[Bug 38493] New: Unhandled exception in subprocess.exe when launching Grand Theft Auto V
https://bugs.winehq.org/show_bug.cgi?id=38493
Bug ID: 38493 Summary: Unhandled exception in subprocess.exe when launching Grand Theft Auto V Product: Wine Version: 1.7.41 Hardware: x86-64 OS: Linux Status: UNCONFIRMED Severity: normal Priority: P2 Component: -unknown Assignee: wine-bugs@winehq.org Reporter: o.dierick@piezo-forte.be Distribution: ---
Created attachment 51338 --> https://bugs.winehq.org/attachment.cgi?id=51338 output of wine PlayGTAV.exe run from the game install dir.
At startup, when the launcher of Grand Theft Auto V opens, it shows a "Loading" animation and wait for something that never seems to happen.
There is a cancel button. If I click anywhere in the window before clicking the cancel button, or if I alt-tab out and in while the launcher is open, subprocess.exe crashes with an unhandled exception error. After subprocess.exe has crashed, I can click on the cancel button of the launcher and it closes, and wineserver terminates gracefully.
If I click first on the cancel button before doing anything else, the launcher closes and there is no unhandled exception error, but wineserver doesn't quit until alt+F4 is pressed and the blocking process is forced to close.
subprocess.exe is the executable of the Social Club service to which the user has to log in to play the game.
Computer specs: Intel Core i7-4930k CPU @ 3.40Ghz x 12 (6+HT). 8Gb RAM. NVidia GTX970 with proprietary drivers (346.35). Debian Wheezy 64-bit Wine 1.7.41 WoW64 no winetricks, no dlloverrides. Wine is set to windows vista, virtual desktop, no window decoration and no window manager allowance. GTA V DVD version (not steam). DirectX and VC++ 2008 redistributables installed from DVD. Social Club 1.1.5.8 downloaded from Rockstar support website and installed.
https://bugs.winehq.org/show_bug.cgi?id=38493
--- Comment #1 from Olivier F. R. Dierick o.dierick@piezo-forte.be --- Created attachment 51339 --> https://bugs.winehq.org/attachment.cgi?id=51339 Backtrace of subprocess.exe
https://bugs.winehq.org/show_bug.cgi?id=38493
--- Comment #2 from Ken Sharp imwellcushtymelike@gmail.com --- Does it work in a 32-bit WINEPREFIX?
https://bugs.winehq.org/show_bug.cgi?id=38493
Olivier F. R. Dierick o.dierick@piezo-forte.be changed:
What |Removed |Added ---------------------------------------------------------------------------- Keywords| |win64 Summary|Unhandled exception in |Unhandled exception in |subprocess.exe when |subprocess.exe when |launching Grand Theft Auto |launching Grand Theft Auto |V |V (64-bit)
https://bugs.winehq.org/show_bug.cgi?id=38493
--- Comment #3 from Olivier F. R. Dierick o.dierick@piezo-forte.be --- 64-bit is a requirement for the game. I modified the bug report to reflect this.
I tried anyway out of curiosity.
Wine ends with this expected error message when the launcher is run from a 32-bit wineprefix: err:process:create_process 64-bit application L"C:\Program Files\Rockstar Games\Grand Theft Auto V\PlayGTAV.exe" not supported in 32-bit prefix
I tried to run subprocess.exe itself from the 32-bit wineprefix, since it is a 32-bit executable, but it has to be launched from the game launcher otherwise it exits instantly without doing anything.
Note that I could install the game in the 32-bit wineprefix because the installer is 32-bit and it doesn't check if the system is 64-bit when installing the game.
https://bugs.winehq.org/show_bug.cgi?id=38493
Francesco Munda syylk@hotmail.com changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |syylk@hotmail.com
https://bugs.winehq.org/show_bug.cgi?id=38493
--- Comment #4 from Olivier F. R. Dierick o.dierick@piezo-forte.be --- I made a +relay,+seh,+tid debug log and saw this:
--- snip --- 0009:Call KERNEL32.GetProcAddress(7b820000,182dc2860 "SetFileCompletionNotificationModes") ret=18248826c 0009:Ret KERNEL32.GetProcAddress() retval=7b82a41c ret=182488280 --- snip ---
This is the last kernel32 call before the crash. I checked current Wine code and the function is not implemented, not even a stub. Following the developper's guide I made a stub function that prints a fixme and return a fixed value (using info from MSDN).
