[Bug 31276] New: Total Commander 8.0 64-bit installer crashes during cabinet extraction (wrong FCI/FDI structure packing for Win64)
wine-bugs at winehq.org
wine-bugs at winehq.org
Sat Jul 21 16:15:56 CDT 2012
http://bugs.winehq.org/show_bug.cgi?id=31276
Bug #: 31276
Summary: Total Commander 8.0 64-bit installer crashes during
cabinet extraction (wrong FCI/FDI structure packing
for Win64)
Product: Wine
Version: 1.5.9
Platform: x86
OS/Version: Linux
Status: NEW
Severity: normal
Priority: P2
Component: -unknown
AssignedTo: wine-bugs at winehq.org
ReportedBy: focht at gmx.net
Classification: Unclassified
Hello,
when bug 30329 is fixed (fix to buggy app installer should be preferred over
Wine) the installer runs into another crash.
The crash is mentioned in this TC thread:
http://ghisler.ch/board/viewtopic.php?p=252389
Trace log doesn't give much useful info because the crash happens within app
supplied FDI notification callback.
Debugging session:
--- snip ---
...
Wine-dbg>si
0x00007f76ded7fc60 FDICopy+0xda5
[/home/focht/projects/wine/wine-git/dlls/cabinet/fdi.c:2697] in cabinet: movq
0x0000000000000030(%rbp),%r8
2697 if ((filehf = ((*pfnfdin)(fdintCOPY_FILE, &fdin))) == -1) {
Wine-dbg>si
0x00007f76ded7fc64 FDICopy+0xda9
[/home/focht/projects/wine/wine-git/dlls/cabinet/fdi.c:2697] in cabinet: movq
%rax,%rdx
2697 if ((filehf = ((*pfnfdin)(fdintCOPY_FILE, &fdin))) == -1) {
Wine-dbg>si
0x00007f76ded7fc67 FDICopy+0xdac
[/home/focht/projects/wine/wine-git/dlls/cabinet/fdi.c:2697] in cabinet: movl
$0x2,%rcx
2697 if ((filehf = ((*pfnfdin)(fdintCOPY_FILE, &fdin))) == -1) {
Wine-dbg>si
0x00007f76ded7fc6c FDICopy+0xdb1
[/home/focht/projects/wine/wine-git/dlls/cabinet/fdi.c:2697] in cabinet: calll
*%r8d
2697 if ((filehf = ((*pfnfdin)(fdintCOPY_FILE, &fdin))) == -1) {
Wine-dbg>info reg
Register dump:
rip:00007f76ded7fc6c rsp:000000000023df40 rbp:000000000023e2e0 eflags:00000302
( - -- IT - - - )
rax:000000000023e0e0 rbx:0000000000241160 rcx:0000000000000002
rdx:000000000023e0e0
rsi:000000014000910c rdi:000000000023e118 r8:0000000140009170
r9:0000000000000000 r10:0000000000000008
r11:0000000000000246 r12:000000000023e810 r13:0000000000000000
r14:0000000140022b80 r15:0000000000000103
Wine-dbg>p fdin
{cb=0xc7a, psz1="e\REGISTER.RTF", psz2=0x0(nil), psz3=0x0(nil), pv=0x0(nil),
hf=0, date=0x40ed, time=0x4020, attribs=0, setID=0, iCabinet=0, iFolder=0,
fdie=FDIERROR_NONE}
Wine-dbg>x/20x $rdx
0x000000000023e0e0: 00000c7a 00241230 00000000 00000000
0x000000000023e0f0: 00000000 00000000 00000000 00000000
0x000000000023e100: 00000000 00000000 00000000 402040ed
0x000000000023e110: 00000000 00000000 00000000 00000000
0x000000000023e120: 003c30bc 004d0001 00008ace 00000000
...
Wine-dbg>si
0x0000000140009265: movq 0x0000000000000008(%rdi),%rbx
Wine-dbg>si
Unhandled exception: page fault on read access to 0x00000000 in 64-bit code
(0x0000000140009269).
