search

TheAssemblyArmada / Thyme

An open source re-implementation of Generals : Zero Hour written in C++.
GNU General Public License v2.0
569 stars 54 forks source link

w3dview crash in CDataTreeView::AddRenderObjects #1148

Open xezon opened 3 weeks ago

xezon commented 3 weeks ago

Crash when using w3dview to load objects

>   w3dview.exe!CDataTreeView::AddRenderObjects() Line 128  C++
    w3dview.exe!CMainFrame::OnOpen() Line 676   C++
    [Inline Frame] mfc140.dll!_AfxDispatchCmdMsg(CCmdTarget * pfn, unsigned int nSig, int) Line 77  C++
    mfc140.dll!CCmdTarget::OnCmdMsg(unsigned int nID, int nCode, void * pExtra, AFX_CMDHANDLERINFO * pHandlerInfo) Line 377 C++
    mfc140.dll!CFrameWnd::OnCmdMsg(unsigned int nID, int nCode, void * pExtra, AFX_CMDHANDLERINFO * pHandlerInfo) Line 988  C++
    w3dview.exe!CMainFrame::OnCmdMsg(unsigned int nID, int nCode, void * pExtra, AFX_CMDHANDLERINFO * pHandlerInfo) Line 180    C++
    mfc140.dll!CWnd::OnCommand(unsigned int wParam, long lParam) Line 2801  C++
    mfc140.dll!CFrameWnd::OnCommand(unsigned int wParam, long lParam) Line 384  C++
    w3dview.exe!CMainFrame::OnCommand(unsigned int wParam, long lParam) Line 217    C++
    mfc140.dll!CWnd::OnWndMsg(unsigned int message, unsigned int wParam, long lParam, long * pResult) Line 2114 C++
    mfc140.dll!CWnd::WindowProc(unsigned int message, unsigned int wParam, long lParam) Line 2100   C++
    w3dview.exe!CMainFrame::WindowProc(unsigned int message, unsigned int wParam, long lParam) Line 230 C++
    mfc140.dll!AfxCallWndProc(CWnd * pWnd, HWND__ * hWnd, unsigned int nMsg, unsigned int wParam, long lParam) Line 268 C++
    mfc140.dll!AfxWndProc(HWND__ * hWnd, unsigned int nMsg, unsigned int wParam, long lParam) Line 417  C++
    mfc140.dll!AfxWndProcBase(HWND__ * hWnd, unsigned int nMsg, unsigned int wParam, long lParam) Line 299  C++
    user32.dll!__InternalCallWinProc@20()   Unknown
    user32.dll!UserCallWinProcCheckWow()    Unknown
    user32.dll!SendMessageWorker(struct tagWND *,unsigned int,unsigned int,long,int)    Unknown
    user32.dll!SendMessageW()   Unknown
    comctl32.dll!_TBOnLButtonUp@20()    Unknown
    comctl32.dll!_ToolbarWndProc@16()   Unknown
    user32.dll!__InternalCallWinProc@20()   Unknown
    user32.dll!UserCallWinProcCheckWow()    Unknown
    user32.dll!CallWindowProcAorW(long (*)(struct HWND__ *,unsigned int,unsigned int,long),struct HWND__ *,enum _WM_VALUE,unsigned int,long,int)    Unknown
    user32.dll!_CallWindowProcA@20()    Unknown
    mfc140.dll!CWnd::DefWindowProcA(unsigned int nMsg, unsigned int wParam, long lParam) Line 1108  C++
    mfc140.dll!CWnd::WindowProc(unsigned int message, unsigned int wParam, long lParam) Line 2101   C++
    mfc140.dll!CControlBar::WindowProc(unsigned int nMsg, unsigned int wParam, long lParam) Line 502    C++
    mfc140.dll!AfxCallWndProc(CWnd * pWnd, HWND__ * hWnd, unsigned int nMsg, unsigned int wParam, long lParam) Line 268 C++
    mfc140.dll!AfxWndProc(HWND__ * hWnd, unsigned int nMsg, unsigned int wParam, long lParam) Line 417  C++
    mfc140.dll!AfxWndProcBase(HWND__ * hWnd, unsigned int nMsg, unsigned int wParam, long lParam) Line 299  C++
    user32.dll!__InternalCallWinProc@20()   Unknown
    user32.dll!UserCallWinProcCheckWow()    Unknown
    user32.dll!_DispatchMessageWorker@8()   Unknown
    user32.dll!IsDialogMessageW()   Unknown
    user32.dll!IsDialogMessageA()   Unknown
    mfc140.dll!CWnd::IsDialogMessageA(tagMSG * lpMsg) Line 193  C++
    mfc140.dll!CWnd::PreTranslateInput(tagMSG * lpMsg) Line 4607    C++
    mfc140.dll!CControlBar::PreTranslateMessage(tagMSG * pMsg) Line 440 C++
    mfc140.dll!CWnd::WalkPreTranslateTree(HWND__ * hWndStop, tagMSG * pMsg) Line 3380   C++
    mfc140.dll!AfxInternalPreTranslateMessage(tagMSG * pMsg) Line 233   C++
    mfc140.dll!CWinThread::PreTranslateMessage(tagMSG * pMsg) Line 777  C++
    mfc140.dll!AfxPreTranslateMessage(tagMSG * pMsg) Line 252   C++
    mfc140.dll!AfxInternalPumpMessage() Line 178    C++
    mfc140.dll!AfxWinMain(HINSTANCE__ * hInstance, HINSTANCE__ * hPrevInstance, char * lpCmdLine, int nCmdShow) Line 61 C++
    [Inline Frame] w3dview.exe!invoke_main() Line 102   C++
    w3dview.exe!__scrt_common_main_seh() Line 288   C++
    kernel32.dll!7674fcc9() Unknown
    [Frames below may be incorrect and/or missing, no symbols loaded for kernel32.dll]  
    ntdll.dll!__RtlUserThreadStart()    Unknown
    ntdll.dll!__RtlUserThreadStart@8()  Unknown
Exception thrown: read access violation.
iter->**** was 0x7F7FFFFF.
  Name Value Type
iter 0x02f7bfac {...} RenderObjIterator *
  ◢ AssetIterator {m_index=0xbf800000 } AssetIterator
  ▶ __vfptr 0x7f7fffff {???, ???, ???, ???, ???} void
  m_index 0xbf800000 int

vtable of iter is garbage. Crashes on calling First().

void CDataTreeView::AddRenderObjects()
{
    SetRedraw(FALSE);
    RenderObjIterator *iter = W3DAssetManager::Get_Instance()->Create_Render_Obj_Iterator();

    if (iter != nullptr) {
        for (iter->First(); !iter->Is_Done(); iter->Next()) {       // <----- crash here
            const char *name = iter->Current_Item_Name();
...