[Bug 51496] New: On KDE riched20:editor triggers a clipboard infinite loop, crashing explorer.exe

WineHQ Bugzilla wine-bugs at winehq.org
Wed Jul 21 09:29:10 CDT 2021 

https://bugs.winehq.org/show_bug.cgi?id=51496

            Bug ID: 51496
           Summary: On KDE riched20:editor triggers a clipboard infinite
                    loop, crashing explorer.exe
           Product: Wine
           Version: unspecified
          Hardware: x86-64
                OS: Linux
            Status: NEW
          Severity: normal
          Priority: P2
         Component: -unknown
          Assignee: wine-bugs at winehq.org
          Reporter: fgouget at codeweavers.com
      Distribution: ---

Created attachment 70337
  --> https://bugs.winehq.org/attachment.cgi?id=70337
Minimal riched20:editor test to reproduce the crash

On my machine, running riched20:editor results in one of explorer.exe's threads
being terminated following a stack overflow caused by a clipboard infinite
loop:

0098:trace:clipboard:X11DRV_SelectionRequest got request on e00004 for
selection "CLIPBOARD" target "STRING" win 3af prop "STRING"
0098:trace:clipboard:OpenClipboard 00010040

0098:trace:clipboard:GetClipboardData (CF_UNICODETEXT)
0098:trace:clipboard:GetClipboardData status=0 data 00A127D8 size=0 seqno 10
0098:trace:clipboard:GetClipboardData render=1 from=CF_TEXT
0098:trace:clipboard:GetClipboardData calling render_synthesized_format
0098:trace:clipboard:render_synthesized_format (CF_UNICODETEXT, CF_TEXT)
0098:err:clipboard:render_synthesized_format calling GetClipboardData

0098:trace:clipboard:GetClipboardData (CF_TEXT)
0098:trace:clipboard:GetClipboardData status=0 data 00A127D8 size=0 seqno 8
0098:trace:clipboard:GetClipboardData render=1 from=CF_UNICODETEXT
0098:trace:clipboard:GetClipboardData calling render_synthesized_format
0098:trace:clipboard:render_synthesized_format (CF_TEXT, CF_UNICODETEXT)
0098:err:clipboard:render_synthesized_format calling GetClipboardData

0098:trace:clipboard:GetClipboardData (CF_UNICODETEXT)
0098:trace:clipboard:GetClipboardData status=0 data 00A127D8 size=0 seqno 10
0098:trace:clipboard:GetClipboardData render=1 from=CF_TEXT
0098:trace:clipboard:GetClipboardData calling render_synthesized_format
0098:trace:clipboard:render_synthesized_format (CF_UNICODETEXT, CF_TEXT)
0098:err:clipboard:render_synthesized_format calling GetClipboardData

0098:trace:clipboard:GetClipboardData (CF_TEXT)
...

This happens specifically on KDE because KDE's clipboard manager queries Wine's
clipboard content.



Notes:
* The TestBot Wine VM(s) do not run KDE or any form of clipboard manager which
is why they are not impacted.
* Since 308a5e7 the crash happens while explorer holds the "main process heap"
critical section causing it to be unresponsive from that point forward:

  006c:err:ntdll:RtlpWaitForCriticalSection section 00480094
"dlls/ntdll/heap.c: main process heap section" wait timed out in thread 006c,
blocked by 0098, retrying (60 sec)

* In turn this causes many timeouts in winetest.exe which is why my machine has
not been submitting results since then.
* This bug was already present before 308a5e7.
* At the time the stack overflow did not happen while the critical section was
being held so the consequences were not as far ranging which allowed
winetest.exe to complete (almost?) normally.

-- 
Do not reply to this email, post in Bugzilla using the
above URL to reply.
You are receiving this mail because:
You are watching all bug changes.

More information about the wine-bugs mailing list