[Bug 37793] FIFA Online 3 launcher crashes on startup ('SEC_RESERVE' attribute has no effect for file mapping objects that are backed by physical files)
wine-bugs at winehq.org
wine-bugs at winehq.org
Sat Dec 27 16:44:32 CST 2014
https://bugs.winehq.org/show_bug.cgi?id=37793
Anastasius Focht <focht at gmx.net> changed:
What |Removed |Added
----------------------------------------------------------------------------
Keywords| |download
Status|UNCONFIRMED |NEW
URL| |http://dl.garenanow.com/gam
| |es/fo3/installer/fo3Install
| |er.exe
CC| |focht at gmx.net
Component|-unknown |wineserver
Summary|crash FO3launcher.exe wine |FIFA Online 3 launcher
|1.7 |crashes on startup
| |('SEC_RESERVE' attribute
| |has no effect for file
| |mapping objects that are
| |backed by physical files)
Ever confirmed|0 |1
--- Comment #1 from Anastasius Focht <focht at gmx.net> ---
Hello folks,
confirming.
--- snip ---
$ pwd
/home/focht/.wine/drive_c/Program Files/GarenaFO3
$ WINEDEBUG=+tid,+seh,+relay wine ./FO3Launcher.exe >>log.txt 2>&1
...
0060:Call KERNEL32.GetModuleFileNameW(00000000,0033d574,00000103) ret=004010bc
0060:Ret KERNEL32.GetModuleFileNameW() retval=0000002a ret=004010bc
0060:Call KERNEL32.CreateFileW(0033d574 L"C:\\Program
Files\\GarenaFO3\\FO3Launcher.exe",80000000,00000001,00000000,00000003,00000080,00000000)
ret=00401abe
0060:Ret KERNEL32.CreateFileW() retval=00000048 ret=00401abe
0060:Call KERNEL32.GetFileSize(00000048,00000000) ret=00401ada
0060:Ret KERNEL32.GetFileSize() retval=00162930 ret=00401ada
0060:Call
KERNEL32.CreateFileMappingA(00000048,00000000,04000002,00000000,00000000,00000000)
ret=00401afa
0060:Ret KERNEL32.CreateFileMappingA() retval=00000000 ret=00401afa
0060:trace:seh:raise_exception code=c0000005 flags=0 addr=0x401c17 ip=00401c17
tid=0060
0060:trace:seh:raise_exception info[0]=00000000
0060:trace:seh:raise_exception info[1]=00005000
0060:trace:seh:raise_exception eax=0033d35c ebx=00005000 ecx=00000000
edx=00005000 esi=ffcc7ca4 edi=00000006
0060:trace:seh:raise_exception ebp=0033d35c esp=0033d310 cs=0023 ds=002b
es=002b fs=0063 gs=006b flags=00010293
0060:trace:seh:call_stack_handlers calling handler at 0x404940 code=c0000005
flags=0
...
Unhandled exception: page fault on read access to 0x00005000 in 32-bit code
(0x00401c17).
Register dump:
CS:0023 SS:002b DS:002b ES:002b FS:0063 GS:006b
EIP:00401c17 ESP:0033d310 EBP:0033d35c EFLAGS:00010293( R- -- I S -A- -C)
EAX:0033d35c EBX:00005000 ECX:00000000 EDX:00005000
ESI:ffcc7ca4 EDI:00000006
...
Backtrace:
=>0 0x00401c17 in fo3launcher (+0x1c17) (0x0033d35c)
0x00401c17: movb 0x0(%esi,%eax,1),%dl
Modules:
Module Address Debug info Name (43 modules)
PE 400000- 561000 Export fo3launcher
...
Threads:
process tid prio (all id:s are in hex)
...
0000005f (D) C:\Program Files\GarenaFO3\FO3Launcher.exe
00000060 0 <==
--- snip ---
The app specifies 'SEC_RESERVE | PAGE_READONLY' in page protection (uncommitted
read-only range) when asking to create the file mapping/section object for the
executable image.
Wineserver rejects this on file backed objects: 'VPROT_COMMITTED' omitted ->
'INVALID_PARAMETER'.
