[Bug 41469] 'Ski Racing 2005 featuring Hermann Maier' crashes on startup ( JoWood X-Prot v1.5.9.49 protection scheme)
wine-bugs at winehq.org
wine-bugs at winehq.org
Mon Jun 5 13:49:54 CDT 2017
https://bugs.winehq.org/show_bug.cgi?id=41469
Anastasius Focht <focht at gmx.net> changed:
What |Removed |Added
----------------------------------------------------------------------------
Keywords| |obfuscation
Summary|'Ski Racing 2005 featuring |'Ski Racing 2005 featuring
|Hermann Maier' crashes on |Hermann Maier' crashes on
|startup |startup (JoWood X-Prot
| |v1.5.9.49 protection
| |scheme)
CC| |focht at gmx.net
--- Comment #21 from Anastasius Focht <focht at gmx.net> ---
Hello folks,
confirming, crashes for me too.
It's most likely an issue with the software protection scheme used here.
--- snip ---
$ pwd
/home/focht/.wine/drive_c/Program Files/JoWooD/Ski Racing 2005 Demo
$ WINEDEBUG=+tid,+seh,+relay wine ./SR2005_Demo.exe >>log.txt 2>&1
...
0039:Starting process L"C:\\Program Files\\JoWooD\\Ski Racing 2005
Demo\\SR2005_Demo.exe" (entryproc=0x69d080)
0039:Call KERNEL32.VirtualProtect(0033f564,000008c0,00000040,0069d056)
ret=0069dd30
0039:Ret KERNEL32.VirtualProtect() retval=00000001 ret=0069dd30
0039:trace:seh:raise_exception code=c000001d flags=0 addr=0x69f927 ip=0069f927
tid=0039
0039:trace:seh:raise_exception eax=73a70193 ebx=0033feb0 ecx=00063a00
edx=12345678 esi=0069e857 edi=006a0323
0039:trace:seh:raise_exception ebp=002177bb esp=0033fdfc cs=0023 ds=002b
es=002b fs=0063 gs=006b flags=00010246
0039:trace:seh:call_stack_handlers calling handler at 0x69eaa2 code=c000001d
flags=0
0039:trace:seh:call_stack_handlers handler at 0x69eaa2 returned 0
0039:trace:seh:raise_exception code=80000004 flags=0 addr=0x69f839 ip=0069f839
tid=0039
0039:trace:seh:raise_exception eax=4855d311 ebx=0033feb0 ecx=000639ff
edx=7f272775 esi=0069e857 edi=006a0323
0039:trace:seh:raise_exception ebp=4243484b esp=0033fdfc cs=0023 ds=002b
es=002b fs=0063 gs=006b flags=00010206
0039:trace:seh:call_stack_handlers calling handler at 0x69eaa2 code=80000004
flags=0
0039:trace:seh:call_stack_handlers handler at 0x69eaa2 returned 0
0039:trace:seh:raise_exception code=c000001d flags=0 addr=0x69f927 ip=0069f927
tid=0039
0039:trace:seh:raise_exception eax=06ec8094 ebx=0033feb0 ecx=00063800
edx=7f272775 esi=0069e857 edi=006a0323
0039:trace:seh:raise_exception ebp=002177bb esp=0033fdfc cs=0023 ds=002b
es=002b fs=0063 gs=006b flags=00010246
0039:trace:seh:call_stack_handlers calling handler at 0x69eaa2 code=c000001d
flags=0
0039:trace:seh:call_stack_handlers handler at 0x69eaa2 returned 0
...
0039:trace:seh:raise_exception code=80000004 flags=0 addr=0x69f839 ip=0069f839
tid=0039
0039:trace:seh:raise_exception eax=0f28d5f8 ebx=0033feb0 ecx=000001ff
edx=5dcdea49 esi=0069e857 edi=006a0323
0039:trace:seh:raise_exception ebp=4243484b esp=0033fdfc cs=0023 ds=002b
es=002b fs=0063 gs=006b flags=00010202
0039:trace:seh:call_stack_handlers calling handler at 0x69eaa2 code=80000004
flags=0
0039:trace:seh:call_stack_handlers handler at 0x69eaa2 returned 0
0039:trace:seh:raise_exception code=80000004 flags=0 addr=0x6a0d75 ip=006a0d75
tid=0039
0039:trace:seh:raise_exception eax=e60ff5fe ebx=0033feb0 ecx=00000000
edx=5dcdea49 esi=0069e857 edi=006a0323
0039:trace:seh:raise_exception ebp=002177bb esp=0033fdfc cs=0023 ds=002b
es=002b fs=0063 gs=006b flags=00000246
0039:trace:seh:call_stack_handlers calling handler at 0x69eaa2 code=80000004
flags=0
0039:trace:seh:call_stack_handlers handler at 0x69eaa2 returned 0
0039:trace:seh:raise_exception code=c0000005 flags=0 addr=0x6a1200 ip=006a1200
tid=0039
0039:trace:seh:raise_exception info[0]=00000001
0039:trace:seh:raise_exception info[1]=a71233f8
0039:trace:seh:raise_exception eax=00000090 ebx=0033feb0 ecx=00000090
edx=ffeb8d88 esi=0069e857 edi=006a1200
0039:trace:seh:raise_exception ebp=002177bb esp=0033fe24 cs=0023 ds=002b
es=002b fs=0063 gs=006b flags=00010202
0039:trace:seh:call_stack_handlers calling handler at 0x7bcadc69 code=c0000005
flags=0
0039:Call KERNEL32.UnhandledExceptionFilter(0033f924) ret=7bcadca4
wine: Unhandled page fault on write access to 0xa71233f8 at address 0x6a1200
(thread 0039), starting debugger...
