https://bugs.winehq.org/show_bug.cgi?id=28089
Sebastian Lackner sebastian@fds-team.de changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |sebastian@fds-team.de
--- Comment #5 from Sebastian Lackner sebastian@fds-team.de --- (In reply to Anastasius Focht from comment #4)
Hello folks,
revisiting, still present.
Found another example, making excessive use of this pattern: Gothic II (lots of obfuscated code)
Download: http://www.fileplanet.com/151400/150000/fileinfo/Gothic-II-Demo-
--- snip --- ... 2BC4036C 8B85 52AC5000 MOV EAX,DWORD PTR SS:[EBP+Gothic2.50AC52] 2BC40372 8BA5 62AC5000 MOV ESP,DWORD PTR SS:[EBP+Gothic2.50AC62] 2BC40378 894424 1C MOV DWORD PTR SS:[ESP+1C],EAX 2BC4037C 64:67:8F06 0000 POP DWORD PTR FS:[SMALL 0] 2BC40382 83C4 04 ADD ESP,4 2BC40385 61 POPAD 2BC40386 83C4 08 ADD ESP,8 2BC40389 FF6424 F8 JMP DWORD PTR SS:[ESP-8] ... --- snip ---
$ sha1sum gothic2-demo-setup.exe 3f1ff6d9b1d1ccdd5032caf349e7c0d79c6a9d24 gothic2-demo-setup.exe
$ du -sh gothic2-demo-setup.exe 381M gothic2-demo-setup.exe
$ wine --version wine-1.7.35-108-g512db44
Regards
Since this issue is basically a conceptual design flaw in Wine it is a bit difficult to fix everywhere. As a temporary solution I was thinking about adding a red zone of 128 byte below esp, similar to x86_64 calling convertions. Do you think this would have any disadvantages? I think it should be sufficient for most apps out there.