http://bugs.winehq.org/show_bug.cgi?id=19986
Summary: can't start imap gis of my town. it work under winxp. Product: Wine Version: 1.1.23 Platform: PC OS/Version: Linux Status: UNCONFIRMED Severity: normal Priority: P2 Component: -unknown AssignedTo: wine-bugs@winehq.org ReportedBy: kruvalig@gmail.com
Created an attachment (id=23514) --> (http://bugs.winehq.org/attachment.cgi?id=23514) log of the command 'wine imap_september_2009.exe'
I install program imap_september_2009.exe. This is a GIS of my town. And this is a programm on russian language. It hase wisard to install. And seems that programm installed normal. But i can't start it.
When i start it with command wine iMap.exe i see error: 'Error initialisation when call file jet VBAjET.dll for 16 bit version.... error 3447. Whould you like to see hel?' i press no. Then i see window that i can see in windowsxp. This window is a window of loading this program. On this window i press NEXT, and then i see dialog of error.
i use wine under Fedora 11.
http://imap58.ru/download/ - this is link on page with this program. http://imap58.ru/dl/0 - this is link on file with this program.
http://bugs.winehq.org/show_bug.cgi?id=19986
--- Comment #1 from Andrew Nguyen arethusa26@gmail.com 2009-09-08 18:46:52 --- Does using winetricks (http://wiki.winehq.org/winetricks) to install jet40 allow the application to work?
http://bugs.winehq.org/show_bug.cgi?id=19986
Vitaliy Margolen vitaliy@kievinfo.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Attachment #23514|application/octet-stream |text/plain mime type| |
http://bugs.winehq.org/show_bug.cgi?id=19986
--- Comment #2 from Vitaliy Margolen vitaliy@kievinfo.com 2009-09-08 21:04:58 --- Please upgrade Wine to latest version - wine-1.1.29 and retest.
http://bugs.winehq.org/show_bug.cgi?id=19986
--- Comment #3 from kruvalig kruvalig@gmail.com 2009-09-09 11:13:06 --- i upgrade under fedora 11 to wine 1.1.29 from test repo. And no, programm is not work.
i install jet40 with help http://wiki.winehq.org/winetricks and i can say
1. I start program. 2. I see splash window and i press Next on this window. (Now i don't see error VBAjET.dll) 3. Gnome fail. I see black screen. And it restart. I see login page for my Fedora 11. I login. And see error message from wine.
My smolt page: http://www.smolts.org/show?uuid=pub_42e806b0-bed4-439a-b7c0-9924d5a22624
http://bugs.winehq.org/show_bug.cgi?id=19986
--- Comment #4 from kruvalig kruvalig@gmail.com 2009-09-09 12:11:24 --- I try to start iMap under VirtualBox Fedora 11 wine.
and it start (with some graphics bug), but when i scale map it crash
1. start application http://my.jetscreenshot.com/1107/20090909-rngv-282kb.jpg 2. Zoom in map http://my.jetscreenshot.com/1107/20090909-dcgp-234kb.jpg 3. log of start script crash [qet@localhost iMap]$ wine iMap.exe X Error of failed request: BadLength (poly request too large or internal Xlib length error) Major opcode of failed request: 148 (RENDER) Minor opcode of failed request: 20 (RenderAddGlyphs) Serial number of failed request: 54322 Current serial number in output stream: 54513
This is a normal screenshot under windowsxp http://my.jetscreenshot.com/1107/20090909-kpy2-264kb.jpg
http://bugs.winehq.org/show_bug.cgi?id=19986
Vitaliy Margolen vitaliy@kievinfo.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|UNCONFIRMED |RESOLVED Resolution| |INVALID
--- Comment #5 from Vitaliy Margolen vitaliy@kievinfo.com 2009-09-09 20:50:07 --- (In reply to comment #3)
- Gnome fail. I see black screen. And it restart. I see login page for my
Fedora 11. I login. And see error message from wine.
Most likely bad video drivers. Wine is a user app and by definition can not crash X server.
Invalid.
http://bugs.winehq.org/show_bug.cgi?id=19986
Vitaliy Margolen vitaliy@kievinfo.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |CLOSED
--- Comment #6 from Vitaliy Margolen vitaliy@kievinfo.com 2009-09-09 20:52:49 --- Closing.
http://bugs.winehq.org/show_bug.cgi?id=19986
Tel lists@lnx-bsp.net changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |lists@lnx-bsp.net
--- Comment #7 from Tel lists@lnx-bsp.net 2010-01-01 23:21:23 --- I would like this to be re-opened.
