[Bug 44217] Designsoft Tina 11.2 Demo hangs while simulating some examples (Themida/ WinLicense 2.2-2.4 software protection)
wine-bugs at winehq.org
wine-bugs at winehq.org
Sat May 12 17:51:24 CDT 2018
https://bugs.winehq.org/show_bug.cgi?id=44217
Anastasius Focht <focht at gmx.net> changed:
What |Removed |Added
----------------------------------------------------------------------------
Resolution|FIXED |DUPLICATE
Component|-unknown |ntdll
--- Comment #8 from Anastasius Focht <focht at gmx.net> ---
Hello folks,
using pause/run/cancel during simulation (which takes some minutes to complete)
allows to reproduce the problem more reliably.
As already mentioned this Themida version doesn't like relay thunks so one has
to limit the number of debug channels.
--- snip ---
$ pwd
/home/focht/.wine/drive_c/Program Files (x86)/DesignSoft/Tina 11 - Demo
$ WINEDEBUG=+seh,+loaddll,+process,+ntdll,+server wine ./tina.exe >>log.txt
2>&1
...
<pause/cancel the simulation>
...
0009:trace:seh:raise_exception code=eedfade flags=1 addr=0x7b446a4a ip=7b446a4a
tid=0009
0009:trace:seh:raise_exception info[0]=00e1a0c7
0009:trace:seh:raise_exception info[1]=265471a0
0009:trace:seh:raise_exception info[2]=00000000
0009:trace:seh:raise_exception info[3]=0469de48
0009:trace:seh:raise_exception info[4]=0469dd0c
0009:trace:seh:raise_exception info[5]=0469dbb4
0009:trace:seh:raise_exception info[6]=0469db9c
0009:trace:seh:raise_exception eax=7b4351ad ebx=00000000 ecx=00000000
edx=0469de48 esi=0469de48 edi=0469dd0c
0009:trace:seh:raise_exception ebp=0469db58 esp=0469daf4 cs=0023 ds=524f002b
es=5753002b fs=57530063 gs=4354006b flags=00000212
0009:trace:seh:call_stack_handlers calling handler at 0xe1a0dd code=eedfade
flags=1
0009:trace:seh:call_stack_handlers handler at 0xe1a0dd returned 1
0009:trace:seh:call_stack_handlers calling handler at 0xe1a366 code=eedfade
flags=1
0009:trace:seh:call_stack_handlers handler at 0xe1a366 returned 1
0009:trace:seh:call_stack_handlers calling handler at 0xe1a6de code=eedfade
flags=1
0009:trace:seh:call_stack_handlers handler at 0xe1a6de returned 1
0009:trace:seh:call_stack_handlers calling handler at 0xe24c17 code=eedfade
flags=1
0009:trace:seh:__regs_RtlUnwind code=eedfade flags=3
0009:trace:seh:__regs_RtlUnwind eax=00000000 ebx=0469de2c ecx=0469db00
edx=00e1a0c7 esi=0469d6a0 edi=524f002b
0009:trace:seh:__regs_RtlUnwind ebp=0040b370 esp=0469d66c eip=7b520023 cs=0246
ds=002b fs=002b gs=0063 flags=0469d65c
0009:trace:seh:__regs_RtlUnwind calling handler at 0x7bc911fd code=eedfade
flags=3
0009:trace:seh:__regs_RtlUnwind handler at 0x7bc911fd returned 1
0009:trace:seh:__regs_RtlUnwind calling handler at 0xe1a0dd code=eedfade
flags=3
0009:trace:seh:__regs_RtlUnwind handler at 0x40b5cc returned 1
0009:trace:seh:__regs_RtlUnwind calling handler at 0xe1a366 code=eedfade
flags=3
0009:trace:seh:__regs_RtlUnwind handler at 0x40b5cc returned 1
0009:trace:seh:__regs_RtlUnwind calling handler at 0xe1a6de code=eedfade
flags=3
0009:trace:seh:__regs_RtlUnwind handler at 0x40b5cc returned 1
0009:trace:seh:raise_exception code=c0000005 flags=0 addr=0x7bc9194b
ip=7bc9194b tid=0009
0009:trace:seh:raise_exception info[0]=00000000
0009:trace:seh:raise_exception info[1]=ffffffff
0009:trace:seh:raise_exception eax=0469cd20 ebx=0469d290 ecx=00000000
edx=00000000 esi=7b520023 edi=00000063
0009:trace:seh:raise_exception ebp=0469cf38 esp=0469cd10 cs=0023 ds=002b
es=002b fs=0063 gs=006b flags=00010246
0009:trace:seh:call_stack_handlers calling handler at 0xe24c17 code=c0000005
flags=0
0009:trace:seh:__regs_RtlUnwind code=c0000005 flags=2
0009:trace:seh:__regs_RtlUnwind eax=00000000 ebx=0469de2c ecx=0469ccb8
edx=7bc9194b esi=0469c840 edi=0000002b
0009:trace:seh:__regs_RtlUnwind ebp=0040b370 esp=0469c80c eip=00640023 cs=0246
ds=002b fs=002b gs=0063 flags=0469c7fc
0009:trace:seh:__regs_RtlUnwind calling handler at 0x7bc911fd code=c0000005
flags=2
0009:trace:seh:__regs_RtlUnwind handler at 0x7bc911fd returned 1
0009:fixme:seh:set_cpu_context setting partial context (468c544) not supported
...
