Loading...

XML

Word

Printable

Details

Type: Bug
Resolution: Fixed
Priority: Critical
Fix Version/s: 0.3.17
Component/s: Win32SS
Labels:
None

Module:

Description

Aaand another win32k crash with the new user32 tests... go Wine

Problem here is that in the MF_BYCOMMAND case, neither IntHiliteMenuItem nor IntGetMenuItemByFlag initializes the MenuItem pointer if no menu was found. And IntGetMenuItemByFlag's return value is only checked in the MF_BYPOSITION case.
That causes MenuItem to be uninitialized and hence crashes.

No idea what the logic is supposed to be there. Neither of the behaviors makes sense to me – the variable should be nulled in the function and the return value always checked.

[7h

Entered debugger on last-chance exception (Exception Code: 0xc0000005) (Page Fault)

Memory at 0x002802E8 could not be written: Page not present.

kdb:>

bt

Eip:

<win32k.sys:4c076 (win32ss/user/ntuser/menu.c:1062 (IntHiliteMenuItem))>

Frames:

<win32k.sys:4de34 (win32ss/user/ntuser/menu.c:2069 (NtUserHiliteMenuItem))>

<NTOSKRNL.EXE:140230 (ntoskrnl/include/internal/arch/../i386/ke.h:688 (KiFastCallEntryHandler))>

<NTOSKRNL.EXE:3ced (:0 (KiFastCallEntry))>

<ntdll.dll:c081 (:0 (KiIntSystemCall))>

<user32_winetest.exe:4eb69 (modules/rostests/winetests/user32/menu.c:2426 (test_menu_hilitemenuitem))>

<user32_winetest.exe:5df97 (modules/rostests/winetests/user32/menu.c:3651 (func_menu))>

<user32_winetest.exe:d5359 (include/reactos/wine/test.h:606 (main))>

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending
- Thumbnails
- List
- Download All

nullcasec.patch
0.4 kB
2014-04-25 16:37
win32k-menu.patch
10 kB
2014-04-27 09:42
win32k-menu.patch
10 kB
2014-04-27 09:39
win32k-menu.patch
9 kB
2014-04-27 08:30

Activity

People

Assignee:: jimtabor

Reporter:: ThFabba

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Dates

Created:: 2014-04-25 13:42

Updated:: 2014-11-04 17:34

Resolved:: 2014-05-07 21:37