Added sanity check to WINPROC_CallWndProc

Jukka Heinonen jhei at iki.fi
Mon Jul 16 13:12:45 CDT 2001 

On Sun, Jul 15, 2001, Uwe Bonnes wrote:
> >>>>> "Jukka" == Jukka Heinonen <jhei at iki.fi> writes:
>     Jukka> DeusEx causes Wine to crash (segmentation fault) because it calls
>     Jukka> CallWindowProc and passes null in HWND parameter.  While I
>     Jukka> suspect that this is because some Wine function that should
>     Jukka> return a valid HWND is returning a null pointer, the crashing can
>     Jukka> be fixed simply by adding a sanity check to WINPROC_CallWndProc.
> 
> How does Windows behave on those invalid arguments?

On a Windows NT machine, CallWindowProc does not check any of its arguments. 
However, DefWindowProc and all WNDPROC handlers do check HWND argument.
Many (if not all) Wine WNDPROC handlers do not have this check and null
HWND handles therefore make Wine crash even though Windows doesn't.

So, my patch was incorrect after all. Correct fix to Wine is simple:
just go through all WNDPROC handlers and check after first
WIN_FindWndPtr call that the returned pointer is non-null.
Wine DefWindowProc is a good example of this. I might
look at this next weekend unless someone else volunteers.

It is likely that in every case where applications
pass HWND handles to Wine, there should be a similar check. 
Confirming this would be pretty boring, though.

>     Jukka> After this patch, both DeusEx installer and DeusEx dialog for
>     Jukka> choosing rendering engine work. However, DeusEx still crashes
>     Jukka> later because DeusEx for some reason generates a division by zero
>     Jukka> FP exception. DeusEx handler for this exception calls
>     Jukka> __CxxFrameHandler which is not implemented by Wine and thus
>     Jukka> exception handling ends into infinite recursion. Luckily stack
>     Jukka> overflow makes Wine to crash :)
> 
> Native msvcrt has __CxxFrameHandler, but I aggree that wine-msvcrt needs
> exception facilities too.

Actually, I looked at Windows development documents and tried some tests
myself and found out that 1.0/0.0 (division by zero) should only
raise an exception if a function call to _control87 or _controlfp 
is made to enable floating point exceptions. DeusEx does no such
call. Therefore, Wine should not have raised this exception or at 
least it should have passed control right back to the application 
instead of invoking exception handlers. Likely Wine startup fails
to properly initialize the floating point unit.

Fixing this should not be too hard, but I have to see when I have
enough time to look at it. I am not going to do anything regarding
__CxxFrameHandler (is this C++ exception handling stuff?) since
I have not found any documentation about it and I'm hoping that
DeusEx doesn't really need it.

-- 
Jukka Heinonen <http://www.iki.fi/jhei/>

More information about the wine-devel mailing list