[Bug 37460] Sid Meier's Civilization: Beyond Earth (Steam) crashes on startup
wine-bugs at winehq.org
wine-bugs at winehq.org
Sat Nov 1 05:53:16 CDT 2014
https://bugs.winehq.org/show_bug.cgi?id=37460
Anastasius Focht <focht at gmx.net> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|UNCONFIRMED |NEW
Component|-unknown |directx-d3d
Ever confirmed|0 |1
--- Comment #4 from Anastasius Focht <focht at gmx.net> ---
Hello folks,
from DX10/DX11 perspective this would be a dupe of bug 34008
--- snip ---
Backtrace:
=>0 0x7df41f48 D3D11CreateDevice(adapter=(nil),
driver_type=D3D_DRIVER_TYPE_HARDWARE, swrast=(nil), flags=0,
feature_levels=0x33b474, levels=0x3, sdk_version=0x7, device=0x46a340c,
feature_level=0x33b484, context=0x46a3418)
[/home/focht/projects/wine/wine.repo/src/dlls/d3d11/d3d11_main.c:51] in d3d11
(0x0033b48c)
1 0x009b9c50 in civilizationbe_dx11 (+0x5b9c4f) (0x0033b4a0)
2 0x006f7e7c in civilizationbe_dx11 (+0x2f7e7b) (0x0033c4c8)
3 0x0047316e in civilizationbe_dx11 (+0x7316d) (0x0033cd34)
4 0x00794fd4 in civilizationbe_dx11 (+0x394fd3) (0x0033cdc4)
5 0x009b4d62 in civilizationbe_dx11 (+0x5b4d61) (0x0033d218)
6 0x009b4fdb in civilizationbe_dx11 (+0x5b4fda) (0x0033dac4)
7 0x005a3aaf in civilizationbe_dx11 (+0x1a3aae) (0x0033fdd4)
8 0x00a96dd4 in civilizationbe_dx11 (+0x696dd3) (0x0033fe20)
9 0x7b86468c call_process_entry+0xb() in kernel32 (0x0033fe38)
...
Wine-dbg>p feature_levels[0]
D3D_FEATURE_LEVEL_11_0
Wine-dbg>p feature_levels[1]
D3D_FEATURE_LEVEL_10_1
Wine-dbg>p feature_levels[2]
D3D_FEATURE_LEVEL_10_0
--- snip ---
There is another bug in here, highlighted by the crash - a reference counting
problem with DXGI factory's own wined3d object.
Full relay won't exhibit this crash due to the way heap chunks are recycled.
--- snip ---
$ WINEDEBUG=+tid,+seh,+loaddll,+d3d wine ./CivilizationBe_DX11.exe
...
0009:trace:d3d:wined3d_adapter_init DeviceName: L"\\\\.\\DISPLAY1"
0009:trace:d3d:wined3d_caps_gl_ctx_destroy Destroying caps GL context.
0009:trace:d3d:wined3d_create Created wined3d object 0x6f10030.
0009:trace:d3d:wined3d_get_adapter_count wined3d 0x6f10030, reporting 1
adapters.
0009:trace:d3d:wined3d_decref 0x6f10030 decreasing refcount to 0.
0009:trace:d3d:wined3d_get_adapter_identifier wined3d 0x6f10030, adapter_idx 0,
flags 0, identifier 0x33b100.
0009:trace:seh:raise_exception code=c0000005 flags=0 addr=0x7de020fa
ip=7de020fa tid=0009
0009:trace:seh:raise_exception info[0]=00000000
0009:trace:seh:raise_exception info[1]=06f10038
0009:trace:seh:raise_exception eax=06f10030 ebx=7df05000 ecx=00000000
edx=7bcedbc8 esi=0033b060 edi=0000001c
0009:trace:seh:raise_exception ebp=0033b048 esp=0033afe0 cs=0023 ds=002b
es=002b fs=0063 gs=006b flags=00210206
0009:trace:seh:call_stack_handlers calling handler at 0xa96f09 code=c0000005
flags=0
0009:trace:seh:call_stack_handlers handler at 0xa96f09 returned 1
0009:trace:seh:call_stack_handlers calling handler at 0x7bc9e4cb code=c0000005
flags=0
wine: Unhandled page fault on read access to 0x06f10038 at address 0x7de020fa
(thread 0009), starting debugger...
0009:trace:seh:start_debugger Starting debugger "winedbg --auto 8 224"
...
Unhandled exception: page fault on read access to 0x06f10038 in 32-bit code
(0x7de020fa).
