2. NSIS Discussion
  3. NSIS 2.40 LongStr Crashes!

Archive: NSIS 2.40 LongStr Crashes!


LoRd_MuldeR
13th October 2008 01:19 UTC

NSIS 2.40 "large strings" crashes!
When I try to compile my installer with the "large strings" edition of NSIS v2.40, then makensis.exe will crash reproducible! The very same script compiles just fine with the "normal" version of NSIS v2.40 as well as with the "large strings" edition of NSIS v2.38. Any ideas?

http://img402.imageshack.us/img402/3...ash2yj6.th.pnghttp://img402.imageshack.us/images/thpix.gif


Script available from SVN:
http://opensvn.csie.org/viewcvs.cgi/...oot=mulder1984

Anders
13th October 2008 10:35 UTC

could you narrow it down to a minimal script?

LoRd_MuldeR
13th October 2008 13:02 UTC

I could try to do so, but I got no idea where to start :(

Any ideas?

Anders
13th October 2008 13:35 UTC

remove half of the file instructions, check
remove the other half, check
remove the pages one by one while checking for crash

LoRd_MuldeR
13th October 2008 13:48 UTC

Well, obviously it crashes near the beginning and while processing the MUI/UMUI header/defines, long before any file command is being processed...

LoRd_MuldeR
13th October 2008 13:55 UTC

Here is the output from a debugger, if that helps:


Microsoft (R) Windows Debugger  Version 6.6.0003.5
Copyright (c) Microsoft Corporation. All rights reserved.

CommandLine: D:\NSIS\makensis.exe /DBuild_Number=35 /DCompile_Date="2008-10-13" /DVersion_MPlayer="SVN-r27743 (2008-10-11)" /DVersion_MPUI="v1.2-pre3 (Build 38)" /DVersion_SMPlayer="v0.6.3 (SVN-r1997)" /DVersion_Codecs="(2007-10-07)" /DVersion_NSIS="v2.40" /DPath_Out="D:\MPUI\upload\MPUI.2008-10-13.Build-35" /DPath_Builds="D:\MPUI\builds" Installer.nsi
Starting directory: D:\MPUI
Symbol search path is: *** Invalid ***
****************************************************************************
* Symbol loading may be unreliable without a symbol search path.           *
* Use .symfix to have the debugger choose a symbol path.                   *
* After setting your symbol path, use .reload to refresh symbol locations. *
****************************************************************************
Executable search path is: 
ModLoad: 00400000 00480000   image00400000
ModLoad: 7d4c0000 7d5f0000   NOT_AN_IMAGE
ModLoad: 7d600000 7d6f0000   C:\WINDOWS\SysWOW64\ntdll32.dll
ModLoad: 7d4c0000 7d5f0000   C:\WINDOWS\syswow64\kernel32.dll
ModLoad: 7d800000 7d890000   C:\WINDOWS\syswow64\GDI32.dll
ModLoad: 7d930000 7da00000   C:\WINDOWS\syswow64\USER32.dll
ModLoad: 00480000 0051b000   C:\WINDOWS\syswow64\ADVAPI32.dll
ModLoad: 7da20000 7db00000   C:\WINDOWS\syswow64\RPCRT4.dll
ModLoad: 7d8d0000 7d920000   C:\WINDOWS\syswow64\Secur32.dll
ModLoad: 77b90000 77b98000   C:\WINDOWS\syswow64\VERSION.dll
ModLoad: 77ba0000 77bfa000   C:\WINDOWS\syswow64\msvcrt.dll
(121c.126c): Break instruction exception - code 80000003 (first chance)
eax=77c00000 ebx=7efde000 ecx=00000003 edx=00000008 esi=7d6a01f4 edi=00211f38
eip=7d61002d esp=0012fb4c ebp=0012fcac iopl=0         nv up ei pl nz na pe nc
cs=0023  ss=002b  ds=002b  es=002b  fs=0053  gs=002b             efl=00000202
*** ERROR: Symbol file could not be found.  Defaulted to export symbols for C:\WINDOWS\SysWOW64\ntdll32.dll - 
ntdll32!DbgBreakPoint:
7d61002d cc               int     3
0:000> g
ModLoad: 7dee0000 7df40000   C:\WINDOWS\SysWOW64\IMM32.DLL
ModLoad: 7dbc0000 7dbc9000   C:\WINDOWS\SysWOW64\LPK.DLL
ModLoad: 75490000 754f5000   C:\WINDOWS\SysWOW64\USP10.dll
(121c.126c): Stack overflow - code c00000fd (first chance)
First chance exceptions are reported before any exception handling.
This exception may be expected and handled.
eax=00003000 ebx=0012da18 ecx=00032f1c edx=00000000 esi=0000009f edi=00050134
eip=0044ef17 esp=00037f14 ebp=000500f0 iopl=0         nv up ei pl nz na po nc
cs=0023  ss=002b  ds=002b  es=002b  fs=0053  gs=002b             efl=00010206
*** WARNING: Unable to verify checksum for image00400000
*** ERROR: Module load completed but symbols could not be loaded for image00400000
image00400000+0x4ef17:
0044ef17 8501             test    [ecx],eax         ds:002b:00032f1c=00000000
0:000> g
(121c.126c): Stack overflow - code c00000fd (!!! second chance !!!)
eax=00003000 ebx=0012da18 ecx=00032f1c edx=00000000 esi=0000009f edi=00050134
eip=0044ef17 esp=00037f14 ebp=000500f0 iopl=0         nv up ei pl nz na po nc
cs=0023  ss=002b  ds=002b  es=002b  fs=0053  gs=002b             efl=00010206
image00400000+0x4ef17:
0044ef17 8501             test    [ecx],eax         ds:002b:00032f1c=00000000
0:000> g
(121c.126c): Access violation - code c0000005 (first chance)
First chance exceptions are reported before any exception handling.
This exception may be expected and handled.
eax=00000000 ebx=0012da18 ecx=0012da18 edx=00000000 esi=0000009f edi=00050134
eip=00000000 esp=0003af2c ebp=000500f0 iopl=0         nv up ei pl nz na pe nc
cs=0023  ss=002b  ds=002b  es=002b  fs=0053  gs=002b             efl=00010202
00000000 ??               ???

