[Bug 36521] New: Star Wars rebellion update 1.01 crashes on start
https://bugs.winehq.org/show_bug.cgi?id=36521 Bug ID: 36521 Summary: Star Wars rebellion update 1.01 crashes on start Product: Wine Version: 1.7.19 Hardware: x86-64 OS: Linux Status: UNCONFIRMED Severity: normal Priority: P2 Component: -unknown Assignee: wine-bugs(a)winehq.org Reporter: jopac76(a)mail.com Created attachment 48603 --> https://bugs.winehq.org/attachment.cgi?id=48603 Output of the crash Just installed the game, ran it, tried running the patch and it crashes before anything. Link to patch: http://swrebellion.com/downloads/modules.php?name=Downloads&d_op=viewdownloa... 7ae576e99c8b623032e5ab96f384ad354d0e4230 rsupd101.exe -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=36521 jopac76(a)mail.com changed: What |Removed |Added ---------------------------------------------------------------------------- Keywords| |Installer -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=36521 Anastasius Focht <focht(a)gmx.net> changed: What |Removed |Added ---------------------------------------------------------------------------- Keywords| |download Status|UNCONFIRMED |NEW URL| |http://swrebellion.com/down | |loads/modules.php?name=Down | |loads&d_op=viewdownloaddeta | |ils&lid=41&ttitle=1.01_Upda | |te_for_Rebellion CC| |focht(a)gmx.net Summary|Star Wars rebellion update |Star Wars rebellion update |1.01 crashes on start |1.01 crashes on start | |(quoted process command | |line only created with | |special 'My Documents' | |folder) Ever confirmed|0 |1 --- Comment #1 from Anastasius Focht <focht(a)gmx.net> --- Hello folks, confirming. The installer expects a double quoted command line. It calls GetCommandLineA(), skips the first character and copies up to 0x104 characters to a stack-based buffer. It then continues to search the stack-based buffer for the closing double-quote. The search just overruns stack top (increment), landing in unmapped area, causing the fault. --- snip --- $ WINEDEBUG=+tid,+seh,+relay wine rsupd101.exe >>log.txt 2>&1 ... 0023:Call KERNEL32.GetCommandLineA() ret=00401846 0023:Ret KERNEL32.GetCommandLineA() retval=0012b560 ret=00401846 0023:trace:seh:raise_exception code=c0000005 flags=0 addr=0x401868 ip=00401868 tid=0023 0023:trace:seh:raise_exception info[0]=00000000 0023:trace:seh:raise_exception info[1]=00340000 0023:trace:seh:raise_exception eax=00000374 ebx=7b8bb000 ecx=00000000 edx=00000000 esi=0012b584 edi=00000000 0023:trace:seh:raise_exception ebp=0033fe20 esp=0033fc84 cs=0023 ds=002b es=002b fs=0063 gs=006b flags=00010297 0023:trace:seh:call_stack_handlers calling handler at 0x40bf4b code=c0000005 flags=0 0023:trace:seh:call_stack_handlers handler at 0x40bf4b returned 1 0023:trace:seh:call_stack_handlers calling handler at 0x409ab8 code=c0000005 flags=0 0023:Call KERNEL32.UnhandledExceptionFilter(0033f760) ret=0040900a wine: Unhandled page fault on read access to 0x00340000 at address 0x401868 ... Unhandled exception: page fault on read access to 0x00340000 in 32-bit code (0x00401868). Register dump: CS:0023 SS:002b DS:002b ES:002b FS:0063 GS:006b EIP:00401868 ESP:0033fc84 EBP:0033fe20 EFLAGS:00010297( R- -- I S -A-P-C) EAX:00000374 EBX:7b8bb000 ECX:00000000 EDX:00000000 ESI:0012b584 EDI:00000000 Stack dump: 0x0033fc84: 0012b584 0040c140 6f685c3a 665c656d 0x0033fc94: 7468636f 776f445c 616f6c6e 725c7364 0x0033fca4: 64707573 2e313031 00657865 00000000 0x0033fcb4: 00000000 00000000 00000000 00000000 0x0033fcc4: 00000000 00000000 00000000 00000000 0x0033fcd4: 00000000 00000000 00000000 00000000 000c: sel=0067 base=00000000 limit=00000000 16-bit --x Backtrace: =>0 0x00401868 in rsupd101 (+0x1868) (0x0033fe20) 1 0x7b864208 call_process_entry+0xb() in kernel32 (0x0033fe38) ... 0x00401868: movb 0x8(%esp,%eax,1),%cl Modules: Module Address Debug info Name (29 modules) PE 400000- 414000 Export rsupd101 ... Threads: process tid prio (all id:s are in hex) ... 00000022 (D) Z:\home\focht\Downloads\rsupd101.exe 00000023 0 <== --- snip --- In Windows, applications always get a quoted command line when being started through shell/explorer (ShellExecuteEx). Wine's Shell/Explorer should do the same - unfortunately it depends on where you start the executable (double click). This works: 'wine explorer' -> 'My Documents' -> navigate to folder where the executable is saved and double click. This doesn't work: 'wine explorer' -> 'My Computer' -> 'Z:' ... -> navigate to folder where the executable is saved and double click (installer crashes). A short debugging sessions shows the behaviour. NOTE: 'My Documents' symlink doesn't exist on my machine hence $HOME is substituted. --- snip --- $ winedbg "C:\\users\\focht\\My Documents\\Downloads\\rsupd101.exe" Wine-dbg>b GetCommandLineA ... Wine-dbg>p cmdlineA ""C:\users\focht\My Documents\Downloads\rsupd101.exe" " <starts fine> --- snip --- --- snip --- $ winedbg "z:\\home\\focht\\Downloads\\rsupd101.exe" Wine-dbg>b GetCommandLineA ... Wine-dbg>p cmdlineA "z:\home\focht\Downloads\rsupd101.exe " <crash> --- snip --- As current workaround you need to use the special folder trick which creates the quoted command line. $ sha1sum rsupd101.exe 7ae576e99c8b623032e5ab96f384ad354d0e4230 rsupd101.exe $ du -sh rsupd101.exe 1.2M rsupd101.exe $ wine --version wine-1.7.19-56-gee13e10 Regards -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=36521 --- Comment #2 from Anastasius Focht <focht(a)gmx.net> --- Hello folks, revisiting, still present. Another download: https://stargate-eaw.de/index.php/de/media/downloads/file/12-forces-of-corru... --- snip --- $ WINEDEBUG=+tid,+seh,+relay wine ./FOC11.exe >>log.txt 2>&1 ... 002a:Call comctl32.InitCommonControls() ret=00402525 002a:Ret comctl32.InitCommonControls() retval=7ec9fac3 ret=00402525 002a:Call KERNEL32.GetCommandLineA() ret=004057ed 002a:Ret KERNEL32.GetCommandLineA() retval=0013a8e0 ret=004057ed 002a:trace:seh:raise_exception code=c0000005 flags=0 addr=0x405810 ip=00405810 tid=002a 002a:trace:seh:raise_exception info[0]=00000000 002a:trace:seh:raise_exception info[1]=00470000 002a:trace:seh:raise_exception eax=00463700 ebx=00463720 ecx=00000000 edx=00000065 esi=0000c8d8 edi=00463728 002a:trace:seh:raise_exception ebp=0033fe40 esp=0033fcec cs=0023 ds=002b es=002b fs=0063 gs=006b flags=00010283 002a:trace:seh:call_stack_handlers calling handler at 0x41f5ac code=c0000005 flags=0 002a:Call KERNEL32.VirtualQuery(00427e98,0033f7b4,0000001c) ret=004240cb 002a:Ret KERNEL32.VirtualQuery() retval=0000001c ret=004240cb ... 002a:Call KERNEL32.GetLastError() ret=00420e64 002a:Ret KERNEL32.GetLastError() retval=00000000 ret=00420e64 002a:Call KERNEL32.UnhandledExceptionFilter(0033f7f0) ret=00423884 wine: Unhandled page fault on read access to 0x00470000 at address 0x405810 (thread 002a), starting debugger... 