Register dump:
CS:0023 SS:002b DS:002b ES:002b FS:0063 GS:006b
EIP:7de020fa ESP:0033afe0 EBP:0033b048 EFLAGS:00210206( R- -- I - -P- )
EAX:06f10030 EBX:7df05000 ECX:00000000 EDX:7bcedbc8
ESI:0033b060 EDI:0000001c
...
Backtrace:
=>0 0x7de020fa wined3d_get_adapter_identifier+0x86(wined3d=<couldn't compute
location>, adapter_idx=<couldn't compute location>, flags=<couldn't compute
location>, identifier=<couldn't compute location>)
[/home/focht/projects/wine/wine.repo/src/dlls/wined3d/directx.c:3371] in
wined3d (0x0033b048)
1 0x7df1b6ad dxgi_adapter_GetDesc1+0xf4(iface=<couldn't compute location>,
desc=<couldn't compute location>)
[/home/focht/projects/wine/wine.repo/src/dlls/dxgi/adapter.c:150] in dxgi
(0x0033b188)
2 0x7df1b8b5 dxgi_adapter_GetDesc+0x99(iface=<couldn't compute location>,
desc=<couldn't compute location>)
[/home/focht/projects/wine/wine.repo/src/dlls/dxgi/adapter.c:186] in dxgi
(0x0033b318)
3 0x009ba1ab in civilizationbe_dx11 (+0x5ba1aa) (0x0033b48c)
4 0x009b9c50 in civilizationbe_dx11 (+0x5b9c4f) (0x0033b4a0)
5 0x006f7e7c in civilizationbe_dx11 (+0x2f7e7b) (0x0033c4c8)
6 0x0047316e in civilizationbe_dx11 (+0x7316d) (0x0033cd34)
7 0x00794fd4 in civilizationbe_dx11 (+0x394fd3) (0x0033cdc4)
8 0x009b4d62 in civilizationbe_dx11 (+0x5b4d61) (0x0033d218)
9 0x009b4fdb in civilizationbe_dx11 (+0x5b4fda) (0x0033dac4)
10 0x005a3aaf in civilizationbe_dx11 (+0x1a3aae) (0x0033fdd4)
11 0x00a96dd4 in civilizationbe_dx11 (+0x696dd3) (0x0033fe20)
12 0x7b86468c call_process_entry+0xb() in kernel32 (0x0033fe38)
...
0x7de020fa wined3d_get_adapter_identifier+0x86
[/home/focht/projects/wine/wine.repo/src/dlls/wined3d/directx.c:3371] in
wined3d: movl 0x8(%eax),%eax
3371 if (adapter_idx >= wined3d->adapter_count)
Modules:
Module Address Debug info Name (170 modules)
PE 340000- 3b6000 Deferred
havokscript2013.2.0_win32_finalrC:\Program Files\Sid Meiers Civilization Beyond
Earth\HavokScript2013.2.0_Win32_FinalRelease.dll
PE 3c0000- 3d3000 Deferred zlib1
PE 400000- 540c000 Export civilizationbe_dx11
PE 5410000- 5a40000 Deferred cvgamedatabase_finalrelease
PE 5a40000- 5b16000 Deferred msvcr110
PE 5b20000- 5ba5000 Deferred msvcp110
PE 5bb0000- 5c88000 Deferred steam_api
PE 5c90000- 5d13000 Deferred mss32
PE 5d20000- 5d87000 Deferred bink2w32
PE 5d90000- 60a9000 Deferred d3dcompiler_46
PE 10000000-100d6000 Deferred cvlocalization_finalrelease
ELF 7b800000-7ba64000 Dwarf kernel32<elf>
\-PE 7b810000-7ba64000 \ kernel32
...
Threads:
process tid prio (all id:s are in hex)
00000008 (D) C:\Program Files\Sid Meiers Civilization Beyond
Earth\CivilizationBe_DX11.exe
00000023 0
00000022 0
00000009 0 <==
--- snip ---
Using a full relay log one can still spot the problem - even if it doesn't
crash at all.
factory wined3d object 0x21ce50 ref counting
--- snip ---
...
0023:trace:d3d:wined3d_create Created wined3d object 0x21ce50.
0023:Ret wined3d.wined3d_create() retval=0021ce50 ret=7df1eec6
0023:Call wined3d.wined3d_get_adapter_count(0021ce50) ret=7df1eeff
0023:trace:d3d:wined3d_get_adapter_count wined3d 0x21ce50, reporting 1
adapters.
