http://bugs.winehq.org/show_bug.cgi?id=10799
Summary: Myst Masterpiece Edition crashes at startup Product: Wine Version: 0.9.49. Platform: PC OS/Version: Linux Status: UNCONFIRMED Severity: normal Priority: P2 Component: wine-gdi-(printing) AssignedTo: wine-bugs@winehq.org ReportedBy: mateuscg@gmail.com
Created an attachment (id=9662) --> (http://bugs.winehq.org/attachment.cgi?id=9662) Patch applied using "patch -p1 -R < patchfile"
Beginning with wine version 0.9.49, Myst Masterpiece Edition crashes at startup. I identified the regression at this commit:
http://www.winehq.org/pipermail/wine-cvs/2007-November/037630.html
After I undo some of the changes at ChangeDisplaySettingsExA @ dlls/user32/sysparams.c to not call GdiConvertToDevmodeW, as 0.9.48 and before, Myst worked again. Attached are the wine debugger output and the patch I applied using "patch -p1 -R < patchfile".
http://bugs.winehq.org/show_bug.cgi?id=10799
--- Comment #1 from Mateus César Gröess mateuscg@gmail.com 2007-12-16 16:41:36 --- Created an attachment (id=9663) --> (http://bugs.winehq.org/attachment.cgi?id=9663) Debugger output (back traces, etc)
http://bugs.winehq.org/show_bug.cgi?id=10799
Dan Kegel dank@kegel.com changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |dank@kegel.com Keywords| |regression
--- Comment #2 from Dan Kegel dank@kegel.com 2007-12-16 17:48:20 --- Gee, I wish all bug reports came with the culprit so nicely identified!
http://bugs.winehq.org/show_bug.cgi?id=10799
--- Comment #3 from Dmitry Timoshkov dmitry@codeweavers.com 2007-12-16 23:20:10 --- Please retest with 0.9.51, some bugs related to resolution changes have been fixed since then.
http://bugs.winehq.org/show_bug.cgi?id=10799
--- Comment #4 from Mateus César Gröess mateuscg@gmail.com 2007-12-17 07:15:24 --- The debugger output attached was taken using 0.9.51, I forgot to mention. I was confused and set version 0.9.49 for the report because the problem first happened with it, but happens also with 0.9.50/0.9.51 in the same form. Unfortunally a demo of this game was not found. If somebody find one, please tell me where it can be downloaded. The game runs on wine with a sound-related problem and I would like to report it, but I need a link to a demo to provide a way to people test. From what I remember, the game does not work with versions newer than Windows 98, at least without patches, so I set wine to Windows 98. Instalation of QuickTime Player is required. I installed the version contained in the same CD-ROM (version 4.5 I guess). Myst switches to fullscreen at startup. When it crashes, I can see an empty window. Maybe the game first creates it just before goes to fullscreen.
http://bugs.winehq.org/show_bug.cgi?id=10799
--- Comment #5 from Dmitry Timoshkov dmitry@codeweavers.com 2007-12-17 07:25:24 --- Are you using a desktop mode by any chance? Also, could you (re)move ~/.wine and install the app again?
http://bugs.winehq.org/show_bug.cgi?id=10799
--- Comment #6 from Mateus César Gröess mateuscg@gmail.com 2007-12-17 08:20:54 ---
Are you using a desktop mode by any chance?
No, default settings. I just disable vertex and pixel shader, because my ancient Voodoo 3 does not support them.
Also, could you (re)move ~/.wine and install the app again?
I always remove .wine before testing.
http://bugs.winehq.org/show_bug.cgi?id=10799
Dmitry Timoshkov dmitry@codeweavers.com changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |dmitry@codeweavers.com
--- Comment #7 from Dmitry Timoshkov dmitry@codeweavers.com 2007-12-17 09:18:25 --- How large is a 'bzip -9'ed +relay,+seh,+tid log? If it's under 2Mb please attach it to the bug.
http://bugs.winehq.org/show_bug.cgi?id=10799
--- Comment #8 from Mateus César Gröess mateuscg@gmail.com 2007-12-17 19:14:05 --- Created an attachment (id=9676) --> (http://bugs.winehq.org/attachment.cgi?id=9676) Output of "WINEDEBUG=+relay,+seh,+tid wine .wine/drive_c/Program\ Files/Red\ Orb/Myst\ Masterpiece\ Edition/Myst.exe"
http://bugs.winehq.org/show_bug.cgi?id=10799
--- Comment #9 from Dmitry Timoshkov dmitry@codeweavers.com 2007-12-17 22:26:25 --- Created an attachment (id=9679) --> (http://bugs.winehq.org/attachment.cgi?id=9679) A probable fix
Does the attached patch help?
