[Bug 47137] HX Edit v2.71 (Line 6) crashes on startup (Wine builtin ' gdiplus.dll' missing version resource)
wine-bugs at winehq.org
wine-bugs at winehq.org
Sun May 19 06:04:42 CDT 2019
https://bugs.winehq.org/show_bug.cgi?id=47137
Anastasius Focht <focht at gmx.net> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |focht at gmx.net
Component|-unknown |gdiplus
Summary|HX Edit (Line 6) : crashes |HX Edit v2.71 (Line 6)
|on launch |crashes on startup (Wine
| |builtin 'gdiplus.dll'
| |missing version resource)
--- Comment #7 from Anastasius Focht <focht at gmx.net> ---
Hello folks,
confirming.
--- snip ---
$ pwd
/home/focht/.wine/drive_c/Program Files (x86)/Line6/HX Edit
$ file *.{dll,exe}
msvcp100.dll: PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
msvcp120.dll: PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
msvcr100.dll: PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
msvcr120.dll: PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
pthreadVC2.dll: PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
HX Edit.exe: PE32 executable (GUI) Intel 80386, for MS Windows
Uninstall.exe: PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft
Installer self-extracting archive
$ WINEDEBUG=+seh,+relay,+wbemprox wine ./HX\ Edit.exe >>log.txt 2>&1
...
0034:trace:seh:raise_exception code=c0000005 flags=0 addr=0x649dd0 ip=00649dd0
tid=0034
0034:trace:seh:raise_exception info[0]=00000000
0034:trace:seh:raise_exception info[1]=00000000
0034:trace:seh:raise_exception eax=00000000 ebx=00000000 ecx=0190f9d0
edx=00000001 esi=00000000 edi=0191a040
0034:trace:seh:raise_exception ebp=0034f9b8 esp=0034f9a4 cs=0023 ds=002b
es=002b fs=0063 gs=006b flags=00010202
0034:trace:seh:call_stack_handlers calling handler at 0x821e78 code=c0000005
flags=0
...Unhandled exception: page fault on read access to 0x00000000 in 32-bit code
(0x00649dd0).
Register dump:
CS:0023 SS:002b DS:002b ES:002b FS:0063 GS:006b
EIP:00649dd0 ESP:0034f9a4 EBP:0034f9b8 EFLAGS:00010202( R- -- I - - - )
EAX:00000000 EBX:00000000 ECX:0190f9d0 EDX:00000001
ESI:00000000 EDI:0191a040
...
Backtrace:
=>0 0x00649dd0 EntryPoint+0xffffffff() in hx edit (0x0034f9b8)
1 0x007a1d77 EntryPoint+0xffffffff() in hx edit (0x0034f9d4)
2 0x007a1d9f EntryPoint+0xffffffff() in hx edit (0x0034f9f0)
3 0x007bb3d0 EntryPoint+0xffffffff() in hx edit (0x0034fa18)
4 0x006479f3 EntryPoint+0xffffffff() in hx edit (0x0034fa58)
5 0x0062a5c8 EntryPoint+0xffffffff() in hx edit (0x0034faf0)
6 0x00543c47 EntryPoint+0xffffffff() in hx edit (0x0034fb5c)
7 0x005433a7 EntryPoint+0xffffffff() in hx edit (0x0034fbac)
8 0x0074e4cd EntryPoint+0xffffffff() in hx edit (0x0034fe84)
9 0x007e84ed EntryPoint+0xffffffff() in hx edit (0x0034fed0)
10 0x7b47aee2 call_process_entry+0x11() in kernel32 (0x0034fee8)
11 0x7b47d5c6 start_process+0x105(entry=<couldn't compute location>,
peb=<couldn't compute location>)
[/home/focht/projects/wine/mainline-src/dlls/kernel32/process.c:1257] in
kernel32 (0x0034ffd8)
12 0x7b47aeee start_process_wrapper+0x9() in kernel32 (0x0034ffec)
0x00649dd0 EntryPoint+0xffffffff in hx edit: movl 0x0(%esi),%edx
Modules:
Module Address Debug info Name (128 modules)
PE 400000- c3e000 Export hx edit
PE 10000000-1000c000 Deferred pthreadvc2
ELF 7a800000-7a944000 Deferred opengl32<elf>
\-PE 7a840000-7a944000 \ opengl32
ELF 7b1ed000-7b36c000 Deferred wined3d<elf>
\-PE 7b230000-7b36c000 \ wined3d
ELF 7b36c000-7b3a9000 Deferred dxgi<elf>
\-PE 7b380000-7b3a9000 \ dxgi
ELF 7b400000-7b841000 Dwarf kernel32<elf>
\-PE 7b430000-7b841000 \ kernel32
...
