https://bugs.winehq.org/show_bug.cgi?id=33275
Anastasius Focht focht@gmx.net changed:
What |Removed |Added ---------------------------------------------------------------------------- Keywords| |download Status|UNCONFIRMED |NEW URL| |http://www.gamershell.com/d | |ownload_4929.shtml Ever confirmed|0 |1
--- Comment #15 from Anastasius Focht focht@gmx.net --- Hello folks,
thanks for "inviting" me here :) I took a brief look at this as I'm currently busy with other projects.
Looks like a Linux kernel bug to me -> upstream.
The game tries to determine the exact CPU type by executing various (legacy) checks. During the check for 80286 and 80386 CPU type, the nested task (NT) flag gets set along with I/O Privilege Level (IOPL, 2 bits) and some reserved bit (through 'popfw').
Upon syscall entry, the IOPL bits get cleared as configured through MSR_SYSCALL_MASK but the NT flag is not touched at all, getting propagated to task switching code.
Reduced test case:
--- snip --- /* Compile: gcc -m32 -o ntflag ntflag.c Run: while true ; do ./ntflag ; done */ #include <stdio.h>
int main () { asm volatile("pushfl \n\t" \ "pop %eax \n\t" \ "or $0x4000,%eax \n\t" \ "push %eax \n\t" \ "popfl \n\t"); printf("exit or segfault\n"); return 0; } --- snip ---
x86 syscall_init() MSR_SYSCALL_MASK should also include 'X86_EFLAGS_NT' to be safe from userspace injection.
$ sha1sum DemoFarCry.zip 65200be08d5deab0f25eed9bba915e8da374933e DemoFarCry.zip
$ du -sh DemoFarCry.zip 497M DemoFarCry.zip
$ wine --version wine-1.7.26-97-g2398124
Regards