I'm researching a crash, described in bug 637: http://bugs.winehq.com/show_bug.cgi?id=637
I can't understand why the application crashes. Can somebody give me a hint what is going on?
It seems the app quietly draws some staff, then loads an error message (?) and crashes.
Snippet of the relay trace is attached.
Thanks, Andriy
__________________________________________________ Do You Yahoo!? LAUNCH - Your Yahoo! Music Experience http://launch.yahoo.com
080706d8:Call user32.ReleaseDC(00000000,00000860) ret=00726451 080706d8:Call x11drv.SetDeviceClipping(403be750,00000bc6) ret=4085066d 080706d8:Ret x11drv.SetDeviceClipping() retval=00000000 ret=4085066d 080706d8:Call x11drv.SelectBrush(403be750,0000006e) ret=4085d70e 080706d8:Ret x11drv.SelectBrush() retval=0000006e ret=4085d70e 080706d8:Call x11drv.GetDeviceCaps(403be750,00000022) ret=408531e1 080706d8:Ret x11drv.GetDeviceCaps() retval=000079f7 ret=408531e1 080706d8:Call x11drv.SelectFont(403be750,000000a2) ret=4085d4a3 080706d8:Ret x11drv.SelectFont() retval=00000001 ret=4085d4a3 080706d8:Call x11drv.SelectPen(403be750,0000008a) ret=4085d736 080706d8:Ret x11drv.SelectPen() retval=0000008a ret=4085d736 080706d8:Call x11drv.SetBkColor(403be750,00ffffff) ret=40853262 080706d8:Ret x11drv.SetBkColor() retval=00ffffff ret=40853262 080706d8:Call x11drv.SetTextColor(403be750,00000000) ret=408532fa 080706d8:Ret x11drv.SetTextColor() retval=00000000 ret=408532fa 080706d8:trace:palette:GDISelectPalette16 0860 0092 080706d8:Ret user32.ReleaseDC() retval=00000001 ret=00726451 080706d8:Call kernel32.GetSystemInfo(405b692c) ret=00726271 080706d8:Ret kernel32.GetSystemInfo() retval=400be0b8 ret=00726271 080706d8:Call gdi32.CreatePalette(405b6960) ret=007264f7 080706d8:trace:palette:CreatePalette entries=16 080706d8:trace:palette:CreatePalette returning 10c6 080706d8:Ret gdi32.CreatePalette() retval=000010c6 ret=007264f7 080706d8:Call kernel32.FreeResource(008f3bd4) ret=0074a774 080706d8:Ret kernel32.FreeResource() retval=00000000 ret=0074a774
080706d8:Call kernel32.GetThreadLocale() ret=0064f1b4 080706d8:Ret kernel32.GetThreadLocale() retval=00000409 ret=0064f1b4 080706d8:Call kernel32.GetLocaleInfoA(00000409,0000100c,0087fa70,00000001) ret=0064f1ba 080706d8:trace:string:GetLocaleInfoA (lcid=0x409,lctype=0x100c,0x87fa70,1) 080706d8:trace:resource:RES_FindResource2 (40614000, 00000006, 00000101, 0409, W, PE) 080706d8:trace:resource:RES_LoadResource (40614000, 40659470, PE) 080706d8:trace:resource:LockResource (406417a0) 080706d8:trace:string:NLS_LoadStringExW strlen = 1 080706d8:trace:string:NLS_LoadStringExW L"6" loaded! 080706d8:trace:string:lstrcpynA (0x87fa70, "6", 1) 080706d8:Ret kernel32.GetLocaleInfoA() retval=00000001 ret=0064f1ba 080706d8:Call user32.LoadStringA(00400000,0000ff5e,405b6a1c,00000400) ret=0076068a 080706d8:trace:resource:LoadStringA instance = 400000, id = ff5e, buffer = 405b6a1c, length = 1024 080706d8:trace:resource:LoadStringW instance = 400000, id = ff5e, buffer = 403c42ac, length = 1024 080706d8:trace:resource:RES_FindResource2 (00400000, 00000006, 00000ff6, 0000, W, PE) 080706d8:trace:resource:RES_LoadResource (00400000, 008ed720, PE) 080706d8:trace:resource:LockResource (009000c8) 080706d8:trace:resource:LoadStringW strlen = 33 080706d8:trace:resource:LoadStringW L"'%s' is not a valid integer value" loaded ! 080706d8:trace:resource:LoadStringA "'%s' is not a valid integer value" loaded ! 080706d8:Ret user32.LoadStringA() retval=00000021 ret=0076068a 080706d8:Call kernel32.RaiseException(0eedfade,00000001,00000007,405b6dfc) ret=007569fe 080706d8:trace:seh:EXC_RtlRaiseException code=eedfade flags=1 addr=0x400cb634 080706d8:trace:seh:EXC_RtlRaiseException info[0]=007569fe 080706d8:trace:seh:EXC_RtlRaiseException info[1]=41166354 080706d8:trace:seh:EXC_RtlRaiseException info[2]=4116632c 080706d8:trace:seh:EXC_RtlRaiseException info[3]=405b6e3c 080706d8:trace:seh:EXC_RtlRaiseException info[4]=00000000 080706d8:trace:seh:EXC_RtlRaiseException info[5]=405b6e4c 080706d8:trace:seh:EXC_RtlRaiseException