[Bug 49235] New: Microsoft Visual Studio 2010 Express crashes with stack overflow in IDWriteTextAnalyzer::GetGdiCompatibleGlyphPlacements

https://bugs.winehq.org/show_bug.cgi?id=49235

Bug ID: 49235 Summary: Microsoft Visual Studio 2010 Express crashes with stack overflow in IDWriteTextAnalyzer::GetGdiCompatibleGlyphPlacements Product: Wine Version: 5.9 Hardware: x86-64 OS: Linux Status: NEW Severity: normal Priority: P2 Component: dwrite Assignee: wine-bugs@winehq.org Reporter: focht@gmx.net Distribution: ---

Hello folks,

encountered while checking some old bug reports.

Regression introduced by commit https://source.winehq.org/git/wine.git/commitdiff/c8f409ed9311c6b84b2383ac56... ("dwrite: Keep user features values.").

Wine 5.8 works.

Download:

https://web.archive.org/web/20111016110147/http://download.microsoft.com/dow...

--- snip --- $ pwd /home/focht/.wine/drive_c/Program Files (x86)/Microsoft Visual Studio 10.0/Common7/IDE

$ WINEDEBUG=+seh,+relay,+dwrite wine ./VCExpress.exe >>log.txt 2>&1 ... 0024:trace:dwrite:dwritefactory_CreateTextAnalyzer 0x1257da0, 0x31a65c. ... 0024:trace:dwrite:dwritetextanalyzer_GetGlyphs (L"File":4 0x6ad5298 0 0 "Latn" L"en-US" (nil) 0x1db23b8 0x2665314 2 48 0x31b7a4 0x31b984 0x6ad6218 0x6ad6158 0x31a5e4) 0024:trace:dwrite:analyzer_dump_user_features feature range [0,1) 0024:trace:dwrite:analyzer_dump_user_features feature "calt", parameter 1 0024:trace:dwrite:analyzer_dump_user_features feature "clig", parameter 1 0024:trace:dwrite:analyzer_dump_user_features feature "kern", parameter 1 0024:trace:dwrite:analyzer_dump_user_features feature "liga", parameter 1 0024:trace:dwrite:analyzer_dump_user_features feature range [1,4) 0024:trace:dwrite:analyzer_dump_user_features feature "calt", parameter 1 0024:trace:dwrite:analyzer_dump_user_features feature "clig", parameter 1 0024:trace:dwrite:analyzer_dump_user_features feature "kern", parameter 1 0024:trace:dwrite:analyzer_dump_user_features feature "liga", parameter 1 0024:Call ntdll.RtlAllocateHeap(00110000,00000008,00000058) ret=f723159c 0024:Ret ntdll.RtlAllocateHeap() retval=06ae6488 ret=f723159c 0024:trace:dwrite:dwritefontface_TryGetFontTable 0x6ad5298, "GSUB", 0x6ae6494, 0x6ae649c, 0x6ae6498, 0x31a27c. 0024:trace:dwrite:dwritefontface_TryGetFontTable 0x6ad5298, "GPOS", 0x6ae64b0, 0x6ae64b8, 0x6ae64b4, 0x31a27c. 0024:trace:dwrite:dwritefontface_TryGetFontTable 0x6ad5298, "GDEF", 0x6ae64cc, 0x6ae64d4, 0x6ae64d0, 0x31a27c. ... 0024:warn:dwrite:opentype_layout_apply_gsub_lookup Unimplemented lookup 4. 0024:warn:dwrite:opentype_layout_apply_gsub_lookup Unimplemented lookup 4. 0024:warn:dwrite:opentype_layout_apply_gsub_lookup Unimplemented lookup 4. 0024:warn:dwrite:opentype_layout_apply_gsub_lookup Unimplemented lookup 4. ... 0024:trace:dwrite:dwritetextanalyzer_GetGdiCompatibleGlyphPlacements (L"File" 0x31b7a4 0x31b984 4 0x6ad6218 0x6ad6158 4 0x6ad5298 11.00 1.00 0x31a698 0 0 0 "Latn" L"en-US" 0x1db2428 0x2665650 2 0x1db23b8 0x1db2400) 0024:trace:dwrite:analyzer_dump_user_features feature range [0,1) 0024:trace:dwrite:analyzer_dump_user_features feature "calt", parameter 1 0024:trace:dwrite:analyzer_dump_user_features feature "clig", parameter 1 0024:trace:dwrite:analyzer_dump_user_features feature "kern", parameter 1 0024:trace:dwrite:analyzer_dump_user_features feature "liga", parameter 1 0024:trace:dwrite:analyzer_dump_user_features feature range [1,4) 0024:trace:dwrite:analyzer_dump_user_features feature "calt", parameter 1 0024:trace:dwrite:analyzer_dump_user_features feature "clig", parameter 1 0024:trace:dwrite:analyzer_dump_user_features feature "kern", parameter 1 0024:trace:dwrite:analyzer_dump_user_features feature "liga", parameter 1 ... 0024:trace:dwrite:shape_get_positions script "latn", language deflangsys. 0024:Call KERNEL32.HeapFree(00110000,00000000,00000000) ret=f722fb57 0024:Ret KERNEL32.HeapFree() retval=00000001 ret=f722fb57 0024:Call KERNEL32.HeapFree(00110000,00000000,06ae6518) ret=f7231777 0024:trace:seh:raise_exception code=c0000005 flags=0 addr=0x7bc6ea54 ip=7bc6ea54 tid=0024 0024:trace:seh:raise_exception info[0]=00000001 0024:trace:seh:raise_exception info[1]=00000005 0024:trace:seh:raise_exception eax=00000001 ebx=06ae6510 ecx=06ae6718 edx=00000001 esi=06a00000 edi=00000208 0024:trace:seh:raise_exception ebp=0031a088 esp=00319f90 cs=0023 ds=002b es=002b fs=0063 gs=006b flags=00010202 0024:trace:seh:call_vectored_handlers calling handler at 0x791f5a7c code=c0000005 flags=0 ... 0024:trace:seh:call_stack_handlers handler at 0x7968f358 returned 1 0024:trace:seh:call_stack_handlers calling handler at 0x791ccc44 code=c0000005 flags=0 0024:Call KERNEL32.GetLastError() ret=7919c63c 0024:Ret KERNEL32.GetLastError() retval=00000000 ret=7919c63c 0024:Call ntdll.RtlAllocateHeap(00110000,00000000,0000004c) ret=7919bf7e 0024:err:seh:setup_exception_record stack overflow 816 bytes in thread 0024 eip f7be36c5 esp 00221000 stack 0x220000-0x221000-0x320000 --- snip ---

Unrelated: It would be helpful if 'dwrite' could be turned into a PE with PDB symbols. Winedbg is really useless as of now.

$ sha1sum VS2010Express1.iso adef5e361a1f64374f520b9a2d03c54ee43721c6 VS2010Express1.iso

$ du -sh VS2010Express1.iso 694M VS2010Express1.iso

$ wine --version wine-5.9

Regards