002a:trace:seh:start_debugger Starting debugger "winedbg --auto 41 84" 002a:Ret KERNEL32.UnhandledExceptionFilter() retval=00000000 ret=00423884 002a:trace:seh:call_stack_handlers handler at 0x41f5ac returned 1 002a:trace:seh:call_stack_handlers calling handler at 0x7bcad132 code=c0000005 flags=0 002a:Call KERNEL32.UnhandledExceptionFilter(0033f7e4) ret=7bcad16d 002a:Ret KERNEL32.UnhandledExceptionFilter() retval=00000000 ret=7bcad16d 002a:trace:seh:call_stack_handlers handler at 0x7bcad132 returned 1 Unhandled exception: page fault on read access to 0x00470000 in 32-bit code (0x00405810). Register dump: CS:0023 SS:002b DS:002b ES:002b FS:0063 GS:006b EIP:00405810 ESP:0033fcec EBP:0033fe40 EFLAGS:00010283( R- -- I S - - -C) EAX:00463700 EBX:00463720 ECX:00000000 EDX:00000065 ESI:0000c8d8 EDI:00463728 ... Backtrace: =>0 0x00405810 in foc11 (+0x5810) (0x0033fe40) 1 0x7b46b5d8 call_process_entry+0xb() in kernel32 (0x0033fe58) 2 0x7b46b703 start_process+0x128(peb=<couldn't compute location>) [/home/focht/projects/wine/wine.repo/src/dlls/kernel32/process.c:1108] in kernel32 (0x0033fe98) 3 0x7bc923d0 call_thread_func_wrapper+0xb() in ntdll (0x0033feb8) 4 0x7bc9240b call_thread_func+0x30(entry=0x7b46b5da, arg=0x7ffdf000, frame=0x33ffb8) [/home/focht/projects/wine/wine.repo/src/dlls/ntdll/signal_i386.c:2759] in ntdll (0x0033ff98) 5 0x7bc923ae call_thread_entry_point+0x11() in ntdll (0x0033ffb8) 6 0x7bc68f57 start_process+0x21(kernel_start=0x7b46b5da) [/home/focht/projects/wine/wine.repo/src/dlls/ntdll/loader.c:3047] in ntdll (0x0033ffe8) ... Modules: Module Address Debug info Name (52 modules) PE 400000- 45a000 Export foc11 ELF 7b400000-7b7e8000 Dwarf kernel32<elf> \-PE 7b420000-7b7e8000 \ kernel32 ELF 7bc00000-7bd09000 Dwarf ntdll<elf> \-PE 7bc30000-7bd09000 \ ntdll ELF 7c000000-7c004000 Dwarf <wine-loader> ... 00000029 (D) Z:\home\focht\Downloads\FOC11.exe 0000002a 0 <== ... --- snip --- $ sha1sum FOC11.exe 05f34ff98d0c930473d458b042765ff2b7522ce1 FOC11.exe $ du -sh FOC11.exe 21M FOC11.exe $ wine --version wine-2.0-rc4 Regards -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=36521 joaopa <jeremielapuree(a)yahoo.fr> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |jeremielapuree(a)yahoo.fr --- Comment #3 from joaopa <jeremielapuree(a)yahoo.fr> --- Created attachment 66447 --> https://bugs.winehq.org/attachment.cgi?id=66447 All is fine Tested with wine-5.1. Patch worked. Can an administrator close this bug as FIXED? -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=36521 Vijay Kamuju <infyquest(a)gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Resolution|--- |FIXED CC| |infyquest(a)gmail.com Status|NEW |RESOLVED --- Comment #4 from Vijay Kamuju <infyquest(a)gmail.com> --- Reported fixed -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=36521 Anastasius Focht <focht(a)gmx.net> changed: What |Removed |Added ---------------------------------------------------------------------------- Fixed by SHA1| |ceb32f668360ef51b932fa63508 | |58a6b8d2d26ec URL|http://swrebellion.com/down |https://web.archive.org/web |loads/modules.php?name=Down |/20130528085133/http://www. |loads&d_op=viewdownloaddeta |swrebellion.com/files/rsupd |ils&lid=41&ttitle=1.01_Upda |101.exe |te_for_Rebellion | Component|-unknown |kernel32 --- Comment #5 from Anastasius Focht <focht(a)gmx.net> --- Hello folks, this was fixed by commit https://source.winehq.org/git/wine.git/commitdiff/ceb32f668360ef51b932fa6350... ("kernel32: Quote first command line arg in process paramenters."). Part of Wine 4.19 release. Thanks Jeff Also referenced in bug 47790 Technically a dupe but since that bug has been already closed with a non-generic summary appearing in release notes it's sensible to keep them separate. Regards -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=36521 Alexandre Julliard <julliard(a)winehq.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |CLOSED --- Comment #6 from Alexandre Julliard <julliard(a)winehq.org> --- Closing bugs fixed in 5.2. -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
participants (2)
-
wine-bugs@winehq.org -
WineHQ Bugzilla