[Bug 58688] New: Regression: Xenia Canary crashes with STATUS_CONFLICTING_ADDRESSES when starting a game on Wine 10.13+ (works on 10.12)
http://bugs.winehq.org/show_bug.cgi?id=58688
Bug ID: 58688 Summary: Regression: Xenia Canary crashes with STATUS_CONFLICTING_ADDRESSES when starting a game on Wine 10.13+ (works on 10.12) Product: Wine Version: 10.13 Hardware: x86-64 OS: Linux Status: UNCONFIRMED Severity: normal Priority: P2 Component: -unknown Assignee: wine-bugs@winehq.org Reporter: axel.avj1@gmail.com Distribution: Ubuntu
The Xbox 360 emulator Xenia Canary runs correctly on Wine 10.12. However, starting from Wine 10.13+, it crashes immediately when launching any game.
Xenia itself starts fine, but as soon as a title is executed, it fails with an unhandled exception:
Unhandled Exception in Xenia Last Win32 Error: 0x1E7 (Invalid address.) Last NTSTATUS: 0xC0000018 (STATUS_CONFLICTING_ADDRESSES) Faulting thread name: XThread0260
This happens consistently with every game tested. On Wine 10.12 the exact same build of Xenia and the same games run without this crash.
This looks like a regression in memory allocation / address space management introduced between Wine 10.12 → 10.13.
Create a clean 64-bit Wine prefix.
Run xenia_canary.exe (tested with the latest Canary build 7650730_canary_experimental).
Load any Xbox 360 game. example: marble blast ultra demo
On Wine 10.13+ → crash occurs immediately. On Wine 10.12 → works fine.
http://bugs.winehq.org/show_bug.cgi?id=58688
--- Comment #1 from Nikolay Sivov bunglehead@gmail.com --- Could you please run a regression test to see what caused this? It's described here https://gitlab.winehq.org/wine/wine/-/wikis/Regression-Testing#running-the-b....
http://bugs.winehq.org/show_bug.cgi?id=58688
Stian Low wineryyyyy@gmail.com changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |wineryyyyy@gmail.com
--- Comment #2 from Stian Low wineryyyyy@gmail.com --- Created attachment 79284 --> http://bugs.winehq.org/attachment.cgi?id=79284 Backtrace for 10.14
Confirming for WINE 10-14 commit e6df334f178 with shared wow64 on Debian 13
Popup error upon loading iso:
Unhandled Exception in Xenia
<Nested Exception Encountered> Last NTSTATUS: 0xC0000018 ((null)) Faulting thread name: Main XThread (F8000008)
Attached is a backtrace thrown when clicking OK for popup error.
GE-Proton10-13 (wine-10-13) and GE-Proton-15 (wine-10-15) work without issues.
http://bugs.winehq.org/show_bug.cgi?id=58688
--- Comment #3 from Stian Low wineryyyyy@gmail.com --- (In reply to Stian Low from comment #2)
GE-Proton10-13 (wine-10-13) and GE-Proton-15 (wine-10-15) work without issues.
Typo correction:
GE-Proton10-15*
http://bugs.winehq.org/show_bug.cgi?id=58688
--- Comment #4 from Stian Low wineryyyyy@gmail.com --- (In reply to Stian Low from comment #2)
Popup error upon loading iso:
Unhandled Exception in Xenia
Same popup error for: winetricks renderer=vulkan
Popup error immediately upon launching xenia_canary.exe for: wintricks dxvk
Xenia Error Unable to initialize Direct3D 12 grapics subsystem
Ensure that you have the latest drivers for your GPU and it supports Direct3D 12 with the feature level of at least 11_0.
See https://xenia.jp/faq for more information and a list of supported GPUs GE-Proton10-13 (wine-10-13) and GE-Proton-15 (wine-10-15) work without issues.
