[Bug 33376] Stick soldier 2 crashes on startup

wine-bugs at winehq.org wine-bugs at winehq.org
Thu Jun 18 16:34:03 CDT 2015 

https://bugs.winehq.org/show_bug.cgi?id=33376

Anastasius Focht <focht at gmx.net> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |focht at gmx.net
          Component|-unknown                    |msvcp
            Summary|Stick soldier 2 crash on    |Stick soldier 2 crashes on
                   |startup                     |startup

--- Comment #12 from Anastasius Focht <focht at gmx.net> ---
Hello folks,

confirming, still present.

--- snip ---
$ WINEDEBUG=+tid,+seh,+loaddll,+process,+msvcrt,+msvcp wine ./Stick\ Soldiers\
II.exe >>log.txt 2>&1
...
0027:trace:msvcp:basic_filebuf_char_open (0x33faf8 Data\SSents.etb 1 64)
0027:trace:msvcp:basic_filebuf_char_open_wchar (0x33faf8 L"Data\\SSents.etb" 1
64)
0027:trace:msvcp:basic_filebuf_char_is_open (0x33faf8)
0027:trace:msvcp:_Fiopen_wchar (L"Data\\SSents.etb" 1 64)
0027:trace:msvcrt:MSVCRT__wfsopen (L"Data\\SSents.etb",L"r")
0027:trace:msvcrt:msvcrt_get_flags L"r"
0027:trace:msvcrt:MSVCRT__wsopen_s fd*: 0x33f658 :file (L"Data\\SSents.etb")
oflags: 0x0000 shflags: 0x0040 pmode: 0x0000
0027:trace:msvcrt:msvcrt_alloc_fd :handle (0x74) allocating fd (6)
0027:trace:msvcrt:MSVCRT__wsopen_s :fd (6) handle (0x74)
0027:trace:msvcrt:msvcrt_init_fp :fd (6) allocating FILE*
0027:trace:msvcrt:msvcrt_init_fp :got FILE* (0x7e0d2380)
0027:trace:msvcrt:MSVCRT__wfsopen :fd (6) mode (L"r") FILE* (0x7e0d2380)
0027:trace:msvcrt:MSVCRT__wfsopen :got (0x7e0d2380)
0027:trace:msvcp:basic_filebuf_char__Init (0x33faf8 0x7e0d2380 1)
0027:trace:msvcp:basic_streambuf_char__Init_empty (0x33faf8)
0027:trace:msvcp:basic_streambuf_char_setp_next (0x33faf8 (nil) (nil) (nil))
0027:trace:msvcp:basic_streambuf_char_setg (0x33faf8 (nil) (nil) (nil))
0027:trace:msvcp:basic_streambuf_char__Init (0x33faf8 0x7e0d2388 0x7e0d2380
0x7e0d2384 0x7e0d2388 0x7e0d2380 0x7e0d2384)
0027:trace:msvcp:locale_id_operator_size_t (0x7e1f84f8)
0027:trace:msvcp:locale__Getfacet_bool (0x33fb2c 1)
0027:trace:msvcp:basic_filebuf_char__Initcvt_cvt (0x33faf8 0x5b23b8)
0027:trace:msvcp:codecvt_base_always_noconv (0x5b23b8)
0027:trace:msvcp:codecvt_base_do_always_noconv (0x5b23b8)
0027:trace:msvcp:basic_ifstream_char_is_open (0x33faf0)
0027:trace:msvcp:basic_filebuf_char_is_open (0x33faf8)
0027:trace:msvcp:MSVCP_basic_string_char_ctor_alloc 0x33fb90 0x33fa98
0027:trace:msvcp:basic_string_char__Tidy (0x33fb90 0)
0027:trace:msvcp:MSVCP_basic_string_char_ctor_cstr_alloc 0x33fb80 "UNDEFINED"
0027:trace:msvcp:basic_string_char__Tidy (0x33fb80 0)
0027:trace:msvcp:MSVCP_basic_string_char_assign_cstr_len 0x33fb80 "UNDEFINED" 9
0027:trace:msvcrt:MSVCRT_operator_new (11) returning 0x5b70b8
0027:trace:msvcp:basic_string_char__Tidy (0x33fb80 1)
0027:trace:msvcp:ios_base_eof (0x33fb4c)
0027:trace:msvcp:basic_istream_char_getline_delim (0x33faf0 0x33fba0 ff 
)
0027:trace:msvcp:basic_ios_char_rdbuf_get (0x33fb4c)
0027:trace:msvcp:basic_streambuf_char__Lock (0x33faf8)
0027:trace:msvcp:basic_istream_char__Ipfx (0x33faf0 1)
0027:trace:msvcp:ios_base_good (0x33fb4c)
0027:trace:msvcp:basic_ios_char_tie_get (0x33fb4c)
0027:trace:msvcp:ios_base_good (0x33fb4c)
0027:trace:msvcp:basic_ios_char_rdbuf_get (0x33fb4c)
0027:trace:msvcp:basic_streambuf_char_sbumpc (0x33faf8)
0027:trace:msvcp:basic_streambuf_char__Gnavail (0x33faf8)
0027:trace:msvcp:basic_filebuf_char_uflow (0x33faf8)
0027:trace:msvcp:basic_filebuf_char_is_open (0x33faf8)
0027:trace:msvcp:basic_streambuf_char_gptr (0x33faf8)
0027:trace:msvcp:basic_streambuf_char_egptr (0x33faf8)
0027:trace:msvcrt:_lock (34)
0027:trace:msvcrt:read_i :fd (6) handle (0x74) buf (0x5b6050) len (4096)
0027:trace:msvcrt:read_i :EOF ""
0027:trace:msvcrt:read_i (0), ""
0027:trace:msvcrt:_unlock (34)
0027:trace:msvcp:basic_ios_char_rdbuf_get (0x33fb4c)
0027:trace:msvcp:basic_streambuf_char__Unlock (0x33faf8)
0027:trace:msvcp:basic_ios_char_setstate_reraise (0x33fb4c 3 0)
0027:trace:msvcp:basic_ios_char_clear_reraise (0x33fb4c 3 0)
0027:trace:msvcp:ios_base_clear_reraise (0x33fb4c 3 0)
0027:trace:msvcp:MSVCP_basic_string_char_assign_cstr_len 0x33fb90 "" 0
0027:trace:msvcp:MSVCP_basic_string_char_operator_at 0x33fb90 0
0027:trace:seh:raise_exception code=c0000005 flags=0 addr=0x4119e7 ip=004119e7
tid=0027
0027:trace:seh:raise_exception  info[0]=00000000
0027:trace:seh:raise_exception  info[1]=00000000
0027:trace:seh:raise_exception  eax=00000000 ebx=00000000 ecx=00000000
edx=00000000 esi=005b114f edi=f75c6000
0027:trace:seh:raise_exception  ebp=0033fcac esp=0033fa18 cs=0023 ds=002b
es=002b fs=0063 gs=006b flags=00010246 
--- snip ---

