[Bug 13915] New: Oblivon Script Extender (OBSE) fails to start ("privileged instruction")
http://bugs.winehq.org/show_bug.cgi?id=13915
Summary: Oblivon Script Extender (OBSE) fails to start ("privileged instruction") Product: Wine Version: 1.0-rc4 Platform: PC-x86-64 URL: http://obse.silverlock.org OS/Version: Linux Status: NEW Keywords: download Severity: normal Priority: P2 Component: -unknown AssignedTo: wine-bugs@winehq.org ReportedBy: ben@atomnet.co.uk
Created an attachment (id=14025) --> (http://bugs.winehq.org/attachment.cgi?id=14025) Full terminal crashlog
The Oblivion Script Extender program fails to start, it immediately dies with an "Unhandled exception: privileged instruction in 32-bit code (0x7ee158d0)." error although it then continues to load Oblivion which may confuse people as unless you see the console in the split second before before Oblivion actually opens, it makes it appear as if it worked.
Full terminal output attached.
http://bugs.winehq.org/show_bug.cgi?id=13915
Josef Schimke jschimke@gmail.com changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |jschimke@gmail.com
http://bugs.winehq.org/show_bug.cgi?id=13915
--- Comment #1 from David Goree davidgoree2003@gmail.com 2008-07-26 22:48:08 --- Created an attachment (id=15075) --> (http://bugs.winehq.org/attachment.cgi?id=15075) Backtrace
Still crashing on wine 1.10 on Linux-2.6.26-gentoo-i686. Added an attachment.
http://bugs.winehq.org/show_bug.cgi?id=13915
--- Comment #2 from Rob Whalley mail@robwhalley.co.uk 2008-07-27 09:32:32 --- Created an attachment (id=15093) --> (http://bugs.winehq.org/attachment.cgi?id=15093) Terminal output of 'wine obse_loader.exe'
http://bugs.winehq.org/show_bug.cgi?id=13915
Rob Whalley mail@robwhalley.co.uk changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |mail@robwhalley.co.uk
--- Comment #3 from Rob Whalley mail@robwhalley.co.uk 2008-07-27 09:33:13 --- Tested with:
Ubuntu 8.04 64-bit Wine version v1.1.1 (Git version) OBSE: v0015 Latest patched version of Oblivion (original retail CD only, no expansion packs)
Error when using command 'wine obse_loader.exe' to start:
"wine: Unhandled page fault on read access to 0x00000010 at address 0x7ebefd6e (thread 0017), starting debugger... Unhandled exception: page fault on read access to 0x00000010 in 32-bit code (0x7ebefd6e)."
Attached terminal output.
http://bugs.winehq.org/show_bug.cgi?id=13915
Oliver Dietsch odietsch@googlemail.com changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |odietsch@googlemail.com
http://bugs.winehq.org/show_bug.cgi?id=13915
Nicolas Joyard joyard.nicolas@gmail.com changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |joyard.nicolas@gmail.com
--- Comment #4 from Nicolas Joyard joyard.nicolas@gmail.com 2008-11-01 22:29:07 --- According to the UESP wiki, the author of OBSE (Ian Patterson) has been contacted about this issue. Here's his answer, it might be useful to solve this bug...
--
This appears to be a discrepancy between the Windows implementation of the DLL dependency handler/loader and the Wine implementation. Unfortunately I don't have a linux install to test this on, but my first guess would be that calling CreateProcess with the CREATE_SUSPENDED flag set leaves the new process' loader critical section locked until the main thread is resumed.
The loader works in a pretty straightforward way:
- create the new process with CREATE_SUSPENDED - VirtualAllocEx some executable memory in the new process to store enough code for "jmp LoadLibraryA" and a null-terminated string pointing to our DLL (in a perfect world we would just point the thread entry point straight at LoadLibraryA, but this makes some virus scanners explode, literally) - use CreateRemoteThread to create a thread in the new process pointing to the injected code, setting the parameter to the thread function to the DLL path in the new process (conveniently the calling convention and signature of thread entry points and LoadLibrary are exactly the same) - wait for the thread to terminate, signifying that the DLL has been loaded - clean up
This sequence requires that processes not be holding the loader lock immediately after creation.
http://bugs.winehq.org/show_bug.cgi?id=13915
Daniel Rammelt drammelt@gmail.com changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |drammelt@gmail.com
--- Comment #5 from Daniel Rammelt drammelt@gmail.com 2008-11-03 05:43:34 --- Apparently the issue with CREATE_SUSPENDED is fixed, I emailed a backtrace from 1.1.7 and the developer said the new problem is to do with the CreateMenuEx function.
http://bugs.winehq.org/show_bug.cgi?id=13915
--- Comment #6 from Daniel Rammelt drammelt@gmail.com 2008-11-03 05:44:35 --- Created an attachment (id=17060) --> (http://bugs.winehq.org/attachment.cgi?id=17060) Trace from Obse with Wine 1.1.7
http://bugs.winehq.org/show_bug.cgi?id=13915
--- Comment #7 from Daniel Rammelt drammelt@gmail.com 2008-11-03 16:30:30 --- More specifically this line is where it is crashing in dlls/user32/menu.c In function CreateMenu.
if (!(hMenu = USER_HEAP_ALLOC( sizeof(POPUPMENU) ))) return 0;
http://bugs.winehq.org/show_bug.cgi?id=13915
--- Comment #8 from Daniel Rammelt drammelt@gmail.com 2008-11-03 16:48:45 --- Placing some extra debug code around the line causing the crash actually allows OBSE to run perfectly on occasion. It almost seems like a timing issue of some sort.
I replaced the debug line with a simple sleep(1); statement and it has the same effect. Probably 1 out of 5 tries will launch OBSE perfectly. The rest it crashes in FormatMessageW or LocalReAlloc16.
sleep(1); if (!(hMenu = USER_HEAP_ALLOC( sizeof(POPUPMENU) ))) return 0;
I am not really sure what this means, but perhaps it will help someone with a bit more coding skill :)
http://bugs.winehq.org/show_bug.cgi?id=13915
DL taedium_vitae@eml.cc changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |taedium_vitae@eml.cc
--- Comment #9 from DL taedium_vitae@eml.cc 2009-01-06 19:21:35 --- Still broken with wine-1.1.12.
http://bugs.winehq.org/show_bug.cgi?id=13915
Edward vbgraphix2003@hotmail.com changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |vbgraphix2003@hotmail.com
--- Comment #10 from Edward vbgraphix2003@hotmail.com 2009-02-10 19:58:23 --- (In reply to comment #8)
Placing some extra debug code around the line causing the crash actually allows OBSE to run perfectly on occasion. It almost seems like a timing issue of some sort.
