[Bug 46841] JASC Paint Shop Pro 8.x and 9.x crash on startup ( msvcrt c++ exception handling)
wine-bugs at winehq.org
wine-bugs at winehq.org
Mon Apr 22 06:24:12 CDT 2019
https://bugs.winehq.org/show_bug.cgi?id=46841
Anastasius Focht <focht at gmx.net> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |focht at gmx.net
Summary|JASC Paint Shop Pro 8 |JASC Paint Shop Pro 8.x and
|Crashes inside msvcrt |9.x crash on startup
| |(msvcrt c++ exception
| |handling)
--- Comment #6 from Anastasius Focht <focht at gmx.net> ---
Hello folks,
confirming. This also affects JASC Paint Shop Pro 9.01 hence refining the
summary.
As already mentioned, overriding 'msvcrt71.dll' to use the app provided native
dll over builtin works around.
--- snip ---
$ pwd
/home/focht/.wine/drive_c/Program Files (x86)/Jasc Software Inc/Paint Shop Pro
9
$ WINEDLLOVERRIDES=msvcr71=n wine ./Paint\ Shop\ Pro\ 9.exe
--- snip ---
Trace log:
--- snip ---
$ pwd
/home/focht/.wine/drive_c/Program Files (x86)/Jasc Software Inc/Paint Shop Pro
9
$ WINEDEBUG=+seh,+relay,+msvcrt wine ./Paint\ Shop\ Pro\ 9.exe >>log.txt 2>&1
...
002c:Call msvcp71.?uncaught_exception at std@@YA_NXZ() ret=073d2968
002c:Call msvcr71.__uncaught_exception() ret=7a240907
002c:Ret msvcr71.__uncaught_exception() retval=00000000 ret=7a240907
002c:Ret msvcp71.?uncaught_exception at std@@YA_NXZ() retval=00000000
ret=073d2968
002c:Call msvcr71.??0exception@@QAE at XZ(00326030) ret=073d2844
002c:trace:msvcrt:MSVCRT_exception_default_ctor (0x326030)
002c:Ret msvcr71.??0exception@@QAE at XZ() retval=00326030 ret=073d2844
002c:Call msvcr71._CxxThrowException(00326030,073d4938) ret=073d29ef
002c:Call KERNEL32.RaiseException(e06d7363,00000001,00000003,00325fc4)
ret=7a3610e5
002c:trace:seh:raise_exception code=e06d7363 flags=1 addr=0x7b4447ab
ip=7b4447ab tid=002c
002c:trace:seh:raise_exception info[0]=19930520
002c:trace:seh:raise_exception info[1]=00326030
002c:trace:seh:raise_exception info[2]=073d4938
002c:trace:seh:raise_exception eax=7b42e059 ebx=00000008 ecx=00325f04
edx=00325fc4 esi=00326030 edi=00325f80
002c:trace:seh:raise_exception ebp=00325f58 esp=00325ee4 cs=320023 ds=32002b
es=32002b fs=320063 gs=32006b flags=00000216
002c:trace:seh:call_stack_handlers calling handler at 0x73d36f8 code=e06d7363
flags=1
002c:trace:seh:call_stack_handlers handler at 0x73d36f8 returned 1
002c:trace:seh:call_stack_handlers calling handler at 0x7a36d5a0 code=e06d7363
flags=1
002c:trace:seh:catch_function_nested_handler got nested exception in catch
function
002c:trace:seh:catch_function_nested_handler detect threw new exception in
catch block
002c:trace:seh:cxx_frame_handler handling C++ exception rec 0x325ef0 frame
0x3275ac trylevel 16 descr 0x87ff7a8 nested_frame 0x326348
002c:trace:seh:dump_exception_type flags 0 destr 0x73d2590 handler (nil) type
info 0x73d492c
002c:trace:seh:dump_exception_type 0: flags 0 type 0x73d607c
{vtable=0x73d41f0 name=.?AVCJException@@ ()} offsets 0,-1,0 size 552 copy ctor
