[Bug 43733] max 7 page fault when showing drop-down

wine-bugs at winehq.org wine-bugs at winehq.org
Fri Nov 17 19:48:53 CST 2017 

https://bugs.winehq.org/show_bug.cgi?id=43733

Zebediah Figura <z.figura12 at gmail.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |z.figura12 at gmail.com

--- Comment #3 from Zebediah Figura <z.figura12 at gmail.com> ---
In true Fochtian style.

The game crashes at 0x4c288f:

  4c2889:    ff 15 c8 aa c1 00        call   *0xc1aac8
  4c288f:    5f                       pop    %edi

And if we look for this address, we find:

  4c230a:    e8 b1 e2 ff ff           call   0x4c05c0
  4c230f:    84 c0                    test   %al,%al
  4c2311:    75 27                    jne    0x4c233a
  4c2313:    68 08 e1 a9 00           push   $0xa9e108
  4c2318:    ff 15 f8 32 99 00        call   *0x9932f8
  4c231e:    68 20 e1 a9 00           push   $0xa9e120
  4c2323:    50                       push   %eax
  4c2324:    ff 15 5c 33 99 00        call   *0x99335c
  4c232a:    8b c8                    mov    %eax,%ecx
  4c232c:    33 c0                    xor    %eax,%eax
  4c232e:    85 c9                    test   %ecx,%ecx
  4c2330:    89 0d c8 aa c1 00        mov    %ecx,0xc1aac8

i.e.

    if (!4c05c0())
        pUpdateLayeredWindow = GetProcAddress(GetModuleHandle(L"user32.dll"),
"UpdateLayeredWindow")

And that function is:

  4c05c4:    8d 45 fc                 lea    -0x4(%ebp),%eax
  4c05c7:    50                       push   %eax
  4c05c8:    68 19 00 02 00           push   $0x20019
  4c05cd:    6a 00                    push   $0x0
  4c05cf:    68 f4 df a9 00           push   $0xa9dff4
  4c05d4:    68 01 00 00 80           push   $0x80000001
  4c05d9:    ff 15 0c 30 99 00        call   *0x99300c
  4c05df:    85 c0                    test   %eax,%eax
  4c05e1:    75 0f                    jne    0x4c05f2
  4c05e3:    ff 75 fc                 pushl  -0x4(%ebp)
  4c05e6:    ff 15 00 30 99 00        call   *0x993000
  4c05ec:    b0 01                    mov    $0x1,%al
  4c05ee:    8b e5                    mov    %ebp,%esp
  4c05f0:    5d                       pop    %ebp
  4c05f1:    c3                       ret    
  4c05f2:    32 c0                    xor    %al,%al

i.e.

    if (!RegOpenKeyExW(HKEY_CURRENT_USER, L"Software\\Wine", 0, KEY_READ,
&hkey))
    {
        RegCloseKey(hkey);
        return 1;
    }
    return 0;


To summarize: The application is Wine-aware. I suspect it was trying to work
around some bug in UpdateLayeredWindow(), but then some part of that code path
broke.

It's not really obvious what this code path is, if there is one.

-- 
Do not reply to this email, post in Bugzilla using the
above URL to reply.
You are receiving this mail because:
You are watching all bug changes.

More information about the wine-bugs mailing list