[Bug 28332] New: Wazzal crashes during loading

List overview All Threads

newer

older

[Bug 21150] New: exPressit crashes

[Bug 50038] New:...

wine-bugs＠winehq.org

10 Sep 2011 10 Sep '11

8:18 a.m.

http://bugs.winehq.org/show_bug.cgi?id=28332

Summary: Wazzal crashes during loading Product: Wine Version: 1.3.28 Platform: x86 URL: http://gamejolt.com/freeware/games/wazzal/download/521 0/ OS/Version: Linux Status: UNCONFIRMED Severity: normal Priority: P2 Component: -unknown AssignedTo: wine-bugs@winehq.org ReportedBy: andrew.millington@gmail.com

Created an attachment (id=36307) --> (http://bugs.winehq.org/attachment.cgi?id=36307) wine Wazzal.exe &> loading.txt with wine-1.3.27

Doesn't get past the loading screen and crashes.

More information about this game. http://freegamer.blogspot.com/2011/09/wazzal-dx8-game-open-sourced.html

-- Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email Do not reply to this email, post in Bugzilla using the above URL to reply. ------- You are receiving this mail because: ------- You are watching all bug changes.

Show replies by date

wine-bugs＠winehq.org

10 Sep 10 Sep

8:18 a.m.

New subject: [Bug 28332] Wazzal crashes during loading

http://bugs.winehq.org/show_bug.cgi?id=28332

Andrew Millington andrew.millington@gmail.com changed:

What |Removed |Added ---------------------------------------------------------------------------- Keywords| |download, source

wine-bugs＠winehq.org

12 Sep 12 Sep

7:25 a.m.

New subject: [Bug 28332] Wazzal crashes during loading

http://bugs.winehq.org/show_bug.cgi?id=28332

--- Comment #1 from Austin English austinenglish@gmail.com 2011-09-12 02:25:43 CDT --- Native quartz/devenump/wmp9 may help.

wine-bugs＠winehq.org

11:43 a.m.

New subject: [Bug 28332] Wazzal crashes during loading

http://bugs.winehq.org/show_bug.cgi?id=28332

--- Comment #2 from Andrew Millington andrew.millington@gmail.com 2011-09-12 06:43:26 CDT --- It works with ./winetricks -q devenum quartz

wine-bugs＠winehq.org

5:52 p.m.

New subject: [Bug 28332] Wazzal crashes during loading

http://bugs.winehq.org/show_bug.cgi?id=28332

Austin English austinenglish@gmail.com changed:

What |Removed |Added ---------------------------------------------------------------------------- Component|-unknown |winegstreamer

wine-bugs＠winehq.org

13 Oct 13 Oct

5:38 a.m.

New subject: [Bug 28332] Wazzal crashes during loading

http://bugs.winehq.org/show_bug.cgi?id=28332

--- Comment #3 from Andrew Millington andrew.millington@gmail.com 2012-10-13 00:38:38 CDT --- Still present in wine-1.5.15

wine-bugs＠winehq.org

24 Jan 24 Jan

1:39 a.m.

New subject: [Bug 28332] Wazzal crashes during loading

http://bugs.winehq.org/show_bug.cgi?id=28332

Bruno Jesus 00cpxxx@gmail.com changed:

--- Comment #4 from Bruno Jesus 00cpxxx@gmail.com 2013-01-23 19:39:14 CST --- Still in wine 1.5.22.

wine-bugs＠winehq.org

27 Jul 27 Jul

8:34 p.m.

New subject: [Bug 28332] Wazzal crashes during loading

http://bugs.winehq.org/show_bug.cgi?id=28332

hanska2@luukku.com changed:

What |Removed |Added ---------------------------------------------------------------------------- CC| |hanska2@luukku.com

--- Comment #5 from hanska2@luukku.com --- ALso the launcher seems to be missing some stuff (console spams ie related lines).

still crashing.

wine 1.7.22

-- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.

wine-bugs＠winehq.org

8 Mar 8 Mar

11:59 a.m.

New subject: [Bug 28332] Wazzal crashes during loading

https://bugs.winehq.org/show_bug.cgi?id=28332

Teras teras@luukku.com changed:

What |Removed |Added ---------------------------------------------------------------------------- CC| |teras@luukku.com

--- Comment #6 from Teras teras@luukku.com --- Without overrides, it crashes. But with winetricks -q quartz it works.

Wine 1.7.38

-- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.

wine-bugs＠winehq.org

7 Aug 7 Aug

3:31 p.m.

New subject: [Bug 28332] Wazzal crashes during loading

https://bugs.winehq.org/show_bug.cgi?id=28332

super_man@post.com changed:

What |Removed |Added ---------------------------------------------------------------------------- CC| |super_man@post.com

--- Comment #7 from super_man@post.com --- The download is dead, but shouldnt the component be quartz?

-- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.

wine-bugs＠winehq.org

4:38 p.m.

New subject: [Bug 28332] Wazzal crashes during loading

https://bugs.winehq.org/show_bug.cgi?id=28332

--- Comment #8 from Bruno Jesus 00cpxxx@gmail.com --- Created attachment 52027 --> https://bugs.winehq.org/attachment.cgi?id=52027 log+crash in 1.7.48

I still have the old file, it still crashes after clicking Play.

14a68867d1f846e8c34e4411cc5dedfbf3de212f Wazzal_2010_02_03.exe 5.7Mb

-- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.

wine-bugs＠winehq.org

11 Apr 11 Apr

2:55 p.m.

New subject: [Bug 28332] Wazzal crashes during loading

https://bugs.winehq.org/show_bug.cgi?id=28332

--- Comment #9 from super_man@post.com --- (In reply to Bruno Jesus from comment #8)

...

Created attachment 52027 [details] log+crash in 1.7.48

I still have the old file, it still crashes after clicking Play.

14a68867d1f846e8c34e4411cc5dedfbf3de212f Wazzal_2010_02_03.exe 5.7Mb

err:x11settings:X11DRV_ChangeDisplaySettingsEx No matching mode found 1024x768x32 @0! (XRandR 1.2) wine: Unhandled page fault on read access to 0x00000000 at address 0x4047e4 (thread 0009), starting debugger...

Could it be related to that resolution?

-- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.

wine-bugs＠winehq.org

12 Apr 12 Apr

6:56 a.m.

New subject: [Bug 28332] Wazzal crashes during loading

https://bugs.winehq.org/show_bug.cgi?id=28332

--- Comment #10 from Bruno Jesus 00cpxxx@gmail.com --- Problem still present in wine 1.9.7, winetricks quartz devenum required, I'll come back to this later.

-- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.

wine-bugs＠winehq.org

2 Feb 2 Feb

10:39 a.m.

New subject: [Bug 28332] Wazzal crashes during loading

https://bugs.winehq.org/show_bug.cgi?id=28332

winetest@luukku.com changed:

What |Removed |Added ---------------------------------------------------------------------------- CC| |winetest@luukku.com

--- Comment #11 from winetest@luukku.com --- (In reply to Bruno Jesus from comment #10)

...

Problem still present in wine 1.9.7, winetricks quartz devenum required, I'll come back to this later.

Download dead. Setting virtual desktop to that specific resolution should prevent crashing.

-- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.

wine-bugs＠winehq.org

4 Dec 4 Dec

1:42 a.m.

New subject: [Bug 28332] Wazzal crashes during loading

https://bugs.winehq.org/show_bug.cgi?id=28332

Aaron Franke arnfranke@yahoo.com changed:

What |Removed |Added ---------------------------------------------------------------------------- CC| |arnfranke@yahoo.com

--- Comment #12 from Aaron Franke arnfranke@yahoo.com --- Does the issue occur on Wine 2.22 or higher?

