wine users - May 2010 - __wine_spec_relay_entry_points - need more info please

Hi, Wine experts.
The program I'm trying to run in Wine crashes with SIGSEGV in the
__wine_spec_relay_entry_points. Here is disassembled code that I got from gdb

Code:

Dump of assembler code for function __wine_spec_relay_entry_points:
   0x68d97bbd <+0>:     nop
   0x68d97bbe <+1>:     xchg   %ax,%ax
   0x68d97bc0 <+3>:     push   %esp
   0x68d97bc1 <+4>:     push   $0x30000
   0x68d97bc6 <+9>:     call   0x68d98790
<__wine_spec_get_pc_thunk_eax>
   0x68d97bcb <+14>:    lea    0x17845(%eax),%eax
   0x68d97bd1 <+20>:    push   %eax
   0x68d97bd2 <+21>:    call   *0x4(%eax)
   0x68d97bd5 <+24>:    ret    $0xc
   0x68d97bd8 <+27>:    push   %esp
   0x68d97bd9 <+28>:    push   $0x30001
   0x68d97bde <+33>:    call   0x68d98790
<__wine_spec_get_pc_thunk_eax>
   0x68d97be3 <+38>:    lea    0x1782d(%eax),%eax
   0x68d97be9 <+44>:    push   %eax
   0x68d97bea <+45>:    call   *0x4(%eax)
   0x68d97bed <+48>:    ret    $0xc
   0x68d97bf0 <+51>:    push   %esp
   0x68d97bf1 <+52>:    push   $0x10002
   0x68d97bf6 <+57>:    call   0x68d98790
<__wine_spec_get_pc_thunk_eax>
   0x68d97bfb <+62>:    lea    0x17815(%eax),%eax
   0x68d97c01 <+68>:    push   %eax
   0x68d97c02 <+69>:    call   *0x4(%eax)
   0x68d97c05 <+72>:    ret    $0x4
   0x68d97c08 <+75>:    mov    %edi,%edi
   0x68d97c0a <+77>:    push   %ebp
   0x68d97c0b <+78>:    mov    %esp,%ebp
   0x68d97c0d <+80>:    add    %ch,%al
   0x68d97c0f <+82>:    jge    0x68d97c1c
<__wine_spec_relay_entry_points+95>
   0x68d97c11 <+84>:    add    %al,(%eax)
   0x68d97c13 <+86>:    lea    0x177fd(%eax),%eax
   0x68d97c19 <+92>:    push   %eax
   0x68d97c1a <+93>:    call   *0x4(%eax)
   0x68d97c1d <+96>:    ret    $0xc
   0x68d97c20 <+99>:    push   %esp
   0x68d97c21 <+100>:   push   $0x30004
   0x68d97c26 <+105>:   call   0x68d98790
<__wine_spec_get_pc_thunk_eax>
   0x68d97c2b <+110>:   lea    0x177e5(%eax),%eax
   0x68d97c31 <+116>:   push   %eax
   0x68d97c32 <+117>:   call   *0x4(%eax)
   0x68d97c35 <+120>:   ret    $0xc
...............................................................................
   0x68d985f5 <+2616>:  lea    0x0(%esi),%esi
   0x68d985f8 <+2619>:  push   %esp
   0x68d985f9 <+2620>:  push   $0x20096
   0x68d985fe <+2625>:  call   0x68d98790
<__wine_spec_get_pc_thunk_eax>
   0x68d98603 <+2630>:  lea    0x16e0d(%eax),%eax
   0x68d98609 <+2636>:  push   %eax
   0x68d9860a <+2637>:  call   *0x4(%eax)
   0x68d9860d <+2640>:  ret    $0x8
End of assembler dump.



Look at the part 0x68d97c08 <+75>-0x68d97c1d <+96> - it is different
from all others which look the same. My program crashes here 0x68d97c1a
<+93>:    call   *0x4(%eax) because memory at this address couldn't be
read.
So, I have several questions.
1. What is the place where this code is generated? When DLL is loading into the
address space?
2. Is the part I mentioned above broken? And how could it be generated like
this?
All that I found is the code in output_relay_debug in
/wine-1.1.43/tools/winebuild/spec32.c. Is this the source of the generated
assembler code? But I didn't see "broken" code here

Thanks for your help.

DieselMachine wrote:
> Hi, Wine experts.
> The program I'm trying to run in Wine crashes with SIGSEGV in the
__wine_spec_relay_entry_points. Here is disassembled code that I got from gdb
>
>   
[Disassembled code removed]
> Look at the part 0x68d97c08 <+75>-0x68d97c1d <+96> - it is
different from all others which look the same. My program crashes here
0x68d97c1a <+93>:    call   *0x4(%eax) because memory at this address
couldn't be read.
> So, I have several questions.
> 1. What is the place where this code is generated? When DLL is loading into
the address space?
>   
Look for the call in the code.
> 2. Is the part I mentioned above broken? And how could it be generated like
this?
>   
No the code is not 'broken'.  You are trying to write into space not 
owned by you.  Now that is a bug.
> All that I found is the code in output_relay_debug in
/wine-1.1.43/tools/winebuild/spec32.c. Is this the source of the generated
assembler code? But I didn't see "broken" code here
>   
Try using wine-1.1.44 and advise if the problem is fixed or not.

BTW, what program are you trying to run?

James McKenzie

Thanks for the response.

I think that memory at 0x68d97c08-0x68d97c0f was corrupted by someone because
<__wine_spec_relay_entry_points+95> is not a valid assembler instruction
but there is a jump to it

Code:

0x68d97c0f <+82>:    jge    0x68d97c1c
<__wine_spec_relay_entry_points+95>




Is there a way I can get log or debug everything that happens with memory
related to __wine_spec_relay_entry_points after it has been loaded?

I'm trying to run Lineage 2 Gracia Epilogue at one of the private servers.
http://appdb.winehq.org/objectManager.php?sClass=version&iId=18866.
Wine 1.1.44 packages are not ready (no updates for me). I'll try as soon as
they will be available

And one more question. Why is breakpoint into __wine_spec_relay_entry_points
sets to the different location from the current execution?

Code:

(gdb) bt
#0  0x68df5c08 in __wine_spec_relay_entry_points () from
/usr/bin/../lib/wine/ws2_32.dll.so
#1  0x00c08aa1 in ?? ()
#2  0x00cb47d6 in ?? ()
#3  0x203cd97a in ?? ()
#4  0x05e80001 in ?? ()
Backtrace stopped: previous frame inner to this frame (corrupt stack?)
(gdb) break __wine_spec_relay_entry_points
Breakpoint 15 at 0x21b32e70
(gdb) info break
Num     Type           Disp Enb Address    What
7       breakpoint     keep y   0x7b870897 in VirtualProtect at virtual.c:215
        breakpoint already hit 4 times
15      breakpoint     keep y   0x21b32e70
<__wine_spec_relay_entry_points>

Thanks for you help.

I've found that __wine_spec_relay_entry_points from ws2_32.dll loads
uncorrupted and then becomes corrupted. I'll debug further to see what's
happened.

I think this thread is closed