http://bugs.winehq.org/show_bug.cgi?id=9840
Summary: Font file (ttf) causes fatal Fortress Forever crash Product: Wine Version: 0.9.46. Platform: PC-x86-64 OS/Version: Linux Status: UNCONFIRMED Severity: normal Priority: P2 Component: wine-misc AssignedTo: wine-bugs@winehq.org ReportedBy: Tsukasa1105@gmail.com
The files Crosshairs.ttf, HUDfont.ttf, and HUDfont_caps.ttf in Fortress Forever cause the game to crash upon launching. Removal of these files fixes the problem, but in turn causes the in-game GUI to become invisible. Attached is the log of the crash with the font files in use.
http://bugs.winehq.org/show_bug.cgi?id=9840
--- Comment #1 from Sean Tsukasa1105@gmail.com 2007-09-30 04:09:44 --- Created an attachment (id=8304) --> (http://bugs.winehq.org/attachment.cgi?id=8304) Fortress Forever crashlog from custom fonts
http://bugs.winehq.org/show_bug.cgi?id=9840
--- Comment #2 from Sean Tsukasa1105@gmail.com 2007-09-30 04:10:54 --- Created an attachment (id=8305) --> (http://bugs.winehq.org/attachment.cgi?id=8305) One of the three fonts which causes FF to crash
http://bugs.winehq.org/show_bug.cgi?id=9840
--- Comment #3 from Dmitry Timoshkov dmitry@codeweavers.com 2007-09-30 07:04:07 --- Does 'wine notepad' crashes for you when selecting this font? What freetype version is installed in your system?
The attached font doesn't cause a crash in builtin Wine notepad and FreeType 2.3.5 for me.
Wine is not able to actually show any character using this font, only 'c' is displayed. But that's because freetype selects first unicode cmap table which happens to be with platform id 0 (Apple Unicode), and that cmap table is incomplete (or truncated). cmap tables for other platforms (1 and 3) are good, and making freetype ignore cmap with platform id 0 makes the font display properly in Wine's notepad. I'm going to report this problem to freetype developers.
http://bugs.winehq.org/show_bug.cgi?id=9840
--- Comment #4 from Sean Tsukasa1105@gmail.com 2007-09-30 14:37:35 --- I just checked all the .ttf files which crash it, and they all only display one character, so it is probably as you suspected. freetype-config --version shows my freetype version as being 9.16.3
Whats the link to the bug report you submitted?
http://bugs.winehq.org/show_bug.cgi?id=9840
Vitaliy Margolen vitaliy@kievinfo.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Attachment #8304|application/octet-stream |text/plain mime type| | Attachment #8304|FF_crashlog_fonts |FF_crashlog_fonts.txt filename| |
http://bugs.winehq.org/show_bug.cgi?id=9840
--- Comment #5 from Sean Tsukasa1105@gmail.com 2007-09-30 20:55:02 --- (In reply to comment #4)
I just checked all the .ttf files which crash it, and they all only display one character, so it is probably as you suspected. freetype-config --version shows my freetype version as being 9.16.3
Whats the link to the bug report you submitted?
I realized that 9.16.3 is the tools version, I have freetype 2.3.5 installed.
http://bugs.winehq.org/show_bug.cgi?id=9840
--- Comment #6 from Dmitry Timoshkov dmitry@codeweavers.com 2007-09-30 21:08:11 --- If notepad doesn't crash then please generate a +relay,+seh+tid,+font log, compress it with 'bzip2 -9' and attach here.
I haven't filed a bug, just have written a e-mail to freetype-devel ml pointing to this bug, described the source of the problem, and sent a hack to freetype.
http://bugs.winehq.org/show_bug.cgi?id=9840
--- Comment #7 from Sean Tsukasa1105@gmail.com 2007-09-30 21:23:40 --- (In reply to comment #6)
If notepad doesn't crash then please generate a +relay,+seh+tid,+font log, compress it with 'bzip2 -9' and attach here.
I haven't filed a bug, just have written a e-mail to freetype-devel ml pointing to this bug, described the source of the problem, and sent a hack to freetype.
