[Bug 21038] F-Secure BlackLight Engine 2.2.x (Rootkit scanner) crashes after accepting license agreement (Wine on-disk placeholder dlls sections must be padded with data up to section virtual size)
WineHQ Bugzilla
wine-bugs at winehq.org
Sat Jan 16 09:08:39 CST 2021
https://bugs.winehq.org/show_bug.cgi?id=21038
Anastasius Focht <focht at gmx.net> changed:
What |Removed |Added
----------------------------------------------------------------------------
Component|-unknown |kernel32
Resolution|--- |FIXED
Status|NEW |RESOLVED
URL|ftp://ftp.f-secure.com/anti |https://web.archive.org/web
|-virus/tools/fsbl.exe |/20210116145628/ftp://ftp.f
| |-secure.com/anti-virus/tool
| |s/fsbl.exe
Fixed by SHA1| |0c631ebb2354334eaf309bc0765
| |d3283654cf902
--- Comment #14 from Anastasius Focht <focht at gmx.net> ---
Hello Gijs,
--- quote ---
Is it possible this bug is fixed? With wine-6.0-rc6 there is a non-fatal page
fault after accepting the license agreement, but the app still starts.
--- quote ---
thanks for the reminder. Yes, it was fixed by commit
https://source.winehq.org/git/wine.git/commitdiff/0c631ebb2354334eaf309bc0765d3283654cf902
("kernel32: Build with msvcrt.").
Part of Wine 5.19 release.
Thanks Alexandre.
There is bug 15437 ("Multiple programs using madCodeHook crash (in-memory PE
image of Wine builtins vs. ELF image on disk)") which references same commit
sha1. Bug 15437 is about EAT/IAT validation between on-disk image and mapped PE
images. The problem here is about PE section layout/requirements hence it makes
sense to keep it separate.
Although it was pretty clear which Wine releases/commits to check for (comment
#12), I wrote small autohotkey and shell script to automate the task.
'bug21038.ahk':
---snip ---
FileDelete, c:\fsbl.fail
Run, fsbl.exe
WinWait, F-Secure BlackLight,,10
if ErrorLevel
{
FileAppend,, c:\fsbl.fail
Exit
}
Sleep, 1000
ControlClick,I accept the agreement
ControlClick,Next >
Loop, 5
{
Sleep, 1000
Process, Exist, winedbg.exe
If ErrorLevel
{
FileAppend,, c:\fsbl.fail
Process, Close, winedbg.exe
Exit
}
}
Process, Close, fsbl.exe
--- snip ---
Shell script 'bug21038_test.sh' for running the autohotkey script against a
number of Wine releases:
--- snip ---
for ver in 2.0 3.0 4.0 5.{0..22} 6.0 ; do (echo "#####"
export WINEPREFIX=~/wineprefix-bug21038 && rm -rf $WINEPREFIX
export WINEARCH=win32
wine_register_path $ver
winetricks -q autohotkey &> /dev/null ;
wine "c:\\Program Files\\AutoHotkey\\AutoHotkey.exe" bug21038.ahk 2>&1 | \
egrep "(debugger|overflow)" ; \
[ -f $WINEPREFIX/drive_c/fsbl.fail ] && echo "FSBL fail." || \
echo "FSBL ok."
wineserver -w) ;
rm -f fsbl-*.log
done
--- snip ---
Output:
--- snip ---
$ bash bug21038_test.sh
#####
Active Wine version: wine-2.0
wine: Unhandled page fault on read access to 0x00361000 at address 0x43ae2a
(thread 004e), starting debugger...
FSBL fail.
#####
Active Wine version: wine-3.0
wine: Unhandled page fault on read access to 0x003b1000 at address 0x44656d
(thread 0053), starting debugger...
FSBL fail.
#####
Active Wine version: wine-4.0
0053:err:seh:setup_exception_record stack overflow 1212 bytes in thread 0053
eip 7bc8463c esp 00240e74 stack 0x240000-0x241000-0x340000
FSBL fail.
