https://bugs.winehq.org/show_bug.cgi?id=43733
Zebediah Figura z.figura12@gmail.com changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |z.figura12@gmail.com
--- Comment #3 from Zebediah Figura z.figura12@gmail.com --- In true Fochtian style.
The game crashes at 0x4c288f:
4c2889: ff 15 c8 aa c1 00 call *0xc1aac8 4c288f: 5f pop %edi
And if we look for this address, we find:
4c230a: e8 b1 e2 ff ff call 0x4c05c0 4c230f: 84 c0 test %al,%al 4c2311: 75 27 jne 0x4c233a 4c2313: 68 08 e1 a9 00 push $0xa9e108 4c2318: ff 15 f8 32 99 00 call *0x9932f8 4c231e: 68 20 e1 a9 00 push $0xa9e120 4c2323: 50 push %eax 4c2324: ff 15 5c 33 99 00 call *0x99335c 4c232a: 8b c8 mov %eax,%ecx 4c232c: 33 c0 xor %eax,%eax 4c232e: 85 c9 test %ecx,%ecx 4c2330: 89 0d c8 aa c1 00 mov %ecx,0xc1aac8
i.e.
if (!4c05c0()) pUpdateLayeredWindow = GetProcAddress(GetModuleHandle(L"user32.dll"), "UpdateLayeredWindow")
And that function is:
4c05c4: 8d 45 fc lea -0x4(%ebp),%eax 4c05c7: 50 push %eax 4c05c8: 68 19 00 02 00 push $0x20019 4c05cd: 6a 00 push $0x0 4c05cf: 68 f4 df a9 00 push $0xa9dff4 4c05d4: 68 01 00 00 80 push $0x80000001 4c05d9: ff 15 0c 30 99 00 call *0x99300c 4c05df: 85 c0 test %eax,%eax 4c05e1: 75 0f jne 0x4c05f2 4c05e3: ff 75 fc pushl -0x4(%ebp) 4c05e6: ff 15 00 30 99 00 call *0x993000 4c05ec: b0 01 mov $0x1,%al 4c05ee: 8b e5 mov %ebp,%esp 4c05f0: 5d pop %ebp 4c05f1: c3 ret 4c05f2: 32 c0 xor %al,%al
i.e.
if (!RegOpenKeyExW(HKEY_CURRENT_USER, L"Software\Wine", 0, KEY_READ, &hkey)) { RegCloseKey(hkey); return 1; } return 0;
To summarize: The application is Wine-aware. I suspect it was trying to work around some bug in UpdateLayeredWindow(), but then some part of that code path broke.
It's not really obvious what this code path is, if there is one.