[Bug 38162] New: Winemenubuilder occasionally crashes during WINEPREFIX update (race between placeholder icon extraction and placeholder update)
https://bugs.winehq.org/show_bug.cgi?id=38162
Bug ID: 38162 Summary: Winemenubuilder occasionally crashes during WINEPREFIX update (race between placeholder icon extraction and placeholder update) Product: Wine Version: 1.7.37 Hardware: x86 OS: Linux Status: NEW Severity: normal Priority: P2 Component: programs Assignee: wine-bugs@winehq.org Reporter: focht@gmx.net Distribution: ---
Hello folks,
split off from bug 19241
André unfortunately reopened that bug with this different issue.
I've seen this rarely on my machines too but didn't find it interesting enough to investigate - until now.
--- snip --- Unhandled exception: page fault on read access to 0x00480244 in 32-bit code (0x7ed7c950). Register dump: CS:0023 SS:002b DS:002b ES:002b FS:0063 GS:006b EIP:7ed7c950 ESP:0033f8e0 EBP:0033f9d8 EFLAGS:00010216( R- -- I -A-P- ) EAX:00480240 EBX:7ed92000 ECX:0033f9e0 EDX:0033f99c ESI:0033fd80 EDI:00000000 Stack dump: 0x0033f8e0: 00000000 7b8c1000 0012d4f0 00110000 0x0033f8f0: 7bcd3000 0033f9e0 0033f938 0033f920 0x0033f900: 7b8c1000 0033f9e0 0033f938 0001fcd4 0x0033f910: 7bcdbf44 00460000 00000000 00000000 0x0033f920: 00110000 00000002 0033f950 00000000 0x0033f930: 0033f9e0 00000000 0033f968 7bc70efa 000c: sel=0067 base=00000000 limit=00000000 16-bit r-x Backtrace:
=>0 0x7ed7c950 add_module_icons_to_stream+0x6c(iconData16=(nil), hModule=0x460001, grpIconDir=0x480240) [/home/focht/projects/wine/wine.repo/src/programs/winemenubuilder/winemenubuilder.c:651] in winemenubuilder (0x0033f9d8)
1 0x7ed7da2d open_module_icon+0x29b(szFileName="C:\windows\system32\winhlp32.exe", nIndex=0, ppStream=0x33fad8) [/home/focht/projects/wine/wine.repo/src/programs/winemenubuilder/winemenubuilder.c:914] in winemenubuilder (0x0033fa68)
2 0x7ed7e12c open_icon+0x2a(filename="C:\windows\system32\winhlp32.exe", index=0, bWait=0, ppStream=0x33fad8) [/home/focht/projects/wine/wine.repo/src/programs/winemenubuilder/winemenubuilder.c:1056] in winemenubuilder (0x0033faa8)
3 0x7ed7e962 extract_icon+0xb0(icoPathW="C:\windows\system32\winhlp32.exe", index=0, destFilename=0x0(nil), bWait=0) [/home/focht/projects/wine/wine.repo/src/programs/winemenubuilder/winemenubuilder.c:1370] in winemenubuilder (0x0033fb08)
4 0x7ed82d00 generate_associations+0x6a5(xdg_data_home="/home/focht/.local/share", packages_dir="/home/focht/.local/share/mime/packages", applications_dir="/home/focht/.local/share/applications") [/home/focht/projects/wine/wine.repo/src/programs/winemenubuilder/winemenubuilder.c:2677] in winemenubuilder (0x0033fc68)
5 0x7ed85d72 RefreshFileTypeAssociations+0x284() [/home/focht/projects/wine/wine.repo/src/programs/winemenubuilder/winemenubuilder.c:3367] in winemenubuilder (0x0033fce8)
6 0x7ed86dcf wWinMain+0x102(hInstance=<couldn't compute location>,
22 0xf7406963 __libc_start_main+0xf2() in libc.so.6 (0x00000000) 0x7ed7c950 add_module_icons_to_stream+0x6c [/home/focht/projects/wine/wine.repo/src/programs/winemenubuilder/winemenubuilder.c:651] in winemenubuilder: movzwl 0x4(%eax),%eax 651 for (i = 0; i < grpIconDir->idCount; i++) Modules: Module Address Debug info Name (53 modules) PE 53000000-530b4000 Deferred windowscodecs ELF 7b800000-7ba67000 Dwarf kernel32<elf> -PE 7b810000-7ba67000 \ kernel32 ELF 7bc00000-7bcf0000 Dwarf ntdll<elf> -PE 7bc10000-7bcf0000 \ ntdll ELF 7bf00000-7bf04000 Dwarf <wine-loader> ... Threads: process tid prio (all id:s are in hex) ... 0000000c (D) C:\windows\system32\winemenubuilder.exe 0000000d 0 <== --- snip ---
'winemenubuilder' is started asynchronously before the prefix update via 'RunServices' registry key.