Popup error immediately upon launching xenia_canary.exe for: wintricks vkd3d
Unhandled Exception in Xenia <Nested Exception Encountered> Last Win32 Error 0x578 (Invalid window handle.) Last NTSTATUS: 0xC0010578 ((null)) Faulting thread name:
http://bugs.winehq.org/show_bug.cgi?id=58688
--- Comment #5 from Stian Low wineryyyyy@gmail.com --- (In reply to Stian Low from comment #4)
Popup error immediately upon launching xenia_canary.exe for: wintricks vkd3d
winetricks dxvk* winetricks vkd3d*
http://bugs.winehq.org/show_bug.cgi?id=58688
--- Comment #6 from Nikolay Sivov bunglehead@gmail.com --- What reporter described does sound like some change in Wine caused this crash. I'm sure testing with various options has some value in general, but for this report can we focus on originally reported issue please, running application with plain Wine without anything extra installed?
http://bugs.winehq.org/show_bug.cgi?id=58688
--- Comment #7 from Stian Low wineryyyyy@gmail.com --- (In reply to Nikolay Sivov from comment #6)
for this report can we focus on originally reported issue please, running application with plain Wine without anything extra installed?
Sure.
Here's your very vanilla regression:
ed9f31120b68e7d684c1544c05d94c38b25cb759 is the first bad commit commit ed9f31120b68e7d684c1544c05d94c38b25cb759 Author: Alexandre Julliard julliard@winehq.org Date: Fri Jul 18 12:01:07 2025 +0200 ntdll: Add stubs for some syscalls that need explicit ids. dlls/ntdll/ntdll.spec | 22 +- dlls/ntdll/ntsyscalls.h | 658 +++++++++++++++++++++++--------------------- dlls/ntdll/signal_arm64ec.c | 7 + dlls/ntdll/unix/loader.c | 26 ++ dlls/wow64/syscall.c | 9 +- 5 files changed, 395 insertions(+), 327 deletions(-)
Bisect Rest (1) ed9f31120b6 * ntdll: Add stubs for some syscalls that need explicit ids.
After popup error fix, game launches with indefinite black screen where intro videos should play and menu should appear. Audio plays without issues.
(In reply to Nikolay Sivov from comment #6)
I'm sure testing with various options has some value in general, but
Various winetricks were just for brief diligence testing for components common among GE-Proton working releases.
Generally anything games related I test against GE-Proton for common workarounds just to unblock users until vanilla fixes lags.
Disregarding further special sauce tests for now to help make wine more sparkling.
http://bugs.winehq.org/show_bug.cgi?id=58688
--- Comment #8 from Stian Low wineryyyyy@gmail.com --- (In reply to Stian Low from comment #7)
Here's your very vanilla regression:
ed9f31120b68e7d684c1544c05d94c38b25cb759 is the first bad commit
NtSetEventBoostPriority changes seem to be the main issue based on backtrace.
http://bugs.winehq.org/show_bug.cgi?id=58688
--- Comment #9 from Stian Low wineryyyyy@gmail.com --- Created attachment 79285 --> http://bugs.winehq.org/attachment.cgi?id=79285 patch fixing stub discrepancies
Attached is a patch that fixes stub discrepancies of regressive commit.
I'll prep it for upstream merge.
Patch only fixes NtSetEventBoostPriority but other stubs were also changed which are probably still broken.
I'll test the other stubs and fix if necessary.
Thanks for the bug report and interesting Xenia Canary project.
http://bugs.winehq.org/show_bug.cgi?id=58688
Austin English austinenglish@gmail.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Keywords| |patch, regression Regression SHA1| |ed9f31120b68e7d684c1544c05d | |94c38b25cb759
http://bugs.winehq.org/show_bug.cgi?id=58688
--- Comment #10 from Stian Low wineryyyyy@gmail.com --- (In reply to Stian Low from comment #9)
I'll prep it for upstream merge.
Pending merge request for upstream fix:
https://gitlab.winehq.org/wine/wine/-/merge_requests/8955
http://bugs.winehq.org/show_bug.cgi?id=58688
--- Comment #11 from Stian Low wineryyyyy@gmail.com --- (In reply to axel.avj1 from comment #0)
The Xbox 360 emulator Xenia Canary runs correctly on Wine 10.12. However, starting from Wine 10.13+, it crashes immediately when launching any game. On Wine 10.12 → works fine.
(In reply to Stian Low from comment #7)
After popup error fix, game launches with indefinite black screen where intro videos should play and menu should appear. Audio plays without issues.
Black screen instead of graphics occurred for all my regression tests.
