[Bug 30847] 2009Decoder v2.0.0.21 crashes on startup (noexec filesystem)
wine-bugs at winehq.org
wine-bugs at winehq.org
Tue Nov 10 06:53:25 CST 2015
https://bugs.winehq.org/show_bug.cgi?id=30847
Anastasius Focht <focht at gmx.net> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|UNCONFIRMED |RESOLVED
Resolution|--- |INVALID
Summary|2009 Decoder: crashes when |2009Decoder v2.0.0.21
|being started |crashes on startup (noexec
| |filesystem)
--- Comment #3 from Anastasius Focht <focht at gmx.net> ---
Hello folks,
your backtrace shows it directly crashes at the first instruction in app entry
point:
--- snip ---
Unhandled exception: page fault on read access to 0x004810d3 in 32-bit code
(0x004810d3).
Register dump:
CS:0023 SS:002b DS:002b ES:002b FS:0063 GS:006b
EIP:004810d3 ESP:0032fe74 EBP:0032fe88 EFLAGS:00010212( R- -- I -A- - )
EAX:00000000 EBX:7b894ff4 ECX:0032fef0 EDX:0032fef0
ESI:7ffdf000 EDI:004810d3
...
Backtrace:
=>0 0x004810d3 EntryPoint() in 2009decoder (0x0032fe88)
1 0x7b85af4f in kernel32 (+0x4af4e) (0x0032fec8)
2 0x7bc71da0 call_thread_func_wrapper+0xb() in ntdll (0x0032fed8)
3 0x7bc7485d call_thread_func+0x7c() in ntdll (0x0032ffa8)
4 0x7bc71d7e RtlRaiseException+0x21() in ntdll (0x0032ffc8)
5 0x7bc49f4e call_dll_entry_point+0x61d() in ntdll (0x0032ffe8)
0x004810d3 EntryPoint in 2009decoder: call 0x0048baef
Modules:
Module Address Debug info Name (108 modules)
PE 400000- a56000 Export 2009decoder
ELF 7b800000-7ba15000 Dwarf kernel32<elf>
\-PE 7b810000-7ba15000 \ kernel32
ELF 7bc00000-7bcc3000 Dwarf ntdll<elf>
\-PE 7bc10000-7bcc3000 \ ntdll
...
Threads:
process tid prio (all id:s are in hex)
00000008 (D) E:\2009Decoder_2.0.0.15\2009Decoder.exe
00000009 0 <==
--- snip ---
Entry point disassembly:
--- snip ---
004810D3 E8 17AA0000 CALL 2009Deco.0048BAEF
004810D8 E9 17FEFFFF JMP 2009Deco.00480EF4
004810DD 55 PUSH EBP
004810DE 8BEC MOV EBP,ESP
004810E0 56 PUSH ESI
004810E1 8B75 14 MOV ESI,DWORD PTR SS:[EBP+14]
004810E4 57 PUSH EDI
004810E5 33FF XOR EDI,EDI
004810E7 3BF7 CMP ESI,EDI
004810E9 75 04 JNZ SHORT 2009Deco.004810EF
004810EB 33C0 XOR EAX,EAX
...
--- snip ---
ProtectionID scan:
--- snip ---
-=[ ProtectionID v0.6.6.7 DECEMBER]=-
(c) 2003-2015 CDKiLLER & TippeX
Build 24/12/14-22:48:13
Ready...
Scanning -> Z:\home\focht\Downloads\OTRDecoder_2.0.0.21\2009Decoder.exe
File Type : 32-Bit Exe (Subsystem : Win GUI / 2), Size : 6619136 (0650000h)
Byte(s)
Compilation TimeStamp : 0x4E550422 -> Wed 24th Aug 2011 14:01:06 (GMT)
[TimeStamp] 0x4E550422 -> Wed 24th Aug 2011 14:01:06 (GMT) | PE Header | - |
Offset: 0x00000108 | VA: 0x00400108 | -
[!] Executable uses SEH Tables (/SAFESEH) (1552 calculated 1552 recorded... 0
invalid addresses)
[File Heuristics] -> Flag #1 : 00000000000000001000000000000000 (0x00008000)
[Entrypoint Section Entropy] : 6.50 (section #0) ".text " | Size : 0x2CB9D8
(2931160) byte(s)
[DllCharacteristics] -> Flag : (0x0000) -> NONE
[SectionCount] 4 (0x4) | ImageSize 0x656000 (6643712) byte(s)
[VersionInfo] Company Name : © onlinetvrecorder.com
[VersionInfo] Product Name : OTR Decoder
[VersionInfo] Product Version : 2.0.0.21
[VersionInfo] File Description : Decoder for decoding of otrkey and omrkey
files
[VersionInfo] File Version : 2.0.0.21
[VersionInfo] Original FileName : 2009Decoder.exe
[VersionInfo] Internal Name : OTR Decoder
[VersionInfo] Legal Copyrights : Copyright © 2006 - 2011. All rights reserved.
[CompilerDetect] -> Visual C++ 8.0 (Visual Studio 2005)
[!] File appears to have no protection or is using an unknown protection
- Scan Took : 1.242 Second(s) [0000006DEh (1758) tick(s)] [499 of 573 scan(s)
done]
--- snip ---
There is some discrepancy here.
Your backtrace tells: 2009Decoder_2.0.0.15
You provide 'OTRDecoder_2.0.0.21.zip' which obviously contains OTRDecoder
v2.0.0.21
Anyway, the executable looks fine. No loader trickery.
But this is suspicious: 'E:\2009Decoder_2.0.0.15\2009Decoder.exe'
Since you didn't provide any information where your drive 'E:' is mapped to I
must assume it was mounted with 'noexec' option which of course explains the
crash in entry point.
This is a big NO-NO. Don't do this.
$ sha1sum OTRDecoder_2.0.0.21.zip
1a074da453da1a329513ac491f752db4ddc3b7d2 OTRDecoder_2.0.0.21.zip
$ du -sh OTRDecoder_2.0.0.21.zip
2.0M OTRDecoder_2.0.0.21.zip
$ wine --version
wine-1.7.54-212-gf97ac58
Regards
--
Do not reply to this email, post in Bugzilla using the
above URL to reply.
You are receiving this mail because:
You are watching all bug changes.
More information about the wine-bugs
mailing list