0x73d2820
002c:trace:seh:dump_exception_type 1: flags 0 type 0x73d6024
{vtable=0x73d41f0 name=.?AVexception@@ ()} offsets 0,-1,0 size 12 copy ctor
0x73d2e00
002c:trace:seh:dump_function_descr magic 19930520
002c:trace:seh:dump_function_descr unwind table: 0x87ff598 39
002c:trace:seh:dump_function_descr 0: prev -1 func 0x87d3c60
002c:trace:seh:dump_function_descr 1: prev 0 func 0x87d3c68
002c:trace:seh:dump_function_descr 2: prev 1 func 0x87d3c70
002c:trace:seh:dump_function_descr 3: prev 2 func 0x87d3c78
002c:trace:seh:dump_function_descr 4: prev 3 func 0x87d3c80
002c:trace:seh:dump_function_descr 5: prev 4 func 0x87d3c88
002c:trace:seh:dump_function_descr 6: prev 5 func 0x87d3c90
002c:trace:seh:dump_function_descr 7: prev 6 func 0x87d3c98
002c:trace:seh:dump_function_descr 8: prev 7 func 0x87d3ca0
002c:trace:seh:dump_function_descr 9: prev 8 func 0x87d3ca8
002c:trace:seh:dump_function_descr 10: prev 9 func 0x87d3cb0
002c:trace:seh:dump_function_descr 11: prev 10 func (nil)
002c:trace:seh:dump_function_descr 12: prev 11 func (nil)
002c:trace:seh:dump_function_descr 13: prev 12 func 0x87d3cb9
002c:trace:seh:dump_function_descr 14: prev 11 func (nil)
002c:trace:seh:dump_function_descr 15: prev 14 func (nil)
002c:trace:seh:dump_function_descr 16: prev 15 func 0x87d3cc1
002c:trace:seh:dump_function_descr 17: prev 14 func (nil)
002c:trace:seh:dump_function_descr 18: prev 17 func (nil)
002c:trace:seh:dump_function_descr 19: prev 18 func 0x87d3cc9
002c:trace:seh:dump_function_descr 20: prev 17 func (nil)
002c:trace:seh:dump_function_descr 21: prev 20 func (nil)
002c:trace:seh:dump_function_descr 22: prev 21 func 0x87d3cd1
002c:trace:seh:dump_function_descr 23: prev 20 func (nil)
002c:trace:seh:dump_function_descr 24: prev 11 func (nil)
002c:trace:seh:dump_function_descr 25: prev 24 func 0x87d3cd9
002c:trace:seh:dump_function_descr 26: prev 24 func 0x87d3ce1
002c:trace:seh:dump_function_descr 27: prev 26 func 0x87d3ce9
002c:trace:seh:dump_function_descr 28: prev 26 func 0x87d3cf1
002c:trace:seh:dump_function_descr 29: prev 26 func 0x87d3cf9
002c:trace:seh:dump_function_descr 30: prev 26 func 0x87d3d01
002c:trace:seh:dump_function_descr 31: prev 26 func 0x87d3d09
002c:trace:seh:dump_function_descr 32: prev 26 func 0x87d3d11
002c:trace:seh:dump_function_descr 33: prev 32 func 0x87d3d19
002c:trace:seh:dump_function_descr 34: prev 32 func 0x87d3d21
002c:trace:seh:dump_function_descr 35: prev 32 func 0x87d3d2c
002c:trace:seh:dump_function_descr 36: prev 35 func 0x87d3d38
002c:trace:seh:dump_function_descr 37: prev 11 func (nil)
002c:trace:seh:dump_function_descr 38: prev 10 func (nil)
002c:trace:seh:dump_function_descr try table: 0x87ff730 6
002c:trace:seh:dump_function_descr 0: start 21 end 22 catchlevel 23 catch
0x87ff6d0 1
002c:trace:seh:dump_function_descr 0: flags 8 offset -80 handler
0x872e278 type 0x88550c8 {vtable=0x87f8698 name=.?AVCJException@@ ()}
002c:trace:seh:dump_function_descr 1: start 18 end 19 catchlevel 23 catch
