[Bug 24963] New: Okad2: Unhandled page fault at address 0x00007f8a during startup

List overview All Threads
Download

newer

older

[Bug 59051] New: SQL Server...

[Bug 59045] New: game error on exit

wine-bugs＠winehq.org

30 Oct 2010 30 Oct '10

11:43 p.m.

http://bugs.winehq.org/show_bug.cgi?id=24963

Summary: Okad2: Unhandled page fault at address 0x00007f8a during startup Product: Wine Version: unspecified Platform: x86 OS/Version: Linux Status: UNCONFIRMED Severity: normal Priority: P2 Component: user32 AssignedTo: wine-bugs@winehq.org ReportedBy: pandolfo@gis.net

Created an attachment (id=31617) --> (http://bugs.winehq.org/attachment.cgi?id=31617) a description of the page fault plus an annotated backtrace

During program startup, Okad2-xx-pd (xx = version) generates an unhandled page fault when loading an icon. The page fault is caused by CreateFileW as it processes the name of the file from the parameter list. The name pointer is 0x00007f8a, which is an address in an unmapped page. This value is also an index into Windows resources, selecting the hourglass icon.

What has happened is that the application was attempting to load the hourglass icon and passed in BOTH the Windows resource index and a flag indicating LOADFROMFILE. Wine attempted to load-from-file and looked for the file name through the "name" parameter (0x00007f8a) generating the page fault. Native Windows appears to give the value of the "name" pointer precedence and determines that the "name" parameter is actually a resource number; hence it does not page fault and runs Okad2 normally.

Wine *DOES* check the "name" parameter to see if it is a resource index, but several subroutine calls later it forgets this fact and branches based on the LOADFROMFILE bit. The backtrace has been annotated to provide both a description and source lines involved in the decision.

This behavior was found in the latest version of Wine for Debian (.1.42) and in a MacOS X version.

-- Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email Do not reply to this email, post in Bugzilla using the above URL to reply. ------- You are receiving this mail because: ------- You are watching all bug changes.

Show replies by date

wine-bugs＠winehq.org

30 Oct 30 Oct

11:50 p.m.

New subject: [Bug 24963] Okad2: Unhandled page fault at address 0x00007f8a during startup

http://bugs.winehq.org/show_bug.cgi?id=24963

Jeff Zaroyko jeffz@jeffz.name changed:

wine-bugs＠winehq.org

11:54 p.m.

New subject: [Bug 24963] Okad2: Unhandled page fault at address 0x00007f8a during startup

http://bugs.winehq.org/show_bug.cgi?id=24963

Michael Pandolfo pandolfo@gis.net changed:

What |Removed |Added ---------------------------------------------------------------------------- Version|unspecified |1.1.42

wine-bugs＠winehq.org

11:56 p.m.

New subject: [Bug 24963] Okad2: Unhandled page fault at address 0x00007f8a during startup

http://bugs.winehq.org/show_bug.cgi?id=24963

--- Comment #1 from Michael Pandolfo pandolfo@gis.net 2010-10-30 18:56:59 CDT ---

Okad2 is described and linked to at this web page:

http://greenarraychips.com/home/documents/greg/cf-releases.htm

and can be downloaded directly from this link:

http://greenarraychips.com/home/documents/greg/code/af-34k2-ga144-1-10-PD.zi...

wine-bugs＠winehq.org

31 Oct 31 Oct

5:06 a.m.

New subject: [Bug 24963] Okad2: Unhandled page fault at address 0x00007f8a during startup

http://bugs.winehq.org/show_bug.cgi?id=24963

Dan Kegel dank@kegel.com changed:

What |Removed |Added ---------------------------------------------------------------------------- CC| |dank@kegel.com

--- Comment #2 from Dan Kegel dank@kegel.com 2010-10-31 00:06:56 CDT --- I tried writing a little test for this behavior:

/* Test a system cursor with LR_LOADFROMFILE incorrectly specified, as Okad2 does */ handle = LoadImageA(NULL, IDC_APPSTARTING, IMAGE_CURSOR, 0, 0, LR_DEFAULTSIZE|LR_LOADFROMFILE); ok(handle != NULL, "LoadImage() from system resource with LR_LOADFROMFILE failed.\n");

but on Vista, it crashed. Okad2, on the other hand, runs on Vista. So I don't know what's going on. Can you write a small C program that succeeds on Windows and fails on Wine in the same way as Okad2?

wine-bugs＠winehq.org

9:07 p.m.

New subject: [Bug 24963] Okad2: Unhandled page fault at address 0x00007f8a during startup

http://bugs.winehq.org/show_bug.cgi?id=24963

Andrew Nguyen arethusa26@gmail.com changed:

--- Comment #3 from Andrew Nguyen arethusa26@gmail.com 2010-10-31 16:07:27 CDT --- (In reply to comment #2)

...

I tried writing a little test for this behavior:
/* Test a system cursor with LR_LOADFROMFILE incorrectly specified, as
Okad2 does */ handle = LoadImageA(NULL, IDC_APPSTARTING, IMAGE_CURSOR, 0, 0, LR_DEFAULTSIZE|LR_LOADFROMFILE); ok(handle != NULL, "LoadImage() from system resource with LR_LOADFROMFILE failed.\n");

but on Vista, it crashed. Okad2, on the other hand, runs on Vista. So I don't know what's going on. Can you write a small C program that succeeds on Windows and fails on Wine in the same way as Okad2?

NT-based platforms seem to have a compatibility hack within user32 or thereabouts that looks at the PE optional header version fields. I ran an unmodified user32_crosstest.exe with your test through the test bot, which showed that LoadImageA on platforms older than Win2k3 fail with the test parameters, while Vista and newer platforms crash.

After using a PE editor on user32_crosstest.exe to change the required OS version, image version, and subsystem version to match Okad2's values, running that executable through the test bot showed that LoadImageA succeeds for the given parameters on all platforms except Win98.

Do we want to replicate the exact compatibility check, or should we just change LoadImage to succeed/fail as it does on Win2k3 and older?

wine-bugs＠winehq.org

30 Jun 30 Jun

1:55 p.m.

New subject: [Bug 24963] Okad2: Unhandled page fault at address 0x00007f8a during startup

http://bugs.winehq.org/show_bug.cgi?id=24963

--- Comment #4 from butraxz@gmail.com 2013-06-30 08:55:52 CDT --- This ticket has not been updated for over 900 days.

Is this still an issue in wine version 1.6-rc4 or higher or is this to be closed as abandoned ?

wine-bugs＠winehq.org

25 Jan 25 Jan

3:38 p.m.

New subject: [Bug 24963] Okad2: Unhandled page fault at address 0x00007f8a during startup

http://bugs.winehq.org/show_bug.cgi?id=24963

Dmitry Timoshkov dmitry@baikal.ru changed:

-- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.

wine-bugs＠winehq.org

3:47 p.m.

New subject: [Bug 24963] Okad2: Unhandled page fault at address 0x00007f8a during startup

http://bugs.winehq.org/show_bug.cgi?id=24963

--- Comment #5 from Dan Kegel dank@kegel.com --- sha1sum of my copy from 2010: b54cfc88e86e7c09edec4b8f37426e9cffb29e18

-- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.

wine-bugs＠winehq.org

8 p.m.

New subject: [Bug 24963] Okad2 crashes on startup (LoadImage of OEM cursor with LR_LOADFROMFILE flag set)

http://bugs.winehq.org/show_bug.cgi?id=24963

Anastasius Focht focht@gmx.net changed:

--- Comment #6 from Anastasius Focht focht@gmx.net --- Hello folks,

--- quote --- After using a PE editor on user32_crosstest.exe to change the required OS version, image version, and subsystem version to match Okad2's values, running that executable through the test bot showed that LoadImageA succeeds for the given parameters on all platforms except Win98. --- quote ---

many older apps relying on old/broken Win32 API behaviour can be safely identified by looking at NT optional header 'MajorSubsystemVersion' field (and possibly 'MinorSubsystemVersion' if needed).

Wine already makes use of this in some places to work around broken behaviour.

Dump of 'Okad2-41-pd.exe' PE header with 'LordPE' tool:

--- snip --- ... ->Optional Header Magic: 0x010B (HDR32_MAGIC) MajorLinkerVersion: 0x02 MinorLinkerVersion: 0x32 -> 2.50 SizeOfCode: 0x00000200 SizeOfInitializedData: 0x00000400 SizeOfUninitializedData: 0x00000200 AddressOfEntryPoint: 0x00001000 BaseOfCode: 0x00001000 BaseOfData: 0x00002000 ImageBase: 0x10000000 SectionAlignment: 0x00001000 FileAlignment: 0x00000200 MajorOperatingSystemVersion: 0x0001 MinorOperatingSystemVersion: 0x0000 -> 1.00 MajorImageVersion: 0x0001 MinorImageVersion: 0x0061 -> 1.97 MajorSubsystemVersion: 0x0003 MinorSubsystemVersion: 0x000A -> 3.10 Win32VersionValue: 0x00000000 SizeOfImage: 0x20000000 SizeOfHeaders: 0x00000400 CheckSum: 0x00000000 Subsystem: 0x0003 (WINDOWS_CUI) DllCharacteristics: 0x0000 SizeOfStackReserve: 0x00100000 SizeOfStackCommit: 0x00001000 SizeOfHeapReserve: 0x00100000 SizeOfHeapCommit: 0x00001000 LoaderFlags: 0x00000000 NumberOfRvaAndSizes: 0x00000010 ... --- snip ---

The app has MajorSubsystemVersion.MinorSubsystemVersion set to '3.10'.

