This is on RH9 SMP with wine-20031118.
Trying to run the MS SFU 3.0 (hey, I got it for $5 from that special offer they ran on slashdot a couple weeks ago...) setup.exe from the commandline yields the crash:
Unhandled exception: page fault on read access to 0x0049002e in 32-bit code (0x400b73fd). In 32-bit mode. 0x400b73fd (NTDLL.DLL.RtlInitAnsiString+0x19 in NTDLL.DLL): repne scasb %es:(%edi) Wine-dbg>bt Backtrace: =>0 0x400b73fd (NTDLL.DLL.RtlInitAnsiString+0x19 in NTDLL.DLL) (ebp=4071e8f8) 1 0x400b7628 (NTDLL.DLL.RtlCreateUnicodeStringFromAsciiz+0x20 in NTDLL.DLL) (ebp=4071e918) 2 0x407bf5ad (USER32.DLL.MessageBoxIndirectA+0x119 in USER32.DLL) (ebp=4071e984) 3 0x407bf422 (USER32.DLL.MessageBoxExA+0x5e in USER32.DLL) (ebp=4071e9c4) 4 0x407bf38f (USER32.DLL.MessageBoxA+0x23 in USER32.DLL) (ebp=4071e9e4) 5 0x004010f7 (msiinst.exe.EntryPoint+0xf7 in msiinst.exe) (ebp=00000001)
Seems a shame to bail out so early.
Any suggestions for which --debugmsg channel to turn on? Best I could find was +process,+ntdll,+string which output the following right before the crash: ... trace:string:wvsnprintfA "Y:\instmsi.exe /D:E:\IXP001.TMP\" trace:process:CreateProcessW app (null) cmdline L"E:\IXP001.TMP\msiinst.exe /i instmsi.msi REBOOT=REALLYSUPRESS /q" trace:process:find_exe_file looking for L"E:\IXP001.TMP\msiinst.exe" trace:process:find_exe_file Trying native exe L"E:\IXP001.TMP\msiinst.exe" trace:ntdll:NtReadFile (0x34,(nil),(nil),(nil),0x4051dca0,0x4051dd44,0x00000040,(nil),(nil)),partial stub! trace:ntdll:NtReadFile (0x34,(nil),(nil),(nil),0x4051dca0,0x4051dcdc,0x00000004,(nil),(nil)),partial stub! trace:ntdll:NtReadFile (0x34,(nil),(nil),(nil),0x4051dca0,0x4051dd24,0x00000014,(nil),(nil)),partial stub! trace:process:CreateProcessW starting L"E:\IXP001.TMP\msiinst.exe" as Win32 binary trace:process:__wine_kernel_init starting process name=L"E:\IXP001.TMP\msiinst.exe" file=0x4 argv[0]="E:\IXP001.TMP\msiinst.exe" trace:ntdll:NtReadFile (0x4,(nil),(nil),(nil),0xbfffd438,0xbfffd4dc,0x00000040,(nil),(nil)),partial stub! trace:ntdll:NtReadFile (0x4,(nil),(nil),(nil),0xbfffd438,0xbfffd474,0x00000004,(nil),(nil)),partial stub! trace:ntdll:NtReadFile (0x4,(nil),(nil),(nil),0xbfffd438,0xbfffd4bc,0x00000014,(nil),(nil)),partial stub! trace:process:__wine_kernel_init starting Win32 binary L"E:\IXP001.TMP\msiinst.exe"
- Dan
"Dan" == Dan Kegel dank@kegel.com writes:
Dan> This is on RH9 SMP with wine-20031118. Trying to run the MS SFU Dan> 3.0 (hey, I got it for $5 from that special offer they ran on Dan> slashdot a couple weeks ago...) setup.exe from the commandline Dan> yields the crash:
Dan> Unhandled exception: page fault on read access to 0x0049002e in Dan> 32-bit code (0x400b73fd). In 32-bit mode. 0x400b73fd
This looks like the application detected an error, tries to put up a messagebox, and that messagebos crashes. Try to get the text of the messagebox with --debugmsg +relay,+dialog
Bye
Uwe Bonnes wrote:
"Dan" == Dan Kegel dank@kegel.com writes:
Dan> This is on RH9 SMP with wine-20031118. Trying to run the MS SFU Dan> 3.0 (hey, I got it for $5 from that special offer they ran on Dan> slashdot a couple weeks ago...) setup.exe from the commandline Dan> yields the crash: Dan> Unhandled exception: page fault on read access to 0x0049002e in Dan> 32-bit code (0x400b73fd). In 32-bit mode. 0x400b73fdThis looks like the application detected an error, tries to put up a messagebox, and that messagebos crashes. Try to get the text of the messagebox with --debugmsg +relay,+dialog
If I do +relay, it doesn't crash, and +dialog doesn't show anything before the crash.