Does the game run if winegstreamer is set to disabled?

-- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.

WineHQ Bugzilla

7 Jun 7 Jun

7:02 p.m.

New subject: [Bug 28332] Wazzal crashes during loading

https://bugs.winehq.org/show_bug.cgi?id=28332

joaopa jeremielapuree@yahoo.fr changed:

What |Removed |Added ---------------------------------------------------------------------------- CC| |jeremielapuree@yahoo.fr

--- Comment #13 from joaopa jeremielapuree@yahoo.fr --- Nice! Bug is fixed in wine-5.10. No crash. You can test it by yourself with the download http://www.tucows.com/preview/250650/Wazzal

Can an administrator close this bug FIXED?

-- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.

WineHQ Bugzilla

21 Nov 21 Nov

8:25 p.m.

New subject: [Bug 28332] Wazzal crashes during loading

https://bugs.winehq.org/show_bug.cgi?id=28332

--- Comment #14 from joaopa jeremielapuree@yahoo.fr --- FIXED since a long time. Can an a administrator close this bug as ABANDONED?

-- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.

WineHQ Bugzilla

9:35 p.m.

New subject: [Bug 28332] Wazzal 1.2 (2002 release) crashes after clicking 'Play'

https://bugs.winehq.org/show_bug.cgi?id=28332

Anastasius Focht focht@gmx.net changed:

--- Comment #15 from Anastasius Focht focht@gmx.net --- Hello folks,

I've added snapshots via Internet Archive:

https://www.moddb.com/downloads/mirror/30600/124/e8cd4cec875131f576a12dc6262...

https://web.archive.org/web/20201121204057/https://sjc3.dl.dbolical.com/dl/2...

@joaopa

--- quote --- FIXED since a long time. --- quote ---

Not true. Your link leads to a different version/flavour of the game I dub as "2010 build":

http://www.tucows.com/thankyou.html?swid=250650

https://web.archive.org/web/20201121203123/http://www.tucows.com/download/ga...

The 2010 build of the game works even with very old Wine 1.5.x and 1.7.x releases. I've tested it.

===

Installers:

"old"

--- snip --- -=[ ProtectionID v0.6.9.0 DECEMBER]=- (c) 2003-2017 CDKiLLER & TippeX Build 24/12/17-21:05:42 Ready... Scanning -> Z:\home\focht\Downloads\Wazzal_2010_02_03.exe File Type : 32-Bit Exe (Subsystem : Win GUI / 2), Size : 5949870 (05AC9AEh) Byte(s) | Machine: 0x14C (I386) Compilation TimeStamp : 0x4B445E48 -> Wed 06th Jan 2010 09:56:24 (GMT) [TimeStamp] 0x4B445E48 -> Wed 06th Jan 2010 09:56:24 (GMT) | PE Header | - | Offset: 0x00000108 | VA: 0x00400108 | - -> File has 5809582 (058A5AEh) bytes of appended data starting at offset 022400h [LoadConfig] CodeIntegrity -> Flags 0xA3F0 | Catalog 0x46 (70) | Catalog Offset 0x2000001 | Reserved 0x46A4A0 [LoadConfig] GuardAddressTakenIatEntryTable 0x8000011 | Count 0x46A558 (4629848) [LoadConfig] GuardLongJumpTargetTable 0x8000001 | Count 0x46A5F8 (4630008) [LoadConfig] HybridMetadataPointer 0x8000011 | DynamicValueRelocTable 0x46A66C [LoadConfig] FailFastIndirectProc 0x8000011 | FailFastPointer 0x46C360 [LoadConfig] UnknownZero1 0x8000011 [File Heuristics] -> Flag #1 : 00000000000001001100000000100101 (0x0004C025) [Entrypoint Section Entropy] : 6.05 (section #1) ".itext " | Size : 0xB34 (2868) byte(s) [DllCharacteristics] -> Flag : (0x8000) -> TSA [SectionCount] 9 (0x9) | ImageSize 0x2E000 (188416) byte(s) [VersionInfo] Company Name : monkkonen.net [VersionInfo] Product Name : Wazzal [VersionInfo] File Description : Wazzal Setup [VersionInfo] Version Comments : This installation was built with Inno Setup. [ModuleReport] [IAT] Modules -> oleaut32.dll | advapi32.dll | user32.dll | kernel32.dll | kernel32.dll | user32.dll | kernel32.dll | advapi32.dll | comctl32.dll | kernel32.dll | advapi32.dll | oleaut32.dll [-= Installer =-] Inno Setup v5.3.7 Module [CompilerDetect] -> Borland Delphi - Scan Took : 0.257 Second(s) [000000101h (257) tick(s)] [566 of 580 scan(s) done] --- snip ---

"new"

--- snip --- Scanning -> Z:\home\focht\Downloads\Wazzal12.exe File Type : 32-Bit Exe (Subsystem : Win GUI / 2), Size : 5666842 (056781Ah) Byte(s) | Machine: 0x14C (I386) Compilation TimeStamp : 0x2A425E19 -> Fri 19th Jun 1992 22:22:17 (GMT) [TimeStamp] 0x2A425E19 -> Fri 19th Jun 1992 22:22:17 (GMT) | PE Header | - | Offset: 0x00000108 | VA: 0x00400108 | - -> File has 5558810 (054D21Ah) bytes of appended data starting at offset 01A600h [LoadConfig] CodeIntegrity -> Flags 0xA3F0 | Catalog 0x46 (70) | Catalog Offset 0x2000001 | Reserved 0x46A4A0 [LoadConfig] GuardAddressTakenIatEntryTable 0x8000011 | Count 0x46A558 (4629848) [LoadConfig] GuardLongJumpTargetTable 0x8000001 | Count 0x46A5F8 (4630008) [LoadConfig] HybridMetadataPointer 0x8000011 | DynamicValueRelocTable 0x46A66C [LoadConfig] FailFastIndirectProc 0x8000011 | FailFastPointer 0x46C360 [LoadConfig] UnknownZero1 0x8000011 [File Heuristics] -> Flag #1 : 00000000000000001100001000100111 (0x0000C227) [Entrypoint Section Entropy] : 7.90 (section #1) "UPX1 " | Size : 0x18600 (99840) byte(s) [DllCharacteristics] -> Flag : (0x0000) -> NONE [SectionCount] 3 (0x3) | ImageSize 0x48000 (294912) byte(s) [ModuleReport] [IAT] Modules -> KERNEL32.DLL | advapi32.dll | comctl32.dll | gdi32.dll | ole32.dll | oleaut32.dll | shell32.dll | user32.dll | version.dll [-= Installer =-] Ghost Installer Module ! [!] UPX 1.20 compressed ! upx internal version : 012 / compression method : 02 (M_NRV2B_LE32) - Level : 010 decompressed adler32 : 0x28F0F142 / compressed adler32 : 0x354761E5 uncompressed size : 0x00043F54 (0278356) / compressed size : 0x000183D0 (099280) original file size : 0x0003BC00 (0244736) / filter : 0x026 / ct0 0x0E / linkchecksum : 0x02F [CompilerDetect] -> Borland Delphi (unknown version) - 80% probability - Scan Took : 0.441 Second(s) [0000001B9h (441) tick(s)] [566 of 580 scan(s) done] --- snip ---

Main executables:

"old"

