[Bug 39961] Steam 'steamwebhelper.exe' crashpad handler (Chromium/CEF) crashes on unimplemented function ntdll.RtlGetUnloadEventTraceEx

wine-bugs at winehq.org wine-bugs at winehq.org
Sun Oct 7 10:52:41 CDT 2018 

https://bugs.winehq.org/show_bug.cgi?id=39961

Anastasius Focht <focht at gmx.net> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                URL|                            |https://steamcdn-a.akamaihd
                   |                            |.net/client/installer/Steam
                   |                            |Setup.exe
          Component|-unknown                    |ntdll
                 CC|                            |focht at gmx.net
         Resolution|---                         |DUPLICATE
             Status|NEEDINFO                    |RESOLVED
           Keywords|                            |download
            Summary|steamwebhelper.exe page     |Steam 'steamwebhelper.exe'
                   |fault NULL pointer crash    |crashpad handler
                   |                            |(Chromium/CEF) crashes on
                   |                            |unimplemented function
                   |                            |ntdll.RtlGetUnloadEventTrac
                   |                            |eEx

--- Comment #14 from Anastasius Focht <focht at gmx.net> ---
Hello folks,

it's actually two cascading issues here.

Please research Wine Bugzilla + Appdb more carefully before reporting bugs.
All major Steam issues are documented for a long time.

https://appdb.winehq.org/objectManager.php?sClass=version&iId=19444

--- snip ---
Unhandled exception: page fault on execute access to 0x00000000 in 32-bit code
(0x00000000).
Register dump:
 CS:001b SS:0023 DS:0023 ES:0023 FS:1027 GS:000f
 EIP:00000000 ESP:0635f908 EBP:0635f924 EFLAGS:00010206(  R- --  I   - -P- )
 EAX:00000000 EBX:0635f94c ECX:7bc64af1 EDX:00000000
 ESI:0635f954 EDI:0635f950
...
Backtrace:
=>0 0x00000000 (0x0635f924)
  1 0x046c33b4 in libcef (+0x3e833b3) (0x0635fa38)
  2 0x046c2b2c in libcef (+0x3e82b2b) (0x0635fb28)
  3 0x02e62a6f in libcef (+0x2622a6e) (0x0635fe14)
  4 0x042e3811 in libcef (+0x3aa3810) (0x0635fe38)
  5 0x7bc678c5 _wait_thread_proc+0x15a() in ntdll (0x0635fe98)
  6 0x7bc67452 _process_rtl_work_item+0x4a() in ntdll (0x0635fec8)
  7 0x7bc6b14d _threadpool_worker_proc+0x1a6() in ntdll (0x0635ff3c)
  8 0x7bc5d2dc _call_thread_func_wrapper+0xb() in ntdll (0x0635ff4c)
  9 0x7bc5f35a _call_thread_func+0x86() in ntdll (0x0635ffdc)
  10 0x7bc5d2ca _call_thread_entry+0x9() in ntdll (0x0635ffec)
0x00000000: -- no code accessible --
Modules:
Module    Address            Debug info    Name (338 modules)
PE      340000-  3c1000    Deferred        chrome_elf
PE      400000-  832000    Deferred        steamwebhelper
PE      840000- 5949000    Export          libcef
PE    10000000-100d5000    Deferred        sdl2
PE    40001000-401bf000    Deferred        libwine.1.0.dylib
ELF    419c6000-419e0000    Deferred        version<elf>
  \-PE    419d0000-419dd000    \               version
...
Threads:
process  tid      prio (all id:s are in hex)
...
000000fa steamwebhelper.exe
    000000b0    0
...
    000000fb    0
00000100 (D) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
    0000010a    0
    00000109    0
    00000107    0
    00000106    0
    00000105    0 <==
...
--- snip ---

The user visible crash is bug 44897 (dupe) but the root cause is bug 32342
(dupe).

Analysis the millionth (wasted) time for proof...

