[Bug 18551] New: Xenocode: NtMapViewOfSection() callers must take non-negative NTSTATUS into account (STATUS_IMAGE_NOT_AT_BASE)
http://bugs.winehq.org/show_bug.cgi?id=18551
Summary: Xenocode: NtMapViewOfSection() callers must take non-negative NTSTATUS into account (STATUS_IMAGE_NOT_AT_BASE) Product: Wine Version: 1.1.21 Platform: Other URL: http://rvgsoftware.fileburst.com/holdemmanager.zip OS/Version: other Status: UNCONFIRMED Severity: normal Priority: P2 Component: ntdll AssignedTo: wine-bugs@winehq.org ReportedBy: focht@gmx.net
Hello,
this is an continuation with Xenocode Virtual Appliance "Hold'em Manager" from bug 18274
Although wrapped with Xenocode it seems not to bundle .NET 2.0 Framework (Xenocode can optionally do this). Required prerequisites:
1. clean WINEPREFIX 2. sh winetricks -q dotnet20
The next part is buried within managed app domain hence debug trace doesn't give much useful information (some relay thunks prevent proper execution due to nature of Xenocode).
--- snip --- ... fixme:ntdll:NtQueryObject Unsupported information class 1 ... fixme:module:LdrAddRefDll 0x79000000 flags 1 not implemented ... fixme:shell:URL_ParseUrl failed to parse L"System.Drawing" ... fixme:shell:URL_ParseUrl failed to parse L"DevComponents.DotNetBar2" ... fixme:shell:URL_ParseUrl failed to parse L"System.Windows.Forms" ... fixme:shell:URL_ParseUrl failed to parse L"System" ... fixme:shell:URL_ParseUrl failed to parse L"HMClass" fixme:ntdll:RtlNtStatusToDosErrorNoTeb no mapping for 40000003 ... --- snip ---
That "LdrAddRefDll" message is harmless, Xenocode directly calls loader API (LdrLoadDll, LdrAddRefDll, ..).
Assembly bind info from enabled fusion log:
--- snip --- MDA notification: Name:BindingFailure, Flags:0 Description: The assembly with display name 'HMClass' failed to load in the 'Load' binding context of the AppDomain with ID 1. The cause of the failure was: System.IO.FileLoadException: Could not load file or assembly 'HMClass, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null' or one of its dependencies. Exception from HRESULT: 0x8007013D File name: 'HMClass, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null' --- snip ---
This message is the culprit: "fixme:ntdll:RtlNtStatusToDosErrorNoTeb no mapping for 40000003" Winedbg reveals the following callstack at the problem:
--- snip --- 0 0x7bc3b436 RtlNtStatusToDosErrorNoTeb+0xa6(status=1073741827) [/opt/wine/wine-git/dlls/ntdll/error.c:73] in ntdll (0x00339ca4) 1 0x7bc3b571 RtlNtStatusToDosError+0x2d(status=1073741827) [/opt/wine/wine-git/dlls/ntdll/error.c:103] in ntdll (0x00339cb4) 2 0x7b8aa916 MapViewOfFileEx+0xbf(handle=0x9950d8, access=0, offset_high=0, offset_low=0, count=1941504, addr=0x46f0000) [/opt/wine/wine-git/dlls/kernel32/virtual.c:550] in kernel32 (0x00339d04) 3 0x79ea4f44 in mscorwks (+0x34f44) (0x00339d68) ... --- snip ---
The problematic source location:
--- snip dlls/kernel32/virtual.c --- LPVOID WINAPI MapViewOfFileEx( HANDLE handle, DWORD access, DWORD offset_high, DWORD offset_low, SIZE_T count, LPVOID addr ) { ... if ((status = NtMapViewOfSection( handle, GetCurrentProcess(), &addr, 0, 0, &offset, &count, ViewShare, 0, protect ))) { SetLastError( RtlNtStatusToDosError(status) ); addr = NULL; } return addr; } --- snip dlls/kernel32/virtual.c ---
Due to Xenocode native API hooks, NTSTATUS = 0x40000003 (STATUS_IMAGE_NOT_AT_BASE) gets returned which is sane in this situation.
Wine unfortunately validates "success" by either using "if (status)" or if (status != STATUS_SUCCESS)" in several locations.