0x87ff6e0 1
002c:trace:seh:dump_function_descr 0: flags 8 offset -80 handler
0x872e1ce type 0x88550c8 {vtable=0x87f8698 name=.?AVCJException@@ ()}
002c:trace:seh:dump_function_descr 2: start 15 end 16 catchlevel 23 catch
0x87ff6f0 1
002c:trace:seh:dump_function_descr 0: flags 8 offset -80 handler
0x872e124 type 0x88550c8 {vtable=0x87f8698 name=.?AVCJException@@ ()}
002c:trace:seh:dump_function_descr 3: start 12 end 13 catchlevel 23 catch
0x87ff700 1
002c:trace:seh:dump_function_descr 0: flags 8 offset -80 handler
0x872e07a type 0x88550c8 {vtable=0x87f8698 name=.?AVCJException@@ ()}
002c:trace:seh:dump_function_descr 4: start 24 end 36 catchlevel 37 catch
0x87ff710 1
002c:trace:seh:dump_function_descr 0: flags 8 offset -24 handler
0x872e890 type 0x88550c8 {vtable=0x87f8698 name=.?AVCJException@@ ()}
002c:trace:seh:dump_function_descr 5: start 11 end 37 catchlevel 38 catch
0x87ff720 1
002c:trace:seh:dump_function_descr 0: flags 8 offset -128 handler
0x872e97b type 0x88550c8 {vtable=0x87f8698 name=.?AVCJException@@ ()}
002c:trace:seh:call_stack_handlers handler at 0x7a36d5a0 returned 1
002c:trace:seh:call_stack_handlers calling handler at 0x87d3d44 code=e06d7363
flags=1
002c:trace:seh:cxx_frame_handler handling C++ exception rec 0x325ef0 frame
0x3275ac trylevel 16 descr 0x87ff7a8 nested_frame (nil)
002c:trace:seh:dump_exception_type flags 0 destr 0x73d2590 handler (nil) type
info 0x73d492c
002c:trace:seh:dump_exception_type 0: flags 0 type 0x73d607c
{vtable=0x73d41f0 name=.?AVCJException@@ ()} offsets 0,-1,0 size 552 copy ctor
0x73d2820
002c:trace:seh:dump_exception_type 1: flags 0 type 0x73d6024
{vtable=0x73d41f0 name=.?AVexception@@ ()} offsets 0,-1,0 size 12 copy ctor
0x73d2e00
002c:trace:seh:dump_function_descr magic 19930520
002c:trace:seh:dump_function_descr unwind table: 0x87ff598 39
002c:trace:seh:dump_function_descr 0: prev -1 func 0x87d3c60
002c:trace:seh:dump_function_descr 1: prev 0 func 0x87d3c68
002c:trace:seh:dump_function_descr 2: prev 1 func 0x87d3c70
002c:trace:seh:dump_function_descr 3: prev 2 func 0x87d3c78
002c:trace:seh:dump_function_descr 4: prev 3 func 0x87d3c80
002c:trace:seh:dump_function_descr 5: prev 4 func 0x87d3c88
002c:trace:seh:dump_function_descr 6: prev 5 func 0x87d3c90
002c:trace:seh:dump_function_descr 7: prev 6 func 0x87d3c98
002c:trace:seh:dump_function_descr 8: prev 7 func 0x87d3ca0
002c:trace:seh:dump_function_descr 9: prev 8 func 0x87d3ca8
002c:trace:seh:dump_function_descr 10: prev 9 func 0x87d3cb0
002c:trace:seh:dump_function_descr 11: prev 10 func (nil)
002c:trace:seh:dump_function_descr 12: prev 11 func (nil)
002c:trace:seh:dump_function_descr 13: prev 12 func 0x87d3cb9
002c:trace:seh:dump_function_descr 14: prev 11 func (nil)
002c:trace:seh:dump_function_descr 15: prev 14 func (nil)
002c:trace:seh:dump_function_descr 16: prev 15 func 0x87d3cc1
002c:trace:seh:dump_function_descr 17: prev 14 func (nil)
002c:trace:seh:dump_function_descr 18: prev 17 func (nil)
002c:trace:seh:dump_function_descr 19: prev 18 func 0x87d3cc9
002c:trace:seh:dump_function_descr 20: prev 17 func (nil)
002c:trace:seh:dump_function_descr 21: prev 20 func (nil)
002c:trace:seh:dump_function_descr 22: prev 21 func 0x87d3cd1
002c:trace:seh:dump_function_descr 23: prev 20 func (nil)
002c:trace:seh:dump_function_descr 24: prev 11 func (nil)
002c:trace:seh:dump_function_descr 25: prev 24 func 0x87d3cd9
002c:trace:seh:dump_function_descr 26: prev 24 func 0x87d3ce1
002c:trace:seh:dump_function_descr 27: prev 26 func 0x87d3ce9
002c:trace:seh:dump_function_descr 28: prev 26 func 0x87d3cf1
002c:trace:seh:dump_function_descr 29: prev 26 func 0x87d3cf9
002c:trace:seh:dump_function_descr 30: prev 26 func 0x87d3d01
002c:trace:seh:dump_function_descr 31: prev 26 func 0x87d3d09
002c:trace:seh:dump_function_descr 32: prev 26 func 0x87d3d11
002c:trace:seh:dump_function_descr 33: prev 32 func 0x87d3d19
002c:trace:seh:dump_function_descr 34: prev 32 func 0x87d3d21
002c:trace:seh:dump_function_descr 35: prev 32 func 0x87d3d2c
002c:trace:seh:dump_function_descr 36: prev 35 func 0x87d3d38
002c:trace:seh:dump_function_descr 37: prev 11 func (nil)
002c:trace:seh:dump_function_descr 38: prev 10 func (nil)
002c:trace:seh:dump_function_descr try table: 0x87ff730 6
002c:trace:seh:dump_function_descr 0: start 21 end 22 catchlevel 23 catch
0x87ff6d0 1
002c:trace:seh:dump_function_descr 0: flags 8 offset -80 handler
0x872e278 type 0x88550c8 {vtable=0x87f8698 name=.?AVCJException@@ ()}
002c:trace:seh:dump_function_descr 1: start 18 end 19 catchlevel 23 catch
0x87ff6e0 1
002c:trace:seh:dump_function_descr 0: flags 8 offset -80 handler
0x872e1ce type 0x88550c8 {vtable=0x87f8698 name=.?AVCJException@@ ()}
002c:trace:seh:dump_function_descr 2: start 15 end 16 catchlevel 23 catch
0x87ff6f0 1
002c:trace:seh:dump_function_descr 0: flags 8 offset -80 handler
0x872e124 type 0x88550c8 {vtable=0x87f8698 name=.?AVCJException@@ ()}
002c:trace:seh:dump_function_descr 3: start 12 end 13 catchlevel 23 catch
0x87ff700 1
002c:trace:seh:dump_function_descr 0: flags 8 offset -80 handler
0x872e07a type 0x88550c8 {vtable=0x87f8698 name=.?AVCJException@@ ()}
002c:trace:seh:dump_function_descr 4: start 24 end 36 catchlevel 37 catch
0x87ff710 1
002c:trace:seh:dump_function_descr 0: flags 8 offset -24 handler
0x872e890 type 0x88550c8 {vtable=0x87f8698 name=.?AVCJException@@ ()}
002c:trace:seh:dump_function_descr 5: start 11 end 37 catchlevel 38 catch
0x87ff720 1
002c:trace:seh:dump_function_descr 0: flags 8 offset -128 handler
0x872e97b type 0x88550c8 {vtable=0x87f8698 name=.?AVCJException@@ ()}
002c:trace:seh:call_catch_block matched type 0x73d4910 in tryblock 2 catchblock
0
002c:trace:seh:_CreateFrameInfo (0x3259dc, 0x326030)
002c:trace:seh:__regs_RtlUnwind code=e06d7363 flags=3
002c:trace:seh:__regs_RtlUnwind eax=00000000 ebx=00325ef0 ecx=00325910
edx=003254a5 esi=003275ac edi=087ff758
