[Bug 13401] fr-057 demo scene application crashes at start up (custom imports resolver can't cope with some msvcrt functions being forwarded to ntdll)

wine-bugs at winehq.org wine-bugs at winehq.org
Thu Nov 29 15:28:21 CST 2012 

http://bugs.winehq.org/show_bug.cgi?id=13401

Anastasius Focht <focht at gmx.net> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
           Keywords|                            |obfuscation
                 CC|                            |focht at gmx.net
            Summary|fr-057 demo scene           |fr-057 demo scene
                   |application crashes at      |application crashes at
                   |start up                    |start up (custom imports
                   |                            |resolver can't cope with
                   |                            |some msvcrt functions being
                   |                            |forwarded to ntdll)

--- Comment #16 from Anastasius Focht <focht at gmx.net> 2012-11-29 15:28:21 CST ---
Hello,

that 4K demo has its own custom imports resolver and it doesn't like some
msvcrt functions being forwarded to ntdll.

--- snip ---
Wine-dbg>
0x7e6cc337 IDirectSoundBufferImpl_Lock+0x5f7
[/home/focht/projects/wine/wine-git/dlls/dsound/buffer.c:518] in dsound: ret   
$0x20
518    }
Wine-dbg>
0x004214d2: pushl    $0x596c00
Wine-dbg>
0x004214d7: pushl    $0x68bbe04
Wine-dbg>
0x004214dc: pushl    0x004225c8
Wine-dbg>
0x004214e2: call    0x0042161c
Wine-dbg>
fixme:winedbg:be_i386_is_jump unknown ff
0x0042161c: jmp    *0x6e600d8 -> 0x7e3faaeb
Wine-dbg>
0x7e3faaeb: outsb    (%esi),%dx
--- snip ---

--- snip ---
004214AB    6A 00           PUSH 0
004214AD    6A 00           PUSH 0
004214AF    6A 00           PUSH 0
004214B1    68 44254200     PUSH OFFSET 00422544
004214B6    68 C8254200     PUSH OFFSET 004225C8
004214BB    68 006C5900     PUSH OFFSET 00596C00
004214C0    6A 00           PUSH 0
004214C2    A1 E4254200     MOV EAX,DWORD PTR DS:[4225E4]
004214C7    8B00            MOV EAX,DWORD PTR DS:[EAX]
004214C9    FF35 E4254200   PUSH DWORD PTR DS:[4225E4]
004214CF    FF50 2C         CALL DWORD PTR DS:[EAX+2C] ;
IDirectSoundBufferImpl_Lock
004214D2    68 006C5900     PUSH OFFSET 00596C00
004214D7    68 04BE8B06     PUSH OFFSET 068BBE04
004214DC    FF35 C8254200   PUSH DWORD PTR DS:[4225C8]
004214E2    E8 35010000     CALL 0042161C  
004214E7    83C4 0C         ADD ESP,0C
004214EA    6A 00           PUSH 0
004214EC    6A 00           PUSH 0
004214EE    FF35 44254200   PUSH DWORD PTR DS:[422544]
004214F4    FF35 C8254200   PUSH DWORD PTR DS:[4225C8]
004214FA    A1 E4254200     MOV EAX,DWORD PTR DS:[4225E4]
004214FF    8B00            MOV EAX,DWORD PTR DS:[EAX]
00421501    FF35 E4254200   PUSH DWORD PTR DS:[4225E4]
00421507    FF50 4C         CALL DWORD PTR DS:[EAX+4C]
0042150A    5D              POP EBP
0042150B    C3              RETN
--- snip ---

--- snip ---
0042161C   - FF25 D800E606   JMP DWORD PTR DS:[6E600D8]
00421622   - FF25 3800E606   JMP DWORD PTR DS:[6E60038]
00421628   - FF25 D000E606   JMP DWORD PTR DS:[6E600D0]
0042162E   - FF25 D400E606   JMP DWORD PTR DS:[6E600D4]
00421634   - FF25 CC00E606   JMP DWORD PTR DS:[6E600CC]
0042163A   - FF25 E000E606   JMP DWORD PTR DS:[6E600E0]
00421640   - FF25 C400E606   JMP DWORD PTR DS:[6E600C4]
00421646   - FF25 C800E606   JMP DWORD PTR DS:[6E600C8]
0042164C   - FF25 9000E606   JMP DWORD PTR DS:[6E60090]
00421652   - FF25 5000E606   JMP DWORD PTR DS:[6E60050]
00421658   - FF25 4C00E606   JMP DWORD PTR DS:[6E6004C]
0042165E   - FF25 7C00E606   JMP DWORD PTR DS:[6E6007C]
00421664   - FF25 B400E606   JMP DWORD PTR DS:[6E600B4]
0042166A   - FF25 BC00E606   JMP DWORD PTR DS:[6E600BC]
--- snip ---

App IAT:

--- snip ---
06E60000   7B87978B  ; KERNEL32.AcquireSRWLockExclusive 
...
06E60014   7B865A70  ; KERNEL32.ExitProcess
06E60018   7B8580ED  ; KERNEL32.LoadLibraryA
06E6001C   7ECF1CCD  ; user32.CreateWindowExA
...
06E600C8   7E6C7E2A  ; dsound.DirectSoundCreate
06E600CC   7E3ED8F4  ; ASCII "ntdll._ftol" ; forwarded, problem
06E600D0   7E3925B1  ; msvcrt.cos
06E600D4   7E3930F8  ; msvcrt.fabs
06E600D8   7E3EDAEB  ; ASCII "ntdll.memcpy" ; forwarded, problem
06E600DC   7E392867  ; msvcrt.pow
06E600E0   7E3928D6  ; msvcrt.sin
06E600E4   00000000
--- snip ---

http://source.winehq.org/git/wine.git/blob/5e50ec3df288b3bc9221c2deb802fa1ddc846df2:/dlls/msvcrt/msvcrt.spec#l1341

--- snip ---
...
 456 @ cdecl -ret64 _ftol() ntdll._ftol
...
1341 @ cdecl memcpy(ptr ptr long) ntdll.memcpy
...
--- snip ---

Native msvcrt doesn't forward these to ntdll.

Regards

-- 
Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email
Do not reply to this email, post in Bugzilla using the
above URL to reply.
------- You are receiving this mail because: -------
You are watching all bug changes.

More information about the wine-bugs mailing list