I'll try booting into non-smp and see if that makes a difference. - Dan
"Dan" == Dan Kegel dank@kegel.com writes:
Dan> Uwe Bonnes wrote: >>>>>>> "Dan" == Dan Kegel dank@kegel.com writes: Dan> This is on RH9 SMP with wine-20031118. Trying to run the MS SFU Dan> 3.0 (hey, I got it for $5 from that special offer they ran on Dan> slashdot a couple weeks ago...) setup.exe from the commandline Dan> yields the crash: >> Dan> Unhandled exception: page fault on read access to 0x0049002e in Dan> 32-bit code (0x400b73fd). In 32-bit mode. 0x400b73fd >> This looks like the application detected an error, tries to put up a >> messagebox, and that messagebos crashes. Try to get the text of the >> messagebox with --debugmsg +relay,+dialog
Dan> If I do +relay, it doesn't crash, and +dialog doesn't show anything Dan> before the crash.
I run on SMP to, and had no SMP related problem yet.
If the crash doesn't happen with +relay, does the programm succeed or abort in another place.
In any case, check for heap corruption with --debugmsg +heap
Bye
Dan Kegel dank@kegel.com writes:
Dan> This is on RH9 SMP with wine-20031118. Trying to run the MS SFU Dan> 3.0 (hey, I got it for $5 from that special offer they ran on Dan> slashdot a couple weeks ago...) setup.exe from the commandline Dan> yields the crash: Dan> Unhandled exception: page fault on read access to 0x0049002e in Dan> 32-bit code (0x400b73fd). In 32-bit mode. 0x400b73fd
OK, I've now run this under valgrind, with commandline valgrind --trace-children=yes --num-callers=10 wine y:setup.exe >s.log 2>&1 There are a few interesting warnings from Valgrind (along with a lot of chaff I've filtered out). I won't have time to dig into the sources today, but here's the log in case anyone else wants to take a peek. I bet at least one of these is a problem in Wine.
Wouldn't it be funny if we found a bug in msiinst.exe? - Dan
==7555== Conditional jump or move depends on uninitialised value(s) ==7555== at 0x4139F30C: get_full_path_helper (path.c:475) ==7555== by 0x4139F8BF: RtlGetFullPathName_U (path.c:565) ==7555== by 0x4139A8BA: find_dll_file (loader.c:1377) ==7555== by 0x4139AD11: load_dll (loader.c:1419) ==7555== by 0x4139B0E5: LdrLoadDll (loader.c:1505) ==7555== by 0x419F575E: load_library (module.c:693) ==7555== by 0x419F57EA: LoadLibraryExA (module.c:735) ==7555== by 0x419F5873: LoadLibraryA (module.c:775) ... ==7558== Conditional jump or move depends on uninitialised value(s) ==7558== at 0x4139F30C: get_full_path_helper (path.c:475) ==7558== by 0x4139F8BF: RtlGetFullPathName_U (path.c:565) ==7558== by 0x4139FC20: RtlSetCurrentDirectory_U (path.c:728) ==7558== by 0x419C7654: DRIVE_Chdir (../../files/drive.c:1240) ==7558== by 0x419C4F37: DRIVE_Init (../../files/drive.c:402) ==7558== by 0x419FCE94: process_init (process.c:704) ==7558== by 0x419FD173: __wine_kernel_init (process.c:773) ==7558== by 0x4139BC2A: __wine_process_init (loader.c:1952) ==7558== by 0x4023ED74: wine_init (loader.c:434) ==7558== by 0x3C001BBC: main (main.c:33) ... ==7558== Invalid read of size 4 ==7558== at 0x401A97: (within /tmp/IXP001.TMP/msiinst.exe) ==7558== by 0x4023EF1C: (within /usr/local/lib/libwine.so.1) ==7558== Address 