[Bug 17277] ZFlash numerical control app needs address space between 0x100000-0x800000 (1-8 MiB) which conflicts with process heap location
WineHQ Bugzilla
wine-bugs at winehq.org
Sun May 23 04:54:18 CDT 2021
https://bugs.winehq.org/show_bug.cgi?id=17277
--- Comment #10 from Anastasius Focht <focht at gmx.net> ---
Hello André,
--- quote ---
Does it work in recent Wine versions, because a related bug seems fixed (See
Also) Or is this abandoned meanwhile?
--- quote ---
No, nothing has changed with regards to default process heap location. The test
app still crashes as expected.
Proof:
--- snip ---
$ WINEDEBUG=+pid,+seh,+loaddll,+process,+relay,+module wine ./ZLoader.exe
test.exe >>log.txt 2>&1
...
0020:0024:Call
ntdll.NtCreateUserProcess(0021f828,0021f82c,001fffff,001fffff,0021f6ac,0021f694,00000200,00000001,00472320,0021f748,0021f6c4)
ret=7b038367
...
0104:0108:trace:module:map_image_into_view mapping PE file
L"\\??\\Z:\\home\\focht\\Downloads\\z\\Test.exe" at 0x800000-0x818000
...
0104:0108:trace:module:map_image_into_view mapping PE file
L"\\??\\C:\\windows\\system32\\ntdll.dll" at 0x7bc00000-0x7bc80000
...
0020:0024:trace:process:NtCreateUserProcess
L"\\??\\Z:\\home\\focht\\Downloads\\z\\Test.exe" pid 0104 tid 0108 handles
0x6c/0x70
0020:0024:Ret ntdll.NtCreateUserProcess() retval=00000000 ret=7b038367
...
0020:0024:trace:process:CreateProcessInternalW started process pid 0104 tid
0108
...
0020:0024:Ret KERNEL32.CreateProcessA() retval=00000001 ret=00401188
0020:0024:Call KERNEL32.VirtualQueryEx(0000006c,00030000,0021fe60,0000001c)
ret=00401228
0020:0024:Call
ntdll.NtQueryVirtualMemory(0000006c,00030000,00000000,0021fe60,0000001c,0021f9b0)
ret=7b02a0ef
0020:0024:Ret ntdll.NtQueryVirtualMemory() retval=00000000 ret=7b02a0ef
0020:0024:Ret KERNEL32.VirtualQueryEx() retval=0000001c ret=00401228
0020:0024:Call KERNEL32.VirtualQueryEx(0000006c,00110000,0021fe60,0000001c)
ret=00401228
0020:0024:Call
ntdll.NtQueryVirtualMemory(0000006c,00110000,00000000,0021fe60,0000001c,0021f9b0)
ret=7b02a0ef
0020:0024:Ret ntdll.NtQueryVirtualMemory() retval=00000000 ret=7b02a0ef
0020:0024:Ret KERNEL32.VirtualQueryEx() retval=0000001c ret=00401228
0020:0024:Call KERNEL32.VirtualFreeEx(0000006c,00110000,00000000,00008000)
ret=00401258
0020:0024:Call ntdll.NtFreeVirtualMemory(0000006c,0021f9c4,0021f9c8,00008000)
ret=7b029f8b
0020:0024:Ret ntdll.NtFreeVirtualMemory() retval=00000000 ret=7b029f8b
0020:0024:Ret KERNEL32.VirtualFreeEx() retval=00000001 ret=00401258
0020:0024:Call ntdll.RtlAllocateHeap(00cd0000,00000000,00001030) ret=00406d12
0020:0024:Ret ntdll.RtlAllocateHeap() retval=00cd0c48 ret=00406d12
0020:0024:Call KERNEL32.VirtualQueryEx(0000006c,00114000,0021fe60,0000001c)
ret=00401228
0020:0024:Call
ntdll.NtQueryVirtualMemory(0000006c,00114000,00000000,0021fe60,0000001c,0021f9b0)
ret=7b02a0ef
0020:0024:Ret ntdll.NtQueryVirtualMemory() retval=00000000 ret=7b02a0ef
0020:0024:Ret KERNEL32.VirtualQueryEx() retval=0000001c ret=00401228
0020:0024:Call KERNEL32.VirtualQueryEx(0000006c,00120000,0021fe60,0000001c)
ret=00401228
0020:0024:Call
ntdll.NtQueryVirtualMemory(0000006c,00120000,00000000,0021fe60,0000001c,0021f9b0)
ret=7b02a0ef
0020:0024:Ret ntdll.NtQueryVirtualMemory() retval=00000000 ret=7b02a0ef
0020:0024:Ret KERNEL32.VirtualQueryEx() retval=0000001c ret=00401228
0020:0024:Call KERNEL32.VirtualFreeEx(0000006c,00120000,00000000,00008000)
ret=00401258
0020:0024:Call ntdll.NtFreeVirtualMemory(0000006c,0021f9c4,0021f9c8,00008000)
ret=7b029f8b
0020:0024:Ret ntdll.NtFreeVirtualMemory() retval=00000000 ret=7b029f8b
0020:0024:Ret KERNEL32.VirtualFreeEx() retval=00000001 ret=00401258
0020:0024:Call KERNEL32.VirtualQueryEx(0000006c,00121000,0021fe60,0000001c)
ret=00401228
0020:0024:Call
ntdll.NtQueryVirtualMemory(0000006c,00121000,00000000,0021fe60,0000001c,0021f9b0)
ret=7b02a0ef
0020:0024:Ret ntdll.NtQueryVirtualMemory() retval=00000000 ret=7b02a0ef
0020:0024:Ret KERNEL32.VirtualQueryEx() retval=0000001c ret=00401228
0020:0024:Call
KERNEL32.VirtualAllocEx(0000006c,00100000,00700000,00002000,00000040)
ret=004012ba
0020:0024:Call
ntdll.NtAllocateVirtualMemory(0000006c,0021f9ac,00000000,0021f9c8,00002000,00000040)
ret=7b029dda
0020:0024:Ret ntdll.NtAllocateVirtualMemory() retval=00000000 ret=7b029dda
0020:0024:Ret KERNEL32.VirtualAllocEx() retval=00100000 ret=004012ba
0020:0024:Call user32.MessageBoxA(00000000,00422094 "ZLoader now will resume
the thread",0042203c "ZLoader",00000040) ret=004012d7
...
