[Bug 11788] Icewind Dale crashes when starting

[wine-bugs at winehq.org]

http://bugs.winehq.org/show_bug.cgi?id=11788





--- Comment #8 from Alexander Dorofeyev <alexd4 at inbox.lv>  2008-03-22 08:23:51 ---
I tried debugging this in IDA disassembler. It looks like the wrong pointer
accessed is a field of some very large struct or object allocated on the stack.
It's allocated on the stack in WinMain, then passed to a chain of subroutines.
Now, the strange part is, it looks like this particular field isn't really
properly initialized by the app, and this causes problems. There's a check
later on if it's NULL or not, but it isn't really initialized to NULL anywhere
as far as I can see, it looks like this variable ends up with some semi-random
value from the stack. This can explain inconsistency with regression tests. If
value at that address happens to be 0, then everything if fine, otherwise the
app tries to use this wrong value as a pointer later and crashes. This is
totally dependent on what is in stack upon entering WinMain - by putting some
value at that address I can cause crash by accessing this value (as pointer) or
avoid the crash if I put 0x00000000 there. 

So this really looks like a buggy app, but somehow it works on Windows. Maybe
stack memory is zeroed in Windows, but not in Wine, I don't know. Possibly some
exe-loading issue. 

2 Alexandre Julliard: do you know if above theory can be correct?

This important address that decides whether app will run or crash is
ESP-0x4E02, when at the very first instruction of WinMain. I don't know much
about exe loading but I can try to dig some more info on request.

I'll also try to check on Windows, how the stack looks there, zeroed or not.


-- 
Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email
Do not reply to this email, post in Bugzilla using the
above URL to reply.
------- You are receiving this mail because: -------
You are watching all bug changes.