[Bug 37796] Monopoly EA crashes on exit (don't send deactivation messages to the active window if it's being destroyed)

wine-bugs at winehq.org wine-bugs at winehq.org
Sun Dec 28 11:00:20 CST 2014 

https://bugs.winehq.org/show_bug.cgi?id=37796

Anastasius Focht <focht at gmx.net> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
           Keywords|                            |download
             Status|UNCONFIRMED                 |NEW
                URL|                            |http://ftp.hp.com/pub/softp
                   |                            |aq/sp63001-63500/sp63456.ex
                   |                            |e
                 CC|                            |focht at gmx.net
          Component|-unknown                    |user32
            Summary|Monopoly EA crash (but game |Monopoly EA crashes on exit
                   |is playable)                |(don't send deactivation
                   |                            |messages to the active
                   |                            |window if it's being
                   |                            |destroyed)
     Ever confirmed|0                           |1

--- Comment #1 from Anastasius Focht <focht at gmx.net> ---
Hello folks,

confirming.

--- quote ---
The game is playable. The only issue is that it produces an error at the
beginning of the game.
--- quote ---

That doesn't make sense. If the game crashes on startup you wouldn't be able to
play.

For me it crashes on exit path.

Relevant part of trace log, showing window creation sequence and exit path
crash.