Graphics render correctly for your vanilla WINE 10.12?
http://bugs.winehq.org/show_bug.cgi?id=58688
--- Comment #12 from axel.avj1@gmail.com --- Hello, I just wanted to sincerely thank you for fixing the bug I reported. I really appreciate the time and effort you put into resolving it. I feel a bit guilty for not being active these past two days and only now realizing that the issue has already been solved. Still, I’m truly grateful for your quick work and support. Tanks.
http://bugs.winehq.org/show_bug.cgi?id=58688
--- Comment #13 from Nikolay Sivov bunglehead@gmail.com --- Do we know why it helps, if it actually does?
http://bugs.winehq.org/show_bug.cgi?id=58688
--- Comment #14 from Stian Low wineryyyyy@gmail.com --- (In reply to axel.avj1 from comment #12)
Hello, I just wanted to sincerely thank you for fixing the bug I reported. I really appreciate the time and effort you put into resolving it. I feel a bit guilty for not being active these past two days and only now realizing that the issue has already been solved. Still, I’m truly grateful for your quick work and support. Tanks.
No worries.
I appreciate you documenting the bug so well. It was very easy to reproduce.
Does video rendering work correctly for your WINE 10.12?
Black screen is rendered instead of graphics but audio works for all my builds which may be a separate bug.
Bug fix is still pending merge request approval so technically not solved until then so please keep your bug report open until fully resolved.
Bug fix also only addresses NtSetEventBoostPriority but so far Xenia Canary is not affected by the other syscall stubs that may still be broken and need fixes.
If the other stubs are in fact still broken but do not affect Xenia Canary then I'll create separate bug reports for them if necessary.
http://bugs.winehq.org/show_bug.cgi?id=58688
--- Comment #15 from Stian Low wineryyyyy@gmail.com --- (In reply to Nikolay Sivov from comment #13)
Do we know why it helps, if it actually does?
It helps to the extent that it reproduces good bisect test results and resolves: Unhandled exception: unimplemented function ntdll.NtSetEventBoostPriority
Short explanation:
I simply fleshed out NtSetEventBoostPriority stub as a syscall instead based on existing NtSetEvent syscall.
ABI maps changed by regressive commit ed9f31120b6: --- a/dlls/ntdll/ntdll.spec +++ a/dlls/ntdll/ntdll.spec
- SYSCALL_ENTRY( 0x002d, NtAlertThreadByThreadId, 4 ) \ + SYSCALL_ENTRY( 0x002d, NtSetEventBoostPriority, 0 ) \
- SYSCALL_ENTRY( 0x002d, NtAlertThreadByThreadId, 8 ) \ + SYSCALL_ENTRY( 0x002d, NtSetEventBoostPriority, 0 ) \
+ SYSCALL_ENTRY( 0x0066, NtAlertThreadByThreadId, 4 ) \ + SYSCALL_ENTRY( 0x0066, NtAlertThreadByThreadId, 8 ) \
My patch addresses from stub to syscall requirements for NtSetEventBoostPriority(HANDLE) function signature: + SYSCALL_ENTRY( 0x002d, NtSetEventBoostPriority, 4 ) \ + SYSCALL_ENTRY( 0x002d, NtSetEventBoostPriority, 8 ) \
Longer explanation still pending further review. I'll provide more details as found.
I'm still addressing other stubs that may still be broken but not fixed yet because they have not bugged Xenia Canary so far:
./wine/dlls/ntdll/ntsyscalls.h SYSCALL_STUB( NtApphelpCacheControl ) \ SYSCALL_STUB( NtCreateProcessEx ) \ SYSCALL_STUB( NtMapUserPhysicalPagesScatter ) \ SYSCALL_STUB( NtSetEventBoostPriority ) \ SYSCALL_STUB( NtTraceEvent ) \ SYSCALL_STUB( NtWaitForMultipleObjects32 ) \ SYSCALL_STUB( NtWorkerFactoryWorkerReady )
ntsyscalls.h may have been auto generated with bugs by Perl script: ./wine/tools/make_specfiles
SYSCALL_STUB may be bugged. If so then once fixed, other stubs may not require being fleshed out from stub to syscall as done for NtSetEventBoostPriority. However switching NtSetEventBoostPriority from stub to syscall may still be considered valid and ideal vs leaving less fleshed out.