At first I tried with a stub that always returns false and SetLastError to ERROR_CALL_NOT_IMPLEMENTED.
With the patched Wine, subprocess.exe no longer crash with read access to 0x00000000, but still crashes with two exception errors, one after the other. The exception errors are page faults in 64-bit code (two different threads).
The first exception:
--- snip --- Backtrace: =>0 0x00007fbd5cac7405 relay_trace_entry+0x55(descr=0x7badd708, idx=0x403fb, stack=0x23e350) [/home/olivier/Projets/wine-builds/Test_64/dlls/ntdll/../../../wine-git/dlls/ntdll/relay.c:333] in ntdll (0x000000000023e318) 1 0x00007fbd5cac6b33 relay_call+0x22() in ntdll (0x000000000023e318) 2 0x000000007b8330d6 in kernel32 (+0x130d5) (0x00000001830de050) 3 0x00000001801f0446 in libcef (+0x1f0445) (0x00000001830de050) 4 0x00000001801ebf7a in libcef (+0x1ebf79) (0x00000001830de050) 5 0x00000001801dfa82 in libcef (+0x1dfa81) (0x0000000000000000) 6 0x0000000180877311 in libcef (+0x877310) (0x0000000000000000) 7 0x000000018083c8e4 in libcef (+0x83c8e3) (0x0000000000000000) 8 0x00000001801c5566 in libcef (+0x1c5565) (0x0000000000000000) 9 0x00000001801c5855 in libcef (+0x1c5854) (0x000000000023e680) 10 0x0000000180001015 in libcef (+0x1014) (0x000000000023e680) --- snip ---
and the second:
--- snip --- Backtrace: =>0 0x00000001823eeb75 in libcef (+0x23eeb75) (0x0000000000078260) 1 0x000000018248c1b5 in libcef (+0x248c1b4) (0x0000000000078260) 2 0x000000018248c431 in libcef (+0x248c430) (0x000000000023f790) 3 0x000000018150cccb in libcef (+0x150ccca) (0x000000000023f790) 4 0x00000001801a263e in libcef (+0x1a263d) (0x000000000023f940) 5 0x000000018017135f in libcef (+0x17135e) (0x000000000023faa0) 6 0x0000000180170a55 in libcef (+0x170a54) (0x000000000023fb59) 7 0x00000001801a32fd in libcef (+0x1a32fc) (0x0000000000e85773) 8 0x00000001801a39eb in libcef (+0x1a39ea) (0x0000000000e85773) 9 0x000000018018a248 in libcef (+0x18a247) (0x0000000000e85773) 10 0x00000001800e88e8 in libcef (+0xe88e7) (0x0000000000e85773) --- snip ---
Then I changed the stub so that it always returns true (success), restarted from scratch and got another type of error (no stack, no backtrace):
--- snip --- 0x00000001801975ae: addq $28,%rsp Modules: Module Address Debug info Name (124 modules) ELF 7b800000- 7bc7c000 Deferred kernel32<elf> -PE 7b820000- 7bc7c000 \ kernel32 ELF 7be00000- 7c102000 Deferred <wine-loader> PE 140000000- 1400f1000 Deferred subprocess PE 180000000- 1834c6000 Export libcef ELF 7ff9a9fa5000- 7ff9aa220000 Deferred setupapi<elf> -PE 7ff9a9fb0000- 7ff9aa220000 \ setupapi --- snip ---
It seems that libcef.dll is involved in every crash. I know it is Chromium Embedded Framework. The game provide its own copy of the DLL.