info[6]=405b6e18 080706d8: queue_exception_event( first=1, record={context={flags=00010007,eax=405b6cd8,ebx=40100444,ecx=00000000,edx=0eedfade,esi=405b6e18,edi=405b6d08,ebp=405b6d34,eip=400cb6a4,esp=405b6cd8,eflags=00000246,cs=0023,ds=002b,es=002b,fs=008f,gs=0000,dr0=00000021,dr1=0076068a,dr2=400ef8d2,dr3=00000000,dr6=00000004,dr7=000471c8,float={407c3c20,405b6a0c,00000000,72657375,4c2e3233,5364616f,6e697274,40004167,405b6b44,401171c8,fbad8001,401171c8,401171c8,401171c8,0075ecc6,0075d873,405b6e28,0075d8a0,405b69f8,00000021,405b6a1c,405b6e44,00000000,41166324,405b6e4c,0075dcf6,4116632c,405b6a1c}},rec={code=eedfade,flags=1,rec=(nil),addr=0x400cb634,params={7569fe,41166354,4116632c,405b6e3c,0,405b6e4c,405b6e18}} ) 080706d8: queue_exception_event() = 0 { handle=0 }
Andriy Palamarchuk wrote:
I'm researching a crash, described in bug 637: http://bugs.winehq.com/show_bug.cgi?id=637
I can't understand why the application crashes. Can somebody give me a hint what is going on?
I remember having the exactly the same weird error with "Font xplorer lite" (see the log). You can get this freeware at http://www.moonsoftware.com/freeware.asp.
Hoping that will help you ...
----------- the crash log ----------- trace:font:WineEngCreateFontInstance L"System", h=16, it=0, weight=400, PandF=22, charset=0 orient 0 escapement 0 trace:font:WineEngCreateFontInstance No fonts installed 08073078:Call x11drv.SelectFont(403cad14,000000a2) ret=407bf5a4 trace:font:X11DRV_SelectFont dc=0x403cc570, hfont=00a2 trace:font:X11DRV_SelectFont dc->gdiFont = (nil) trace:font:XFONT_UnAlias found alias 'System'->Helvetica' trace:font:X11DRV_SelectFont hfont=00a2 trace:font:XFONT_RealizeFont physfont 0 08073078:Ret x11drv.SelectFont() retval=00000001 ret=407bf5a4 08073078:Call x11drv.SelectPen(403cad14,0000008a) ret=407bf890 08073078:Ret x11drv.SelectPen() retval=0000008a ret=407bf890 08073078:Call x11drv.SetBkColor(403cad14,00ffffff) ret=407b412d 08073078:Ret x11drv.SetBkColor() retval=00ffffff ret=407b412d 08073078:Call x11drv.SetTextColor(403cad14,00000000) ret=407b41dd 08073078:Ret x11drv.SetTextColor() retval=00000000 ret=407b41dd 08073078:Ret user32.ReleaseDC() retval=00000001 ret=0041eb11 08073078:Call kernel32.GetSystemInfo(405d690c) ret=0041e931 08073078:Ret kernel32.GetSystemInfo() retval=405d690c ret=0041e931 08073078:Call gdi32.CreatePalette(405d6940) ret=0041ebb7 08073078:Ret gdi32.CreatePalette() retval=0000111e ret=0041ebb7 08073078:Call kernel32.FreeResource(005168cc) ret=00413db8 08073078:Ret kernel32.FreeResource() retval=00000000 ret=00413db8 08073078:Call kernel32.GetThreadLocale() ret=004ce4c4 08073078:Ret kernel32.GetThreadLocale() retval=0000040c ret=004ce4c4 08073078:Call kernel32.GetLocaleInfoA(0000040c,0000100c,004f5efc,00000001) ret=004ce4ca trace:resource:RES_FindResource2 (40610000, 00000006, 00000101, 040c, W, PE) trace:resource:RES_LoadResource (40610000, 406572b0, PE) trace:resource:LockResource (4063edc0) 08073078:Ret kernel32.GetLocaleInfoA() retval=00000001 ret=004ce4ca 08073078:Call user32.LoadStringA(00400000,0000fff0,405d69ec,00000400) ret=00405d26 trace:resource:LoadStringA instance = 400000, id = fff0, buffer = 405d69ec, length = 1024 trace:resource:LoadStringW instance = 400000, id = fff0, buffer = 403d0944, length = 1024 trace:resource:RES_FindResource2 (00400000, 00000006, 00001000, 0000, W, PE) trace:resource:RES_LoadResource (00400000, 0050e620, PE) trace:resource:LockResource (0051e1f0) trace:resource:LoadStringW strlen = 33 trace:resource:LoadStringW L"'%s' is not a valid integer value" loaded ! trace:resource:LoadStringA "'%s' is not a valid integer value" loaded ! 08073078:Ret user32.LoadStringA() retval=00000021 ret=00405d26 08073078:Call kernel32.RaiseException(0eedfade,00000001,00000007,405d6de4) ret=004088e4
--- Mehmet YASAR myasar@free.fr wrote: [skipped]
I remember having the exactly the same weird error with "Font xplorer lite" (see the log). You can get this freeware at http://www.moonsoftware.com/freeware.asp.
