http://bugs.winehq.org/show_bug.cgi?id=10347
Summary: Action Replay Code Manager crashes on start up Product: Wine Version: 0.9.48. Platform: Other OS/Version: other Status: UNCONFIRMED Severity: normal Priority: P2 Component: wine-misc AssignedTo: wine-bugs@winehq.org ReportedBy: echidnaman@gmail.com
After executing, one is greeted with a nice crash. Crash log included.
http://bugs.winehq.org/show_bug.cgi?id=10347
--- Comment #1 from Jonathan echidnaman@gmail.com 2007-11-07 13:53:36 --- Created an attachment (id=9016) --> (http://bugs.winehq.org/attachment.cgi?id=9016) Crash log
http://bugs.winehq.org/show_bug.cgi?id=10347
--- Comment #2 from Lei Zhang thestig@google.com 2007-11-07 19:27:36 --- The attached log does not have debugging symbols. Please run your program with a copy of Wine that has debugging symbols and attach the output.
http://bugs.winehq.org/show_bug.cgi?id=10347
--- Comment #3 from Jonathan echidnaman@gmail.com 2007-11-07 19:40:13 --- How would I go about obtaining a copy of Wine with debugging symbols?
http://bugs.winehq.org/show_bug.cgi?id=10347
--- Comment #4 from Lei Zhang thestig@google.com 2007-11-07 20:05:16 --- You probably need to compile your own copy of wine.
http://bugs.winehq.org/show_bug.cgi?id=10347
--- Comment #5 from Austin English austinenglish@gmail.com 2007-11-08 01:52:37 --- On some distributions, the wine-dev package installs them. Of course, compiling wine yourself will also give you them.
http://bugs.winehq.org/show_bug.cgi?id=10347
Jonathan echidnaman@gmail.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Attachment #9016 is|0 |1 obsolete| |
--- Comment #6 from Jonathan echidnaman@gmail.com 2007-11-08 08:55:59 --- Created an attachment (id=9031) --> (http://bugs.winehq.org/attachment.cgi?id=9031) Better(?) crash log
Is this better?
http://bugs.winehq.org/show_bug.cgi?id=10347
--- Comment #7 from Austin English austinenglish@gmail.com 2007-11-08 11:59:11 --- Are you running this from a windows partition? If so, this bug is invalid, please install it in wine before reporting bugs.
http://bugs.winehq.org/show_bug.cgi?id=10347
Jonathan echidnaman@gmail.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Attachment #9031 is|0 |1 obsolete| |
--- Comment #8 from Jonathan echidnaman@gmail.com 2007-11-08 14:03:02 --- Created an attachment (id=9034) --> (http://bugs.winehq.org/attachment.cgi?id=9034) Better-er crash log
Ah, terribly sorry. I had it installed both places, but I accidentally ran the executable from my Windows drive. Here's the crash log I get when running it from the Wine install.
http://bugs.winehq.org/show_bug.cgi?id=10347
Jonathan echidnaman@gmail.com changed:
What |Removed |Added ---------------------------------------------------------------------------- OS/Version|other |Linux Platform|Other |PC
http://bugs.winehq.org/show_bug.cgi?id=10347
--- Comment #9 from Not That Stupid famlee@juno.com 2008-05-27 14:33:18 --- Created an attachment (id=13409) --> (http://bugs.winehq.org/attachment.cgi?id=13409) This is a backtrace log of the Action Replay Code Manager.
Version of wine = 1.0rc2
http://bugs.winehq.org/show_bug.cgi?id=10347
Not That Stupid famlee@juno.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|UNCONFIRMED |NEW Ever Confirmed|0 |1
--- Comment #10 from Not That Stupid famlee@juno.com 2008-05-27 14:39:06 --- *** This bug has been confirmed by popular vote. ***
http://bugs.winehq.org/show_bug.cgi?id=10347
Louis Lenders xerox_xerox2000@yahoo.co.uk changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |xerox_xerox2000@yahoo.co.uk
--- Comment #11 from Louis Lenders xerox_xerox2000@yahoo.co.uk 2008-05-27 14:42:27 --- So does 'wget http://kegel.com/wine/winetricks && sh winetricks cc580' work around the crash?
http://bugs.winehq.org/show_bug.cgi?id=10347
--- Comment #12 from Jonathan echidnaman@gmail.com 2008-05-27 15:18:10 --- Yes, the winetricks workaround (which I assume is just native comctl?) works around the issue quite successfully.