--- snip --- 0038:trace:loaddll:load_native_dll Loaded L"C:\Program Files\Rockstar Games\Social Club\libcef.dll" at 0x180000000: native --- snip ---
I tried to debug those errors with +relay,+seh,+tid,+loaddll,+int but could not find anything obvious. I'm not familliar with wine debugging. If someone wants full backtraces or debugging output, just ask.
https://bugs.winehq.org/show_bug.cgi?id=38493
--- Comment #5 from Nikolay Sivov bunglehead@gmail.com --- --- 0009:Call KERNEL32.GetProcAddress(7b820000,182dc2860 "SetFileCompletionNotificationModes") ret=18248826c 0009:Ret KERNEL32.GetProcAddress() retval=7b82a41c ret=182488280 ---
It looks already broken at this point, if this a trace from unpatched wine then retval should be 0, and 'ret' value at return line should match 'ret' on Call.
Could you attach your patch, part of +relay log without a patch that contains those lines and full output when it crashes on patched wine?
https://bugs.winehq.org/show_bug.cgi?id=38493
--- Comment #6 from Olivier F. R. Dierick o.dierick@piezo-forte.be --- I restarted from scratch and found that my previous analysis was based on a corrupted debugging output. I used > instead of >> to redirect output and it is a multi-threaded app so output was overwritten.
With correct output I see that there are two calls to GetProcAddress. The GetProcAddress retval for SetFileCompletionNotificationModes is 0 and the return line matches the one from the Call. The other looks for CancelIoEx and has a non-null return value.
Without the patch the thread quickly dies after those calls (after a bunch of heap alloc/free). With the patch the thread doesn't die, but two other threads crash one after the other some time later.
Note that I now test with Wine 1.7.42.
https://bugs.winehq.org/show_bug.cgi?id=38493
--- Comment #7 from Olivier F. R. Dierick o.dierick@piezo-forte.be --- Created attachment 51444 --> https://bugs.winehq.org/attachment.cgi?id=51444 Patch implements SetFileCompletionNotificationModes as a stub.
https://bugs.winehq.org/show_bug.cgi?id=38493
--- Comment #8 from Olivier F. R. Dierick o.dierick@piezo-forte.be --- Created attachment 51445 --> https://bugs.winehq.org/attachment.cgi?id=51445 Part of +relay,+seh,+tid debugging output without patch
https://bugs.winehq.org/show_bug.cgi?id=38493
--- Comment #9 from Olivier F. R. Dierick o.dierick@piezo-forte.be --- Created attachment 51446 --> https://bugs.winehq.org/attachment.cgi?id=51446 Full output of patched Wine no debugging
https://bugs.winehq.org/show_bug.cgi?id=38493
--- Comment #10 from Nikolay Sivov bunglehead@gmail.com --- Looks like SetFileCompletionNotificationModes() should really forward to NtSetInformationFile() with FileIoCompletionNotificationInformation class, but that's just something to keep in mind. Anything interesting in +relay with patch applied? It's not really clear if missing function is an actual problem or not. Also you'll probably get more info with +tid,+winsock, as it's likely to be used on sockets.
https://bugs.winehq.org/show_bug.cgi?id=38493
--- Comment #11 from Olivier F. R. Dierick o.dierick@piezo-forte.be --- When comparing the +relay logs between patched and unpatched Wine it is clear to me that the crash occurs at the point where SetFileCompletionNotificationModes should be called, and that stubbing the function avoids that crash. I believe that the program does not check for the return value of GetProcAddress and jump to address 0x0, that would explain why the backtrace is
--- snip --- Backtrace: =>0 0x0000000000000000 (0x0000000000000000) 0x0000000000000000: -- no code accessible -- --- snip ---
The +relay log didn't tell me anything more, even with +winsock. I made a +all,-heap log and saw nothing more either.
I attach full debug output split between the three involved threads. Thread 0028 is the one that crash without the patch. Threads 0051 and 0038 are the ones that crash with the patch, in that order.
