https://bugs.winehq.org/show_bug.cgi?id=35874
--- Comment #4 from Anastasius Focht focht@gmx.net --- Hello folks,
looking at the sparse information you gave (backtrace) this could be a duplicate of bug 34480
I investigated bug 32559 'Warlock - Master of the Arcane 1.4' (Steam) which turned out to be a dupe of bug 34480
--- snip --- Unhandled exception: page fault on write access to 0x1c1fa000 in 32-bit code (0x0600e4a8). Register dump: CS:0073 SS:007b DS:007b ES:007b FS:0033 GS:003b EIP:0600e4a8 ESP:057df470 EBP:057df48c EFLAGS:00010202( R- -- I - - - ) EAX:00000000 EBX:12799800 ECX:00000000 EDX:00000001 ESI:12799f80 EDI:1c1f9fb0 Stack dump: 0x057df470: 1c1f9830 0fcc0040 0000007d 067b1dd1 0x057df480: 1c1f9830 12799800 00000800 057df520 0x057df490: 067b26d0 1c1f9830 12799800 00000800 0x057df4a0: 00000000 00000000 00000000 00000000 0x057df4b0: 16a679d0 00000200 00000200 00000800 0x057df4c0: 00040000 0df08950 00000200 00000200 Backtrace: =>0 0x0600e4a8 in msvcr110 (+0xe4a8) (0x057df48c) 1 0x067b26d0 in gameui (+0x426cf) (0x057df520) ... 28 0x06790cba in gameui (+0x20cb9) (0x057dfab8) 29 0x004cf4b4 in game (+0xcf4b3) (0x057dfac8) ... 43 0x00519a64 in game (+0x119a63) (0x057dfddc) 44 0x00519842 in game (+0x119841) (0x057dfdf0) 45 0x0051a59c in game (+0x11a59b) (0x057dfe14) 46 0x00a1bd26 in game (+0x61bd25) (0x057dfe60) 47 0x7b85f3ac call_process_entry+0xb() in kernel32 (0x057dfe78) ... 0x0600e4a8: movq %mm5,0x50(%edi) Modules: Module Address Debug info Name (181 modules) PE 240000- 3b9000 Deferred fmodex PE 3c0000- 3f2000 Deferred curllib PE 400000- 53d1000 Export game PE 57e0000- 5813000 Deferred ssleay32 PE 5820000- 591e000 Deferred libeay32 PE 5920000- 593b000 Deferred openldap PE 5940000- 5954000 Deferred libsasl PE 5960000- 5f67000 Deferred bmcore PE 5f70000- 5ff5000 Deferred msvcp110 PE 6000000- 60d6000 Export msvcr110 PE 60e0000- 65f6000 Deferred gamelogic PE 6600000- 676a000 Deferred scriptengine PE 6770000- 6c2f000 Export gameui PE 6c30000- 6c9c000 Deferred fmod_event PE 9f40000- a00c000 Deferred steam PE 10000000-101ff000 Deferred d3dx9_43 PE 30000000-302c1000 Deferred steam2 PE 38000000-38893000 Deferred steamclient PE 3b400000-3b41e000 Deferred steam_api ... Threads: process tid prio (all id:s are in hex) ... 00000053 (D) C:\Program Files\Steam\SteamApps\common\Warlock 2\Game.exe 0000005a 0 00000059 0 00000058 0 00000057 -15 00000054 0 <== --- snip ---
Looking at the dlls mapped into crashing process address space and comparing it to my installation of 'Warlock - Master of the Arcane 1.4':
--- snip --- $ pwd /home/focht/.wine/drive_c/Program Files/Steam/SteamApps/common/Warlock - Master of the Arcane
$ ls -1 *.dll BMCore.dll fmod_event.dll fmodex.dll GameLogic.dll GameUI.dll ScriptEngine.dll steam_api.dll --- snip ---
Both have the same set of dlls. So it's likely they share the same game engine.
Since you lack symbols my guess for the function in frame 0 would be memcpy() (module is 'msvcr110.dll' and the instruction is typical for that).
The fault address 0x1c1fa000 is likely from heap (aligned -> page fault in first page of unmapped area). Some value in the thread stack such as 0x800 or 0x200 could be the copy count.
Since I can't buy every game off Steam just for having a look at it you need to test the hypothesis.
Apply the following hack to recent Wine version (1.7.x) and report back. Thanks.
--- snip --- diff --git a/dlls/wined3d/resource.c b/dlls/wined3d/resource.c index 999dc5c..255887c 100644 --- a/dlls/wined3d/resource.c +++ b/dlls/wined3d/resource.c @@ -200,8 +200,9 @@ BOOL wined3d_resource_allocate_sysmem(struct wined3d_resource *resource) void **p; SIZE_T align = RESOURCE_ALIGNMENT - 1 + sizeof(*p); void *mem; + UINT size = resource->size*2;
- if (!(mem = HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY, resource->size + align))) + if (!(mem = HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY, size + align))) return FALSE;
p = (void **)(((ULONG_PTR)mem + align) & ~(RESOURCE_ALIGNMENT - 1)) - 1; --- snip ---
Regards