crash in menu.c

Dan Timis timis at museresearch.com
Wed Jul 21 16:35:53 CDT 2004 

One of the third party Windows software that we support is crashing 
when clicking on a popup menu that has separators.  The author of the 
software send us a snippet of his code.  It looks something like this:

	MENUITEMINFO mi;
	ZeroMemory(&mi, sizeof(mi));
	mi.cbSize = sizeof(mi);
	mi.fType = MFT_SEPARATOR;
	InsertMenuItem(hMenu, index++, TRUE, &mi);

The problem is obviously that mi.fMask does not have the MIIM_TYPE bit 
set.  This code "works" on Windows; it draws a separator like the 
programmer intended, but not like the API would suggest this should 
work.  I'm not sure what should be wine's behavior, but I don't think 
it should crash.

The crash in wine happens when MENU_InitTracking calls MENU_ShowPopup, 
which in turn calls MENU_CalcItemSize:

trace:menu:MENU_CalcItemSize dc=0x11ac owner=0x10025 (3,56)
trace:menu:do_debug_print_menuitem MENU_CalcItemSize: menuitem: { 
ID=0x4, State=grey, Text=L"Save Preset As..." }
trace:menu:MENU_CalcItemSize (3,56)-(148,74)
trace:menu:MENU_CalcItemSize dc=0x11ac owner=0x10025 (3,74)
trace:menu:do_debug_print_menuitem MENU_CalcItemSize: menuitem: { 
ID=0x0, Text=Null }
wine: Unhandled exception (thread 0009), starting debugger...

...

Unhandled exception: page fault on read access to 0x00000000 in 32-bit 
code (0x40de985c).

...

0x40de985c (MENU_CalcItemSize+0x13c [menu.c] in USER32.DLL): repne 
scasw^I%es:(%edi)

Earlier, I get this trace:

trace:menu:do_debug_print_menuitem MENU_SetItemInfo_common from:  { 
ID=0x0, Text=Null }
trace:menu:do_debug_print_menuitem SetMenuItemInfo_common to :  { 
ID=0x4, State=grey, Text=L"Save Preset As..." }
trace:menu:do_debug_print_menuitem MENU_SetItemInfo_common from:  { 
ID=0x0, Text=Null }
trace:menu:do_debug_print_menuitem SetMenuItemInfo_common to :  { 
ID=0x0, Text=Null }

I don't understand how this "from" and "to" works, but the ID of the 
menu item after "Save Preset As..." should be 0x5.

I have a wine version from 2004-04-08.  The author of the Windows 
software will fix the problem in his code and that should stop the 
crash, but maybe someone should fix this in wine too.

Thanks,

Dan Timis
Muse Research, Inc.

More information about the wine-devel mailing list