I also attach full debug output of thread 0028 without patch applied, for comparison.
https://bugs.winehq.org/show_bug.cgi?id=38493
--- Comment #12 from Olivier F. R. Dierick o.dierick@piezo-forte.be --- Created attachment 51450 --> https://bugs.winehq.org/attachment.cgi?id=51450 Thread 0028 +relay,+seh,+tid+winsock with patched Wine.
https://bugs.winehq.org/show_bug.cgi?id=38493
Olivier F. R. Dierick o.dierick@piezo-forte.be changed:
What |Removed |Added ---------------------------------------------------------------------------- Attachment #51450|Thread 0028 |Thread 0028 description|+relay,+seh,+tid+winsock |+relay,+seh,+tid,+winsock |with patched Wine. |with patched Wine.
https://bugs.winehq.org/show_bug.cgi?id=38493
--- Comment #13 from Olivier F. R. Dierick o.dierick@piezo-forte.be --- Created attachment 51451 --> https://bugs.winehq.org/attachment.cgi?id=51451 Thread 0051 +relay,+seh,+tid,+winsock with patched Wine.
https://bugs.winehq.org/show_bug.cgi?id=38493
--- Comment #14 from Olivier F. R. Dierick o.dierick@piezo-forte.be --- Created attachment 51452 --> https://bugs.winehq.org/attachment.cgi?id=51452 Thread 0038 +relay,+seh,+tid,+winsock with patched Wine.
https://bugs.winehq.org/show_bug.cgi?id=38493
--- Comment #15 from Olivier F. R. Dierick o.dierick@piezo-forte.be --- Created attachment 51453 --> https://bugs.winehq.org/attachment.cgi?id=51453 Thread 0028 +relay,+seh,+tid crash without patch.
https://bugs.winehq.org/show_bug.cgi?id=38493
--- Comment #16 from Olivier F. R. Dierick o.dierick@piezo-forte.be --- Got the same issue (unhandled page fault at 0x00000000) with steam update May 15 2015 whose changelog states that internal web browser (CEF) was updated to 41.1x. And patch from comment 7 solves the issue (no other crash like with GTA5 subprocess).
I made a duplicate bug report before testing my own patch and finding that it was in fact the same issue.
https://bugs.winehq.org/show_bug.cgi?id=38493
--- Comment #17 from Olivier F. R. Dierick o.dierick@piezo-forte.be --- The summary should be changed to "libcef crashes with page fault at 0x00000000 (GTAV Social Club, Steam update may 15)". Should I change it myself?
https://bugs.winehq.org/show_bug.cgi?id=38493
Anastasius Focht focht@gmx.net changed:
What |Removed |Added ---------------------------------------------------------------------------- Keywords|win64 |download Status|UNCONFIRMED |NEW URL| |https://steamcdn-a.akamaihd | |.net/client/installer/Steam | |Setup.exe CC| |focht@gmx.net Component|-unknown |kernel32 Summary|Unhandled exception in |Steam steamwebhelper based |subprocess.exe when |on CEF 41.x crashes in Win7 |launching Grand Theft Auto |mode (needs |V (64-bit) |Kernel32.SetFileCompletionN | |otificationModes) Ever confirmed|0 |1
--- Comment #18 from Anastasius Focht focht@gmx.net --- Hello folks,
--- quote --- The summary should be changed to "libcef crashes with page fault at 0x00000000 (GTAV Social Club, Steam update may 15)". Should I change it myself? --- quote ---
rather not.
- the page fault address is meaningless, it doesn't add any value to the bug - it doesn't only affect GTAV SC, but rather central component/functionality (embedded browser) - it only affects people who deliberately overrode the default WINEPREFIX Windows version = few people
Your other duplicate makes it sound that Steam/Wine is broken in general which is not true at all.
Regards
https://bugs.winehq.org/show_bug.cgi?id=38493
--- Comment #19 from Olivier F. R. Dierick o.dierick@piezo-forte.be --- Setting version to Windows Vista also triggers the bug, in a fresh 32-bit or 64-bit wineprefix with Steam.
GTA5 requires Windows Vista or above, when windows is set to XP, an error message pops up, preventing start of the launcher.