I replaced the debug line with a simple sleep(1); statement and it has the same effect. Probably 1 out of 5 tries will launch OBSE perfectly. The rest it crashes in FormatMessageW or LocalReAlloc16.
sleep(1); if (!(hMenu = USER_HEAP_ALLOC( sizeof(POPUPMENU) ))) return 0;I am not really sure what this means, but perhaps it will help someone with a bit more coding skill :)
Still broken with wine 1.1.14
http://bugs.winehq.org/show_bug.cgi?id=13915
Samuel Nelson valczir.darkvein@gmail.com changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |valczir.darkvein@gmail.com
--- Comment #11 from Samuel Nelson valczir.darkvein@gmail.com 2009-04-17 02:15:37 --- With wine 1.1.13, it seems that OBSE will run maybe 1/10 of the time, but it also seems that Oblivion will subsequently crash while loading and old or starting a new game (if OBSE mods are in use - I've got Deadly Reflexes enabled, myself). Most of the time, a similar memory dump to the previously posted backtraces happens while attempting to load OBSE, but Oblivion will still start after OBSE crashes.
I edited the source code and added the previously mentioned sleep(1); to see if it would cause OBSE to work more frequently, but it didn't seem to change anything.
I hate vanilla Oblivion, and some of the mods that I feel are essential to make it an enjoyable game require OBSE, so I, personally, would greatly appreciate any work done on this - even if I have to start, quit, restart, quit, etc a few times in order to get OBSE to run correctly. I don't mind having to work at starting the game for twenty minutes, so long as I can play with my mods.
http://bugs.winehq.org/show_bug.cgi?id=13915
Kasperi Kuuskoski kape009@gmail.com changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |kape009@gmail.com
--- Comment #12 from Kasperi Kuuskoski kape009@gmail.com 2009-05-27 17:06:36 --- It works! It works, at last! The new v0017 beta 2 works perfectly with wine, at least for me. I use wine 1.1.14, Fedora 9. Havent tested it with mods yet, but the gameplay works.
Okay, it doesnt work perfectly... it freezes in gameplay few times, but i am not sure is this because of my computer/mods or because of OBSE. Well, people, test this, i am eager to see does it work with you.
http://bugs.winehq.org/show_bug.cgi?id=13915
Ken Sharp kennybobs@o2.co.uk changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution| |FIXED
--- Comment #13 from Ken Sharp kennybobs@o2.co.uk 2009-05-27 20:39:03 --- Reported fixed, reopen if not.
http://bugs.winehq.org/show_bug.cgi?id=13915
--- Comment #14 from DL taedium_vitae@eml.cc 2009-05-27 21:23:27 --- Bug is not fixed.The difference is that obse still crashes but Oblivion launches anyway.Mods such as Streamline and Helmet FOV don't work, and oblivion often crashes while loading a save.Probably because it is trying to use these mods without OBSE being loaded.
http://bugs.winehq.org/show_bug.cgi?id=13915
Ken Sharp kennybobs@o2.co.uk changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |REOPENED Resolution|FIXED |
--- Comment #15 from Ken Sharp kennybobs@o2.co.uk 2009-05-28 13:32:27 --- Can you attach a new terminal log?
http://bugs.winehq.org/show_bug.cgi?id=13915
--- Comment #16 from d3phoenix@hotmail.com 2009-06-13 19:00:16 --- Created an attachment (id=21780) --> (http://bugs.winehq.org/attachment.cgi?id=21780) Terminal output of 'wine obse_loader.exe'
http://bugs.winehq.org/show_bug.cgi?id=13915
d3phoenix@hotmail.com changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |d3phoenix@hotmail.com
--- Comment #17 from d3phoenix@hotmail.com 2009-06-13 19:03:21 --- (In reply to comment #16)
Created an attachment (id=21780)
--> (http://bugs.winehq.org/attachment.cgi?id=21780) [details]
Terminal output of 'wine obse_loader.exe'
Sorry for the double post. Forgot to include:
Distro: Ubuntu 9.04 'Jaunty' x86_64 Uname: Linux core 2.6.28-11-generic #42-Ubuntu SMP Fri Apr 17 01:58:03 UTC 2009 x86_64 GNU/Linux Wine Version: 1.1.23 Game Version: Oblivion + Shivering Isles v1.2.416
http://bugs.winehq.org/show_bug.cgi?id=13915
Rafael Hart zen.cat.nine@gmail.com changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |zen.cat.nine@gmail.com
http://bugs.winehq.org/show_bug.cgi?id=13915
Jari Vetoniemi mailRoxas@gmail.com changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |mailRoxas@gmail.com
--- Comment #18 from Jari Vetoniemi mailRoxas@gmail.com 2009-08-05 09:46:58 --- I want to report too that OBSE loads randomly fine and when Oblivion launches OBSE crashes. Same for FOSE (Fallout 3 Script Extender) I think there is source code for these programs so maybe someone could take fast look how it injects into Oblivion exe (or Fallout 3).
It seems its not so far away =)
http://bugs.winehq.org/show_bug.cgi?id=13915
Jari Vetoniemi mailRoxas@gmail.com changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |mailRoxas@gmail.com
Philip Nilsson leffeman@gmail.com changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |leffeman@gmail.com
--- Comment #18 from Jari Vetoniemi mailRoxas@gmail.com 2009-08-05 09:46:58 --- I want to report too that OBSE loads randomly fine and when Oblivion launches OBSE crashes. Same for FOSE (Fallout 3 Script Extender) I think there is source code for these programs so maybe someone could take fast look how it injects into Oblivion exe (or Fallout 3).
It seems its not so far away =)
--- Comment #19 from Philip Nilsson leffeman@gmail.com 2009-08-05 09:54:23 --- Try ``sudo sysctl kernel.randomize_va_space=0'' before running with a recent Wine.
http://bugs.winehq.org/show_bug.cgi?id=13915
Jari Vetoniemi mailRoxas@gmail.com changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |mailRoxas@gmail.com
Philip Nilsson leffeman@gmail.com changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |leffeman@gmail.com
Adam A. Zajac strider1551@gmail.com changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |strider1551@gmail.com
--- Comment #18 from Jari Vetoniemi mailRoxas@gmail.com 2009-08-05 09:46:58 --- I want to report too that OBSE loads randomly fine and when Oblivion launches OBSE crashes. Same for FOSE (Fallout 3 Script Extender) I think there is source code for these programs so maybe someone could take fast look how it injects into Oblivion exe (or Fallout 3).
It seems its not so far away =)
--- Comment #19 from Philip Nilsson leffeman@gmail.com 2009-08-05 09:54:23 --- Try ``sudo sysctl kernel.randomize_va_space=0'' before running with a recent Wine.
http://bugs.winehq.org/show_bug.cgi?id=13915
Jari Vetoniemi mailRoxas@gmail.com changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |mailRoxas@gmail.com
Philip Nilsson leffeman@gmail.com changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |leffeman@gmail.com
Adam A. Zajac strider1551@gmail.com changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |strider1551@gmail.com
Claudio sick_soul@yahoo.it changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |sick_soul@yahoo.it
--- Comment #18 from Jari Vetoniemi mailRoxas@gmail.com 2009-08-05 09:46:58 --- I want to report too that OBSE loads randomly fine and when Oblivion launches OBSE crashes. Same for FOSE (Fallout 3 Script Extender) I think there is source code for these programs so maybe someone could take fast look how it injects into Oblivion exe (or Fallout 3).
