[Bug 29899] New: mapviewoffileex fails under certain condition with PE images
http://bugs.winehq.org/show_bug.cgi?id=29899 Bug #: 29899 Summary: mapviewoffileex fails under certain condition with PE images Product: Wine Version: unspecified Platform: x86 OS/Version: Linux Status: UNCONFIRMED Severity: critical Priority: P2 Component: kernel32 AssignedTo: wine-bugs(a)winehq.org ReportedBy: tizbac2(a)gmail.com Classification: Unclassified Created attachment 38887 --> http://bugs.winehq.org/attachment.cgi?id=38887 Test C program that fails on wine and works on windows Using mapviewoffileex on the same pe image from 2 different file handles, on wine tries to relocate and if the dll does not have .reloc , it will fail , instead on windows the call to MapViewOfFileEx returns a valid pointer both times. The attached C program together with a non relocatable DLL will fail on wine, but on windows xp it works and it gives both times "test succeeded" -- Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email Do not reply to this email, post in Bugzilla using the above URL to reply. ------- You are receiving this mail because: ------- You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=29899 --- Comment #1 from tizbac2(a)gmail.com 2012-02-15 07:04:00 CST --- Created attachment 38888 --> http://bugs.winehq.org/attachment.cgi?id=38888 DLL Without .reloc section -- Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email Do not reply to this email, post in Bugzilla using the above URL to reply. ------- You are receiving this mail because: ------- You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=29899 Dmitry Timoshkov <dmitry(a)baikal.ru> changed: What |Removed |Added ---------------------------------------------------------------------------- Component|kernel32 |-unknown Severity|critical |minor --- Comment #2 from Dmitry Timoshkov <dmitry(a)baikal.ru> 2012-02-15 07:06:41 CST --- Wine version? Is there a real program that fails? -- Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email Do not reply to this email, post in Bugzilla using the above URL to reply. ------- You are receiving this mail because: ------- You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=29899 Dmitry Timoshkov <dmitry(a)baikal.ru> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #38887|text/x-csrc |text/plain mime type| | -- Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email Do not reply to this email, post in Bugzilla using the above URL to reply. ------- You are receiving this mail because: ------- You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=29899 --- Comment #3 from tizbac2(a)gmail.com 2012-02-15 07:09:32 CST --- alteriwnet fails cause of that bug, it maps iw4m1.dll 3 times, and iw4m1.dll is not relocatable -- Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email Do not reply to this email, post in Bugzilla using the above URL to reply. ------- You are receiving this mail because: ------- You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=29899 tizbac2(a)gmail.com changed: What |Removed |Added ---------------------------------------------------------------------------- Component|-unknown |kernel32 Version|unspecified |1.4-rc3 -- Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email Do not reply to this email, post in Bugzilla using the above URL to reply. ------- You are receiving this mail because: ------- You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=29899 Dmitry Timoshkov <dmitry(a)baikal.ru> changed: What |Removed |Added ---------------------------------------------------------------------------- Component|kernel32 |-unknown -- Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email Do not reply to this email, post in Bugzilla using the above URL to reply. ------- You are receiving this mail because: ------- You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=29899 --- Comment #4 from Dmitry Timoshkov <dmitry(a)baikal.ru> 2012-02-15 07:12:45 CST --- (In reply to comment #3)
alteriwnet fails cause of that bug
What's that? URL? -- Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email Do not reply to this email, post in Bugzilla using the above URL to reply. ------- You are receiving this mail because: ------- You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=29899 --- Comment #5 from tizbac2(a)gmail.com 2012-02-15 07:29:43 CST --- http://alteriw.net , currently it would be the only way to play call of duty mw2 and mw3 online on linux, cause they use their own anticheat system that should not have problems -- Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email Do not reply to this email, post in Bugzilla using the above URL to reply. ------- You are receiving this mail because: ------- You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=29899 Austin English <austinenglish(a)gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Keywords| |testcase -- Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email Do not reply to this email, post in Bugzilla using the above URL to reply. ------- You are receiving this mail because: ------- You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=29899 Dmitry Timoshkov <dmitry(a)baikal.ru> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #38887|0 |1 is obsolete| | --- Comment #6 from Dmitry Timoshkov <dmitry(a)baikal.ru> 2012-02-16 00:29:17 CST --- Created attachment 38900 --> http://bugs.winehq.org/attachment.cgi?id=38900 Test C program that fails on wine and works on windows Here is a version of the test without magic numbers, and its output under XP: f 000007E8, fmap 000007F4, ptr 20000000 test succeeded f2 000007DC, fmap2 000007D8, ptr2 00350000 test succeeded It looks like Windows successfully maps a PE file with SEC_IMAGE without relocations somewhere else if its specified base address already occupied. -- Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email Do not reply to this email, post in Bugzilla using the above URL to reply. ------- You are receiving this mail because: ------- You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=29899 Dmitry Timoshkov <dmitry(a)baikal.ru> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|UNCONFIRMED |NEW Ever Confirmed|0 |1 --- Comment #7 from Dmitry Timoshkov <dmitry(a)baikal.ru> 2012-02-16 02:53:42 CST --- Using NtMapViewOfSection() instead of MapViewOfFile() in the test shows that under XP although NtMapViewOfSection() returns STATUS_IMAGE_NOT_AT_BASE, it returns a valid pointer which matches what MapViewOfFile() returns. -- Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email Do not reply to this email, post in Bugzilla using the above URL to reply. ------- You are receiving this mail because: ------- You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=29899 --- Comment #8 from Dmitry Timoshkov <dmitry(a)baikal.ru> 2012-02-16 04:51:41 CST --- Created attachment 38906 --> http://bugs.winehq.org/attachment.cgi?id=38906 ntdll: Separate image relocation from NtMapViewOfSection Something like this should fix it. -- Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email Do not reply to this email, post in Bugzilla using the above URL to reply. ------- You are receiving this mail because: ------- You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=29899 --- Comment #9 from tizbac2(a)gmail.com 2012-02-16 04:58:26 CST --- Created attachment 38907 --> http://bugs.winehq.org/attachment.cgi?id=38907 Crash after applying proposed patch Crash after applying patch -- Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email Do not reply to this email, post in Bugzilla using the above URL to reply. ------- You are receiving this mail because: ------- You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=29899 --- Comment #10 from Dmitry Timoshkov <dmitry(a)baikal.ru> 2012-02-16 05:04:42 CST --- (In reply to comment #9)
Created attachment 38907 [details] Crash after applying proposed patch
Crash after applying patch
You are too fast :) The patch (or rather a prototype) was supposed to fix only your test case. What is missing is changing the section protection to read-write and back when applying relocations. -- Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email Do not reply to this email, post in Bugzilla using the above URL to reply. ------- You are receiving this mail because: ------- You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=29899 --- Comment #11 from tizbac2(a)gmail.com 2012-02-16 05:18:16 CST --- (In reply to comment #10)
(In reply to comment #9)
Created attachment 38907 [details] Crash after applying proposed patch
Crash after applying patch
You are too fast :) The patch (or rather a prototype) was supposed to fix only your test case. What is missing is changing the section protection to read-write and back when applying relocations.
ah ok :) -- Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email Do not reply to this email, post in Bugzilla using the above URL to reply. ------- You are receiving this mail because: ------- You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=29899 Dmitry Timoshkov <dmitry(a)baikal.ru> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #38906|0 |1 is obsolete| | --- Comment #12 from Dmitry Timoshkov <dmitry(a)baikal.ru> 2012-02-17 00:40:32 CST --- Created attachment 38922 --> http://bugs.winehq.org/attachment.cgi?id=38922 ntdll: Separate image relocation from NtMapViewOfSection (In reply to comment #9)
Created attachment 38907 [details] Crash after applying proposed patch
Crash after applying patch
This version of the patch should fix the crash. -- Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email Do not reply to this email, post in Bugzilla using the above URL to reply. ------- You are receiving this mail because: ------- You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=29899 --- Comment #13 from tizbac2(a)gmail.com 2012-02-18 05:24:24 CST --- (In reply to comment #12)
Created attachment 38922 [details] ntdll: Separate image relocation from NtMapViewOfSection
(In reply to comment #9)
Created attachment 38907 [details] Crash after applying proposed patch
Crash after applying patch
This version of the patch should fix the crash.
