[Bug 59362] New: Crashes & other failures with Windows Imaging
http://bugs.winehq.org/show_bug.cgi?id=59362 Bug ID: 59362 Summary: Crashes & other failures with Windows Imaging Product: Wine Version: 11.1 Hardware: x86-64 OS: Linux Status: UNCONFIRMED Severity: major Priority: P2 Component: windowscodecs Assignee: wine-bugs@list.winehq.org Reporter: p@perkele.cc Distribution: --- Created attachment 80297 --> http://bugs.winehq.org/attachment.cgi?id=80297 Repro C++ Verified on: Fedora 43 / x86_64 / Wine 11.1 Run attached program. Exact failure scenario varies between configurations - 32bit/64bit, static/DLL runtime. Sighted: crashes, E_INVALIDARG, nonsensical values given by Gdiplus immediately after using Windows Imaging. This program - as far as I know - never fails on actual Windows machine, unless somehow entirely missing JPEG decoder. Included test data is JPEG, but image format doesn't seem to be a factor, tested PNG, results seemed the same. -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=59362 regis <paregistrase@yahoo.es> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |paregistrase@yahoo.es -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=59362 --- Comment #1 from Piotr Pawłowski <p@perkele.cc> --- Created attachment 80298 --> http://bugs.winehq.org/attachment.cgi?id=80298 Log: 32bit (crashed) -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=59362 --- Comment #2 from Piotr Pawłowski <p@perkele.cc> --- Created attachment 80299 --> http://bugs.winehq.org/attachment.cgi?id=80299 Log: 64bit (E_INVALIDARG) -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=59362 Connor McAdams <cmcadams@codeweavers.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |cmcadams@codeweavers.com --- Comment #3 from Connor McAdams <cmcadams@codeweavers.com> --- Could you also add a log with WINEDEBUG=+wincodecs ? -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=59362 --- Comment #4 from Piotr Pawłowski <p@perkele.cc> --- Created attachment 80301 --> http://bugs.winehq.org/attachment.cgi?id=80301 Log: 32bit WINEDEBUG=+wincodecs -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=59362 --- Comment #5 from Piotr Pawłowski <p@perkele.cc> --- Created attachment 80302 --> http://bugs.winehq.org/attachment.cgi?id=80302 Log: 64bit WINEDEBUG=+wincodecs Added WINEDEBUG=+wincodecs logs. -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=59362 --- Comment #6 from Piotr Pawłowski <p@perkele.cc> --- Just tested macOS 26.2 ARM, Wine 11.0 (homebrew), same results. -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=59362 Bernhard Übelacker <bernhardu@mailbox.org> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |bernhardu@mailbox.org --- Comment #7 from Bernhard Übelacker <bernhardu@mailbox.org> --- Hello Piotr, the "Repro C++"/WindowsCodecsTest.cpp contains this line: EH << ret->LockBits(&rc, 0, pixelFormat_gdiplus, &bitmapData); I am not sure, but this LockBits method seems to return via GdipBitmapLockBits the value InvalidParameter. But the EH objects interprets this as HRESULT. And the "FAILED(hr)" may just interpret negative values as errors. Therefore bitmapData seems to contain uninitialized data, and if we are lucky we use the "bitmapData.Stride <= 0" path and get the error message, if we have no luck we enter the path into CopyPixels. Therefore WINEDEBUG=+wincodecs,+gdiplus may be helpful from here. Relaxing the flags check and accepting a flags==0 in GdipBitmapLockBits seems to make the repro to succeed: dlls/gdiplus/image.c @@ -1127,3 +1127,3 @@ GpStatus WINGDIPAPI GdipBitmapLockBits... if(rect->X < 0 || rect->Y < 0 || (rect->X + rect->Width > bitmap->width) || - (rect->Y + rect->Height > bitmap->height) || !flags) + (rect->Y + rect->Height > bitmap->height) /*|| !flags*/) { Can you confirm this? -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=59362 Piotr Pawłowski <p@perkele.cc> changed: What |Removed |Added ---------------------------------------------------------------------------- Component|windowscodecs |gdiplus --- Comment #8 from Piotr Pawłowski <p@perkele.cc> --- Thank you very much, sir. That's two and a half bugs in my code: * flags = 0 passed to LockBits(), undocumented behavior is that method succeeds and at least writing to the buffer works. Looks like 0 needs to be treated as ImageLockModeRead|ImageLockModeWrite? * Wrong error handler used, unintended treatment of Gdiplus::Status as HRESULT. * ... and uninitialized bitmapData making above one worse. And finally, looks like exposed compatibility problem is Gdiplus not WindowsCodecs. -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=59362 Piotr Pawłowski <p@perkele.cc> changed: What |Removed |Added ---------------------------------------------------------------------------- Summary|Crashes & other failures |Gdiplus LockBits() flags=0 |with Windows Imaging |different behavior than | |Microsoft implementation -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=59362 --- Comment #9 from Bernhard Übelacker <bernhardu@mailbox.org> --- Thanks for taking a look. I submitted a merge request here: https://gitlab.winehq.org/wine/wine/-/merge_requests/10022 Maybe you can confirm if this makes an affected foobar2000 build work. While searching I found there was already a patch submitted in 2012 by Dmitry Timoshkov, unfortunately without further comments, as far as I see: https://www.winehq.org/pipermail/wine-patches/2012-July/115962.html -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=59362 Bernhard Übelacker <bernhardu@mailbox.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Keywords| |source, testcase -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=59362 Dmitry Timoshkov <dmitry@baikal.ru> changed: What |Removed |Added ---------------------------------------------------------------------------- Ever confirmed|0 |1 Status|UNCONFIRMED |NEW --- Comment #10 from Dmitry Timoshkov <dmitry@baikal.ru> --- (In reply to Bernhard Übelacker from comment #9)
While searching I found there was already a patch submitted in 2012 by Dmitry Timoshkov, unfortunately without further comments, as far as I see: https://www.winehq.org/pipermail/wine-patches/2012-July/115962.html
There was a reply on wine-devel: https://www.winehq.org/pipermail/wine-devel/2012-July/096248.html -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=59362 --- Comment #11 from Piotr Pawłowski <p@perkele.cc> --- Thanks for all the replies. Tested 10022 against offending foobar2000 build, now works properly, so it's fixed from my point of view. I have been probing how MS gdiplus DLL handles different combination of flags, but it looks like flags=0 case works by accident there - passing ImageLockModeUserInputBuf alone isn't letting me write. So it's probably best we don't attempt more fixes here (such as explicit flags sanitization) until an app that requires such is found in the wild. -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=59362 --- Comment #12 from Bernhard Übelacker <bernhardu@mailbox.org> --- There merge request got committed here: https://gitlab.winehq.org/wine/wine/-/commit/ea4994302823906d8f9eb413df4ba1a... Thanks for creating such a nice reproducer. I guess we are done here with this bug report from wine side? -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=59362 Alexandre Julliard <julliard@winehq.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |CLOSED --- Comment #14 from Alexandre Julliard <julliard@winehq.org> --- Closing bugs fixed in 11.3. -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
participants (1)
-
WineHQ Bugzilla