http://bugs.winehq.org/show_bug.cgi?id=10799
--- Comment #10 from Dmitry Timoshkov dmitry@codeweavers.com 2007-12-18 04:41:54 --- After looking at the backtrace again I think that the patch won't fix this particular crash.
http://bugs.winehq.org/show_bug.cgi?id=10799
--- Comment #11 from Dmitry Timoshkov dmitry@codeweavers.com 2007-12-18 06:22:49 --- The following patch should fix the problem:
http://www.winehq.org/pipermail/wine-patches/2007-December/048097.html
http://bugs.winehq.org/show_bug.cgi?id=10799
--- Comment #12 from Dmitry Timoshkov dmitry@codeweavers.com 2007-12-18 08:29:50 --- The patch has been committed, please retest and close the bug if appropriate.
http://bugs.winehq.org/show_bug.cgi?id=10799
--- Comment #13 from Mateus César Gröess mateuscg@gmail.com 2007-12-18 18:54:59 --- I saw your comments at my job, but couldn't test.
I just tested and the problem is still present. Does the patch need another to be also applied? I applied only your commited patch against version 0.9.51, because I don't have a local git tree actually. I always remove the source files and re-extract them from tar.bz2 before compiling. Actually, I have a Slackware Linux and use a slightly modified version of this script to build package: http://repository.slacky.eu/slackware-12.0/utilities/wine/0.9.51/src/. Looking at backtrace, seems to be the same cause:
Backtrace: =>1 0xb7d4655f memcpy+0x2f() in libc.so.6 (0x0031a370) 2 0x7e993893 GdiConvertToDevmodeW+0xcd(dmA=0xac1c3c) [/tmp/tgz/wine-0.9.51/dlls/gdi32/driver.c:430] in gdi32 (0x0031a3a0) 3 0x7eab2cc5 ChangeDisplaySettingsExA+0x45(devname=0x0, devmode=0xac1c3c, hwnd=0x0, flags=0x0, lparam=0x0) [/tmp/tgz/wine-0.9.51/dlls/user32/sysparams.c:3001] in user32 (0x0031a3e0) 4 0x7eab2c45 ChangeDisplaySettingsA+0x27(devmode=0xac1c3c, flags=0x0) [/tmp/tgz/wine-0.9.51/dlls/user32/sysparams.c:2972] in user32 (0x0031a410) 5 0x0042a433 in myst (+0x2a433) (0x0031a428) 6 0x0042ab3f in myst (+0x2ab3f) (0x0031a490) 7 0x00444d51 in myst (+0x44d51) (0x0031a758)
Because of my daily job I can only make tests at nights. Coincidently someone else post a message at wine-devel reporting the same problems I have with this game. I don't replied because I'm not subscribed, maybe I'll try e-mail the guy.
http://bugs.winehq.org/show_bug.cgi?id=10799
--- Comment #14 from Dmitry Timoshkov dmitry@codeweavers.com 2007-12-18 21:45:55 --- Ah, now I see a possible problem. The following patch should fix an attempt to read beyond the end of the passed in buffer:
http://www.winehq.org/pipermail/wine-patches/2007-December/048125.html
http://bugs.winehq.org/show_bug.cgi?id=10799
--- Comment #15 from Dmitry Timoshkov dmitry@codeweavers.com 2007-12-19 07:21:35 --- The patch was committed. Please retest and close if appropriate.
