[Bug 31360] Bobcad v21 crashes on startup
WineHQ Bugzilla
wine-bugs at winehq.org
Sat Dec 5 06:00:47 CST 2020
https://bugs.winehq.org/show_bug.cgi?id=31360
Anastasius Focht <focht at gmx.net> changed:
What |Removed |Added
----------------------------------------------------------------------------
URL|http://bobcad.com/wp-conten |https://web.archive.org/web
|t/media/updates/archive/v21 |/20111102035423/http://www.
|.5.3.exe |bobcad.com/wp-content/media
| |/updates/archive/v21.5.3.ex
| |e
--- Comment #4 from Anastasius Focht <focht at gmx.net> ---
Hello joaopa,
--- quote ---
With wine-5.22 and mfc42u.dll installed, install process finished properly.
Can an administrator close this bug as FIXED?
--- quote ---
No, nothing has been fixed. The app still crashes on startup.
It was never about the installer.
Adding stable download link via Internet Archive:
https://web.archive.org/web/20111102035423/http://www.bobcad.com/wp-content/media/updates/archive/v21.5.3.exe
To prove it's exactly the same issue I analysed six years ago:
--- snip ---
$ pwd
/home/focht/.wine/drive_c/Program Files (x86)/BobCAD-CAM
$ WINEDEBUG=+seh,+loaddll,+relay,+ole wine ./Bobcad21.exe >>log.txt 2>&1
...
0128:Call
combase.CoCreateInstance(00c896bc,00000000,00000001,00ce7524,0031f47c)
ret=0046291c
0128:trace:ole:CoCreateInstance {76330d00-8446-11d2-9fac-00a024d91db2},
00000000, 0x1, {0000010b-0000-0000-c000-000000000046}, 0031F47C.
0128:trace:ole:CoCreateInstanceEx {76330d00-8446-11d2-9fac-00a024d91db2},
00000000, 0x1, 00000000, 1, 0031F3F0
0128:trace:ole:CoGetTreatAsClass {76330d00-8446-11d2-9fac-00a024d91db2},
0031F388.
...
0128:trace:ole:apartment_release 12400000128: after = 1
...
0128:Call KERNEL32.OutputDebugStringA(0361f844
"COleHelperObject::COleHelperObject 0361F758\n") ret=007620a5
0128:Ret KERNEL32.OutputDebugStringA() retval=00000000 ret=007620a5
...
0128:Call KERNEL32.OutputDebugStringA(0361f844
"COleHelperObject::FinalConstruct 0361F758\n") ret=007620a5
0128:Ret KERNEL32.OutputDebugStringA() retval=00000000 ret=007620a5
...
0128:Call
ole32.OleCreateEmbeddingHelper(00c896bc,0361f758,00010001,0361f638,00ce9244,0361f778)
ret=00746f2f
0128:trace:ole:OleCreateEmbeddingHelper
({76330d00-8446-11d2-9fac-00a024d91db2}, 0361F758, 00010001, 0361F638,
{00000000-0000-0000-c000-000000000046}, 0361F778)
...
0128:trace:ole:CreateDataCache ({76330d00-8446-11d2-9fac-00a024d91db2},
0361F758, {00000000-0000-0000-c000-000000000046}, 03ABAAC8)
...
0128:Call KERNEL32.OutputDebugStringA(0361f844 "COleHelperObject::FinalRelease
0361F758\n") ret=007620a5
0128:Ret KERNEL32.OutputDebugStringA() retval=00000000 ret=007620a5
...
0128:Call KERNEL32.OutputDebugStringA(0361f854
"COleHelperObject::~COleHelperObject 0361F758\n") ret=007620a5
0128:Ret KERNEL32.OutputDebugStringA() retval=00000000 ret=007620a5
...
