[Bug 33275] Far Cry: Segmentation Fault on start
wine-bugs at winehq.org
wine-bugs at winehq.org
Fri Sep 19 16:10:25 CDT 2014
https://bugs.winehq.org/show_bug.cgi?id=33275
Anastasius Focht <focht at gmx.net> changed:
What |Removed |Added
----------------------------------------------------------------------------
Keywords| |download
Status|UNCONFIRMED |NEW
URL| |http://www.gamershell.com/d
| |ownload_4929.shtml
Ever confirmed|0 |1
--- Comment #15 from Anastasius Focht <focht at gmx.net> ---
Hello folks,
thanks for "inviting" me here :)
I took a brief look at this as I'm currently busy with other projects.
Looks like a Linux kernel bug to me -> upstream.
The game tries to determine the exact CPU type by executing various (legacy)
checks.
During the check for 80286 and 80386 CPU type, the nested task (NT) flag gets
set along with I/O Privilege Level (IOPL, 2 bits) and some reserved bit
(through 'popfw').
Upon syscall entry, the IOPL bits get cleared as configured through
MSR_SYSCALL_MASK but the NT flag is not touched at all, getting propagated to
task switching code.
Reduced test case:
--- snip ---
/* Compile: gcc -m32 -o ntflag ntflag.c
Run: while true ; do ./ntflag ; done
*/
#include <stdio.h>
int main ()
{
asm volatile("pushfl \n\t" \
"pop %eax \n\t" \
"or $0x4000,%eax \n\t" \
"push %eax \n\t" \
"popfl \n\t");
printf("exit or segfault\n");
return 0;
}
--- snip ---
x86 syscall_init() MSR_SYSCALL_MASK should also include 'X86_EFLAGS_NT' to be
safe from userspace injection.
$ sha1sum DemoFarCry.zip
65200be08d5deab0f25eed9bba915e8da374933e DemoFarCry.zip
$ du -sh DemoFarCry.zip
497M DemoFarCry.zip
$ wine --version
wine-1.7.26-97-g2398124
Regards
--
Do not reply to this email, post in Bugzilla using the
above URL to reply.
You are receiving this mail because:
You are watching all bug changes.
More information about the wine-bugs
mailing list