http://bugs.winehq.org/show_bug.cgi?id=17893
Summary: The Alien Nations / Die Völker crashes: amstream GetFormat stub Product: Wine Version: 1.1.17 Platform: PC OS/Version: Linux Status: UNCONFIRMED Severity: normal Priority: P2 Component: quartz AssignedTo: wine-bugs@winehq.org ReportedBy: hoehle@users.sourceforge.net
I'd rather split the bug entries for "Die Völker / The Alien Nations" and Motocross Madness 2, bug 17836, comment 3, to warrant each application its own. Although the common cause is stubbed functionality in amstream, these apps might be fixed independently.
At start, The Alien Nations tries to display two Intel Indeo videos, somewhat differently. Unimplemented functionality in amstream and the app's not checking for some return codes yields to an exception and crash. More specifically, GetFormat() is expected to fill in a DDSURFACEDESC structure, which wine leaves uninitialised, causing the application to use random uninitialised data.
The first crash is prevented by having GetFormat() in dlls/amstream/mediastream.c fill in the dwWidth and dwHeight fields of the DDSURFACEDESC structure (I used 1 as stub value). The code used seems similar to that of http://msdn.microsoft.com/en-us/library/ms787928(VS.85).aspx except the app doesn't check the return code of GetFormat and hence proceeds with uninitialised memory from these two fields.
These two values are not enough to avoid a crash when displaying the second video. As the logs http://bugs.winehq.org/attachment.cgi?id=20129 in bug 17836, comment 4 suggest, the app presumably reads more fields from GetFormat: Z buffer depth and pixelformat, and passes that to ddraw. Actually, whether the app crashes there depends on WINEDEBUG settings, as the initialisation of the stack-based DDSURFACEDESC depends on former stack use. I've been able to play the game using WINEDEBUG=+all,-syslevel,-fixup,-dbghelp_dwarf,-heap,warn+heap,-gdi
I yet have to disassemble and see which other fields from DDSURFACEDESC are used in the second case.
BTW, one needs to work past bug #15915 in order to see this crash in "Alien Nations", which is a blocker for this issue. I did it by quickly hacking the fourcc comparison test in iccvid.c.
There exists a demo for this application, but demos typically display no intro videos, so I doubt it would exhibit this bug.