Im not quite sure how to generate that log... can you elaborate? Also a link to the hack or some instructions on how to get freetype to ignore cmap with platform id 0 would be nice... there are a dozen or so people waiting for a fix, if hackish
http://bugs.winehq.org/show_bug.cgi?id=9840
--- Comment #8 from Sean Tsukasa1105@gmail.com 2007-09-30 21:32:19 --- Nevermind, I got a response in the #winehackers channel about how to create the log, and I am attaching it.
http://bugs.winehq.org/show_bug.cgi?id=9840
--- Comment #9 from Sean Tsukasa1105@gmail.com 2007-09-30 21:33:04 --- Created an attachment (id=8326) --> (http://bugs.winehq.org/attachment.cgi?id=8326) Log of wine's notepad with the bad font
http://bugs.winehq.org/show_bug.cgi?id=9840
--- Comment #10 from Dmitry Timoshkov dmitry@codeweavers.com 2007-10-01 04:32:47 ---
Created an attachment (id=8326)
--> (http://bugs.winehq.org/attachment.cgi?id=8326) [details]
Log of wine's notepad with the bad font
According to the log notepad doesn't crash. Please generate a log for your application which shows the crash.
Also a link to the hack or some instructions on how to get freetype to ignore cmap with platform id 0 would be nice... there are a dozen or so people waiting for a fix, if hackish
I sent a patch to wine-patches which makes an Apple Unicode charmap a lower priority over other platform ones:
http://www.winehq.org/pipermail/wine-patches/2007-October/044605.html
Also Freetype developers today have added a workaround to this problem to Freetype CVS.
http://bugs.winehq.org/show_bug.cgi?id=9840
--- Comment #11 from Sean Tsukasa1105@gmail.com 2007-10-01 14:39:07 --- I compiled and installed freetype2 from cvs and the crash still happens. I am currently compressing the tail'ed 300mb or so from the game crashing from the font log (the original is 1.7GB). The log was generated using the non-cvs freetype2. Hopefully I can upload it later tonight, compression is taking a while.
http://bugs.winehq.org/show_bug.cgi?id=9840
--- Comment #12 from Sean Tsukasa1105@gmail.com 2007-10-01 15:37:08 --- Got the log compressed. This expands to a 270mb tail'ed log file of the FF font crash. If you need more data tell me.
http://www.sendspace.com/file/ef1x0g
http://bugs.winehq.org/show_bug.cgi?id=9840
--- Comment #13 from Dmitry Timoshkov dmitry@codeweavers.com 2007-10-01 22:42:04 ---
Got the log compressed. This expands to a 270mb tail'ed log file of the FF font crash. If you need more data tell me.
There is no crash in the log. Is there a single line that starts with "seh:" or "Starting debugger" in the original not truncated log?
http://bugs.winehq.org/show_bug.cgi?id=9840
--- Comment #14 from Sean Tsukasa1105@gmail.com 2007-10-02 00:03:26 --- No there isn't. Although, this may not be a Wine crash per se rather then a Halflife 2 crash due to freetype. I finished compressing the entire log, here it is:
http://www.sendspace.com/file/fzkb7l
I tried to compile your patch and try it out, currently im stuck at a runtime error of the GIT wine not finding my libgl installation... i'll figure it out and tell you how it goes.
http://bugs.winehq.org/show_bug.cgi?id=9840
--- Comment #15 from Dmitry Timoshkov dmitry@codeweavers.com 2007-10-02 01:44:33 ---
No there isn't.
Then there is no any crash at all.
I tried to compile your patch and try it out, currently im stuck at a runtime error of the GIT wine not finding my libgl installation... i'll figure it out and tell you how it goes.
There was a typo in my patch, I sent a fixed version today.
http://bugs.winehq.org/show_bug.cgi?id=9840
--- Comment #16 from Sean Tsukasa1105@gmail.com 2007-10-02 02:44:21 --- (In reply to comment #15)
No there isn't.
Then there is no any crash at all.
I tried to compile your patch and try it out, currently im stuck at a runtime error of the GIT wine not finding my libgl installation... i'll figure it out and tell you how it goes.
There was a typo in my patch, I sent a fixed version today.