It still crashes , but no stacktrace this time , just WineDbg starting on pid 0023 err:module:attach_process_dlls "CrashRpt.dll" failed to initialize, aborting err:module:LdrInitializeThunk Main exe initialization for L"Z:\\media\\Elements\\Call Of Duty Modern Warfare 2\\iw4mp.dat.exe" failed, status c0000005 Process of pid=0023 has terminated -- Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email Do not reply to this email, post in Bugzilla using the above URL to reply. ------- You are receiving this mail because: ------- You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=29899 --- Comment #14 from Dmitry Timoshkov <dmitry(a)baikal.ru> 2012-02-18 23:53:48 CST --- (In reply to comment #13)
It still crashes , but no stacktrace this time , just WineDbg starting on pid 0023 err:module:attach_process_dlls "CrashRpt.dll" failed to initialize, aborting err:module:LdrInitializeThunk Main exe initialization for L"Z:\\media\\Elements\\Call Of Duty Modern Warfare 2\\iw4mp.dat.exe" failed, status c0000005 Process of pid=0023 has terminated
Could you please attach a +module,+virtual log (with the patch) here? -- Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email Do not reply to this email, post in Bugzilla using the above URL to reply. ------- You are receiving this mail because: ------- You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=29899 --- Comment #15 from tizbac2(a)gmail.com 2012-02-19 05:55:20 CST --- Created attachment 38964 --> http://bugs.winehq.org/attachment.cgi?id=38964 +virtual,+module log -- Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email Do not reply to this email, post in Bugzilla using the above URL to reply. ------- You are receiving this mail because: ------- You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=29899 --- Comment #16 from tizbac2(a)gmail.com 2012-02-19 05:57:24 CST --- You can download the game here http://staff.alteriw.net/tracker/torrents/aIW-Client.torrent if you want to try it yourself , update it under windows and then run iw4mp.dat , if you do not have windows i can give you python version of updater -- Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email Do not reply to this email, post in Bugzilla using the above URL to reply. ------- You are receiving this mail because: ------- You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=29899 --- Comment #17 from Dmitry Timoshkov <dmitry(a)baikal.ru> 2012-02-19 11:18:44 CST --- Is there a demo version that could be used to reproduce it? -- Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email Do not reply to this email, post in Bugzilla using the above URL to reply. ------- You are receiving this mail because: ------- You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=29899 --- Comment #18 from tizbac2(a)gmail.com 2012-02-19 15:06:26 CST --- http://www.mediafire.com/?rnsrbkx72nlde0h *.dll and *.exe which is enough to reproduce the crash Launch iw4mp.dat.exe -- Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email Do not reply to this email, post in Bugzilla using the above URL to reply. ------- You are receiving this mail because: ------- You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=29899 Dmitry Timoshkov <dmitry(a)baikal.ru> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #38922|0 |1 is obsolete| | --- Comment #19 from Dmitry Timoshkov <dmitry(a)baikal.ru> 2012-02-19 22:09:39 CST --- Created attachment 38983 --> http://bugs.winehq.org/attachment.cgi?id=38983 ntdll: Separate image relocation from NtMapViewOfSection This version of the patch should work better. -- Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email Do not reply to this email, post in Bugzilla using the above URL to reply. ------- You are receiving this mail because: ------- You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=29899 --- Comment #20 from Dmitry Timoshkov <dmitry(a)baikal.ru> 2012-02-20 01:04:31 CST --- I sent a test case for this bug: http://www.winehq.org/pipermail/wine-patches/2012-February/111682.html -- Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email Do not reply to this email, post in Bugzilla using the above URL to reply. ------- You are receiving this mail because: ------- You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=29899 --- Comment #21 from tizbac2(a)gmail.com 2012-02-20 09:47:18 CST --- The bug seems to be solved with latest patch , now there's another problem but i think it's unrelated to that -- Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email Do not reply to this email, post in Bugzilla using the above URL to reply. ------- You are receiving this mail because: ------- You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=29899 Dmitry Timoshkov <dmitry(a)baikal.ru> changed: What |Removed |Added ---------------------------------------------------------------------------- Keywords| |patch --- Comment #22 from Dmitry Timoshkov <dmitry(a)baikal.ru> 2012-02-21 02:43:32 CST --- http://www.winehq.org/pipermail/wine-patches/2012-February/111710.html Probably going to be deferred though. -- Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email Do not reply to this email, post in Bugzilla using the above URL to reply. ------- You are receiving this mail because: ------- You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=29899 --- Comment #23 from tizbac2(a)gmail.com 2012-02-21 12:28:49 CST --- Seems that there's still something broken with that, i get random memory corruption on the fixed address dll ( it is a .NET 2.0 dll ) It crashes with random bad instructions on a runtime-created segment -- Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email Do not reply to this email, post in Bugzilla using the above URL to reply. ------- You are receiving this mail because: ------- You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=29899 --- Comment #24 from Dmitry Timoshkov <dmitry(a)baikal.ru> 2012-02-21 13:16:37 CST --- (In reply to comment #23)
Seems that there's still something broken with that, i get random memory corruption on the fixed address dll ( it is a .NET 2.0 dll ) It crashes with random bad instructions on a runtime-created segment
Why do you think that it's related to the patch? -- Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email Do not reply to this email, post in Bugzilla using the above URL to reply. ------- You are receiving this mail because: ------- You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=29899 --- Comment #25 from tizbac2(a)gmail.com 2012-02-21 17:32:25 CST --- (In reply to comment #24)
(In reply to comment #23)
Seems that there's still something broken with that, i get random memory corruption on the fixed address dll ( it is a .NET 2.0 dll ) It crashes with random bad instructions on a runtime-created segment
Why do you think that it's related to the patch?