--- snip ---
$ pwd
/home/focht/.wine/drive_c/Program Files/Monopoly/bin/Monopoly

$ WINEDEBUG=+tid,+seh,+relay,+win,+msg wine ./Monopoly.exe >>log.txt 2>&1
...
0024:Call user32.CreateWindowExA(00000000,0071b65c "BlastWindowClass",0071b650
"Monopoly",86000008,00000000,00000000,00000500,00000400,00000000,00000000,00400000,00000000)
ret=005b09e9
0024:trace:win:WIN_CreateWindowEx "Monopoly" L"BlastWindowClass" ex=00000000
style=86000008 0,0 1280x1024 parent=(nil) menu=(nil) inst=0x400000 params=(nil)
0024:trace:win:dump_window_styles style: WS_POPUP WS_CLIPSIBLINGS
WS_CLIPCHILDREN 00000008
0024:trace:win:dump_window_styles exstyle: 
...
0024:Ret  user32.CreateWindowExA() retval=00010070 ret=005b09e9
...
0024:Call KERNEL32.OutputDebugStringA(00a61a98 "[Emulator] Main window created
successfully!\n") ret=0069efa6 
...
0024:Call user32.CreateWindowExA(00000000,0071bb8c
"BlastRenderWindowClass",0071bac8
"Renderer",46000000,00000000,00000000,00000500,00000400,00010070,006f0c5b,00400000,00000000)
ret=005b25a9
0024:trace:win:WIN_CreateWindowEx "Renderer" L"BlastRenderWindowClass"
ex=00000000 style=46000000 0,0 1280x1024 parent=0x10070 menu=0x6f0c5b
inst=0x400000 params=(nil)
0024:trace:win:dump_window_styles style: WS_CHILD WS_CLIPSIBLINGS
WS_CLIPCHILDREN
0024:trace:win:dump_window_styles exstyle:
0024:trace:win:WIN_SetWindowLong 0x1007a -12 6f0c5b W 
...
0024:trace:win:WIN_CreateWindowEx created window 0x1007a
0024:Ret  user32.CreateWindowExA() retval=0001007a ret=005b25a9
0024:Call user32.SetWindowLongA(0001007a,ffffffeb,00a5eb80) ret=005b263b
0024:trace:win:WIN_SetWindowLong 0x1007a -21 a5eb80 A
0024:Ret  user32.SetWindowLongA() retval=00000000 ret=005b263b
...
0024:Call KERNEL32.OutputDebugStringA(00a61a98 "[Emulator] OnActivate(0x10070,
1, 0x0, FALSE) --> EMU_MSG_RESUME\n") ret=0069efa6 
...
0024:Call KERNEL32.OutputDebugStringA(00f6879c "[GameApplication]
Shutdown()\n") ret=0069efa6 
...
0024:Call KERNEL32.OutputDebugStringA(00f6879c "[GameApplication]
Destructor.\n") ret=0069efa6  
...
0024:Call KERNEL32.OutputDebugStringA(00f6879c "[Bootstrap]
EA::Blast::Shutdown().\n") ret=0069efa6 
...
0024:Call KERNEL32.OutputDebugStringA(00f6879c "[Emulator] App Shutdown\n")
ret=0069efa6 
...
0024:Call user32.DestroyWindow(00010070) ret=005aea6d
0024:trace:win:DestroyWindow (0x10070)
0024:trace:win:SetWindowPos hwnd 0x10070, after (nil), 0,0 (0x0), flags
00000097
0024:trace:win:dump_winpos_flags flags: SWP_NOSIZE SWP_NOMOVE SWP_NOZORDER
SWP_NOACTIVATE SWP_HIDEWINDOW
0024:trace:msg:WINPROC_CallProcWtoA
(hwnd=0x10070,msg=WM_WINDOWPOSCHANGING,wp=00000000,lp=0033fc28)
0024:Call window proc 0x5afca0
(hwnd=0x10070,msg=WM_WINDOWPOSCHANGING,wp=00000000,lp=0033fc28)
0024:Call user32.GetWindowLongA(00010070,ffffffeb) ret=005afcae
0024:Ret  user32.GetWindowLongA() retval=00a5eb80 ret=005afcae
0024:Call user32.DefWindowProcA(00010070,00000046,00000000,0033fc28)
ret=005afb95
0024:Ret  user32.DefWindowProcA() retval=00000000 ret=005afb95
0024:Ret  window proc 0x5afca0
(hwnd=0x10070,msg=WM_WINDOWPOSCHANGING,wp=00000000,lp=0033fc28) retval=00000000
...
0024:trace:msg:WINPROC_CallProcWtoA
(hwnd=0x10070,msg=WM_WINDOWPOSCHANGED,wp=00000000,lp=0033fc28)
0024:Call window proc 0x5afca0
(hwnd=0x10070,msg=WM_WINDOWPOSCHANGED,wp=00000000,lp=0033fc28)
0024:Call user32.GetWindowLongA(00010070,ffffffeb) ret=005afcae
0024:Ret  user32.GetWindowLongA() retval=00a5eb80 ret=005afcae
0024:Call user32.DefWindowProcA(00010070,00000047,00000000,0033fc28)
ret=005afb95
0024:Ret  user32.DefWindowProcA() retval=00000000 ret=005afb95
0024:Ret  window proc 0x5afca0
(hwnd=0x10070,msg=WM_WINDOWPOSCHANGED,wp=00000000,lp=0033fc28) retval=00000000
0024:trace:win:WINPOS_ActivateOtherWindow win = (nil) fg = 0x10070
0024:trace:win:SetForegroundWindow (nil)
0024:trace:win:SetActiveWindow (nil)
0024:trace:msg:WINPROC_CallProcWtoA
(hwnd=0x10070,msg=WM_NCACTIVATE,wp=00000000,lp=00000000)
0024:Call window proc 0x5afca0
(hwnd=0x10070,msg=WM_NCACTIVATE,wp=00000000,lp=00000000)
0024:Call user32.GetWindowLongA(00010070,ffffffeb) ret=005afcae
0024:Ret  user32.GetWindowLongA() retval=00a5eb80 ret=005afcae
0024:Call user32.DefWindowProcA(00010070,00000086,00000000,00000000)
ret=005afb95
0024:Ret  user32.DefWindowProcA() retval=00000001 ret=005afb95
0024:Ret  window proc 0x5afca0
(hwnd=0x10070,msg=WM_NCACTIVATE,wp=00000000,lp=00000000) retval=00000001
0024:trace:msg:WINPROC_CallProcWtoA
(hwnd=0x10070,msg=WM_ACTIVATE,wp=00000000,lp=00000000)
0024:Call window proc 0x5afca0
(hwnd=0x10070,msg=WM_ACTIVATE,wp=00000000,lp=00000000)
0024:Call user32.GetWindowLongA(00010070,ffffffeb) ret=005afcae
0024:Ret  user32.GetWindowLongA() retval=00a5eb80 ret=005afcae
0024:trace:seh:raise_exception code=c0000005 flags=0 addr=0x71b0bc ip=0071b0bc
tid=0024
0024:trace:seh:raise_exception  info[0]=00000008
0024:trace:seh:raise_exception  info[1]=0071b0bc
0024:trace:seh:raise_exception  eax=00001000 ebx=7eb7e000 ecx=00a5a244
edx=0071b0bc esi=0077d3a0 edi=00010070
0024:trace:seh:raise_exception  ebp=00000006 esp=0033f0ec cs=0023 ds=002b
es=002b fs=0063 gs=006b flags=00210246
0024:trace:seh:call_stack_handlers calling handler at 0x6df68e code=c0000005
flags=0
0024:trace:seh:call_stack_handlers handler at 0x6df68e returned 1 
...
--- snip ---

It seems the game doesn't expect to receive window (de)activation messages at
the point of main window destruction (current active window).
The game window message handler for WM_NCACTIVATE/WM_ACTIVATE tries to log
something with wrong C++ member being referenced, causing stack imbalance ->
crash.

If the current active window is being destroyed, sending of deactivation
messages (WM_NCACTIVATE, WM_ACTIVATE) to it should be skipped to avoid the
crash.
The active and focus states should be still transferred to another window
though (as already done) :)

Source:
http://source.winehq.org/git/wine.git/blob/1cf3d8caa4df59490343ef9427ea5c6bc2af44c9:/dlls/user32/focus.c#l77

$ sha1sum sp63456.exe 
7ed607fda3c74335a2b6e76c69ca420f187cb925  sp63456.exe

$ du -sh sp63456.exe 
90M    sp63456.exe

$ wine --version
wine-1.7.33-84-gfecbc88

Regards

-- 
Do not reply to this email, post in Bugzilla using the
above URL to reply.
You are receiving this mail because:
You are watching all bug changes.

More information about the wine-bugs mailing list