[Bug 53231] New: d2d1:d2d1 - test_shared_bitmap() crashes on the TestBot VMs

https://bugs.winehq.org/show_bug.cgi?id=53231

Bug ID: 53231 Summary: d2d1:d2d1 - test_shared_bitmap() crashes on the TestBot VMs Product: Wine Version: unspecified Hardware: x86-64 OS: Linux Status: NEW Severity: normal Priority: P2 Component: directx-d3d Assignee: wine-bugs@winehq.org Reporter: fgouget@codeweavers.com Distribution: ---

d2d1:d2d1 - test_shared_bitmap() crashes on the TestBot VMs:

d2d1.c:5179: Test marked todo: 6: Got unexpected hr 0. Unhandled exception: page fault on write access to 0x00000000 in 32-bit code (0x6ac0f8ef). [...] Backtrace: =>0 0x6ac0f8ef d2d_device_context_Clear+0x7f(iface=<internal error>, colour=<internal error>) [Z:\home\winetest\tools\testbot\var\wine\dlls\d2d1\device.c:1647] in d2d1 (0x0066fc78) 1 0x00414d75 in d2d1_test (+0x14d75) (0x0066fd68) 2 0x00434613 in d2d1_test (+0x34613) (0x0066fdd8) 3 0x00434983 in d2d1_test (+0x34983) (0x0066fe38) 4 0x0043618d in d2d1_test (+0x3618d) (0x0066fee8) 5 0x00435fbf in d2d1_test (+0x35fbf) (0x0066ff30) 6 0x7b62a170 in kernel32 (+0x2a170) (0x0066ff48) 7 0x7bc5a937 in ntdll (+0x5a937) (0x0066ff5c) 8 0x7bc5aff0 RtlCreateUserThread(entry=00435F40, arg=7FFD1000) [Z:\home\winetest\tools\testbot\var\wine\dlls\ntdll\thread.c:261] in ntdll (0x0066ffec) 0x6ac0f8ef d2d_device_context_Clear+0x7f [Z:\home\winetest\tools\testbot\var\wine\dlls\d2d1\device.c:1647] in d2d1: fsts 0x0(%eax) 1647 vs_cb_data->transform_geometry._11 = 1.0f;

https://test.winehq.org/data/patterns.html#d2d1:d2d1

The crash still happens even if all the tests are commented out except test_shared_bitmap(). Furthermore adding traces shows that it happens in either of the two locations below:

https://gitlab.winehq.org/wine/wine/-/blob/f6f66661b3fabdcd6cf2f4999b3029e72... /* DXGI surface render target and WIC bitmap render target, same factory. */ hr = ID2D1Factory_CreateWicBitmapRenderTarget(factory1, wic_bitmap2, &desc, &rt2); // crashed here

or

https://gitlab.winehq.org/wine/wine/-/blob/f6f66661b3fabdcd6cf2f4999b3029e72... ID2D1GdiInteropRenderTarget_Release(interop); hr = ID2D1Factory_CreateWicBitmapRenderTarget(factory2, wic_bitmap2, &desc, &rt2); // crashed here

The crashes only happen with 32-bit code.

d2d1:d2d1 also crashes on my box with an Intel GPU and the crash happens in the same two locations but the backtrace is different.