These very low level changes were authored by Julliard whose wisdom and insights will be appreciated for merge request review: https://gitlab.winehq.org/wine/wine/-/merge_requests/8955
http://bugs.winehq.org/show_bug.cgi?id=58688
Zeb Figura z.figura12@gmail.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Keywords| |source CC| |z.figura12@gmail.com
--- Comment #16 from Zeb Figura z.figura12@gmail.com --- While it's a bit unclear whether the stub actually fixes anything, it looks like this is actually expected. The source code is available, and it seems that they do intentionally use the function:
https://github.com/xenia-canary/xenia-canary/blob/canary_experimental/src/xe...
As one would expect, they work around its absence, but now that it's a proper export they are crashing on it.
http://bugs.winehq.org/show_bug.cgi?id=58688
--- Comment #17 from Alexandre Julliard julliard@winehq.org --- (In reply to Stian Low from comment #15)
(In reply to Nikolay Sivov from comment #13)
Do we know why it helps, if it actually does?
It helps to the extent that it reproduces good bisect test results and resolves: Unhandled exception: unimplemented function ntdll.NtSetEventBoostPriority
Short explanation:
I simply fleshed out NtSetEventBoostPriority stub as a syscall instead based on existing NtSetEvent syscall.
ABI maps changed by regressive commit ed9f31120b6: --- a/dlls/ntdll/ntdll.spec +++ a/dlls/ntdll/ntdll.spec
- SYSCALL_ENTRY( 0x002d, NtAlertThreadByThreadId, 4 ) \
- SYSCALL_ENTRY( 0x002d, NtSetEventBoostPriority, 0 ) \
- SYSCALL_ENTRY( 0x002d, NtAlertThreadByThreadId, 8 ) \
SYSCALL_ENTRY( 0x002d, NtSetEventBoostPriority, 0 ) \
SYSCALL_ENTRY( 0x0066, NtAlertThreadByThreadId, 4 ) \
SYSCALL_ENTRY( 0x0066, NtAlertThreadByThreadId, 8 ) \
My patch addresses from stub to syscall requirements for NtSetEventBoostPriority(HANDLE) function signature:
- SYSCALL_ENTRY( 0x002d, NtSetEventBoostPriority, 4 ) \
- SYSCALL_ENTRY( 0x002d, NtSetEventBoostPriority, 8 ) \
Longer explanation still pending further review. I'll provide more details as found.
I'm still addressing other stubs that may still be broken but not fixed yet because they have not bugged Xenia Canary so far:
./wine/dlls/ntdll/ntsyscalls.h SYSCALL_STUB( NtApphelpCacheControl ) \ SYSCALL_STUB( NtCreateProcessEx ) \ SYSCALL_STUB( NtMapUserPhysicalPagesScatter ) \ SYSCALL_STUB( NtSetEventBoostPriority ) \ SYSCALL_STUB( NtTraceEvent ) \ SYSCALL_STUB( NtWaitForMultipleObjects32 ) \ SYSCALL_STUB( NtWorkerFactoryWorkerReady )
ntsyscalls.h may have been auto generated with bugs by Perl script: ./wine/tools/make_specfiles
SYSCALL_STUB may be bugged. If so then once fixed, other stubs may not require being fleshed out from stub to syscall as done for NtSetEventBoostPriority. However switching NtSetEventBoostPriority from stub to syscall may still be considered valid and ideal vs leaving less fleshed out.
These very low level changes were authored by Julliard whose wisdom and insights will be appreciated for merge request review: https://gitlab.winehq.org/wine/wine/-/merge_requests/8955
These are not bugs, they are simply new stubs that didn't exist before. It was necessary to add them to make the syscall numbers line up properly.
Apps may start calling them once they see that the function exists, in which case the stub needs to be fleshed out enough to make the app happy. That's a normal thing that happens every time some stub is added.
http://bugs.winehq.org/show_bug.cgi?id=58688
--- Comment #18 from Stian Low wineryyyyy@gmail.com --- (In reply to Alexandre Julliard from comment #17)
These are not bugs, they are simply new stubs that didn't exist before. It was necessary to add them to make the syscall numbers line up properly.
Got it. I'll consider these cases expected behavior and not bugs going forward.
Apps may start calling them once they see that the function exists, in which case the stub needs to be fleshed out enough to make the app happy. That's a normal thing that happens every time some stub is added.
A most minimal stub seems to have made it happy enough per basic testing for now.
Unfortunately I can't test much further until black screen issue is resolved which may be a separate bug pending feedback from reporter whether its working for their WINE release.