The is a real bug in wine: it sends invalid xrender glyph data to the X11 server and for some (but not all) video drivers this crashes the X server. This also indicates a bug in the X server (the existence of one bug does not deny the existence of others). I can tell you about the X11 bug, it is a failure to check the NULL pointer in the file render.c and the function ProcRenderAddGlyphs() and a patch is available here --
https://bugs.launchpad.net/xserver-xorg-video-intel/+bug/408016
That said, I have no idea where the wine bug might be lurking other than that it is something to do with client-side font handling and the xrender extension. If you disable xrender in the X11 config or if you recompile wine with client side fonts disabled then the bug goes away (although many programs run into other different problems with this particular feature disabled).
http://bugs.winehq.org/show_bug.cgi?id=19986
--- Comment #8 from Dmitry Timoshkov dmitry@codeweavers.com 2010-01-03 04:43:19 --- (In reply to comment #7)
The is a real bug in wine: it sends invalid xrender glyph data to the X11 server and for some (but not all) video drivers this crashes the X server.
A user application should not be able to crash X server regardless what data it sends to it.
http://bugs.winehq.org/show_bug.cgi?id=19986
--- Comment #9 from Tel lists@lnx-bsp.net 2010-01-04 03:39:57 --- Hopefully someone who reads this might be interested in fixing bugs rather than ignoring the problem, the following could be useful:
export WINEDEBUG=+font,+xrender,+xrandr,+synchronous
In the trace you get:
trace:xrender:UploadGlyph buflen = 127920. Got metrics: 78715x13 adv=13175,0 origin=-1,11 err:seh:setup_exception_record stack overflow 940 bytes in thread 0009 eip 7bc39bcf esp 00240f84 stack 0x240000-0x241000-0x340000
Note that the font metric is clearly WRONG (no possible font could be 78000 pixels wide) and the buflen is much larger than expected (typical buflen values in UploadGlyph are less than 100 bytes). This shows errors in the font metric calculation.
Anyone having similar problems should trace with similar WINEDEBUG and search for the UploadGlyph line with the broken metric values. If you have similar problems please post to this bug, maybe get it opened again.
As a bit of additional info, I see lines like this in the trace:
trace:font:WineEngGetGlyphOutline 4,8,(0,8),5,0
Almost always these are small numbers, but right before the bug hits I see larger numbers like so:
trace:xrender:get_xrender_format Returning wxr_format=0 trace:font:GetGlyphOutlineW (0x1d0, 0056, 0081, 0x33e338, 127920, 0x1fea40, 0x73632ab6) trace:font:WineEngGetGlyphOutline 0x1a0dc0, 0056, 00000081, 0x33e338, 0001f3b0, 0x1fea40, 0x73632ab6 trace:font:WineEngGetGlyphOutline font transform 1.000000 0.000000 0.000000 1.000000 trace:font:WineEngGetGlyphOutline Vec 0,704 trace:font:WineEngGetGlyphOutline Vec 0,-128 trace:font:WineEngGetGlyphOutline Vec 384,704 trace:font:WineEngGetGlyphOutline Vec 384,-128 trace:font:WineEngGetGlyphOutline transformed box: (-64,704 - 5037696,-128) trace:font:WineEngGetGlyphOutline 78715,13,(-1,11),13175,0
This is the only place I see the "Vec" lines and also the only place I see large numbers in the WineEngGetGlyphOutline result so that might be something to look for.
http://bugs.winehq.org/show_bug.cgi?id=19986
--- Comment #10 from Tel lists@lnx-bsp.net 2010-01-04 03:56:07 --- This also looks like part of the broken calculation:
trace:font:GetTextMetricsW text metrics: Weight = 400 FirstChar = 32 AveCharWidth = 65592 Italic = 0 LastChar = 255 MaxCharWidth = 144302 UnderLined = 255 DefaultChar = 129 Overhang = 0 StruckOut = 255 BreakChar = 32 CharSet = 0 PitchAndFamily = 21 -------------------- InternalLeading = 2 Ascent = 11 Descent = 2 Height = 13
Normally AveCharWidth will be a small number, in various places it is a large number but whenever it is large the number is always 65592 and that does not make a plausible font width.