0128:Ret ole32.OleCreateEmbeddingHelper() retval=00000000 ret=00746f2f
0128:Call KERNEL32.InterlockedDecrement(0361f63c) ret=00745050
0128:Ret KERNEL32.InterlockedDecrement() retval=00000003 ret=00745050
0128:trace:seh:dispatch_exception code=c0000005 flags=0 addr=036000BC
ip=036000bc tid=0128
0128:trace:seh:dispatch_exception info[0]=00000001
0128:trace:seh:dispatch_exception info[1]=00000000
0128:trace:seh:dispatch_exception eax=00000000 ebx=0031f39c ecx=03633720
edx=00ce7524 esi=0361f758 edi=00000000
0128:trace:seh:dispatch_exception ebp=0031f308 esp=003192fc cs=0023 ds=002b
es=002b fs=0063 gs=006b flags=00210246
0128:trace:seh:call_vectored_handlers calling handler at 7B00F270 code=c0000005
flags=0
0128:trace:seh:call_vectored_handlers handler at 7B00F270 returned 0
0128:trace:seh:call_stack_handlers calling handler at 00C36AC0 code=c0000005
flags=0
0128:trace:seh:cxx_frame_handler handling C exception code c0000005 rec
00319128 frame 0031F338 trylevel -1 descr 00D2D030 nested_frame 00000000
0128:trace:seh:call_stack_handlers handler at 00C36AC0 returned 1
0128:trace:seh:call_stack_handlers calling handler at 00C168C8 code=c0000005
flags=0
...
wine: Unhandled page fault on write access to 00000000 at address 036000BC
(thread 0128), starting debugger...
--- snip ---
Disassembly before crash:
--- snip ---
00746EC0 | push FFFFFFFF
00746EC2 | push bobcad21.C368A8
00746EC7 | mov eax,dword ptr fs:[0]
00746ECD | push eax
00746ECE | mov dword ptr fs:[0],esp
00746ED5 | push ecx
00746ED6 | push esi
00746ED7 | mov esi,ecx
00746ED9 | mov dword ptr ss:[esp+4],0
00746EE1 | push esi
00746EE2 | push bobcad21.CA3CD0 ; "COleHelperObject::FinalConstruct"
00746EE7 | mov dword ptr ss:[esp+18],0
00746EEF | call bobcad21.762010 ; debug_log_message()
00746EF4 | add esp,8
00746EF7 | lea eax,dword ptr ss:[esp+4]
00746EFB | push eax
00746EFC | push bobcad21.CE9224
00746F01 | push bobcad21.C896BC
00746F06 | mov ecx,bobcad21.DE4AE0
00746F0B | call bobcad21.570270
00746F10 | mov edx,dword ptr ss:[esp+4]
00746F14 | lea ecx,dword ptr ds:[esi+20]
00746F17 | push ecx
00746F18 | push bobcad21.CE9244
00746F1D | push edx
00746F1E | push 10001
00746F23 | push esi
00746F24 | push bobcad21.C896BC
00746F29 | call dword ptr ds:[<&_OleCreateEmbeddingHelper at 24>]
00746F2F | mov esi,eax
00746F31 | mov eax,dword ptr ss:[esp+4]
00746F35 | test eax,eax
00746F37 | mov dword ptr ss:[esp+10],FFFFFFFF
00746F3F | je bobcad21.746F47
00746F41 | mov ecx,dword ptr ds:[eax] ; 00CA3BE8
00746F43 | push eax
00746F44 | call dword ptr ds:[ecx+8]
00746F47 | mov ecx,dword ptr ss:[esp+8]
00746F4B | mov eax,esi
00746F4D | pop esi
00746F4E | mov dword ptr fs:[0],ecx
00746F55 | add esp,10
00746F58 | ret
--- snip ---
Wine DefaultHandler_Construct():
--- snip ---
...