--- snip ---
$ pwd
/home/focht/.wine/drive_c/Program Files/Steam

$ WINEDEBUG=+seh,+relay,+loaddll,+process,+debugstr wine ./Steam.exe
-no-cef-sandbox >>log.txt 2>&1
...
004d:Call KERNEL32.CreateProcessW(00000000,1ce676f8 L"\"C:\\Program
Files\\Steam\\bin\\cef\\cef.win7\\steamwebhelper.exe\" --type=renderer
--disable-gpu-memory-buffer-video-frames --no-sandbox
--disable-features=AsyncWheelEvents,TouchpadAndWheelScrollLatching
--disable-gpu-compositing --service-pipe-token=36BAE4E1E8919813EBCAD93E9BFEDB5D
--enable-blink-"...,00000000,00000000,00000001,00080000,00000000,00000000,1c48f658,1c48f640)
ret=01b9cdbe 
...
00a1:Call KERNEL32.__wine_kernel_init() ret=7bc59f74
...
004d:Ret  KERNEL32.CreateProcessW() retval=00000001 ret=01b9cdbe
...
00a1:warn:debugstr:OutputDebugStringA
"[1007/170030.946:INFO:crash_reporting.cc(215)] Crash reporting enabled for
process: renderer\n" 
...
00a1:trace:seh:raise_exception code=80000003 flags=0 addr=0x3345eff ip=03345f00
tid=00a1
00a1:trace:seh:raise_exception  info[0]=00000000
00a1:trace:seh:raise_exception  info[1]=00000000
00a1:trace:seh:raise_exception  info[2]=00000000
00a1:trace:seh:raise_exception  eax=0033bd38 ebx=00000000 ecx=00000000
edx=00131568 esi=0033bcfc edi=0821a95c
00a1:trace:seh:raise_exception  ebp=0033bd48 esp=0033bcfc cs=0023 ds=002b
es=002b fs=0063 gs=006b flags=00200206
00a1:trace:seh:call_stack_handlers calling handler at 0x6a2238 code=80000003
flags=0
00a1:Call KERNEL32.GetLastError() ret=005e814c
00a1:Call KERNEL32.GetProcAddress(7b200000,006fcd20 "FlsGetValue") ret=005e9798
00a1:Ret  KERNEL32.GetProcAddress() retval=7b43ded0 ret=005e9798
00a1:trace:seh:call_stack_handlers handler at 0x6a2238 returned 1
00a1:trace:seh:call_stack_handlers calling handler at 0x6a2418 code=80000003
flags=0 
...
00a7:Call KERNEL32.GetProcAddress(7bc10000,053d0441 "RtlGetUnloadEventTraceEx")
ret=04307e61
00a7:Ret  KERNEL32.GetProcAddress() retval=00000000 ret=04307e61
00a7:Call ntdll.RtlWakeAllConditionVariable(056ac234) ret=049ec1aa
00a7:Ret  ntdll.RtlWakeAllConditionVariable() retval=00000000 ret=049ec1aa
00a7:trace:seh:raise_exception code=c0000005 flags=0 addr=(nil) ip=00000000
tid=00a7
00a7:trace:seh:raise_exception  info[0]=00000008
00a7:trace:seh:raise_exception  info[1]=00000000
00a7:trace:seh:raise_exception  eax=00000000 ebx=06e9f8bc ecx=7bc25f54
edx=00000004 esi=06e9f8c4 edi=06e9f8c0
00a7:trace:seh:raise_exception  ebp=06e9f894 esp=06e9f878 cs=0023 ds=002b
es=002b fs=0063 gs=006b flags=00010206
00a7:trace:seh:call_stack_handlers calling handler at 0x7bca5310 code=c0000005
flags=0 
...
wine: Unhandled page fault on execute access to 0x00000000 at address (nil)
(thread 00a7), starting debugger... 
--- snip ---

Font face name issue (bug 32342) triggers libCEF DebugBreak()/assert(). 
This results in Chromium crashpad code being invoked (in-process) which causes
a crash due to missing 'ntdll.RtlGetUnloadEventTraceEx' -> bug 44897
The last one is the user-visible crash.

Resolving as dupe of bug 44897 because it's the user visible crash and relates
to the posted backtraces (at least the last one). Bug 32342 already has
gazillion dupes, why not collecting more dupes for bug 44897 ;-)

$ sha1sum SteamSetup.exe 
4b1b85ec2499a4ce07c89609b256923a4fc479e5  SteamSetup.exe

$ du -sh SteamSetup.exe 
1.6M    SteamSetup.exe

$ wine --version
wine-3.17-95-g726abdb388

Regards

*** This bug has been marked as a duplicate of bug 44897 ***

-- 
Do not reply to this email, post in Bugzilla using the
above URL to reply.
You are receiving this mail because:
You are watching all bug changes.

More information about the wine-bugs mailing list