[Bug 26678] BBC Micro emulator crashes

wine-bugs at winehq.org wine-bugs at winehq.org
Thu Apr 7 14:55:54 CDT 2011 

http://bugs.winehq.org/show_bug.cgi?id=26678

Anastasius Focht <focht at gmx.net> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
           Keywords|                            |download, source
                URL|                            |http://bbc.nvg.org/emul/Bee
                   |                            |bEm/BeebEm141.zip
                 CC|                            |focht at gmx.net

--- Comment #4 from Anastasius Focht <focht at gmx.net> 2011-04-07 14:55:54 CDT ---
Hello,

the zip archive from download link contains the source and a prebuilt binary
showing similar crash.
Using relay trace and the source (use the source, Luke!) one can deduce the
possible cause of crash.

The code quality is pretty bad ... you get sick 8-|

Relevant source snippets:

--- snip video.cpp ---
void VideoInit(void) {
...
  crtclog=fopen("/crtc.log","wb");
}; /* VideoInit */

...
void CRTCWrite(int Address, int Value) {
...
      case 5:
        CRTC_VerticalTotalAdjust=Value;
        fprintf(crtclog,"Vertical Total Adjust: %d\n",Value);
        AdjustVideo();
        break;
...
--- snip video.cpp ---

The source references CRT stuff but the prebuilt binary doesn't call
corresponding CRT functions so it seems CRT was statically linked.

Relay trace (I removes various interleaving trace messages due to multithreaded
nature of app):

--- snip ---
0028:Call KERNEL32.CreateFileA(00436c04
"/crtc.log",40000000,00000003,0032fbd0,00000002,00000080,00000000) ret=0042c849
0028:Ret  KERNEL32.CreateFileA() retval=ffffffff ret=0042c849
0028:Call KERNEL32.GetLastError() ret=0042c855
0028:Ret  KERNEL32.GetLastError() retval=00000005 ret=0042c855 
...
0028:trace:seh:raise_exception code=c0000005 flags=0 addr=0x7bc34bee
ip=7bc34bee tid=0028
0028:trace:seh:raise_exception  info[0]=00000000
0028:trace:seh:raise_exception  info[1]=00000034
0028:trace:seh:raise_exception  eax=00000020 ebx=7bca8ff4 ecx=00436f60
edx=0000c98a esi=00000000 edi=0000fe00
0028:trace:seh:raise_exception  ebp=0032fb74 esp=0032fb4c cs=0073 ds=007b
es=007b fs=0033 gs=003b flags=00010212
0028:trace:seh:call_vectored_handlers calling handler at 0x68d816b6
code=c0000005 flags=0
0028:trace:seh:call_vectored_handlers handler at 0x68d816b6 returned 0
0028:trace:seh:call_stack_handlers calling handler at 0x42b4f4 code=c0000005
flags=0
0028:Call KERNEL32.GetLastError() ret=004287f0
0028:Ret  KERNEL32.GetLastError() retval=00000000 ret=004287f0
0028:Call KERNEL32.UnhandledExceptionFilter(0032f630) ret=0042b01b
0028:Call KERNEL32.IsBadCodePtr(68cabfa0) ret=0042de25
0028:Ret  KERNEL32.IsBadCodePtr() retval=00000000 ret=0042de25 
...
wine: Unhandled page fault on read access to 0x00000034 at address 0x7bc34bee
(thread 0028), starting debugger... 
...
=>0 0x7bc34bee RtlEnterCriticalSection+0x15(crit=0x20)
[/opt/projects/wine/wine-git/dlls/ntdll/critsection.c:521] in ntdll
(0x0032fb74)
  1 0x00424ba9 in beebem (+0x24ba8) (0x0032fbb0)
  2 0x00407f84 in beebem (+0x7f83) (0x0032fbcc)
  3 0x004040f2 in beebem (+0x40f1) (0x0032fda4)
  4 0x004171e3 in beebem (+0x171e2) (0x0032fdd4)
  5 0x0042601a in beebem (+0x26019) (0x0032fe60)
...
--- snip ---

The log file path "/crtc.log" is invalid letting the initial fopen() fail,
returning NULL FILE*.
The call to fprintf() is done with NULL FILE*/crtclog resulting in garbage
pointer offset (while trying to lock FILE).

It is very likely that this app crashes in Windows too - because of that
invalid log file path - making the bug invalid.
Someone should verify by running the app from download link on Windows machine.

Regards

-- 
Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email
Do not reply to this email, post in Bugzilla using the
above URL to reply.
------- You are receiving this mail because: -------
You are watching all bug changes.

More information about the wine-bugs mailing list