@Fabian

--- quote ---
If you track that function, one call is with an empty string (this->size == 0
and more important this->ptr == NULL) at position 0. The return value is then
this->ptr+pos == NULL, which then causes the page fault.
Such a call shouldn't happen, or does it work to access an empty string at
position 0 under Windows.
--- quote ---

Yes, it should work.

'std::basic_string<char,std::char_traits<char>,std::allocator<char>>::operator[](uint)'
must return 'Nullstr()' reference in this case.

Source:
https://source.winehq.org/git/wine.git/blob/a0e8d62a8ebd24e4ae474c262ddbc7d1a42f0e80:/dlls/msvcp60/string.c#l1413

--- snip ---
1413 /*
??A?$basic_string at DU?$char_traits at D@std@@V?$allocator at D@2@@std@@QAEAADI at Z */
1414 /*
??A?$basic_string at DU?$char_traits at D@std@@V?$allocator at D@2@@std@@QEAAAEAD_K at Z */
1415 /*
??A?$basic_string at DU?$char_traits at D@std@@V?$allocator at D@2@@std@@QBEABDI at Z */
1416 /*
??A?$basic_string at DU?$char_traits at D@std@@V?$allocator at D@2@@std@@QEBAAEBD_K at Z */
1417 DEFINE_THISCALL_WRAPPER(MSVCP_basic_string_char_operator_at, 8)
1418 char* __thiscall MSVCP_basic_string_char_operator_at(
1419         basic_string_char *this, MSVCP_size_t pos)
1420 {
1421     TRACE("%p %lu\n", this, pos);
1422 
1423     assert(this->size >= pos);
1424     return this->ptr+pos;
1425 }
--- snip ---

Same applies for wide-character version.

$ sha1sum ss2.zip 
9bfd26b015a0dbc60cc199f42fd5e2a0325a7754  ss2.zip

$ du -sh ss2.zip 
832K    ss2.zip

$ wine --version
wine-1.7.45-127-g172e08e

Regards

-- 
Do not reply to this email, post in Bugzilla using the
above URL to reply.
You are receiving this mail because:
You are watching all bug changes.

More information about the wine-bugs mailing list