--- snip --- Scanning -> C:\Program Files (x86)\Wazzal\Wazzal.exe File Type : 32-Bit Exe (Subsystem : Win GUI / 2), Size : 397312 (061000h) Byte(s) | Machine: 0x14C (I386) Compilation TimeStamp : 0x3CB0544C -> Sun 07th Apr 2002 14:14:36 (GMT) [TimeStamp] 0x3CB0544C -> Sun 07th Apr 2002 14:14:36 (GMT) | PE Header | - | Offset: 0x00000100 | VA: 0x00400100 | - [LoadConfig] CodeIntegrity -> Flags 0xA3F0 | Catalog 0x46 (70) | Catalog Offset 0x2000001 | Reserved 0x46A4A0 [LoadConfig] GuardAddressTakenIatEntryTable 0x8000011 | Count 0x46A558 (4629848) [LoadConfig] GuardLongJumpTargetTable 0x8000001 | Count 0x46A5F8 (4630008) [LoadConfig] HybridMetadataPointer 0x8000011 | DynamicValueRelocTable 0x46A66C [LoadConfig] FailFastIndirectProc 0x8000011 | FailFastPointer 0x46C360 [LoadConfig] UnknownZero1 0x8000011 [File Heuristics] -> Flag #1 : 00000000000000000000000000000000 (0x00000000) [Entrypoint Section Entropy] : 6.79 (section #0) ".text " | Size : 0x4CD4E (314702) byte(s) [DllCharacteristics] -> Flag : (0x0000) -> NONE [SectionCount] 4 (0x4) | ImageSize 0x6C2000 (7086080) byte(s) [VersionInfo] Product Version : 1. 2. 0. 0 [VersionInfo] File Description : Wazzal. a space privateering game [VersionInfo] File Version : 1. 2. 0. 0 [VersionInfo] Original FileName : Wazzal.exe [VersionInfo] Internal Name : Wazzal [VersionInfo] Legal Copyrights : Copyright © 2002 Ville Mönkkönen [ModuleReport] [IAT] Modules -> KERNEL32.dll | USER32.dll | GDI32.dll | ole32.dll | WINMM.dll | d3d8.dll | DINPUT8.dll | DSOUND.dll [CompilerDetect] -> Visual C++ 6.0 [!] File appears to have no protection or is using an unknown protection - Scan Took : 0.557 Second(s) [00000022Dh (557) tick(s)] [506 of 580 scan(s) done] --- snip ---

"new"

--- snip --- Scanning -> Z:\home\focht\Downloads\wazzal\Wazzal_1200\Wazzal.exe File Type : 32-Bit Exe (Subsystem : Win GUI / 2), Size : 644608 (09D600h) Byte(s) | Machine: 0x14C (I386) Compilation TimeStamp : 0x4B697135 -> Wed 03rd Feb 2010 12:51:01 (GMT) [TimeStamp] 0x4B697135 -> Wed 03rd Feb 2010 12:51:01 (GMT) | PE Header | - | Offset: 0x00000130 | VA: 0x00400130 | - [LoadConfig] CodeIntegrity -> Flags 0xA3F0 | Catalog 0x46 (70) | Catalog Offset 0x2000001 | Reserved 0x46A4A0 [LoadConfig] GuardAddressTakenIatEntryTable 0x8000011 | Count 0x46A558 (4629848) [LoadConfig] GuardLongJumpTargetTable 0x8000001 | Count 0x46A5F8 (4630008) [LoadConfig] HybridMetadataPointer 0x8000011 | DynamicValueRelocTable 0x46A66C [LoadConfig] FailFastIndirectProc 0x8000011 | FailFastPointer 0x46C360 [LoadConfig] UnknownZero1 0x8000011 [File Heuristics] -> Flag #1 : 00000000000001001101000000000000 (0x0004D000) [Entrypoint Section Entropy] : 6.80 (section #0) ".text " | Size : 0x6E297 (451223) byte(s) [DllCharacteristics] -> Flag : (0x8140) -> ASLR | DEP | TSA [SectionCount] 6 (0x6) | ImageSize 0x6D8000 (7176192) byte(s) [VersionInfo] Product Version : 1. 2. 0. 0 [VersionInfo] File Description : Wazzal. a space privateering game [VersionInfo] File Version : 1. 2. 0. 0 [VersionInfo] Original FileName : Wazzal.exe [VersionInfo] Internal Name : Wazzal [VersionInfo] Legal Copyrights : Copyright © 2002 Ville Mönkkönen [ModuleReport] [IAT] Modules -> WINMM.dll | DSOUND.dll | KERNEL32.dll | USER32.dll | GDI32.dll | ADVAPI32.dll | SHELL32.dll | ole32.dll | OLEAUT32.dll | d3d8.dll | DINPUT8.dll [CompilerDetect] -> Visual C++ 9.0 (Visual Studio 2008) [!] File appears to have no protection or is using an unknown protection - Scan Took : 0.598 Second(s) [000000256h (598) tick(s)] [506 of 580 scan(s) done] --- snip ---

old:

Compilation TimeStamp : 0x3CB0544C -> Sun 07th Apr 2002 14:14:36 (GMT) [CompilerDetect] -> Visual C++ 6.0

new:

Compilation TimeStamp : 0x4B697135 -> Wed 03rd Feb 2010 12:51:01 [CompilerDetect] -> Visual C++ 9.0 (Visual Studio 2008)

This wasn't just a rebuild with a newer Visual C++ version but a partial rewrite. Someone didn't bother to change the version resource which is questionable at best.

Wine 5.18 (relay prevents the crash)

