Patched games crash during dialogs in Wine

thpatch / thcrap

Touhou Community Reliant Automatic Patcher

https://www.thpatch.net

The Unlicense

573 stars 42 forks source link

Patched games crash during dialogs in Wine #198

Closed thvanyk closed 1 year ago

thvanyk commented 2 years ago

wine version: 3.0.5 (also tried 4.7-staging); .dotnet version: 4.7 (the same problem if there is dotnet 2, wine mono or no dotnet); DirectX is installed (also tried without DirectX).

Touhou 11, 14, 15, 18.5 work perfectly without patches. But if there are any patches Touhou 11 and 14 crash when a dialog begins. The problem probably occurs if the game is launched with base_tsa patch. Screenshot_20220918_084225

Logs: backtrace.txt thcrap_log.txt

This problem was not detected in Touhou 15 and 18.5.

thvanyk commented 2 years ago

I tried to find the cause of this bug. It is caused by sprintf_call binhacks. After commenting the lines with these binhacks Touhou 11 and 14 stopped crashing during dialogs and seems that dialogs are shown without bugs. But after that the game started crashing during spellcards. The crash was caused by spell_align and result_spell_align, so I commented them. After that the game stopped crashing during spellcards, but the spell name position align is incorrect. After thar I managed to clear all stages without crashes. Also some patches were tested and they worked perfectly.

Touhou 11: Screenshot_20220922_174540

Touhou 14: Before: Screenshot_20220920_152138 Screenshot_20220920_160349 After: Screenshot_20220922_081336 Screenshot_20220922_081422

DDC with some patches: IMG_20220922_181012

I do not close the issue because this is just removing some binhacks from base-tsa patch and other patches with binhacks can cause the same problem.

Archive with modified files (commented binhacks, which cause crashes) in case you have the same problem (put them into nmlgs/base_tsa): base_tsa.zip

zero318 commented 1 year ago

What hardware/software configuration was used when encountering this? The provided logs have blanks where information about the CPU would normally be.

thvanyk commented 1 year ago

I deleted all patches, replaced thcrap.dll with the one in the zip file, and downloaded English language patch again (which depends on base_tsa), but DDC crushes again on dialogs (which can be fixed by commenting the binhacks). Screenshot_20230205_073636

CPU is MediaTek Helio P60 (ARMv8-A), but i386 can be emulated using Exagear. Environment configurations: mesa_glthread=true WINEDEBUG=-all MESA_NO_ERROR=1 MESA_DEBUG=silent VTEST_SOCK= VTEST_WIN=1 ZINK_DESCRIPTORS=lazy WineD3D versions which were used: 2.6, 3.17, 6.17. Overrided libraries: Screenshot_20230205_111804

zero318 commented 1 year ago

It seems like this is an issue with improper emulation of a specific unusual x86 instruction encoding. Fortunately it should be easily fixable on our end by switching to a standard encoding instead, so I'll start tracking down and fixing all of those (Edit: Just pushed the change). This should be reported to the Exagear devs as well if at all possible.

Specifically there are 4 redundant ways of encoding an offset from ESP using the SIB byte (0x24, 0x64, 0xA4, and 0xE4), but only the 0x24 encoding is generated by compilers and assemblers. Thcrap was using the 0xE4 encoding for some reason, which appears to be decoded as ESP plus some other value *8, thus crashing.

thvanyk commented 1 year ago

Yes, it seems like it is an emulation problem. After the update it works without crashes. Thank you.

DankRank commented 1 year ago

@zero318 turns out the 0xE4 encoding is generated by ollydbg