2^16 + 64 - 8 = 65592
Looks a lot like a 16 bit integer calculation gone wrong ?
http://bugs.winehq.org/show_bug.cgi?id=19986
--- Comment #11 from Tel lists@lnx-bsp.net 2010-01-04 04:33:41 --- I've studied a bit more and think that the application itself is generating this strange wide font value. Wine takes the unreasonable values and makes an attempt to do what it is asked, the buck gets passed into X11DRV_SelectFont() and then ultimately pushes disaster onto the X11 drivers. Layer upon layer without sanity checking.
warn:font:CreateFontIndirectW orientation angle 208225028.600000 set to escapement angle 134086.000000 for new font 0x1a0d48 trace:font:CreateFontIndirectW (-11 65592 1340860 2082250286 0 244 df 51 0) L"MS Sans Serif" Italic Underline => 0x1ac0
lfHeight = -11 lfWidth = 65592 lfEscapement = 1340860 lfOrientation = 2082250286 lfPitchAndFamily = 0x0 lfOutPrecision = 244 lfClipPrecision = 0xdf lfQuality = 51 lfCharSet = 0
These values are completely bogus, somehow Microsoft Win-XP can run this so I'll try inserting a bit of defensive code into CreateFontIndirectW to see if I can protect myself from crashes but in order to do the job properly wine should attempt to handle such problems in a similar manner to however Microsoft does it. I don't have tools to do detailed research unfortunately.
Highly likely this same event was also the cause of:
http://bugs.winehq.org/show_bug.cgi?id=17338
http://bugs.winehq.org/show_bug.cgi?id=19986
--- Comment #12 from Dmitry Timoshkov dmitry@codeweavers.com 2010-01-05 08:20:58 --- Have you tried with latest Wine version?
http://bugs.winehq.org/show_bug.cgi?id=19986
--- Comment #13 from Tel lists@lnx-bsp.net 2010-01-06 01:52:36 --- Trying with wine 1.1.35 gives similar bogus values in trace:
warn:font:CreateFontIndirectW orientation angle 208225028.600000 set to escapement angle 136615.600000 for new font 0x1e18a8 trace:font:CreateFontIndirectW (-11 131150 1366156 2082250286 0 36 df 51 12) L"MS Sans Serif" Italic Underline => 0x21d0
lfHeight = -11 lfWidth = 131150 lfEscapement = 1366156 lfOrientation = 2082250286 lfPitchAndFamily = 0x0 lfOutPrecision = 36 lfClipPrecision = 0xdf lfQuality = 51 lfCharSet = 12
Strangely, not the same values as before and when I retry the program the numbers are similar but not consistent. Unfortunately this is a partly interactive program and it updates "workspace" files making it difficult to get a completely consistent result.
Good news that it does *NOT* crash out in wine 1.1.35 but that may be a fluke. There is some on-screen font corruption but only in window decoration... I can live with that. I am starting to think this application program is using uninitialized memory or something similar.
I tried going back to the version I was using before (1.1.29) and the crash came back, but the width is also back to 65592 under 1.1.29 so I cannot explain why the program gives different numbers under different wine versions (perhaps DLL changes effect the stack memory and the application does not clear the stack when it should). Comparing the wine source code for CreateFontIndirectW shows some changes between the two versions so maybe these are protecting the system somehow (but there is no obvious bounds-checking code so quite likely the protection is accidental).
I still suggest that their is a loophole in wine for badly behaved EXE programs to inject bogus parameters into CreateFontIndirectW() and generate outrageous glyph sizes in X11, and there is evidence that at least some existing Win-XP applications will behave in this manner.
However, my problem is solved for the time being, thanks for your interest.
I would be curious to know what the original poster could find with
export WINEDEBUG=+xrender,+font,+synchronous
and checking closely lines containing CreateFontIndirect ...
http://bugs.winehq.org/show_bug.cgi?id=19986
--- Comment #14 from Dmitry Timoshkov dmitry@codeweavers.com 2010-01-06 04:44:00 --- That particular problem was probably fixed by http://www.winehq.org/pipermail/wine-cvs/2009-October/060217.html
Still, an X11 crash is not a Wine bug.