Source:
http://source.winehq.org/git/wine.git/blob/e8eb781327457b39c3578f8f65167149939503d0:/server/mapping.c#l469
--- snip ---
469 static struct object *create_mapping( struct directory *root, const struct
unicode_str *name,
470 unsigned int attr, mem_size_t size, int protect,
471 obj_handle_t handle, const struct security_descriptor *sd )
472 {
...
497 if (protect & VPROT_READ) access |= FILE_READ_DATA;
498 if (protect & VPROT_WRITE) access |= FILE_WRITE_DATA;
499
500 if (handle)
501 {
502 const unsigned int sharing = FILE_SHARE_READ | FILE_SHARE_WRITE |
FILE_SHARE_DELETE;
503 unsigned int mapping_access = FILE_MAPPING_ACCESS;
504
505 if (!(protect & VPROT_COMMITTED))
506 {
507 set_error( STATUS_INVALID_PARAMETER );
508 goto error;
509 }
...
--- snip ---
Passing 'SEC_RESERVE' on file-backed objects should be allowed, MSDN states
this has no effect though:
http://msdn.microsoft.com/en-us/library/windows/hardware/aa366537%28v=vs.85%29.aspx
--- quote ---
SEC_RESERVE
0x4000000
...
This attribute has no effect for file mapping objects that are backed by
executable image files or data files (the hfile parameter is a handle to a
file).
...
--- quote ---
Relevant part of app code showing it's hard-coded:
--- snip ---
...
00401AD1 6A 00 PUSH 0
00401AD3 50 PUSH EAX
00401AD4 FF15 14D05400 CALL DWORD PTR DS:[<&KERNEL32.GetFileSize>]
00401ADA 8B8E 00020000 MOV ECX,DWORD PTR DS:[ESI+200]
00401AE0 6A 00 PUSH 0
00401AE2 6A 00 PUSH 0
00401AE4 6A 00 PUSH 0
00401AE6 68 02000004 PUSH 4000002
00401AEB 6A 00 PUSH 0
00401AED 51 PUSH ECX
00401AEE 8986 0C020000 MOV DWORD PTR DS:[ESI+20C],EAX
00401AF4 FF15 18D05400 CALL DWORD PTR DS:[<&KERNEL32.CreateFileMapping>
00401AFA 85C0 TEST EAX,EAX
00401AFC 8986 04020000 MOV DWORD PTR DS:[ESI+204],EAX
00401B02 74 15 JE SHORT FO3Launc.00401B19
00401B04 6A 00 PUSH 0
00401B06 6A 00 PUSH 0
00401B08 6A 00 PUSH 0
00401B0A 6A 04 PUSH 4
00401B0C 50 PUSH EAX
00401B0D FF15 1CD05400 CALL DWORD PTR DS:[<&KERNEL32.MapViewOfFile>
00401B13 8986 08020000 MOV DWORD PTR DS:[ESI+208],EAX
00401B19 B8 01000000 MOV EAX,1
00401B1E 5E POP ESI
00401B1F C3 RETN
...
--- snip ---
The following 'MapViewOfFile' ensures that 'VPROT_COMMITTED' is included when
the file object is mapped into memory.
$ sha1sum *
90447d8669d467434c563aa7a41dd0cbf2597086 fo3Installer.exe
01e4c1c5fe7a8a4dc4348b3ac85ad2ebe466e2a5
Garena_FO3_Full_Installer_20141101.1.dat
a532c0668623bd8d0a07e705cf319c1eb3185c13
Garena_FO3_Full_Installer_20141101.2.dat
59c1abb556e3aea646bd5191c65ce35042777404
Garena_FO3_Full_Installer_20141101.exe
$ du -sh *
2.8M fo3Installer.exe
2.0G Garena_FO3_Full_Installer_20141101.1.dat
1.4G Garena_FO3_Full_Installer_20141101.2.dat
876K Garena_FO3_Full_Installer_20141101.exe
$ wine --version
wine-1.7.33-84-gfecbc88
Regards
--
Do not reply to this email, post in Bugzilla using the
above URL to reply.
You are receiving this mail because:
You are watching all bug changes.
More information about the wine-bugs
mailing list