--- snip --- $ WINEDEBUG=+seh,+loaddll,+quartz wine ./Wazzal.exe >>log.txt 2>&1 ... 02dc:trace:quartz:enum_moniker_create Created enumerator 015017D0. 02dc:trace:quartz:enum_moniker_Next iface 015017D0, count 1, filters 0031FA5C, ret_count 00000000. 039c:trace:loaddll:build_module Loaded L"C:\windows\system32\winegstreamer.dll" at 72C50000: builtin 02dc:trace:quartz:FilterGraph2_AddFilter graph 015012C0, filter 024E1618, name L"GStreamer splitter filter". 02dc:trace:quartz:autoplug_through_filter Trying to autoplug 01501568 to 00000000 through 024E1618. 02dc:trace:quartz:autoplug_through_sink Trying to autoplug 01501568 to 00000000 through 024E1768. 02dc:trace:quartz:FilterGraph2_ConnectDirect (015012C0/015012C4)->(01501568, 024E1768, 00000000) 02dc:trace:quartz:FilterGraph2_ConnectDirect Filter owning ppinIn(01501568) => 01501418 02dc:trace:quartz:FilterGraph2_ConnectDirect Filter owning ppinOut(024E1768) => 024E1618 02dc:trace:quartz:FileAsyncReaderPin_AttemptConnection 01501568->(024E1768, 0031F75C) 02dc:trace:quartz:FileAsyncReader_Length iface 015016D0, total 024E18E8, available 0031F680. 0380:trace:quartz:FileAsyncReader_SyncRead filter 01501418, offset 0, length 4096, buffer 7A310610. 0380:trace:quartz:sync_read Returning 4096 bytes. 0390:trace:quartz:FileAsyncReader_SyncRead filter 01501418, offset 0, length 4096, buffer 7A408880. 0390:trace:quartz:sync_read Returning 4096 bytes. 0380:trace:quartz:FileAsyncReader_SyncRead filter 01501418, offset 1732da, length 32, buffer 7B5252A8. ... 02dc:trace:quartz:FileAsyncReaderPin_AttemptConnection -- 0 02dc:trace:quartz:autoplug Trying to autoplug 024E1CA0 to 00000000, recursion depth 1. 02dc:trace:quartz:autoplug_through_filter Trying to autoplug 024E1CA0 to 00000000 through 024E1618. 02dc:trace:quartz:autoplug_through_sink Trying to autoplug 024E1CA0 to 00000000 through 024E1CA0. 02dc:trace:quartz:autoplug_through_sink Trying to autoplug 024E1CA0 to 00000000 through 024E1768. 02dc:trace:quartz:autoplug_through_filter Trying to autoplug 024E1CA0 to 00000000 through 01501418. 02dc:trace:quartz:autoplug_through_sink Trying to autoplug 024E1CA0 to 00000000 through 01501568. 02dc:trace:quartz:Inner_QueryInterface (023039B0)->({b79bb0b0-33c1-11d1-abe1-00a0c905f375}, 0031F888) 02dc:trace:quartz:FilterGraphInner_AddRef (015012C0)->(): new ref = 5 02dc:trace:quartz:FilterMapper3_EnumMatchingFilters (0031F884, 0, false, 400000, true, 1, 0031F8B8, 00000000, 00000000, false, false, 00000000, 00000000, 00000000) 02dc:trace:quartz:FilterMapper3_EnumMatchingFilters Considering category L"DirectShow Filters" 02dc:trace:quartz:FilterMapper3_EnumMatchingFilters Considering filter L"MP3 Decoder DMO" 02dc:trace:quartz:DllGetClassObject ({cda42200-bd88-11d0-bd4e-00a0c911ce86},{00000001-0000-0000-c000-000000000046},0031F578) 02dc:trace:quartz:DSCF_CreateInstance (024E1F40)->(00000000,{97f7c4d4-547b-4a5f-8332-536430ad2e4d},0031F57C) 02dc:trace:quartz:filter_mapper_create Created filter mapper 024E1F58. 02dc:trace:quartz:Inner_QueryInterface (024E1F58)->({97f7c4d4-547b-4a5f-8332-536430ad2e4d}, 0031F57C) 02dc:trace:quartz:Inner_AddRef (024E1F58)->(): new ref = 2 02dc:trace:quartz:Inner_Release (024E1F58)->(): new ref = 1 02dc:trace:quartz:AMFilterData_CreateFilterData (024E1F58/024E1F64)->(0031F670, 0031F628, 0031F624) 02dc:trace:quartz:Inner_Release (024E1F58)->(): new ref = 0 02dc:trace:quartz:FM2_ReadFilterData version = 2, merit = 600800, #pins = 2, unused = 0 02dc:trace:quartz:FM2_ReadFilterData signature = "0pi3" 02dc:trace:quartz:FM2_ReadFilterData pin[0]: flags = 0, instances = 1, media types = 1, mediums = 0 02dc:trace:quartz:FM2_ReadFilterData signature = "0ty3" 02dc:trace:quartz:FM2_ReadFilterData signature = "1pi3" 02dc:trace:quartz:FM2_ReadFilterData pin[1]: flags = 8, instances = 1, media types = 1, mediums = 0 02dc:trace:quartz:FM2_ReadFilterData signature = "0ty3" 02dc:trace:quartz:FilterMapper3_EnumMatchingFilters Considering filter L"AVI Splitter" ... 02dc:trace:quartz:MediaControl_Run Filter 024E1618 returned 0. 02dc:trace:quartz:MediaControl_Run Filter 01501418 returned 0. 02dc:trace:quartz:FilterGraphInner_AddRef (015012C0)->(): new ref = 4 02dc:trace:quartz:FilterGraphInner_QueryInterface (015012C0)->({56a868c0-0ad4-11ce-b03a-0020af0ba770}, 00AC0A00) 0390:trace:quartz:async_run_cb Performing asynchronous state change. 02dc:trace:quartz:FilterGraphInner_QueryInterface returning IMediaEvent(Ex) interface (015012DC) 02dc:trace:quartz:FilterGraphInner_AddRef (015012C0)->(): new ref = 5 02dc:trace:quartz:MediaEvent_SetNotifyWindow (015012C0/015012DC)->(00040080, 32769, 00000000) ... 0390:trace:quartz:FilterGraphInner_Release (015012C0)->(): new ref = 4 0380:trace:quartz:DSoundRender_UpdatePositions Moving from 0 to 1764: clearing 1764 bytes 0380:trace:quartz:SystemClockImpl_GetTime clock 024E1EE8, time 0813FD28, returning 21117.069. 0380:warn:quartz:DSoundRender_GetWritePos Delta too big 0.179/0.0, too far ahead 0380:warn:quartz:DSoundRender_GetWritePos Advancing 31572 bytes 0380:trace:quartz:DSoundRender_UpdatePositions Moving from 1764 to 3528: clearing 1764 bytes 0380:trace:quartz:SystemClockImpl_GetTime clock 024E1EE8, time 0813FD28, returning 21117.079. 0380:warn:quartz:DSoundRender_GetWritePos Delta too big 0.169/0.0, too far ahead 0380:warn:quartz:DSoundRender_GetWritePos Advancing 29808 bytes 0380:trace:quartz:DSoundRender_UpdatePositions Moving from 3528 to 5292: clearing 1764 bytes 0380:trace:quartz:SystemClockImpl_GetTime clock 024E1EE8, time 0813FD28, returning 21117.09. 0380:warn:quartz:DSoundRender_GetWritePos Delta too big 0.158/0.0, too far ahead 0380:warn:quartz:DSoundRender_GetWritePos Advancing 27868 bytes 0380:trace:quartz:DSoundRender_UpdatePositions Moving from 5292 to 7056: clearing 1764 bytes 0380:trace:quartz:SystemClockImpl_GetTime clock 024E1EE8, time 0813FD28, returning 21117.101. 0380:warn:quartz:DSoundRender_GetWritePos Delta too big 0.147/0.0, too far ahead 0380:warn:quartz:DSoundRender_GetWritePos Advancing 25928 bytes 0380:trace:quartz:DSoundRender_GetWritePos Blocked: too full 0.1569841 / 0.15 02dc:trace:seh:dispatch_exception code=c0000005 flags=0 addr=01501418 ip=01501418 tid=02dc 02dc:trace:seh:dispatch_exception info[0]=00000008 02dc:trace:seh:dispatch_exception info[1]=01501418 02dc:trace:seh:dispatch_exception eax=fffffffe ebx=00000000 ecx=0031fd90 edx=00000000 esi=00af2c40 edi=01501418 02dc:trace:seh:dispatch_exception ebp=00000001 esp=0031fe40 cs=0023 ds=002b es=002b fs=0063 gs=006b flags=00010297 02dc:trace:seh:call_vectored_handlers calling handler at 6CA5BBA0 code=c0000005 flags=0 02dc:trace:seh:call_vectored_handlers handler at 6CA5BBA0 returned 0 02dc:trace:seh:call_vectored_handlers calling handler at 661E99A0 code=c0000005 flags=0 02dc:trace:seh:call_vectored_handlers handler at 661E99A0 returned 0 02dc:trace:seh:call_vectored_handlers calling handler at 01D98710 code=c0000005 flags=0 02dc:trace:seh:call_vectored_handlers handler at 01D98710 returned 0 02dc:trace:seh:call_vectored_handlers calling handler at 7B00ED80 code=c0000005 flags=0 02dc:trace:seh:call_vectored_handlers handler at 7B00ED80 returned 0 02dc:trace:seh:call_stack_handlers calling handler at 0046ED9B code=c0000005 flags=0 02dc:trace:seh:call_stack_handlers handler at 0046ED9B returned 1 02dc:trace:seh:call_stack_handlers calling handler at 00431120 code=c0000005 flags=0 02dc:trace:seh:call_stack_handlers handler at 00431120 returned 1 02dc:trace:seh:call_stack_handlers calling handler at 7BC50EF0 code=c0000005 flags=0 wine: Unhandled page fault on execute access to 01501418 at address 01501418 (thread 02dc), starting debugger... --- snip ---

The game build from 2002 mentioned in Bruno's comment #8 was fixed in Wine 5.19 release.

