[Bug 37946] ComputeMark v2.1 crashes on startup (needs 'Win32_VideoController' WMI class 'DriverVersion' property)

https://bugs.winehq.org/show_bug.cgi?id=37946

Anastasius Focht focht@gmx.net changed:

What |Removed |Added ---------------------------------------------------------------------------- Status|UNCONFIRMED |NEW CC| |focht@gmx.net Component|-unknown |wmi&wbemprox Summary|ComputeMark crashes |ComputeMark v2.1 crashes on | |startup (needs | |'Win32_VideoController' WMI | |class 'DriverVersion' | |property) Ever confirmed|0 |1

--- Comment #2 from Anastasius Focht focht@gmx.net --- Hello folks,

confirming.

Although unrelated, don't change the default Windows version of the WINEPREFIX unless you know the technical implications.

Relevant part of trace log:

--- snip --- $ WINEDEBUG=+tid,+seh,+wbemprox,+msvcrt wine ./ComputeMark.exe >>log.txt 2>&1 ... 0029:trace:wbemprox:wbem_services_ExecQuery 0x13d900, L"WQL", L"SELECT * FROM Win32_VideoController", 0x00000030, (nil), 0x33eaf4 0029:trace:wbemprox:grab_table returning 0xf70774cc 0029:trace:wbemprox:parse_query wql_parse returned 0 0029:fixme:win:EnumDisplayDevicesW ((null),0,0x33e1a0,0x00000000), stub! 0029:trace:wbemprox:fill_videocontroller created 1 rows 0029:trace:wbemprox:EnumWbemClassObject_create 0x33eaf4 0029:trace:wbemprox:EnumWbemClassObject_create returning iface 0x13ad18 0029:trace:msvcrt:MSVCRT_operator_delete (0x5c1548) 0029:trace:msvcrt:MSVCRT_operator_delete (0x5c1530) 0029:trace:wbemprox:enum_class_object_Next 0x13ad18, -1, 1, 0x33eaec, 0x33eaf0 0029:trace:wbemprox:create_class_object L"Win32_VideoController", 0x33eaec 0029:trace:wbemprox:create_class_object returning iface 0x141d98 0029:trace:wbemprox:class_object_Get 0x141d98, L"Name", 00000000, 0x33ea8c, (nil), (nil) 0029:trace:wbemprox:class_object_Get 0x141d98, L"DriverVersion", 00000000, 0x33ea7c, (nil), (nil) 0029:trace:msvcrt:pf_printf_w Format is: L"%s, %s (%s)" 0029:trace:seh:raise_exception code=c0000005 flags=0 addr=0x7e771ff5 ip=7e771ff5 tid=0029 0029:trace:seh:raise_exception info[0]=00000000 0029:trace:seh:raise_exception info[1]=000024fc 0029:trace:seh:raise_exception eax=000024fc ebx=7e7a6000 ecx=0033e8a0 edx=0033e830 esi=0003009e edi=00141c94 0029:trace:seh:raise_exception ebp=0033e758 esp=0033e748 cs=0023 ds=002b es=002b fs=0063 gs=006b flags=00010206 --- snip ---

The app gathers info using WMI queries and concatenates them into a big string. It doesn't handle the failure to retrieve 'Win32_VideoController' WMI class 'DriverVersion' property causing the vargs stack location containing uninitialized/random data.

--- snip --- 0033E9D0 0040D600 buffer 0033E9D4 0040AABC format string = "%s, %s (%s)" 0033E9D8 0033E9E8 arglist 0033E9DC 0040692A return address 0033E9E0 0040D600 "Microsoft Windows XP Version = 5.1.2600 (32-bit); ..." 0033E9E4 0040AABC "%s, %s (%s)" 0033E9E8 0040D600 "Microsoft Windows XP Version = 5.1.2600 (32-bit); ..." 0033E9EC 00138B7C "NVIDIA GeForce GTX 470" 0033E9F0 000024FC ; garbage value, ought to be driver version string ... --- snip ---

Tidbit: relay works around because it changes the stack layout/initialization values.

$ sha1sum ComputeMark2.zip d143bbe647620e5dc5e6c1f0647d8c25e99eb46b ComputeMark2.zip

$ du -sh ComputeMark2.zip 1.2M ComputeMark2.zip

$ wine --version wine-1.7.34-126-g0b811ee

Regards