http://bugs.winehq.org/show_bug.cgi?id=12322
Summary: Sacrifice game crashes with unhandled page fault Product: Wine Version: 0.9.58. Platform: PC-x86-64 OS/Version: Linux Status: UNCONFIRMED Severity: normal Priority: P2 Component: -unknown AssignedTo: wine-bugs@winehq.org ReportedBy: jlayton@poochiereds.net
Created an attachment (id=11794) --> (http://bugs.winehq.org/attachment.cgi?id=11794) output from running Sacrifice.exe under wine with WINEDEBUG='warn+all'
Running the Sacrifice game from Shiny entertainment results in an unhandled page fault when starting the game.
Sacrifice is patched to latest rev (0678.05.21)
Running under Fedora 8:
kernel 2.6.24.3-50.fc8 (x86_64) kmod-nvidia-169.12-4.lvn8.x86_64
http://bugs.winehq.org/show_bug.cgi?id=12322
--- Comment #1 from Jeff Layton jlayton@poochiereds.net 2008-04-01 21:03:28 --- I've done my share of kernel debugging, so I can poke at this a bit...
Unhandled exception: page fault on read access to 0x00000001 in 32-bit code (0x00408dd2). Register dump: CS:0023 SS:002b DS:002b ES:002b FS:0063 GS:006b EIP:00408dd2 ESP:0033fd40 EBP:0033fe6c EFLAGS:00010202( - 00 - -RI1) EAX:00000000 EBX:00000000 ECX:00000001 EDX:60ff7250 ESI:00000000 EDI:00000001 Stack dump: 0x0033fd40: 004c7ef4 004c7c30 00000000 00408552 0x0033fd50: 14002df0 0040a6fe 7ffdf000 001110ff 0x0033fd60: 00000000 535c3a43 69726361 65636966 0x0033fd70: 63615300 69666972 652e6563 60006578 0x0033fd80: 00110048 602f1a51 00000408 0000008c 0x0033fd90: 00113368 602f13cf 004c6064 6077c2dc Backtrace: =>1 0x00408dd2 in sacrifice (+0x8dd2) (0x0033fe6c) 2 0x004be6c6 in sacrifice (+0xbe6c6) (0x0033ff08) 3 0x60413e2e in kernel32 (+0x53e2e) (0x0033ffe8) 4 0x60039757 wine_switch_to_stack+0x17() in libwine.so.1 (0x00000000) 0x00408dd2: movl 0x0(%ecx),%eax
...here's the disassembly around that address:
408dbf: 90 nop 408dc0: 8b 0d 18 a9 4d 00 mov 0x4da918,%ecx 408dc6: 6a 00 push $0x0 408dc8: 68 30 7c 4c 00 push $0x4c7c30 408dcd: 68 f4 7e 4c 00 push $0x4c7ef4 408dd2: 8b 01 mov (%ecx),%eax <<<< crash here 408dd4: ff 50 30 call *0x30(%eax) 408dd7: 85 c0 test %eax,%eax 408dd9: 74 15 je 0x408df0 408ddb: 8b 0d e8 f5 4b 00 mov 0x4bf5e8,%ecx 408de1: 68 d8 7e 4c 00 push $0x4c7ed8 408de6: 51 push %ecx 408de7: ff 15 c0 f5 4b 00 call *0x4bf5c0 408ded: 83 c4 08 add $0x8,%esp 408df0: c3 ret 408df1: 90 nop
...so the bizarre thing here is that the stack looks correct for all of the pushes leading up to the mov that fails. For some reason though, %ecx did not contain 0x4da918.
So either we got here by jumping to 0x408dc6 or something clobbered %ecx. The only explicit jmp I see to that area is to 0x408dc0:
40854d: e8 6e 08 00 00 call 0x408dc0 <<< here 408552: 68 38 7c 4c 00 push $0x4c7c38
...note that 0x408552 is the return address on the stack just below the 0 that was pushed there by 0x408dc6.
Perhaps someone better versed in windows eccentricities can elaborate. Let me know if other info would be helpful. Also let me know if you have specific debugging you'd like me to do...
http://bugs.winehq.org/show_bug.cgi?id=12322
--- Comment #2 from Jeff Layton jlayton@poochiereds.net 2008-04-06 12:27:07 --- ...forgot to mention the wine version:
wine-0.9.58-1.fc8.i386
http://bugs.winehq.org/show_bug.cgi?id=12322
--- Comment #3 from Jeff Layton jlayton@poochiereds.net 2008-04-11 06:31:05 --- My mistake -- I misread the assembly. This isn't loading 0x4da918 into %ecx. It's loading the contents of addr 0x4da918 into that reg:
408dc0: 8b 0d 18 a9 4d 00 mov 0x4da918,%ecx
...when I set a breakpoint at that address and look:
Wine-dbg>x 0x004da918 00000001
...so these instructions are working as expected, but the contents at that address are not what is expected. I'll have to poke around and see if I can tell what that address is supposed to hold.