0x423BEF30 is not stack'd, malloc'd or free'd ==7558== ==7558== Invalid read of size 4 ==7558== at 0x401AA4: (within /tmp/IXP001.TMP/msiinst.exe) ==7558== by 0x4023EF1C: (within /usr/local/lib/libwine.so.1) ==7558== Address 0x423BEA0C is not stack'd, malloc'd or free'd ==7558== ==7558== Conditional jump or move depends on uninitialised value(s) ==7558== at 0x4263E4B4: MessageBoxIndirectA (../../windows/msgbox.c:407) ==7558== by 0x4263E421: MessageBoxExA (../../windows/msgbox.c:373) ==7558== by 0x4263E38E: MessageBoxA (../../windows/msgbox.c:341) ==7558== by 0x4010F6: (within /tmp/IXP001.TMP/msiinst.exe) ==7558== ==7558== Conditional jump or move depends on uninitialised value(s) ==7558== at 0x413A53F3: RtlInitAnsiString (rtlstr.c:91) ==7558== by 0x413A5627: RtlCreateUnicodeStringFromAsciiz (rtlstr.c:237) ==7558== by 0x4263E5AC: MessageBoxIndirectA (../../windows/msgbox.c:408) ==7558== by 0x4263E421: MessageBoxExA (../../windows/msgbox.c:373) ==7558== by 0x4263E38E: MessageBoxA (../../windows/msgbox.c:341) ==7558== by 0x4010F6: (within /tmp/IXP001.TMP/msiinst.exe) ==7558== ==7558== Use of uninitialised value of size 4 ==7558== at 0x413A53FD: RtlInitAnsiString (rtlstr.c:93) ==7558== by 0x413A5627: RtlCreateUnicodeStringFromAsciiz (rtlstr.c:237) ==7558== by 0x4263E5AC: MessageBoxIndirectA (../../windows/msgbox.c:408) ==7558== by 0x4263E421: MessageBoxExA (../../windows/msgbox.c:373) ==7558== by 0x4263E38E: MessageBoxA (../../windows/msgbox.c:341) ==7558== by 0x4010F6: (within /tmp/IXP001.TMP/msiinst.exe) ==7558== ==7558== Invalid read of size 1 ==7558== at 0x413A53FD: RtlInitAnsiString (rtlstr.c:93) ==7558== by 0x413A5627: RtlCreateUnicodeStringFromAsciiz (rtlstr.c:237) ==7558== by 0x4263E5AC: MessageBoxIndirectA (../../windows/msgbox.c:408) ==7558== by 0x4263E421: MessageBoxExA (../../windows/msgbox.c:373) ==7558== by 0x4263E38E: MessageBoxA (../../windows/msgbox.c:341) ==7558== by 0x4010F6: (within /tmp/IXP001.TMP/msiinst.exe) ==7558== Address 0x49002E is not stack'd, malloc'd or free'd ==7558== ==7558== Conditional jump or move depends on uninitialised value(s) ==7558== at 0x4023DF7F: wine_ldt_is_system (ldt.c:137) ==7558== by 0x413A990F: init_handler (signal_i386.c:618) ==7558== by 0x413A9988: setup_exception (signal_i386.c:720) ==7558== by 0x413A9E30: segv_handler (signal_i386.c:962) ==7558== by 0x4017FB87: ??? (vg_hashtable.c:213) ... ==7558== Conditional jump or move depends on uninitialised value(s) ==7558== at 0x413A994A: init_handler (signal_i386.c:632) ==7558== by 0x413A9988: setup_exception (signal_i386.c:720) ==7558== by 0x413A9E30: segv_handler (signal_i386.c:962) ==7558== by 0x4017FB87: ??? (vg_hashtable.c:213) ... ==7558== Use of uninitialised value of size 4 ==7558== at 0x413A99FE: setup_exception (signal_i386.c:750) ==7558== by 0x413A9E30: segv_handler (signal_i386.c:962) ==7558== by 0x4017FB87: ??? (vg_hashtable.c:213) ==7558== ==7558== Invalid write of size 4 ==7558== at 0x413A99FE: setup_exception (signal_i386.c:750) ==7558== by 0x413A9E30: segv_handler (signal_i386.c:962) ==7558== by 0x4017FB87: ??? (vg_hashtable.c:213) ==7558== Address 0x423BE5C0 is not stack'd, malloc'd or free'd ==7558==
-
Dan Kegel -
Uwe Bonnes