View Issue Details

IDProjectCategoryView StatusLast Update
0011087LazarusLCLpublic2010-05-31 19:48
ReporterBart BroersmaAssigned ToPaul Ishenin 
PrioritynormalSeveritymajorReproducibilityrandom
Status closedResolutionfixed 
Platformi386OSWinMeOS VersionMS
Product Version0.9.25 (SVN)Product Build14480 
Target Version1.0.0Fixed in Version0.9.29 (SVN) 
Summary0011087: TMenuItem crashes (randomly) on WinMe
DescriptionA TMenuItem (on a TForm) crashes the application on WinMe in an unpredictable way. That is, it sometimes crashes.
Window shuts the app down with: "program has caused an error in KERNEL32.DLL. program will be closed." (Translated back from Dutch).

I decided to set the severity to major, because this bug prevents me from writing (porting) any serious app in (to) Lazarus.
Steps To ReproducePut a mainmenu on a TForm. Add one TMenuItem to it.
Compile and run (repeatedly, up to > 100 times...).
Additional InformationWhen the app crashes, this is the output in the console:
[FORMS.PP] ExceptionOccurred
  Sender=EAccessViolation
  Exception=Access violation
  Stack trace:
  $004D36B6 WINDOWPROC, line 1433 of win32callback.inc
  $BFF63613
  $BFF848F7
  $0119847A
TApplication.HandleException Access violation
  Stack

I once succeeded in crashing it in gdb, then gdb said:
Program received signal SIGSEGV, Segmentation fault.
0x004da696 in WINDOWPROC (WINDOW=1352, MSG=43, WPARAM=0, LPARAM=19199132)
    at win32callback.inc:1433
1433 win32callback.inc: No such file or directory.
        in win32callback.inc

The program is compiled with all optimizations off and rangechecking, stackchecking and overflowchecking on.

From win32callback.inc:

function WindowProc(Window: HWnd; Msg: UInt; WParam: Windows.WParam;
    LParam: Windows.LParam): LResult; stdcall;
.....
      // TODO: this could crash for a MenuItem.
      WindowInfo := GetWindowInfo(PDrawItemStruct(LParam)^.hwndItem);
--> if WindowInfo^.WinControl<>nil then <-- this is line 1433
        lWinControl := WindowInfo^.WinControl;

Somebody wrote the comment "This could crash for a TMenuItem", well (s)he seems to be rigth?

Some other things I observed.
Putting more controls on the form, seems to make the app crash more often.
I derived the attached app from a more elaborate program, painfully stripping it down to the barest minimum and running it endlessly.

I did not checkout the compiled program on Win98 or WinXP, I will report back on that once I did.
TagsNo tags attached.
Fixed in Revision25233
LazTarget1.0
WidgetsetWin32/Win64
Attached Files

Activities

2008-04-01 21:02

 

sbp.zip (8,014 bytes)

Vincent Snijders

2008-04-02 00:17

manager   ~0018533

I wrote that because WM_DRAWITEM can be sent for a menu item, but a menu item doesn't have a windowinfo associated.

Paul Ishenin

2008-04-02 04:52

manager   ~0018537

GetWindowInfo() returns pointer to default window info if Wnd doesnot have its own. So line "if WindowInfo^.WinControl<>nil then" should never crash. But in Barts case it crash - strange :)

Vincent Snijders

2008-04-02 08:40

manager   ~0018540

GetProp expects a window handle, not a menu handle. If it gets a window handle, then it will return null if there is no such property. Maybe it returns an invalid non-null value if you pass it a hmnenu (on windows ME), which makes GetWindowInfo think it got a valid WindowInfo.

Bart Broersma

2008-04-02 11:27

developer   ~0018548

Some more info:
Most of the times, when the app crashes, it does this on startup. I can just faintly see the form being painted, then Windows displays the error.
However, I've seen 2 or 2 times that the crash happens, when the program is up and running and I click on the menu.

I have not yet succeeded in crashing the sample program on Win98 (after > 500 starts).

Me wondering: why does not the Lazarus IDE (sometimes) crash with the same exception?

Possibly related (??). Every now and then, when I try to Alt-Tab away from the Lazarus IDE (SVN, never had it in 0.9.24), I get another error: "KERNEL32.DLL has caused an error in KERNEL32.DLL". This then immediately freezes the computer and only a hard reset is possible (thank you Bill G).

Do the param values that gdb outputs give you any info at all?

Paul Ishenin

2010-05-04 06:46

manager   ~0037222

Does this happens on other non-NT windows like win98?

Bart Broersma

2010-05-04 10:52

developer   ~0037236

@Paul
> I have not yet succeeded in crashing the sample program on Win98
> (after > 500 starts).

Paul Ishenin

2010-05-07 05:20

manager   ~0037338

Yes, after the 10-th run I get the kernel error.

Paul Ishenin

2010-05-07 05:41

manager   ~0037339

Please test and close if ok.

Bart Broersma

2010-05-31 19:48

developer   ~0038180

Seems to be fixed. Thanks.

Issue History

Date Modified Username Field Change
2008-04-01 21:02 Bart Broersma New Issue
2008-04-01 21:02 Bart Broersma File Added: sbp.zip
2008-04-01 21:02 Bart Broersma Widgetset => Win32
2008-04-02 00:15 Vincent Snijders LazTarget => 1.0
2008-04-02 00:15 Vincent Snijders Status new => acknowledged
2008-04-02 00:17 Vincent Snijders Note Added: 0018533
2008-04-02 04:52 Paul Ishenin Note Added: 0018537
2008-04-02 08:40 Vincent Snijders Note Added: 0018540
2008-04-02 11:27 Bart Broersma Note Added: 0018548
2008-04-24 09:57 Vincent Snijders Target Version => 1.0.0
2010-05-04 06:46 Paul Ishenin Note Added: 0037222
2010-05-04 06:46 Paul Ishenin Status acknowledged => feedback
2010-05-04 10:52 Bart Broersma Note Added: 0037236
2010-05-07 05:20 Paul Ishenin Note Added: 0037338
2010-05-07 05:20 Paul Ishenin Status feedback => confirmed
2010-05-07 05:41 Paul Ishenin Fixed in Revision => 25233
2010-05-07 05:41 Paul Ishenin Status confirmed => resolved
2010-05-07 05:41 Paul Ishenin Fixed in Version => 0.9.29 (SVN)
2010-05-07 05:41 Paul Ishenin Resolution open => fixed
2010-05-07 05:41 Paul Ishenin Assigned To => Paul Ishenin
2010-05-07 05:41 Paul Ishenin Note Added: 0037339
2010-05-31 19:48 Bart Broersma Status resolved => closed
2010-05-31 19:48 Bart Broersma Note Added: 0038180