely that this app crashes in Windows too - because of that invalid log file path - making the bug invalid. Someone should verify by running the app from download link on Windows machine.
Regards
Well, the path is seriously questionable, but Windows does happily create the log file, presumably by interpreting it relative to the current working drive. The real problem is that Wine interprets the path as a Unix path and tries to create the file in the root directory of the filesystem, as the last error of CreateFile suggests. I think there's an open bug for this somewhere.
http://bugs.winehq.org/show_bug.cgi?id=26678
--- Comment #6 from Austin English austinenglish@gmail.com 2013-09-19 22:25:36 CDT --- Still in wine-1.7.2-106-g7f859e5
http://bugs.winehq.org/show_bug.cgi?id=26678
Anastasius Focht focht@gmx.net changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|UNCONFIRMED |NEW URL|http://bbc.nvg.org/emul/Bee |http://antiquesilicon.com/w |bEm/BeebEm141.zip |p-content/library/bbc.nvg.o | |rg/bbc/emul/BeebEm/BeebEm14 | |1.zip Component|-unknown |ntdll Summary|BBC Micro emulator crashes |BBC Micro emulator v1.4 | |crashes on startup | |(path/filespec with leading | |(back)slash not considered | |valid) Ever confirmed|0 |1
--- Comment #7 from Anastasius Focht focht@gmx.net --- Hello folks,
revisiting, still present.
$ sha1sum BeebEm141.zip bac2ddf7f2f0ca8885d707369ed93f2cc3d130d8 BeebEm141.zip
$ du -sh BeebEm141.zip 664K BeebEm141.zip
$ wine --version wine-1.7.23-33-gc654b7b
Regards
http://bugs.winehq.org/show_bug.cgi?id=26678
Anastasius Focht focht@gmx.net changed:
What |Removed |Added ---------------------------------------------------------------------------- Summary|BBC Micro emulator v1.4 |BBC Micro emulator v1.4 |crashes on startup |crashes on startup |(path/filespec with leading |(path/filespec with leading |(back)slash not considered |(back)slash must be |valid) |interpreted as relative to | |current working drive)
--- Comment #8 from Anastasius Focht focht@gmx.net --- Hello folks again,
changing the summary to state the expected result (not the current behaviour).
Regards
https://bugs.winehq.org/show_bug.cgi?id=26678
super_man@post.com changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |super_man@post.com
--- Comment #9 from super_man@post.com --- I used this download link since the url field doesnt open for me.
ftp://ftp.nvg.org/pub/bbc/emul/BeebEm/BeebEm141.zip
The file that needs to be modified can be found
dlls / kernel32 / file.c
function createfilea.
There is no checking of filenames. Basically it just needs some string compare and replace.
still valid 1.9.5
https://bugs.winehq.org/show_bug.cgi?id=26678
winetest@luukku.com changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |winetest@luukku.com
--- Comment #10 from winetest@luukku.com --- Still valid 1.9.21
https://bugs.winehq.org/show_bug.cgi?id=26678
joaopa jeremielapuree@yahoo.fr changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |jeremielapuree@yahoo.fr
--- Comment #11 from joaopa jeremielapuree@yahoo.fr --- Bug still occurs with wine-5.0-rc1.
https://bugs.winehq.org/show_bug.cgi?id=26678
Anastasius Focht focht@gmx.net changed:
What |Removed |Added ---------------------------------------------------------------------------- URL|http://antiquesilicon.com/w |https://web.archive.org/web |p-content/library/bbc.nvg.o |/20170316025654/http://arch |rg/bbc/emul/BeebEm/BeebEm14 |ive.retro-kit.co.uk/bbc.nvg |1.zip |.org/emul/BeebEm/BeebEm141. | |zip
https://bugs.winehq.org/show_bug.cgi?id=26678
--- Comment #12 from joaopa jeremielapuree@yahoo.fr --- Bug still occurs with wine-8.7.