$ sha1sum Wazzal* c65bea7ad43563337717e4c6a8a2337b9146336d Wazzal12.exe 14a68867d1f846e8c34e4411cc5dedfbf3de212f Wazzal_2010_02_03.exe

$ du -sh Wazzal* 5.5M Wazzal12.exe 5.7M Wazzal_2010_02_03.exe

$ wine --version wine-5.22

Regards

-- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.

WineHQ Bugzilla

10:55 p.m.

New subject: [Bug 28332] Wazzal 1.2 (2002 release) crashes after clicking 'Play'

https://bugs.winehq.org/show_bug.cgi?id=28332

Zebediah Figura z.figura12@gmail.com changed:

What |Removed |Added ---------------------------------------------------------------------------- CC| |z.figura12@gmail.com

--- Comment #16 from Zebediah Figura z.figura12@gmail.com --- How sure are you that it's fixed in 5.19? I'm a little concerned as there doesn't seem to have been anything relevant touching quartz or winegstreamer in that release, and I don't see evidence of amstream in the logs.

-- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.

WineHQ Bugzilla

23 Nov 23 Nov

12:34 a.m.

New subject: [Bug 28332] Wazzal 1.2 (2002 release) crashes after clicking 'Play'

https://bugs.winehq.org/show_bug.cgi?id=28332

Anastasius Focht focht@gmx.net changed:

--- Comment #17 from Anastasius Focht focht@gmx.net --- Hello Zebediah,

--- quote --- How sure are you that it's fixed in 5.19? I'm a little concerned as there doesn't seem to have been anything relevant touching quartz or winegstreamer in that release, and I don't see evidence of amstream in the logs. --- quote ---

good call. Turns out it just works by chance in PE builds which is nowadays the preferred way of building Wine.

Reverse bisecting reveals the game starts "working" (intro animation is shown, no crash) with 0c631ebb2354334 in PE builds:

--- snip --- ... $ git bisect fixed Bisecting: 2 revisions left to test after this (roughly 2 steps) [e5c0e8e296a114aeca41fcb67c73f55e1d37d002] ntdll: Use load_dll() to load kernel32 to support PE format.

$ git bisect unfixed Bisecting: 0 revisions left to test after this (roughly 1 step) [725bb795f8f8793b6649f01eb28e3238b9099025] configure: Don't disable ntdll or kernel32 for Windows builds.

$ git bisect fixed Bisecting: 0 revisions left to test after this (roughly 0 steps) [0c631ebb2354334eaf309bc0765d3283654cf902] kernel32: Build with msvcrt. --- snip ---

https://source.winehq.org/git/wine.git/commitdiff/0c631ebb2354334eaf309bc076...

(referenced in bug 15437)

This change doesn't make sense in first place for "fixing" a quartz issue - until much later. See stack alignment analysis / entry point stack.

After switching to non-PE builds (GCC 10.x / FC32) it still crashes with Wine 5.19 or higher (Wine 5.22)

Using relay debugging prevents the crash (different stack layout).