Well, the game terminates upon loading the font. I call that a crash, perhaps you don't. I am just observing the physical outcomes here. I recompiled against your updated patch and still no luck; I think this is an unrelated error with an environment variable being messed up on my computer or something of that variety (The Ubuntu apt-get wine install works fine, but GIT compiled gives the libgl error, even without your patch). If you compiled a patched wine version and packaged it into a debian file I could run that, though. In the meantime I will still be lurking around the irc channels trying to find exactly what is going wrong for me in compiling GIT wine.
http://bugs.winehq.org/show_bug.cgi?id=9840
Dmitry Timoshkov dmitry@codeweavers.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Summary|Font file (ttf) causes fatal|Font file (ttf) causes |Fortress Forever crash |Fortress Forever start up | |failure
--- Comment #17 from Dmitry Timoshkov dmitry@codeweavers.com 2007-10-02 04:08:51 --- The crash is the crash, not a misbehaviour of some kind.
How did you figure out that the app doesn't start due to fonts?
http://bugs.winehq.org/show_bug.cgi?id=9840
--- Comment #18 from Sean Tsukasa1105@gmail.com 2007-10-02 11:05:23 --- Fonts are there, it crashes. I rename the fonts to .ttf_old, effectively removing them, it launches. This bug has been confirmed elsewhere too (http://www.fortress-forever.com/forum/showthread.php?t=11453) (http://ubuntuforums.org/showthread.php?t=550478).
I'll create a log one more time and grep for a crash just in case I accidentally logged it when the fonts weren't present. I'll also see if I can somehow better isolate where it crashes.
http://bugs.winehq.org/show_bug.cgi?id=9840
--- Comment #19 from Sean Tsukasa1105@gmail.com 2007-10-04 20:58:25 --- http://www.sendspace.com/file/9ylrae
Try this log out, its from GIT wine with your patch applied to it. I had a second terminal output the date and time to the log file every second. Some times of interest which you can grep for is around 19:41:30 (when the game launched), and 19:47:07 (about the time of the crash). Also, the crash starts on line 70142661 (Starting debugger...).
Sorry for the delay, I reformatted my Linux installation to fix the compilation problems I was having.
http://bugs.winehq.org/show_bug.cgi?id=9840
--- Comment #20 from Dmitry Timoshkov dmitry@codeweavers.com 2007-10-07 02:54:48 --- Looks like this log is not available anymore.
http://bugs.winehq.org/show_bug.cgi?id=9840
--- Comment #21 from Sean Tsukasa1105@gmail.com 2007-10-07 03:54:12 --- Just checked it, downloaded just fine for me. You sure you can't access it?
Here's another mirror: http://www.megafileupload.com/en/file/14649/wine-log-txt-gz.html
http://bugs.winehq.org/show_bug.cgi?id=9840
--- Comment #22 from Dmitry Timoshkov dmitry@codeweavers.com 2007-10-07 08:29:43 --- Finally I was able to download the log. But the log doesn't have all the requested information. You used only +relay channel instead of all requested ones.
If you could regenerate the log, leave about 10000 lines before and after the line "Starting debugger", compress the log with 'bzip2 -9' attach it here that would be nice.
http://bugs.winehq.org/show_bug.cgi?id=9840
--- Comment #23 from Sean Tsukasa1105@gmail.com 2007-10-07 14:06:18 --- Done. I think last time I c/p'd the debug level without looking at it, you forgot a comma
http://bugs.winehq.org/show_bug.cgi?id=9840
--- Comment #24 from Sean Tsukasa1105@gmail.com 2007-10-07 14:07:16 --- Created an attachment (id=8448) --> (http://bugs.winehq.org/attachment.cgi?id=8448) +relay+seh+tid+font crash log
http://bugs.winehq.org/show_bug.cgi?id=9840
--- Comment #25 from Dmitry Timoshkov dmitry@codeweavers.com 2007-10-10 06:05:45 --- I'm sorry for the typo in the command line sample.
New log looks absolutely different to the very first one, and there is no a clear sign what's wrong. I'm not sure how to interpret the difference between the logs: perhaps it's due to different snapshots of Wine you used, perhaps that's because of a memory corruption of some sort. If that's the latter, it will be pretty hard to debug remotely.
http://bugs.winehq.org/show_bug.cgi?id=9840
--- Comment #26 from Dmitry Timoshkov dmitry@codeweavers.com 2007-10-10 06:09:59 --- A larger window of the log might shed some light. Could you please send an extended window of the log, say with bzipp'ed size of 3 Mb.
http://bugs.winehq.org/show_bug.cgi?id=9840
--- Comment #27 from Sean Tsukasa1105@gmail.com 2007-10-10 14:53:35 --- http://www.megafileupload.com/en/file/15525/wine-log-extended-3mb-txt-bz2.ht...