According to MSDN, SetFileCompletionNotificationModes() appeared in Windows Vista (client) and Windows 2008 (server).
https://bugs.winehq.org/show_bug.cgi?id=38493
--- Comment #20 from Olivier F. R. Dierick o.dierick@piezo-forte.be --- *** Bug 38588 has been marked as a duplicate of this bug. ***
https://bugs.winehq.org/show_bug.cgi?id=38493
Anastasius Focht focht@gmx.net changed:
What |Removed |Added ---------------------------------------------------------------------------- Keywords| |patch
--- Comment #21 from Anastasius Focht focht@gmx.net --- Hello folks,
still present with Wine 1.7.44
Olivier's patch is available/included in Wine-Staging by default:
https://github.com/wine-compholio/wine-staging/blob/master/patches/kernel32-...
Regards
https://bugs.winehq.org/show_bug.cgi?id=38493
Adam Bolte abolte@systemsaviour.com changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |abolte@systemsaviour.com
https://bugs.winehq.org/show_bug.cgi?id=38493
--- Comment #22 from Adam Bolte abolte@systemsaviour.com --- I need a 64-bit Windows 7 wineprefix for Wolfenstein: The Old Blood. I keep seeing the steamwebhelper pop-ups all the time and the Steam Store tab fails to render (on wine 1.7.44).
With Olivier's patch and an otherwise clean 1.7.44, these problems are resolved.
https://bugs.winehq.org/show_bug.cgi?id=38493
--- Comment #23 from Nikolay Sivov bunglehead@gmail.com --- Olivier, could you please send this patch to wine-patches@winehq.org?
https://bugs.winehq.org/show_bug.cgi?id=38493
--- Comment #24 from Olivier F. R. Dierick o.dierick@piezo-forte.be --- (In reply to Nikolay Sivov from comment #23)
Olivier, could you please send this patch to wine-patches@winehq.org?
The patch is now sent.
https://bugs.winehq.org/show_bug.cgi?id=38493
Martin Kamp Jensen martin.kamp.jensen@gmail.com changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |martin.kamp.jensen@gmail.co | |m
https://bugs.winehq.org/show_bug.cgi?id=38493
--- Comment #25 from Nikolay Sivov bunglehead@gmail.com --- Committed as http://source.winehq.org/git/wine.git/?a=commit;h=01e538588282b521e86d299817....
https://bugs.winehq.org/show_bug.cgi?id=38493
wine@discordia.ch wine@discordia.ch changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |wine@discordia.ch
https://bugs.winehq.org/show_bug.cgi?id=38493
--- Comment #26 from Olivier F. R. Dierick o.dierick@piezo-forte.be --- Issue is fixed for me with Wine 1.7.45.
No more crash in Steam in win7/vista mode. No more crash in GTA V launcher trying to execute code at <null> address.
https://bugs.winehq.org/show_bug.cgi?id=38493
Nikolay Sivov bunglehead@gmail.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Fixed by SHA1| |01e538588282b521e86d299817e | |7335a736fdd3a Status|NEW |RESOLVED Resolution|--- |FIXED
--- Comment #27 from Nikolay Sivov bunglehead@gmail.com --- Fixed with 01e538588282b521e86d299817e7335a736fdd3a.
https://bugs.winehq.org/show_bug.cgi?id=38493
Anastasius Focht focht@gmx.net changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |yurikoles@gmail.com
--- Comment #28 from Anastasius Focht focht@gmx.net --- *** Bug 38825 has been marked as a duplicate of this bug. ***
https://bugs.winehq.org/show_bug.cgi?id=38493
Alexandre Julliard julliard@winehq.org changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |CLOSED
--- Comment #29 from Alexandre Julliard julliard@winehq.org --- Closing bugs fixed in 1.7.47.
https://bugs.winehq.org/show_bug.cgi?id=38493
drnefarius@hotmail.com changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |drnefarius@hotmail.com
-
wine-bugs@winehq.org -
WineHQ Bugzilla