A compatibility workaround for those old apps can be implemented by using GetProcessVersion() and check for '< 0x400' condition.

--- snip --- 0012FF44 00000000 ; hInst = NULL 0012FF48 00007F8A ; Name = OCR_APPSTARTING 0012FF4C 00000002 ; Type = IMAGE_CURSOR 0012FF50 00000000 ; DesiredX = 0 0012FF54 00000000 ; DesiredY = 0 0012FF58 00000050 ; Flags = LR_LOADFROMFILE|LR_DEFAULTSIZE --- snip ---

Regards

-- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.

wine-bugs＠winehq.org

28 May 28 May

10:07 p.m.

New subject: [Bug 24963] Okad2 crashes on startup ( LoadImage of OEM cursor with LR_LOADFROMFILE flag set)

https://bugs.winehq.org/show_bug.cgi?id=24963

Sebastian Lackner sebastian@fds-team.de changed:

-- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.

wine-bugs＠winehq.org

1 Jun 1 Jun

4:39 p.m.

New subject: [Bug 24963] Okad2 crashes on startup ( LoadImage of OEM cursor with LR_LOADFROMFILE flag set)

https://bugs.winehq.org/show_bug.cgi?id=24963

André H. nerv@dawncrow.de changed:

-- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.

wine-bugs＠winehq.org

26 Dec 26 Dec

5:16 p.m.

New subject: [Bug 24963] Okad2 crashes on startup ( LoadImage of OEM cursor with LR_LOADFROMFILE flag set)

https://bugs.winehq.org/show_bug.cgi?id=24963

Zebediah Figura z.figura12@gmail.com changed:

What |Removed |Added ---------------------------------------------------------------------------- CC| |z.figura12@gmail.com

--- Comment #7 from Zebediah Figura z.figura12@gmail.com --- Also affects Monopoly (2000). To replicate this bug you will first need to work around bug 18971 (by copying font files into C:\windows\fonts) and bug 42908 (by changing the Selected3DDevice in C:\Program Files\Hasbro Interactive\Monopoly\DirectX.ini to the index of a hardware device; for me this was 3.)

-- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.

WineHQ Bugzilla

26 Nov 26 Nov

11:48 a.m.

New subject: [Bug 24963] Okad2 crashes on startup (LoadImage of OEM cursor with LR_LOADFROMFILE flag set)

http://bugs.winehq.org/show_bug.cgi?id=24963

Vijay Kamuju infyquest@gmail.com changed:

--- Comment #8 from Vijay Kamuju infyquest@gmail.com --- Variation of the fix in staged patch is now committed. https://gitlab.winehq.org/wine/wine/-/commit/09f5c0d1239465c07ed2567b6a4591f...

-- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.

WineHQ Bugzilla

4:57 p.m.

New subject: [Bug 24963] Okad2 crashes on startup (LoadImage of OEM cursor with LR_LOADFROMFILE flag set)

http://bugs.winehq.org/show_bug.cgi?id=24963

Anastasius Focht focht@gmx.net changed:

--- Comment #9 from Anastasius Focht focht@gmx.net --- Hello Vijay.

Unfortunately, it's not fixed. The check is too late; you need to do that already in LoadImageW.

https://gitlab.winehq.org/wine/wine/-/blob/09f5c0d1239465c07ed2567b6a4591fdd...

--- snip --- HANDLE WINAPI LoadImageW( HINSTANCE hinst, LPCWSTR name, UINT type, INT desiredx, INT desiredy, UINT loadflags ) { int depth; WCHAR path[MAX_PATH];

TRACE_(resource)("(%p,%s,%d,%d,%d,0x%08x)\n", hinst,debugstr_w(name),type,desiredx,desiredy,loadflags);

if (loadflags & LR_LOADFROMFILE) { loadflags &= ~LR_SHARED; /* relative paths are not only relative to the current working directory */ if (SearchPathW(NULL, name, NULL, ARRAY_SIZE(path), path, NULL)) name = path; } switch (type) { case IMAGE_BITMAP: return BITMAP_Load( hinst, name, desiredx, desiredy, loadflags );

case IMAGE_ICON: case IMAGE_CURSOR: depth = 1; if (!(loadflags & LR_MONOCHROME)) depth = get_display_bpp(); return CURSORICON_Load(hinst, name, desiredx, desiredy, depth, (type == IMAGE_CURSOR), loadflags); } return 0; } --- snip ---

https://gitlab.winehq.org/wine/wine/-/blob/09f5c0d1239465c07ed2567b6a4591fdd...

