[Bug 5451] Diablo 1.0x crashes with fault on write access

Sat Jun 17 08:39:06 CDT 2006

http://bugs.winehq.org/show_bug.cgi?id=5451

------- Additional Comments From stefandoesinger at gmx.at  2006-17-06 08:39 -------
I found the reason for this crash, this isn't a refcounting bug.

Diablo uses palettized surfaces with 1 byte per pixel. It accesses the surface 
with DWORDs, that means it always writes 4 bytes. It isn't careful enought at 
the end of the surface and writes over the end of the surface.

For that reason the old ddraw code allocated 4 extra bytes for a surface, the 
same happens in WineD3D. However, the gdi surface code drops the full power of 
2 size to save memory and doesn't add the 4 extra bytes. I will send a patch 
for that to wine-patches.

However, the old directdraw code used an unofficial function for dib creation 
to create a DIB section for an already allocated memory which is 4 bytes 
bigger. WineD3D uses the official CreateDIBSection function which allocates 
its own memory and igores the size value passed to it, so even with the +4 
byte fix the crash still occurs. I have to discuss the best way to solve this 
with Alexandre. Possible solutions are:

* Use the unofficial function in wined3d and allocate the memory manually
* Modify the dib code to allocate 4 more bytes(see the hack)
* Modify the dib code to respect the size passed to it(bad idea maybe)

The hack I attached to this bug fixes the crash. However, after it the screen 
stays completely black. I can hear the sound and it seems to react to input, 
but the screen isn't updated, although diablo 1 writes to the front buffer.

-- 
Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.