Questions? Feedback?powered byOlark live chat software
Bug 3736

pbdwe1xx.dll 64Bit truncates addresses causing crashes due to the use of Get/SetWindowLong instead of Get/SetWindowLongPtr 15 January, 2020

Rudolf Alexander Kerbitz
05 December, 2019
Product: PowerBuilder Category: DataWindow
Version: 2017 R3 Publishing: Public
Classification: Sybase (legacy) bug Priority: P2
Status: Scheduling Reason:
Mark Lee 15 January, 2020
Dear Rudolf,

Thanks for the quick update. We really appreciate your patience and understanding!
After we release PB 2019 R2 GA, our development team will have enough time to fix the bug and build a new standalone beta PB version for you.
And then we can send you the download link maybe in April or May.
Thanks for your understanding again.

Regards,
Mark Lee
Rudolf Alexander Kerbitz 14 January, 2020
Dear Mark,
 
we were glad to read that your development team successfully fixed the issue for which we provided the test case. We understand that fixing all of this issue requires time, after all, at least seven modules need to be revised. Naturally this is not done by solely replacing the mentioned accessor functions. It's clear that also the related code needs to be adjusted too and in doing so it's likely that your team will spot additional places in the code in which pointers are accidentally being truncated.

Due to this extensive impact we would like to discuss the opportunity to provide our assistance for quality assurance by testing new builds containing this bugfix with our applications under NDA.

Best regards
Rudolf Alexander Kerbitz
Mark Lee 07 January, 2020
Dear Rudolf,

Thanks for your update.
Our developer team made a deeper analysis of it and we confirm that it works well in your test case when we use the GetWindowLongPtr instead of the GetWindowLong function in the PB internal code.
However, if we fix this issue, that means we need to change many DLLs and this will also refer to many code.
So in this case, in order to keep quality, we need more time to test it. According to our developer team’s schedule, it will be fixed in the PB 2019 R3 version but the release date is not decided yet.
I appreciate your understanding.

Regards,
Mark Lee
Rudolf Alexander Kerbitz 06 January, 2020
Dear Appeon Support, 

due to this issue 64-bit builds of our products cannot work reliably. 

We were forced to suspend shipping this version of our products and 
have to appease our customers to be patient and use the 32-bit build 
until further notice. 

So far approximately one month has passed without any progress
and the bug - which is critical to us - is not even scheduled yet.

With all due respect, when are you going to take action?

Yours sincerely 
Rudolf Alexander Kerbitz
Mark Lee 09 December, 2019
Hi Rudolf,

Thanks for your information.
And we'll transfer it to our development team for consideration. 

Regards,
Mark Lee
Rudolf Alexander Kerbitz 06 December, 2019
pardon the typo, the sentence below was supposed to read "[...] the following library-files of the 2017 and 2019 runtime also import Get/SetWindowLong[...]"
Rudolf Alexander Kerbitz 06 December, 2019
Thank you for your quick response, we appreciate your efforts.

In addition it is worth mentioning that besides pbdwe1xx.dll the following library-files of the 2017 and 2019 runtime also import Get/SetWindowLongPtr and likewise should be adjusted in order to rule out that they do not cause random crashes:

pbdpl170.dll
pbodb170.dll
pbrtc170.dll
pbshr170.dll
pbUIS170.dll
pbvm170.dll

------------

pbvm190.dll
pbdpl190.dll
pbodb190.dll
pbrtc190.dll
pbshr190.dll
pbtheme190.dll
pbUIS190.dll

Best regards
Rudolf Alexander Kerbitz
Mark Lee 06 December, 2019
Hi Rudolf,

Thanks for report this problem.
We will escalate this problem to our development team for further analysis.
We will need some time to figure it out, and we will get back to you if any progress we would make.

BTW, we've found that PB 12.6 has the same behavior as well.

Regards,
Mark Lee
Chris Pollach 05 December, 2019
Hi Rudolf;

   Thank you for bringing this issue to Appeon's attention. I was able to recreate this issue in both PB2017R3 and PB2019 running on W10 build 18363. 

   We will need some time to figure out this issue and will get back to you as soon as we know more.

Regards ... Chris
Rudolf Alexander Kerbitz 05 December, 2019
pbdwe1xx.dll 64Bit truncates addresses causing crashes.zip (306KB)

*Phenomenon:
64Bit-Application crashes due to access violation caused by dereferencing truncated addresses.
Applies to Powerbuilder version 17 and 19.
Modules that causes the error: pbdwe170.dll, pbdwe190.dll 

*Reproduce Steps:
We procuded a minimum code example for reproducing the phenomenon in folder PBCrash2
1. Start PBCrash2\pbcrash.exe
2. Attach debugger to the running process (optional)
3. Click "Allocate" Button
4. Click "Open" Button
5. SEH-Exception: Access violation is thrown in PBDWE1xx.DLL!dwWinProcStatic

Remarks:
Phenomenon occurs on high memory pressure, i.e. when allocated memory exceeds 32bit address space.
During WM_CREATE message the lpParam argument passed via the LPCREATESTRUCT to the window 
with class name "pbdwst170" is truncated to 32Bit. Subsequent events that require accessing the data
of the window cause an access violation (see WindowEvents.log for details).
Although the address is already truncated at creation
PBDWE1xx.DLL!dwWinProcStatic would truncate the address too because it uses GetWindowLongW for 
accessing the data (see "callstack screenshot.png").

For compatibility with 64Bit-Applications one should use Get/SetWindowLongPtr instead of Get/SetWindowLong.
see: https://docs.microsoft.com/en-us/windows/win32/api/winuser/nf-winuser-getwindowlongptrw

Please assure to replace all references to Get/SetWindowLong with Get/SetWindowLongPtr
OS:
All 
Platform:
64-bit 
Database Type:
not related to database 
Database Version: