[Bug 37488] New: Quicken 2014 - NtAreMappedFilesTheSame fails to compare builtin dlls with stub dlls
https://bugs.winehq.org/show_bug.cgi?id=37488
Bug ID: 37488 Summary: Quicken 2014 - NtAreMappedFilesTheSame fails to compare builtin dlls with stub dlls Product: Wine Version: 1.7.30 Hardware: x86 OS: Linux Status: UNCONFIRMED Severity: normal Priority: P2 Component: ntdll Assignee: wine-bugs@winehq.org Reporter: michael@fds-team.de Distribution: ---
Created attachment 49879 --> https://bugs.winehq.org/attachment.cgi?id=49879 test program
Hi,
Quicken 2014 loads the stub ntdll from C:\Windows\System32 as file mapping and tries to compare it with all loaded file mappings using NtAreMappedFilesTheSame. Wine does not support comparing a mapped stub dll with the loaded dll, so that the function returns STATUS_NOT_SAME_DEVICE every time, causing Quicken 2014 to enter an endless loop.
Since this issue is currently blocked by bug 37487 and bug 37449, I wrote a small C snippet which can be compiled with mingw that demonstrates the issue. On Windows the program prints "Same file!" while on Wine it prints "Different file!".
Regards, Michael
https://bugs.winehq.org/show_bug.cgi?id=37488
Michael Müller michael@fds-team.de changed:
What |Removed |Added ---------------------------------------------------------------------------- URL| |http://www.chip.de/download | |s/Quicken-2014-Vollversion_ | |68671713.html CC| |focht@gmx.net, | |sebastian@fds-team.de Depends on| |37487, 37449
https://bugs.winehq.org/show_bug.cgi?id=37488
Austin English austinenglish@gmail.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Keywords| |download, testcase
https://bugs.winehq.org/show_bug.cgi?id=37488
--- Comment #1 from Sebastian Lackner sebastian@fds-team.de --- After working around that issue the next one is bug 23999 (missing implementation for MemorySectionName info class).
https://bugs.winehq.org/show_bug.cgi?id=37488 Bug 37488 depends on bug 37449, which changed state.
Bug 37449 Summary: Lexware Quicken 2014 Deluxe reports error 0x0000054f on startup (Promon Shield DRM needs RtlDecompressBuffer with COMPRESSION_FORMAT_LZNT1 support) https://bugs.winehq.org/show_bug.cgi?id=37449
What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution|--- |FIXED
https://bugs.winehq.org/show_bug.cgi?id=37488
Qian Hong fracting@gmail.com changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |fracting@gmail.com
https://bugs.winehq.org/show_bug.cgi?id=37488
Nikolay Sivov bunglehead@gmail.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|UNCONFIRMED |NEW Ever confirmed|0 |1
--- Comment #2 from Nikolay Sivov bunglehead@gmail.com --- With current wine I believe build dir ntdll.dll should match what's in prefix, however check still fails with different error STATUS_NOT_MAPPED_VIEW. That's for first argument, so loaded module handle returned by GetModuleHandle("ntdll.dll") does not pass server side check for being a mapped view.
https://bugs.winehq.org/show_bug.cgi?id=37488
Anastasius Focht focht@gmx.net changed:
What |Removed |Added ---------------------------------------------------------------------------- Summary|Quicken 2014 - |Quicken 2014 reports error |NtAreMappedFilesTheSame |0x0000054f on startup |fails to compare builtin |(NtAreMappedFilesTheSame |dlls with stub dlls |fails to compare in-memory | |loader view of builtin dlls | |with mapped disk image) Keywords| |obfuscation URL|http://www.chip.de/download |https://web.archive.org/web |s/Quicken-2014-Vollversion_ |/20210212084041/https://dlg |68671713.html |bit.winfuture.de/djQ7tSh5Sd | |rBWqwLnqKALg/1613162398/317 | |2/software/Quicken/Quicken_ | |2014tb.exe
--- Comment #3 from Anastasius Focht focht@gmx.net --- Hello folks,
confirming, still present.
