http://bugs.winehq.org/show_bug.cgi?id=14490
--- Comment #9 from Forester pbronline-wine@yahoo.co.uk 2009-02-01 09:46:16 --- Created an attachment (id=19151) --> (http://bugs.winehq.org/attachment.cgi?id=19151) Crash traceback, Wine 1.1.14, WINEDEBUG=+tid,+relay,+text
Thanks for taking an interest. Any help finding the root cause of this one would be appreciated. I attach the log you ask for (I hope). This was generated again Wine 1.1.14. I fear it will not tell you very much.
My reading of this is that the crash comes from a bum string pointer (value 0x6261) being a passed to strlen() by DrawTextA(), which has been passed the pointer by the application. The magic value 0x6261 appears nowhere else in the trace. The previous call to DrawTextA() has the same parameter values expect for the string address. There the address 0x0. Benign but hardly purposeful. This suggests to me that we are seeing the consequences of an earlier corruption of memory. I don't know how to start looking for this kind of problem under Wine.
I can tell you that this crash is merely an easy to reproduce example of a general malaise affecting this particular application. It seems many (if not all) pop-up windows that present a series of tabs will crash. I've have them crash without displaying anything, I've had then crash after displaying just the first tab, I've had them crash after display gibberish (non-latin text) in the tab labels and I've even had them crash when everything looks OK.
This particular example is a common (suite wide) settings dialogue. WordPerfect does not crash, Presentations does crash. The dialogue looks the same (common code ?).
If this is corruption, it is not ramdon. The magic 0x6261 turns up in another trace I have - different version of the application, different version of Wine, different host machine, different Linux distribution etc. etc.