On Thu, 2005-08-11 at 21:39 +0000, Stefan Dösinger wrote: > Hello, > I am trying(once again) to get Empire Earth [1] running with wine. After > solving a few problems[2], I've run into a strange access violation crash. It > looks like a buffer overrun, followed by a return to an invalid adress. > > A +relay,+snoop trace gives this: > ... > 0009:CALL Low-Level [EMAIL PROTECTED]@@UAEJXZ() ret=7e2b9a14 > 0009:CALL Low-Level [EMAIL PROTECTED]@@QAEXXZ() > ret=7e2bd6c5 > 0009:RET Low-Level [EMAIL PROTECTED]@@QAEXXZ() > retval=7f24fa70 ret=7e2bd6c5 > 0009:Call ntdll.RtlEnterCriticalSection(7f074a40) ret=7f0294c5 > 0009:Ret ntdll.RtlEnterCriticalSection() retval=00000000 ret=7f0294c5 > 0009:Call ntdll.RtlLeaveCriticalSection(7f074a40) ret=7f029506 > 0009:Ret ntdll.RtlLeaveCriticalSection() retval=00000000 ret=7f029506 > 0009:CALL MSVCRT._except_handler3(<unknown, check return>) ret=7beb649b > 0009:CALL MSVCRT._XcptFilter(<unknown, check return>) ret=00665947 > 0009:Call kernel32.GetLastError() ret=7800385f > 0009:Ret kernel32.GetLastError() retval=000005b4 ret=7800385f > 0009:Call kernel32.TlsGetValue(00000000) ret=7800386d > 0009:Ret kernel32.TlsGetValue() retval=7f180f80 ret=7800386d > 0009:Call kernel32.SetLastError(000005b4) ret=7800387e > 0009:Ret kernel32.SetLastError() retval=000005b4 ret=7800387e > 0009:Call kernel32.UnhandledExceptionFilter(7fc2f81c) ret=7800ed71 > 0009:Call > ntdll.NtQueryVirtualMemory(ffffffff,9803a11c,00000000,7fc2f6e8,0000001c,7fc2f6a8) > > ret=7fd1aae1 > 0009:Ret ntdll.NtQueryVirtualMemory() retval=00000000 ret=7fd1aae1 > 0009:Call kernel32.IsBadCodePtr(7800add3) ret=22d2b743 > 0009:Ret kernel32.IsBadCodePtr() retval=00000000 ret=22d2b743 > 0009:Call ntdll.NtCreateEvent(7fc2f6e8,001f0003,7fc2f6ec,00000001,00000000) > ret=7fccb9b9 > 0009:Ret ntdll.NtCreateEvent() retval=00000000 ret=7fccb9b9 > wine: Unhandled exception (thread 0009), starting debugger... > ... > > The crash messages look a little bit different every time, with illegal > instructions / access violations or even a Segmentation Fault without > starting winedbg at various addreses(Attached file crashes). On very rare > occasions, this crash doesn't occur, and the game continues to load and > crashes later in some ddraw function. Instead of crashing it complains about > a corrupted heap: > err:heap:HEAP_ValidateInUseArena Heap 0x7fd80000: prev arena 0x7fe01640 is I've also seen similar problems with related heap functions in WinMM. I'm told that there's something wrong with the heap manager library Wine uses. > not prev for in-use 0x7fe01cb0 > I've looked at a +heap trace, but I couldn't find anything usefull. > (See ee-nocrash for a log). I've also attached a normal log without any > special debug flags set(ee-normal.log.gz). I've added a few ERR statements > for testing in some functions. > > So my questions are: > *Am I right with my suspection that the problems are caused by a incorrect > return? It's possible. I'm working on a problem like that with palm desktop. But you won't know until you debug it :) It could be nasty to fix though. > *How can I get a disassembly of Low-Level > [EMAIL PROTECTED]@@UAEJXZ or simmilar functions. I didn't find > this symbol. If I had to guess, I'd say these functions are in the game itself, most likely in one or more DLLs. Your best bet here is to use a good disassembler. My personal favorite is IDA. You can find a demo version here: http://www.datarescue.be/downloaddemo.htm. This version works just fine for this sort of thing. > > Thanks for your help, > Stefan Dösinger > > [1] > A demo is available at > http://www.vugames.de/scripts/download.aspx?content=4&id=53721&nf=21&url=ftp://downloads.vu-games.com/pub/empire%20earth/demos/Empire_earth_EN.exe, > > but I haven't checked wheter it produces the same results. > > [2] > Other users reported a msvc runtime error, apparently caused by an error > returned by Main_DirectDraw_SetCooperativeLevel. EE calls this function with > cooplevel == DDSCL_SETFOCUSWINDOW. I made the function simply return DD_OK in > this case. > Furthermore it checks for sound support and the OS version(setting it to > Win98 > or WinME is recommended) and it needs native msvcrt(It even seems to ship > it's own version) I've had a few programs with this behavior. Programs ship with copies of this library to make sure that it's available, since they can't assume that it'll be there. Normally I stick with native msvcrt in pretty much all cases. I hope this advice helps.
Good Hunting ;-) James
