We need to make sure all (important) cleanup is finished when we exit DllMain, otherwise we might already unload krnl386 and deadlock Since we can't have a synchronous DestroyWindow, use an extra message
Wine-Bug: https://bugs.winehq.org/show_bug.cgi?id=52511 Signed-off-by: Fabian Maurer dark.shadow4@web.de
Code flow is like follows:
- DOSVM_Exit -> RtlExitUserThread -> LdrShutdownThread - acquire loader lock - send DLL_THREAD_DETACH to imm32 - - calls DestroyWindow on its window - - WM_DESTROY is handled asynchonously! - send DLL_THREAD_DETACH to krnl386.exe - - TASK_ExitTask - - try get win16 lock, is blocked by ime32
meanwhile, at ime32
- handles WM_DESTROY - already have win16 lock from user32 - __wine_ime_wnd_proc (WM_DESTROY) -> imm_couninit_thread -> CoRevokeInitializeSpy - LdrGetProcedureAddress (want CoRevokeInitializeSpy) - try get loader_lock, is blocked
Solution is to wait in ime32 DllMain until the cleanup as happened, aka CoRevokeInitializeSpy has finished.
-- v5: imm32: Prevent deadlock on unload
From: Fabian Maurer dark.shadow4@web.de
ole32 is delay loaded, which can cause race conditions against krnl386.exe when unloading. This is because imm32 tries to get the loader lock while holding the win16 mutex, and kernel386 does the opposite.
Wine-Bug: https://bugs.winehq.org/show_bug.cgi?id=52511 Signed-off-by: Fabian Maurer dark.shadow4@web.de --- dlls/imm32/imm.c | 14 ++++++++++++-- 1 file changed, 12 insertions(+), 2 deletions(-)
diff --git a/dlls/imm32/imm.c b/dlls/imm32/imm.c index 780d544c0e9..730b1cf8732 100644 --- a/dlls/imm32/imm.c +++ b/dlls/imm32/imm.c @@ -80,6 +80,9 @@ typedef struct _tagImmHkl{ DWORD (WINAPI *pImeGetImeMenuItems)(HIMC, DWORD, DWORD, IMEMENUITEMINFOW *, IMEMENUITEMINFOW *, DWORD); } ImmHkl;
+static HRESULT WINAPI (*pCoRevokeInitializeSpy)(ULARGE_INTEGER cookie); +static void WINAPI (*pCoUninitialize)(void); + typedef struct tagInputContextData { HIMC handle; @@ -249,7 +252,7 @@ static void imm_couninit_thread(BOOL cleanup)
if (cleanup && spy->cookie.QuadPart) { - CoRevokeInitializeSpy(spy->cookie); + pCoRevokeInitializeSpy(spy->cookie); spy->cookie.QuadPart = 0; }
@@ -261,7 +264,7 @@ static void imm_couninit_thread(BOOL cleanup) { spy->apt_flags &= ~IMM_APT_CREATED; if (spy->apt_flags & IMM_APT_CAN_FREE) - CoUninitialize(); + pCoUninitialize(); } if (cleanup) spy->apt_flags = 0; @@ -366,6 +369,13 @@ static void imm_coinit_thread(void)
TRACE("implicit COM initialization\n");
+ if (!pCoRevokeInitializeSpy) + { + HMODULE module_ole32 = GetModuleHandleA("ole32"); + pCoRevokeInitializeSpy = (void*)GetProcAddress(module_ole32, "CoRevokeInitializeSpy"); + pCoUninitialize = (void*)GetProcAddress(module_ole32, "CoUninitialize"); + } + if (!(spy = get_thread_coinit_spy())) { if (!(spy = HeapAlloc(GetProcessHeap(), 0, sizeof(*spy)))) return;
Hi,
It looks like your patch introduced the new failures shown below. Please investigate and fix them before resubmitting your patch. If they are not new, fixing them anyway would help a lot. Otherwise please ask for the known failures list to be updated.
The tests also ran into some preexisting test failures. If you know how to fix them that would be helpful. See the TestBot job for the details:
The full results can be found at: https://testbot.winehq.org/JobDetails.pl?Key=126567
Your paranoid android.
=== debian11 (32 bit report) ===
d3d8: stateblock: Timeout visual: Timeout
d3d9: d3d9ex: Timeout device: Timeout stateblock: Timeout visual: Timeout
d3dcompiler_43: asm: Timeout blob: Timeout hlsl_d3d11: Timeout hlsl_d3d9: Timeout reflection: Timeout
d3dcompiler_46: asm: Timeout blob: Timeout hlsl_d3d11: Timeout hlsl_d3d9: Timeout reflection: Timeout
d3dcompiler_47: asm: Timeout blob: Timeout hlsl_d3d11: Timeout hlsl_d3d9: Timeout reflection: Timeout
d3drm: d3drm: Timeout
Report validation errors: d3drm:vector timeout
=== debian11 (build log) ===
WineRunWineTest.pl:error: The task timed out
On Mon Nov 21 17:20:03 2022 +0000, Fabian Maurer wrote:
changed this line in [version 5 of the diff](/wine/wine/-/merge_requests/1456/diffs?diff_id=19980&start_sha=74e6bdaaf4b1ff6797021ef6d9b5cf1611c316d2#e1636e55e7589edf6f062150e93e6b31ab259317_574_578)
Thanks, that makes sense. That also gets rid of the test failure. Do we also need to clear the function pointers at some point? Not 100% sure how the delay load works regarding to unloading.
-
Fabian Maurer -
Fabian Maurer (@DarkShadow44)
-
Marvin