0009:trace:seh:__regs_RtlUnwind handler at 0x40b5cc returned 1
0009:trace:seh:__regs_RtlUnwind calling handler at 0xacf209 code=eedfade
flags=3
0009:trace:seh:__regs_RtlUnwind handler at 0x40b5cc returned 1
0009:trace:seh:__regs_RtlUnwind calling handler at 0xad0ecc code=eedfade
flags=3
...
0009:trace:ntdll:NtWriteFile
(0x1ac,(nil),(nil),(nil),0x469e450,0x27f97ee8,0x00000700,(nil),(nil))!
0009:trace:ntdll:NtWriteFile = SUCCESS (1792)
0009:trace:seh:__regs_RtlUnwind handler at 0x40b5cc returned 1
...
0009: set_thread_context( handle=fffffffe, suspend=1,
context={cpu=x86,ds=ed5e90,es=2239002b,fs=469002b,gs=7e620063,dr0=7e685bf8,dr1=7ffd8000,dr2=7e688bb0,dr3=223993b8,dr6=0469e6b0,dr7=00000000,fp.ctrl=0469e6a8,fp.status=7bc4d26b,fp.tag=7e685bf8,fp.err_off=ffffffff,fp.err_sel=0469e6d8,fp.data_off=7bc4dd69,fp.data_sel=7e685bf8,fp.cr0npx=0013006b,fp.reg0=-nan,fp.reg1=-nan,fp.reg2=8.98966e-4933,fp.reg3=2.21202e-4592,fp.reg4=-nan,fp.reg5=nan,fp.reg6=-nan,fp.reg7=1.5086e-4926,extended={...}}
)
0009: *signal* signal=19
0009: set_thread_context() = 0 { self=1 }
...
0009:trace:seh:raise_exception code=c0000005 flags=0 addr=0x7bc9194b
ip=7bc9194b tid=0009
0009:trace:seh:raise_exception info[0]=00000000
0009:trace:seh:raise_exception info[1]=ffffffff
0009:trace:seh:raise_exception eax=0469e020 ebx=0469e590 ecx=00000000
edx=00000000 esi=22000023 edi=00000063
0009:trace:seh:raise_exception ebp=0469e238 esp=0469e010 cs=0023 ds=002b
es=002b fs=0063 gs=006b flags=00010246
0009:trace:seh:call_stack_handlers calling handler at 0xad0ee3 code=c0000005
flags=0
...
0009:trace:seh:__regs_RtlUnwind code=c0000005 flags=2
0009:trace:seh:__regs_RtlUnwind eax=00000000 ebx=0469f200 ecx=0469dfb8
edx=7bc9194b esi=0469db40 edi=00ad0efc
0009:trace:seh:__regs_RtlUnwind ebp=0040b4f8 esp=0469db08 eip=00790023 cs=0202
ds=2760 fs=002b gs=0063 flags=0469daf8
0009:trace:seh:__regs_RtlUnwind calling handler at 0x7bc911fd code=c0000005
flags=2
0009:trace:seh:__regs_RtlUnwind handler at 0x7bc911fd returned 1
0009:trace:seh:raise_exception code=eedfade flags=1 addr=0x7b446a4a ip=7b446a4a
tid=0009
0009:trace:seh:raise_exception info[0]=004d349d
0009:trace:seh:raise_exception info[1]=265f5630
0009:trace:seh:raise_exception info[2]=27a0bbd0
0009:trace:seh:raise_exception info[3]=2659ae3c
0009:trace:seh:raise_exception info[4]=27a0bbd0
0009:trace:seh:raise_exception info[5]=0469d908
0009:trace:seh:raise_exception info[6]=0469d8d0
0009:trace:seh:raise_exception eax=7b4351ad ebx=27a0bbd0 ecx=00000000
edx=2659ae3c esi=2659ae3c edi=27a0bbd0
0009:trace:seh:raise_exception ebp=0469d898 esp=0469d834 cs=7bc40023
ds=469002b es=ffff002b fs=1f6b0063 gs=7bc4006b flags=00000212
0009:trace:seh:call_stack_handlers calling handler at 0x54e4da code=eedfade
flags=1
0009:trace:seh:call_stack_handlers handler at 0x54e4da returned 1
0009:trace:seh:call_stack_handlers calling handler at 0x5de78c code=eedfade
flags=1
...
