[Bug 12460] West Point Bridge Designer 2007 crashes with page fault in oleaut32

wine-bugs at winehq.org wine-bugs at winehq.org
Sun Dec 19 16:55:20 CST 2010 

http://bugs.winehq.org/show_bug.cgi?id=12460

--- Comment #8 from Nikolay Sivov <bunglehead at gmail.com> 2010-12-19 16:55:19 CST ---
Application is broken I think:

---
001b:Call oleaut32.SysAllocString(0033f42c L"0") ret=2692ff82
001b:Call ntdll.RtlAllocateHeap(00110000,00000000,00000008) ret=7e60da9d
001b:Ret  ntdll.RtlAllocateHeap() retval=001a2990 ret=7e60da9d
001b:Ret  oleaut32.SysAllocString() retval=001a2994 ret=2692ff82

(this is a cpp delete() )
001b:Call msvcrt.??3 at YAXPAX@Z(0019a318) ret=26934726
001b:Call ntdll.RtlFreeHeap(00110000,00000000,0019a318) ret=7d96f9ae
001b:Ret  ntdll.RtlFreeHeap() retval=00000001 ret=7d96f9ae
001b:Ret  msvcrt.??3 at YAXPAX@Z() retval=00000001 ret=26934726
001b:Call oleaut32.SysStringLen(001a2994 L"0") ret=26910238
001b:Ret  oleaut32.SysStringLen() retval=00000001 ret=26910238

(release)
001b:Call oleaut32.SysFreeString(001a2994 L"0") ret=2691025d
001b:Call ntdll.RtlFreeHeap(00110000,00000000,001a2990) ret=7e60d15d
001b:Ret  ntdll.RtlFreeHeap() retval=00000001 ret=7e60d15d
001b:Ret  oleaut32.SysFreeString() retval=00000001 ret=2691025d

(next new() call allocates at this 0x1a2994 address)
001b:Call msvcrt.??2 at YAPAXI@Z(00000020) ret=26910056
001b:Call ntdll.RtlAllocateHeap(00110000,00000000,00000020) ret=7d96fdda
001b:Ret  ntdll.RtlAllocateHeap() retval=001a2990 ret=7d96fdda
001b:Ret  msvcrt.??2 at YAPAXI@Z() retval=001a2990 ret=26910056
001b:Call msvcrt.??2 at YAPAXI@Z(00000006) ret=26931e57
001b:Call ntdll.RtlAllocateHeap(00110000,00000000,00000006) ret=7d96fdda
001b:Ret  ntdll.RtlAllocateHeap() retval=0019a318 ret=7d96fdda
001b:Ret  msvcrt.??2 at YAPAXI@Z() retval=0019a318 ret=26931e57
001b:Call oleaut32.VariantInit(001a29a0) ret=2691017b
001b:trace:variant:VariantInit (0x1a29a0)
001b:Ret  oleaut32.VariantInit() retval=0000002a ret=2691017b
001b:Call oleaut32.VariantCopy(001a29a0,0033f4c8) ret=2691007b
001b:trace:variant:VariantCopy (0x1a29a0->(VT_EMPTY),0x33f4c8->(VT_BSTR))
001b:trace:variant:VariantClear (0x1a29a0->(VT_EMPTY))

(VT_BSTR typed source uses freed string)
001b:err:variant:VariantCopy source 0x1a2994, bytelength 1680152
001b:Call ntdll.RtlAllocateHeap(00110000,00000000,0019a31e) ret=7e60d9fb
001b:Ret  ntdll.RtlAllocateHeap() retval=01390020 ret=7e60d9fb
001b:Call msvcrt._except_handler3(0033f2c4,0033f49c,0033eff8,0033ef78)
ret=7efb6df5
001b:Ret  msvcrt._except_handler3() retval=00000001 ret=7efb6df5
---

So probably native one has exception handler at copy call or just happens to
pass it without a crash for some other reason.

-- 
Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email
Do not reply to this email, post in Bugzilla using the
above URL to reply.
------- You are receiving this mail because: -------
You are watching all bug changes.

More information about the wine-bugs mailing list