--- snip --- ... 0024:trace:quartz:async_reader_create Created file source 00E21418. 0024:trace:quartz:FileSource_Load 00E21418->(L"sound/music0.mp3", 00000000) 0024:trace:quartz:FilterGraph2_AddFilter graph 00E212C0, filter 00E21418, name L"sound/music0.mp3". 0024:trace:quartz:MediaControl_Stop graph 00E212C0. 0024:trace:quartz:MediaFilter_Stop graph 00E212C0. 0024:trace:quartz:FilterGraph2_EnumFilters graph 00E212C0, out 0031FB14. 0024:trace:quartz:FilterGraphInner_AddRef (00E212C0)->(): new ref = 4 0024:trace:quartz:EnumFilters_Skip enum_filters 01AD9AD8, count 1. 0024:trace:quartz:EnumFilters_Reset enum_filters 01AD9AD8. 0024:trace:quartz:EnumFilters_Next enum_filters 01AD9AD8, count 1, filters 0031FB00, fetched 00000000. 0024:trace:quartz:EnumFilters_Next enum_filters 01AD9AD8, count 1, filters 0031FB04, fetched 00000000. 0024:trace:quartz:EnumFilters_Release 01AD9AD8 decreasing refcount to 0. 0024:trace:quartz:FilterGraphInner_Release (00E212C0)->(): new ref = 3 0024:trace:quartz:FilterGraph2_Render graph 00E212C0, source 00E21568. 0024:trace:quartz:autoplug Trying to autoplug 00E21568 to 00000000, recursion depth 0. 0024:trace:quartz:autoplug_through_filter Trying to autoplug 00E21568 to 00000000 through 00E21418. 0024:trace:quartz:autoplug_through_sink Trying to autoplug 00E21568 to 00000000 through 00E21568. 0024:trace:quartz:Inner_QueryInterface (01866E90)->({b79bb0b0-33c1-11d1-abe1-00a0c905f375}, 0031FA3C) 0024:trace:quartz:FilterGraphInner_AddRef (00E212C0)->(): new ref = 4 0024:trace:quartz:FilterMapper3_EnumMatchingFilters (0031FA44, 0, false, 400000, true, 1, 0031FA70, 00000000, 00000000, false, false, 00000000, 00000000, 00000000) 0024:trace:loaddll:build_module Loaded L"C:\windows\system32\avicap32.dll" at 72040000: builtin 0024:trace:loaddll:build_module Loaded L"C:\windows\system32\msdmo.dll" at 72020000: builtin 0024:trace:loaddll:build_module Loaded L"C:\windows\system32\devenum.dll" at 79710000: builtin 0024:trace:quartz:FilterMapper3_EnumMatchingFilters Considering category L"DirectShow Filters" 0024:trace:quartz:FilterMapper3_EnumMatchingFilters Considering filter L"MP3 Decoder DMO" ... 0024:trace:quartz:MediaControl_Run Filter 01ADBEE8 returned 0. 0024:trace:quartz:MediaControl_Run Filter 00E21418 returned 0. 0024:trace:quartz:FilterGraphInner_AddRef (00E212C0)->(): new ref = 4 0024:trace:quartz:FilterGraphInner_QueryInterface (00E212C0)->({56a868c0-0ad4-11ce-b03a-0020af0ba770}, 00AC0A00) 01a0:trace:quartz:async_run_cb Performing asynchronous state change. 0024:trace:quartz:FilterGraphInner_QueryInterface returning IMediaEvent(Ex) interface (00E212DC) 0024:trace:quartz:FilterGraphInner_AddRef (00E212C0)->(): new ref = 5 0024:trace:quartz:MediaEvent_SetNotifyWindow (00E212C0/00E212DC)->(0002006c, 32769, 00000000) 0190:trace:quartz:BaseMemAllocator_GetBuffer (01B16288)->(0777FDD4, 00000000, 00000000, 0) 0190:trace:quartz:StdMediaSample2_AddRef (01B16300)->(): new ref = 1 0190:trace:quartz:StdMediaSample2_SetTime sample 01B16300, start (null), end (null). 0190:trace:quartz:StdMediaSample2_SetActualDataLength (01B16300)->(4608) 0190:trace:quartz:StdMediaSample2_GetPointer (01B16300)->(0777FDD0) 0190:trace:quartz:StdMediaSample2_SetTime sample 01B16300, start 0.0, end 0.0261224. 0190:trace:quartz:StdMediaSample2_SetMediaTime sample 01B16300, start 0.0, end 0.0261224. 0190:trace:quartz:StdMediaSample2_SetDiscontinuity (01B16300)->(TRUE) 0190:trace:quartz:StdMediaSample2_SetPreroll (01B16300)->(FALSE) 0190:trace:quartz:StdMediaSample2_SetSyncPoint (01B16300)->(TRUE) 0190:trace:quartz:StdMediaSample2_GetMediaType (01B16300)->(0777FD08) 0190:trace:quartz:StdMediaSample2_GetTime (01B16300)->(0777FCC8, 0777FCD0) 0190:trace:quartz:StdMediaSample2_GetPointer (01B16300)->(0777FCBC) 0190:trace:quartz:StdMediaSample2_GetTime (01B16300)->(0777FCD8, 0777FCE0) 0190:trace:quartz:StdMediaSample2_IsPreroll (01B16300)->() 0190:trace:quartz:StdMediaSample2_GetActualDataLength (01B16300)->() 01a0:trace:quartz:sort_filter_recurse Sorting filter 00E21B20. 0190:trace:quartz:DSoundRender_DoRenderSample Sample data ptr = 01460000, size = 4608 01a0:trace:quartz:sort_filter_recurse Sorting filter 01ADBEE8. 01a0:trace:quartz:sort_filter_recurse Sorting filter 00E21418. 01a0:trace:quartz:SystemClockImpl_GetTime clock 01ADC7E8, time 00E213E8, returning 21656.167. 01a0:trace:quartz:MediaSeeking_GetStopPosition graph 00E212C0, stop 0799FE28. 01a0:trace:quartz:MediaSeeking_GetStopPosition Returning 4965dc14 (123.1412244 seconds). 01a0:trace:quartz:graph_start Filter 00E21B20 returned 0. 01a0:trace:quartz:graph_start Filter 01ADBEE8 returned 0. 01a0:trace:quartz:graph_start Filter 00E21418 returned 0. 01a0:trace:quartz:FilterGraphInner_Release (00E212C0)->(): new ref = 4 0190:trace:quartz:DSoundRender_UpdatePositions Moving from 0 to 1764: clearing 1764 bytes 0190:trace:quartz:SystemClockImpl_GetTime clock 01ADC7E8, time 0777FCE8, returning 21656.178. 0190:warn:quartz:DSoundRender_GetWritePos Delta too big 0.179/0.0, too far ahead 0190:warn:quartz:DSoundRender_GetWritePos Advancing 31572 bytes 0190:trace:quartz:DSoundRender_UpdatePositions Moving from 1764 to 3528: clearing 1764 bytes 0190:trace:quartz:SystemClockImpl_GetTime clock 01ADC7E8, time 0777FCE8, returning 21656.188. 0190:warn:quartz:DSoundRender_GetWritePos Delta too big 0.169/0.0, too far ahead 0190:warn:quartz:DSoundRender_GetWritePos Advancing 29808 bytes 0190:trace:quartz:DSoundRender_UpdatePositions Moving from 3528 to 5292: clearing 1764 bytes 0190:trace:quartz:SystemClockImpl_GetTime clock 01ADC7E8, time 0777FCE8, returning 21656.199. 0190:warn:quartz:DSoundRender_GetWritePos Delta too big 0.158/0.0, too far ahead 0190:warn:quartz:DSoundRender_GetWritePos Advancing 27868 bytes 0190:trace:quartz:DSoundRender_UpdatePositions Moving from 5292 to 7056: clearing 1764 bytes 0190:trace:quartz:SystemClockImpl_GetTime clock 01ADC7E8, time 0777FCE8, returning 21656.209. 0190:warn:quartz:DSoundRender_GetWritePos Delta too big 0.148/0.0, too far ahead 0190:warn:quartz:DSoundRender_GetWritePos Advancing 26104 bytes 0190:trace:quartz:DSoundRender_GetWritePos Blocked: too full 0.1579818 / 0.15 0024:trace:seh:dispatch_exception code=c0000005 flags=0 addr=00E21418 ip=00e21418 tid=0024 0024:trace:seh:dispatch_exception info[0]=00000008 0024:trace:seh:dispatch_exception info[1]=00e21418 0024:trace:seh:dispatch_exception eax=fffffffe ebx=00000000 ecx=0031fe34 edx=00000000 esi=7e678fb0 edi=00e21418 0024:trace:seh:dispatch_exception ebp=00000001 esp=0031fe30 cs=0023 ds=002b es=002b fs=0063 gs=006b flags=00010297 0024:trace:seh:call_vectored_handlers calling handler at 6CA5BBA0 code=c0000005 flags=0 0024:trace:seh:call_vectored_handlers handler at 6CA5BBA0 returned 0 0024:trace:seh:call_vectored_handlers calling handler at 661E99A0 code=c0000005 flags=0 ... wine: Unhandled page fault on execute access to 00E21418 at address 00E21418 (thread 0024), starting debugger... --- snip ---

The game repeatedly calls 'EnumFilters_Next()' which corrupts a saved register (EDI) on stack from caller chain which is later used as function pointer.

--- snip -- 0042032A | push 7F8 | 0042032F | mov dword ptr ds:[AC0998],eax | 00420334 | call wazzal.42CECD | 00420339 | push ebx | 0042033A | mov dword ptr ds:[AC099C],eax | 0042033F | mov eax,dword ptr ds:[AC0994] | 00420344 | push ebx | 00420345 | push eax | 00420346 | push wazzal.477CB4 | "models/obj1.3dw" 0042034B | call wazzal.403BB0 | 00420350 | mov ecx,dword ptr ds:[AC0998] | 00420356 | push ebx | 00420357 | push ebx | 00420358 | push ecx | 00420359 | push wazzal.477CA4 | "models/obj2.3dw" 0042035E | call wazzal.403BB0 | 00420363 | mov edx,dword ptr ds:[AC099C] | 00420369 | push ebx | 0042036A | push ebx | 0042036B | push edx | 0042036C | push wazzal.477C90 | "models/ships.3dw" 00420371 | call wazzal.403BB0 | 00420376 | mov eax,dword ptr ds:[5238CC] | 0042037B | add esp,3C | 0042037E | push 91000000 | 00420383 | push FFFFFFF0 | 00420385 | push eax | 00420386 | call dword ptr ds:[4702A8] | 0042038C | push ebx | 0042038D | call esi | 0042038F | push ebx | 00420390 | call edi | *boom*, corrupted EDI 00420392 | mov eax,dword ptr ds:[54DA28] | 00420397 | mov ecx,dword ptr ds:[eax] | --- snip ---

Previous call chain/sequence:

Wine source:

https://source.winehq.org/git/wine.git/blob/f7d815089580cebe2682683345272858...

--- snip --- 287 static HRESULT WINAPI EnumFilters_Next(IEnumFilters *iface, ULONG count, 288 IBaseFilter **filters, ULONG *fetched) 289 { 290 struct enum_filters *enum_filters = impl_from_IEnumFilters(iface); 291 unsigned int i = 0; 292 293 TRACE("enum_filters %p, count %u, filters %p, fetched %p.\n", 294 enum_filters, count, filters, fetched); 295 296 if (enum_filters->version != enum_filters->graph->version) 297 return VFW_E_ENUM_OUT_OF_SYNC; 298 299 if (!filters) 300 return E_POINTER; 301 302 for (i = 0; i < count; ++i) 303 { 304 struct filter *filter = LIST_ENTRY(enum_filters->cursor, struct filter, entry); 305 306 if (!enum_filters->cursor) 307 break; 308 309 IBaseFilter_AddRef(filters[i] = filter->filter); 310 enum_filters->cursor = list_next(&enum_filters->graph->filters, enum_filters->cursor); 311 } 312 313 if (fetched) 314 *fetched = i; 315 316 return (i == count) ? S_OK : S_FALSE; 317 } --- snip ---

Corruption happens around line 309:

--- snip --- 309 IBaseFilter_AddRef(filters[i] = filter->filter); --- snip ---

That code was introduced in https://source.winehq.org/git/wine.git/commitdiff/2230834022869a32794f3de05e... ("quartz/filtergraph: Use a linked list to store filters."), part of Wine 3.17 release.