There you go
http://bugs.winehq.org/show_bug.cgi?id=9840
--- Comment #28 from Dmitry Timoshkov dmitry@codeweavers.com 2007-10-11 08:50:20 --- The new crash log makes me think that I have found the source of the problem,
The crash that leads to the debugger invocation is caused by a bug in the app's code which handles an unexpected exception, so the debugger output is usless.
An unexpected exception that leads to all bad things seems to happen in the following log fragment:
0045:Call gdi32.GetGlyphOutlineA(000004f8,00000050,00000006,0034d2a0,00000058,0034d23c,0034d2c4) ret=0d5627e5 0045:trace:font:GdiGetCodePage charset 0 => cp 1252 0045:trace:font:FONT_mbtowc mapped "P" -> L"P" 0045:trace:font:GetGlyphOutlineW (0x4f8, 0050, 0006, 0x34d2a0, 88, 0x34d23c, 0x34d2c4) 0045:trace:font:WineEngGetGlyphOutline 0x1d7978, 0050, 00000006, 0x34d2a0, 00000058, 0x34d23c, 0x34d2c4 0045:trace:font:WineEngGetGlyphOutline Vec 0,704 0045:trace:font:WineEngGetGlyphOutline Vec 0,0 0045:trace:font:WineEngGetGlyphOutline Vec 448,704 0045:trace:font:WineEngGetGlyphOutline Vec 448,0 0045:trace:font:WineEngGetGlyphOutline transformed box: (0,704 - 448,0) 0045:Ret gdi32.GetGlyphOutlineA() retval=00000058 ret=0d5627e5 0045:trace:seh:raise_exception code=c0000005 flags=0 addr=0xfffffff 0045:trace:seh:raise_exception info[0]=00000000 0045:trace:seh:raise_exception info[1]=0fffffff 0045:trace:seh:raise_exception eax=0000000d ebx=0d5f42a8 ecx=0ab55f00 edx=27ffffff esi=00000e00 edi=0000000d 0045:trace:seh:raise_exception ebp=0034e180 esp=0034d324 cs=0073 ds=007b es=007b fs=0033 gs=003b flags=00010216
6 == GGO_GRAY8_BITMAP
To me it looks like an app receives a bitmap for transformed "P" character and crashes while trying to decode the data.
Unfortunately the log doesn't contain the attributes of the font to provide full information in order to reproduce the problem. Can you please generate another log with +font,+seh,+tid, compress it, and attach here?
http://bugs.winehq.org/show_bug.cgi?id=9840
--- Comment #29 from Sean Tsukasa1105@gmail.com 2007-10-11 20:29:50 --- Created an attachment (id=8529) --> (http://bugs.winehq.org/attachment.cgi?id=8529) full +font,+seh,+tid wine log
http://bugs.winehq.org/show_bug.cgi?id=9840
--- Comment #30 from Sean Tsukasa1105@gmail.com 2007-10-16 20:42:41 --- Need anything else?
http://bugs.winehq.org/show_bug.cgi?id=9840
--- Comment #31 from Austin English austinenglish@gmail.com 2008-04-15 01:15:17 --- Is this still an issue in current (0.9.59 or newer) wine?
http://bugs.winehq.org/show_bug.cgi?id=9840
--- Comment #32 from Luke Bratch l_bratch@yahoo.co.uk 2008-04-16 01:28:40 --- Sean, do not reply to wine-bugs, post in Bugzilla. Email read:
"Not sure, I'll try to find some time to test it in the next week."
http://bugs.winehq.org/show_bug.cgi?id=9840
Austin English austinenglish@gmail.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|UNCONFIRMED |RESOLVED Resolution| |ABANDONED
--- Comment #33 from Austin English austinenglish@gmail.com 2008-10-23 15:53:57 --- Abandoned.
http://bugs.winehq.org/show_bug.cgi?id=9840
Austin English austinenglish@gmail.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |CLOSED
--- Comment #34 from Austin English austinenglish@gmail.com 2008-10-23 15:55:04 --- Closing abandoned.
http://bugs.winehq.org/show_bug.cgi?id=9840
Bill.Pearce ke4gmk@mindspring.com changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |ke4gmk@mindspring.com
-
wine-bugs@winehq.org