http://bugs.winehq.org/show_bug.cgi?id=22301
Summary: Fallen Earth MMO : RtlAllocateHeap crash Product: Wine Version: 1.1.42 Platform: x86 URL: http://forums.fallenearth.com/fallenearth/showthread.p hp?t=35062 OS/Version: Mac OS X 10.6 Status: UNCONFIRMED Severity: normal Priority: P2 Component: ntdll AssignedTo: wine-bugs@winehq.org ReportedBy: elanz1615@yahoo.com
Created an attachment (id=27255) --> (http://bugs.winehq.org/attachment.cgi?id=27255) winedbg bt from crash
Fallen Earth, when run in a clean wine prefix using the latest git crashes after a few minutes of play. The crash produces just one log output:
err:seh:raise_exception Unhandled exception code c0000005 flags 0 addr 0x7bc3b3ed
I've attached a winedbg backtrace showing that the crash is in RtlAllocateHeap. Each crash I've captured has a slightly different back trace but the top two frames are always RtlAllocateHeap and list_remove.
Trace and relay logging is impossible with this application as they slow the application too much to play long enough to observe the crash. Another clue is that turning on the warn+heap channel seems to prevent the crash at the expense of framerate and an extended shut-down time.
Any assistance is greatly appreciated.
Forum post with more detail is here:
http://forum.winehq.org/viewtopic.php?t=8127
http://bugs.winehq.org/show_bug.cgi?id=22301
Dmitry Timoshkov dmitry@codeweavers.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Component|ntdll |-unknown
--- Comment #1 from Dmitry Timoshkov dmitry@codeweavers.com 2010-04-07 10:07:45 --- Probably a heap corruption in wined3d code.
http://bugs.winehq.org/show_bug.cgi?id=22301
--- Comment #2 from Eric Lanz elanz1615@yahoo.com 2010-04-07 10:15:10 --- Thank you for the reply. What is the best way to verify that this could be heap corruption? I've tried running the application on ubuntu under valgrind but the number or reported errors even when using the wine suppression file is overwhelming.
http://bugs.winehq.org/show_bug.cgi?id=22301
--- Comment #3 from Henri Verbeet hverbeet@gmail.com 2010-04-07 10:22:00 --- The output from running with WINEDEBUG="warn+heap" may have some hints. Also, if this used to work, running a regression test may help.
http://bugs.winehq.org/show_bug.cgi?id=22301
--- Comment #4 from Dmitry Timoshkov dmitry@codeweavers.com 2010-04-07 10:22:31 --- (In reply to comment #2)
Thank you for the reply. What is the best way to verify that this could be heap corruption? I've tried running the application on ubuntu under valgrind but the number or reported errors even when using the wine suppression file is overwhelming.
Does the app crash the same way under Linux?
http://bugs.winehq.org/show_bug.cgi?id=22301
--- Comment #5 from Eric Lanz elanz1615@yahoo.com 2010-04-07 10:46:47 --- Created an attachment (id=27260) --> (http://bugs.winehq.org/attachment.cgi?id=27260) warn+heap terminal output including crash
http://bugs.winehq.org/show_bug.cgi?id=22301
--- Comment #6 from Eric Lanz elanz1615@yahoo.com 2010-04-07 10:51:23 --- Henri -- I've posted a terminal output of the app crashing while heap+warn is on, let me know if you want me to add any other channels.
Dmitry -- The application will crash in the same way on Ubuntu Linux using either the ubuntu package or my own build from the latest git. I was able to run it in Valgrind and observe the crash but the valgrind logs were too much for me to parse.
http://bugs.winehq.org/show_bug.cgi?id=22301
--- Comment #7 from Eric Lanz elanz1615@yahoo.com 2010-04-07 10:56:04 --- Sorry I missed your other question. I first noticed it in version 1.1.40 and then started to build older/newer versions to test, every version back to 1.1.35 and through the latest git yesterday has this crash. I will continue to test older version looking for a good tag to perform a regression against.
http://bugs.winehq.org/show_bug.cgi?id=22301
--- Comment #8 from Eric Lanz elanz1615@yahoo.com 2010-04-12 10:10:55 --- Created an attachment (id=27341) --> (http://bugs.winehq.org/attachment.cgi?id=27341) warn+all log from 1.1.42 showing crash
This is a warn+all log file from a recent run against a clean build of git tag 1.1.42. During the test I experienced the crash.
http://bugs.winehq.org/show_bug.cgi?id=22301
--- Comment #9 from Eric Lanz elanz1615@yahoo.com 2010-04-12 10:14:53 --- Created an attachment (id=27342) --> (http://bugs.winehq.org/attachment.cgi?id=27342) warn+all log from 1.1.42 showing no crash
This is a warn+all log from the same wine build as the crash log, I played under the same conditions except this time I did not experience the crash. I retraced the same steps through the game that I usually did and loaded/unloaded many levels to try to generate a crash but could not.
This is typical of my testing in that it seems to crash in this way only every other test that I run.
I'd really appreciate any ideas or help tracking down this crash from anyone, I've exhausted my own abilities at this point.
http://bugs.winehq.org/show_bug.cgi?id=22301
--- Comment #10 from Eric Lanz elanz1615@yahoo.com 2010-04-12 10:58:35 --- Created an attachment (id=27343) --> (http://bugs.winehq.org/attachment.cgi?id=27343) gdb session showing crash with symbols
This is interesting, I finally got gdb to recognize wine's symbols properly so this log shows the gdb session of this crash, with a backtrace.
