wine 0.9.6 segfaults (was :Re: wine 0.9.5 - segmentation fault with some apps) - wine-devel

20 Jan 2006


      Alex,
...
That might be a problem. It would be better if you could compile the 
latest snapshot, or even better, the latest CVS, from scratch. This 
would enable you to test any patches I (or somebody else) might send to 
try and fix the problem.
OK, I will do it then!
But I will have to learn a bit on how to use subversion trhough our 
autenticated squid proxy. 
It will take some hours (or days 8-/).
As soon as I get a local snapshot working I will post a message again 
(also after reporting the bug)
...
...
I also noticed I can do something like:
      WINEDUBUG=+all winebdg user.exe
Are you interested in the output of the above? Winedbg does not
segfault.
...
...
It freezes.
It should be WINEDEBUG=+all, not WINEDUBUG... might be the problem.
Sorry! Just a typo .... I meant WINEDEBUG ....
...
However, the debug trace was useful by itself.
The last lines of your trace show the following:
0009:Call ntdll.RtlImageNtHeader(00000000) ret=7fce61da
0009: *killed* exit_code=0
This is bad - RtlImageNtHeader should be supplied a non-NULL pointer, 
and somebody passed it a NULL one instead. In addition, it seems there 
is an issue with the exception handling in RtlImageNtHeader
From dlls/ntdll/loader.c:
/***********************************************************************

      RtlImageNtHeader   (NTDLL.@)


*/
PIMAGE_NT_HEADERS WINAPI RtlImageNtHeader(HMODULE hModule)
{
   IMAGE_NT_HEADERS *ret;
__TRY
   {
       IMAGE_DOS_HEADER *dos = (IMAGE_DOS_HEADER *)hModule;
   ret = NULL;
   if (dos->e_magic == IMAGE_DOS_SIGNATURE)
   {
       ret = (IMAGE_NT_HEADERS *)((char *)dos + dos->e_lfanew);
       if (ret->Signature != IMAGE_NT_SIGNATURE) ret = NULL;
   }

}
   __EXCEPT_PAGE_FAULT
   {
       return NULL;
   }
   __ENDTRY
   return ret;
}
The exception handler is supposed to return NULL in case of a page fault 
(such as trying to access a NULL pointer, as is your case). However, I 
think I saw a discussion somewhere in wine-devel that advised *not* to 
return from inside an __EXCEPT clause of an exception handler in Wine 
(most probably because __ENDTRY needs to run in order to clean up). If 
this is true, then RtlImageNtHeader is violating this rule. Your 
segmentation fault might be the expected result of a violation of the 
return rule. Could anybody in wine-devel speak up to confirm or refute 
this observation about exception handlers?
This, of course, does not address the actual issue of passing a NULL 
pointer to RtlImageNtHeader(). I could make a set of patches to add 
TRACEs to all functions with uses of RtlImageNtHeader(), but you need to 
be able to apply the patches for them to be actually of use.
Alex Villacís Lasso
I will be working on setting up an environment to apply the patches. 
Just wait some time in order to me to work on some issues I would have ...
Thanks.
---------------------------------------------------------
Ulisses de Sousa Penna
Analista Consultor - Banco do Brasil
Fone: +55-61-3310-6320   Fax: +55-61-3310-6435
---------------------------------------------------------