The prefix update rewrites Wine's builtin placeholders in the prefix. Since 'winemenubuilder' was started asynchronously, it might still populate placeholders at this time, mapping them into memory and extracting icon resources.
Source: http://source.winehq.org/git/wine.git/blob/cbc8f3c81148079a17f4062fb9bad6569...
--- snip --- 876 hModule = LoadLibraryExW(szFileName, 0, LOAD_LIBRARY_AS_DATAFILE); --- snip ---
-> FILE_SHARE_READ
This doesn't prevent concurrently running processes to write to the placeholder files which indeed happens by rundll32's processing of 'wine.inf'.
In rare situations, Winemenubuilder hits the jackpot - being affected from the concurrent rewrite of the placeholder while peeking at the in-memory image (PE/resource directory entries).
Source: http://source.winehq.org/git/wine.git/blob/57c54bc9ad1e13ee7cd730b2ffb4df834...
--- snip --- 1236 ProcessRunKeys( HKEY_LOCAL_MACHINE, RunServicesOnceW, TRUE, FALSE ); 1237 1238 if (init || (kill && !restart)) 1239 { 1240 ProcessRunKeys( HKEY_LOCAL_MACHINE, RunServicesW, FALSE, FALSE ); 1241 start_services_process(); 1242 } 1243 if (init || update) update_wineprefix( update ); ... --- snip ---
A solution to prevent this race is to move the asynchronous execution of 'winemenubuilder' after the prefix update (which runs synchronously).
This also avoids the situation where 'winemenubuilder' manages to extract potentially outdated icon resources before the placeholders are overwritten by newer versions with different icons.
Regards
https://bugs.winehq.org/show_bug.cgi?id=38162
Austin English austinenglish@gmail.com changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |austinenglish@gmail.com
https://bugs.winehq.org/show_bug.cgi?id=38162
amigad rams1@iinet.net.au changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |rams1@iinet.net.au
--- Comment #1 from amigad rams1@iinet.net.au --- Parts of my Wine are disappearing, incl. desktop shortcuts! Maybe due to same or similar problem or HDD failure?! I can only access 'm thru 'show hidden files' or POL. to get to .wine/...
https://bugs.winehq.org/show_bug.cgi?id=38162
fjfrackiewicz@gmail.com changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |fjfrackiewicz@gmail.com
--- Comment #2 from fjfrackiewicz@gmail.com --- This still happens for me especially when updating a prefix I haven't updated in a while...
https://bugs.winehq.org/show_bug.cgi?id=38162
--- Comment #3 from Anastasius Focht focht@gmx.net --- Hello folks,
--- quote --- This still happens for me especially when updating a prefix I haven't updated in a while... --- quote ---
yep, the race is still present for me too during update of older prefixes. Same backtrace and analysis still applies.
$ wine --version wine-2.15-74-g083e61fddf
Regards
https://bugs.winehq.org/show_bug.cgi?id=38162
Anastasius Focht focht@gmx.net changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution|--- |WORKSFORME
--- Comment #4 from Anastasius Focht focht@gmx.net --- Hello folks,
haven't see this in a while, although the code hasn't changed so the problem is potentially still present.
https://source.winehq.org/git/wine.git/history/HEAD:/programs/winemenubuilde...
https://source.winehq.org/git/wine.git/history/HEAD:/programs/wineboot/wineb...
I've tried to reproduce with a small script that switches between different versions before triggering WINEPREFIX updates. Using 'inotify' tool to capture/watch the updates in real time but no avail. Tried with clean WINEPREFIX and a more "heavyweight" one with .NET Framework 2.0 and 4.0 installed.
'prefix_update_test.sh'
--- snip --- #!/bin/bash
update_prefix() { version=$1 ( export PATH=/home/focht/projects/wine/mainline-install-$version-x86_64/bin:$PATH echo "### triggering prefix update with Wine version $version ###" # process starts: add +timestamp,+process WINEDEBUG=-all, wineboot -u && wineserver -w ) }
let i=0 while :; do let i++ dt=$(date '+%F %T') echo -e "\n### $dt loop iteration $i ###" update_prefix "1.7.43" update_prefix "3.14" update_prefix "2.15" update_prefix "4.3" done --- snip ---
--- snip --- bash test.sh
### 2019-03-18 18:22:38 loop iteration 1 ### ### triggering prefix update with Wine version 1.7.43 ### wine: configuration in '/home/focht/.wine' has been updated. wine: configuration in '/home/focht/.wine' has been updated. ### triggering prefix update with Wine version 3.14 ### wine: configuration in '/home/focht/.wine' has been updated. wine: configuration in '/home/focht/.wine' has been updated. ### triggering prefix update with Wine version 2.15 ### wine: configuration in '/home/focht/.wine' has been updated. wine: configuration in '/home/focht/.wine' has been updated. ### triggering prefix update with Wine version 4.3 ### wine: configuration in '/home/focht/.wine' has been updated. wine: configuration in '/home/focht/.wine' has been updated.
