WinProc recursion

Niclas Carlsson nkarlsso at ra.abo.fi
Sat Jan 19 14:33:24 CST 2002 

Hi!

The 7 year old incarnation of m$word currently causes some weird problems.

What happens is that a certain dlgproc (or winproc?) WM_NCPAINT handler calls
DefWindowProc and then UpdateWindow. This last call causes Wine to emit a
WM_PAINT which calls BeginPaint which emits a WM_NCPAINT etc ad nauseum.
==> Recursion until the stack overflows.

Of course, other things may have made the logic in the winproc go haywire,
but doing the same thing (calling DefWindowProc followed by UpdateWindow
in WM_NCPAINT) under win95 works just fine. The same application bombs
under Wine.

I'm using CVS as of yesterday (20020118).

Here's the relevant part of the word backtrace:

146 0x406450d5 (RedrawWindow+0x3b1(hwnd=0x1002a, rectUpdate=0x0, hrgnUpdate=0x0, flags=0x180) 
[painting.c:787] in libuser32.so) (ebp=40419b0c)
  147 0x40645129 (UpdateWindow+0x21(hwnd=0x1002a) [painting.c:802] in libuser32.so) 
(ebp=40419b28)
  148 0x500236e8 (winword.exe.PvAllocStack+0x10755 in D:\Program\office95\Winword\winword.exe) 
(ebp=40419ba8)
  149 0x40656257 (WINPROC_wrapper+0x17 in libuser32.so) (ebp=40419bcc)
  150 0x406562ed (WINPROC_CallWndProc+0x8d(proc=0x50023491, hwnd=0x1002a, msg=0x85, 
wParam=0xbe76, lParam=0x0) [winproc.c:167] in libuser32.so) (ebp=40419bfc)
  151 0x4065bb0b (CallWindowProcA+0x3b(func=0x50023491, hwnd=0x1002a, msg=0x85, wParam=0xbe76, 
lParam=0x0) [winproc.c:2594] in libuser32.so) (ebp=40419c24)
  152 0x405f8df3 (call_window_proc+0xf3(hwnd=0x1002a, msg=0x85, wparam=0xbe76, lparam=0x0, 
unicode=0x0) [message.c:1106] in libuser32.so) (ebp=40419c74)
  153 0x405f99c6 (SendMessageTimeoutA+0xea(hwnd=0x1002a, msg=0x85, wparam=0xbe76, lparam=0x0, 
flags=0x0, timeout=0xffffffff, res_ptr=0x40419cf4, hwnd=0x1002a) [message.c:1502] in 
libuser32.so) (ebp=40419ccc)
  154 0x405f9b1f (SendMessageA+0x33(hwnd=0x1002a, msg=0x85, wparam=0xbe76, lparam=0x0) 
[message.c:1547] in libuser32.so) (ebp=40419cf8)
  155 0x405fc29c (begin_ncpaint+0x90(hwnd=0x1002a) [painting.c:116] in libuser32.so) 
(ebp=40419d24)
  156 0x405fc3a9 (BeginPaint+0x6d(hwnd=0x1002a, lps=0x40419da8) [painting.c:157] in 
libuser32.so) (ebp=40419d64)
  157 0x50023575 (winword.exe.PvAllocStack+0x105e2 in D:\Program\office95\Winword\winword.exe) 
(ebp=40419de8)
  158 0x40656257 (WINPROC_wrapper+0x17 in libuser32.so) (ebp=40419e0c)
  159 0x406562ed (WINPROC_CallWndProc+0x8d(proc=0x50023491, hwnd=0x1002a, msg=0xf, wParam=0x0, 
lParam=0x0) [winproc.c:167] in libuser32.so) (ebp=40419e3c)
  160 0x4065b7a6 (WINPROC_CallProc32WTo32A+0x8a(func=0x50023491, hwnd=0x1002a, msg=0xf, 
wParam=0x0, lParam=0x0) [winproc.c:2438] in libuser32.so) (ebp=40419e64)
  161 0x4065bc38 (CallWindowProcW+0x88(func=0x409b090e, hwnd=0x1002a, msg=0xf, wParam=0x0, 
lParam=0x0) [winproc.c:2645] in libuser32.so) (ebp=40419e8c)
  162 0x405f8dce (call_window_proc+0xce(hwnd=0x1002a, msg=0xf, wparam=0x0, lparam=0x0, 
unicode=0x1) [message.c:1102] in libuser32.so) (ebp=40419edc)
  163 0x405f986d (SendMessageTimeoutW+0xdd(hwnd=0x1002a, msg=0xf, wparam=0x0, lparam=0x0, 
flags=0x0, timeout=0xffffffff, res_ptr=0x40419f58) [message.c:1454] in libuser32.so) 
(ebp=40419f30)
  164 0x405f9adf (SendMessageW+0x33(hwnd=0x1002a, msg=0xf, wparam=0x0, lparam=0x0) 
[message.c:1536] in libuser32.so) (ebp=40419f5c)
  165 0x40644b9c (RDW_Paint+0xbc(wndPtr=0x40345d6c, hrgn=0x0, flags=0x180, ex=0x0) 
[painting.c:599] in libuser32.so) (ebp=40419f90)
  166 0x406450d5 (RedrawWindow+0x3b1(hwnd=0x1002a, rectUpdate=0x0, hrgnUpdate=0x0, flags=0x180) 
[painting.c:787] in libuser32.so) (ebp=40419ffc)
  167 0x40645129 (UpdateWindow+0x21(hwnd=0x1002a) [painting.c:802] in libuser32.so) 
(ebp=4041a018)

