[Bug 46568] New: 64-bit msxml6.dll from Microsoft Core XML Services 6.0 redist package fails to load (Wine doesn't respect 44-bit user-mode VA limitation from Windows < 8.1)
wine-bugs at winehq.org
wine-bugs at winehq.org
Sat Feb 2 13:24:20 CST 2019
https://bugs.winehq.org/show_bug.cgi?id=46568
Bug ID: 46568
Summary: 64-bit msxml6.dll from Microsoft Core XML Services 6.0
redist package fails to load (Wine doesn't respect
44-bit user-mode VA limitation from Windows < 8.1)
Product: Wine
Version: 4.0
Hardware: x86-64
URL: https://download.microsoft.com/download/2/e/0/2e01308a
-e17f-4bf9-bf48-161356cf9c81/msxml6_x64.msi
OS: Linux
Status: NEW
Keywords: download, win64
Severity: normal
Priority: P2
Component: ntdll
Assignee: wine-bugs at winehq.org
Reporter: focht at gmx.net
Distribution: ---
Hello folks,
reported by Louis in https://bugs.winehq.org/show_bug.cgi?id=46107#c2
--- quote ---
I tried winetricks msxml3 and msxml6, but somehow it didn`t work out in 64-bit
wineprefix; i get errors that msxml is not registered etc,
Does anyone know a workaround to use native msxml on 64-bit prefix?
--- quote ---
Relevant part of trace log:
--- snip ---
$ pwd
/home/focht/.wine/drive_c/Program Files/Altium/AD18
$ WINEDEBUG=+seh,+relay,+loaddll,+virtual wine64 ./X2.EXE >>log.txt 2>&1
...
002a:Call KERNEL32.LoadLibraryExW(0053f2b0
L"C:\\windows\\system32\\msxml6.dll",00000000,00000008) ret=7fbe435d7558
...
002a:trace:loaddll:load_native_dll Loaded L"C:\\windows\\system32\\msxml6.dll"
at 0x7ff79e00000: native
002a:Call PE DLL (proc=0x7ff79e0101c,module=0x7ff79e00000
L"msxml6.dll",reason=PROCESS_ATTACH,res=(nil))
...
002a:Call KERNEL32.HeapCreate(00000001,00000000,00000000) ret=7ff79e18411
002a:trace:virtual:NtAllocateVirtualMemory 0xffffffffffffffff (nil) 00110000
2000 00000004
002a:trace:virtual:map_view got mem with anon mmap
0x7fbe39819000-0x7fbe39929000
002a:trace:virtual:VIRTUAL_DumpView View: 0x7fbe39820000 - 0x7fbe3992ffff
(valloc)
002a:trace:virtual:VIRTUAL_DumpView 0x7fbe39820000 - 0x7fbe3992ffff --rw-
002a:trace:virtual:NtAllocateVirtualMemory 0xffffffffffffffff 0x7fbe39820000
00010000 1000 00000004
002a:trace:virtual:mprotect_exec forcing exec permission on
0x7fbe39820000-0x7fbe3982ffff
002a:trace:virtual:VIRTUAL_DumpView View: 0x7fbe39820000 - 0x7fbe3992ffff
(valloc)
002a:trace:virtual:VIRTUAL_DumpView 0x7fbe39820000 - 0x7fbe3982ffff c-rw-
002a:trace:virtual:VIRTUAL_DumpView 0x7fbe39830000 - 0x7fbe3992ffff --rw-
002a:Ret KERNEL32.HeapCreate() retval=7fbe39820000 ret=7ff79e18411
...