Thanks, the trace looks exactly the same.
Andriy
__________________________________________________ Do You Yahoo!? LAUNCH - Your Yahoo! Music Experience http://launch.yahoo.com
Hi,
I've a small patch that allows me to get "Font Explorer Light" go further, both app are relying on a Windows bug.
For example take the following code (see the log) :
int main(int argc, char* argv[]) { int i; char buffer[20];
buffer[0] = buffer[1] = buffer[2] = 77; i = GetLocaleInfoA(0x409, LOCALE_IFIRSTDAYOFWEEK, buffer, 1);
printf("%d:%d ret=%d\n", buffer[0], buffer[1], i); return 0; }
On Win2K we have <54:77 ret=0> On Wine I have <0 :77 ret=1>
We see that MS returns 0 as failure but modifies buffer[0] ! The following patch should fix this.
Mehmet
--- /home/mehmet/CVS/wine/ole/ole2nls.c Sun Apr 28 15:42:21 2002 +++ ole2nls.c Tue May 21 21:33:58 2002 @@ -574,6 +574,12 @@ } /* if len=0 return only the length, don't touch the buffer*/ if (len) { + /* We behave like Windows when len == 1 */ + if (len == 1) + { + buf[0] = retString[0]; + return 0; + } lstrcpynA(buf,retString,len); return strlen(buf) + 1; }
--- Mehmet YASAR myasar@free.fr wrote:
Hi,
I've a small patch that allows me to get "Font Explorer Light" go further, both app are relying on a Windows bug.
Excellent catch! The app loads now. Both apps use the same library (see the bugs description for details).
Look forward to see your patch in the main CVS tree.
Andriy
__________________________________________________ Do You Yahoo!? LAUNCH - Your Yahoo! Music Experience http://launch.yahoo.com
On Tue, May 21, 2002 at 09:57:10PM +0200, Mehmet YASAR wrote:
Hi,
I've a small patch that allows me to get "Font Explorer Light" go further, both app are relying on a Windows bug.
For example take the following code (see the log) :
int main(int argc, char* argv[]) { int i; char buffer[20];
buffer[0] = buffer[1] = buffer[2] = 77; i = GetLocaleInfoA(0x409, LOCALE_IFIRSTDAYOFWEEK, buffer, 1);
printf("%d:%d ret=%d\n", buffer[0], buffer[1], i); return 0; }
On Win2K we have <54:77 ret=0> On Wine I have <0 :77 ret=1>
We see that MS returns 0 as failure but modifies buffer[0] ! The following patch should fix this.
Mehmet
--- /home/mehmet/CVS/wine/ole/ole2nls.c Sun Apr 28 15:42:21 2002 +++ ole2nls.c Tue May 21 21:33:58 2002 @@ -574,6 +574,12 @@ } /* if len=0 return only the length, don't touch the buffer*/ if (len) {
- /* We behave like Windows when len == 1 */
- if (len == 1)
- {
buf[0] = retString[0];return 0;- } lstrcpynA(buf,retString,len); return strlen(buf) + 1; }
Wrong, I'd guess (way too specific).
I'm almost 100% sure (well, maybe I'm the one who's wrong :) that Windows copies as many bytes len as you give it up to the retString size. And if len < strlen(retString), then it returns 0 *after* having filled a part of the buffer. Also, maybe there's a problem with terminating '\0' handling for some len values. I.e. I'm *sure* that it'd modify 2 bytes if you give it len 2, but still return 0 as the buffer size is too small.
It'd be good if you rechecked exact buffer writing behaviour under Windows regarding "not enough buffer space" due to small len, and also the windows behaviour in the special case when len is not enough to copy the trailing '\0' of retString into buffer.
... Mehmet> printf("%d:%d ret=%d\n", buffer[0], buffer[1], i); return 0; }
Mehmet> On Win2K we have <54:77 ret=0> On Wine I have <0 :77 ret=1>
Mehmet> We see that MS returns 0 as failure but modifies buffer[0] ! Mehmet> The following patch should fix this.
Nice spot.
However I wonder too why the exception never reached Borland but instead crashed...
Bye
"Mehmet YASAR" myasar@free.fr wrote:
On Win2K we have <54:77 ret=0> On Wine I have <0 :77 ret=1>
We see that MS returns 0 as failure but modifies buffer[0] !
Could you please write a regression test for LoadString and GetLocaleInfo to verify exact behaviour, especially for border cases?
-
Andreas Mohr -
Andriy Palamarchuk -
Dmitry Timoshkov -
Mehmet YASAR -
Uwe Bonnes