It seems its not so far away =)
--- Comment #19 from Philip Nilsson leffeman@gmail.com 2009-08-05 09:54:23 --- Try ``sudo sysctl kernel.randomize_va_space=0'' before running with a recent Wine.
--- Comment #20 from Claudio sick_soul@yahoo.it 2009-09-06 13:54:34 --- (In reply to comment #19)
Try ``sudo sysctl kernel.randomize_va_space=0'' before running with a recent Wine.
Tried, does not help. Using wine-1.1.28. Does someone have a somewhat reliable workaround?
http://bugs.winehq.org/show_bug.cgi?id=13915
Jari Vetoniemi mailRoxas@gmail.com changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |mailRoxas@gmail.com
Philip Nilsson leffeman@gmail.com changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |leffeman@gmail.com
Adam A. Zajac strider1551@gmail.com changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |strider1551@gmail.com
Claudio sick_soul@yahoo.it changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |sick_soul@yahoo.it
Thomas J. Moore dark@mama.indstate.edu changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |dark@mama.indstate.edu
--- Comment #18 from Jari Vetoniemi mailRoxas@gmail.com 2009-08-05 09:46:58 --- I want to report too that OBSE loads randomly fine and when Oblivion launches OBSE crashes. Same for FOSE (Fallout 3 Script Extender) I think there is source code for these programs so maybe someone could take fast look how it injects into Oblivion exe (or Fallout 3).
It seems its not so far away =)
--- Comment #19 from Philip Nilsson leffeman@gmail.com 2009-08-05 09:54:23 --- Try ``sudo sysctl kernel.randomize_va_space=0'' before running with a recent Wine.
--- Comment #20 from Claudio sick_soul@yahoo.it 2009-09-06 13:54:34 --- (In reply to comment #19)
Try ``sudo sysctl kernel.randomize_va_space=0'' before running with a recent Wine.
Tried, does not help. Using wine-1.1.28. Does someone have a somewhat reliable workaround?
http://bugs.winehq.org/show_bug.cgi?id=13915
Robert Myers mystinar@comcast.net changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |mystinar@comcast.net
--- Comment #21 from Robert Myers mystinar@comcast.net 2009-10-28 11:07:33 --- Yes, the source codes are available, and they are included with the download, under the "src" directory. OBSE and it's source codes can be downloaded from this link:
http://obse.silverlock.org/download/obse_0017b.zip
http://bugs.winehq.org/show_bug.cgi?id=13915
Austin English austinenglish@gmail.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Keywords| |source
http://bugs.winehq.org/show_bug.cgi?id=13915
Eddahbi Karim Da.TemPLaR@gmail.com changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |Da.TemPLaR@gmail.com
--- Comment #22 from Eddahbi Karim Da.TemPLaR@gmail.com 2009-11-06 17:58:41 --- Can't execute the loader with wine 1.1.32 and no extension loaded but the Nvidia Black Fix bug (which don't make use of this loader). Here's the error :
err:seh:setup_exception_record stack overflow 2300 bytes in thread 001b eip 7ef756fd esp 00e00a34 stack 0xe00000-0xe01000-0xf00000
Nothing after that.
Same thing happen with 0017 and 0018b version of OBSE.
Using Debian Sid x86-64 packages from the sources stated on the WineHQ's download page.
Note that obse_loader.log states the following : crc = 7934C86C dll = K:\Oblivion\obse_1_2_416.dll hookBase = 00340000 loadLibraryAAddr = 7ED9BA17 hook thread complete launching oblivion
Note also that by executing the following command "sysctl kernel.randomize_va_space=1", the game can be launched after an initial crash, with the same error that the original poster have on its terminal, but no new functions are added, floor textures are messed up and the obse_loader.log 'loadLibraryAAddr' line change every time the game can be launched.
I was wondering if that injection can't be replaced by a binary patch.
http://bugs.winehq.org/show_bug.cgi?id=13915
--- Comment #23 from Eddahbi Karim Da.TemPLaR@gmail.com 2009-11-10 13:51:33 --- Just for information, launching the game under Windows Vista with obse_loader.exe creates a 'obse_loader.log' with the following content :
crc = 7934C86C dll = C:\Games\Oblivion\obse_1_2_416.dll hookBase = 00160000 loadLibraryAAddr = 77A59491 hook thread complete launching oblivion
The game's version is the same since I just did a copy/paste of the files and registry keys.
BTW, the texture's corruption was unrelated. Still, the loading problem is still there.
http://bugs.winehq.org/show_bug.cgi?id=13915
--- Comment #24 from Dmitry Timoshkov dmitry@codeweavers.com 2009-11-13 04:38:19 --- (In reply to comment #23)
The game's version is the same since I just did a copy/paste of the files and registry keys.
That configuration is invalid and can't be supported. Install the game under Wine.
http://bugs.winehq.org/show_bug.cgi?id=13915
--- Comment #25 from Eddahbi Karim Da.TemPLaR@gmail.com 2009-11-13 14:28:46 --- I *did* install the game under Wine normally, I just copy/pasted the game to install it in *Windows*. Not the reverse. So this is still valid !
http://bugs.winehq.org/show_bug.cgi?id=13915
--- Comment #26 from Eddahbi Karim Da.TemPLaR@gmail.com 2009-11-19 00:09:53 --- Tested again with wine 1.1.32 this time. Didn't touch the software files.
I got a little further. First, the log is now always consistent : crc = 7934C86C dll = K:\Oblivion\obse_1_2_416.dll hookBase = 00340000 loadLibraryAAddr = 7B8573D0 hook thread complete launching oblivion
Then, I got messages from the loader on the console and the same message in the obse.log. Things I didn't have before. Here's the messages : OBSE: initialize (version = 17.2 010201A0) oblivion root = K:\Oblivion\ plugin directory = K:\Oblivion\Data\OBSE\Plugins\ patched
But I can't launch the game with it. It always crash now. The crash isn't consistent if I do "sysctl kernel.randomize_va_space=1" before. Sometimes a dialog box, intitled "Microsoft Visual C++ Debug Library", with the following message :
"Debug Assertion Failed!
Program: K:\Oblivion\obse_loader.exe File: fclose.c Line: 47
Expression: (stream != NULL)
For information on how your program can cause an assertion failure, see the Visual C++ documentation on asserts.
