[Bug 38239] MATLAB R2014b/R2015a crashes on startup ("libut.dll" failed to initialize) ('_Getcvt' must use caller allocated hidden parameter for returning '_Cvtvec' structure)
wine-bugs at winehq.org
wine-bugs at winehq.org
Fri Mar 20 05:58:54 CDT 2015
https://bugs.winehq.org/show_bug.cgi?id=38239
Anastasius Focht <focht at gmx.net> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|UNCONFIRMED |NEW
CC| |focht at gmx.net
Component|-unknown |msvcp
Summary|MATLAB R2014b/R2015a: Crash |MATLAB R2014b/R2015a
|on Startup ("libut.dll" |crashes on startup
|failed to initialize) |("libut.dll" failed to
| |initialize) ('_Getcvt' must
| |use caller allocated hidden
| |parameter for returning
| |'_Cvtvec' structure)
Ever confirmed|0 |1
--- Comment #7 from Anastasius Focht <focht at gmx.net> ---
Hello folks,
confirming.
I found a distributed backup to play with ...
--- snip ---
$ pwd
/home/focht/.wine/drive_c/Program Files/MATLAB/R2014b/bin
$ WINEDEBUG=+tid,+seh,+relay,+msvcrt wine ./matlab.exe >>log.txt 2>&1
...
0029:Ret msvcr110.setlocale() retval=04cb26f0 ret=7e9d6bf8
0029:Call msvcr110.strlen(04cb26f0 "C") ret=7e9fb2f8
0029:Ret msvcr110.strlen() retval=00000001 ret=7e9fb2f8
0029:Call msvcr110.??2 at YAPAXI@Z(00000002) ret=7e9fb30e
0029:Call ntdll.RtlAllocateHeap(04cb0000,00000000,00000002) ret=7e8dcadf
0029:Ret ntdll.RtlAllocateHeap() retval=04cffc60 ret=7e8dcadf
0029:Ret msvcr110.??2 at YAPAXI@Z() retval=04cffc60 ret=7e9fb30e
0029:Call msvcr110.memcpy(04cffc60,04cb26f0,00000002) ret=7e9fb38a
0029:Ret msvcr110.memcpy() retval=04cffc60 ret=7e9fb38a
0029:Ret msvcp110.??0_Locinfo at std@@QAE at PBD@Z() retval=00c2fa98 ret=00271665
0029:Call msvcr110.localeconv() ret=0027310c
0029:Ret msvcr110.localeconv() retval=04cb0458 ret=0027310c
0029:Call msvcp110._Getcvt() ret=0027311d
0029:Call msvcr110.___lc_codepage_func() ret=7e9d724d
0029:Ret msvcr110.___lc_codepage_func() retval=00000000 ret=7e9d724d
0029:Call msvcr110._get_current_locale() ret=7e9d5d45
0029:Call ntdll.RtlAllocateHeap(04cb0000,00000000,00000008) ret=7e8dcadf
0029:Ret ntdll.RtlAllocateHeap() retval=04cf2918 ret=7e8dcadf
0029:Ret msvcr110._get_current_locale() retval=04cf2918 ret=7e9d5d45
0029:Call msvcr110._free_locale(04cf2918) ret=7e9d5d5e
0029:Call ntdll.RtlFreeHeap(04cb0000,00000000,04cf2918) ret=7e8dccea
0029:Ret ntdll.RtlFreeHeap() retval=00000001 ret=7e8dccea
0029:Ret msvcr110._free_locale() retval=00000001 ret=7e9d5d5e
0029:Ret msvcp110._Getcvt() retval=0000000000000000 ret=0027311d
0029:trace:seh:raise_exception code=c0000005 flags=0 addr=0x27311d ip=0027311d
tid=0029
0029:trace:seh:raise_exception info[0]=00000000
0029:trace:seh:raise_exception info[1]=00000000
0029:trace:seh:raise_exception eax=00000000 ebx=04cb0708 ecx=04cb0708
edx=00000000 esi=04cb0458 edi=7e9ac1f8
0029:trace:seh:raise_exception ebp=00c2fa84 esp=00c2f9fc cs=0023 ds=002b
es=002b fs=0063 gs=006b flags=00010202
0029:trace:seh:call_stack_handlers calling handler at 0x2b77f0 code=c0000005
flags=0
0029:trace:seh:call_stack_handlers handler at 0x2b77f0 returned 1
--- snip ---
Caller code:
--- snip ---
...