But even before Wine 3.17 it seems to crash in the same place so the corruption was always present.

Then I noticed a mismatch in the stack layout, before the call to EnumFilters::Next().

stack non-PE:

--- snip --- 0031FAF0 01AEBA70 ; *iface 0031FAF4 00000001 ; count 0031FAF8 0031FB00 ; **filters 0031FAFC 00000000 ; *fetched 0031FB00 7E6C6E50 ; saved EDI (user32.SetCursor) 0031FB04 7E6C6FB0 ; saved ESI (user32.ShowCursor) 0031FB08 00000000 --- snip ---

stack PE:

--- snip --- 0031FB00 024EC110 ; *iface 0031FB04 00000001 ; count 0031FB08 0031FB10 ; **filters 0031FB0C 00000000 ; *fetched 0031FB10 0040D6E2 0031FB14 00000000 0031FB18 0040D704 0031FB1C 00AF2B40 ; saved EDI (user32.SetCursor) 0031FB20 00AF2C40 ; saved ESI (user32.ShowCursor) --- snip ---

The relevant code:

See also the trace log in the beginning of my comment, showing the quartz calls.

_alloca():

--- snip --- 0042D1E0 | push ecx | 0042D1E1 | lea ecx,dword ptr ss:[esp+8] | 0042D1E5 | sub ecx,eax | bytes requested 0042D1E7 | and ecx,F | 0042D1EA | add eax,ecx | 0042D1EC | sbb ecx,ecx | 0042D1EE | or eax,ecx | 0042D1F0 | pop ecx | 0042D1F1 | jmp wazzal.42D080 | ... 0042D080 | push ecx | 0042D081 | lea ecx,dword ptr ss:[esp+4] | 0042D085 | sub ecx,eax | 0042D087 | sbb eax,eax | 0042D089 | not eax | 0042D08B | and ecx,eax | 0042D08D | mov eax,esp | 0042D08F | and eax,FFFFF000 | 0042D094 | cmp ecx,eax | 0042D096 | jb wazzal.42D0A2 | 0042D098 | mov eax,ecx | 0042D09A | pop ecx | 0042D09B | xchg esp,eax | 0042D09C | mov eax,dword ptr ds:[eax] | 0042D09E | mov dword ptr ss:[esp],eax | 0042D0A1 | ret | 0042D0A2 | sub eax,1000 | 0042D0A7 | test dword ptr ds:[eax],eax | probe at one-page intervals 0042D0A9 | jmp wazzal.42D094 | --- snip ---

Apart from reserving local stack space, alloca() also ensures the allocation is aligned to suitable object boundary (16/8 bytes).

In the function scope before the alloca() call, the stack is not aligned to the requested boundary. Due to an earlier Wine quartz bug, a zero allocation is requested but alloca(0) still does an explicit stack alignment.

In Wine PE builds, the thread stack is aligned to 16-byte boundary in entry point which results in stack misalignment later in the call chain (see following table). The resulting re-alignment with zero size just "allocates" enough stack space to not corrupt caller variables.

In non-PE builds, the re-alignment doesn't happen because the stack is already aligned before alloca() call. With no extra stack space allocated the corruption happens.

The stack alignment from entry point, including selected functions from the call chain up to alloca() caller.

What causes the zero stack allocation?

Wine source:

https://source.winehq.org/git/wine.git/blob/bedfb9cae224a369efa4588332a5518d...

--- snip --- 319 static HRESULT WINAPI EnumFilters_Skip(IEnumFilters *iface, ULONG count) 320 { 321 struct enum_filters *enum_filters = impl_from_IEnumFilters(iface); 322 323 TRACE("enum_filters %p, count %u.\n", enum_filters, count); 324 325 if (!enum_filters->cursor) 326 return S_FALSE; 327 328 while (count--) 329 { 330 if (!(enum_filters->cursor = list_next(&enum_filters->graph->filters, enum_filters->cursor))) 331 return S_FALSE; 332 } 333 334 return S_OK; 335 } --- snip ---

Microsoft docs:

https://docs.microsoft.com/en-us/windows/win32/api/strmif/nf-strmif-ienumfil...

--- quote --- The Skip method skips over a specified number of filters.

HRESULT Skip( ULONG cFilters );

Parameters

cFilters

Number of filters to skip.

Return value

Value Description S_FALSE Skipped past the end of the sequence. S_OK Success. VFW_E_ENUM_OUT_OF_SYNC The graph has changed and is now inconsistent with the enumerator. Remarks

If the filter graph changes (for example, the application removes a filter), the enumerator is no longer be consistent with the graph, and the method returns VFW_E_ENUM_OUT_OF_SYNC. Discard any data obtained from previous calls to the enumerator, because it might be invalid. Update the enumerator by calling the IEnumFilters::Reset method. You can then call the Skip method safely. --- quote ---

Emphasis on return value description for S_FALSE: "Skipped past the end of the sequence". If I interpret the sentence correctly, the first iteration should not return S_FALSE. Wine returns S_FALSE on first iteration.

I've changed the implementation accordingly and it avoids the crash for both, PE and non-PE builds.

Regards

-- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.

WineHQ Bugzilla

12:31 p.m.

New subject: [Bug 28332] Wazzal 1.2 (2002 release) crashes after clicking 'Play'

https://bugs.winehq.org/show_bug.cgi?id=28332

Anastasius Focht focht@gmx.net changed:

-- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.

WineHQ Bugzilla

10:41 p.m.

New subject: [Bug 28332] Wazzal 1.2 (2002 release) crashes after clicking 'Play'

https://bugs.winehq.org/show_bug.cgi?id=28332

--- Comment #18 from Gijs Vermeulen gijsvrm@gmail.com --- This should now be fixed by https://source.winehq.org/git/wine.git/commit/4807a8f588c67e2296474399368a96c0046120fd.

-- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.

WineHQ Bugzilla

11:22 p.m.

New subject: [Bug 28332] Wazzal 1.2 (2002 release) crashes after clicking 'Play'

https://bugs.winehq.org/show_bug.cgi?id=28332

Anastasius Focht focht@gmx.net changed:

--- Comment #19 from Anastasius Focht focht@gmx.net --- Hello Gijs,

yes, this is fixed by commit https://source.winehq.org/git/wine.git/commitdiff/4807a8f588c67e229647439936... ("quartz: Only return S_FALSE in IEnumFilters::Skip() if count goes past the end of the sequence.").

Thanks.

With bug 50171 fixed as well (stack alignment on entry point for 32-bit PE build), the intro animation no longer crashes.