(Press Retry to debug the application)"
Last thing, when I enable the kernel.randomize_va_space option, every crash brings a wine error with the following pattern : "wine: Unhandled page fault on read access to 0x0804a3b4 at address 0xf7fXX387 (thread 003e), starting debugger..." where XX is an hexadecimal value
http://bugs.winehq.org/show_bug.cgi?id=13915
--- Comment #27 from Eddahbi Karim Da.TemPLaR@gmail.com 2009-11-19 00:10:47 --- I meant wine-1.1.33. Sorry for the spam.
http://bugs.winehq.org/show_bug.cgi?id=13915
Ethan Baldridge baldridge.ethan@gmail.com changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |baldridge.ethan@gmail.com
--- Comment #28 from Ethan Baldridge baldridge.ethan@gmail.com 2009-11-21 22:30:31 --- OBSE has been working for me since wine 1.1.32. This is on Ubuntu 9.10 with the wine.budgetdedicated.com build for jaunty. Earlier today with 1.1.33 was the first time I saw OBSE crash when launching Oblivion. (Oblivion launched but one of the plugins [Put it in its Place] detected that OBSE wasn't running, popped up a little message and closed the game) Launching it a second time worked fine.
http://bugs.winehq.org/show_bug.cgi?id=13915
Myk Taylor myk002@yahoo.com changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |myk002@yahoo.com
--- Comment #29 from Myk Taylor myk002@yahoo.com 2009-11-30 15:03:38 --- OBSE seems to load fine for me now. OBSE 17 and OBSE 18b4 were both successfully tested. Gentoo Linux x86, 2.6.31-gentoo-r6 kernel, wine-1.1.33, GeForce GTX 285, nvidia-drivers-185.18.36. I've run Oblivion with OBSE successfully about 20 times without a single failure. Tested with Streamline, Gather Ye Rosebuds, and SuperHotKeys, among others.
http://bugs.winehq.org/show_bug.cgi?id=13915
Markus m.nast69@googlemail.com changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |m.nast69@googlemail.com
--- Comment #30 from Markus m.nast69@googlemail.com 2009-12-07 21:23:04 --- Oblivion with Obse runs fine under Wine 1.1.33 but in Version 1.1.34 it crashes at the Loadscreen. Testet under Ubuntu 9.10 Karmic 64 Bit.
http://bugs.winehq.org/show_bug.cgi?id=13915
Evan Goers megatog615@gmail.com changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |megatog615@gmail.com
--- Comment #31 from Evan Goers megatog615@gmail.com 2009-12-08 00:22:45 --- (In reply to comment #30)
Oblivion with Obse runs fine under Wine 1.1.33 but in Version 1.1.34 it crashes at the Loadscreen. Testet under Ubuntu 9.10 Karmic 64 Bit.
I still get a page fault in 1.1.33. It seems to launch oblivion but obse_loader.exe crashes.
http://bugs.winehq.org/show_bug.cgi?id=13915
--- Comment #32 from Myk Taylor myk002@yahoo.com 2009-12-08 01:19:56 --- How do your systems differ from mine (see comment #29)?
http://bugs.winehq.org/show_bug.cgi?id=13915
--- Comment #33 from Evan Goers megatog615@gmail.com 2009-12-08 01:37:12 --- (In reply to comment #32)
How do your systems differ from mine (see comment #29)?
I'm running Debian Testing/Unstable and Wine 1.1.33 from the lamaresh repos. x86-64, Linux 2.6.31.
http://bugs.winehq.org/show_bug.cgi?id=13915
--- Comment #34 from Myk Taylor myk002@yahoo.com 2009-12-08 10:23:05 --- (In reply to comment #33)
I'm running Debian Testing/Unstable and Wine 1.1.33 from the lamaresh repos. x86-64, Linux 2.6.31.
Graphics adapter? Driver version?
http://bugs.winehq.org/show_bug.cgi?id=13915
--- Comment #35 from Markus m.nast69@googlemail.com 2009-12-08 14:53:52 --- (In reply to comment #32)
How do your systems differ from mine (see comment #29)?
Ich tried it with Obse 17 on Ubuntu 9.10 64Bit, Linux x86 2.6.31-16-generic. Wine 1.1.33, Geforce 9800gtx+ with the 185.18.36. Drivers.
http://bugs.winehq.org/show_bug.cgi?id=13915
--- Comment #36 from Evan Goers megatog615@gmail.com 2009-12-08 17:11:03 --- (In reply to comment #34)
(In reply to comment #33)
I'm running Debian Testing/Unstable and Wine 1.1.33 from the lamaresh repos. x86-64, Linux 2.6.31.
Graphics adapter? Driver version?
NVIDIA Geforce 8800GTS, nvidia 190.42. I doubt this info is relevant to the problem though.
http://bugs.winehq.org/show_bug.cgi?id=13915
Rafael Hart zen.cat.nine@gmail.com changed:
What |Removed |Added ---------------------------------------------------------------------------- CC|zen.cat.nine@gmail.com |
http://bugs.winehq.org/show_bug.cgi?id=13915
--- Comment #37 from Eddahbi Karim Da.TemPLaR@gmail.com 2009-12-10 18:06:57 --- It seems to be a problem related to addressing so... Maybe sysctl values can change that. Like I said, changing some kernel adress randomization, like stated by someone before my interventions, does change the behaviour. It changes from "Don't start" to "Start but crash".
So, maybe a list of sysctl values, related to adressing, or the kernel configuration used would maybe allow to pinpoint the source of the problem correctly. Anyway, if that works, could you give us your game version and the content of "obse_loader.log", located in the game folder ?
http://bugs.winehq.org/show_bug.cgi?id=13915
--- Comment #38 from Evan Goers megatog615@gmail.com 2009-12-10 22:16:28 --- (In reply to comment #37)
It seems to be a problem related to addressing so... Maybe sysctl values can change that. Like I said, changing some kernel adress randomization, like stated by someone before my interventions, does change the behaviour. It changes from "Don't start" to "Start but crash".
So, maybe a list of sysctl values, related to adressing, or the kernel configuration used would maybe allow to pinpoint the source of the problem correctly. Anyway, if that works, could you give us your game version and the content of "obse_loader.log", located in the game folder ?
I'm using OBSE 0017b, Oblivion 1.2.0.416(Shivering Isles).
To add to the mystery, if you use OBMM to launch Oblivion, it actually launches obse_loader.exe, which in turn launches Oblivion.exe. It does *not* crash if you use OBMM to run Oblivion enhanced with OBSE.
http://bugs.winehq.org/show_bug.cgi?id=13915
Kelly Miller lightsolphoenix@gmail.com changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |lightsolphoenix@gmail.com
--- Comment #39 from Kelly Miller lightsolphoenix@gmail.com 2010-01-16 18:02:04 --- When I try to run it, I get this:
bash-4.0$ wine ./obse_loader.exe wine: Unhandled illegal instruction at address 0x68421e80 (thread 0035), starting debugger... Process::InstallHook: waiting for thread = WAIT_TIMEOUT Couldn't inject dll. terminating oblivion process bash-4.0$ wine: Unhandled page fault on read access to 0x0000002a at address 0x73228134 (thread 000b), starting debugger...
http://bugs.winehq.org/show_bug.cgi?id=13915
Miro Stoyanov mkstoyanov@hotmail.com changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |mkstoyanov@hotmail.com
--- Comment #40 from Miro Stoyanov mkstoyanov@hotmail.com 2010-01-19 17:29:12 --- I can confirm comment #28 From Ethan Baldridge:
I use 64-bit Ubuntu 9.10 Karmic kernel = 2.6.31-17-generic and using wine 1.2 from the official Ubuntu repos refused to work for me. When I used the Jaunty build from http://wine.budgetdedicated.com/ there was no problem.