002730E0 55 PUSH EBP
002730E1 8BEC MOV EBP,ESP
002730E3 6A FF PUSH -1
002730E5 68 F0772B00 PUSH 002B77F0
002730EA 64:A1 00000000 MOV EAX,DWORD PTR FS:[0]
002730F0 50 PUSH EAX
002730F1 64:8925 00000000 MOV DWORD PTR FS:[0],ESP
002730F8 83EC 6C SUB ESP,6C
002730FB 53 PUSH EBX
002730FC 56 PUSH ESI
002730FD 57 PUSH EDI
002730FE 8BD9 MOV EBX,ECX
00273100 8965 F0 MOV DWORD PTR SS:[EBP-10],ESP
00273103 895D EC MOV DWORD PTR SS:[EBP-14],EBX
00273106 FF15 B4032C00 CALL DWORD PTR DS:[<&MSVCR110.localeconv>]
0027310C 8B3D 94012C00 MOV EDI,DWORD PTR DS:[<&MSVCP110._Getcvt>]
00273112 8BF0 MOV ESI,EAX
00273114 8D45 88 LEA EAX,[EBP-78]
00273117 50 PUSH EAX
00273118 8975 E4 MOV DWORD PTR SS:[EBP-1C],ESI
0027311B FFD7 CALL EDI
0027311D F30F7E00 MOVQ XMM0,QWORD PTR DS:[EAX] ; *boom*
00273121 660FD645 B4 MOVQ QWORD PTR SS:[EBP-4C],XMM0
00273126 F30F7E40 08 MOVQ XMM0,QWORD PTR DS:[EAX+8]
0027312B 660FD645 BC MOVQ QWORD PTR SS:[EBP-44],XMM0
00273130 F30F7E40 10 MOVQ XMM0,QWORD PTR DS:[EAX+10]
00273135 660FD645 C4 MOVQ QWORD PTR SS:[EBP-3C],XMM0
0027313A F30F7E40 18 MOVQ XMM0,QWORD PTR DS:[EAX+18]
0027313F 660FD645 CC MOVQ QWORD PTR SS:[EBP-34],XMM0
00273144 F30F7E40 20 MOVQ XMM0,QWORD PTR DS:[EAX+20]
00273149 660FD645 D4 MOVQ QWORD PTR SS:[EBP-2C],XMM0
0027314E 8B40 28 MOV EAX,DWORD PTR DS:[EAX+28]
00273151 83C4 04 ADD ESP,4
00273154 807D 0C 00 CMP BYTE PTR SS:[EBP+0C],0
--- snip ---
Tail disassembly of Wine's '_Getcvt' implementation:
--- snip ---
...
.text:00079974 call ___lc_codepage_func
.text:00079979 mov dword ptr [ebp+ret+4], eax
.text:0007997C call ___lc_handle_func
.text:00079981 mov eax, [eax+8]
.text:00079984 mov dword ptr [ebp+ret], eax
.text:00079987 mov eax, dword ptr [ebp+ret]
.text:0007998A mov edx, dword ptr [ebp+ret+4]
.text:0007998D add esp, 24h
.text:00079990 pop ebx
.text:00079991 pop ebp
.text:00079992 retn
--- snip ---
Looks like the caller expects '_Getcvt' to use caller allocated hidden
parameter for return in EAX and not EDX:EAX for structure data (which would be
correct for 8-byte structure).
The '_Cvtvec' structure size is likely not 8 bytes.
Some interesting information:
http://blog.aaronballman.com/2012/02/describing-the-msvc-abi-for-structure-return-types/
("Describing the MSVC ABI for Structure Return Types").
Use 'winetricks -q vcrun2012' as workaround.
Regards
--
Do not reply to this email, post in Bugzilla using the
above URL to reply.
You are receiving this mail because:
You are watching all bug changes.
More information about the wine-bugs
mailing list