0009:trace:seh:call_stack_handlers handler at 0x554067 returned 1
0009:trace:seh:call_stack_handlers calling handler at 0x554078 code=eedfade
flags=1
0009:trace:seh:__regs_RtlUnwind code=eedfade flags=3
0009:trace:seh:__regs_RtlUnwind eax=00000000 ebx=0469f694 ecx=0469d840
edx=004d349d esi=0469d3e0 edi=0469002b
0009:trace:seh:__regs_RtlUnwind ebp=0040b370 esp=0469d3ac eip=00000023 cs=0246
ds=002b fs=002b gs=0063 flags=0469d39c
0009:trace:seh:__regs_RtlUnwind calling handler at 0x7bc911fd code=eedfade
flags=3
0009:trace:seh:__regs_RtlUnwind handler at 0x7bc911fd returned 1
0009:trace:seh:__regs_RtlUnwind calling handler at 0x54e4da code=eedfade
flags=3
0009:trace:seh:__regs_RtlUnwind handler at 0x40b5cc returned 1
0009:trace:seh:__regs_RtlUnwind calling handler at 0x5de78c code=eedfade
flags=3
0009:trace:seh:__regs_RtlUnwind handler at 0x40b5cc returned 1
0009:trace:seh:__regs_RtlUnwind calling handler at 0xe0b98e code=eedfade
flags=3
0009:trace:seh:__regs_RtlUnwind handler at 0x40b5cc returned 1
0009:trace:seh:__regs_RtlUnwind calling handler at 0xe0be6a code=eedfade
flags=3
0009:trace:seh:__regs_RtlUnwind handler at 0x40b5cc returned 1
0009:trace:seh:__regs_RtlUnwind calling handler at 0x40b524 code=eedfade
flags=3
0009:trace:seh:__regs_RtlUnwind handler at 0x40b624 returned 1
0009:trace:seh:__regs_RtlUnwind calling handler at 0xad1295 code=eedfade
flags=3
0009:trace:seh:__regs_RtlUnwind handler at 0x40b5cc returned 1
0009:trace:seh:__regs_RtlUnwind calling handler at 0xb5b9fa code=eedfade
flags=3
0009:trace:seh:__regs_RtlUnwind handler at 0x40b5cc returned 1
0009:trace:seh:__regs_RtlUnwind calling handler at 0xb59bf5 code=eedfade
flags=3
0009:trace:seh:__regs_RtlUnwind handler at 0x40b5cc returned 1
0009:trace:seh:__regs_RtlUnwind calling handler at 0x111c4c0 code=eedfade
flags=3
0009:trace:seh:__regs_RtlUnwind handler at 0x40b5cc returned 1
0009:trace:seh:__regs_RtlUnwind calling handler at 0x554067 code=eedfade
flags=3
0009:trace:seh:__regs_RtlUnwind handler at 0x40b5cc returned 1
0009: set_thread_context( handle=fffffffe, suspend=1,
context={cpu=x86,ds=ffff002b,es=469002b,fs=61002b,gs=4690063,eax=00000000,ebx=0469f694,ecx=0469d840,edx=004d349d,esi=0469d3e0,edi=0469002b,dr0=00000000,dr1=7bcc4a14,dr2=00000021,dr3=0469d720,dr6=0039002e,dr7=0469f6b8,fp.ctrl=7bcc4a2e,fp.status=0469d730,fp.tag=00430043,fp.err_off=0469d118,fp.err_sel=7e62f8a4,fp.data_off=223abbb0,fp.data_sel=00000048,fp.cr0npx=280d006b,fp.reg0=-nan,fp.reg1=2.08243e-4592,fp.reg2=-nan,fp.reg3=7.94645e+4807,fp.reg4=-nan,fp.reg5=6.96496e+4808,fp.reg6=nan,fp.reg7=4.04053e-4913,extended={...}
)
0009: *signal* signal=19
0009: set_thread_context() = INVALID_PARAMETER { self=1 }
...
