https://bugs.winehq.org/show_bug.cgi?id=43127
Bug ID: 43127 Summary: wine crashes when trying to launch Gwent Product: Wine Version: 2.9 Hardware: x86-64 OS: Linux Status: UNCONFIRMED Severity: normal Priority: P2 Component: ntdll Assignee: wine-bugs@winehq.org Reporter: unduthegun@gmail.com Distribution: ---
Created attachment 58330 --> https://bugs.winehq.org/attachment.cgi?id=58330 log
Wine crashes with a stack overflow when trying to launch it; this didn't happen with 2.8.
I'm on Manjaro, I've tried several flavours of wine 2.9 and they all crash when trying to run it.
https://bugs.winehq.org/show_bug.cgi?id=43127
Nikolay Sivov bunglehead@gmail.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Component|ntdll |-unknown
https://bugs.winehq.org/show_bug.cgi?id=43127
Sebastian Lackner sebastian@fds-team.de changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |sebastian@fds-team.de Summary|wine crashes when trying to |wine crashes when trying to |launch Gwent |launch Gwent | |(set_context_reg in | |ntdll/signal_x86_64.c | |assumes Xmm registers are | |aligned) Component|-unknown |ntdll
--- Comment #1 from Sebastian Lackner sebastian@fds-team.de --- Thanks for reporting this issue. Based on the +relay,+tid,+seh log provided on IRC the relevant output is:
--- snip --- 0150:Call KERNEL32.RaiseException(406d1388,00000000,00000003,02fee530) ret=14028d218 0150:trace:seh:raise_exception code=406d1388 flags=0 addr=0x7b450a07 ip=7b450a07 tid=0150 0150:trace:seh:raise_exception info[0]=0000000000001000 0150:trace:seh:raise_exception info[1]=000000014108f680 0150:trace:seh:raise_exception info[2]=0000000000000150 [...] 0150:Call ntdll.RtlUnwindEx(02fee510,14028d21a,02fee330,406d1388,02fed7f0,02fed710) ret=1408cc158 [...] 0150:trace:seh:dwarf_virtual_unwind fde 0x7bcf87c0 len 64 personality (nil) lsda (nil) code 7bc9d770-7bc9e402 [...] 0150:trace:seh:raise_exception code=c0000005 flags=0 addr=0x7bc980b0 ip=7bc980b0 tid=0150 0150:trace:seh:raise_exception rax=000000007bc980b0 rbx=0000000002fecf80 rcx=000000007bcd3744 rdx=0000000002fed468 0150:trace:seh:raise_exception rsi=0000000000000017 rdi=0000000002fea890 rbp=0000000000000018 rsp=0000000002fea5f8 0150:trace:seh:raise_exception r8=000000007bc9dea5 r9=0000000000000000 r10=0000000000000000 r11=0000000000000000 0150:trace:seh:raise_exception r12=0000000002fea890 r13=0000000002fed550 r14=0000000002fea658 r15=0000000002fea660 0150:trace:seh:call_vectored_handlers calling handler at 0x1801335b0 code=c0000005 flags=0 --- snip ---
The initial exception is expected and part of the Game code, however Wine crashes with a segmentation fault during unwinding (and as a result is stuck in an endless loop until it runs out of stack). The crash occurs here (part of set_context_reg):
--- snip --- 7bc980b0: 66 0f 6f 02 movdqa (%rdx),%xmm0 // <--- CRASH 7bc980b4: 0f 29 87 00 02 00 00 movaps %xmm0,0x200(%rdi) // Xmm6 7bc980bb: c3 retq --- snip ---
Problem is that the address (here 0x2fed468) is not properly 16-byte aligned. At first I suspected that Wine was compiled without enforcing stack alignment, but that is not the case:
--- snip --- 000000007bc9d770 <RtlUnwindEx@@Base>: 7bc9d770: 55 push %rbp 7bc9d771: 48 89 e5 mov %rsp,%rbp [...] 7bc9d782: 48 81 ec a0 00 00 00 sub $0xa0,%rsp 7bc9d789: 48 83 e4 f0 and $0xfffffffffffffff0,%rsp 7bc9d78d: 48 81 ec b0 06 00 00 sub $0x6b0,%rsp [...] 7bc9d7b1: 0f 11 b5 28 ff ff ff movups %xmm6,-0xd8(%rbp) --- snip ---
As you can see, GCC also used unaligned instructions here, so it seems intentional. Wines unwinding code probably just shouldn't make any assumptions about the alignment of variables stored on the stack.
https://bugs.winehq.org/show_bug.cgi?id=43127
--- Comment #2 from unduthegun@gmail.com --- Compiling it with -01 works around the issue.
For example: ./configure [...] -CFLAGS=-01 make
https://bugs.winehq.org/show_bug.cgi?id=43127
Christian christian.frank@gmx.de changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |christian.frank@gmx.de
https://bugs.winehq.org/show_bug.cgi?id=43127
Sebastian Lackner sebastian@fds-team.de changed:
What |Removed |Added ---------------------------------------------------------------------------- Summary|wine crashes when trying to |Multiply 64-bit |launch Gwent |applications crash with |(set_context_reg in |stack overflow errors when |ntdll/signal_x86_64.c |Wine is compiled with GCC |assumes Xmm registers are |7.x (set_context_reg in |aligned) |ntdll/signal_x86_64.c | |assumes Xmm registers are | |aligned)
--- Comment #3 from Sebastian Lackner sebastian@fds-team.de --- (In reply to unduthegun from comment #2)
Compiling it with -01 works around the issue.