0023:Ret wined3d.wined3d_get_adapter_count() retval=00000001 ret=7df1eeff
0023:Call ntdll.RtlAllocateHeap(00110000,00000000,00000004) ret=7df1ef46
0023:Ret ntdll.RtlAllocateHeap() retval=00179280 ret=7df1ef46
0023:Call ntdll.RtlAllocateHeap(00110000,00000000,00000014) ret=7df1efe1
0023:Ret ntdll.RtlAllocateHeap() retval=0021ff10 ret=7df1efe1
0023:Call ntdll.RtlAllocateHeap(00110000,00000008,0000000c) ret=7df1ba3f
0023:Ret ntdll.RtlAllocateHeap() retval=0021ff30 ret=7df1ba3f
0023:trace:dxgi:dxgi_factory_create Created factory 0x194608.
0023:trace:dxgi:dxgi_factory_QueryInterface iface 0x194608, iid
{7b7166ec-21c7-44ae-b21a-c9ae321ae369}, out 0x33b488.
0023:trace:dxgi:dxgi_factory_AddRef 0x194608 increasing refcount to 2.
0023:trace:dxgi:dxgi_factory_Release 0x194608 decreasing refcount to 1.
0023:Ret dxgi.CreateDXGIFactory1() retval=00000000 ret=009b9beb
0023:trace:dxgi:dxgi_factory_EnumAdapters iface 0x194608, adapter_idx 0,
adapter 0x33b484.
0023:trace:dxgi:dxgi_factory_EnumAdapters1 iface 0x194608, adapter_idx 0,
adapter 0x33b484.
0023:trace:dxgi:dxgi_adapter_AddRef 0x21ff10 increasing refcount to 2.
0023:trace:dxgi:dxgi_factory_EnumAdapters1 Returning adapter 0x21ff10.
0023:trace:dxgi:dxgi_factory_Release 0x194608 decreasing refcount to 0.
0023:trace:dxgi:dxgi_adapter_Release 0x21ff10 decreasing refcount to 1.
0023:Call ntdll.RtlFreeHeap(00110000,00000000,00179280) ret=7df1e43a
0023:Ret ntdll.RtlFreeHeap() retval=00000001 ret=7df1e43a
0023:Call wined3d.wined3d_decref(0021ce50) ret=7df1e45c
0023:trace:d3d:wined3d_decref 0x21ce50 decreasing refcount to 0.
0023:Call ntdll.RtlFreeHeap(00110000,00000000,06a2b2c8) ret=7ddf6527
0023:Ret ntdll.RtlFreeHeap() retval=00000001 ret=7ddf6527
0023:Call ntdll.RtlFreeHeap(00110000,00000000,06a28090) ret=7ddf6556
0023:Ret ntdll.RtlFreeHeap() retval=00000001 ret=7ddf6556
0023:Call ntdll.RtlFreeHeap(00110000,00000000,0021ce50) ret=7ddf66ff
0023:Ret ntdll.RtlFreeHeap() retval=00000001 ret=7ddf66ff
0023:Ret wined3d.wined3d_decref() retval=00000000 ret=7df1e45c
0023:Call ntdll.RtlFreeHeap(00110000,00000000,00194608) ret=7df1e493
0023:Ret ntdll.RtlFreeHeap() retval=00000001 ret=7df1e493
0023:trace:dxgi:dxgi_adapter_GetDesc iface 0x21ff10, desc 0x33b334.
0023:trace:dxgi:dxgi_adapter_GetDesc1 iface 0x21ff10, desc 0x33b1cc.
0023:Call
wined3d.wined3d_get_adapter_identifier(0021ce50,00000000,00000000,0033b100)
ret=7df1b6ad
0023:trace:d3d:wined3d_get_adapter_identifier wined3d 0x21ce50, adapter_idx 0,
flags 0, identifier 0x33b100.
0023:Ret wined3d.wined3d_get_adapter_identifier() retval=00000000 ret=7df1b6ad
0023:Call KERNEL32.MultiByteToWideChar(00000000,00000000,0033b080 "NVIDIA
GeForce GTX 470",ffffffff,0033b1cc,00000080) ret=7df1b704
0023:Ret KERNEL32.MultiByteToWideChar() retval=00000017 ret=7df1b704
0023:Call KERNEL32.LoadLibraryA(00d6d0b4 "nvapi.dll") ret=009ca75f
0023:Ret KERNEL32.LoadLibraryA() retval=00000000 ret=009ca75f
0023:Call
d3d11.D3D11CreateDevice(00000000,00000001,00000000,00000000,0033b474,00000003,00000007,046a340c,0033b484,046a3418)
ret=009ba2f3
0023:fixme:d3d11:D3D11CreateDevice stub: adapter (nil), driver_type
D3D_DRIVER_TYPE_HARDWARE, swrast (nil), flags 0, feature_levels 0x33b474,
levels 0x3, sdk_version 7, device 0x46a340c, feature_level 0x33b484, context
0x46a3418
0023:Ret d3d11.D3D11CreateDevice() retval=8007000e ret=009ba2f3
0023:trace:dxgi:dxgi_adapter_Release 0x21ff10 decreasing refcount to 0.