MSDN: http://msdn.microsoft.com/en-us/library/cc704588(PROT.10).aspx
--- quote --- 0x40000003 STATUS_IMAGE_NOT_AT_BASE
{Image Relocated} An image file could not be mapped at the address that is specified in the image file. Local fixes must be performed on this image. --- quote ---
From my view this doesn't qualify as an error at all (positive value).
Wine should allow this to succeed.
I found at two occurrences of NtMapViewOfSection() which cause Xenocode to fail due to NTSTATUS "STATUS_IMAGE_NOT_AT_BASE":
dlls/kernel32/virtual.c:MapViewOfFileEx dlls/ntdll/loader.c:load_native_dll
Although there are more occurrences of this idiom in Wine source tree, only these two seem relevant to Xenocode (due to hooks).
Either honour STATUS_IMAGE_NOT_AT_BASE when NtMapViewOfSection() is called in these two locations or make a generic check >= 0 because non-negative numbers usually indicate success from my understanding of NTSTATUS.
Regards
http://bugs.winehq.org/show_bug.cgi?id=18551
Austin English austinenglish@gmail.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Keywords| |download
http://bugs.winehq.org/show_bug.cgi?id=18551
--- Comment #1 from Anastasius Focht focht@gmx.net 2009-05-22 05:38:30 --- Hello,
another trace log snippet, showing the problem in the second location (dlls/ntdll/loader.c:load_native_dll ), bolstering my analysis:
--- snip --- ... 0009:trace:module:get_load_order looking for L"C:\Program Files\RVG Software\Holdem Manager\HMClass.dll" 0009:trace:module:get_load_order got hardcoded default for L"C:\Program Files\RVG Software\Holdem Manager\HMClass.dll" 0009:trace:module:load_builtin_dll Trying built-in L"C:\Program Files\RVG Software\Holdem Manager\HMClass.dll" ... 0009:trace:module:load_builtin_dll Trying built-in L"HMClass.dll" 0009:warn:module:load_builtin_dll cannot open .so lib for builtin L"HMClass.dll": /opt/wine/wine-install/bin/../lib/wine/hmclass.dll.so: cannot open shared object file: No such file or directory 0009:trace:module:load_native_dll Trying native dll L"C:\Program Files\RVG Software\Holdem Manager\HMClass.dll" 0009: create_mapping( access=000f0007, attributes=00000000, protect=00000043, size=001da000, file_handle=0000, objattr={rootdir=0000,sd={},name=L""} ) 0009: create_mapping() = 0 { handle=0170 } 0009:trace:virtual:NtMapViewOfSection handle=0x170 process=0xffffffff addr=0x10000000 off=000000000 size=0 access=4 0009: get_mapping_info( handle=0170, access=00000002 ) 0009: get_mapping_info() = 0 { size=001da000, protect=67, header_size=0, base=00000000, mapping=0178, shared_file=0000 } 0009: get_handle_fd( handle=0170 ) 0009: *fd* 0170 -> 95 0009: get_handle_fd() = 0 { type=1, removable=0, access=000f0007, options=00000020 } 0009: close_handle( handle=0178 ) 0009: close_handle() = 0 0009:trace:virtual:NtMapViewOfSection handle=0x170 process=0xffffffff addr=(nil) off=000000000 size=0 access=4 0009: get_mapping_info( handle=0170, access=00000002 ) 0009: get_mapping_info() = 0 { size=001da000, protect=67, header_size=0, base=00000000, mapping=0178, shared_file=0000 } 0009:trace:virtual:map_view got mem in reserved area 0x4e90000-0x506a000 0009:trace:virtual:VIRTUAL_DumpView View: 0x4e90000 - 0x5069fff (anonymous) 0009:trace:virtual:VIRTUAL_DumpView 0x4e90000 - 0x5069fff c-rw- 0009:trace:virtual:create_view forcing exec permission on 0x4e90000-0x5069fff 0009:trace:virtual:NtMapViewOfSection handle=0x170 size=1da000 offset=000000000 0009:warn:module:load_dll Failed to load module L"C:\Program Files\RVG Software\Holdem Manager\HMClass.dll"; status=40000003 0009:fixme:ntdll:RtlNtStatusToDosErrorNoTeb no mapping for 40000003 ... 0009:trace:seh:raise_exception code=e06d7363 flags=1 addr=0x7b84385b ip=7b84385b tid=0009 0009:trace:seh:raise_exception info[0]=19930520 0009:trace:seh:raise_exception info[1]=0032b280 0009:trace:seh:raise_exception info[2]=7a34dfdc 0009:trace:seh:raise_exception eax=7b82ca1d ebx=7b8c2918 ecx=00000000 edx=00004000 esi=00004000 edi=0016c6c8 0009:trace:seh:raise_exception ebp=0032b214 esp=0032b1b0 cs=0023 ds=002b es=002b fs=0063 gs=006b flags=00000246 ... --- snip ---
Regards
http://bugs.winehq.org/show_bug.cgi?id=18551
Nicholas lazar.dobrescu@gmail.com changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |lazar.dobrescu@gmail.com
http://bugs.winehq.org/show_bug.cgi?id=18551
--- Comment #2 from Nikolay Sivov bunglehead@gmail.com 2009-09-18 12:23:40 --- Hi, Anastasius.
