[Bug 47503] New: Problems with CreateProcess(CREATE_SUSPENDED) and later ResumeThread

List overview All Threads

newer

older

[Bug 47789] New: Gameforge Client:...

[Bug 47913] New: Canon driver...

wine-bugs＠winehq.org

12 Jul 2019 12 Jul '19

1:30 p.m.

https://bugs.winehq.org/show_bug.cgi?id=47503

Bug ID: 47503 Summary: Problems with CreateProcess(CREATE_SUSPENDED) and later ResumeThread Product: Wine Version: 4.0.1 Hardware: x86 OS: Linux Status: UNCONFIRMED Severity: normal Priority: P2 Component: kernel32 Assignee: wine-bugs@winehq.org Reporter: ghotik2002@yahoo.com Distribution: ---

I'm trying to port DxWnd ( https://sourceforge.net/p/dxwnd ) on Wine and it runs pretty out of the box for injection based on SetWindowsHook calls, but in many cases it is necessary to use code injection based on thread suspension / resume. An injection mode uses CreateProcess(CREATE_SUSPENDED) and some later ResumeThread call, but the result is an alive process (I can list it with Linux ps command) that is probably still suspended and can't take control of the desktop. If anyone may want to replicate the test, he/she may contact me on SourceForge DxWnd dedicated forum or write me at ghotik2002@yahoo.com.

-- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.

Show replies by date

WineHQ Bugzilla

3 Oct 3 Oct

10:24 a.m.

New subject: [Bug 47503] Problems with CreateProcess(CREATE_SUSPENDED) and later ResumeThread

https://bugs.winehq.org/show_bug.cgi?id=47503

ghotik ghotik2002@yahoo.com changed:

What |Removed |Added ---------------------------------------------------------------------------- Version|4.0.1 |4.17

--- Comment #1 from ghotik ghotik2002@yahoo.com --- Tested again on Ubuntu 18.04.3 LTS and Wine 4.17 (everything pretty up'to'date now) and the problem is still there. If needed, I can point to the built software and/or the source code, it is all available on SourceForge site DxWnd project.

-- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.

WineHQ Bugzilla

10:27 a.m.

New subject: [Bug 47503] Problems with CreateProcess(CREATE_SUSPENDED) and later ResumeThread

https://bugs.winehq.org/show_bug.cgi?id=47503

--- Comment #2 from Nikolay Sivov bunglehead@gmail.com --- Could you create a small test case that shows what's wrong with current behavior? It's not clear from your bug description what happens and what should happen.

-- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.

WineHQ Bugzilla

5 Oct 5 Oct

10:15 a.m.

New subject: [Bug 47503] Problems with CreateProcess(CREATE_SUSPENDED) and later ResumeThread

https://bugs.winehq.org/show_bug.cgi?id=47503

Le Gluon du Net legluondunet@gmail.com changed:

What |Removed |Added ---------------------------------------------------------------------------- CC| |legluondunet@gmail.com

-- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.

WineHQ Bugzilla

7 Oct 7 Oct

12:22 p.m.

New subject: [Bug 47503] Problems with CreateProcess(CREATE_SUSPENDED) and later ResumeThread

https://bugs.winehq.org/show_bug.cgi?id=47503

--- Comment #3 from ghotik ghotik2002@yahoo.com --- Created attachment 65403 --> https://bugs.winehq.org/attachment.cgi?id=65403 program with compatibility issue

to be run as follows: wine winebug.exe <Win32 game executable pathname>

-- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.

WineHQ Bugzilla

12:23 p.m.

New subject: [Bug 47503] Problems with CreateProcess(CREATE_SUSPENDED) and later ResumeThread

https://bugs.winehq.org/show_bug.cgi?id=47503

--- Comment #4 from ghotik ghotik2002@yahoo.com --- I apologize for the delay, but the problem appeared to be more complex than I initially believed and doesn't necessarily involve process control. To cut the discussion short, I made a sample program from DxWnd source code and built a winebug.exe program that accepts (as first argument in the command line) the name of the program to be started. In attach there is the full source code and the executable. The logic is more complex that expected because the following steps are performed: 1) the game process is created in suspended state 2) the program start address is found with the GetThreadStartAddress routine 3) the assembly at start address is patched with an infinite loop 4) the program is resumed until it reaches the start address and loops forever 5) an external dll is injected in the target text segment and will run as a separate thread 6) the program is suspended again 7) the infinite loop patch is removed from the text segment 8) the program is resumed again and let free to run.

Here below also the output of the command wine windebug.exe <gamepath> where for <gamepath> I picked the small game CoccoGame.exe:

----------------------------------------------------------------------------- gho@gho-HP-EliteBook-2570p:~/Games/Cocco Game$ wine winebug.exe CoccoGame.exe exe = CoccoGame.exe InjectSuspended: exe="CoccoGame.exe" dir="(null)" CreateProcess SUSPENDED OK Start address = 0x417ab0 - press any key to continue ...

Start address patched - press any key to continue ...

Process resumed - press any key to continue ...

wait cycle 0 eip=417ab0 Start address reached - press any key to continue ...

WaitForSingleObject returns 258 Process suspended again - press any key to continue ...

Process injected - press any key to continue ...

Process resumed again - press any key to continue ... 008b:err:seh:setup_exception_record stack overflow 1580 bytes in thread 008b eip 7bcad0f3 esp 00230d04 stack 0x230000-0x231000-0x330000

type a key to exit ...

-- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.

WineHQ Bugzilla

12:25 p.m.

New subject: [Bug 47503] Problems with CreateProcess(CREATE_SUSPENDED) and later ResumeThread

https://bugs.winehq.org/show_bug.cgi?id=47503

--- Comment #5 from ghotik ghotik2002@yahoo.com --- Created attachment 65404 --> https://bugs.winehq.org/attachment.cgi?id=65404 winebug source code

-- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.

WineHQ Bugzilla

9 Oct 9 Oct

7:29 p.m.

New subject: [Bug 47503] Problems with CreateProcess(CREATE_SUSPENDED) and later ResumeThread

https://bugs.winehq.org/show_bug.cgi?id=47503

--- Comment #6 from ghotik ghotik2002@yahoo.com --- Sorry, I did more researches and I could see that the problem is NOT in the injection code, but into the injected procedure that is not provided in my source code sample and test executable. So, please freeze the bug researches until I can provie more meaningful examples.

-- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.

2026

Age (days ago)

2115

Last active (days ago)

wine-bugs@winehq.org

7 comments

2 participants

tags (0)

participants (2)

wine-bugs＠winehq.org
WineHQ Bugzilla