http://bugs.winehq.org/show_bug.cgi?id=10799
--- Comment #16 from Mateus César Gröess mateuscg@gmail.com 2007-12-19 19:22:39 --- I don't want to disappoint you, but the problem is still present. I applied your first commited patch and after the second patch, against version 0.9.51. Based on you changes, I made some additions using the old printf debug method. Here is the patch I tried:
--- driver.c-orig 2007-12-17 15:28:47.000000000 -0200 +++ driver.c 2007-12-17 16:57:11.000000000 -0200 @@ -413,19 +413,29 @@ DEVMODEW *dmW; WORD dmW_size, dmA_size;
+ printf("dmA value: %X\n", dmA); + printf("dmA->dmSize value: %d\n", dmA->dmSize); + printf("sizeof(DEVMODEA) value: %d\n", sizeof(DEVMODEA)); dmA_size = dmA->dmSize; if (dmA_size > sizeof(DEVMODEA)) dmA_size = sizeof(DEVMODEA);
+ printf("dmA_size 2 value: %d\n", dmA_size); dmW_size = dmA_size + CCHDEVICENAME; + printf("dmW_size value: %d\n", dmW_size); if (dmA_size >= FIELD_OFFSET(DEVMODEA, dmFormName) + CCHFORMNAME) dmW_size += CCHFORMNAME; + printf("dmW_size 2 value: %d\n", dmW_size);
dmW = HeapAlloc(GetProcessHeap(), 0, dmW_size + dmA->dmDriverExtra); if (!dmW) return NULL; + printf("dmW value: %X\n", dmW);
MultiByteToWideChar(CP_ACP, 0, (const char*) dmA->dmDeviceName, CCHDEVICENAME, dmW->dmDeviceName, CCHDEVICENAME); + printf("dmW->dmSpecVersion value: %d\n", dmW->dmSpecVersion); + printf("dmA->dmSpecVersion value: %d\n", dmA->dmSpecVersion); + printf("dmA_size value: %d\n", dmA_size); /* copy slightly more, to avoid long computations */ memcpy(&dmW->dmSpecVersion, &dmA->dmSpecVersion, dmA_size - CCHDEVICENAME);
The results:
dmA value: AC1C3C dmA->dmSize value: 0 sizeof(DEVMODEA) value: 156 dmA_size 2 value: 0 dmW_size value: 32 dmW_size 2 value: 32 dmW value: 1410B8 dmW->dmSpecVersion value: 74 dmA->dmSpecVersion value: 0 dmA_size value: 0 wine: Unhandled page fault on read access to 0x00acc000 at address 0xb7ce455f (thread 001b), starting debugger... <snip...> Backtrace: =>1 0xb7ce455f memcpy+0x2f() in libc.so.6 (0x0031a370) 2 0x7e99399b GdiConvertToDevmodeW+0x1d5(dmA=0xac1c3c) [/tmp/tgz/wine-0.9.51/dlls/gdi32/driver.c:440] in gdi32 (0x0031a3a0) 3 0x7eab2cc5 ChangeDisplaySettingsExA+0x45(devname=0x0, devmode=0xac1c3c, hwnd=0x0, flags=0x0, lparam=0x0) [/tmp/tgz/wine-0.9.51/dlls/user32/sysparams.c:3001] in user32 (0x0031a3e0) 4 0x7eab2c45 ChangeDisplaySettingsA+0x27(devmode=0xac1c3c, flags=0x0) [/tmp/tgz/wine-0.9.51/dlls/user32/sysparams.c:2972] in user32 (0x0031a410) 5 0x0042a433 in myst (+0x2a433) (0x0031a428) 6 0x0042ab3f in myst (+0x2ab3f) (0x0031a490)
http://bugs.winehq.org/show_bug.cgi?id=10799
--- Comment #17 from Dmitry Timoshkov dmitry@codeweavers.com 2007-12-19 22:39:36 ---
dmA value: AC1C3C dmA->dmSize value: 0
dmA->dmSize being 0 is the source of the problem. XP crashes as well in that case in my test. This needs an investigation.
http://bugs.winehq.org/show_bug.cgi?id=10799
--- Comment #18 from Dmitry Timoshkov dmitry@codeweavers.com 2007-12-19 22:49:29 --- Actually that's my test who crashes, GdiConvertToDevmodeW in XP just returns NULL in that case. I'll send a patch.
http://bugs.winehq.org/show_bug.cgi?id=10799
--- Comment #19 from Dmitry Timoshkov dmitry@codeweavers.com 2007-12-20 00:51:58 --- The following 2 patches should fix the crash:
http://www.winehq.org/pipermail/wine-patches/2007-December/048168.html http://www.winehq.org/pipermail/wine-patches/2007-December/048169.html
http://bugs.winehq.org/show_bug.cgi?id=10799
--- Comment #20 from Dmitry Timoshkov dmitry@codeweavers.com 2007-12-20 06:43:06 --- Alexandre committed the patches, please retest. And many thanks for the help.
http://bugs.winehq.org/show_bug.cgi?id=10799
Mateus César Gröess mateuscg@gmail.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|UNCONFIRMED |RESOLVED Resolution| |FIXED
--- Comment #21 from Mateus César Gröess mateuscg@gmail.com 2007-12-20 17:55:22 --- The regression is fixed! Thank you very much, Dmitry.
http://bugs.winehq.org/show_bug.cgi?id=10799
Dan Kegel dank@kegel.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |CLOSED
--- Comment #22 from Dan Kegel dank@kegel.com 2008-01-28 05:43:20 --- Closing all RESOLVED FIXED bugs older than four weeks.
-
wine-bugs@winehq.org