I'm not familiar with this API I must say, but don't want to waste such deep analysis.
Could you suggest a minimal test case to get this STATUS_IMAGE_NOT_AT_BASE return code?
We already have some MapViewOfFile() tests, so there's something to look at.
http://bugs.winehq.org/show_bug.cgi?id=18551
Shaun McIsaac Shaun.McIsaac@comcast.net changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|UNCONFIRMED |NEW Ever Confirmed|0 |1
--- Comment #3 from Shaun McIsaac Shaun.McIsaac@comcast.net 2009-11-07 09:34:21 --- *** This bug has been confirmed by popular vote. ***
http://bugs.winehq.org/show_bug.cgi?id=18551
Shaun McIsaac Shaun.McIsaac@comcast.net changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |Shaun.McIsaac@comcast.net
--- Comment #4 from Shaun McIsaac Shaun.McIsaac@comcast.net 2009-11-07 09:37:36 --- I'm not sure what you mean by 'minimal test case', but one application exhibiting the problem is "Hold'em Manager." You can install the free trial version from http://www.holdemmanager.net . The software itself is non-free but it will allow you run in trial mode for 15 days. That should be sufficient to run across the errors mentioned here.
Thanks for looking into this.
http://bugs.winehq.org/show_bug.cgi?id=18551
Dan Kegel dank@kegel.com changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |dank@kegel.com
--- Comment #5 from Dan Kegel dank@kegel.com 2009-11-07 10:41:18 --- Shaun, in this case it means a minimal C program in the style of the wine conformance tests. If you're curious, see http://hough.tm.mbs.ac.uk/creativity/tao-in-the-art-of-the-minimal-test-case... https://wiki.mozilla.org/QA/Minimal_Test_Cases and (although this only works well for language processors) http://en.wikipedia.org/wiki/Delta_Debugging
http://bugs.winehq.org/show_bug.cgi?id=18551
Anastasius Focht focht@gmx.net changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution| |FIXED
--- Comment #6 from Anastasius Focht focht@gmx.net 2010-03-04 13:43:54 --- Hello,
thanks, fixed by commit 83c272a258c337f64dd57048a7b265390ed151e3
Regards
http://bugs.winehq.org/show_bug.cgi?id=18551
Alexandre Julliard julliard@winehq.org changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |CLOSED
--- Comment #7 from Alexandre Julliard julliard@winehq.org 2010-03-05 12:43:01 --- Closing bugs fixed in 1.1.40.
http://bugs.winehq.org/show_bug.cgi?id=18551
Anastasius Focht focht@gmx.net changed:
What |Removed |Added ---------------------------------------------------------------------------- Keywords| |obfuscation Fixed by SHA1| |83c272a258c337f64dd57048a7b | |265390ed151e3
--- Comment #8 from Anastasius Focht focht@gmx.net 2011-10-11 15:26:31 CDT --- Hello,
filling/correcting fields ...
Regards
http://bugs.winehq.org/show_bug.cgi?id=18551
Anastasius Focht focht@gmx.net changed:
What |Removed |Added ---------------------------------------------------------------------------- Hardware|Other |x86 OS|other |Linux
-
wine-bugs@winehq.org