0009: set_window_text( handle=000105ac, text=L"Access violation at address
7BC9194B in module 'ntdll.dll'. Read of address FFFFFFFF." )
--- snip ---
Disassembly pointed to inlined ntdll 'restore_fpux':
--- snip ---
7BC918FB 55 PUSH EBP
7BC918FC 89E5 MOV EBP,ESP
7BC918FE 81EC 28020000 SUB ESP,228
7BC91904 8D85 E4FDFFFF LEA EAX,[EBP-21C]
7BC9190A 83C0 0F ADD EAX,0F
7BC9190D 83E0 F0 AND EAX,FFFFFFF0
7BC91910 8945 F4 MOV DWORD PTR SS:[EBP-0C],EAX
7BC91913 8B45 08 MOV EAX,DWORD PTR SS:[EBP+8]
7BC91916 05 CC000000 ADD EAX,0CC
7BC9191B 83EC 04 SUB ESP,4
7BC9191E 68 00020000 PUSH 200
7BC91923 50 PUSH EAX
7BC91924 FF75 F4 PUSH DWORD PTR SS:[EBP-0C]
7BC91927 E8 6416F47B CALL F7BD2F90 ; memcpy
7BC9192C 83C4 10 ADD ESP,10
7BC9192F 8B45 F4 MOV EAX,DWORD PTR SS:[EBP-0C]
7BC91932 0FB750 02 MOVZX EDX,WORD PTR DS:[EAX+2]
7BC91936 8B45 F4 MOV EAX,DWORD PTR SS:[EBP-0C]
7BC91939 0FB700 MOVZX EAX,WORD PTR DS:[EAX]
7BC9193C 83C8 80 OR EAX,FFFFFF80
7BC9193F 21C2 AND EDX,EAX
7BC91941 8B45 F4 MOV EAX,DWORD PTR SS:[EBP-0C]
7BC91944 66:8950 02 MOV WORD PTR DS:[EAX+2],DX
7BC91948 8B45 F4 MOV EAX,DWORD PTR SS:[EBP-0C]
7BC9194B 0FAE08 FXRSTOR DS:[EAX] ; *boom*
7BC9194E 90 NOP
7BC9194F C9 LEAVE
7BC91950 C3 RETN
--- snip ---
--> RtlUnwind
--> RtlCaptureContext
--> __regs_RtlUnwind
--> NtSetContextThread
--> set_cpu_context (self)
--> restore_fpux (inlined)
This gave some hints to make a guess which pointed to this:
https://source.winehq.org/git/wine.git/commitdiff/342e2cabd21c5a836683ac30e260ec4944eeac6b
--- quote ---
ntdll: Avoid pushl %esp instruction in RtlUnwind prolog.
author Alexandre Julliard <julliard at winehq.org>
Fri, 9 Mar 2018 19:47:01 +0000 (13:47 -0600)
committer Alexandre Julliard <julliard at winehq.org>
Fri, 9 Mar 2018 19:47:01 +0000 (13:47 -0600)
commit 342e2cabd21c5a836683ac30e260ec4944eeac6b
--- quote ---
Indeed, reverting the commit on master HEAD (Wine 3.8) made the issue
immediately reappear.
There is bug 44647 which has the same "fixed by commit sha1" and had a proper
regression commit bisected
(https://source.winehq.org/git/wine.git/commitdiff/dc63fbf98d1af6396533a9af2cfb1eb996a18035).
Although this ticket is older, bug 44647 has already been resolved for Wine 3.4
and selected for 3.x stable.
Resolving as duplicate of bug 44647 here and refining its summary.
$ sha1sum Tina110en.exe
f6dc4047c61e9f12f7e5d1afae3b63c32c471103 Tina110en.exe
$ du -sh Tina110en.exe
230M Tina110en.exe
$ wine --version
wine-3.8
Regards
*** This bug has been marked as a duplicate of bug 44647 ***
--
Do not reply to this email, post in Bugzilla using the
above URL to reply.
You are receiving this mail because:
You are watching all bug changes.
More information about the wine-bugs
mailing list