https://bugs.winehq.org/show_bug.cgi?id=54028

Bug ID: 54028 Summary: [cause crash - two problem] dwrite function "create_colorglyphenum" returns DWRITE_E_NOCOLOR and causing null pointer crash on 7.12 but not on 7.22 Product: Wine Version: 7.12 Hardware: x86 OS: Linux Status: UNCONFIRMED Severity: blocker Priority: P2 Component: dwrite Assignee: wine-bugs@winehq.org Reporter: 399989567@qq.com Distribution: ---

(This problem can be reproduced without any account)

There are two problems here.I found out that the first problem existed in 7.12 and cause crash, but was fixed in 7.22 (doesn't exist).The second problem exists in 7.22 and cause crash, but not in 7.12.

I found that the first problem has been fixed, so I would like to ask which commit was fixed it (because there are many commits, I think the developer of wine may know better and can give the answer at once,if You feel this bothered you, first of all I'm sorry) .

The second issue renders the application completely unusable (QQ Music APP can worked in 7.12, but not in 7.22)

--------

Question 1:

Describe the crash below (note that the font file msyh.ttf needs to be added in the ./wine/fonts directory to trigger the crash)

Let me explain here why the font msyh.ttf is added to the ./wine/fonts directory instead of using the original wine Because only after adding the font, QQ Music will call this function "create_colorglyphenum", which will cause a crash. If this font is not added, QQ Music will not call this function and use other logic. Because I don't have the source code of QQ Music, I don't know the logic of calling the function, so it is necessary to add this font file. The font file is added to reproduce the crash, not to change the wine.

Here's a description of how the crash happens:

Background: In the QQ Music program, this APP want to use the font "Microsoft YaHei" to output the four characters "QQ音乐". The function to call is: dwritetextlayout_Draw -> QQMusic logic -> create_colorglyphenum -> crash

The cause of the crash is that in the function "create_colorglyphenum", there is a judgment of "!colorfont".

if (!colorfont) return DWRITE_E_NOCOLOR;

The "Microsoft YaHei" is not colorfont, it will return DWRITE_E_NOCOLOR directly, thus triggering a null pointer crash. But I found that in the current wine7.22, the same return here but no longer triggers the crash, so I would like to ask which commit fixed this problem (the dichotomy method consumes a lot of time, so I want to ask if you know the commit first, if You feel this bothered you, first of all say sorry)

In summary,All you have to do is to add the font file, run the exe file I sent with wine7.12 . QQ Music official website link: https://y.qq.com/ (I will attach the corresponding exe installation package in the next reply, the attached exe file is worried that you are inconvenient to download from the official website)

crash information:

01d8:trace:dwrite:dwritefontface2_IsColorFont 03159B38. wine: Unhandled page fault on read access to 00000000 at address 511406CB (thread 01d8), starting debugger...

--------

Question 2:

Use the original wine 7.22 without any modification, after installing QQ Music, open the application, the application cannot be displayed (without any UI interface),which makes the entire application unusable, but 7.12 can be displayed UI and text normally.

Figure 1 shows how 7.12 can be displayed normally, and Figure 2 shows how 7.22 cannot display normally