LoRd_MuldeR
13th October 2008 15:13 UTC

Looks like this is the problem:

(121c.126c): Stack overflow - code c00000fd (!!! second chance !!!)

Anders
13th October 2008 15:22 UTC

kichik is away and will not be back until november, if you want me to take a look, you will have to narrow it down to a single line with the problem if possible (without UMUI and other 3rd party plugins)

LoRd_MuldeR
13th October 2008 16:15 UTC

I'm afraid I can't, because various "simple" installers I tried do work just fine.
It seems the problem is only triggers with a "complex" installer...

But even "NSIS\examples\UltraModenUI\bigtest.nsi" crashes! :cry:
It crashed on "!insertmacro: UMUI_PAGE_INFORMATION", while my installer crashed on "!insertmacro: UMUI_PAGE_SETUPTYPE"

So there is not the "one line that crashes" :(

The "NSIS\examples\bigtest.nsi" compiles just fine though :confused:

Any more ideas?

Anders
13th October 2008 16:26 UTC

UMUI bug maybe

LoRd_MuldeR
13th October 2008 16:42 UTC

Well, there are only two possibilities:
* UMUI generates a valid script and makensis.exe compiles that script
* UMUI generates an invalid script and makensis.exe rejects that script

But makensis.exe simply crashing without error messages definitely shouldn't happen, no matter how buggy the script is (which I'm pretty sure it is not). Also the very same script compiles fine with NSIS v2.38, with NSIS v2.38 "Long Strings" build and also with NSIS v2.40. This all sounds like an NSIS bug to me. And it might or might not be related to this one, which still remains unresolved...

Anders
13th October 2008 16:53 UTC

I don't feel link looking at UMUI and all of its junk, give me a stand alone .nsi that crashes and I might have a go at figuring out the problem

LoRd_MuldeR
13th October 2008 17:23 UTC

Uff, here you go:
http://www.mediafire.com/file/zzjtleyl5gt/CrashTest.nsi

This .nsi crashed reproducible with NSIS v2.40 "Long Stings" and compiles fine with NSIS v2.38 "Long Stings" ;)

(Note: The actual installer starts at line #10012)

Anders
13th October 2008 18:12 UTC

you are not making this easy are you, thats just a big file that does not even compile, I want something without UMUI

edit: If I add !include "installoptions.nsh" to the top of CrashTest.nsi, it does not crash

LoRd_MuldeR
13th October 2008 18:38 UTC

The script "as-is" does compile just fine with NSIS v2.38 "Long Stings", but it gives the same crash (reproducible!) as shown on my screenshot with NSIS v2.40 "Long Stings". If I knew how to trigger the crash without UMUI, I'd post a shorter script. But I don't. Since it's a stack overflow, I guess it happens only with a lot of defines and macros. So it's perfectly possible that it cannot be reproduced with a "minimalistic" script...

Anders
13th October 2008 19:17 UTC

as far as i can tell, the crash is @

!macro UMUI_STR2INT VALUE
Push $0 ; The source <<< here
....

in alloca_probe (stack allocation stuff IIRC)

edit:
the call stack in debug build looks like:



MAKENSIS! _alloca_probe + 23 bytes
CEXEBuild::doParse(const char * 0x00c0c91a) line 543 + 19 bytes
CEXEBuild::process_oneline(char * 0x00ac0a34, char * 0x0005dc24, int 1) line 854 + 17 bytes
CEXEBuild::doCommand(int 80, LineParser & {...}) line 1086 + 32 bytes
CEXEBuild::doParse(const char * 0x00bf48d2) line 543 + 19 bytes
CEXEBuild::process_oneline(char * 0x00ac14ee, char * 0x00076b00, int 10) line 854 + 17 bytes
CEXEBuild::doCommand(int 80, LineParser & {...}) line 1086 + 32 bytes
CEXEBuild::doParse(const char * 0x00b9ff3c) line 543 + 19 bytes
CEXEBuild::process_oneline(char * 0x00ac1aed, char * 0x0008f9dc, int 6) line 854 + 17 bytes
CEXEBuild::doCommand(int 80, LineParser & {...}) line 1086 + 32 bytes
CEXEBuild::doParse(const char * 0x00bdc86a) line 543 + 19 bytes
CEXEBuild::process_oneline(char * 0x00af3281, char * 0x000a88b8, int 10) line 854 + 17 bytes
CEXEBuild::doCommand(int 80, LineParser & {...}) line 1086 + 32 bytes
CEXEBuild::doParse(const char * 0x00bcc83c) line 543 + 19 bytes
CEXEBuild::process_oneline(char * 0x00af26c5, char * 0x000c1794, int 17) line 854 + 17 bytes
CEXEBuild::doCommand(int 80, LineParser & {...}) line 1086 + 32 bytes
CEXEBuild::doParse(const char * 0x00b77ec2) line 543 + 19 bytes
CEXEBuild::process_oneline(char * 0x00aec112, char * 0x000da670, int 5) line 854 + 17 bytes
CEXEBuild::doCommand(int 80, LineParser & {...}) line 1086 + 32 bytes
CEXEBuild::doParse(const char * 0x00bb000a) line 543 + 19 bytes
CEXEBuild::process_oneline(char * 0x00af24e8, char * 0x000f354c, int 2) line 854 + 17 bytes
CEXEBuild::doCommand(int 80, LineParser & {...}) line 1086 + 32 bytes
CEXEBuild::doParse(const char * 0x00a7100c) line 543 + 19 bytes
CEXEBuild::process_oneline(char * 0x00ad31f8, char * 0x0010c428, int 83) line 854 + 17 bytes
CEXEBuild::doCommand(int 80, LineParser & {...}) line 1086 + 32 bytes
CEXEBuild::doParse(const char * 0x00b213ba) line 543 + 19 bytes
CEXEBuild::process_oneline(char * 0x00ad26f0, char * 0x00125304, int 19) line 854 + 17 bytes
CEXEBuild::doCommand(int 80, LineParser & {...}) line 1086 + 32 bytes
CEXEBuild::doParse(const char * 0x00a3a050) line 543 + 19 bytes
CEXEBuild::parseScript() line 729 + 23 bytes
CEXEBuild::process_script(_iobuf * 0x004c13d0, char * 0x0012da08) line 221 + 8 bytes
main(int 2, char * * 0x00900cc0) line 509 + 25 bytes
MAKENSIS! mainCRTStartup + 180 bytes
KERNEL32! 7c816d4f


for CrashTest.nsi. The recursion is not that deep, but it might still use a lot of local variables. Maybe putting more on the heap instead would help, anyways, kichik would have to take a look at it when he comes back. You should file a bug report on the project tracker so this does not get lost when it scrolls off the forum front page

Afrow UK
13th October 2008 19:31 UTC

Did you extract the stubs?

Stu

LoRd_MuldeR
13th October 2008 19:32 UTC

Thanks you for looking into this, Anders.

I'll file a bugreport...

LoRd_MuldeR
13th October 2008 19:33 UTC

Originally posted by Afrow UK
Did you extract the stubs?

Stu
I may be stupid, but not THAT stupid :D

-> Yes, I did extract/replace the stubs accordingly.

kichik
7th November 2008 22:06 UTC

Did you submit a bug report?

Anders
7th November 2008 23:55 UTC

Originally posted by kichik
Did you submit a bug report?
No, but I did, its @ http://sourceforge.net/tracker/index...49&atid=373085

LoRd_MuldeR
26th November 2008 18:34 UTC

Originally posted by Anders
No, but I did, its @ http://sourceforge.net/tracker/index...49&atid=373085
MakeNSIS v2.41 still crashes with UMUI installer :(

("Large strings" build only, normal one seems to work okay)

Anders
26th November 2008 20:19 UTC

the bug is still marked as open so no surprise there

LoRd_MuldeR
22nd January 2009 01:14 UTC

Just to let you know: The "Large strings" build of NSIS v2.42 still crashes while compiling my UMUI installer :(

The good news is: The new plugin system apparently didn't break my installer :)

Anders
22nd January 2009 07:04 UTC

Quote:

ripper17
1st June 2011 09:06 UTC

In my case, it helped to replace "MUI_INSTALLOPTIONS_*" (e.g. "MUI_INSTALLTOPTIONS_READ") with "INSTALLOPTIONS_*" (e.g. INSTALLOPTIONS_READ).

So simply drop the MUI_ prefix and don't forget to add InstallOptions.nsh to your includes.

Hope that helps

Martin

Fork me on GitHub

Originally posted by Anders
the bug is still marked as open so no surprise there