### 2019-03-18 18:23:07 loop iteration 2 ### ### triggering prefix update with Wine version 1.7.43 ### wine: configuration in '/home/focht/.wine' has been updated. wine: configuration in '/home/focht/.wine' has been updated. ### triggering prefix update with Wine version 3.14 ### wine: configuration in '/home/focht/.wine' has been updated. wine: configuration in '/home/focht/.wine' has been updated. ### triggering prefix update with Wine version 2.15 ### wine: configuration in '/home/focht/.wine' has been updated. wine: configuration in '/home/focht/.wine' has been updated. ### triggering prefix update with Wine version 4.3 ### wine: configuration in '/home/focht/.wine' has been updated. wine: configuration in '/home/focht/.wine' has been updated. ... --- snip ---
--- snip --- $ inotifywait -m -r --timefmt '%F %T' --format '%T %e %w%f' .wine/drive_c/ Setting up watches. Beware: since -r was given, this may take a while! Watches established. ... 2019-03-18 18:14:17 OPEN .wine/drive_c/windows/rundll.exe 2019-03-18 18:14:17 ACCESS .wine/drive_c/windows/rundll.exe 2019-03-18 18:14:17 MODIFY .wine/drive_c/windows/rundll.exe 2019-03-18 18:14:17 MODIFY .wine/drive_c/windows/rundll.exe 2019-03-18 18:14:17 CLOSE_WRITE,CLOSE .wine/drive_c/windows/rundll.exe 2019-03-18 18:14:17 OPEN .wine/drive_c/windows/twain.dll 2019-03-18 18:14:17 ACCESS .wine/drive_c/windows/twain.dll 2019-03-18 18:14:17 MODIFY .wine/drive_c/windows/twain.dll 2019-03-18 18:14:17 MODIFY .wine/drive_c/windows/twain.dll 2019-03-18 18:14:17 CLOSE_WRITE,CLOSE .wine/drive_c/windows/twain.dll 2019-03-18 18:14:17 OPEN .wine/drive_c/windows/twain_32.dll 2019-03-18 18:14:17 ACCESS .wine/drive_c/windows/twain_32.dll 2019-03-18 18:14:17 MODIFY .wine/drive_c/windows/twain_32.dll 2019-03-18 18:14:17 MODIFY .wine/drive_c/windows/twain_32.dll 2019-03-18 18:14:17 CLOSE_WRITE,CLOSE .wine/drive_c/windows/twain_32.dll 2019-03-18 18:14:17 OPEN .wine/drive_c/windows/winhelp.exe 2019-03-18 18:14:17 ACCESS .wine/drive_c/windows/winhelp.exe 2019-03-18 18:14:17 MODIFY .wine/drive_c/windows/winhelp.exe 2019-03-18 18:14:17 MODIFY .wine/drive_c/windows/winhelp.exe 2019-03-18 18:14:17 CLOSE_WRITE,CLOSE .wine/drive_c/windows/winhelp.exe 2019-03-18 18:14:17 OPEN .wine/drive_c/windows/winhlp32.exe 2019-03-18 18:14:17 ACCESS .wine/drive_c/windows/winhlp32.exe 2019-03-18 18:14:17 MODIFY .wine/drive_c/windows/winhlp32.exe 2019-03-18 18:14:17 MODIFY .wine/drive_c/windows/winhlp32.exe 2019-03-18 18:14:17 CLOSE_WRITE,CLOSE .wine/drive_c/windows/winhlp32.exe ... --- snip ---
If you still encounter it, you might reopen. In that case please provide some more details, i.e. old Wine version (if you remember it), current Wine version, any specifics to the WINEPREFIX that was updated etc.
$ wine --version wine-4.4-1-gc29bababef
Regards
https://bugs.winehq.org/show_bug.cgi?id=38162
André H. nerv@dawncrow.de changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |nerv@dawncrow.de Status|RESOLVED |CLOSED
--- Comment #5 from André H. nerv@dawncrow.de --- closing worksforme
-
wine-bugs@winehq.org