[Bug 9958] Albatross18 returns to the console immediately

wine-bugs at winehq.org wine-bugs at winehq.org
Thu Oct 11 05:39:28 CDT 2007 

http://bugs.winehq.org/show_bug.cgi?id=9958





--- Comment #8 from Anastasius Focht <focht at gmx.net>  2007-10-11 05:39:26 ---
Hello,

--- quote ---
 that's the same bug Maplestory runs
--- quote ---

Maple Story/GameGuard:

http://bugs.winehq.org/show_bug.cgi?id=3488
http://bugs.winehq.org/show_bug.cgi?id=3952

(one should be marked as duplicate of other)

Mount & Blade:

http://bugs.winehq.org/show_bug.cgi?id=7923

They all suffer from same issue like this bug id: Themida PE protector.

The protector creates a pile of threads (5-10), probably to countermeasure
anti-debugging, anti-dumping whatever and it's main thread dies due to
unhandled exception:

--- snip mount & blade ---
...
0040:Ret  KERNEL32.SetEvent() retval=00000001 ret=038a943c
0040:Call KERNEL32.Sleep(00000000) ret=038a9469
0040:Ret  KERNEL32.Sleep() retval=00000000 ret=038a9469
0040:Call KERNEL32.Sleep(00000000) ret=038a9469
0040:Ret  KERNEL32.Sleep() retval=00000000 ret=038a9469
0040:Call KERNEL32.Sleep(00000000) ret=038a9469
0040:Ret  KERNEL32.Sleep() retval=00000000 ret=038a9469
0040:Call KERNEL32.Sleep(00000000) ret=038a9469
0040:Ret  KERNEL32.Sleep() retval=00000000 ret=038a9469
0028:Call KERNEL32.WaitForSingleObject(000000ac,ffffffff) ret=036d3670
0040:trace:seh:raise_exception code=c0000005 flags=0 addr=0x4c80efe
0040:trace:seh:raise_exception  info[0]=00000000
0040:trace:seh:raise_exception  info[1]=04d0c0d5
0040:trace:seh:raise_exception  eax=04d0c0d1 ebx=f72ae9f7 ecx=036bf720
edx=03cafee4 esi=03cafdc8 edi=00000094
0040:trace:seh:raise_exception  ebp=03cafed8 esp=03cafdb4 cs=0073 ds=007b
es=007b fs=0033 gs=003b flags=00210202
0040:trace:seh:call_stack_handlers calling handler at 0x4f208c code=c0000005
flags=0
0040:trace:seh:call_stack_handlers handler at 0x4f208c returned 1
0040:trace:seh:call_stack_handlers calling handler at 0x36bc1fa code=c0000005
flags=0
0040:trace:seh:call_stack_handlers handler at 0x36bc1fa returned 0 
--- snip mount & blade ---

--- snip maple story gamemon.des ---
...
0026:Call KERNEL32.VirtualProtect(00400000,00001000,00000004,006b352e)
ret=008e438e
0026:Ret  KERNEL32.VirtualProtect() retval=00000001 ret=008e438e
0026:Call KERNEL32.VirtualProtect(00400000,00001000,00000002,006b220e)
ret=008e4692
0026:Ret  KERNEL32.VirtualProtect() retval=00000001 ret=008e4692
0026:Call KERNEL32.SetEvent(000000a8) ret=008e4922
0026:Ret  KERNEL32.SetEvent() retval=00000001 ret=008e4922
0026:Call KERNEL32.Sleep(00000000) ret=008e4936
0026:Ret  KERNEL32.Sleep() retval=00000000 ret=008e4936
0026:Call KERNEL32.Sleep(00000000) ret=008e4936
0026:Ret  KERNEL32.Sleep() retval=00000000 ret=008e4936
0026:Call KERNEL32.Sleep(00000000) ret=008e4936
0026:Ret  KERNEL32.Sleep() retval=00000000 ret=008e4936
0026:Call KERNEL32.Sleep(00000000) ret=008e4936
0026:Ret  KERNEL32.Sleep() retval=00000000 ret=008e4936
0026:Call KERNEL32.Sleep(00000000) ret=008e4936
0026:warn:seh:setup_exception exception outside of stack limits in thread 0026
eip 00b0e2a5 esp 00351fe8 stack 0x241000-0x350000
0026:trace:seh:raise_exception code=c0000005 flags=0 addr=0xb0e2a5
0026:trace:seh:raise_exception  info[0]=00000001
0026:trace:seh:raise_exception  info[1]=0000f19c
0026:trace:seh:raise_exception  eax=0000f19c ebx=c39fa401 ecx=00000001
edx=1c9e25c5 esi=00351ff8 edi=0000f19c
0026:trace:seh:raise_exception  ebp=00000000 esp=00351fe8 cs=0073 ds=007b
es=007b fs=0033 gs=003b flags=00010246
0026:trace:seh:call_stack_handlers calling handler at 0x7b82c030 code=c0000005
flags=0
0026:trace:seh:start_debugger Starting debugger "winedbg --auto 37 260"
0026:trace:seh:call_stack_handlers handler at 0x7b82c030 returned 1
0026:warn:seh:setup_exception exception outside of stack limits in thread 0026
eip 00b0e2a5 esp 00351fe8 stack 0x241000-0x3500
...
0026:err:seh:raise_exception Exception frame is not in stack limits => unable
to dispatch exception. 
--- snip maple story gamemon.des ---

Same goes for albatross18 S3.
The only suspicious thing I found in all three logs:

--- snip mount & blade ---
0040:Call KERNEL32.GetModuleHandleA(035bfe3c "Th") ret=0370a7e2
0040:Ret  KERNEL32.GetModuleHandleA() retval=00000000 ret=0370a7e2
0040:Call KERNEL32.LoadLibraryA(03cafe10
"u\x0e\x02`\x10\xfe\xca\x03\xff\xff\xff\xff\x10\x11\xc5{<\xfe[\x038\xfe\xca\x03\xa4V\xc8{|\xfe\xca\x03o\"\xc5{\x10\xfe\xca\x03\xff\xff\xff\xff")
ret=0370a815
0040:Ret  KERNEL32.LoadLibraryA() retval=00000000 ret=0370a815 
--- snip mount & blade ---

--- snip maple story gamemon.des ---
0026:Call KERNEL32.GetModuleHandleA(006b26fe "Th") ret=007fa64d
0026:Ret  KERNEL32.GetModuleHandleA() retval=00000000 ret=007fa64d
0026:Call KERNEL32.LoadLibraryA(006b26fe "Th") ret=007fa76c
0026:Ret  KERNEL32.LoadLibraryA() retval=00000000 ret=007fa76c 
--- snip maple story gamemon.des ---

Pretty much messed up. Several calls before the crash.

They all seem to use different versions of Themida, but I have no signatures to
pin down the exact version used.
The game makers would have to repackage their binaries with newer Themida
versions and republish/push updates.
Only feasible with GameGuard (that gets regularly updated).
For other games it is a very unlikely event in case of wine "compatibility"
(wine does not exist for them).

Regards


-- 
Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching all bug changes.

More information about the wine-bugs mailing list