[Bug 59708] New: d3d9: missing MSVC vtable byte-pattern
http://bugs.winehq.org/show_bug.cgi?id=59708 Bug ID: 59708 Summary: d3d9: missing MSVC vtable byte-pattern Product: Wine Version: 11.7 Hardware: x86-64 OS: Linux Status: UNCONFIRMED Severity: normal Priority: P2 Component: d3d Assignee: wine-bugs@list.winehq.org Reporter: danielginovker@gmail.com Distribution: --- Created attachment 80842 --> http://bugs.winehq.org/attachment.cgi?id=80842 Proposed patch (git format-patch). Adds an 18-byte MSVC-pattern marker after d3d9_device_vtbl in dlls/d3d9/device.c plus a conformance test in dlls/d3d9/tests/device.c. Wine's d3d9.dll is MinGW GCC-built and doesn't contain the MSVC C++ vtable-init byte sequence (c7 06 ?? 89 86 ?? 89 86) that some closed-source overlay/hook libraries scan for to locate the IDirect3DDevice9 vtable. Concrete affected case: bfmeladder.com's BFME Online Arena. Its dinput8.dll proxy fails to install hooks on Wine, so the Arena's 30-second Automated Matchmaking Test times out with "the overlay didn't load in 30 seconds." Repro: install https://bfmeladder.com/download under Wine staging, sign in, pick any game and patch, watch the test fail. Proposed patch attached: 18-byte packed const struct after d3d9_device_vtbl in .rdata, reproducing the pattern with &d3d9_device_vtbl as imm32. Not referenced by any Wine code. Conformance test included. -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=59708 --- Comment #1 from danielginovker@gmail.com <danielginovker@gmail.com> --- Created attachment 80843 --> http://bugs.winehq.org/attachment.cgi?id=80843 Standalone PoC: scans loaded d3d9.dll for the byte pattern, dereferences the imm32, sanity-checks vtable[16]/[17] fall inside the module. Build with mingw-w64 (i686-w64-mingw32-gcc -lpsapi). Real Windows: PASS. Wine unpatched: FAIL. Wine + proposed patch: -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=59708 danielginovker@gmail.com <danielginovker@gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |leslie_alistair@hotmail.com --- Comment #2 from danielginovker@gmail.com <danielginovker@gmail.com> --- Submitting attachment 80842 for consideration in wine-staging, per the Contributing wiki guidance (CC a Staging maintainer with an explicit request). This is a targeted MSVC-pattern compat shim. Wine's d3d9 is built with MinGW GCC, which emits a different prologue than MSVC; some games scan d3d9 for the exact MSVC vtable-init pattern as a "genuine D3D9" check. Hardcoding an MSVC-style marker is unlikely to be acceptable upstream, since the proper long-term fix is matching MSVC code generation. Hopefully this is acceptable by staging though since it unblocks at least 1 game. Affected game and repro are in the bug description (Battle for Middle-earth Online Battle Arena, https://bfmeladder.com/download). PoC (attachment 80843) shows the scan failing on unpatched Wine and passing on real Windows / Wine + this patch. CC'ing Alistair Leslie-Hughes per the Staging maintainer guidance. -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=59708 Zeb Figura <z.figura12@gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |z.figura12@gmail.com --- Comment #3 from Zeb Figura <z.figura12@gmail.com> --- Thanks. Hopefully this can go directly upstream without needing to worry about wine-staging. I added a couple more tests, and I'm curious, does this mod actually work on modern Windows? It looks quite like the structure there is a fake vtbl. The vtbl itself doesn't match what's set on a real device, and not all the methods do either. Present() matches the real Present() but Reset() doesn't. I suppose maybe that's enough that the mod still works... -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=59708 --- Comment #4 from danielginovker@gmail.com <danielginovker@gmail.com> --- Yes this mod works on modern Windows, it's basically the most popular way to play Battle for Middle Earth. There are dozens of us using it every day (dozens!) The mod itself is super hacky though. It launches the game/detects the game launch/disables your mouse/keyboard while it clicks buttons for you, and then once the game is set up, it gives you back access -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=59708 Bernhard Übelacker <bernhardu@mailbox.org> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |bernhardu@mailbox.org --- Comment #5 from Bernhard Übelacker <bernhardu@mailbox.org> --- Is this bug fixed with following commit? https://gitlab.winehq.org/wine/wine/-/commit/6481c2060313698b04606a8db28da6c... -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=59708 Zeb Figura <z.figura12@gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Resolution|--- |FIXED Status|UNCONFIRMED |RESOLVED --- Comment #6 from Zeb Figura <z.figura12@gmail.com> --- Fixed upstream by 6481c2060313698b04606a8db28da6cf67559f07. -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=59708 Zeb Figura <z.figura12@gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Fixed by SHA1| |6481c2060313698b04606a8db28 | |da6cf67559f07 -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
participants (1)
-
WineHQ Bugzilla