[Bug 23207] Mount&Blade: Warband Demo v1.123 crashes quickly in user32.GetSysColor (needs DECLSPEC_HOTPATCH entry for hooking code)

wine-bugs at winehq.org wine-bugs at winehq.org
Tue Jun 14 14:47:07 CDT 2011 

http://bugs.winehq.org/show_bug.cgi?id=23207

Anastasius Focht <focht at gmx.net> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
           Keywords|regression                  |
             Status|CLOSED                      |REOPENED
                URL|http://download.taleworlds. |
                   |com/mb_warband_setup_1123.e |http://games.on.net/file/35
                   |xe                          |089/MountBlade_Warband_Demo
                   |                            |_v1.123
                 CC|                            |focht at gmx.net
          Component|-unknown                    |user32
         Resolution|DUPLICATE                   |
            Summary|Mount & Blade Warband trial |Mount&Blade: Warband Demo
                   |crashes quickly in          |v1.123 crashes quickly in
                   |GetSysColor                 |user32.GetSysColor (needs
                   |                            |DECLSPEC_HOTPATCH entry for
                   |                            |hooking code)

--- Comment #16 from Anastasius Focht <focht at gmx.net> 2011-06-14 14:47:07 CDT ---
Hello Krzysztof,

--- quote ---
The closing of this bug was a bit premature in my opinion. After some battle
with winedbg I think I got to the bottom of it:
...
--- quote ---

yes, you nailed it ;-)

--- quote ---
I remember that GCC has a __attribute__((ms_hook_prologue)) for generating
functions with the hot-patchable prologue. Is Wine using this option?
--- quote ---

Yes, it is applied to APIs where a specific problem was found with hooking code
or copy protections.
This entry has no DECLSPEC_HOTPATCH decoration:

http://source.winehq.org/git/wine.git/blob/666c40f398087466bd0cc2ff0f511bf7154f7708:/dlls/user32/sysparams.c#l2910

With HOTPATCH applied to user32.GetSysColor:

Before hooking:

--- snip user32.GetSysColor ---
68424BB0    8BFF            MOV EDI,EDI                              
68424BB2    55              PUSH EBP
68424BB3    8BEC            MOV EBP,ESP
68424BB5    E8 46A9F7FF     CALL 6839F500
68424BBA    81C1 3AE40300   ADD ECX,3E43A
68424BC0    837D 08 00      CMP DWORD PTR SS:[EBP+8],0
68424BC4    78 12           JS SHORT 68424BD8
...
--- snip user32.GetSysColor ---

After hooking:

--- snip user32.GetSysColor ---
68472BB0  - E9 DE57DD97     JMP 00248393                            
68472BB5    E8 46A9F7FF     CALL 683ED500
68472BBA    81C1 3AE40300   ADD ECX,3E43A
68472BC0    837D 08 00      CMP DWORD PTR SS:[EBP+8],0
68472BC4    78 12           JS SHORT 68472BD8
68472BC6    837D 08 1E      CMP DWORD PTR SS:[EBP+8],1E
68472BCA    7F 0C           JG SHORT 68472BD8
68472BCC    8B45 08         MOV EAX,DWORD PTR SS:[EBP+8]
68472BCF    8B8481 CC4B0400 MOV EAX,DWORD PTR DS:[EAX*4+ECX+44BCC]
68472BD6    EB 05           JMP SHORT 68472BDD
68472BD8    B8 00000000     MOV EAX,0
68472BDD    5D              POP EBP
68472BDE    C2 0400         RETN 4
--- snip user32.GetSysColor ---

This is the original function chunk saved by the hooker:

--- snip ---
00257C43    8BFF            MOV EDI,EDI
00257C45    55              PUSH EBP
00257C46    8BEC            MOV EBP,ESP
00257C48  - E9 68CF1C68     JMP 68424BB5
--- snip ---

So it works with the skinmagic hooker.

$ sha1sum mb_warband_setup_1123.exe 
5c6f73b666e0634735bf89074d7a8bb0df2ba30e  mb_warband_setup_1123.exe

Regards

-- 
Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email
Do not reply to this email, post in Bugzilla using the
above URL to reply.
------- You are receiving this mail because: -------
You are watching all bug changes.

More information about the wine-bugs mailing list