[Bug 56286] New: Evil Under the Sun: game crashes when starting a new game (regression)
https://bugs.winehq.org/show_bug.cgi?id=56286 Bug ID: 56286 Summary: Evil Under the Sun: game crashes when starting a new game (regression) Product: Wine Version: 9.1 Hardware: x86-64 OS: Linux Status: UNCONFIRMED Severity: normal Priority: P2 Component: ntdll Assignee: wine-bugs(a)winehq.org Reporter: memax(a)gmx.fr CC: pgofman(a)codeweavers.com Regression SHA1: 354a8bb1f4a65bdec052606f2799db9e2907b5b1 Distribution: Ubuntu Created attachment 76008 --> https://bugs.winehq.org/attachment.cgi?id=76008 Terminal output after crash Game: Agatha Christie: Evil Under the Sun OS: Ubuntu 22.04.3 LTS 64bit Wine: wine-9.1 WINEARCH=win32 Clean prefix Description: The game crashes systematically when you start a new game. According to AppDB, the game was rated platinum with older versions of Wine. So I ran a regression test: 354a8bb1f4a65bdec052606f2799db9e2907b5b1 is the first bad commit commit 354a8bb1f4a65bdec052606f2799db9e2907b5b1 Author: Paul Gofman <pgofman(a)codeweavers.com> Date: Thu May 11 21:53:02 2023 -0600 ntdll: Better match Windows subheap sizes. dlls/kernel32/tests/heap.c | 8 ++------ dlls/ntdll/heap.c | 13 +++++++++---- 2 files changed, 11 insertions(+), 10 deletions(-) -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=56286 imaxm <memax(a)gmx.fr> changed: What |Removed |Added ---------------------------------------------------------------------------- Keywords| |regression -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=56286 --- Comment #1 from Paul Gofman <pgofman(a)codeweavers.com> --- Can you please specify the following: - is it reproducible with Steam version of the game? Or which is the exact game where it is reproducible? - how exactly one can reproduce it? I started that from Steam and clicked 'Play', and it went for lengthy cutscene, was it supposed to crash already or what is needed to reproduce? - why WINEARCH=win32 is there? is it reproducible with default upstream Wine without options? - if it is easy to check, it is interesting if the problem is reproducible with Wine-Staging. More likely the problem is out of bound read memory access which was luckier with bigger subheap sizes (and, just e. g., it can happen that different memory layout on Windows and some Wine Staging patches avoids the problem there). In any case, I'd look at the game to see if there is no other apparent bug but I need a way to reproduce the issue for that. -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=56286 --- Comment #2 from imaxm <memax(a)gmx.fr> --- (In reply to Paul Gofman from comment #1)
Can you please specify the following:
- is it reproducible with Steam version of the game? Or which is the exact game where it is reproducible? - how exactly one can reproduce it? I started that from Steam and clicked 'Play', and it went for lengthy cutscene, was it supposed to crash already or what is needed to reproduce? - why WINEARCH=win32 is there? is it reproducible with default upstream Wine without options? - if it is easy to check, it is interesting if the problem is reproducible with Wine-Staging.
More likely the problem is out of bound read memory access which was luckier with bigger subheap sizes (and, just e. g., it can happen that different memory layout on Windows and some Wine Staging patches avoids the problem there). In any case, I'd look at the game to see if there is no other apparent bug but I need a way to reproduce the issue for that.
