https://bugs.winehq.org/show_bug.cgi?id=44803
--- Comment #7 from Anastasius Focht focht@gmx.net --- Hello Raphael,
--- quote --- Could it be that having UPnP enabled could trigger some different code paths? --- quote ---
well, that important information was missing in initial comments.
I checked the modules list from your backtrace again and indeed there is a module 'miniupnpc.dll' mapped into process space that I don't have with a default AOE2/Expanion sets install.
Your backtrace:
--- snip --- ... wine: Unhandled privileged instruction at address 0x7e23f895 (thread 0056), starting debugger... ... Unhandled exception: privileged instruction in 32-bit code (0x7e23f895). 0062:fixme:dbghelp:elf_search_auxv can't find symbol in module Register dump: CS:0023 SS:002b DS:002b ES:002b FS:0063 GS:006b EIP:7e23f895 ESP:00339358 EBP:00339358 EFLAGS:00210206( R- -- I - -P- ) EAX:00000000 EBX:00000128 ECX:003393a0 EDX:00000000 ESI:003393f8 EDI:00000000 Stack dump: 0x00339358: 003393b4 5df0893c 00000128 003393a0 0x00339368: 00000010 00000000 00000000 0033b81c 0x00339378: 003393f0 00000001 003393e8 00000000 0x00339388: 00000000 7bc3cd96 003393a8 00000001 0x00339398: 00000128 00000000 00000002 00000000 0x003393a8: 00000000 00000000 000023e4 0033b804 Backtrace: =>0 0x7e23f895 WS_bind+0x5() in ws2_32 (0x00339358) 1 0x00000000 (0x00339358) 2 0x5df0893c in dpwsockx (+0x893b) (0x003393b4) 3 0x5df084a3 in dpwsockx (+0x84a2) (0x0033b804) 4 0x5e08706e in dplayx (+0x706d) (0x0033b854) 5 0x5e0872fb in dplayx (+0x72fa) (0x0033b8a0) 6 0x5e0873e0 in dplayx (+0x73df) (0x0033b8c0) 7 0x005ccf57 in age2_x2 (+0x1ccf56) (0x0033bb10) 0x7e23f895 WS_bind+0x5 in ws2_32: inb $0xf0,%al Modules: Module Address Debug info Name (138 modules) PE 400000- 7e6000 Export age2_x2 PE 1050000- 110a000 Deferred language_x1_p1 PE 9dc0000- 9e51000 Deferred language PE 10000000-1005e000 Deferred language_x1 PE 5df00000-5df16000 Export dpwsockx PE 5e080000-5e0bb000 Export dplayx PE 6ad80000-6ad95000 Deferred miniupnpc ... --- snip ---
This 'miniupnpc' dll seems to be distributed by some unofficial? game patches/installers. I found one installer here: http://jonathanrooke.co.uk/ror/phpbb/viewtopic.php?f=2&t=177
The original 'MiniUPnP' project seems to be here:
http://miniupnp.free.fr/files/
Even with the dll in place and router (Fritzbox) having UPnP enabled I couldn't reproduce the crash.
