Help debugging a SEH

Oliver Stieber oliver_stieber at yahoo.co.uk
Mon Oct 17 09:16:19 CDT 2005 

Hi, I've been trying to locate an odd bug in the game Perimeter.

The crash happens when execution changes to x41 bytes into the ProcessHeap structure, so I assume
that there's some stack corruption.

The last bit of the log looks like this: (with relay exclude of ntdll.*;kernel32.*;gdi32.*)

000f:warn:file:wine_nt_to_unix_file_name L"\\??\\C:\\Program
Files\\Codemasters\\Perimeter-poo\\resource\\models\\menu\\textures\\intf_metall_bump.t
ga" -> "/home/oliverwork/.wine/dosdevices/c:/Program
Files/Codemasters/Perimeter-poo/RESOURCE/Models/MENU/Textures/intf_metall_bump.tga" required a
case-insensitive search
000f:trace:file:wine_nt_to_unix_file_name L"\\??\\C:\\Program
Files\\Codemasters\\Perimeter-poo\\resource\\models\\menu\\textures\\intf_metall_bump.
tga" -> "/home/oliverwork/.wine/dosdevices/c:/Program
Files/Codemasters/Perimeter-poo/RESOURCE/Models/MENU/Textures/intf_metall_bump.tga"
000f:trace:heap:RtlFreeHeap (0x7bbc0000,00000002,0x7ddafda8): returning TRUE
000f:trace:heap:RtlFreeHeap (0x7bbc0000,00000002,0x7e30fed0): returning TRUE
000f:trace:file:CreateFileW returning 0xc0
000f:trace:file:SetFilePointerEx handle 0xc0 offset 0 newpos 0x7bb9df8c origin 1
000f:trace:ntdll:NtQueryInformationFile (0xc0,0x7bb9dfa4,0x7bb9dfac,0x00000008,0x00000014)
000f:trace:heap:RtlAllocateHeap (0x71800000,00000002,000c0030): returning 0x7caa1320
000f:trace:file:ReadFile 0xc0 0x7caa1320 786476 0x7bb9dff0 (nil)
000f:trace:ntdll:NtReadFile
(0xc0,(nil),(nil),(nil),0x7bb9dfb0,0x7caa1320,0x000c002c,(nil),(nil)),partial stub!
000f:trace:ntdll:NtReadFile = 0x00000000
000f:trace:heap:RtlFreeHeap (0x71800000,00000002,0x7caa1320): returning TRUE
000f:trace:heap:RtlFreeHeap (0x71800000,00000002,0x7caa12e8): returning TRUE
000f:trace:heap:RtlFreeHeap (0x71800000,00000002,0x7caa12a0): returning TRUE
000f:trace:seh:__regs_RtlRaiseException code=c0000005 flags=0 addr=0x71800041
000f:trace:seh:__regs_RtlRaiseException  info[0]=00000001
000f:trace:seh:__regs_RtlRaiseException  info[1]=f2c2e509
000f:trace:seh:__regs_RtlRaiseException  eax=7c764c98 ebx=718be8bc ecx=7caa12a0 edx=0000004d
esi=718be8b0 edi=718be8ac
000f:trace:seh:__regs_RtlRaiseException  ebp=00000013 esp=7bb9e8c8 cs=0073 ds=007b es=007b fs=003b
gs=0033 flags=00210206



Here's RtlRaiseException code=c0000005 flags=0 addr=0x71800041, the addr points into 0x71800000.


Anyhow,

I've added a break point into RtlFreeHeap when it gets sent and address of 0x7caa12a0, the
debugger kicks in but every time I try pass / step/ next or continue nothing I get another
exception and end up in RtlFreeHeap again with exactly the same parameters passed as last time.

This is preventing me from stepping out into Perimiers code so I can see what may be causing the
problem.

Any ideas on howto debug this one.

Thanks,

Oliver.





		
___________________________________________________________ 
To help you stay safe and secure online, we've developed the all new Yahoo! Security Centre. http://uk.security.yahoo.com

More information about the wine-devel mailing list