http://bugs.winehq.org/show_bug.cgi?id=12322
Alexander Dorofeyev alexd4@inbox.lv changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |alexd4@inbox.lv
--- Comment #4 from Alexander Dorofeyev alexd4@inbox.lv 2008-05-07 07:47:46 --- It works for me in 0.9.61. There have been changes that affect this game recently. Can you please retest with 0.9.61 or better yet with current git and report back. If it still crashes post output of 'glxinfo' on your machine.
http://bugs.winehq.org/show_bug.cgi?id=12322
--- Comment #5 from Jeff Layton jlayton@poochiereds.net 2008-05-16 22:11:07 --- Created an attachment (id=13108) --> (http://bugs.winehq.org/attachment.cgi?id=13108) glxinfo from my machine
I tried it again on wine-1.0-0.1.rc1, using the fedora 8 package recently built in koji, but not yet pushed for updates. It's still crashing in the same spot. glxinfo is attached.
http://bugs.winehq.org/show_bug.cgi?id=12322
--- Comment #6 from Alexander Dorofeyev alexd4@inbox.lv 2008-05-17 03:47:51 --- (In reply to comment #5)
Created an attachment (id=13108)
--> (http://bugs.winehq.org/attachment.cgi?id=13108) [details]
glxinfo from my machine
I tried it again on wine-1.0-0.1.rc1, using the fedora 8 package recently built in koji, but not yet pushed for updates. It's still crashing in the same spot. glxinfo is attached.
Hmm this is strange. Currently several people run this game without this problem. There are minor visual bugs but no crashes.
BTW, it looks like you are running the full game? I've personally tried the demo. Not sure what others who reportedly can run this game are running. Will try to ask them.
If you are running full game, can you check if it reproduces with the demo (http://downloads.gamezone.com/demosfiles/t1699.htm or other locations).
http://bugs.winehq.org/show_bug.cgi?id=12322
Alexander Dorofeyev alexd4@inbox.lv changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |maxm60@gmail.com
--- Comment #7 from Alexander Dorofeyev alexd4@inbox.lv 2008-05-17 03:49:46 --- *** Bug 13206 has been marked as a duplicate of this bug. ***
http://bugs.winehq.org/show_bug.cgi?id=12322
--- Comment #8 from Alexander Dorofeyev alexd4@inbox.lv 2008-05-18 06:35:16 --- After some looking around, I believe this same version of Sacrifice (full, 0678...) should run. Can you please try these things: create a new wine prefix and retest everything (including installing) with this new prefix. Sometimes there may be weird problems because of old wine prefix, including crashes. It won't interfere with your old setup, you can just run 'WINEPREFIX=/.../somedir wine ...setup.exe' and it will automatically create new prefix in somedir. When no longer needed somedir can be removed.
Also, if you are running a dual core or multiprocessor machine, there have been some older games that crash on such machines (even on windows). If you have such machine, try this 'taskset -c 1 wine game-executable', it was reported to help in some cases.
If none of this helps, generate a +ddraw,+d3d7,+d3d log of crashed session.
http://bugs.winehq.org/show_bug.cgi?id=12322
Alexander Dorofeyev alexd4@inbox.lv changed:
What |Removed |Added ---------------------------------------------------------------------------- URL| |http://downloads.gamezone.co | |m/demosfiles/t1699.htm Status|UNCONFIRMED |NEW Ever Confirmed|0 |1 Keywords| |download
--- Comment #9 from Alexander Dorofeyev alexd4@inbox.lv 2008-05-18 07:03:23 --- Oh, never mind the last 2 requests. It dawned on me I never actually tried the game in full screen. And indeed it crashes there every time. It's reproducible with a demo.
Can be run in virtual desktop mode as a workaround.
http://bugs.winehq.org/show_bug.cgi?id=12322
Alexander Dorofeyev alexd4@inbox.lv changed:
What |Removed |Added ---------------------------------------------------------------------------- Summary|Sacrifice game crashes with |Sacrifice game crashes in |unhandled page fault |full screen mode
http://bugs.winehq.org/show_bug.cgi?id=12322
--- Comment #10 from Jeff Layton jlayton@poochiereds.net 2008-05-18 09:00:18 --- Yes. The problem does seem to be fullscreen-related. I can run the game in a virtual desktop without it crashing.
http://bugs.winehq.org/show_bug.cgi?id=12322
Alexander Dorofeyev alexd4@inbox.lv changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution| |FIXED
--- Comment #11 from Alexander Dorofeyev alexd4@inbox.lv 2008-05-29 07:01:32 --- There was a problem with wine enumerating too many video modes and overflowing some buffer in the game. Fix for that is in git and with it the crash is gone for me. Most likely that's the same problem all reporters were seeing. So, marking the bug fixed, reopen if the problem recurs.
Patch: http://source.winehq.org/git/wine.git/?a=commitdiff;h=940ef7a9ff86adbca7cae4...
http://bugs.winehq.org/show_bug.cgi?id=12322
Alexandre Julliard julliard@winehq.org changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |CLOSED
--- Comment #12 from Alexandre Julliard julliard@winehq.org 2008-05-31 04:18:55 --- Closing bugs fixed in 1.0-rc3.
-
wine-bugs@winehq.org