http://bugs.winehq.org/show_bug.cgi?id=20380
--- Comment #66 from Michael Builov mbuilov@gmail.com 2010-02-08 00:16:11 --- Created an attachment (id=26120) --> (http://bugs.winehq.org/attachment.cgi?id=26120) trace with WINEDEBUG=+all
Hello, seems i found where the bug is. Yes, it's access violation when writing to read-only DIB image. (look for the accesses to address 0x1dd0000 in attachment)
in short, the we have:
---> create DIB image to render screen to 0009:trace:bitmap:CreateDIBSection format (800,-600), planes 1, bpp 16, size 960000, RGB ---> then render to our DIB image 0009:trace:bitblt:BitBlt hdcSrc=0x714 0,0 -> hdcDest=0x5cc 0,0 800x600 rop=cc0020 0009:trace:bitblt:X11DRV_StretchBlt vissrc=0,0-800,600 visdst=0,0-800,600 0009:trace:bitmap:X11DRV_DIB_Lock Locking 0x710 from thread 0009 0009:trace:bitmap:X11DRV_DIB_Coerce GdiMod requested in status AppMod 0009:trace:bitmap:X11DRV_DIB_DoProtectDIBSection Changed protection from 4 to 2 ---> DIB image is read-only X11DRV_DIB_DoUpdateDIBSection(); 0009:trace:bitmap:X11DRV_DIB_DoCopyDIBSection Copying from DIB bits to Pixmap 0009:trace:bitmap:X11DRV_DIB_DoProtectDIBSection Changed protection from 2 to 1 ---> and here we have not-accessible DIB image 0009:trace:bitmap:X11DRV_DIB_Unlock Unlocking in status GdiMod 0009:trace:bitmap:X11DRV_DIB_DoProtectDIBSection Changed protection from 1 to 2 ---> but now DIB image only read-only! ---> and when we try to write 0009:trace:ddraw:IDirectDrawSurfaceImpl_Blt (0x1792d8)->(0x339ec4,0x1a71e8,0x339f98,1008000,(nil)) 0009:trace:d3d_surface:IWineD3DBaseSurfaceImpl_LockRect (0x1793d8) : rect@0x339c24 flags(00000000), output lockedRect@0x339c0c, memory@0x1dd0000 ---> we get SIGSEGV (address 01e54fe8 is within range 0x1dd0000-0x1ebb000) 0009:trace:seh:raise_exception code=c0000005 flags=0 addr=0x7ddacaf1 ip=7ddacaf1 tid=0009 0009:trace:seh:raise_exception info[0]=00000001 0009:trace:seh:raise_exception info[1]=01e54fe8 ---> in exception handler we try to restore access flags for read/write 0009:trace:bitmap:X11DRV_DIB_Coerce AppMod requested in status InSync 0009:trace:bitmap:X11DRV_DIB_DoProtectDIBSection Changed protection from 2 to 4 ---> ok, now DIB has r/w-access
This sequence (rw->r->no->r->seh->rw) is repeated again and again generating a log of exceptions and at some moment the program hangs. Disabling audio something helps, maybe because there is no additional threads created for audio processing, but access-violations don't disappear :)