I am currently using obse 17b with Toggleable Quantity Prompt mod (in conjunction with AF Leveling Mod which does not require obse). Some of the leveling aspects of the game seem to be deliberately designed to torture players (bad points for Bethesda) so I consider this bug to be very important as far as Oblivion is concerned.
http://bugs.winehq.org/show_bug.cgi?id=13915
--- Comment #41 from Claudio sick_soul@yahoo.it 2010-01-19 18:37:57 ---
(In reply to comment #40)
I am currently using obse 17b with Toggleable Quantity Prompt mod (in conjunction with AF Leveling Mod which does not require obse). Some of the leveling aspects of the game seem to be deliberately designed to torture players (bad points for Bethesda) so I consider this bug to be very important as far as Oblivion is concerned.
This might be a little bit OT, but I could work around the obvious game design mistakes of Bethesda without any need for OBSE.
I use the latest unofficial patch 3.2.0 + the OBMM (Omod installer) + Oscuro Oblivion Overhaul v 1.33 + Kobus' Character Advancement system v. 2.4.1
It makes the game great for me, without depending on OBSE, which I could never get to work with wine.
http://bugs.winehq.org/show_bug.cgi?id=13915
--- Comment #42 from Myk Taylor myk002@yahoo.com 2010-08-18 12:06:54 --- Created an attachment (id=30211) --> (http://bugs.winehq.org/attachment.cgi?id=30211) crashlog for wine-1.3.0
OBSE was working perfectly for me in previous versions of wine. But now with wine-1.3.0 I consistently get page faults. Like the original poster reports, Oblivion loads successfully after the "crash", but without OBSE. This is actually the first time that Oblivion has loaded for me after an obse_loader crash. In previous wine versions (before it started working consistently, back when it used to work randomly) Oblivion would not start if I got an initial crash.
http://bugs.winehq.org/show_bug.cgi?id=13915
--- Comment #43 from Myk Taylor myk002@yahoo.com 2010-08-20 11:51:34 --- It appears the the crash is happening in the thread created by
HANDLE thread = CreateRemoteThread(process, NULL, 0, (LPTHREAD_START_ROUTINE)hookBase, (void *)(hookBase + 5), 0, NULL);
in the DoInjectDLL function. Sometimes I get a page fault on a valid address, sometimes on NULL, and sometimes it works perfectly, which kinda indicates a race condition somewhere.
One of the following lines is going wonky:
HANDLE process = OpenProcess( PROCESS_CREATE_THREAD | PROCESS_QUERY_INFORMATION | PROCESS_VM_OPERATION | PROCESS_VM_WRITE | PROCESS_VM_READ, FALSE, info->dwProcessId);
UInt32 hookBase = (UInt32)VirtualAllocEx(process, NULL, 8192, MEM_COMMIT, PAGE_EXECUTE_READWRITE);
UInt32 loadLibraryAAddr = (UInt32)GetProcAddress(GetModuleHandle("kernel32.dll"), "LoadLibraryA");
WriteProcessMemory(process, (LPVOID)(hookBase + 5), dllPath, strlen(dllPath) + 1, &bytesWritten);
WriteProcessMemory(process, (LPVOID)(hookBase), hookCode, sizeof(hookCode), &bytesWritten);
HANDLE thread = CreateRemoteThread(process, NULL, 0, (LPTHREAD_START_ROUTINE)hookBase, (void *)(hookBase + 5), 0, NULL);
Of course, it could just be that this line is not actually created a suspended process: bool result = CreateProcess( procName, NULL, // no args NULL, // default process security NULL, // default thread security TRUE, // don't inherit handles CREATE_SUSPENDED, NULL, // no new environment NULL, // no new cwd &startupInfo, &procInfo) != 0;
which would invalidate the assumptions in DoInjectDLL...
http://bugs.winehq.org/show_bug.cgi?id=13915
Anastasius Focht focht@gmx.net changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |focht@gmx.net
--- Comment #44 from Anastasius Focht focht@gmx.net 2010-08-20 13:13:24 --- Hello,
could be anything ... looking at that snippet: make sure you switch address space randomization off for sure! If you are really sure that kernel32.dll gets the same base address in child process the loader creates, provide the following log in case of a crash :
$ WINEDEBUG=+tid,+seh,+loaddll,+module,+process,+relay wine ./loader_foo.exe
log.txt 2>&1
(make sure log.txt doesn't exist prior)
Injecting stuff has its limitations. You can't do everything at that point because the main thread hasn't run to process entry yet. Imports are fixed but process attach notifications are not yet sent at that point. They will get triggered by any injected threads that run _prior_ waking up the main thread that ought to call it.
Does your injected dll synchronize with the parent (loader) to wake up the initially suspended main thread? Be careful if your dll patches stuff from the game in its dllmain, especially dynamic data structures which might not be fully present yet/or are being modified in startup phase of game.
Regards
http://bugs.winehq.org/show_bug.cgi?id=13915
--- Comment #45 from Myk Taylor myk002@yahoo.com 2010-08-22 01:18:17 --- Created an attachment (id=30280) --> (http://bugs.winehq.org/attachment.cgi?id=30280) crash log with WINEDEBUG=+tid,+seh,+loaddll,+module,+process,+relay
requested log file (gzipped due to size). I hit ctrl-C after the crash to prevent Oblivion from loading anyway (sans OBSE) and cluttering up the log. no change in behavior when explicitly turning off address space randomization (tried both setarch i686 -R and setarch x86_64 -R). This isn't my code, but from reading the source (available at http://obse.silverlock.org/) I see that ResumeThread is called on the suspended process after the DLL is injected into the remote process' address space.
