[Bug 28123] New: Mu Argentina. Muguard crashes when it start

List overview All Threads

newer

older

[Bug 24399] New: CorelDRAW X3...

[Bug 33358] New: crashes every time

wine-bugs＠winehq.org

18 Aug 2011 18 Aug '11

4:12 p.m.

http://bugs.winehq.org/show_bug.cgi?id=28123

Summary: Mu Argentina. Muguard crashes when it start Product: Wine Version: 1.3.26 Platform: x86 URL: http://www.fileserve.com/file/pZXsQKS OS/Version: Linux Status: UNCONFIRMED Severity: blocker Priority: P2 Component: -unknown AssignedTo: wine-bugs@winehq.org ReportedBy: warday27@hotmail.com

The system crashes when it tray tu open the main.exe file. It seems that Muguard requires full access to hardware wich is impossible, due security policies by linux kernel (what is very similar to Gameguard). Unfortunately I have not be able tu proof it.

-- Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email Do not reply to this email, post in Bugzilla using the above URL to reply. ------- You are receiving this mail because: ------- You are watching all bug changes.

Show replies by date

wine-bugs＠winehq.org

18 Aug 18 Aug

5:19 p.m.

New subject: [Bug 28123] Mu Argentina. Muguard crashes when it start

http://bugs.winehq.org/show_bug.cgi?id=28123

Austin English austinenglish@gmail.com changed:

What |Removed |Added ---------------------------------------------------------------------------- Severity|blocker |normal

--- Comment #1 from Austin English austinenglish@gmail.com 2011-08-18 12:19:07 CDT --- Not a blocker.

Terminal output? If you suspect copy protection/DRM, use ProtectionId to determine what protection the game is using (http://pid.gamecopyworld.com/).

wine-bugs＠winehq.org

20 Aug 20 Aug

3:45 p.m.

New subject: [Bug 28123] Mu Argentina. Muguard crashes when it start

http://bugs.winehq.org/show_bug.cgi?id=28123

--- Comment #2 from Warday warday27@hotmail.com 2011-08-20 10:45:06 CDT --- Created an attachment (id=36055) --> (http://bugs.winehq.org/attachment.cgi?id=36055) ProtectionID

Hi I did what you asck me.

wine-bugs＠winehq.org

21 Aug 21 Aug

10:41 p.m.

New subject: [Bug 28123] Mu Argentina. Muguard crashes when it start

http://bugs.winehq.org/show_bug.cgi?id=28123

--- Comment #3 from Warday warday27@hotmail.com 2011-08-21 17:41:31 CDT --- (In reply to comment #1)

...

Not a blocker.

Terminal output? If you suspect copy protection/DRM, use ProtectionId to determine what protection the game is using (http://pid.gamecopyworld.com/).

Hi I did it I hope its ok.

wine-bugs＠winehq.org

27 Feb 27 Feb

2:46 a.m.

New subject: [Bug 28123] Mu Argentina. Muguard crashes when it start

http://bugs.winehq.org/show_bug.cgi?id=28123

--- Comment #4 from Warday warday27@hotmail.com 2012-02-26 20:46:16 CST --- Created attachment 39100 --> http://bugs.winehq.org/attachment.cgi?id=39100 Wine log

wine-bugs＠winehq.org

12 Apr 12 Apr

1:28 a.m.

New subject: [Bug 28123] Mu Argentina. Muguard crashes when it start

https://bugs.winehq.org/show_bug.cgi?id=28123

--- Comment #5 from Austin English austinenglish@gmail.com --- This is your friendly reminder that there has been no bug activity for 2 years. Is this still an issue in current (1.7.16 or newer) wine?

-- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.

wine-bugs＠winehq.org

27 Jul 27 Jul

3:18 p.m.

New subject: [Bug 28123] Mu Argentina. Muguard crashes when it start

http://bugs.winehq.org/show_bug.cgi?id=28123

hanska2@luukku.com changed:

What |Removed |Added ---------------------------------------------------------------------------- CC| |hanska2@luukku.com

--- Comment #6 from hanska2@luukku.com --- Link dead.

-- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.

wine-bugs＠winehq.org

4:31 p.m.

New subject: [Bug 28123] Mu Argentina (MMORPG) protection driver crashes on startup (Oreans x32 kernel driver expects Windows page directory self-map and page tables present)

http://bugs.winehq.org/show_bug.cgi?id=28123

Anastasius Focht focht@gmx.net changed:

--- Comment #7 from Anastasius Focht focht@gmx.net --- Hello folks,

confirming.

It seems whatever "MuGuard" was, is now some Oreans garbage (creator of infamous 'Themida/WinLicense' protection).

