DIB crash with gdb

Michael Ost most at museresearch.com
Thu Dec 22 17:45:52 CST 2011 

Hi,

Is it possible that AddVectoredExceptionHandler doesn't work when 
running wine under gdb? Or maybe it doesn't work in a 32bit wine running 
in a 64bit system?

I'm seeing a SEGV crash when running any wine program with wine 1.3.24 
in gdb but not when running without the debugger. The crash is happening 
when writing to memory allocated by CreateDIBSection in the function 
create_alpha_bitmap(). The code is in user32/cursoricon.c.

Here's where the crash happens, at line 791 in user32/cursoricon.c 
create_alpha_bitmap():

         unsigned int alpha = ptr[3];
         ptr[0] = ptr[0] * alpha / 255;  <-- SEGV here

With the debugger on, writing to ptr[0] causes the segfault. And, 
indeed, when I look at /proc/PID/maps for the problem address (0x350000) 
it is read only. Without the debugger, the memory is read-write and the 
calls work.

WINEDEBUG=+relay,+cursor,+icon,+resource,+bitmap,+virtual,+seh shows 
that exceptions are used to unlock the DIB as needed. The 
X11DRV_DIB_FaultHandler is installed and supposed to get invoked when 
writing to the memory.

And, without gdb running there are exceptions which leads to 
X11DRV_DIB_Unlock. Here's the trace:

trace:cursor:create_alpha_bitmap line=790 i 0, ptr 0x350000, alpha ac
trace:seh:raise_exception code=c0000005 flags=0 addr=0x7e7ea0d8
     ip=7e7ea0d8 tid=0028
trace:seh:raise_exception  info[0]=00000001
trace:seh:raise_exception  info[1]=00350000
trace:seh:raise_exception  eax=9999cccc ebx=7e8a5e2c ecx=00000000
     edx=00000067 esi=00350000 edi=000000ac
trace:seh:raise_exception  ebp=00000000 esp=0032f860 cs=0023
     ds=002b es=002b fs=0063 gs=006b flags=00010a02
trace:seh:call_vectored_handlers calling handler at 0x7e14beb0
     code=c0000005 flags=0
trace:bitmap:X11DRV_DIB_Lock Locking 0x330 from thread 0028
trace:bitmap:X11DRV_DIB_Coerce AppMod requested in status InSync
trace:virtual:NtProtectVirtualMemory 0xffffffff 0x350000
     00000400 00000004
trace:virtual:VIRTUAL_SetProt 0x350000-0x350fff c-rw-
trace:virtual:VIRTUAL_DumpView View: 0x350000 - 0x350fff (valloc)
trace:virtual:VIRTUAL_DumpView       0x350000 - 0x350fff c-rw-
trace:bitmap:X11DRV_DIB_DoProtectDIBSection Changed protection
     from 2 to 4
trace:bitmap:X11DRV_DIB_Unlock Unlocking in status AppMod
trace:bitmap:X11DRV_DIB_Unlock Unlocked 0x330
trace:seh:call_vectored_handlers handler at 0x7e14beb0 returned ffffffff
trace:cursor:create_alpha_bitmap 804 i 0, ptr 0x350000

That all works. But under gdb the exception handler is not called. The 
memory is not unlocked and the SEGV happens.

This is all happening in a 64bit Fedora bit system where we have cross 
compiled a 32bit version of wine. Could that be an issue?

Hopefully someone out there knows the answer to this readily.

Thanks for your time!

-- Michael Ost

More information about the wine-devel mailing list