...
Backtrace:
=>0 0x006a1200 in sr2005_demo (+0x2a1200) (0x002177bb)
0x006a1200: rorb %cl,0xa6f0bc3d(%ebp)
Modules:
Module Address Debug info Name (14 modules)
PE 400000- 76c000 Export sr2005_demo
ELF 7b400000-7b7f0000 Deferred kernel32<elf>
\-PE 7b420000-7b7f0000 \ kernel32
ELF 7bc00000-7bd0a000 Deferred ntdll<elf>
\-PE 7bc30000-7bd0a000 \ ntdll
ELF 7c000000-7c004000 Deferred <wine-loader>
ELF 7ef88000-7efd6000 Deferred libm.so.6
ELF f73f3000-f73f8000 Deferred libdl.so.2
ELF f73f8000-f75c4000 Deferred libc.so.6
ELF f75c4000-f75e1000 Deferred libpthread.so.0
ELF f75e2000-f75f0000 Deferred libnss_files.so.2
ELF f760b000-f77c2000 Dwarf libwine.so.1
ELF f77c3000-f77e6000 Deferred ld-linux.so.2
ELF f77e8000-f77e9000 Deferred [vdso].so
Threads:
process tid prio (all id:s are in hex)
...
00000038 (D) C:\Program Files\JoWooD\Ski Racing 2005 Demo\SR2005_Demo.exe
00000039 0 <==
--- snip ---
Protection ID scan:
--- snip ---
-=[ ProtectionID v0.6.8.5 DECEMBER]=-
(c) 2003-2017 CDKiLLER & TippeX
Build 24/12/16-13:09:21
Ready...
Scanning -> C:\Program Files\JoWooD\Ski Racing 2005 Demo\SR2005_Demo.exe
File Type : 32-Bit Exe (Subsystem : Win GUI / 2), Size : 2068480 (01F9000h)
Byte(s) | Machine: 0x14C (I386)
Compilation TimeStamp : 0x000030BB -> Thu 01st Jan 1970 03:27:55 (GMT)
[!] Warning - FileAlignment seems wrong.. is 0x00001000, calculated 0x00000400
[TimeStamp] 0x000030BB -> Thu 01st Jan 1970 03:27:55 (GMT) | PE Header | - |
Offset: 0x00000108 | VA: 0x00400108 | -
[File Heuristics] -> Flag #1 : 00000000000000001100000000110011 (0x0000C033)
[Entrypoint Section Entropy] : 8.00 (section #3) ".dcrtext" | Size : 0x67000
(421888) byte(s)
[DllCharacteristics] -> Flag : (0x0000) -> NONE
[SectionCount] 8 (0x8) | ImageSize 0x36C000 (3588096) byte(s)
[ModuleReport] [IAT] Modules -> kernel32.dll
[!] JoWood X-Prot v1.5.9.49 detected !
- Scan Took : 0.439 Second(s) [0000001B7h (439) tick(s)] [506 of 580 scan(s)
done]
--- snip ---
The large number of single step (hwbp) and invalid instruction exceptions in
the trace log are normal (except the last one), they are part of section
decrypt mechanism.
It decrypts the first part in (top down) and when doing the next part it
encounters invalid opcodes in the decrypt continuation which ought to be
decrypted during first part.
The screenshot from Windows VM (comment #18) also points to same area.
There are some reports on Internet claiming this game is incompatible with
newer Windows versions (Vista+).
It should run on Windows XP though (originally stated by vendor).
It would be interesting to see Louis' (comment #2) machine specs where this
game is reported to run on.
Which distro, gcc version, Wine version (vanilla), flags used to build...
$ sha1sum SkiRacing2005-Demo-Setup1.exe
d7684789b7de45fb909fc11846f5a1f24fd7d7cc SkiRacing2005-Demo-Setup1.exe
$ du -sh SkiRacing2005-Demo-Setup1.exe
42M SkiRacing2005-Demo-Setup1.exe
$ wine --version
wine-2.9-147-ge5733e7cd4
Regards
--
Do not reply to this email, post in Bugzilla using the
above URL to reply.
You are receiving this mail because:
You are watching all bug changes.
More information about the wine-bugs
mailing list