On 06/14/16 23:42, Iván Matellanes wrote:
It crashes when ostream->vbtable is garbage, but otherwise, it seems to ignore the value and destroy the ios object at a fixed position anyway (see attached file). I think this is reasonable since ostream_vbase_dtor will only be used to destroy ostream objects, i.e., not objects of subclasses, right?
Yes, you're right. I've done some more testing and it turns out `vbase destructors` are not using vbtable.
This doesn't explain why we get a crash when ostream->vbtable = NULL though.
The crash is caused by destructor. It turns out the destructor is always updating virtual functions table. The vbtable is used to compute virtual functions table location. E.g. class a destructor does something like this: void thiscall a_dtor(base *b) { a *this = base_to_a(base); b = a_get_base(a); b->vtable = &MSVCP_a_vtable; //do the object destruction ... } The virtual function table is updated in all destructors (even if virtual inheritance is not used). As long as we're not calling virtual functions in destructors there's probably no need to do it in wine.
Thanks, Piotr