http://bugs.winehq.org/show_bug.cgi?id=13915
--- Comment #46 from Anastasius Focht focht@gmx.net 2010-08-22 05:04:58 --- Hello,
I extracted the relevant parts from your log:
--- snip --- 0009:trace:loaddll:load_builtin_dll Loaded L"KERNEL32.dll" at 0x7ed60000: builtin ... 0009:Call KERNEL32.CreateFileA(00422430 "C:\oblivion\obse_1_2_416.dll",80000000,00000001,00000000,00000003,00000080,00000000) ret=00403788 0009:Ret KERNEL32.CreateFileA() retval=00000040 ret=00403788 ... 0009:Call KERNEL32.CreateProcessA(00415834 "Oblivion.exe",00000000,00000000,00000000,00000001,00000004,00000000,00000000,0032fdb8,0032fcf4) ret=00402fa2 0009:trace:process:CreateProcessW app L"Oblivion.exe" cmdline (null) 0009:trace:process:open_exe_file looking for L"Oblivion.exe" 0009:trace:process:CreateProcessW starting L"Oblivion.exe" as Win32 binary (0x400000-0xbaf000) 001b:trace:module:load_builtin_callback loaded ntdll.dll 0x110158 0x7ef60000 ... 001b:trace:module:load_dll Found L"ntdll.dll" for L"ntdll.dll" at 0x7ef60000, count=2 001b:trace:module:load_builtin_callback loaded KERNEL32.dll 0x112628 0x7ed90000 001b:trace:loaddll:load_builtin_dll Loaded L"KERNEL32.dll" at 0x7ed90000: builtin 001b:Call KERNEL32.__wine_kernel_init() ret=7ef97f83 ... 001b:trace:loaddll:load_native_dll Loaded L"C:\oblivion\Oblivion.exe" at 0x400000: native 001b:trace:module:load_dll Loaded module L"C:\oblivion\Oblivion.exe" (native) at 0x400000 ... 0009:trace:process:CreateProcessW started process pid 001a tid 001b 0009:Ret KERNEL32.CreateProcessA() retval=00000001 ret=00402fa2 0009:Call KERNEL32.OpenProcess(0000043a,00000000,0000001a) ret=004024d0 0009:Ret KERNEL32.OpenProcess() retval=00000040 ret=004024d0 0009:Call KERNEL32.VirtualAllocEx(00000040,00000000,00002000,00001000,00000040) ret=004024f0 ... 0009:Call KERNEL32.WriteProcessMemory(00000040,00340005,00422430,0000001d,0032fc84) ret=00402556 0009:Ret KERNEL32.WriteProcessMemory() retval=00000001 ret=00402556 0009:Call KERNEL32.WriteProcessMemory(00000040,00340000,0032fc88,00000005,0032fc84) ret=00402578 0009:Ret KERNEL32.WriteProcessMemory() retval=00000001 ret=00402578 0009:Call KERNEL32.CreateRemoteThread(00000040,00000000,00000000,00340000,00340005,00000000,00000000) ret=00402589 0009:Ret KERNEL32.CreateRemoteThread() retval=00000050 ret=00402589 0009:Call KERNEL32.WaitForSingleObject(00000050,00007530) ret=004025a4 001c:trace:module:alloc_thread_tls thread 001c idx 0: 440/0 bytes from 0xbac000 to 0x126538 001c:Starting thread proc 0x340000 (arg=0x340005) 001c:trace:seh:raise_exception code=c0000005 flags=0 addr=0x7ed6cf50 ip=7ed6cf50 tid=001c 001c:trace:seh:raise_exception info[0]=00000000 001c:trace:seh:raise_exception info[1]=7ed6cf50 001c:trace:seh:raise_exception eax=00340000 ebx=7efe3ff4 ecx=8ccebec1 edx=ffffffff esi=7ffd4f10 edi=00340000 001c:trace:seh:raise_exception ebp=00efea78 esp=00efea6c cs=0023 ds=002b es=002b fs=0063 gs=006b flags=00010206 001c:trace:seh:call_stack_handlers calling handler at 0x7efce930 code=c0000005 flags=0 001c:Call KERNEL32.UnhandledExceptionFilter(00efe5b8) ret=7efce982 wine: Unhandled page fault on read access to 0x7ed6cf50 at address 0x7ed6cf50 (thread 001c), starting debugger... 001c:trace:seh:start_debugger Starting debugger "winedbg --auto 26 24" --- snip ---
It seems the kernel32 image load base is still different:
kernel32 base loader: 0x7ed60000 kernel32 base target: 0x7ed90000
The injected thread crashes at 0x7ed6cf50 which is below target kernel32 image load base. The high word matches the loader (parent) kernel32 image base so the patched jump trampoline 0x7ed6xxxx matches LoadLibraryA() - in loader address space!
To cancel out address space randomization problem, we compare the load addresses of kernel32.dll in all Wine processes:
0009 = initial process = loader
--- snip --- 0009:trace:module:load_builtin_callback loaded KERNEL32.dll 0x112628 0x7ed60000 ... 000b:trace:module:load_builtin_callback loaded KERNEL32.dll 0x112628 0x7ed90000 000b:trace:module:load_dll Loaded module L"C:\windows\system32\wineboot.exe" (builtin) at 0x7ef30000 ... 000d:trace:module:load_builtin_callback loaded KERNEL32.dll 0x112628 0x7ed90000 000d:trace:module:load_dll Loaded module L"C:\windows\system32\winemenubuilder.exe" (builtin) at 0x7ef30000 ... 000f:trace:module:load_builtin_callback loaded KERNEL32.dll 0x112628 0x7ed90000 000f:trace:module:load_dll Loaded module L"C:\windows\system32\services.exe" (builtin) at 0x7ef30000 ... 0012:trace:module:load_builtin_callback loaded KERNEL32.dll 0x112628 0x7ed90000 0012:trace:module:load_dll Loaded module L"C:\windows\system32\winedevice.exe" (builtin) at 0x7ef40000 ... 0019:trace:module:load_builtin_callback loaded KERNEL32.dll 0x112628 0x7ed90000 0019:trace:module:load_dll Loaded module L"C:\windows\system32\explorer.exe" (builtin) at 0x7ef30000 ... 001b:trace:module:load_builtin_callback loaded KERNEL32.dll 0x112628 0x7ed90000 001b:trace:module:load_dll Loaded module L"C:\oblivion\Oblivion.exe" (native) at 0x400000 --- snip ---
Interestingly only the _first_ process has a different kernel32.dll load base. All others match.
Can you try the following: start a "helper" process (cmd.exe, notepad.exe whatever) in background which keeps wineserver alive and then start the loader from different terminal.
If it still crashes please give another +relay log exactly as previously described. Make sure winedbg can do a backtrace run (in your relay log it starts but never reaches the point because you CTRL+C too early).
Regards
http://bugs.winehq.org/show_bug.cgi?id=13915
Myk Taylor myk002@yahoo.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Attachment #30280|0 |1 is obsolete| |
--- Comment #47 from Myk Taylor myk002@yahoo.com 2010-08-22 21:25:10 --- Created an attachment (id=30319) --> (http://bugs.winehq.org/attachment.cgi?id=30319) crash log with WINEDEBUG=+tid,+seh,+loaddll,+module,+process,+relay
Requested log file. I started cmd.exe in another shell, then loaded obse_loader.exe. The crash happened as usual. I left Oblivion to load this time, but it had not finished loading even after log.txt grew to about 38G in size, so I eventually ran wineserver -k. This is the first part of that log file, up to where the stack traces are.
http://bugs.winehq.org/show_bug.cgi?id=13915
--- Comment #48 from Anastasius Focht focht@gmx.net 2010-08-23 03:07:37 --- Hello,
--- quote --- Requested log file. I started cmd.exe in another shell, then loaded obse_loader.exe. The crash happened as usual. I left Oblivion to load this time, but it had not finished loading even after log.txt grew to about 38G in size, so I eventually ran wineserver -k. This is the first part of that log file, up to where the stack traces are. --- quote ---
It seems the kernel32.dll load base is still different hence the crash.