I've adjusted the summary to account for:
* error code displayed in error message box (end users) * Wine builtin core dlls are no longer on-disk stub modules since PE conversion: - ntdll.dll -> Wine 5.12 - user32.dll -> Wine 5.18 - kernel32.dll -> Wine 5.19
Quicken 2014 installer prerequisites:
* 'winetricks -q msxml3' * 'winetricks -q dotnet40' (optional, for later bugs)
Trace log:
--- snip --- $ pwd /home/focht/.wine/drive_c/Program Files (x86)/Lexware/Quicken/2014
$ WINEDEBUG=+seh,+relay,+ntdll,+server wine ./QwStart.exe >>log.txt 2>&1 ... 0024:Call ntdll.NtQueryVirtualMemory(ffffffff,7bc00000,00000002,01400920,0000004c,0031f604) ret=006cbe70 0024: get_mapping_filename( process=ffffffff, addr=7bc00000 ) 0024: get_mapping_filename() = 0 { len=66, filename=L"\??\C:\windows\system32\ntdll.dll" } 0024:Ret ntdll.NtQueryVirtualMemory() retval=00000000 ret=006cbe70 0024:Call ntdll.RtlInitUnicodeString(0031f660,014008b0 L"\??\C:\windows\system32\ntdll.dll") ret=006c5669 0024:Ret ntdll.RtlInitUnicodeString() retval=00000044 ret=006c5669 0024:Call ntdll.NtCreateFile(0031f650,80100000,0031f670,0031f668,00000000,00000000,00000005,00000001,00000060,00000000,00000000) ret=006c56b1 0024: create_file( access=80100000, sharing=00000005, create=1, options=00000060, attrs=00000000, objattr={rootdir=0000,attributes=00000040,sd={},name=L"\??\C:\windows\syswow64\ntdll.dll"}, filename="/home/focht/.wine/dosdevices/c:/windows/syswow64/ntdll.dll" ) 0024: create_file() = 0 { handle=00a4 } 0024:Ret ntdll.NtCreateFile() retval=00000000 ret=006c56b1 0024:Call ntdll.NtCreateSection(0031f654,000f0005,00000000,00000000,00000008,08000000,000000a4) ret=006c56d2 0024: create_mapping( access=000f0005, flags=08000000, file_access=00000001, size=00000000, file_handle=00a4, objattr={} ) 0024: create_mapping() = 0 { handle=00a8 } 0024:Ret ntdll.NtCreateSection() retval=00000000 ret=006c56d2 0024:Call ntdll.NtClose(000000a4) ret=006c56e0 0024: close_handle( handle=00a4 ) 0024: close_handle() = 0 0024:Ret ntdll.NtClose() retval=00000000 ret=006c56e0 0024:Call ntdll.NtMapViewOfSection(000000a8,ffffffff,0031f64c,00000000,00000000,00000000,0031f658,00000002,00000000,00000008) ret=006c570a 0024: get_mapping_info( handle=00a8, access=00000004 ) 0024: get_mapping_info() = 0 { size=00082000, flags=00800000, shared_file=0000, image={} } 0024: get_handle_fd( handle=00a8 ) 0024: *fd* 00a8 -> 245 0024: get_handle_fd() = 0 { type=1, cacheable=1, access=000f0005, options=00000020 } 0024: map_view( mapping=00a8, access=00000004, base=01420000, size=00082000, start=00000000, image={} ) 0024: map_view() = 0 0024:Ret ntdll.NtMapViewOfSection() retval=00000000 ret=006c570a 0024:Call ntdll.NtClose(000000a8) ret=006c5712 0024: close_handle( handle=00a8 ) 0024: close_handle() = 0 0024:Ret ntdll.NtClose() retval=00000000 ret=006c5712 0024:Call ntdll.NtAreMappedFilesTheSame(7bc00000,01420000) ret=006c5723 0024: is_same_mapping( base1=7bc00000, base2=01420000 ) 0024: is_same_mapping() = NOT_SAME_DEVICE 0024:Ret ntdll.NtAreMappedFilesTheSame() retval=c00000d4 ret=006c5723 0024:Call ntdll.NtUnmapViewOfSection(ffffffff,01420000) ret=006c5733 0024: unmap_view( base=01420000 ) 0024: unmap_view() = 0 0024:Ret ntdll.NtUnmapViewOfSection() retval=00000000 ret=006c5733 0024:trace:seh:dispatch_exception code=c0000005 flags=0 addr=006C6CC6 ip=006c6cc6 tid=0024 0024:trace:seh:dispatch_exception info[0]=00000000 0024:trace:seh:dispatch_exception info[1]=01420000 0024:warn:seh:dispatch_exception EXCEPTION_ACCESS_VIOLATION exception (code=c0000005) raised 0024:trace:seh:dispatch_exception eax=00000000 ebx=00000007 ecx=01420000 edx=00005a4d esi=00000000 edi=7bc00000 0024:trace:seh:dispatch_exception ebp=0031f674 esp=0031f64c cs=0023 ds=002b es=002b fs=0063 gs=006b flags=00010206 0024:trace:seh:call_vectored_handlers calling handler at 7B00F5D0 code=c0000005 flags=0 0024:trace:seh:call_vectored_handlers handler at 7B00F5D0 returned 0 0024:trace:seh:call_stack_handlers calling handler at 006CDB44 code=c0000005 flags=0 ... 0024:Call user32.MessageBoxA(00010056,0031f878 "Quicken 2014 konnte nicht gestartet werden! (Fehler: 0x0000054f)",00402218 "Quicken 2014",00000010) ret=00401483 --- snip ---
Server side:
--- snip --- 0024: is_same_mapping( base1=7bc00000, base2=01420000 ) 0024: is_same_mapping() = NOT_SAME_DEVICE --- snip ---
Stable download links via Internet Archive:
Quicken 2014 Deluxe:
https://web.archive.org/web/20210212084041/https://dlgbit.winfuture.de/djQ7t...
$ sha1sum Quicken_2014tb.exe d2374d907e2ee568f1f93dba48afd602723dcad6f Quicken_2014tb.exe
$ du -sh Quicken_2014tb.exe 319M Quicken_2014tb.exe
$ wine --version wine-6.1-315-gb922b5aeef1
Regards
https://bugs.winehq.org/show_bug.cgi?id=37488
--- Comment #4 from Nikolay Sivov bunglehead@gmail.com --- Test program works for me now, bisect points to 24a5a101426e16aa3f9ab9981af67c2edc72adcf.
https://bugs.winehq.org/show_bug.cgi?id=37488
Anastasius Focht focht@gmx.net changed:
What |Removed |Added ---------------------------------------------------------------------------- Resolution|--- |FIXED Status|NEW |RESOLVED Fixed by SHA1| |24a5a101426e16aa3f9ab9981af | |67c2edc72adcf
--- Comment #5 from Anastasius Focht focht@gmx.net --- Hello Nikolay,
thanks for the test, marking fixed then.
https://source.winehq.org/git/wine.git/commitdiff/24a5a101426e16aa3f9ab9981a... ("ntdll: Replace image mapping by the builtin module directly in NtMapViewOfSection().")
Thanks Alexandre.
I might recheck some continuation bugs later with Wine 6.5 release which hopefully fixed the remaining regressions. Even WINEPREFIX creation is currently broken.
$ wine --version wine-6.4-361-g34652f37e44
Regards
https://bugs.winehq.org/show_bug.cgi?id=37488
Alexandre Julliard julliard@winehq.org changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |CLOSED
--- Comment #6 from Alexandre Julliard julliard@winehq.org --- Closing bugs fixed in 6.5.
