https://bugs.winehq.org/show_bug.cgi?id=39093
Michael Müller michael@fds-team.de changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |michael@fds-team.de
--- Comment #2 from Michael Müller michael@fds-team.de --- Created attachment 52091 --> https://bugs.winehq.org/attachment.cgi?id=52091 Hack to increase size of fake dlls
I am not 100% sure why the program does this, but it seems like the game calculates some offset in the mapped kernel32 module and then maps the dll manually:
------- 003d:Call KERNEL32.GetModuleFileNameW(7b810000,00168978,00000104) ret=009716e0 003d:Ret KERNEL32.GetModuleFileNameW() retval=00000020 ret=009716e0 003d:Call KERNEL32.CreateFileW(00168978 L"C:\windows\system32\KERNEL32.dll",80000000,00000001,00000000,00000003,00000000,00000000) ret=009716f5 003d:Ret KERNEL32.CreateFileW() retval=00000080 ret=009716f5 [...] KERNEL32.CreateFileMappingW(00000080,00000000,00000002,00000000,00000000,00000000) ret=00971751 003d:Ret KERNEL32.CreateFileMappingW() retval=00000084 ret=00971751 003d:Call KERNEL32.MapViewOfFile(00000084,00000004,00000000,00000000,00000000) ret=00971779 003d:Ret KERNEL32.MapViewOfFile() retval=02ec0000 ret=00971779 -------
Now it tries to access the same offset in the mapped memory area (which somehow points into the resource section in the ELF-PE kernel32 module). This causes an access violation since Wine mapped the fake kernel32.dll which is about 1MB smaller then the ELF-PE version. I am not sure what the program is searching for or if it is a bug that it tries to access this memory address. The mentioned commit changed the size of the resource section and had some influence on the offset the program is looking for.
I attached a hack which increases the size of the fake dlls about 1MB and therefore prevents the access violations. The game starts fine using this hack (+ msscript override).