On Fri Jan 24 23:10:24 2025 +0000, Nikolay Sivov wrote:
Why would this one fail?
Thanks for reviewing.
I have replaced in affected functions all occourences of such `wine_dbgstr_w(buffer)` parameters.
The actual output here is as below, so really it is just line 3432.
Do you want me to limit my modifications to just lines were I get a message from ASan?
``` $ ASAN_OPTIONS="allocator_may_return_null=1:log_path="c:\asan_$(date +%Y-%m-%d_%H-%M-%S)_":halt_on_error=0" wine dlls/kernel32/tests/x86_64-windows/kernel32_test.exe actctx $ cat $WINEPREFIX/drive_c/asan_2025-01-25_00-40-09_.296 ================================================================= ==296==ERROR: AddressSanitizer: stack-buffer-overflow on address 0x7ffffe1ffac0 at pc 0x00014000bbf1 bp 0x7ffffe1ff6e0 sp 0x7ffffe1ff728 READ of size 2 at 0x7ffffe1ffac0 thread T0 #0 0x00014000bbf0 in wine_dbgstr_wn Z:...\wine\include\wine\debug.h:263 #1 0x00014000ba0e in wine_dbgstr_w Z:...\wine\include\wine\debug.h:306 #2 0x00014000757f in test_settings Z:...\wine\dlls\kernel32\tests\actctx.c:3432 #3 0x00014000118a in func_actctx Z:...\wine\dlls\kernel32\tests\actctx.c:4436 #4 0x0001401f492e in run_test+0xae (Z:...\wine-build\build-asan-pe\64\obj\dlls\kernel32\tests\x86_64-windows\kernel32_test.exe+0x1401f492e) #5 0x0001401f4471 in main+0x471 (Z:...\wine-build\build-asan-pe\64\obj\dlls\kernel32\tests\x86_64-windows\kernel32_test.exe+0x1401f4471) #6 0x0001401f5de3 in mainCRTStartup Z:...\wine\dlls\msvcrt\crt_main.c:58 #7 0x6fffffc455ee in BaseThreadInitThunk Z:...\wine\dlls\kernel32\thread.c:61 #8 0x6fffffdcab0a (C:\windows\system32\ntdll.dll+0x17004ab0a)
Address 0x7ffffe1ffac0 is located in stack of thread T0 at offset 192 in frame #0 0x00014000710f in test_settings Z:...\wine\dlls\kernel32\tests\actctx.c:3389
This frame has 2 object(s): [32, 192) 'buffer' (line 3396) <== Memory access at offset 192 overflows this variable [256, 264) 'size' (line 3397) HINT: this may be a false positive if your program uses some custom stack unwind mechanism, swapcontext or vfork (longjmp, SEH and C++ exceptions *are* supported) SUMMARY: AddressSanitizer: stack-buffer-overflow Z:...\wine\include\wine\debug.h:263 in wine_dbgstr_wn Shadow bytes around the buggy address: 0x7ffffe1ff800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x7ffffe1ff880: 00 00 00 00 00 04 f3 f3 f3 f3 f3 f3 f3 f3 f3 f3 0x7ffffe1ff900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x7ffffe1ff980: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x7ffffe1ffa00: f1 f1 f1 f1 00 00 00 00 00 00 00 00 00 00 00 00 =>0x7ffffe1ffa80: 00 00 00 00 00 00 00 00[f2]f2 f2 f2 f2 f2 f2 f2 0x7ffffe1ffb00: 00 f3 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 0x7ffffe1ffb80: 00 00 00 00 f1 f1 f1 f1 00 f3 f3 f3 00 00 00 00 0x7ffffe1ffc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x7ffffe1ffc80: 00 00 00 00 00 00 00 00 f1 f1 f1 f1 f8 f8 f8 f8 0x7ffffe1ffd00: f8 f8 f8 f8 f3 f3 f3 f3 00 00 00 00 00 00 00 00 Shadow byte legend (one shadow byte represents 8 application bytes): Addressable: 00 Partially addressable: 01 02 03 04 05 06 07 Heap left redzone: fa Freed heap region: fd Stack left redzone: f1 Stack mid redzone: f2 Stack right redzone: f3 Stack after return: f5 Stack use after scope: f8 Global redzone: f9 Global init order: f6 Poisoned by user: f7 Container overflow: fc Array cookie: ac Intra object redzone: bb ASan internal: fe Left alloca redzone: ca Right alloca redzone: cb ==296==ABORTING ```