[Bug 34264] New: Crash with recoursive calls to __clone+0x5d (libc): divide by zero in 32-bit code

http://bugs.winehq.org/show_bug.cgi?id=34264

Bug #: 34264 Summary: Crash with recoursive calls to __clone+0x5d (libc): divide by zero in 32-bit code Product: Wine Version: unspecified Platform: x86-64 OS/Version: Linux Status: UNCONFIRMED Severity: major Priority: P2 Component: -unknown AssignedTo: wine-bugs@winehq.org ReportedBy: wine.karo@cupdev.net Classification: Unclassified

Created attachment 45615 --> http://bugs.winehq.org/attachment.cgi?id=45615 STDOUT with backtrace

Hiho I tried to install bioshock2; When I start it up, it shows om splashed but then crashes with a backtrace. (details below)

#### Setup ##############

Wine Version: 64bit 1.7.xxx but the same error occurred with 1.6.xxx. My OS: 3.9.9-1-ARCH Prefix: * Dedicated for bioshock * No winetricks packets * Bioshock installer possibly installed xlive * Fake screen 1920x1080, apps stayed all the time in windowed mode. App: * bioshock2 * using razor crack * using bioshock2 fake xlive.dll

#### Debug Output ########

Running with "WINEDEBUG=warn+all" gave me a huge log. STDOUT contains just the backtrace. STDERR contains a lot.

See attachments.

#### Related #############

The following bug reports appear related, because they show a similar backtrace (search "__clone+0x5d")

* Bug 33704 - Naviextras Toolbox crashes - http://bugs.winehq.org/show_bug.cgi?id=33704 * Bug 16389 - Mechwarrior 2 fails to start - http://bugs.winehq.org/show_bug.cgi?id=16389 * Bug 30380 - Keppe Chat Server can't accept a Client - http://bugs.winehq.org/show_bug.cgi?id=30380

All the related bugs have the call to "start_thread" that runs recoursive calls to "clone" in common. Googeling a bit makes me think that this bug exists among various versions of wine.

#### Crash Analysis ######

I also had a look at the crash report: * The actual crash reason seems to division by zero (in 32bit code?)

Unhandled exception: divide by zero in 32-bit code (0x109223cc).

* The first few lines of the backtrace show core code. (thread starting code?) I am assuming that the first lines are the functions called first?

1 0x7bc79480 call_thread_func_wrapper+0xb() in ntdll (0x01bbea48) 2 0x7bc7c4bf call_thread_func+0x9e() in ntdll (0x01bbeb18) 3 0x7bc7945e RtlRaiseException+0x21() in ntdll (0x01bbeb48) 4 0x7bc829e5 in ntdll (+0x729e4) (0x01bbf398) 5 0xf756ecf0 start_thread+0xcf() in libpthread.so.0 (0x01bbf468)

* The next few hundred lines show recoursive (?) calls of __clone+0x5d() in libc:

6 0xf74a67ae __clone+0x5d() in libc.so.6 (0x00000000) ... 200 0xf74a67ae __clone+0x5d() in libc.so.6 (0x00000000)

* I think it is worth mentioning that this stack trace only contains functions from the following libs:

* libc.so.6 * libpthread.so.0 * ntdll