--- snip --- 000f:Call KERNEL32.CreateProcessW(00000000,001196c8 L"C:\windows\system32\winedevice.exe oreans32",00000000,00000000,00000000,00000400,00540000,00000000,0033fc48,0033fc8c) ret=7edb5d3f ... 001f:Call KERNEL32.LoadLibraryW(0011aea0 L"C:\windows\system32\drivers\oreans32.sys") ret=7edfb9b9 ... 001f:Ret PE DLL (proc=0xf7592068,module=0xf7580000 L"hal.dll",reason=PROCESS_ATTACH,res=(nil)) retval=1 001f:Ret KERNEL32.LoadLibraryW() retval=00540000 ret=7edfb9b9 ... 001f:Call driver init 0x547c4b (obj=0x7edff4c0,str=L"\Registry\Machine\System\CurrentControlSet\Services\oreans32") DbgPrint says: Oreans x32 driver loaded in memory (v1.52) ... 001f:Call ntdll.RtlInitUnicodeString(0053e640,00547de0 L"\Device\oreans32") ret=00547cd6 001f:Ret ntdll.RtlInitUnicodeString() retval=0053e640 ret=00547cd6 001f:Call ntoskrnl.exe.IoCreateDevice(7edff4c0,00000000,0053e640,00000015,00000000,00000000,00547eb8) ret=00547cef 001f:Call ntdll.RtlAllocateHeap(00110000,00000008,000000b8) ret=7ed2e138 001f:Ret ntdll.RtlAllocateHeap() retval=0011aea0 ret=7ed2e138 001f:Ret ntoskrnl.exe.IoCreateDevice() retval=00000000 ret=00547cef 001f:Call ntdll.RtlInitUnicodeString(0053e638,00547e02 L"\DosDevices\oreans32") ret=00547d10 001f:Ret ntdll.RtlInitUnicodeString() retval=0053e638 ret=00547d10 001f:Call ntoskrnl.exe.IoCreateSymbolicLink(0053e638,0053e640) ret=00547d1d 001f:Call ntdll.NtCreateSymbolicLinkObject(0053e5b4,000f0001,0053e59c,0053e640) ret=7ed2e4e6 001f:Ret ntdll.NtCreateSymbolicLinkObject() retval=00000000 ret=7ed2e4e6 001f:Ret ntoskrnl.exe.IoCreateSymbolicLink() retval=00000000 ret=00547d1d 001f:Ret driver init 0x547c4b (obj=0x7edff4c0,str=L"\Registry\Machine\System\CurrentControlSet\Services\oreans32") retval=00000000 ... 001f:Call ntoskrnl.exe.wine_ntoskrnl_main_loop(00000038) ret=7edfc909 001f:Call ntdll.RtlAllocateHeap(00110000,00000000,00001000) ret=7ed2cf69 001f:Ret ntdll.RtlAllocateHeap() retval=0011b4d8 ret=7ed2cf69 001f:Call KERNEL32.WaitForMultipleObjects(00000002,0053e894,00000000,ffffffff) ret=7ed2d227 ... 0021:Call KERNEL32.__wine_kernel_init() ret=7bc59dbc 000f:Ret KERNEL32.CreateProcessW() retval=00000001 ret=7edb5d3f ... 001f:Call driver dispatch 0x540280 (device=0x11aea0,irp=0x53e760) 001f:Call ntoskrnl.exe.MmIsAddressValid(7ed20000) ret=00546de6 001f:Call KERNEL32.IsBadWritePtr(7ed20000,00000001) ret=7ed306e4 001f:trace:seh:raise_exception code=c0000005 flags=0 addr=0x7b882f64 ip=7b882f64 tid=001f 001f:trace:seh:raise_exception info[0]=00000001 001f:trace:seh:raise_exception info[1]=7ed20000 001f:trace:seh:raise_exception eax=7ed20000 ebx=7b8be000 ecx=6c5ac569 edx=00000000 esi=0053e628 edi=0053e5f8 001f:trace:seh:raise_exception ebp=0053e5e8 esp=0053e4f0 cs=0023 ds=002b es=002b fs=0063 gs=006b flags=00010216 001f:trace:seh:call_vectored_handlers calling handler at 0x7ed2c637 code=c0000005 flags=0 001f:trace:seh:call_vectored_handlers handler at 0x7ed2c637 returned 0 001f:trace:seh:call_stack_handlers calling handler at 0x7b88a093 code=c0000005 flags=0 001f:trace:seh:__regs_RtlUnwind code=c0000005 flags=2 001f:trace:seh:__regs_RtlUnwind calling handler at 0x7bc81679 code=c0000005 flags=2 001f:trace:seh:__regs_RtlUnwind handler at 0x7bc81679 returned 1 001f:trace:seh:IsBadWritePtr 0x7ed20000 caused page fault during write 001f:Ret KERNEL32.IsBadWritePtr() retval=00000001 ret=7ed306e4 001f:Ret ntoskrnl.exe.MmIsAddressValid() retval=00000000 ret=00546de6 ... 001f:trace:seh:raise_exception code=c0000096 flags=0 addr=0x5414a0 ip=005414a0 tid=001f 001f:trace:seh:raise_exception eax=0011c4e0 ebx=e137e760 ecx=00000000 edx=0053ef8c esi=00548035 edi=0053e760 001f:trace:seh:raise_exception ebp=0053e6e8 esp=0053e6bc cs=0023 ds=002b es=002b fs=0063 gs=006b flags=00010283 001f:trace:seh:call_vectored_handlers calling handler at 0x7ed2c637 code=c0000096 flags=0 001f:trace:seh:call_vectored_handlers handler at 0x7ed2c637 returned ffffffff 001f:Call ntoskrnl.exe.MmAllocateNonCachedMemory(00002000) ret=00541506 001f:Call KERNEL32.VirtualAlloc(00000000,00002000,00003000,00000204) ret=7ed3038c 001f:Ret KERNEL32.VirtualAlloc() retval=00550000 ret=7ed3038c 001f:Ret ntoskrnl.exe.MmAllocateNonCachedMemory() retval=00550000 ret=00541506 001f:Call ntdll.RtlZeroMemory(00550000,00002000) ret=0054152a 001f:Ret ntdll.RtlZeroMemory() retval=00550000 ret=0054152a 001f:Call ntoskrnl.exe.MmAllocateNonCachedMemory(000007d0) ret=0054163b 001f:Call KERNEL32.VirtualAlloc(00000000,000007d0,00003000,00000204) ret=7ed3038c 001f:Ret KERNEL32.VirtualAlloc() retval=00560000 ret=7ed3038c 001f:Ret ntoskrnl.exe.MmAllocateNonCachedMemory() retval=00560000 ret=0054163b 001f:Call ntdll.RtlZeroMemory(00560000,000007d0) ret=0054175f 001f:Ret ntdll.RtlZeroMemory() retval=00560000 ret=0054175f 001f:Call ntoskrnl.exe.MmAllocateNonCachedMemory(00001000) ret=00541870 001f:Call KERNEL32.VirtualAlloc(00000000,00001000,00003000,00000204) ret=7ed3038c 001f:Ret KERNEL32.VirtualAlloc() retval=00570000 ret=7ed3038c 001f:Ret ntoskrnl.exe.MmAllocateNonCachedMemory() retval=00570000 ret=00541870 001f:Call ntdll.RtlZeroMemory(00570000,00001000) ret=00541990 001f:Ret ntdll.RtlZeroMemory() retval=00570000 ret=00541990 001f:trace:seh:raise_exception code=c0000005 flags=0 addr=0x5462d7 ip=005462d7 tid=001f 001f:trace:seh:raise_exception info[0]=00000000 001f:trace:seh:raise_exception info[1]=c0300004 001f:trace:seh:raise_exception eax=00000004 ebx=52b97b3b ecx=00570000 edx=00571000 esi=00570000 edi=c0300000 001f:trace:seh:raise_exception ebp=0053e6cc esp=0053e6ac cs=0023 ds=002b es=002b fs=0063 gs=006b flags=00010287 001f:trace:seh:call_vectored_handlers calling handler at 0x7ed2c637 code=c0000005 flags=0 001f:trace:seh:call_vectored_handlers handler at 0x7ed2c637 returned 0 001f:trace:seh:call_stack_handlers calling handler at 0x7bc9dbe3 code=c0000005 flags=0 001f:Call KERNEL32.UnhandledExceptionFilter(0053e174) ret=7bc9dc1d 001f:trace:seh:start_debugger Starting debugger "winedbg --auto 25 84" 001f:Ret KERNEL32.UnhandledExceptionFilter() retval=00000000 ret=7bc9dc1d 001f:trace:seh:call_stack_handlers handler at 0x7bc9dbe3 returned 1 --- snip ---