The application doesn't appear until you hit crtl + c in the console. Then it displays an "Out of Memory" popup. After this the program runs normally. But this should be filed as another bug...
http://bugs.winehq.org/show_bug.cgi?id=10347
Louis Lenders xerox_xerox2000@yahoo.co.uk changed:
What |Removed |Added ---------------------------------------------------------------------------- Component|-unknown |comctl32
http://bugs.winehq.org/show_bug.cgi?id=10347
Mikolaj Zalewski mikolaj.zalewski@gmail.com changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |mikolaj.zalewski@gmail.com
--- Comment #13 from Mikolaj Zalewski mikolaj.zalewski@gmail.com 2008-07-07 05:35:14 --- Is this program (or a demo of it) available for download somewhere?
http://bugs.winehq.org/show_bug.cgi?id=10347
--- Comment #14 from Mikolaj Zalewski mikolaj.zalewski@gmail.com 2008-07-24 11:38:45 --- Created an attachment (id=15024) --> (http://bugs.winehq.org/attachment.cgi?id=15024) patch
I've received more information and it seems the app is sending some garbage as the parameter in TTM_ADDTOOLW. The attached patch filters such messages making the app start. I couldn't find in the message log or relay log something that would suggest this is a bug elsewhere, so probably such a patch needs to be added. I would need to write a test for it.
http://bugs.winehq.org/show_bug.cgi?id=10347
Austin English austinenglish@gmail.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Keywords| |patch
http://bugs.winehq.org/show_bug.cgi?id=10347
--- Comment #15 from Andrew Nguyen arethusa26@gmail.com 2009-07-16 14:40:24 --- Created an attachment (id=22402) --> (http://bugs.winehq.org/attachment.cgi?id=22402) Action Replay Code Manager backtrace
The issue still persists in wine-1.1.25-487-gf59a309. A more readable backtrace is attached, and the application can be obtained from http://us.codejunkies.com/nds_actionreplay/SetupUS1_05.exe for testing.
http://bugs.winehq.org/show_bug.cgi?id=10347
Austin English austinenglish@gmail.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Keywords| |download URL| |http://us.codejunkies.com/n | |ds_actionreplay/SetupUS1_05 | |.exe
http://bugs.winehq.org/show_bug.cgi?id=10347
--- Comment #16 from Nikolay Sivov bunglehead@gmail.com 2009-10-11 11:42:11 --- Created an attachment (id=24032) --> (http://bugs.winehq.org/attachment.cgi?id=24032) Test for invalid structure size
(In reply to comment #14)
Created an attachment (id=15024)
--> (http://bugs.winehq.org/attachment.cgi?id=15024) [details]
patch
This is wrong. Attached test shows that. Even V1 size check is redundant in Wine.
http://bugs.winehq.org/show_bug.cgi?id=10347
Nikolay Sivov bunglehead@gmail.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Keywords|patch |
http://bugs.winehq.org/show_bug.cgi?id=10347
--- Comment #17 from Mikolaj Zalewski mikolaj.zalewski@gmail.com 2009-10-12 19:32:37 --- I remember I've done some more testing (however, I haven't made a patch out of that) and AFAIR the check is only in TTM_ADDTOOLW (not TTM_ADDTOOLA) and only fails on 'size > sizeof(TTTOOLINFO)' (as a side effect, the boundary value is different in comctl32 v5.82 and comctl32 v6)
http://bugs.winehq.org/show_bug.cgi?id=10347
--- Comment #18 from Nikolay Sivov bunglehead@gmail.com 2009-10-13 10:16:59 --- (In reply to comment #17)
I've tried with TTM_ADDTOOLW and results show we need only a single "< sizeof()" condition cause it doesn't fail for (TTTOOLINFOW_V1_SIZE + 1) case. TTTOOLINFOW_V3_SIZE only available for v6 as I can see, so you're right about that. Anyway application sends some crap as message parameter, but we can't use cbSize field as a filter.
http://bugs.winehq.org/show_bug.cgi?id=10347
Austin English austinenglish@gmail.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Attachment #9034|0 |1 is obsolete| | Attachment #13409|0 |1 is obsolete| | Attachment #22402|0 |1 is obsolete| |
--- Comment #19 from Austin English austinenglish@gmail.com 2011-05-09 14:59:30 CDT --- Created an attachment (id=34574) --> (http://bugs.winehq.org/attachment.cgi?id=34574) +tooltips / backtrace
Still in wine-1.3.19-203-gf555c2d.
http://bugs.winehq.org/show_bug.cgi?id=10347
renee bullcity216@att.net changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |bullcity216@att.net
http://bugs.winehq.org/show_bug.cgi?id=10347
--- Comment #20 from Bruno Jesus 00cpxxx@gmail.com 2013-03-04 22:09:16 CST --- Created attachment 43807 --> http://bugs.winehq.org/attachment.cgi?id=43807 wine 1.5.25 crash
Still in wine 1.5.25, new backtrace attached.
http://bugs.winehq.org/show_bug.cgi?id=10347
Jarkko K jarkko_korpi@hotmail.com changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |jarkko_korpi@hotmail.com
--- Comment #21 from Jarkko K jarkko_korpi@hotmail.com --- Still crashes 1.7.17
sha1sum SetupUS1_05.exe 9280f83ae2778599b7d49923a9e405f4547df074
https://bugs.winehq.org/show_bug.cgi?id=10347
super_man@post.com changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |super_man@post.com
--- Comment #22 from super_man@post.com --- still crashing 1.7.50
https://bugs.winehq.org/show_bug.cgi?id=10347
--- Comment #23 from super_man@post.com --- The patch here doesn't seem to help anymore, but I figure out how to prevent the crash.