002a:Call ntdll.RtlAllocateHeap(7fbe39820000,00000000,00000060) ret=7ff79e03c10
002a:Ret ntdll.RtlAllocateHeap() retval=7fbe39822730 ret=7ff79e03c10
002a:Call msvcrt.memset(7fbe39822740,00000000,00000042) ret=7ff79e03a5a
002a:Ret msvcrt.memset() retval=7fbe39822740 ret=7ff79e03a5a
002a:trace:seh:NtRaiseException code=c0000005 flags=0 addr=0x7ff79e03efe
ip=7ff79e03efe tid=002a
002a:trace:seh:NtRaiseException info[0]=0000000000000000
002a:trace:seh:NtRaiseException info[1]=ffffffffffffffff
002a:trace:seh:NtRaiseException rax=000000000011b2d0 rbx=6c61567274736270
rcx=0000000000000008 rdx=0000000000000000
002a:trace:seh:NtRaiseException rsi=0000000000007fbe rdi=0000000000000730
rbp=00000ff7c73044e8 rsp=000000000053ea70
002a:trace:seh:NtRaiseException r8=00007fbe39822740 r9=0000000000000000
r10=0000000000000000 r11=0000000000000000
002a:trace:seh:NtRaiseException r12=00007fbe39822740 r13=000007ff79f8dc80
r14=00007fbe436c6160 r15=000000000053f708
...
002a:exception c0000005 in PE entry point
(proc=0x7ff79e0101c,module=0x7ff79e00000,reason=PROCESS_ATTACH,res=(nil))
002a:Ret PE DLL (proc=0x7ff79e0101c,module=0x7ff79e00000
L"msxml6.dll",reason=PROCESS_ATTACH,res=(nil)) retval=0
002a:Call PE DLL (proc=0x7ff79e0101c,module=0x7ff79e00000
L"msxml6.dll",reason=PROCESS_DETACH,res=(nil))
002a:Ret PE DLL (proc=0x7ff79e0101c,module=0x7ff79e00000
L"msxml6.dll",reason=PROCESS_DETACH,res=(nil)) retval=1
002a:trace:loaddll:free_modref Unloaded module
L"C:\\windows\\system32\\msxml6.dll" : native
002a:Ret KERNEL32.LoadLibraryExW() retval=00000000 ret=7fbe435d7558
002a:err:ole:COMPOBJ_DllList_Add couldn't load in-process dll
L"C:\\windows\\system32\\msxml6.dll"
--- snip ---
It seems that certain older 64-bit components such as Microsoft XML libs make
assumptions about the 64-bit user-mode virtual address space layout.
This is different from the usual broken apps a la "I failed at porting my
32-bit app to 64-bit" (pointer truncation).
In this case, pointers from certain allocations are broken into multiple parts
and used as indices into multi-level lookup tables.
Pitfall: there is a 44-bit user-mode VA limitation (8TB) for 64-bit Windows
which was lifted starting with Windows 8.1+.
Wine doesn't respect the 44-bit pre-Windows 8.1 virtual address space limits,
allowing process heaps to be placed in 0000'7Fxx'0000'0000 range (128 TB) which
causes out-of-bounds access to lookup tables when indices overflow (derived
from pointer bits). The exception occurs in entry point, causing 'msxml6.dll'
to be unloaded.
One workaround is to move Wine's top-down allocations/heaps into 8 TB VA range
(Wine preloader) and impose same user-mode address space bits limits as with
all 64-bit Windows versions < 8.1 to stay "compatible". I've tested it and it
works for native here. Not sure if it's worth to change though.
I don't know if a separate 64-bit MSXML6 re-distributable package exists that
has been fixed wrt Windows 8.1+ address space limits.
MSXML6 is part of Windows OS for newer versions and automatically kept
up-to-date.
$ sha1sum msxml6_x64.msi
1eb84eeae7729ea5db7fe79779f4e216114261ba msxml6_x64.msi
$ du -sh msxml6_x64.msi
2.6M msxml6_x64.msi
$ wine --version
wine-4.0-276-g84459ba94b
Regards
--
Do not reply to this email, post in Bugzilla using the
above URL to reply.
You are receiving this mail because:
You are watching all bug changes.
More information about the wine-bugs
mailing list