Loader:
--- snip --- 001b:trace:module:load_builtin_callback loaded KERNEL32.dll 0x112628 0x7ed60000 001b:trace:loaddll:load_native_dll Loaded L"C:\oblivion\obse_loader.exe" at 0x400000: native --- snip ---
vs. target:
--- snip --- 001d:trace:module:load_builtin_callback loaded KERNEL32.dll 0x112628 0x7ed90000 001d:trace:loaddll:load_native_dll Loaded L"C:\oblivion\Oblivion.exe" at 0x400000: native --- snip ---
Can you dump the process vm maps at the time of the crash and attach them (don't CTRL+C before)?
--- snip (bash) --- $ cat /proc/$(pidof -s 'obse_loader.exe')/maps >loader_mappings.txt
$ cat /proc/$(pidof -s 'Oblivion.exe')/maps >target_mappings.txt --- snip (bash) ---
If that doesn't work, manually get the pids of the corresponding processes and replace them as follows: /proc/your_pid_here/maps.
Regards
http://bugs.winehq.org/show_bug.cgi?id=13915
--- Comment #49 from Myk Taylor myk002@yahoo.com 2010-08-23 15:02:34 --- Created an attachment (id=30337) --> (http://bugs.winehq.org/attachment.cgi?id=30337) /proc/$(pidof -s 'obse_loader.exe')/maps
mappings file for obse_loader.exe
http://bugs.winehq.org/show_bug.cgi?id=13915
--- Comment #50 from Myk Taylor myk002@yahoo.com 2010-08-23 15:03:05 --- Created an attachment (id=30338) --> (http://bugs.winehq.org/attachment.cgi?id=30338) /proc/$(pidof -s 'Oblivion.exe')/maps
mappings file for Oblivion.exe
http://bugs.winehq.org/show_bug.cgi?id=13915
--- Comment #51 from Myk Taylor myk002@yahoo.com 2010-08-23 15:03:57 --- I just want to say, thank you very much for helping with this. This issue has irked me for years.
http://bugs.winehq.org/show_bug.cgi?id=13915
--- Comment #52 from Anastasius Focht focht@gmx.net 2010-08-23 16:30:47 --- Hello,
the target (game) has much fewer shared libraries loaded in its early stage as it was initially created suspended. In contrast: the loader is fully initialized and has lots of X dependencies at this point giving addresses spaces a different layout.
Looking at the corresponding kernel32 locations:
Loader:
--- snip --- 7eb28000-7eb48000 rw-p 00000000 00:00 0 7eb48000-7ed48000 r--p 00000000 08:06 416308 /usr/lib64/locale/locale-archive
7ed48000-7ed60000 r-xp 00000000 08:06 154429 /usr/lib32/wine/kernel32.dll.so
7ed60000-7ed61000 rw-p 00000000 00:00 0 7ed61000-7edcd000 r-xp 00019000 08:06 154429 /usr/lib32/wine/kernel32.dll.so 7edcd000-7edce000 r--p 00084000 08:06 154429 /usr/lib32/wine/kernel32.dll.so 7edce000-7edd6000 rw-p 00085000 08:06 154429 /usr/lib32/wine/kernel32.dll.so 7edd6000-7edd8000 rwxp 0008d000 08:06 154429 /usr/lib32/wine/kernel32.dll.so 7edd8000-7eebc000 rw-p 0008f000 08:06 154429 /usr/lib32/wine/kernel32.dll.so --- snip ---
vs. target:
--- snip --- 7eb74000-7eb76000 rw-p 00000000 00:00 0 7eb76000-7ed76000 r--p 00000000 08:06 416308 /usr/lib64/locale/locale-archive
7ed76000-7ed90000 r-xp 00000000 08:06 154429 /usr/lib32/wine/kernel32.dll.so
7ed90000-7ed91000 rw-p 00000000 00:00 0 7ed91000-7edfb000 r-xp 0001b000 08:06 154429 /usr/lib32/wine/kernel32.dll.so 7edfb000-7edfc000 r--p 00084000 08:06 154429 /usr/lib32/wine/kernel32.dll.so 7edfc000-7ee04000 rw-p 00085000 08:06 154429 /usr/lib32/wine/kernel32.dll.so 7ee04000-7ee06000 rwxp 0008d000 08:06 154429 /usr/lib32/wine/kernel32.dll.so 7ee06000-7eeea000 rw-p 0008f000 08:06 154429 /usr/lib32/wine/kernel32.dll.so --- snip ---
There is not much you can do. Moving "locale-archive" is most likely not possible as this is glibc internal (mmap'd) and not a standard ELF binary which could be relocated (using prelink etc).
Can't you just get rid of the GUI stuff that pulls in the multitude of shared X libs? Making loader a console app might possibly fix this, giving both address spaces a similar layout without having OS loader moving/relocating much stuff around.
Regards
http://bugs.winehq.org/show_bug.cgi?id=13915
--- Comment #53 from Anastasius Focht focht@gmx.net 2010-08-23 17:02:04 --- Hello,
well, if you don't want to change much you should use a more reliable method of getting kernel32 base/address of "LoadLibraryA" entry point. There exist a several methods - though some don't work in Wine (yet) ;-)
One approach is to use psapi' EnumProcessModules() for getting the module list (and load base addresses) in the remote process.
You could write a small helper function that uses the API and filters for kernel32 base. To get the address of the "LoadLibraryA" function entry point in remote process you just need to know the offset to the PE load base. Subtract the locally retrieved "LoadLibraryA" entry point address from local kernel32 base -> offset. Use that offset and the remote load base address to calculate the virtual address for "LoadLibraryA" in remote process.
Regards
http://bugs.winehq.org/show_bug.cgi?id=13915
--- Comment #54 from Alexandre Julliard julliard@winehq.org 2010-08-24 03:43:43 --- Actually the offset from the base address may not be the same in the other process, because the PE header needs to be aligned to a 64k boundary. You'd have to look up the RVA in the remote PE header manually.
http://bugs.winehq.org/show_bug.cgi?id=13915
--- Comment #55 from Anastasius Focht focht@gmx.net 2010-08-24 06:17:12 --- Hello,
--- quote --- Actually the offset from the base address may not be the same in the other process, because the PE header needs to be aligned to a 64k boundary. You'd have to look up the RVA in the remote PE header manually. --- quote ---
Sure, populating remote process PE headers would be completely safe ... Your scenario is more a corner case that applies to executables that are specially crafted by people that make an art of "optimizing" everything in headers (e.g. unusual load bases, section alignments) - unlikely to happen for Wine core libraries (unless someone messed with the build system, explicitly specifying preferred load bases).
I wanted to give him a "quick" solution without going through the hassle of parsing PE headers and section tables.
Anyway, do you agree this bug is a WONTFIX? Wine can't guarantee that core dlls (ntdll, kernel32, user32) will always get the same load base in all address spaces (with ASLR switched off).
Though I wonder if certain Windows core dlls still have an "immutable" load address (=preferred base). It was a requirement in various Windows versions to support all these brain damaged software that made certain assumptions about system dlls. If some executable's preferred image base overlaps with core dlls, the infamous "illegal system dll relocation" would appear and the OS loader refused to process further.