Register dump:
rip:0000000140009269 rsp:000000000023d7a0 rbp:000000000023e2e0 eflags:00010346
( R- -- IT Z- -P- )
rax:000000000023d7f0 rbx:0000000000000000 rcx:fffffffec021b9f0
rdx:0000000140021e0c
rsi:0000000000000000 rdi:000000000023e0e0 r8:0000000140009170
r9:8101010101010100 r10:81010100f8f8fefe
r11:000000000023d7f0 r12:000000000023e810 r13:0000000000000000
r14:0000000140022b80 r15:0000000000000103
Stack dump:
0x000000000023d7a0: 000100020000003c 000000000023d170
0x000000000023d7b0: 000000000023d170 000000000023d0d0
0x000000000023d7c0: 000000000023d0d0 000000000023d0e0
0x000000000023d7d0: 000000000023d0e0 0000000000241160
0x000000000023d7e0: 000000000023d8e0 00007f76e66c281f
0x000000000023d7f0: 6c61746f745c3a63 00007f005c646d63
0x000000000023d800: 000000000023d900 00007f76e66c281f
0x000000000023d810: 000000000023dc24 000000010023dc28
0x000000000023d820: 000000000023d920 000000000023ddf0
0x000000000023d830: 000000000023d930 000000000023de00
0x000000000023d840: 000000000023d940 000000000023de10
0x000000000023d850: 0000000000000000 0000000000000000
Backtrace:
=>0 0x0000000140009269 in install (+0x9269) (0x000000000023e2e0)
1 0x00007f76ded7fc6f FDICopy+0xdb3(hfdi=0x241160, pszCabinet="install.cab",
pszCabPath="Z:\home\focht\Downloads\wc\", flags=0, pfnfdin=0x140009170,
pfnfdid=(nil), pvUser=0x0(nil))
[/home/focht/projects/wine/wine-git/dlls/cabinet/fdi.c:2697] in cabinet
(0x000000000023e2e0)
2 0x000000014000985b in install (+0x985a) (0x000000000023e5e0)
3 0x0000000140007036 in install (+0x7035) (0x0000000140019784)
4 0x0000000140007fab in install (+0x7faa) (0x000000000023f7f0)
...
0x0000000140009269: cmpb $0x5c,(%rbx)
--- snip ---
It seems the app notification callback code tries to access fdin.psz1 member at
wrong offset (+8).
The FDINOTIFICATION structure:
http://source.winehq.org/git/wine.git/blob/4ed257665ccb1e78efcff70306499cd7d33f0f96:/include/fdi.h#l228
--- snip ---
...
28 #include <pshpack4.h>
...
228 typedef struct {
229 LONG cb;
230 char *psz1;
231 char *psz2;
232 char *psz3; /* Points to a 256 character buffer */
233 void *pv; /* Value for client */
234
235 INT_PTR hf;
236
237 USHORT date;
238 USHORT time;
239 USHORT attribs;
240
241 USHORT setID; /* Cabinet set ID */
242 USHORT iCabinet; /* Cabinet number (0-based) */
243 USHORT iFolder; /* Folder number (0-based) */
244
245 FDIERROR fdie;
246 } FDINOTIFICATION, *PFDINOTIFICATION;
--- snip ---
Looking for other 64-bit apps using cabinet API I found this:
http://www.codeproject.com/Articles/15397/Cabinet-File-CAB-Compression-and-Extraction
The 32-bit version works ok.
The 64-bit version (Cabinet_x64.exe) exhibits same behaviour, FDINOTIFICATION
psz1 structure member is accessed with wrong offset (+8).
It seems for Win64 the explicit structure packing directives are no longer
applicable and compiler/platform defaults are used (applies for both, fdi.h and
fci.h header).
This allows the installer to succeed.
Regards
--
Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email
Do not reply to this email, post in Bugzilla using the
above URL to reply.
------- You are receiving this mail because: -------
You are watching all bug changes.
More information about the wine-bugs
mailing list