002c:trace:seh:__regs_RtlUnwind ebp=00325ab8 esp=00325920 eip=7a36cb3f cs=0023
ds=002b fs=0063 gs=006b flags=00000246
002c:trace:seh:__regs_RtlUnwind calling handler at 0x7bc92f70 code=e06d7363
flags=3
002c:trace:seh:__regs_RtlUnwind handler at 0x7bc92f70 returned 1
002c:trace:seh:__regs_RtlUnwind calling handler at 0x73d36f8 code=e06d7363
flags=3
002c:trace:seh:cxx_local_unwind calling unwind handler 0x73d36f0 trylevel 0
last -1 ebp 0x326274
002c:Call msvcr71.??1exception@@UAE at XZ(0b79a008) ret=073d27c2
002c:trace:msvcrt:MSVCRT_exception_dtor (0xb79a008)
002c:Ret msvcr71.??1exception@@UAE at XZ() retval=00000000 ret=073d27c2
002c:Call msvcr71.free(0b79a008) ret=073d27cd
002c:Call ntdll.RtlFreeHeap(07280000,00000000,0b79a008) ret=7a37d3e9
002c:Ret ntdll.RtlFreeHeap() retval=00000001 ret=7a37d3e9
002c:Ret msvcr71.free() retval=00000001 ret=073d27cd
002c:trace:seh:__regs_RtlUnwind handler at 0x73d36f8 returned 1
002c:trace:seh:__regs_RtlUnwind calling handler at 0x7a36d5a0 code=e06d7363
flags=3
002c:trace:seh:__CxxUnregisterExceptionObject (0x32635c)
002c:trace:seh:_FindAndUnlinkFrame (0x32635c)
002c:trace:seh:_IsExceptionObjectToBeDestroyed 0x3269a4
002c:trace:seh:__DestructExceptionObject (0x326870)
002c:Call msvcr71.??1exception@@UAE at XZ(003269a4) ret=7a36b85c
002c:trace:msvcrt:MSVCRT_exception_dtor (0x3269a4)
002c:Ret msvcr71.??1exception@@UAE at XZ() retval=00000000 ret=7a36b85c
002c:trace:seh:__regs_RtlUnwind handler at 0x7a36d5a0 returned 1
002c:trace:seh:cxx_local_unwind calling unwind handler 0x87d3cc1 trylevel 16
last 15 ebp 0x3275b8
002c:trace:seh:call_catch_block calling catch block 0x87ff6f0 addr 0x872e124
ebp 0x3275b8
002c:Call msvcr71.malloc(00000088) ret=071993cd
002c:Call ntdll.RtlAllocateHeap(07280000,00000000,00000088) ret=7a37d390
002c:Ret ntdll.RtlAllocateHeap() retval=0b799e68 ret=7a37d390
....
002c:Call ntdll.RtlAllocateHeap(07280000,00000000,00000022) ret=7a37d390
002c:Ret ntdll.RtlAllocateHeap() retval=0b79a620 ret=7a37d390
002c:Ret msvcr71.malloc() retval=0b79a620 ret=0719a438
002c:Call msvcr71.memcpy(0b79a630,07250078,00000001) ret=0719a3fe
002c:Ret msvcr71.memcpy() retval=0b79a630 ret=0719a3fe
002c:Call msvcr71.memcpy(0b79a630,0b799dc0,00000011) ret=0719a534
002c:Ret msvcr71.memcpy() retval=0b79a630 ret=0719a534
002c:Call msvcr71.free(0b799dc0) ret=0872fb68
002c:Call ntdll.RtlFreeHeap(07280000,00000000,0b799dc0) ret=7a37d3e9
002c:Ret ntdll.RtlFreeHeap() retval=00000001 ret=7a37d3e9
002c:Ret msvcr71.free() retval=00000001 ret=0872fb68
002c:trace:seh:__CxxUnregisterExceptionObject (0x3259dc)
002c:trace:seh:_FindAndUnlinkFrame (0x3259dc)
002c:trace:seh:_IsExceptionObjectToBeDestroyed 0x326030
002c:trace:seh:__DestructExceptionObject (0x325ef0)
002c:Call msvcr71.??1exception@@UAE at XZ(00326030) ret=7a36b85c
002c:trace:msvcrt:MSVCRT_exception_dtor (0x326030)
002c:Ret msvcr71.??1exception@@UAE at XZ() retval=00000000 ret=7a36b85c
002c:trace:seh:call_catch_block done, continuing at 0x872e11e