--- snip --- ... 002b:Call ws2_32.WSAStartup(00000101,0033d188) ret=007db0e4 002b:Ret ws2_32.WSAStartup() retval=00000000 ret=007db0e4 002b:Call KERNEL32.LoadLibraryA(007db720 "age2_x1\miniupnpc.dll") ret=007db0f7 002b:trace:snoop:SNOOP_SetupDLL hmod=0x6ad80000, name=miniupnpc.dll ... 002b:Call PE DLL (proc=0x6ad810c0,module=0x6ad80000 L"miniupnpc.dll",reason=PROCESS_ATTACH,res=(nil)) 002b:Call msvcrt.malloc(00000080) ret=6ad8112c 002b:Call ntdll.RtlAllocateHeap(00b10000,00000000,00000080) ret=7d67dd27 002b:Ret ntdll.RtlAllocateHeap() retval=00b11390 ret=7d67dd27 002b:Ret msvcrt.malloc() retval=00b11390 ret=6ad8112c 002b:Call KERNEL32.GetModuleHandleA(6ad8c000 "libgcc_s_dw2-1.dll") ret=6ad811c2 002b:Ret KERNEL32.GetModuleHandleA() retval=00000000 ret=6ad811c2 002b:Call msvcrt.__dllonexit(6ad8123c,6ad8f000,6ad8f010) ret=6ad81051 002b:Call ntdll.RtlReAllocateHeap(00b10000,00000000,00b11390,00000004) ret=7d67de5c 002b:Ret ntdll.RtlReAllocateHeap() retval=00b11390 ret=7d67de5c 002b:Ret msvcrt.__dllonexit() retval=6ad8123c ret=6ad81051 002b:Call msvcrt.__dllonexit(6ad85d60,6ad8f000,6ad8f010) ret=6ad81051 002b:Call ntdll.RtlReAllocateHeap(00b10000,00000000,00b11390,00000008) ret=7d67de5c 002b:Ret ntdll.RtlReAllocateHeap() retval=00b11390 ret=7d67de5c 002b:Ret msvcrt.__dllonexit() retval=6ad85d60 ret=6ad81051 002b:Ret PE DLL (proc=0x6ad810c0,module=0x6ad80000 L"miniupnpc.dll",reason=PROCESS_ATTACH,res=(nil)) retval=1 002b:Ret KERNEL32.LoadLibraryA() retval=6ad80000 ret=007db0f7 002b:Call KERNEL32.GetProcAddress(6ad80000,007db736 "upnpDiscover") ret=007db115 002b:Ret KERNEL32.GetProcAddress() retval=00390220 ret=007db115 002b:Call KERNEL32.GetProcAddress(6ad80000,007db743 "UPNP_GetValidIGD") ret=007db11f 002b:Ret KERNEL32.GetProcAddress() retval=003901a9 ret=007db11f 002b:Call KERNEL32.GetProcAddress(6ad80000,007db754 "UPNP_AddPortMapping") ret=007db12b 002b:Ret KERNEL32.GetProcAddress() retval=00390055 ret=007db12b 002b:Call KERNEL32.GetProcAddress(6ad80000,007db768 "UPNP_DeletePortMapping") ret=007db137 002b:Ret KERNEL32.GetProcAddress() retval=00390088 ret=007db137 002b:Call KERNEL32.GetProcAddress(6ad80000,007db77f "UPNP_GetSpecificPortMappingEntry") ret=007db143 002b:Ret KERNEL32.GetProcAddress() retval=00390143 ret=007db143 002b:Call KERNEL32.GetProcAddress(6ad80000,007db7a0 "FreeUPNPUrls") ret=007db14f 002b:Ret KERNEL32.GetProcAddress() retval=00390011 ret=007db14f 002b:Call KERNEL32.GetProcAddress(6ad80000,007db7ad "freeUPNPDevlist") ret=007db15b 002b:Ret KERNEL32.GetProcAddress() retval=003901cb ret=007db15b 002b:CALL miniupnpc.upnpDiscover(<unknown, check return>) ret=007db1d6 002b:Call ws2_32.socket(00000002,00000002,00000011) ret=6ad8289f ... 002b:Ret ws2_32.socket() retval=0000008c ret=6ad8289f 002b:Call ws2_32.inet_addr(6ad8c66a "223.255.255.255") ret=6ad8294c 002b:Ret ws2_32.inet_addr() retval=ffffffdf ret=6ad8294c 002b:Call iphlpapi.GetBestRoute(ffffffdf,00000000,0033d0ac) ret=6ad82967 ... 