because it's .net crashing , and .net 2.0 especially its JIT compiler is known to work on wine -- Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email Do not reply to this email, post in Bugzilla using the above URL to reply. ------- You are receiving this mail because: ------- You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=29899 --- Comment #26 from Dmitry Timoshkov <dmitry(a)baikal.ru> 2012-02-21 20:31:35 CST --- (In reply to comment #25)
because it's .net crashing , and .net 2.0 especially its JIT compiler is known to work on wine
Can you try to run some other .net application that needs a JIT compiler with and without the patch and reproduce the problem? -- Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email Do not reply to this email, post in Bugzilla using the above URL to reply. ------- You are receiving this mail because: ------- You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=29899 Anastasius Focht <focht(a)gmx.net> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |focht(a)gmx.net --- Comment #27 from Anastasius Focht <focht(a)gmx.net> 2012-02-22 01:41:48 CST --- Hello, the patch fixes the mapping/relocation issue this bug is about. With that patch applied you are now encountering a different class of problems -> different Wine bugs. "corruption" = obfuscated code. The code makes certain assumptions about the layout of Windows API entries. If you create a new bug for that, you'll get explanation and solution ;-) Regards -- Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email Do not reply to this email, post in Bugzilla using the above URL to reply. ------- You are receiving this mail because: ------- You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=29899 Anastasius Focht <focht(a)gmx.net> changed: What |Removed |Added ---------------------------------------------------------------------------- Blocks| |30000 -- Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email Do not reply to this email, post in Bugzilla using the above URL to reply. ------- You are receiving this mail because: ------- You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=29899 --- Comment #28 from Austin English <austinenglish(a)gmail.com> --- This is your friendly reminder that there has been no bug activity for 2 years. Is this still an issue in current (1.7.16 or newer) wine? -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=29899 --- Comment #29 from Anastasius Focht <focht(a)gmx.net> --- Hello folks, the test was committed here: http://source.winehq.org/git/wine.git/commitdiff/20093556f92fbced66761526b88... ("kernel32: Add a test to show that NtMapViewOfSection should not perform an image... ") The mailing list shows multiple attempts but no final resolution. http://www.winehq.org/pipermail/wine-patches/2012-February/111710.html 2012-02-21 ntdll: Separate image relocation from NtMapViewOfSection http://www.winehq.org/pipermail/wine-patches/2012-March/112565.html 2012-03-19 ntdll: Separate image relocation from NtMapViewOfSection. Resend. http://www.winehq.org/pipermail/wine-patches/2012-April/113746.html 2012-04-27 ntdll: Separate image relocation from NtMapViewOfSection. Resend. So it's obviously still present. $ wine --version wine-1.7.16-133-gd8ca8c2 Regards -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=29899 Qian Hong <fracting(a)gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |fracting(a)gmail.com -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=29899 Sebastian Lackner <sebastian(a)fds-team.de> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |sebastian(a)fds-team.de -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=29899 Dmitry Timoshkov <dmitry(a)baikal.ru> changed: What |Removed |Added ---------------------------------------------------------------------------- Fixed by SHA1| |e67a00b46694625e3c40386008a | |ffac42e7e3847 Status|NEW |RESOLVED Resolution|--- |FIXED --- Comment #30 from Dmitry Timoshkov <dmitry(a)baikal.ru> --- Should be fixed by e67a00b46694625e3c40386008affac42e7e3847. -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=29899 Nikolay Sivov <bunglehead(a)gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Component|-unknown |ntdll -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=29899 Alexandre Julliard <julliard(a)winehq.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |CLOSED --- Comment #31 from Alexandre Julliard <julliard(a)winehq.org> --- Closing bugs fixed in 1.7.55. -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
participants (1)
-
wine-bugs@winehq.org