[Bug 39732] New: A race in services.exe may lead to infinite loop with 100% cpu utilization
wine-bugs at winehq.org
wine-bugs at winehq.org
Thu Dec 3 05:37:51 CST 2015
https://bugs.winehq.org/show_bug.cgi?id=39732
Bug ID: 39732
Summary: A race in services.exe may lead to infinite loop with
100% cpu utilization
Product: Wine
Version: 1.8-rc2
Hardware: x86-64
OS: Linux
Status: NEW
Severity: normal
Priority: P2
Component: -unknown
Assignee: wine-bugs at winehq.org
Reporter: dmitry at baikal.ru
Distribution: ---
I have an application that installs 12 kernel drivers for various hardware
dongles the application may work with. Most of these drivers don't work in
Wine and simply crash, so I just moved c:\windows\system32\drivers out of
the way. Actually under Windows these drivers fail to load as well if they
couldn't find a supported hardware at startup, so removing them under Wine
simulates "no supported hardware" scenario, and simply matches the "load and
fail" way. The application works just fine without the drivers.
Time from time I observe a 100% cpu utilization (wineserver 15%, services.exe
85%). After quite a bit of investigation I've figured out a way to reliably
reproduce the problem.
How to reproduce:
1. Add a non-existent kernel driver entry to the registry (so that winedevice
fails to load it).
2. In order to 100% provoke a race add Sleep(100) right at the beginning
of programs/services/services.c,service_wait_for_startup().
The problem is that winedevice calls SetServiceStatus(SERVICE_STOPPED)
which adds service_terminate() to the timeout_queue list which is going
to be executed after a timeout. But service_terminate() is also called by
service_start() when a service fails to start. So, what happens is that
after service_terminate() call is queued by SetServiceStatus(), subsequent
service_terminate() from service_start() sets service->process = 0; and when
events_loop() fills out the handles array to wait for the process handle is
already 0 which leads to WaitForMultipleObjects() returning -1 (WAIT_FAILED)
because of an invalid handle, which causes events_loop() to not process the
wait queue and call WaitForMultipleObjects() again and again with the same
array of handles.
--
Do not reply to this email, post in Bugzilla using the
above URL to reply.
You are receiving this mail because:
You are watching all bug changes.
More information about the wine-bugs
mailing list