Here's a corresponding relay trace:

0806e328:Call window proc 0x50023491 (hwnd=0001002a,msg=WM_PAINT,wp=00000000,lp=00000000)
0806e328:Call user32.GetWindowLongA(0001002a,00000000) ret=500238be
0806e328:Ret  user32.GetWindowLongA() retval=4031ecfc ret=500238be
0806e328:Call user32.BeginPaint(0001002a,40524d1c) ret=50023575
0806e328:Call window proc 0x50023491 (hwnd=0001002a,msg=WM_NCPAINT,wp=00001abe,lp=00000000)
0806e328:Call user32.GetWindowLongA(0001002a,00000000) ret=500238be
0806e328:Ret  user32.GetWindowLongA() retval=4031ecfc ret=500238be
0806e328:Call user32.DefWindowProcA(0001002a,00000085,00001abe,00000000) ret=500236d3
0806e328:Call x11drv.GetDC(0001002a,0000091c,00001abe,00050093) ret=4062f66c
0806e328:Call x11drv.SetDeviceClipping(4033f59c) ret=40702c4b
0806e328:Ret  x11drv.SetDeviceClipping() retval=00000000 ret=40702c4b
0806e328:Ret  x11drv.GetDC() retval=00000001 ret=4062f66c
0806e328:Call x11drv.SetDeviceClipping(4033f59c) ret=40702c4b
0806e328:Ret  x11drv.SetDeviceClipping() retval=00000000 ret=40702c4b
0806e328:Call x11drv.SelectObject(4033f59c,000000e6) ret=4070f7fa
0806e328:Ret  x11drv.SelectObject() retval=0000008a ret=4070f7fa
0806e328:Call x11drv.SetDeviceClipping(4033f59c) ret=40702c4b
0806e328:Ret  x11drv.SetDeviceClipping() retval=00000000 ret=40702c4b
0806e328:Call x11drv.SelectObject(4033f59c,00000000) ret=4070f7fa
0806e328:Ret  x11drv.SelectObject() retval=00000000 ret=4070f7fa
0806e328:Call x11drv.SelectObject(4033f59c,0000006e) ret=4070f7fa
0806e328:Ret  x11drv.SelectObject() retval=0000006e ret=4070f7fa
0806e328:Call x11drv.GetDeviceCaps(4033f59c,00000022) ret=407057c8
0806e328:Ret  x11drv.GetDeviceCaps() retval=000039f7 ret=407057c8
0806e328:Call x11drv.SelectObject(4033f59c,000000a2) ret=4070f6f9
0806e328:Ret  x11drv.SelectObject() retval=00000001 ret=4070f6f9
0806e328:Call x11drv.SelectObject(4033f59c,0000008a) ret=4070f7fa
0806e328:Ret  x11drv.SelectObject() retval=000000e6 ret=4070f7fa
0806e328:Call x11drv.SetBkColor(4033f59c,00ffffff) ret=40705846
0806e328:Ret  x11drv.SetBkColor() retval=00ffffff ret=40705846
0806e328:Call x11drv.SetTextColor(4033f59c,00000000) ret=407058da
0806e328:Ret  x11drv.SetTextColor() retval=00000000 ret=407058da
0806e328:Ret  user32.DefWindowProcA() retval=00000000 ret=500236d3
0806e328:Call user32.UpdateWindow(0001002a) ret=500236e8
0806e328:Call x11drv.MsgWaitForMultipleObjectsEx(00000001,405247bc,00000000,000000ff,00000000) 
ret=4063ebcd
0806e328:Ret  x11drv.MsgWaitForMultipleObjectsEx() retval=00000000 ret=4063ebcd
0806e328:Call window proc 0x50023491 (hwnd=0001002a,msg=WM_PAINT,wp=00000000,lp=00000000)
0806e328:Call user32.GetWindowLongA(0001002a,00000000) ret=500238be
0806e328:Ret  user32.GetWindowLongA() retval=4031ecfc ret=500238be
0806e328:Call user32.BeginPaint(0001002a,405246e8) ret=50023575
0806e328:Call window proc 0x50023491 (hwnd=0001002a,msg=WM_NCPAINT,wp=00001ac6,lp=00000000)

Cheers, Nicke
-- 
-[ nkarlsso at abo.fi ]-  Seek simplicity, and distrust it. (A. Whitehead)

More information about the wine-devel mailing list