--- snip --- ... 0130:trace:quartz:FilterGraph2_AddSourceFilter graph 01710570, filename L"sound/music0.mp3", filter_name L"sound/music0.mp3", ret_filter 00AC09FC. 0130:trace:quartz:FilterGraph2_AddSourceFilter Using source filter {e436ebb5-524f-11ce-9f53-0020af0ba770}. 0130:trace:quartz:DllGetClassObject ({e436ebb5-524f-11ce-9f53-0020af0ba770},{00000001-0000-0000-c000-000000000046},0031FA18) 0130:trace:quartz:DSCF_CreateInstance (001A18D8)->(00000000,{56a86895-0ad4-11ce-b03a-0020af0ba770},0031FA1C) 0130:trace:quartz:async_reader_create Created file source 01711130. 0130:trace:quartz:FileSource_Load 01711130->(L"sound/music0.mp3", 00000000) 0130:trace:quartz:FilterGraph2_AddFilter graph 01710570, filter 01711130, name L"sound/music0.mp3". 0130:trace:quartz:MediaControl_Stop graph 01710570. 0130:trace:quartz:MediaFilter_Stop graph 01710570. 0130:trace:quartz:FilterGraph2_EnumFilters graph 01710570, out 0031FB24. 0130:trace:quartz:FilterGraphInner_AddRef (01710570)->(): new ref = 4 0130:trace:quartz:EnumFilters_Skip enum_filters 026869D0, count 1. 0130:trace:quartz:EnumFilters_Skip enum_filters 026869D0, count 1. 0130:trace:quartz:EnumFilters_Reset enum_filters 026869D0. 0130:trace:quartz:EnumFilters_Next enum_filters 026869D0, count 1, filters 0031FB00, fetched 00000000. 0130:trace:quartz:EnumFilters_Next enum_filters 026869D0, count 1, filters 0031FB04, fetched 00000000. 0130:trace:quartz:EnumFilters_Release 026869D0 decreasing refcount to 0. 0130:trace:quartz:FilterGraphInner_Release (01710570)->(): new ref = 3 0130:trace:quartz:FilterGraph2_RemoveFilter (01710570/01710574)->(01711130) 0130:trace:quartz:FilterGraph2_RemoveFilter Removing filter L"sound/music0.mp3". 0130:trace:quartz:FilterGraph2_AddFilter graph 01710570, filter 01711130, name (null). 0130:trace:quartz:FilterGraph2_Render graph 01710570, source 01711280. 0130:trace:quartz:autoplug Trying to autoplug 01711280 to 00000000, recursion depth 0. 0130:trace:quartz:autoplug_through_filter Trying to autoplug 01711280 to 00000000 through 01711130. 0130:trace:quartz:autoplug_through_sink Trying to autoplug 01711280 to 00000000 through 01711280. 0130:trace:quartz:Inner_QueryInterface (0241BE10)->({b79bb0b0-33c1-11d1-abe1-00a0c905f375}, 0031FA60) 0130:trace:quartz:FilterGraphInner_AddRef (01710570)->(): new ref = 4 0130:trace:quartz:FilterMapper3_EnumMatchingFilters (0031FA5C, 0, false, 400000, true, 1, 0031FA90, 00000000, 00000000, false, false, 00000000, 00000000, 00000000) 0130:trace:loaddll:build_module Loaded L"C:\windows\system32\avicap32.dll" at 7A350000: builtin 0130:trace:loaddll:build_module Loaded L"C:\windows\system32\msdmo.dll" at 123B0000: builtin 0130:trace:loaddll:build_module Loaded L"C:\windows\system32\devenum.dll" at 12390000: builtin 0130:trace:quartz:FilterMapper3_EnumMatchingFilters Considering category L"DirectShow Filters" 0130:trace:quartz:FilterMapper3_EnumMatchingFilters Considering filter L"MP3 Decoder DMO" ... 0130:trace:quartz:enum_moniker_Next iface 017114B8, count 1, filters 0031FA4C, ret_count 00000000. 01ec:trace:loaddll:build_module Loaded L"C:\windows\system32\winegstreamer.dll" at 72FB0000: builtin 0130:trace:quartz:FilterGraph2_AddFilter graph 01710570, filter 02688D88, name L"GStreamer splitter filter". 0130:trace:quartz:autoplug_through_filter Trying to autoplug 01711280 to 00000000 through 02688D88. 0130:trace:quartz:autoplug_through_sink Trying to autoplug 01711280 to 00000000 through 02688ED8. 0130:trace:quartz:FilterGraph2_ConnectDirect (01710570/01710574)->(01711280, 02688ED8, 00000000) 0130:trace:quartz:FilterGraph2_ConnectDirect Filter owning ppinIn(01711280) => 01711130 ... --- snip ---

I wrote a small AutoHotkey script which automates the (crash) testing of the game. Handy to run against a range of Wine versions. Forgot to mention it in my previous comments.

Prerequisite: 'winetricks -q autohotkey'

'wazzal.ahk':

--- snip --- ; run script / game in virtual desktop mode to handle graphics resolution restore after crashes ; wine explorer.exe /desktop=dummy,1024x768 "c:\Program Files (x86)\AutoHotkey\AutoHotkey.exe" wazzal.ahk

FileDelete, c:\wazzal.fail

Run, c:\Program Files (x86)\Wazzal\Wazzal.exe, c:\Program Files (x86)\Wazzal WinWait, ahk_class Browser Example,,10 if ErrorLevel { FileAppend,, c:\wazzal.fail Exit } Sleep, 5000 ControlClick, Button2 Loop, 20 { Sleep, 1000 Process, Exist, winedbg.exe If ErrorLevel { FileAppend,, c:\wazzal.fail Process, Close, winedbg.exe Exit } } Process, Close, Wazzal.exe --- snip ---

--- snip --- $ wine explorer.exe /desktop=dummy,1024x768 "c:\Program Files (x86)\AutoHotkey\AutoHotkey.exe" wazzal.ahk 2>&1 | grep debugger ; \ [ -f ~/.wine/drive_c/wazzal.fail ] && echo "Game failed (crashed)!" || echo "Game startup ok."

Game startup ok. --- snip ---

$ wine --version wine-5.22-39-g4807a8f588c

Regards

-- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.

WineHQ Bugzilla

4 Dec 4 Dec

8:36 p.m.

New subject: [Bug 28332] Wazzal 1.2 (2002 release) crashes after clicking 'Play'

https://bugs.winehq.org/show_bug.cgi?id=28332

Alexandre Julliard julliard@winehq.org changed:

What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |CLOSED

--- Comment #20 from Alexandre Julliard julliard@winehq.org --- Closing bugs fixed in 6.0-rc1.

-- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.

WineHQ Bugzilla

10:13 p.m.

New subject: [Bug 28332] Wazzal 1.2 (2002 release) crashes after clicking 'Play'

https://bugs.winehq.org/show_bug.cgi?id=28332

Anastasius Focht focht@gmx.net changed:

-- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.

WineHQ Bugzilla

23 Jan 23 Jan

9:26 p.m.

New subject: [Bug 28332] Wazzal 1.2 (2002 release) crashes after clicking 'Play'

https://bugs.winehq.org/show_bug.cgi?id=28332

Michael Stefaniuc mstefani@winehq.org changed:

What |Removed |Added ---------------------------------------------------------------------------- Target Milestone|--- |5.0.x

-- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.

WineHQ Bugzilla

23 Mar 23 Mar

8:22 p.m.

New subject: [Bug 28332] Wazzal 1.2 (2002 release) crashes after clicking 'Play'

https://bugs.winehq.org/show_bug.cgi?id=28332

Michael Stefaniuc mstefani@winehq.org changed:

What |Removed |Added ---------------------------------------------------------------------------- Target Milestone|5.0.x |---

--- Comment #21 from Michael Stefaniuc mstefani@winehq.org --- Removing the 5.0.x milestone from bug fixes included in 5.0.4.

-- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.

1388

Age (days ago)

4870

Last active (days ago)

wine-bugs@winehq.org

26 comments

2 participants

tags (0)

participants (2)

wine-bugs＠winehq.org
WineHQ Bugzilla