002c:trace:seh:__CxxUnregisterExceptionObject (0x32635c)
002c:trace:seh:_FindAndUnlinkFrame (0x32635c)
002c:trace:seh:raise_exception code=c0000005 flags=0 addr=0x7a36b696
ip=7a36b696 tid=002c
002c:trace:seh:raise_exception info[0]=00000000
002c:trace:seh:raise_exception info[1]=00000004
002c:trace:seh:raise_exception eax=0000002e ebx=00000000 ecx=00325db0
edx=01234ad8 esi=0032635c edi=7a3f8000
002c:trace:seh:raise_exception ebp=00326228 esp=00326200 cs=0023 ds=002b
es=002b fs=0063 gs=006b flags=00010293
002c:trace:seh:call_stack_handlers calling handler at 0x87d3d44 code=c0000005
flags=0
002c:trace:seh:cxx_frame_handler handling C exception code c0000005 rec
0x3261a8 frame 0x3275ac trylevel 18 descr 0x87ff7a8 nested_frame (nil)
002c:trace:seh:call_stack_handlers handler at 0x87d3d44 returned 1
0062:Ret KERNEL32.Sleep() retval=093ffe5c ret=00360315
002c:trace:seh:call_stack_handlers calling handler at 0x583b7c code=c0000005
flags=0
0062:Call KERNEL32.GetExitCodeThread(00000364,093ffe84) ret=00359fb9
002c:trace:seh:cxx_frame_handler handling C exception code c0000005 rec
0x3261a8 frame 0x327854 trylevel 7 descr 0x5d4ed0 nested_frame (nil)
002c:trace:seh:call_stack_handlers handler at 0x583b7c returned 1
002c:trace:seh:call_stack_handlers calling handler at 0x892e83c code=c0000005
flags=0
002c:trace:seh:cxx_frame_handler handling C exception code c0000005 rec
0x3261a8 frame 0x327b40 trylevel 3 descr 0x89419c0 nested_frame (nil)
002c:trace:seh:call_stack_handlers handler at 0x892e83c returned 1
...
--- snip ---
One frame gets unlinked two times in nested C++ exception handling
(CXX_FRAME_MAGIC_VC6), causing page fault. Maybe some quirk in older VC++
runtime exception handling (vs. unified code base)?
There are a lot of C++ exceptions on startup by design (plugin loading/first
time init), partially nested so one has to use some trickery to reach that
place. Also the call sites are pretty much the same (PSP script engine ->
embedded Python interpreter).
For PSP 9.01:
If the debugger supports it, place a conditional module load breakpoint and
filter for 'JascCmdPyScriptRC.dll' after attaching, before dismissing the trial
dialog:
--- snip ---
Type Address Module/Label/Exception State Disassembly Hitcount Summary
DLL FFFFFFFF JascCmdPyScriptRC.dll Enabled 1 all()
--- snip ---
After hitting that one, add another one for catching CPP_EH_EXCEPTION
first-chance exceptions with hitcount of 15 (16th time it goes haywire).
--- snip ---
Type Address Module/Label/Exception State Disassembly Hitcount Summary
Exception E06D7363 CPP_EH_EXCEPTION Enabled 15 firstchance()
--- snip ---
$ sha1sum psp9.exe
cd15e0959d1f9e48894d40afea16afe455c9e655 psp9.exe
$ du -sh psp9.exe
108M psp9.exe
$ wine --version
wine-4.6-108-g9d7d68747b
Regards
--
Do not reply to this email, post in Bugzilla using the
above URL to reply.
You are receiving this mail because:
You are watching all bug changes.
More information about the wine-bugs
mailing list