ELF f7e00000-f7fb6000 Dwarf libwine.so.1
ELF f7fb8000-f7fe1000 Deferred ld-linux.so.2
ELF f7fe4000-f7fe5000 Deferred [vdso].so
Threads:
process tid prio (all id:s are in hex)
...
00000033 (D) C:\Program Files (x86)\Line6\HX Edit\HX Edit.exe
00000035 0
00000034 0 <==
--- snip ---
There is nothing in the trace log/crash that hints at the problem hence one has
to debug it.
Checking the crash site:
--- snip ---
00649D70 | push ebp
00649D71 | mov ebp,esp
00649D73 | sub esp,8
00649D76 | push esi
00649D77 | mov esi,dword ptr ss:[ebp+8]
00649D7A | push edi
00649D7B | push dword ptr ss:[ebp+C]
00649D7E | mov edi,ecx
00649D80 | push esi
00649D81 | call hx edit.7A3FE0
00649D86 | cmp esi,80000001
00649D8C | jne hx edit.649E37
00649D92 | push 1
00649D94 | push 65747874
00649D99 | mov ecx,edi
00649D9B | call hx edit.7A2CF0
00649DA0 | mov dword ptr ds:[edi+34],eax
00649DA3 | test eax,eax
00649DA5 | je hx edit.649E37
00649DAB | lea eax,dword ptr ss:[ebp-8]
00649DAE | mov dword ptr ss:[ebp-8],1
00649DB5 | push eax
00649DB6 | mov dword ptr ss:[ebp-4],1
00649DBD | call hx edit.7B29F0 ; EAX = retval = NULL
00649DC2 | mov ecx,dword ptr ds:[edi+34]
00649DC5 | add esp,4
00649DC8 | mov esi,eax ; ESI = NULL
00649DCA | push dword ptr ds:[ecx+C0]
00649DD0 | mov edx,dword ptr ds:[esi] ; *boom*
00649DD2 | add ecx,38
00649DD5 | push ecx
00649DD6 | mov ecx,esi
00649DD8 | call dword ptr ds:[edx+80]
...
--- snip ---
The sub-routine that returned NULL:
--- snip ---
007B29F0 | push ebp
007B29F1 | mov ebp,esp
007B29F3 | push FFFFFFFF
007B29F5 | push hx edit.8280FB
007B29FA | mov eax,dword ptr fs:[0]
007B2A00 | push eax
007B2A01 | push ecx
007B2A02 | mov eax,dword ptr ds:[A2F840]
007B2A07 | xor eax,ebp
007B2A09 | push eax
007B2A0A | lea eax,dword ptr ss:[ebp-C]
007B2A0D | mov dword ptr fs:[0],eax
007B2A13 | cmp dword ptr ds:[A46720],0 ; var == 0 ?
007B2A1A | je hx edit.7B2A50
007B2A1C | push 10CC
007B2A21 | call hx edit.7E245E
007B2A26 | add esp,4
007B2A29 | mov dword ptr ss:[ebp-10],eax
007B2A2C | mov dword ptr ss:[ebp-4],0
007B2A33 | test eax,eax
007B2A35 | je hx edit.7B2A50
007B2A37 | push dword ptr ss:[ebp+8]
007B2A3A | mov ecx,eax
007B2A3C | call hx edit.7C4910
007B2A41 | mov ecx,dword ptr ss:[ebp-C]
007B2A44 | mov dword ptr fs:[0],ecx
007B2A4B | pop ecx
007B2A4C | mov esp,ebp
007B2A4E | pop ebp
007B2A4F | ret
007B2A50 | xor eax,eax ; bad code path, retval = NULL
007B2A52 | mov ecx,dword ptr ss:[ebp-C]
007B2A55 | mov dword ptr fs:[0],ecx
007B2A5C | pop ecx
007B2A5D | mov esp,ebp
007B2A5F | pop ebp
007B2A60 | ret
--- snip ---
Now we have to find the code that writes to memory location 0xA46720.