(In reply to Zeb Figura from comment #16)
As one would expect, they work around its absence, but now that it's a proper export they are crashing on it.
Understood. Thanks for clarifying.
http://bugs.winehq.org/show_bug.cgi?id=58688
--- Comment #19 from Stian Low wineryyyyy@gmail.com --- (In reply to Zeb Figura from comment #16)
https://github.com/xenia-canary/xenia-canary/blob/canary_experimental/src/ xenia/base/threading_win.cc#L310
NtSetEventBoostPriority is the only explicit call by Xenia Canary of all the stubs added by commit ed9f31120b6 so it seems unnecessary to flesh the others at least for resolving this bug report.
NtSetEventBoostPriority also does not seem to be the cause of the black screen displayed instead of graphics rendered because it still occurs for my 10.12 builds which is before the stubs were added.
http://bugs.winehq.org/show_bug.cgi?id=58688
--- Comment #20 from Stian Low wineryyyyy@gmail.com --- (In reply to Nikolay Sivov from comment #13)
Do we know why it helps, if it actually does?
Further details:
NtSetEventBoostPriority was introduced to Xenia-Canary by commit eb8154908 3 years ago: https://github.com/xenia-canary/xenia-canary/commit/eb8154908
NtSetEventBoostPriority is entirely absent from upstream Xenia from which Xenia-Canary is forked: https://github.com/xenia-project/xenia/blob/master/src/xenia/base/threading_...
Xenia-Canary Discord links are now broken which may have explained how NtSetEventBoostPriority was intended to work: https://github.com/xenia-canary/xenia-canary/blob/canary_experimental/src/xe...
NtSetEventBoostPriority is practically undocumented by Microsoft so only third party sources hint at it: https://j00ru.vexillium.org/syscalls/nt/64/
ReactOS implements by calling KeSetEventBoostPriority: https://doxygen.reactos.org/d4/deb/ntoskrnl_2ex_2event_8c.html#a0865a1c73b82...
KeSetEventBoostPriority for WINE has only this stub for entire codebase: https://gitlab.winehq.org/wine/wine/-/blob/master/dlls/ntoskrnl.exe/ntoskrnl...
Xenia-Canary simply used NtSetEvent matching vanilla Xenia prior to regression commit ed9f31120b6 introducing NtSetEventBoostPriority syscall.
NtSetEventBoostPriority for Xenia-Canary seems not intended for use with WINE.
Therefore unless reporter has specific reason to use more experimental Xenia-Canary instead of upstream, I recommend using vanilla Xenia for better support for WINE: https://github.com/xenia-project/release-builds-windows/releases
My basic brief tests reproduced the same results for official Xenia as Xenia-Canary for WINE 10.12 and latest with NtSetEventBoostPriority patch.
Black screen still appears where graphics should be rendered for official Xenia as for Xenia-Canary for vanilla WINE.
GE-Proton10-14 renders graphics instead of black screen as expected for official Xenia just as for Xenia-Canary.
As for the merge request I submitted to handle NtSetEventBoostPriority, it may be considered unnecessary based on these latest findings.
I'm unable to find NtSetEventBoostPriority usage anywhere else outside of Xenia-Canary so it seems to be an extremely edge case that may be considered invalid until a better explanation is provided as to how it is intended for use for Xenia-Canary.
I leave the decision whether my merge request should be closed as unnecessary to Nikolay, Zeb, and/or Julliard who have better insights as to how these edge cases should be handled.
http://bugs.winehq.org/show_bug.cgi?id=58688
--- Comment #21 from Stian Low wineryyyyy@gmail.com --- (In reply to Stian Low from comment #20)
I leave the decision whether my merge request should be closed as unnecessary to Nikolay, Zeb, and/or Julliard who have better insights as to how these edge cases should be handled.
I'm willing to continue fleshing out NtSetEventBoostPriority if considered worthy of effort.
Implementation basis: https://learn.microsoft.com/en-us/windows/win32/procthread/priority-boosts
http://bugs.winehq.org/show_bug.cgi?id=58688
--- Comment #22 from Nikolay Sivov bunglehead@gmail.com --- I see now that I checked a different project xenia, instead of xenia-canary. Now it's obvious why it's crashing, and I don't think it's a problem to have this stub.
-
WineHQ Bugzilla