For example: ./configure [...] -CFLAGS=-01 make
Small typo here, it should be "-O1" (not zero).
I'm changing this to a collector bug for all games which suddenly crash with stack overflow errors after upgrading to 2.9. My current theory is that this Wine bug was exposed by a change in GCC 7.x - at least Archlinux and openSUSE Tumbleweed have upgraded recently, and I haven't seen any reports for other distributions yet.
https://bugs.winehq.org/show_bug.cgi?id=43127
Sebastian Lackner sebastian@fds-team.de changed:
What |Removed |Added ---------------------------------------------------------------------------- Severity|normal |major Summary|Multiply 64-bit |Multiple 64-bit |applications crash with |applications crash with |stack overflow errors when |stack overflow errors when |Wine is compiled with GCC |Wine is compiled with GCC |7.x (set_context_reg in |7.x (set_context_reg in |ntdll/signal_x86_64.c |ntdll/signal_x86_64.c |assumes Xmm registers are |assumes Xmm registers are |aligned) |aligned)
https://bugs.winehq.org/show_bug.cgi?id=43127
Sebastian Lackner sebastian@fds-team.de changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |cataldo.cigliola@gmail.com
--- Comment #4 from Sebastian Lackner sebastian@fds-team.de --- *** Bug 43128 has been marked as a duplicate of this bug. ***
https://bugs.winehq.org/show_bug.cgi?id=43127
Sebastian Lackner sebastian@fds-team.de changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |spleefer90@gmail.com
--- Comment #5 from Sebastian Lackner sebastian@fds-team.de --- *** Bug 43111 has been marked as a duplicate of this bug. ***
https://bugs.winehq.org/show_bug.cgi?id=43127
Robert Walker bob.mt.wya@gmail.com changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |bob.mt.wya@gmail.com
https://bugs.winehq.org/show_bug.cgi?id=43127
--- Comment #6 from Sebastian Lackner sebastian@fds-team.de --- Created attachment 58336 --> https://bugs.winehq.org/attachment.cgi?id=58336 ntdll: Do not cast unaligned pointer to M128A in set_context_reg.
Please give the attached draft patch a try. Not sure if its sufficient to fix the bug, but at least the generated GCC output looks much better (still uses Xmm registers for efficiency, but no longer makes any assumption that they are properly aligned).
https://bugs.winehq.org/show_bug.cgi?id=43127
felixonmars@archlinux.org changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |felixonmars@archlinux.org
https://bugs.winehq.org/show_bug.cgi?id=43127
--- Comment #7 from unduthegun@gmail.com --- With the patch (and using -O2)I can launch Gwent without problems, as well as Abzû, so it works for me.
https://bugs.winehq.org/show_bug.cgi?id=43127
Michael Müller michael@fds-team.de changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |zefkerrigan@gmail.com
--- Comment #8 from Michael Müller michael@fds-team.de --- *** Bug 43135 has been marked as a duplicate of this bug. ***
https://bugs.winehq.org/show_bug.cgi?id=43127
--- Comment #9 from Sebastian Lackner sebastian@fds-team.de --- *** Bug 43143 has been marked as a duplicate of this bug. ***
https://bugs.winehq.org/show_bug.cgi?id=43127
Sebastian Lackner sebastian@fds-team.de changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|UNCONFIRMED |RESOLVED Fixed by SHA1| |d2ec61105d47543ae5bddf393d3 | |84b5165795ab5 Resolution|--- |FIXED
--- Comment #10 from Sebastian Lackner sebastian@fds-team.de --- This issue should be fixed with d2ec61105d47543ae5bddf393d384b5165795ab5. Please verify that everything is working again as expected, if there are more issues please open a new bug report and add me as CC.
https://bugs.winehq.org/show_bug.cgi?id=43127
Alexandre Julliard julliard@winehq.org changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |CLOSED
--- Comment #11 from Alexandre Julliard julliard@winehq.org --- Closing bugs fixed in 2.10.
https://bugs.winehq.org/show_bug.cgi?id=43127
Michael Stefaniuc mstefani@winehq.org changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |mstefani@winehq.org Target Milestone|--- |2.0.x
https://bugs.winehq.org/show_bug.cgi?id=43127
Michael Stefaniuc mstefani@winehq.org changed:
What |Removed |Added ---------------------------------------------------------------------------- Target Milestone|2.0.x |---
--- Comment #12 from Michael Stefaniuc mstefani@winehq.org --- Removing the 2.0.x milestone from bugs included in 2.0.2.
https://bugs.winehq.org/show_bug.cgi?id=43127
--- Comment #13 from Matteo Bruni matteo.mystral@gmail.com --- *** Bug 43135 has been marked as a duplicate of this bug. ***
https://bugs.winehq.org/show_bug.cgi?id=43127
--- Comment #14 from Matteo Bruni matteo.mystral@gmail.com --- *** Bug 43143 has been marked as a duplicate of this bug. ***
-
wine-bugs@winehq.org