#####
Active Wine version: wine-5.0
wine: Unhandled page fault on read access to 09E11000 at address 0044656D
(thread 0054), starting debugger...
FSBL fail.
#####
Active Wine version: wine-5.1
wine: Unhandled page fault on read access to 09FD1000 at address 0044656D
(thread 0054), starting debugger...
FSBL fail.
#####
Active Wine version: wine-5.2
wine: Unhandled page fault on read access to 01A71000 at address 0044656D
(thread 0054), starting debugger...
FSBL fail.
#####
Active Wine version: wine-5.3
wine: Unhandled page fault on read access to 09E31000 at address 0044656D
(thread 0054), starting debugger...
FSBL fail.
#####
Active Wine version: wine-5.4
wine: Unhandled page fault on read access to 09E31000 at address 0044656D
(thread 0054), starting debugger...
FSBL fail.
#####
Active Wine version: wine-5.5
wine: Unhandled page fault on read access to 0A171000 at address 0044656D
(thread 0054), starting debugger...
FSBL fail.
#####
Active Wine version: wine-5.6
wine: Unhandled page fault on read access to 0A171000 at address 0044656D
(thread 0054), starting debugger...
FSBL fail.
#####
Active Wine version: wine-5.7
wine: Unhandled page fault on read access to 0A171000 at address 0043AE2A
(thread 0055), starting debugger...
FSBL fail.
#####
Active Wine version: wine-5.8
wine: Unhandled page fault on read access to 0A1B1000 at address 0044656D
(thread 014c), starting debugger...
FSBL fail.
#####
Active Wine version: wine-5.9
wine: Unhandled page fault on read access to 09921000 at address 0044656D
(thread 014c), starting debugger...
FSBL fail.
#####
Active Wine version: wine-5.10
wine: Unhandled page fault on read access to 09921000 at address 0043AE2A
(thread 0164), starting debugger...
FSBL fail.
#####
Active Wine version: wine-5.11
wine: Unhandled page fault on read access to 09921000 at address 0043AE2A
(thread 0164), starting debugger...
FSBL fail.
#####
Active Wine version: wine-5.12
wine: Unhandled page fault on read access to 09DAC000 at address 00412535
(thread 015c), starting debugger...
FSBL fail.
#####
Active Wine version: wine-5.13
wine: Unhandled page fault on read access to 09DAC000 at address 00412535
(thread 015c), starting debugger...
FSBL fail.
#####
Active Wine version: wine-5.14
wine: Unhandled page fault on read access to 09CBC000 at address 00412535
(thread 015c), starting debugger...
FSBL fail.
#####
Active Wine version: wine-5.15
015c:err:virtual:virtual_setup_exception stack overflow 860 bytes in thread
015c addr 0xf7d7820f stack 0x220ca4 (0x220000-0x221000-0x320000)
FSBL fail.
#####
Active Wine version: wine-5.16
wine: Unhandled page fault on read access to 09B19000 at address 0044656D
(thread 015c), starting debugger...
FSBL fail.
#####
Active Wine version: wine-5.17
wine: Unhandled page fault on read access to 09C59000 at address 0044656D
(thread 0184), starting debugger...
FSBL fail.
#####
Active Wine version: wine-5.18
wine: Unhandled page fault on read access to 0152A000 at address 0044656D
(thread 01e8), starting debugger...
FSBL fail.
#####
Active Wine version: wine-5.19
FSBL ok.
#####
Active Wine version: wine-5.20
FSBL ok.
#####
Active Wine version: wine-5.21
FSBL ok.
#####
Active Wine version: wine-5.22
FSBL ok.
#####
Active Wine version: wine-6.0
FSBL ok.
--- snip ---
After that it was only a small step left to check Wine 5.19 shortlog.
$ wine --version
wine-6.0-40-g00401d22782
Regards
--
Do not reply to this email, post in Bugzilla using the
above URL to reply.
You are receiving this mail because:
You are watching all bug changes.
More information about the wine-bugs
mailing list