[Bug 37719] 64-bit BatToExe utility portable version crashes on startup (stack pointer (RSP) must be 16-byte aligned when making a call to Win64 API)

wine-bugs at winehq.org wine-bugs at winehq.org
Tue Dec 16 15:41:44 CST 2014 

https://bugs.winehq.org/show_bug.cgi?id=37719

Anastasius Focht <focht at gmx.net> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|UNCONFIRMED                 |RESOLVED
                 CC|                            |focht at gmx.net
            Version|unspecified                 |1.7.33
         Resolution|---                         |DUPLICATE
            Summary|BatToExe utility (64-bit)   |64-bit BatToExe utility
                   |won't install or run        |portable version crashes on
                   |(portable version)          |startup (stack pointer
                   |                            |(RSP) must be 16-byte
                   |                            |aligned when making a call
                   |                            |to Win64 API)

--- Comment #1 from Anastasius Focht <focht at gmx.net> ---
Hello folks,

confirming ... but stick to one problem per bug!
Targeting the crash of portable version here.

It's essentially a dupe of bug 27680
The stupid app misaligns the stack ... another Hall of Shame inductee.

Trace log doesn't give it away:

---- snip ---
...
0025:trace:heap:RtlFreeHeap (0x580000,70000062,0x584da0): returning TRUE
0025:Ret  ntdll.RtlFreeHeap() retval=00000001 ret=1400241f8
0025:Call msvcrt.memset(0036142c,00000000,00000050) ret=14002423d
0025:Ret  msvcrt.memset() retval=0036142c ret=14002423d
0025:trace:seh:raise_exception code=c0000005 flags=0 addr=0x7f17d56b13f2
ip=7f17d56b13f2 tid=0025
0025:trace:seh:raise_exception  rax=000000000036142c rbx=0000000000000000
rcx=00007f17d59309b8 rdx=00000000000301e0
0025:trace:seh:raise_exception  rsi=0000000140001000 rdi=00007fffff7ef000
rbp=000000000024fb38 rsp=000000000024fa48
0025:trace:seh:raise_exception   r8=000000000024fbb0  r9=000000000000001e
r10=0000000000000000 r11=0000003071f811c0
0025:trace:seh:raise_exception  r12=000000007bf00ca0 r13=00007ffff2373bc0
r14=0000000000000000 r15=0000000000000000
0025:trace:seh:call_vectored_handlers calling handler at 0x1400254f0
code=c0000005 flags=0 
---- snip ---

Debugger session:

--- snip ---
$ wine64 winedbg --gdb ./Bat_To_Exe_Converter_\(x64\).exe
...
Wine-gdb> b *0x14002423d
Breakpoint 1 at 0x14002423d

Wine-gdb> cont
Continuing.

Breakpoint 1, 0x000000014002423d in ?? ()

Wine-gdb> cont
Continuing.

Breakpoint 1, 0x000000014002423d in ?? ()

Wine-gdb> bt
#0  0x0000000140024251 in ?? ()
#1  0x000000014001953e in ?? ()
#2  0x0000000140001000 in ?? ()
#3  0x0000000000000000 in ?? ()

...

Wine-gdb> x/i $rip
=> 0x1400344bf:    callq  *0x167ff3(%rip)        # 0x14019c4b8

Wine-gdb> info reg
rax            0x350d7c    3476860
rbx            0x0    0
rcx            0x460000    4587520
rdx            0x0    0
rsi            0x140001000    5368713216
rdi            0x7fffff7ef000    140737479897088
rbp            0x3510b0    0x3510b0
rsp            0x23fbb8    0x23fbb8
r8             0x4657b0    4609968
r9             0x101010101010101    72340172838076673
r10            0x8    8
r11            0x3071e89056    208069496918
r12            0x7bf00ca0    2079329440
r13            0x7fffb7af2700    140736275097344
r14            0x0    0
r15            0x0    0
rip            0x1400344bf    0x1400344bf
eflags         0x246    [ PF ZF IF ]
cs             0x33    51
ss             0x2b    43
ds             0x0    0
es             0x0    0
fs             0x0    0
gs             0x0    0

Wine-gdb> si

RtlFreeHeap (heap=0x140024850, flags=0, ptr=0x140001000) at
/home/focht/projects/wine/wine.repo/src/dlls/ntdll/heap.c:1741
1741    {
Wine-gdb> disas
Dump of assembler code for function RtlFreeHeap:
=> 0x00007f752da97eb7 <+0>:    push   %rbp
   0x00007f752da97eb8 <+1>:    mov    %rsp,%rbp
   0x00007f752da97ebb <+4>:    push   %rdi
   0x00007f752da97ebc <+5>:    push   %rsi
   0x00007f752da97ebd <+6>:    sub    $0x100,%rsp
   0x00007f752da97ec4 <+13>:    movaps %xmm6,0x60(%rsp)
   0x00007f752da97ec9 <+18>:    movaps %xmm7,0x70(%rsp)

...

Wine-gdb> info reg
rax            0x350d7c    3476860
rbx            0x0    0
rcx            0x460000    4587520
rdx            0x0    0
rsi            0x140001000    5368713216
rdi            0x7fffff7ef000    140737479897088
rbp            0x23fba8    0x23fba8
rsp            0x23fa98    0x23fa98
r8             0x4657b0    4609968
r9             0x101010101010101    72340172838076673
r10            0x8    8
r11            0x3071e89056    208069496918
r12            0x7bf00ca0    2079329440
r13            0x7fffb7af2700    140736275097344
r14            0x0    0
r15            0x0    0
rip            0x7f752da97ec4    0x7f752da97ec4 <RtlFreeHeap+13>
eflags         0x202    [ IF ]
cs             0x33    51
ss             0x2b    43
ds             0x0    0
es             0x0    0
fs             0x0    0
gs             0x0    0

Wine-gdb> si

Program received signal SIGSEGV, Segmentation fault.

0x00007f752da97ec4 in RtlFreeHeap (heap=0x140024850, flags=0, ptr=0x140001000)
    at /home/focht/projects/wine/wine.repo/src/dlls/ntdll/heap.c:1741
--- snip ---

$ sha1sum Bat_To_Exe_Converter.zip 
9af44f51635acb17791406cfdf4e578583609733  Bat_To_Exe_Converter.zip

$ du -sh Bat_To_Exe_Converter.zip 
3.7M    Bat_To_Exe_Converter.zip

$ wine --version
wine-1.7.33

Regards

*** This bug has been marked as a duplicate of bug 27680 ***

-- 
Do not reply to this email, post in Bugzilla using the
above URL to reply.
You are receiving this mail because:
You are watching all bug changes.

More information about the wine-bugs mailing list