https://bugs.winehq.org/show_bug.cgi?id=37488
--- Comment #7 from Anastasius Focht focht@gmx.net --- Hello folks,
unfortunately Quicken 2014 was not fixed in Wine 6.5. The test app doesn't fully resemble what the protection scheme does (using native API):
--- snip --- ... 0024:Call ntdll.NtQueryVirtualMemory(ffffffff,7bc00000,00000002,01420920,0000004c,0033f604) ret=006fbe70 0024: get_mapping_filename( process=ffffffff, addr=7bc00000 ) 0024: get_mapping_filename() = 0 { len=66, filename=L"\??\C:\windows\system32\ntdll.dll" } 0024:Ret ntdll.NtQueryVirtualMemory() retval=00000000 ret=006fbe70 0024:Call ntdll.RtlInitUnicodeString(0033f660,014208b0 L"\??\C:\windows\system32\ntdll.dll") ret=006f5669 0024:Ret ntdll.RtlInitUnicodeString() retval=00000044 ret=006f5669 0024:Call ntdll.NtCreateFile(0033f650,80100000,0033f670,0033f668,00000000,00000000,00000005,00000001,00000060,00000000,00000000) ret=006f56b1 0024: create_file( access=80100000, sharing=00000005, create=1, options=00000060, attrs=00000000, objattr={rootdir=0000,attributes=00000040,sd={},name=L"\??\C:\windows\syswow64\ntdll.dll"}, filename="/home/focht/.wine/dosdevices/c:/windows/syswow64/ntdll.dll" ) 0024: create_file() = 0 { handle=0094 } 0024:Ret ntdll.NtCreateFile() retval=00000000 ret=006f56b1 0024:Call ntdll.NtCreateSection(0033f654,000f0005,00000000,00000000,00000008,08000000,00000094) ret=006f56d2 0024: create_mapping( access=000f0005, flags=08000000, file_access=00000001, size=00000000, file_handle=0094, objattr={} ) 0024: create_mapping() = 0 { handle=0098 } 0024:Ret ntdll.NtCreateSection() retval=00000000 ret=006f56d2 0024:Call ntdll.NtClose(00000094) ret=006f56e0 0024: close_handle( handle=0094 ) 0024: close_handle() = 0 0024:Ret ntdll.NtClose() retval=00000000 ret=006f56e0 0024:Call ntdll.NtMapViewOfSection(00000098,ffffffff,0033f64c,00000000,00000000,00000000,0033f658,00000002,00000000,00000008) ret=006f570a 0024: get_mapping_info( handle=0098, access=00000004 ) 0024: get_mapping_info() = 0 { size=0007e000, flags=00800000, shared_file=0000, total=0, image={}, name=L"" } 0024: get_handle_fd( handle=0098 ) 0024: *fd* 0098 -> 245 0024: get_handle_fd() = 0 { type=1, cacheable=1, access=000f0005, options=00000020 } 0024: map_view( mapping=0098, access=00000004, base=01440000, size=0007e000, start=00000000, image={}, name=L"" ) 0024: map_view() = 0 0024:Ret ntdll.NtMapViewOfSection() retval=00000000 ret=006f570a 0024:Call ntdll.NtClose(00000098) ret=006f5712 0024: close_handle( handle=0098 ) 0024: close_handle() = 0 0024:Ret ntdll.NtClose() retval=00000000 ret=006f5712 0024:Call ntdll.NtAreMappedFilesTheSame(7bc00000,01440000) ret=006f5723 0024: is_same_mapping( base1=7bc00000, base2=01440000 ) 0024: is_same_mapping() = NOT_SAME_DEVICE 0024:Ret ntdll.NtAreMappedFilesTheSame() retval=c00000d4 ret=006f5723 0024:Call ntdll.NtUnmapViewOfSection(ffffffff,01440000) ret=006f5733 0024: unmap_view( base=01440000 ) 0024: unmap_view() = 0 0024:Ret ntdll.NtUnmapViewOfSection() retval=00000000 ret=006f5733 0024:trace:seh:dispatch_exception code=c0000005 flags=0 addr=006F6CC6 ip=006f6cc6 tid=0024 0024:trace:seh:dispatch_exception info[0]=00000000 0024:trace:seh:dispatch_exception info[1]=01440000 0024:warn:seh:dispatch_exception EXCEPTION_ACCESS_VIOLATION exception (code=c0000005) raised --- snip ---
The section is created with SEC_COMMIT allocation attributes hence the server-side check which looks for SEC_IMAGE will always fail.
Wine source:
https://source.winehq.org/git/wine.git/blob/71d41b37a1917cdf20cdb171dc73c20d...
--- snip --- 1270 /* check if two memory maps are for the same file */ 1271 DECL_HANDLER(is_same_mapping) 1272 { 1273 struct memory_view *view1 = find_mapped_view( current->process, req->base1 ); 1274 struct memory_view *view2 = find_mapped_view( current->process, req->base2 ); 1275 1276 if (!view1 || !view2) return; 1277 if (!view1->fd || !view2->fd || 1278 !(view1->flags & SEC_IMAGE) || !(view2->flags & SEC_IMAGE) || 1279 !is_same_file_fd( view1->fd, view2->fd )) 1280 set_error( STATUS_NOT_SAME_DEVICE ); 1281 } --- snip ---
$ wine --version wine-6.5
Regards
-
wine-bugs@winehq.org -
WineHQ Bugzilla