It seems like a pretty straightforward de-refrencing of a null pointer in list_remove. I'll add a null pointer check there although I am pretty confident that the real issue is much deeper than that.
http://bugs.winehq.org/show_bug.cgi?id=22301
--- Comment #11 from Henri Verbeet hverbeet@gmail.com 2010-04-13 08:35:51 --- Could you create a warn+heap,+seh,+tid,+d3d,+d3d9 log against current git? Also, does this have a demo?
http://bugs.winehq.org/show_bug.cgi?id=22301
--- Comment #12 from Eric Lanz elanz1615@yahoo.com 2010-04-13 10:10:58 --- (In reply to comment #11)
Could you create a warn+heap,+seh,+tid,+d3d,+d3d9 log against current git? Also, does this have a demo?
http://www.mediafire.com/file/f2nmgdmivnd/22301logHeapSehTidD3dD3d9.txt.zip
That's a link to a 55mb zip containing a 1.5gb log generated by running this command:
WINEDEBUG=warn+heap,+seh,+tid,+d3d,+d3d9 ~/wine-origin/./wine Frontend.exe >> ~/22301logHeapSehTidD3dD3d9.txt 2>&1
I tried multiple times but was not able to capture the crash under these logging conditions (probably because it was running very slowly).
There is a demo which you can obtain by going here:
http://forums.fallenearth.com/fallenearth/showthread.php?t=35062
It is an MMO so you will have to sign up for the 10 day trial. If you need me to test anything or generate any logs or grep logs I can do that for you so you don't have to sign up and download it.
http://bugs.winehq.org/show_bug.cgi?id=22301
mth411@yahoo.com changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |mth411@yahoo.com
--- Comment #13 from mth411@yahoo.com 2010-04-17 11:34:48 --- I get the same crash message: Backtrace: =>0 0x7bc48c38 RtlAllocateHeap+0xa8() in ntdll (0x0032f870)
On a freeware game DeadlyRace: http://www.gametop.com/download-free-games/deadly-race/
Running Ubuntu 9.10 amd64 wine 1.1.42
http://bugs.winehq.org/show_bug.cgi?id=22301
djot@me.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|UNCONFIRMED |NEW Ever Confirmed|0 |1
--- Comment #14 from djot@me.com 2010-04-19 15:57:31 --- *** This bug has been confirmed by popular vote. ***
http://bugs.winehq.org/show_bug.cgi?id=22301
--- Comment #15 from Eric Lanz elanz1615@yahoo.com 2010-04-22 14:06:32 --- Created an attachment (id=27514) --> (http://bugs.winehq.org/attachment.cgi?id=27514) IWineD3DDeviceImpl_SetStreamSource GDB backtrace
Hello,
I hadn't tested in a couple days, today I did a git pull and rebuilt. On one of my test runs I see this crash in GDB instead of the usual list_remove one:
WineD3DDeviceImpl_SetStreamSource
Is it a clue or just a red herring? It happened at the same spot/time I usually see the rtlallocateheap crash, and I do still see that rtlallocateheap crash in this build -- thought I'd post this anyway in case it turns out to be relevant.
Eric
http://bugs.winehq.org/show_bug.cgi?id=22301
joaopa jeremielapuree@yahoo.fr changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |jeremielapuree@yahoo.fr
--- Comment #16 from joaopa jeremielapuree@yahoo.fr 2011-07-09 23:44:04 CDT --- still a bug in current wine?
http://bugs.winehq.org/show_bug.cgi?id=22301
Austin English austinenglish@gmail.com changed:
What |Removed |Added ---------------------------------------------------------------------------- OS/Version|Mac OS X 10.6 |Mac OS X
http://bugs.winehq.org/show_bug.cgi?id=22301
--- Comment #17 from Enrico Enrico_m@gmx.de 2012-04-23 15:18:07 CDT --- Created attachment 39897 --> http://bugs.winehq.org/attachment.cgi?id=39897 WINEDEBUG=warn+heap,+seh,+tid,+d3d,+d3d9 log of Lego Star Wars crash
I have a similar crash in Lego Star Wars 1. Attached a log with the last 150000 trace lines.
http://bugs.winehq.org/show_bug.cgi?id=22301
--- Comment #18 from Austin English austinenglish@gmail.com --- This is your friendly reminder that there has been no bug activity for 2 years. Is this still an issue in current (1.7.18 or newer) wine?
http://bugs.winehq.org/show_bug.cgi?id=22301
hanska2@luukku.com changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |hanska2@luukku.com
--- Comment #19 from hanska2@luukku.com --- Any update on this from original posters?
https://bugs.winehq.org/show_bug.cgi?id=22301
Austin English austinenglish@gmail.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution|--- |ABANDONED
--- Comment #20 from Austin English austinenglish@gmail.com --- (In reply to Austin English from comment #18)
This is your friendly reminder that there has been no bug activity for 2 years. Is this still an issue in current (1.7.18 or newer) wine?
Abandoned.
https://bugs.winehq.org/show_bug.cgi?id=22301
Austin English austinenglish@gmail.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |CLOSED
--- Comment #21 from Austin English austinenglish@gmail.com --- Closing.
-
wine-bugs@winehq.org