I just disabled line
/wine/dlls/comctl32/tooltips.c
case TTM_ADDTOOLW: // return TOOLTIPS_AddToolT (infoPtr, (LPTTTOOLINFOW)lParam, uMsg == TTM_ADDTOOLW);
and the application starts. Of course it's not real fix, but it points where the problem is.
https://bugs.winehq.org/show_bug.cgi?id=10347
--- Comment #24 from super_man@post.com --- Still crashes 1.8.rc4
https://bugs.winehq.org/show_bug.cgi?id=10347
Alistair Leslie-Hughes leslie_alistair@hotmail.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Attachment #15024|0 |1 is obsolete| | Attachment #24032|0 |1 is obsolete| | CC| |leslie_alistair@hotmail.com
--- Comment #25 from Alistair Leslie-Hughes leslie_alistair@hotmail.com --- Created attachment 53418 --> https://bugs.winehq.org/attachment.cgi?id=53418 patch
Obsoletes the other patches, as they are either partially accepted or no longer apply to the current source.
The crash is caused by the ti->lpszText parameter that is passed into this function, which has an invalid address. This address when passed to lstrlenW is causes the crash.
https://bugs.winehq.org/show_bug.cgi?id=10347
--- Comment #26 from super_man@post.com --- (In reply to Alistair Leslie-Hughes from comment #25)
Confirming that the patch works.
Still an issue against current wine-git.
https://bugs.winehq.org/show_bug.cgi?id=10347
Sebastian Lackner sebastian@fds-team.de changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |STAGED CC| |erich.e.hoover@wine-staging | |.com, michael@fds-team.de, | |sebastian@fds-team.de Staged patchset| |https://github.com/wine-com | |pholio/wine-staging/tree/ma | |ster/patches/comctl32-TTM_A | |DDTOOLW
https://bugs.winehq.org/show_bug.cgi?id=10347
Maik Wagner maiktapwagner@aol.com changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |maiktapwagner@aol.com
--- Comment #27 from Maik Wagner maiktapwagner@aol.com --- Hello everyone,
wine 1.9.15-staging on openSUSE Tumbleweed here. I created a fresh prefix and the application starts up okay. I don't have a Nintendo DS though so I can't test any further.
https://bugs.winehq.org/show_bug.cgi?id=10347
--- Comment #28 from Nikolay Sivov bunglehead@gmail.com --- I believe it's a confusion/bug in application code. What happens is that invalid arguments are used for TTM_ADDTOOLW:
--- 0051:Call msvcr71.strlen(004a42f8 "Action Replay Code Manager") ret=7c16a55d 0051:Ret msvcr71.strlen() retval=0000001a ret=7c16a55d 0051:Call msvcr71.malloc(0000002b) ret=7c16a438 0051:Call ntdll.RtlAllocateHeap(00580000,00000000,0000002b) ret=7e7c1750 0051:Ret ntdll.RtlAllocateHeap() retval=00592f10 ret=7e7c1750 0051:Ret msvcr71.malloc() retval=00592f10 ret=7c16a438 0051:Call msvcr71.memcpy(00592f20,7c220078,00000001) ret=7c16a3fe 0051:Ret msvcr71.memcpy() retval=00592f20 ret=7c16a3fe 0051:Call msvcr71.memcpy(00592f20,004a42f8,0000001a) ret=7c16a534 0051:Ret msvcr71.memcpy() retval=00592f20 ret=7c16a534 0051:Call user32.SendMessageA(000500c0,00000432,00000001,00592f20) ret=004196b2 0051:Call window proc 0x7c16e1bd (hwnd=0x500c0,msg=TTM_ADDTOOLW,wp=00000001,lp=00592f20) ---
So TTM_ADDTOOLW is called with wparam == 1, and lparam pointing to "Action Replay Code Manager" string, allocated dynamically.
I sent a patch that fixes this crash, https://www.winehq.org/pipermail/wine-devel/2018-February/123068.html.
https://bugs.winehq.org/show_bug.cgi?id=10347
Nikolay Sivov bunglehead@gmail.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Resolution|--- |FIXED Status|STAGED |RESOLVED Fixed by SHA1| |c586b759a97eb62f399689bbc55 | |72811b12eb78f
--- Comment #29 from Nikolay Sivov bunglehead@gmail.com --- This is fixed now, https://source.winehq.org/git/wine.git/?a=commit;h=c586b759a97eb62f399689bbc....
https://bugs.winehq.org/show_bug.cgi?id=10347
Alexandre Julliard julliard@winehq.org changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |CLOSED
--- Comment #30 from Alexandre Julliard julliard@winehq.org --- Closing bugs fixed in 3.3.
-
wine-bugs@winehq.org