--- snip --- $ wine ./Okad2-41-pd.exe 0124:err:environ:init_peb starting L"Z:\home\rmi1974\Downloads\test\Okad2-41-pd.exe" in experimental wow64 mode cmcf 4.1-pd 0022FF28 Reading file OkadWork.cf 00000003 00020400 FFFFFFFE Error in system operation. 0022FF28 One time operations: Win32 API Error: 00000002 100058FD 10006E94 00000000 10004E44 wine: Unhandled page fault on read access to 00007F8A at address 7BF9BFCB (thread 0124), starting debugger... 012c:err:environ:init_peb starting L"C:\windows\syswow64\winedbg.exe" in experimental wow64 mode --- snip ---

$ sha1sum af-34k2-ga144-1-10-PD.zip b54cfc88e86e7c09edec4b8f37426e9cffb29e18 af-34k2-ga144-1-10-PD.zip

$ du -sh af-34k2-ga144-1-10-PD.zip 108K af-34k2-ga144-1-10-PD.zip

$ wine --version wine-10.19-269-gf41f67806b9

Regards

-- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.

WineHQ Bugzilla

5:37 p.m.

New subject: [Bug 24963] Okad2 crashes on startup (LoadImage of OEM cursor with LR_LOADFROMFILE flag set)

http://bugs.winehq.org/show_bug.cgi?id=24963

--- Comment #10 from Vijay Kamuju infyquest@gmail.com --- Does the crash occur with the original staged patch?

I will look into this on friday as soon as I receive my new SSD.

-- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.

WineHQ Bugzilla

7:34 p.m.

New subject: [Bug 24963] Okad2 crashes on startup (LoadImage of OEM cursor with LR_LOADFROMFILE flag set)

http://bugs.winehq.org/show_bug.cgi?id=24963

Anastasius Focht focht@gmx.net changed:

What |Removed |Added ---------------------------------------------------------------------------- Status|REOPENED |NEW

--- Comment #11 from Anastasius Focht focht@gmx.net --- Hello Vijay,

--- quote --- Does the crash occur with the original staged patch? --- quote ---

You mean this one?

https://github.com/wine-staging/wine-staging/blob/463f0b79360c89b7fbe4eb266b...

That patch probably worked fine at the time when it was introduced in 2016. But then Fabian did a change in 2018 in order to fix bug 46186 - unrelated to this problem:

https://gitlab.winehq.org/wine/wine/-/commit/400dd1596ab7946e68278b3f8dc7c87... ("user32: LoadImage should not only search in the working directory.").

which essentially introduces another path to crash. Calling SearchPathW() with a resource id is not a good idea.

Regards

-- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.

WineHQ Bugzilla

10:31 p.m.

New subject: [Bug 24963] Okad2 crashes on startup (LoadImage of OEM cursor with LR_LOADFROMFILE flag set)

http://bugs.winehq.org/show_bug.cgi?id=24963

--- Comment #12 from Vijay Kamuju infyquest@gmail.com --- I am trying to get this test running on wine testbot, but its giving me compile errors:

diff --git a/dlls/user32/tests/cursoricon.c b/dlls/user32/tests/cursoricon.c index bc42563b0e4..1c6839781df 100644 --- a/dlls/user32/tests/cursoricon.c +++ b/dlls/user32/tests/cursoricon.c @@ -1496,9 +1496,16 @@ static void test_LoadImage(void) "GetIconInfoEx wrong module %s\n", wine_dbgstr_w(infoexW.szModName) ); ok( infoexW.szResName[0] == 0, "GetIconInfoEx wrong name %s\n", wine_dbgstr_w(infoexW.szResName) ); } - SetLastError(0xdeadbeef); DestroyIcon(handle);

+ /* Test loading a resource as a cursor. */ + SetLastError(0xdeadbeef); + handle = LoadImageA(NULL, MAKEINTRESOURCEA(OCR_NORMAL), IMAGE_CURSOR, 0, 0, LR_LOADFROMFILE); + ok(handle != NULL, "LoadImage() failed.\n"); + error = GetLastError(); + ok(error == 0, "Last error: %lu\n", error); + SetLastError(0xdeadbeef); + test_LoadImageFile("BMP", bmpimage, sizeof(bmpimage), "bmp", 1); test_LoadImageFile("BMP (coreinfo)", bmpcoreimage, sizeof(bmpcoreimage), "bmp", 1); test_LoadImageFile("GIF", gifimage, sizeof(gifimage), "gif", 0);

-- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.

Age (days ago)

5518

Last active (days ago)

wine-bugs@winehq.org

17 comments

2 participants

tags (0)

participants (2)

wine-bugs＠winehq.org
WineHQ Bugzilla