Regards
http://bugs.winehq.org/show_bug.cgi?id=13915
--- Comment #56 from Alexandre Julliard julliard@winehq.org 2010-08-24 06:33:42 --- (In reply to comment #55)
Sure, populating remote process PE headers would be completely safe ... Your scenario is more a corner case that applies to executables that are specially crafted by people that make an art of "optimizing" everything in headers (e.g. unusual load bases, section alignments) - unlikely to happen for Wine core libraries (unless someone messed with the build system, explicitly specifying preferred load bases).
No, it applies to all builtin libraries. The ELF header is loaded to 4k alignment by the system loader, but the PE header is 64k aligned, so the entry point offsets from the PE base will in general differ when the load address differs.
Anyway, do you agree this bug is a WONTFIX? Wine can't guarantee that core dlls (ntdll, kernel32, user32) will always get the same load base in all address spaces (with ASLR switched off).
In general it should work as long as prelink is found at compile time to set the base address, and as long as the OS doesn't force randomization despite prelink. But yes, there's nothing more we can do beyond that (though I guess we could print a nasty warning when prelink isn't found).
Though I wonder if certain Windows core dlls still have an "immutable" load address (=preferred base). It was a requirement in various Windows versions to support all these brain damaged software that made certain assumptions about system dlls.
That's certainly still true, and it's one of the reasons we set a fixed base address for kernel32. Some copy protection schemes explicitly check that kernel32 is within a certain range. And of course there are a million apps that assume that core function addresses are identical across processes.
http://bugs.winehq.org/show_bug.cgi?id=13915
--- Comment #57 from Myk Taylor myk002@yahoo.com 2010-08-24 10:15:51 --- I have engaged the original developer (Ian Patterson) regarding this issue and pointed him to Anastasius's comments. Here is what he had to say:
"I've tried EnumProcessModules (plus various other psapi calls), CreateToolhelp32Snapshot, plus just some basic stuff like querying the main thread's current eip, but none of them work. A process created with CREATE_SUSPENDED set is halted before DLLs are loaded, so there's no way of knowing where anything will end up unless the load address is guaranteed to be the same for every process (true for a few core DLLs including kernel32). http://www.nynaeve.net/?p=198 has some more details."
Do you have any tips for him?
http://bugs.winehq.org/show_bug.cgi?id=13915
--- Comment #58 from Myk Taylor myk002@yahoo.com 2010-08-24 19:28:48 --- (In reply to comment #56)
In general it should work as long as prelink is found at compile time to set the base address, and as long as the OS doesn't force randomization despite prelink.
<snip>
That's certainly still true, and it's one of the reasons we set a fixed base address for kernel32.
on my system, prelink is installed, and I have set kernel.randomize_va_space = 0 in /etc/sysctl.conf, yet it still seems /usr/lib32/wine/kernel32.dll.so is loaded at a different address in the two processes. While I pursue a better solution, What else should I do to ensure that it works?
http://bugs.winehq.org/show_bug.cgi?id=13915
paulo i30817@gmail.com changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |i30817@gmail.com
--- Comment #59 from paulo i30817@gmail.com 2010-08-30 13:18:02 CDT --- Morrowind script extender is also not working.
By not working i mean, it loads of fine, and thinks it is attached. However the scripts that need MWSE behave very erroneously, and invariably crash/hang. The keyring mod duplicates the inventory keyring whenever you reload a savegame. The fleeing fletchers mod hangs the game when you cast a spell The alchemy storage helper mod places duplicate bags whenever you are looking at. etc, basically no mod using MWSE works.
http://bugs.winehq.org/show_bug.cgi?id=13915
--- Comment #60 from Myk Taylor myk002@yahoo.com 2010-09-07 20:54:17 CDT --- was work done on this in 1.3.2? it is working for me now on both my amd64 machine and my x86 machine. Of course, it has randomly worked for me in the past with certain combinations of wine version and gcc version...
http://bugs.winehq.org/show_bug.cgi?id=13915
--- Comment #61 from paulo i30817@gmail.com 2010-09-11 02:34:10 CDT --- I can confirm that MWSE also appears to be fixed in wine 1.3.2
http://bugs.winehq.org/show_bug.cgi?id=13915
--- Comment #62 from paulo i30817@gmail.com 2010-09-19 02:05:30 CDT --- Sorry for the spam, but the info i gave above is wrong, actually MWSE is not working. The symptoms just changed (eventual freeze in keyring, other things in other mods). I have a intel x86-64 if it is relevant.
http://bugs.winehq.org/show_bug.cgi?id=13915
Macarthur 133794m3r@gmail.com changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |133794m3r@gmail.com
--- Comment #63 from Macarthur 133794m3r@gmail.com 2010-10-21 06:48:28 CDT --- still there in the latest wine unstable. I believe that my other bug is the same thing as this one so i guess it's going to have to be merged with it. There's no need to upload the backtrace since i believe it's the same thing as what everyone else has said with a few minor changes ie the first line.
http://bugs.winehq.org/show_bug.cgi?id=13915
--- Comment #64 from Juan Lang juan_lang@yahoo.com 2010-10-21 11:19:13 CDT --- *** Bug 24839 has been marked as a duplicate of this bug. ***
http://bugs.winehq.org/show_bug.cgi?id=13915
MassteR matrixsmaster@yandex.ru changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |matrixsmaster@yandex.ru
--- Comment #65 from MassteR matrixsmaster@yandex.ru 2010-11-02 04:59:04 CDT --- Looks like resolved in stable WINE (1.2.1). obse_loader.exe starts normally without any workaround.
http://bugs.winehq.org/show_bug.cgi?id=13915
--- Comment #66 from madx winehq.org_a010b4ec298e6d00@madx.org 2012-01-17 03:18:30 CST --- OBSE works perfectly fine for me, I even finished the game with it Tested on wine 1.3.34-37, OBSE v0020, Oblivion 1.2.0416
http://bugs.winehq.org/show_bug.cgi?id=13915
Anastasius Focht focht@gmx.net changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|REOPENED |RESOLVED Resolution| |FIXED Summary|Oblivon Script Extender |Oblivon Script Extender |(OBSE) fails to start |(OBSE) fails to start |("privileged instruction") |(needs address space layout | |randomization (ASLR) | |disabled and prelink | |enabled)
--- Comment #67 from Anastasius Focht focht@gmx.net 2012-01-17 09:33:30 CST --- Hello,
reported working twice.
With address space layout randomization (ASLR) disabled and prelink enabled it should work in general. There might be rare cases where non-Wine shared libraries might already occupy virtual address space locations that ought the be reserved for Wine shared libs, forcing them to relocate. There is nothing more Wine can do.
Regards
http://bugs.winehq.org/show_bug.cgi?id=13915
Alexandre Julliard julliard@winehq.org changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |CLOSED
--- Comment #68 from Alexandre Julliard julliard@winehq.org 2012-01-27 14:18:09 CST --- Closing bugs fixed in 1.4-rc1.
http://bugs.winehq.org/show_bug.cgi?id=13915
Anastasius Focht focht@gmx.net changed:
What |Removed |Added ---------------------------------------------------------------------------- Keywords| |obfuscation
-
wine-bugs@winehq.org