DirectXTK icon indicating copy to clipboard operation
DirectXTK copied to clipboard
verified publisher icon microsoft

Internal ID3DXFont crash (D3DX)

Open HSNB opened this issue 3 years ago • 13 comments

Hello,

I know this isn't the D3DX repository (doesn't exist afaik), but it's the closest thing to it. I have a (hopefully small) issue with ID3DXFont.

It sometimes crashes in d3dx9_43.dll (64-bit) at a consistent module offset of 0x252E9 which is in D3DXCore::CFont::PreloadBitmap().

Not crashing for me, but for a few others. I suspect it is loading a character glyph / font that doesn't exist or something and instead of safely exiting the function, it crashes on a memory write violation at basically null address.

The crash line assembly is: mov dword ptr ds:[r8],eax it's inside a nested loop inside the function at function offset 0x509 (D3DXCore::CFont::PreloadBitmap). (using x64dbg to analyze the offset)

Call Stack:

0000009a`cadbe880 00007ffa`ccf8480b     : 000001f7`f96cd050 0000009a`00000000 00000000`00000007 000001f7`00000010 : D3DX9_43!D3DXCore::CFont::PreloadBitmap+0x509
0000009a`cadbe9d0 00007ffa`ccf86201     : 00000000`1b010ca7 000001f7`f96f4970 00000000`00000000 000001f7`f96f3a40 : D3DX9_43!D3DXCore::CFont::Preload+0x1f3
0000009a`cadbea80 00007ffa`ccf84482     : 00000000`00000000 0000009a`cadbed69 000001f7`93c20000 00007ffb`1480901a : D3DX9_43!D3DXCore::CFont::DrawTextAW+0x971
0000009a`cadbecb0 00007ff6`427b5c94     : 00007ffa`95fd7a50 00000000`00000000 0000009a`cadbf600 000001f8`75268dd0 : D3DX9_43!D3DXCore::CFont::DrawTextW+0x3e
0000009a`cadbed20 00007ffa`95fd7a50     : 00000000`00000000 0000009a`cadbf600 000001f8`75268dd0 0000009a`cadbede0 : userapp+0x7d5c94
0000009a`cadbed28 00000000`00000000     : 0000009a`cadbf600 000001f8`75268dd0 0000009a`cadbede0 00007ffb`00000520 : d3d9!`string'

Registers:

rax=000000003affffff rbx=00007ffaccf60000 rcx=000000000000003a
rdx=0000000000000000 rsi=000001f7f96cd950 rdi=0000000000000003
rip=00007ffaccf852e9 rsp=0000009acadbe880 rbp=0000009acadbe980
 r8=00000000000003dc  r9=0000000000000003 r10=0000000000000007
r11=0000000000000003 r12=0000000000000003 r13=00000000000001b8
r14=0000000000000003 r15=0000000000000003
iopl=0         nv up ei pl nz na po nc
cs=0033  ss=002b  ds=002b  es=002b  fs=0053  gs=002b             efl=00010206

I'm fairly certain this is of no fault of the application (although hopefully it is so it'd actually be solvable...), but betting it must be internal.

From what I can see you have the D3DX source code so it'd be of great help if you could point me in any direction on how to avoid this crash from occurring. I tried force loading all fonts used by the app on the user's PC with AddFontResourceEx but it doesn't seem to fully solve it. I really suspect it's some kind of missing font/subfont (eg Arial Italic missing or something) or a special character causing a crash because it can't be preloaded.

Thanks so much for your time.

HSNB avatar Jul 25 '22 01:07 HSNB

Can you attach a .dmp file?

Also, are you using the SHA-256 signed version of D3DX9_43.DLL? See this post.

walbourn avatar Jul 25 '22 20:07 walbourn

Are you using IDirect3D9Ex?

walbourn avatar Jul 25 '22 22:07 walbourn

Support for Direct3D9Ex in D3DX9 is "hit & miss", so does it happen if they use D3D9?

walbourn avatar Jul 25 '22 22:07 walbourn

I didn't say it was 'incompatible'. My point was mostly that the D3DX9 library had a bunch of hacks for the differences between "IDirect3D9" and "IDirect3D9Ex" largely driven by the needs of tests during the Longhorn/Windows Vista era. It was never really validated in production scenarios, and games generally used legacy Direct3D 9 then moved to Direct3D 11 without using the "Ex" version. As such, the D3DX9 functionality is likely to be buggy.

The D3DX9 library itself has been deprecated since the release of Windows 8, as documented on Microsoft Docs. The only thing we've done to D3DX9 since the _43 June 2010 release was to "re-sign" the DLL using SHA-256. As such, continued use of the library is very much an "AS IS" scenario.

walbourn avatar Jul 26 '22 18:07 walbourn

The process of "open sourcing" the DirectX utility libraries has been underway for a long time, and the result is DirectX Tool Kit, DirectXTex, DirectXMesh, and UVAtlas which are under the MIT license. They are designed for DirectX 11 or later, so I realize they aren't easy for you to adopt in your scenario.

The only explicit D3D9 support I have currently is the DDSTextureLoader, ScreenGrab, and WICTextureLoader module in DirectXTex.

walbourn avatar Jul 26 '22 21:07 walbourn

Can you confirm that using Legacy Durect3D9 resolves the issue?

walbourn avatar Jul 27 '22 18:07 walbourn

What - what's with the title change?

NicusorN5 avatar Nov 26 '22 06:11 NicusorN5

From original poster:

It crashes in both D3D9 and D3D9Ex. The issue is because of rendering an italic font with special symbols, e.g. Chinese. pFont->DrawTextW( NULL, L"入", -1, pRect, 0, 0 ) will crash 100% of the time if the Font is italic.

walbourn avatar Nov 28 '22 21:11 walbourn