[Bug 48822] Microsoft Word 6.0 for Windows crashes upon exit on unimplemented function ole2.dll16.WRITEFMTUSERTYPESTG

WineHQ Bugzilla wine-bugs at winehq.org
Thu Jun 4 05:28:18 CDT 2020 

https://bugs.winehq.org/show_bug.cgi?id=48822

--- Comment #2 from Anastasius Focht <focht at gmx.net> ---
Hello Vijay,

--- quote ---
Can you please test with the following patch
https://source.winehq.org/patches/data/186352
--- quote ---

it still crashes with a stub upon exit:

--- snip ---
$ pwd
/home/focht/.wine/drive_c/WINWORD

$ WINEDEBUG=+seh,+relay,+ole wine ./WINWORD.EXE >>log.txt 2>&1
...
00b4:Call STORAGE.1: STGCREATEDOCFILEA(0a3f7875
"c:\\winword\\template\\~WRD0004.tmp",00001012,00000000,0a3f:74fa)
ret=09e7:0471 ds=0a3f
00b4:trace:ole:StgCreateDocFile16
(c:\winword\template\~WRD0004.tmp,0x00001012,0x00000000,017A3C5A) 
...
00b4:Call KERNEL32.CreateFileA(017a3fd5
"c:\\winword\\template\\~WRD0004.tmp",c0000000,00000000,00000000,00000001,00000000,00000000)
ret=01bd5268 
...
00b4:Ret  KERNEL32.CreateFileA() retval=000000c8 ret=01bd5268 
00b4:Call krnl386.exe16.MapSL(107f3f78) ret=01bd5276
00b4:Ret  krnl386.exe16.MapSL() retval=01cd3f78 ret=01bd5276
...
00b4:trace:ole:STORAGE_get_pps_entry (n=0) 
...
00b4:trace:ole:STORAGE_get_nth_next_big_blocknr (blocknr=1, nr=0) 
...
00b4:Ret  STORAGE.1: STGCREATEDOCFILEA() retval=00000000 ret=09e7:0471 ds=0a3f 
...
00b4:Call OLE2.19: WRITECLASSSTG(107f3f78,09e7:00be) ret=09e7:06f2 ds=0a3f 
...
00b4:fixme:ole:WriteClassStg16 stub:107F3F78
{00020900-0000-0000-c000-000000000046}
00b4:Ret  OLE2.19: WRITECLASSSTG() retval=80030070 ret=09e7:06f2 ds=0a3f 
...
00b4:Call OLE2.75: WRITEFMTUSERTYPESTG(3f78:107f,3f78c050,0a3f:73ec)
ret=09e7:0725 ds=0a3f
00b4:fixme:ole:WriteFmtUserTypeStg16 stub:0000107F c050 Microsoft Word 6.0
Document
00b4:Ret  OLE2.75: WRITEFMTUSERTYPESTG() retval=80030070 ret=09e7:0725 ds=0a3f
00b4:trace:seh:raise_exception code=c0000005 flags=0 addr=0x770 ip=00000770
tid=00b4
00b4:trace:seh:raise_exception  info[0]=00000000
00b4:trace:seh:raise_exception  info[1]=0000fff8
00b4:trace:seh:raise_exception  eax=80030012 ebx=00007407 ecx=00000a3f
edx=0a3f0000 esi=0000107f edi=00003f78
00b4:trace:seh:raise_exception  ebp=00007506 esp=000074e0 cs=09e7 ds=0a3f
es=107f fs=0063 gs=006b flags=00010282
00b4:trace:seh:call_stack_handlers calling handler at 0x3f2d00 code=c0000005
flags=0 
...
wine: Unhandled page fault on read access to 0000FFF8 at address 00000770
(thread 00b4), starting debugger... 
--- snip ---

It's not really fun to deal with NE/win16 executables. In that specific
sequence the HRESULTs from the API calls don't really matter. It seems the app
wants to call IStorage16 methods but gets some weird vtable address. Maybe
IStorage16Impl struct layout problem but it definately a different issue.

I propose to submit the patch for the stub as-is since the follow-up crash is
not related. I will create a new ticket for IStorage16 insufficiencies.

Regards

-- 
Do not reply to this email, post in Bugzilla using the
above URL to reply.
You are receiving this mail because:
You are watching all bug changes.

More information about the wine-bugs mailing list