0023:trace:dxgi:dxgi_output_Release 0x21ff30 decreasing refcount to 0.
...
--- snip ---
The game code, annotated:
--- snip ---
009B9C30 CMP DWORD PTR DS:[46A3410],0
009B9C37 JNZ SHORT Civiliza.009B9C42
009B9C39 CALL Civiliza.009B9BD0 ; enum adapters via DXGI
009B9C3E TEST AL,AL
009B9C40 JE SHORT Civiliza.009B9C6E
009B9C42 CMP DWORD PTR DS:[46A340C],0
009B9C49 JNZ SHORT Civiliza.009B9C71
009B9C4B CALL Civiliza.009BA190 ; get adapter description via DXGI
009B9C50 TEST AL,AL
009B9C52 JNZ SHORT Civiliza.009B9C71
...
009B9BD0 PUSH EBP
009B9BD1 MOV EBP,ESP
009B9BD3 SUB ESP,8
009B9BD6 LEA EAX,DWORD PTR SS:[EBP-4]
009B9BD9 PUSH EAX
009B9BDA PUSH Civiliza.00D6C49C
009B9BDF MOV DWORD PTR SS:[EBP-4],0
009B9BE6 CALL <JMP.&dxgi.CreateDXGIFactory1>
009B9BEB TEST EAX,EAX
009B9BED JE SHORT Civiliza.009B9BF5
009B9BEF XOR AL,AL
009B9BF1 MOV ESP,EBP
009B9BF3 POP EBP
009B9BF4 RETN
009B9BF5 MOV EAX,DWORD PTR SS:[EBP-4]
009B9BF8 PUSH ESI
009B9BF9 LEA EDX,DWORD PTR SS:[EBP-8]
009B9BFC PUSH EDX
009B9BFD MOV DWORD PTR SS:[EBP-8],0
009B9C04 MOV ECX,DWORD PTR DS:[EAX]
009B9C06 PUSH 0
009B9C08 PUSH EAX
009B9C09 CALL DWORD PTR DS:[ECX+1C] ; IDXGIFactory::EnumAdapters
009B9C0C MOV ECX,DWORD PTR SS:[EBP-4]
009B9C0F PUSH ECX
009B9C10 MOV EDX,DWORD PTR DS:[ECX]
009B9C12 MOV ESI,EAX
009B9C14 CALL DWORD PTR DS:[EDX+8] ; IDXGIFactory::Release
009B9C17 MOV ECX,DWORD PTR SS:[EBP-8]
009B9C1A TEST ESI,ESI
009B9C1C MOV DWORD PTR DS:[46A3410],ECX
009B9C22 SETE AL
009B9C25 POP ESI
009B9C26 MOV ESP,EBP
009B9C28 POP EBP
009B9C29 RETN
...
009BA190 PUSH EBP
009BA191 MOV EBP,ESP
009BA193 MOV EAX,DWORD PTR DS:[46A3410]
009BA198 SUB ESP,158
009BA19E MOV ECX,DWORD PTR DS:[EAX]
009BA1A0 LEA EDX,DWORD PTR SS:[EBP-158]
009BA1A6 PUSH EDX
009BA1A7 PUSH EAX
009BA1A8 CALL DWORD PTR DS:[ECX+20] ; IDXGIAdapter::GetDesc
009BA1AB XOR ECX,ECX
009BA1AD LEA ECX,DWORD PTR DS:[ECX]
009BA1B0 CMP WORD PTR SS:[EBP+ECX*2-158],0
...
--- snip ---
The game engine releases the DXGI factory object which destroys the factory's
own wined3d object.
The returned IDXGIAdapter object references this through 'parent' hence needs
to keep a ref to work.
Regards
--
Do not reply to this email, post in Bugzilla using the
above URL to reply.
You are receiving this mail because:
You are watching all bug changes.
More information about the wine-bugs
mailing list