- I don't have the Steam version, so I can't check whether the problem also affects it. I have the French version of the game on DVD: "Agatha Christie : Meurtre au soleil" also known as "Les Vacances d'Hercule Poirot" (developed by AWE Games and published in 2007 by The Adventure Company). sha256 checksum of the game exe: 1ebac8566caa4a121ac190bf7d99aeb07f93956e76f3af8b711e43e335531bca euts.exe Note that the crash does not affect the game's demo in English. So perhaps this only affects the French version? - The crash occurs instantly as soon as you click on "Jouer" (Play) in the menu screen (so before the cutscene). - WINEARCH=win32 isn't needed (I mentioned it because I only compiled 32-bit Wine for regression testing). The crash also occurs on the default version of Wine without any modification. - The crash is reproducible with Staging wine-9.1. Finally, I'd like to point out that the game runs perfectly with wine-8.8. Thanks for all your help. -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=56286 --- Comment #3 from imaxm <memax(a)gmx.fr> --- As you have the Steam version, perhaps you can change the language to French? -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=56286 imaxm <memax(a)gmx.fr> changed: What |Removed |Added ---------------------------------------------------------------------------- Summary|Evil Under the Sun: game |Evil Under the Sun: French |crashes when starting a new |version of the game crashes |game (regression) |when starting a new game | |(regression) -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=56286 --- Comment #4 from imaxm <memax(a)gmx.fr> --- Created attachment 76040 --> https://bugs.winehq.org/attachment.cgi?id=76040 Backtrace (wine-9.2) -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=56286 Gijs Vermeulen <gijsvrm(a)gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Summary|Evil Under the Sun: French |Evil Under the Sun (French |version of the game crashes |version) crashes when |when starting a new game |starting a new game |(regression) | -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=56286 --- Comment #5 from imaxm <memax(a)gmx.fr> --- This bug is still present with wine-9.12. OS: Ubuntu 24.04 LTS 64bit. NVIDIA Driver Version (proprietary): 535.183.01. -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=56286 --- Comment #6 from imaxm <memax(a)gmx.fr> --- Hello This bug is still present in wine-10.0-rc2 Ubuntu 24.04 LTS NVIDIA Driver Version (proprietary): 550.120 -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=56286 --- Comment #7 from imaxm <memax(a)gmx.fr> --- Hello The game still crashes with wine-10.10. -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=56286 --- Comment #8 from imaxm <memax(a)gmx.fr> --- This bug is still present with wine-11.0-rc1. The workaround is to revert to wine-8.8. -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=56286 --- Comment #9 from Paul Gofman <pgofman@codeweavers.com> --- So this time I reproduced the crash (at the same address in game) with Steam version with game language set to French. Of course the game is doing (rather far away) out of bounds (read) access on heap allocated pointer. It indexes some own array with Unicode character codes and a file specifically related to French version has the big value of 0x2018 ('`') which results in 0x20180 offset which is way beyond the game's allocated heap size of ~0x2000. That works on Windows and used to work in Wine before the blamed commit because it was hitting accessible memory. The app creates a few heaps with initial commit size with 0x1000 and after the blamed commit that results in not 64k aligned (sub)heap sizes, so there are (more) uncommitted holes in virtual allocations. Turns out, that part is wrong, heap sizes should be always 64k aligned, I sent MR for that: https://gitlab.winehq.org/wine/wine/-/merge_requests/9752 This way the game doesn't crash for me (I only have Steam version), both with Wine + Windows Steam and with Linux Steam + Proton with those patches picked to Proton. It is still out of bounds access in game and it may still crash influenced by semi-random factors. But with those patches I'd expect that to work if that worked with the blamed commit reverted. -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=56286 Paul Gofman <pgofman@codeweavers.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Fixed by SHA1| |8545d9d9121150788dd1bcb03fb | |0784f5c425641 Resolution|--- |FIXED Status|UNCONFIRMED |RESOLVED --- Comment #10 from Paul Gofman <pgofman@codeweavers.com> --- Should be fixed by 8545d9d9121150788dd1bcb03fb0784f5c425641 . This is still game's out of bound memory access, so that may still be crashing under some setups. If happens to still crash while reverting the initial commit still (together with 6def1edb8cce10f3dc6007f575b743384343bf9e^..8545d9d9121150788dd1bcb03fb0784f5c425641) please reopen. -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=56286 Alexandre Julliard <julliard@winehq.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |CLOSED --- Comment #11 from Alexandre Julliard <julliard@winehq.org> --- Closing bugs fixed in 11.0-rc2. -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=56286 Andrew Nguyen <arethusa26@gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |888884ko04kgcgk040s4skoo00s | |g844w@ai.notifier.in --- Comment #12 from Andrew Nguyen <arethusa26@gmail.com> --- *** Bug 59467 has been marked as a duplicate of this bug. *** -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
participants (3)
-
WineHQ Bugzilla -
WineHQ Bugzilla -
WineHQ Bugzilla