02215A80 | push ecx
02215A81 | push eax
02215A82 | push dword ptr ss:[ebp+8]
02215A85 | push ebx ; _IID_IPersistStorage
02215A86 | call <ole32._CreateDataCache at 16>
02215A8B | test eax,eax
02215A8D | js ole32.2215B84
02215A93 | mov eax,dword ptr ds:[esi+30]
02215A96 | mov ebx,dword ptr ds:[<.refptr._IID_IPersistStorage>]
02215A9C | lea edx,dword ptr ds:[esi+34]
02215A9F | mov ecx,dword ptr ds:[eax]
02215AA1 | push edx
02215AA2 | push ebx ; _IID_IPersistStorage
02215AA3 | push eax
02215AA4 | call dword ptr ds:[ecx] ; IUnknown_QueryInterface
02215AA6 | test eax,eax
02215AA8 | js ole32.2215B78
02215AAE | mov eax,dword ptr ds:[esi+1C] ; 0x0361F758
02215AB1 | mov ecx,dword ptr ds:[eax]
02215AB3 | push eax
02215AB4 | call dword ptr ds:[ecx+8] ; IUnknown_Release(This->outerUnknown)
02215AB7 | mov eax,dword ptr ss:[ebp+8]
02215ABA | test dword ptr ss:[ebp+10],10000
...
--- snip ---
Before outer unknown release:
--- snip ---
0361F750 00000028
0361F754 04455355 ; heap magic "USE"
0361F758 00CA3CF4
0361F75C 00000001 ; refcount
0361F760 03A83420
0361F764 FFFFFFFF
--- snip ---
Calling app COleHelperObject outer unknown release:
--- snip ---
00CA3CF4 00747110 ; COleHelperObject::Release()
00CA3CF8 007470C0
00CA3CFC 007470E0
00CA3D00 00747130
00CA3D04 00C86D2C
00CA3D08 00000000
--- snip ---
App COleHelperObject::Release():
--- snip ---
007470E0 | push esi
007470E1 | mov esi,dword ptr ss:[esp+8]
007470E5 | push edi
007470E6 | lea eax,dword ptr ds:[esi+4]
007470E9 | push eax
007470EA | call dword ptr ds:[<&_InterlockedDecrement at 4>]
007470F0 | mov edi,eax
007470F2 | test edi,edi
007470F4 | jne bobcad21.747103
007470F6 | test esi,esi
007470F8 | je bobcad21.747103
007470FA | mov edx,dword ptr ds:[esi]
007470FC | push 1
007470FE | mov ecx,esi
00747100 | call dword ptr ds:[edx+C] ; COleHelperObject::FinalRelease()
00747103 | mov eax,edi
00747105 | pop edi
00747106 | pop esi
00747107 | ret 4
--- snip ---
The COleHelperObject::FinalRelease() call also matches the debug message in
trace log.
COleHelperObject gone:
--- snip ---
0361F750 0000DFA9
0361F754 45455246 ; heap magic "FREE"
0361F758 03633720
0361F75C 036002C8
0361F760 00000000
0361F764 FFFFFFFF
0361F768 00000000
--- snip ---
--- snip ---
00748A34 | call bobcad21.746EC0 ; create embedding helper object
00748A39 | mov edi,eax
00748A3B | test edi,edi
00748A3D | jl bobcad21.748A4F
00748A3F | mov edx,dword ptr ss:[ebp+C]
00748A42 | mov ecx,dword ptr ds:[esi]
00748A44 | push ebx
00748A45 | push edx
00748A46 | push esi
00748A47 | call dword ptr ds:[ecx] ; *boom*
00748A49 | mov edi,eax
00748A4B | test edi,edi
00748A4D | je bobcad21.748A58
--- snip ---
Wine source:
https://source.winehq.org/git/wine.git/blob/842b38e29166a429d59331be40761335807c85d2:/dlls/ole32/defaulthandler.c#l2056
$ wine --version
wine-6.0-rc1
Regards
--
Do not reply to this email, post in Bugzilla using the
above URL to reply.
You are receiving this mail because:
You are watching all bug changes.
More information about the wine-bugs
mailing list