http://bugs.winehq.org/show_bug.cgi?id=6399
mike@codeweavers.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|UNCONFIRMED |NEW Ever Confirmed| |1
------- Additional Comments From mike@codeweavers.com 2006-08-10 12:12 ------- 0009:CALL MFC42.5788(00000060) ret=004e79a0 trace:seh:raise_exception code=c0000005 flags=0 addr=0x6c3c01b3
MFC42.5788 is CPen *CDC::SelectObject(CPen *); A bad pointer is being passed as a CPen, so the program is crashing.
The source for this project is available on SourceForge. Examining the relay trace, it looks like the crash is at: gba/VisualBoyAdvance-1.7/src/win32/ZoomControl.cpp #144
CPen pen; pen.CreatePen(PS_SOLID, 1, RGB(192,192,192)); CPen *old = (CPen *)memDC.SelectObject(pen);
for(i = 0; i < 8; i++) { memDC.MoveTo(0, i * multY); memDC.LineTo(w, i * multY); memDC.MoveTo(i * multX, 0); memDC.LineTo(i * multX, h); }
if(selected != -1) { <---- looks like this condition is false CPen pen2; pen2.CreatePen(PS_SOLID, 2, RGB(255, 0, 0)); CPen *old2 = (CPen*)memDC.SelectObject(&pen2);
int startX = (selected & 7)*multX+1; int startY = (selected / 8)*multY+1; int endX = startX + multX-2; int endY = startY + multY-2;
memDC.MoveTo(startX, startY); memDC.LineTo(endX, startY); memDC.LineTo(endX, endY); memDC.LineTo(startX, endY); memDC.LineTo(startX, startY-1); memDC.SelectObject(old2); pen2.DeleteObject(); } memDC.SelectObject(old); <----- looks like it crashes here. pen.DeleteObject();
The relay trace for this section of code shows nothing obviously wrong, however it seems the problem must be in something called here, as the variable "old" is initialized at the top of the section...