https://bugs.winehq.org/show_bug.cgi?id=51496
Bug ID: 51496 Summary: On KDE riched20:editor triggers a clipboard infinite loop, crashing explorer.exe Product: Wine Version: unspecified Hardware: x86-64 OS: Linux Status: NEW Severity: normal Priority: P2 Component: -unknown Assignee: wine-bugs@winehq.org Reporter: fgouget@codeweavers.com Distribution: ---
Created attachment 70337 --> https://bugs.winehq.org/attachment.cgi?id=70337 Minimal riched20:editor test to reproduce the crash
On my machine, running riched20:editor results in one of explorer.exe's threads being terminated following a stack overflow caused by a clipboard infinite loop:
0098:trace:clipboard:X11DRV_SelectionRequest got request on e00004 for selection "CLIPBOARD" target "STRING" win 3af prop "STRING" 0098:trace:clipboard:OpenClipboard 00010040
0098:trace:clipboard:GetClipboardData (CF_UNICODETEXT) 0098:trace:clipboard:GetClipboardData status=0 data 00A127D8 size=0 seqno 10 0098:trace:clipboard:GetClipboardData render=1 from=CF_TEXT 0098:trace:clipboard:GetClipboardData calling render_synthesized_format 0098:trace:clipboard:render_synthesized_format (CF_UNICODETEXT, CF_TEXT) 0098:err:clipboard:render_synthesized_format calling GetClipboardData
0098:trace:clipboard:GetClipboardData (CF_TEXT) 0098:trace:clipboard:GetClipboardData status=0 data 00A127D8 size=0 seqno 8 0098:trace:clipboard:GetClipboardData render=1 from=CF_UNICODETEXT 0098:trace:clipboard:GetClipboardData calling render_synthesized_format 0098:trace:clipboard:render_synthesized_format (CF_TEXT, CF_UNICODETEXT) 0098:err:clipboard:render_synthesized_format calling GetClipboardData
0098:trace:clipboard:GetClipboardData (CF_UNICODETEXT) 0098:trace:clipboard:GetClipboardData status=0 data 00A127D8 size=0 seqno 10 0098:trace:clipboard:GetClipboardData render=1 from=CF_TEXT 0098:trace:clipboard:GetClipboardData calling render_synthesized_format 0098:trace:clipboard:render_synthesized_format (CF_UNICODETEXT, CF_TEXT) 0098:err:clipboard:render_synthesized_format calling GetClipboardData
0098:trace:clipboard:GetClipboardData (CF_TEXT) ...
This happens specifically on KDE because KDE's clipboard manager queries Wine's clipboard content.
Notes: * The TestBot Wine VM(s) do not run KDE or any form of clipboard manager which is why they are not impacted. * Since 308a5e7 the crash happens while explorer holds the "main process heap" critical section causing it to be unresponsive from that point forward:
006c:err:ntdll:RtlpWaitForCriticalSection section 00480094 "dlls/ntdll/heap.c: main process heap section" wait timed out in thread 006c, blocked by 0098, retrying (60 sec)
* In turn this causes many timeouts in winetest.exe which is why my machine has not been submitting results since then. * This bug was already present before 308a5e7. * At the time the stack overflow did not happen while the critical section was being held so the consequences were not as far ranging which allowed winetest.exe to complete (almost?) normally.