002b:Ret iphlpapi.GetBestRoute() retval=00000000 ret=6ad82967 ... 002b:Call iphlpapi.GetIpAddrTable(00b113a8,0033d10c,00000000) ret=6ad8299e .... 002b:Ret iphlpapi.GetIpAddrTable() retval=0000007a ret=6ad8299e ... 002b:Call iphlpapi.GetIpAddrTable(00b113a8,0033d10c,00000000) ret=6ad829da ... 002b:Ret iphlpapi.GetIpAddrTable() retval=00000000 ret=6ad829da 002b:Call ws2_32.setsockopt(0000008c,00000000,00000009,0033d108,00000004) ret=6ad82a42 ... 002b:Ret ws2_32.setsockopt() retval=00000000 ret=6ad82a42 ... 002b:Call ws2_32.setsockopt(0000008c,0000ffff,00000004,0033d114,00000004) ret=6ad82abd 002b:Call ntdll.wine_server_handle_to_fd(0000008c,00000000,0033c7ac,00000000) ret=7deacd7b 002b:Ret ntdll.wine_server_handle_to_fd() retval=00000000 ret=7deacd7b 002b:Call ntdll.wine_server_release_fd(0000008c,0000000f) ret=7deacdbf 002b:Ret ntdll.wine_server_release_fd() retval=00000000 ret=7deacdbf 002b:Ret ws2_32.setsockopt() retval=00000000 ret=6ad82abd 002b:Call ws2_32.bind(0000008c,0033d028,00000010) ret=6ad82bab 002b:Call ntdll.wine_server_handle_to_fd(0000008c,00000000,0033c86c,00000000) ret=7deacd7b 002b:Ret ntdll.wine_server_handle_to_fd() retval=00000000 ret=7deacd7b 002b:Call KERNEL32.LoadLibraryA(7decc998 "iphlpapi.dll") ret=7debfba7 002b:Ret KERNEL32.LoadLibraryA() retval=7de70000 ret=7debfba7 002b:Call KERNEL32.GetProcAddress(7de70000,7decc9b0 "GetAdaptersInfo") ret=7debfbdd 002b:Ret KERNEL32.GetProcAddress() retval=7de7d708 ret=7debfbdd 002b:Call iphlpapi.GetAdaptersInfo(00000000,0033c83c) ret=7deb1374 002b:Ret iphlpapi.GetAdaptersInfo() retval=0000006f ret=7deb1374 ... 002b:Call iphlpapi.GetAdaptersInfo(0016c908,0033c83c) ret=7deb13bd ... 002b:Ret iphlpapi.GetAdaptersInfo() retval=00000000 ret=7deb13bd ... 002b:Ret ws2_32.bind() retval=00000000 ret=6ad82bab 002b:Call ws2_32.getaddrinfo(6ad8c623 "239.255.255.250",6ad8c68a "1900",0033d0e4,0033d110) ret=6ad82cec ... 002b:Ret ws2_32.getaddrinfo() retval=00000000 ret=6ad82cec 002b:RET miniupnpc.upnpDiscover() retval=00000000 ret=007db1d6 002b:Call ws2_32.WSACleanup() ret=007db2c9 002b:Ret ws2_32.WSACleanup() retval=00000000 ret=007db2c9 ... --- snip ---
That 'miniupnpc' doesn't seem to hook Winsock API.
Where exactly did you get your dll from (link)?
Scan of the dlls I found:
----
From: http://jonathanrooke.co.uk/ror/phpbb/viewtopic.php?f=2&t=177
-> https://www.virustotal.com/gui/file/13c18272374f17c2b644b9a4591bf76d466f3f41...
-> https://www.virustotal.com/gui/file/13c18272374f17c2b644b9a4591bf76d466f3f41...
----
From: http://miniupnp.free.fr/files/download.php?file=upnpc-exe-win32-20150918.zip
-> https://www.virustotal.com/gui/file/621e7d728f1de9adc10673da452036fe7c35ce3d...
-> https://www.virustotal.com/gui/file/621e7d728f1de9adc10673da452036fe7c35ce3d...
----
None of them seem suspicous.
Regards