Tidbit: the kernel driver is heavily obfuscated (though not a problem here)

The last (unhandled) exception results from the driver trying to access self-mapping PDE/PTE from "kernel" space.

GetPdeAddress(va) -> 0xc0300000[va>>20] ; see EDI in exception context GetPteAddress(va) -> 0xc0000000[va>>10]

It expects many things from Windows kernel being present that Wine can't support by design - at least not without major re-architecturing towards emulation of "kernel space" along with many system (kernel) data structures.

Try VirtualBox or Reactos if you really need to run this stuff.

$ sha1sum Instalador\ Muargentina\ eX702.exe 847948f9f6e5411757407bdbd8dc5fcef97fca95 Instalador Muargentina eX702.exe

$ du -sh Instalador\ Muargentina\ eX702.exe 708M Instalador Muargentina eX702.exe

$ wine --version wine-1.7.23

Regards

-- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.

wine-bugs＠winehq.org

11 Aug 11 Aug

3:12 a.m.

New subject: [Bug 28123] Mu Argentina (MMORPG) protection driver crashes on startup (Oreans x32 kernel driver expects Windows page directory self-map and page tables present)

http://bugs.winehq.org/show_bug.cgi?id=28123

Austin English austinenglish@gmail.com changed:

What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |CLOSED

--- Comment #8 from Austin English austinenglish@gmail.com --- Closing.

-- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.

3815

Age (days ago)

4904

Last active (days ago)

wine-bugs@winehq.org

8 comments

1 participants

tags (0)

participants (1)

wine-bugs＠winehq.org