[ros-dev] [ros-diffs] [jimtabor] 38348: - Example of a thread overrun? HAX-Fixes wine cursoricon test.

[James Tabor]

Hi ALL!

Okay, not sure what is going on but here is the original output:

Unhandled exception
ExceptionCode:    c0000005
Faulting Address:   682000
Address:          7c91e6ae   C:\ReactOS\system32\ntdll.dll
CS:EIP 1b:7c91e6ae
DS 23 ES 23 FS 3b GS 0
EAX: 011f0020   EBX: 011f0020   ECX: 090b071d
EDX: 242c2c64   EBP: 008afc54   ESI: 00681ffe   ESP: 008afc4c
EDI: 011f1010   EFLAGS: 00010212
Frames:
   77e30000+211d2      C:\ReactOS\system32\user32.dll
   77e30000+21365      C:\ReactOS\system32\user32.dll
   77e30000+20c56      C:\ReactOS\system32\user32.dll
     400000+892c       C:\ReactOS\user32_crosstest.exe
     400000+8e73       C:\ReactOS\user32_crosstest.exe
     400000+a3ab       C:\ReactOS\user32_crosstest.exe
     400000+b4ac8      C:\ReactOS\user32_crosstest.exe
     400000+b4c56      C:\ReactOS\user32_crosstest.exe
     400000+1247       C:\ReactOS\user32_crosstest.exe
     400000+1298       C:\ReactOS\user32_crosstest.exe
   7c700000+218e4      C:\ReactOS\system32\kernel32.dll
(subsystems/win32/csrss/api/wapi.c:115) CSR: received hard error c0000144
(subsystems/win32/csrss/win32csr/dllmain.c:528) The instruction at
"0x7c91e6ae" referenced memory at "0x00682000". The memory could not
be "read".

After patch:

We have a thread overrun, these are already freed! pi -> 18808864 bi -> 6819854
We have a thread overrun, these are already freed! pi -> 18808864 bi -> 6819854
Than, get two exit strings at the command console.

bi -> 6819854 (0x68100E) is the one and it is from MapViewOfFile. The
difference from 0x682000 is 4082.... Well with in the normal page but
why is 0x68100E the start address and not 0x681000?

It could be just simply bad math being used in LoadBitmapImage. Wine
does use the same code in user32 from gdi32 to handle bitmap and
friends.

Thanks,
James