[Bug 51725] New: 7-zip 19.0 (up to 21.03) crashes opening Z: or local file system
https://bugs.winehq.org/show_bug.cgi?id=51725 Bug ID: 51725 Summary: 7-zip 19.0 (up to 21.03) crashes opening Z: or local file system Product: Wine-staging Version: 6.16 Hardware: x86-64 OS: Linux Status: UNCONFIRMED Severity: major Priority: P2 Component: -unknown Assignee: wine-bugs(a)winehq.org Reporter: noabody(a)yahoo.com CC: leslie_alistair(a)hotmail.com, z.figura12(a)gmail.com Distribution: --- Created attachment 70609 --> https://bugs.winehq.org/attachment.cgi?id=70609 Log of both wine/staging 6.16 See attachment: System: Manjaro 21.1.2 (Arch-like) Summary: wine-6.16, 7-zip 19.00 through 21.03 can open "Z:" drive local filesystem without issue. wine-6.16 (Staging), 7-zip 19.00 through 21.03 cannot open "Z:" drive local filesystem without immediate crash. See 7zip.org to download and test. -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=51725 noabody(a)yahoo.com changed: What |Removed |Added ---------------------------------------------------------------------------- Distribution|--- |ArchLinux URL| |7zip.org -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=51725 --- Comment #1 from noabody(a)yahoo.com --- Clean, default (64-bit) wine prefix. -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=51725 --- Comment #2 from noabody(a)yahoo.com --- Steps to reproduce: Delete .wine, run winecfg, wine 7z1900-x64.exe, run 7zFM.exe, double-click computer, double-click "Z:", crash dialog appears that states "Unknown error" Can be bypassed by setting the registry to existing "Z" location Windows Registry Editor Version 5.00 [HKEY_CURRENT_USER\Software\7-Zip\FM] "PanelPath0"="Z:\\home\\" -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=51725 Fabian Maurer <dark.shadow4(a)web.de> changed: What |Removed |Added ---------------------------------------------------------------------------- Ever confirmed|0 |1 Severity|major |normal Keywords| |download Status|UNCONFIRMED |NEW URL|7zip.org |https://www.7-zip.org/a/7z1 | |900-x64.exe CC| |dark.shadow4(a)web.de --- Comment #3 from Fabian Maurer <dark.shadow4(a)web.de> --- Confirming. Only happens on wine-staging, vanilla wine works fine. Might do a bisect tomorrow. -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=51725 Bernhard Übelacker <bernhardu(a)mailbox.org> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |bernhardu(a)mailbox.org, | |erich.e.hoover(a)gmail.com --- Comment #4 from Bernhard Übelacker <bernhardu(a)mailbox.org> --- A git bisect with the matching staging patchset on top of wine-6.17 leads to this patch: 1779284948ef7563221521a487c0b0afb6890776 is the first bad commit commit 1779284948ef7563221521a487c0b0afb6890776 Author: Erich E. Hoover <erich.e.hoover(a)wine-staging.com> Date: Sat Feb 6 16:32:44 2021 -0700 ntdll: Treat undecoded unix symlinks as WSL Linux/Unix symlinks. dlls/ntdll/unix/file.c | 62 +++++++++++++++++++++++++++++--------------------- include/ntifs.h | 4 ++++ include/winnt.h | 1 + 3 files changed, 41 insertions(+), 26 deletions(-) I hope it is ok to loop in Erich? -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=51725 --- Comment #5 from Bernhard Übelacker <bernhardu(a)mailbox.org> --- A short investigation with rr points to these actions: - DeviceIoControl(FSCTL_GET_REPARSE_POINT) get called for "Z:\\initrd.img" - This sets "*returned = piosb->Information;" Unfortunately piosb->Information seems not to contain valid data. - And 7-Zip uses the value in returned for a malloc and memcpy which produces a segfault. Following small change seems to make the fault in 7-Zip go away: @@ -6644,6 +6666,7 @@ NTSTATUS WINAPI NtFsControlFile( HANDLE handle, HANDLE event, PIO_APC_ROUTINE ap } case FSCTL_GET_REPARSE_POINT: { + io->Information = 0; REPARSE_DATA_BUFFER *buffer = (REPARSE_DATA_BUFFER *)out_buffer; status = get_reparse_point( handle, buffer, out_size ); break; -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=51725 --- Comment #6 from Erich E. Hoover <erich.e.hoover(a)gmail.com> --- (In reply to Bernhard Übelacker from comment #4)
... I hope it is ok to loop in Erich?
Yup, you should always feel free to loop me in. (In reply to Bernhard Übelacker from comment #5)
... + io->Information = 0; REPARSE_DATA_BUFFER *buffer = (REPARSE_DATA_BUFFER *)out_buffer; status = get_reparse_point( handle, buffer, out_size ); break;
Would you mind tweaking this to try setting io->Information to the size of the buffer? I believe that a quick tweak of this should be: buffer->ReparseDataLength + FIELD_OFFSET(typeof(*buffer), GenericReparseBuffer) -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=51725 --- Comment #7 from Bernhard Übelacker <bernhardu(a)mailbox.org> --- I applied following on top of b5e17b66 with the matching staging patchset. And 7zFM shows no problem with it when entering the Z: drive. @@ -6721,6 +6721,7 @@ NTSTATUS WINAPI NtFsControlFile( HANDLE handle, HANDLE event, PIO_APC_ROUTINE ap { REPARSE_DATA_BUFFER *buffer = (REPARSE_DATA_BUFFER *)out_buffer; status = get_reparse_point( handle, buffer, out_size ); + io->Information = buffer->ReparseDataLength + FIELD_OFFSET(typeof(*buffer), GenericReparseBuffer); break; } -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=51725 --- Comment #8 from Erich E. Hoover <erich.e.hoover(a)gmail.com> --- (In reply to Bernhard Übelacker from comment #7)
I applied following on top of b5e17b66 with the matching staging patchset. And 7zFM shows no problem with it when entering the Z: drive.
@@ -6721,6 +6721,7 @@ NTSTATUS WINAPI NtFsControlFile( HANDLE handle, HANDLE event, PIO_APC_ROUTINE ap { REPARSE_DATA_BUFFER *buffer = (REPARSE_DATA_BUFFER *)out_buffer; status = get_reparse_point( handle, buffer, out_size ); + io->Information = buffer->ReparseDataLength + FIELD_OFFSET(typeof(*buffer), GenericReparseBuffer); break; }
Wonderful, this particular call stores the size of the buffer in that field, so the garbage value likely resulted in an insanely large malloc. I'll rework the routine to properly hold on to the buffer size (so that this can be done in a less kludgy way) and get the patch updated. -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=51725 --- Comment #9 from Erich E. Hoover <erich.e.hoover(a)gmail.com> --- This should now be fixed in wine-staging 6.23 (commit 24753f8756ff982ee20cbb98bda79b15c8c3d57d). Please retest when you have a chance, thanks! -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=51725 --- Comment #10 from noabody(a)yahoo.com --- My distro updated today with Wine Staging 6.23 and 7-zip works fine. Thank you! -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=51725 noabody(a)yahoo.com changed: What |Removed |Added ---------------------------------------------------------------------------- Resolution|--- |FIXED Status|NEW |RESOLVED --- Comment #11 from noabody(a)yahoo.com --- See https://bugs.winehq.org/show_bug.cgi?id=51725#c9 -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=51725 Zebediah Figura <z.figura12(a)gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Fixed by SHA1| |24753f8756ff982ee20cbb98bda | |79b15c8c3d57d Status|RESOLVED |CLOSED --- Comment #12 from Zebediah Figura <z.figura12(a)gmail.com> --- Closing bugs fixed in wine-staging 6.23. -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
participants (1)
-
WineHQ Bugzilla