Searching for all direct (immediate value) references to 0xA46720 yields:
--- snip ---
007B2A13 cmp dword ptr ds:[A46720],0
007C08D4 cmp dword ptr ds:[A46720],0
007C096B cmp dword ptr ds:[A46720],0
007C0D65 cmp dword ptr ds:[A46720],0
007C37F1 mov dword ptr ds:[A46720],eax ; yay, here we go
007C40D5 cmp dword ptr ds:[A46720],0
007C48E0 cmp dword ptr ds:[A46720],0
007C5529 cmp dword ptr ds:[A46720],esi
007C5688 cmp dword ptr ds:[A46720],0
007C5B50 cmp dword ptr ds:[A46720],0
007C5C8D cmp dword ptr ds:[A46720],0
007C5CC0 cmp dword ptr ds:[A46720],0
007C6AA7 cmp dword ptr ds:[A46720],0
007C77AC cmp dword ptr ds:[A46720],0
--- snip ---
Which brings us here:
--- snip ---
007C37D0 | push ebp
007C37D1 | mov ebp,esp
007C37D3 | sub esp,14
007C37D6 | lea eax,dword ptr ss:[ebp-4]
007C37D9 | mov dword ptr ss:[ebp-4],0
007C37E0 | push eax
007C37E1 | push hx edit.98FF28 ; L"gdiplus.dll"
007C37E6 | call hx edit.74E6B2 ; GetFileVersionInfoSizeW
007C37EB | neg eax
007C37ED | sbb eax,eax
007C37EF | neg eax
007C37F1 | mov dword ptr ds:[A46720],eax ; result
007C37F6 | je hx edit.7C387D
007C37FC | push esi
007C37FD | push 0
007C37FF | lea eax,dword ptr ss:[ebp-14]
007C3802 | mov dword ptr ss:[ebp-14],1
007C3809 | push eax
007C380A | push hx edit.A46728
007C380F | mov dword ptr ss:[ebp-10],0
007C3816 | mov dword ptr ss:[ebp-C],0
007C381D | mov dword ptr ss:[ebp-8],0
007C3824 | call hx edit.80B99C
...
--- snip ---
Armed with that information we can go back to the tracelog and find this place:
--- snip ---
...
0034:Call version.GetFileVersionInfoSizeW(0098ff28 L"gdiplus.dll",0034fa08)
ret=007c37eb
...
0034:Ret version.GetFileVersionInfoSizeW() retval=00000000 ret=007c37eb
...
--- snip ---
That call was done very early at startup and there was no visible relation to
the actual crash.
Wine source:
https://source.winehq.org/git/wine.git/blob/HEAD:/dlls/gdiplus/gdiplus.rc
--- snip ---
...
21 /* @makedep: gdiplus.manifest */
22 WINE_MANIFEST 24 gdiplus.manifest
23
24 /* @makedep: gdiplus11.manifest */
25 WINE_MANIFEST11 24 gdiplus11.manifest
--- snip ---
Quick test to verify the finding: 'winetricks -q gdiplus' (native has version
resource).
Indeed, it makes the app start.
$ sha1sum HX\ Edit\ v2.71\ Installer.exe
33c1ba4d6242ea11ef9d529e40fca1d07d679d63 HX Edit v2.71 Installer.exe
$ du -sh HX\ Edit\ v2.71\ Installer.exe
78M HX Edit v2.71 Installer.exe
$ wine --version
wine-4.8-202-g61aea5a987
Regards
--
Do not reply to this email, post in Bugzilla using the
above URL to reply.
You are receiving this mail because:
You are watching all bug changes.
More information about the wine-bugs
mailing list