0020:0024:Ret user32.MessageBoxA() retval=00000001 ret=004012d7
0020:0024:Call KERNEL32.ResumeThread(00000070) ret=004010b2
0020:0024:Call ntdll.NtResumeThread(00000070,0021fe44) ret=7b04c713
0020:0024:Ret ntdll.NtResumeThread() retval=00000000 ret=7b04c713
0020:0024:Ret KERNEL32.ResumeThread() retval=00000001 ret=004010b2
0020:0024:Call KERNEL32.CloseHandle(00000070) ret=004010c8
0020:0024:Call ntdll.NtClose(00000070) ret=7b036f50
...
0104:0108:trace:seh:dispatch_exception code=c0000005 flags=0 addr=7BC20290
ip=7bc20290 tid=0108
0104:0108:trace:seh:dispatch_exception info[0]=00000000
0104:0108:trace:seh:dispatch_exception info[1]=00110290
0104:0108:warn:seh:dispatch_exception EXCEPTION_ACCESS_VIOLATION exception
(code=c0000005) raised
0104:0108:trace:seh:dispatch_exception eax=7ffd1000 ebx=7ffd1000 ecx=00000002
edx=7ffd1044 esi=7ffd1000 edi=00110000
0104:0108:trace:seh:dispatch_exception ebp=0101ef18 esp=0101eccc cs=0023
ds=002b es=002b fs=0063 gs=006b flags=00010206
0104:0108:err:seh:NtRaiseException Unhandled exception code c0000005 flags 0
addr 0x7bc20290
...
0020:0024:Call user32.MessageBoxA(00000000,0042201c "ZLoader will end",0042203c
"ZLoader",00000040) ret=004010fa
--- snip ---
Crash location in debuggee:
--- snip ---
<ntdll._init_user_process_params>:
7BC20270 | push ebp |
7BC20271 | mov ebp,esp |
7BC20273 | push ebx |
7BC20274 | push edi |
7BC20275 | push esi |
7BC20276 | sub esp,240 |
7BC2027C | mov eax,dword ptr fs:[18] | ntdll/env.c:638
7BC20282 | mov dword ptr ss:[ebp-14],eax |
7BC20285 | mov eax,dword ptr ds:[eax+30] | ntdll/env.c:638
7BC20288 | mov ecx,2 |
7BC2028D | mov edi,dword ptr ds:[eax+10] | params 0x110000
7BC20290 | mov ebx,dword ptr ds:[edi+290] | ntdll/env.c:642 -> *boom*
7BC20296 | cmp ebx,2 | ntdll/env.c:643
7BC20299 | cmova ecx,ebx |
7BC2029C | push ecx |
7BC2029D | push 0 |
7BC2029F | push dword ptr ds:[eax+18] |
7BC202A2 | call <ntdll._RtlAllocateHeap at 12> |
...
--- snip ---
Corresponding source:
https://source.winehq.org/git/wine.git/blob/9561af9a7d8d77e2f98341e278c842226cae47ed:/dlls/ntdll/env.c#l629
--- snip ---
629 /***********************************************************************
630 * init_user_process_params
631 *
632 * Fill the initial RTL_USER_PROCESS_PARAMETERS structure from the server.
633 */
634 void init_user_process_params(void)
635 {
636 WCHAR *env;
637 SIZE_T env_size;
638 RTL_USER_PROCESS_PARAMETERS *new_params, *params =
NtCurrentTeb()->Peb->ProcessParameters;
639 UNICODE_STRING curdir;
640
641 /* environment needs to be a separate memory block */
642 env_size = params->EnvironmentSize;
643 if ((env = RtlAllocateHeap( GetProcessHeap(), 0, max( env_size,
sizeof(WCHAR) ))))
644 {
645 if (env_size) memcpy( env, params->Environment, env_size );
646 else env[0] = 0;
647 }
--- snip ---
https://source.winehq.org/git/wine.git/blob/9561af9a7d8d77e2f98341e278c842226cae47ed:/dlls/ntdll/unix/virtual.c#l148
$ wine --version
wine-6.9
Regards
--
Do not reply to this email, post in Bugzilla using the
above URL to reply.
You are receiving this mail because:
You are watching all bug changes.
More information about the wine-bugs
mailing list