RFC [PATCH] ddraw: Prevent refcount underflow
Vincent Pelletier
plr.vincent at gmail.com
Sun Sep 26 05:01:33 CDT 2010
Hi.
Attached patch fixes a problem with Beetle Crazy Cup's VideoSetup.exe, which
hangs at exit because some code tries to free ddraw surface on which a
refcount underflow happened earlier in the execution.
Executing it with winedbg shows that the first call causing the underflow is
triggered from game's binary:
Stopped on breakpoint 3 at 0x7ed494fc ddraw1_Release+0x2c
[/home/vincent/git/wine/dlls/ddraw/ddraw.c:476] in ddraw
476 ULONG ref = InterlockedDecrement(&ddraw->ref1);
Wine-dbg>print ddraw->ref1
0
Wine-dbg>bt
Backtrace:
=>0 0x7ed494fc ddraw1_Release+0x2c(iface=0x129e10)
[/home/vincent/git/wine/dlls/ddraw/ddraw.c:476] in ddraw (0x0033fd24)
1 0x00401d2c in videosetup (+0x1d2b) (0x0033fd5c)
2 0x0040342b in videosetup (+0x342a) (0x0033fd84)
3 0x004034f5 in videosetup (+0x34f4) (0x0033fda0)
4 0x00402f65 in videosetup (+0x2f64) (0x0033fe04)
5 0x00404a4e in videosetup (+0x4a4d) (0x0033fe90)
6 0x7b8565bc call_process_entry+0xb() in kernel32 (0x0033fea8)
7 0x7b8565bc call_process_entry+0xb() in kernel32 (0x0033fee8)
8 0x7b858a9b start_process+0x5a(peb=0x536430)
[/home/vincent/git/wine/dlls/kernel32/process.c:994] in kernel32 (0x0033fef8)
9 0x7bc715f0 call_thread_func+0xb() in ntdll (0x0033ffc8)
10 0x7bc717c0 call_thread_entry_point+0x6f(entry=0x7b858a40, arg=0x7ffdf000)
[/home/vincent/git/wine/dlls/ntdll/signal_i386.c:2473] in ntdll (0x0033ffe8)
11 0x7bc4cefa start_process+0x29(kernel_start=0x7b858a40)
[/home/vincent/git/wine/dlls/ntdll/loader.c:2610] in ntdll (0x00000000)
Points on which I would like opinions:
- getting rid of the magic number
- need to check after InterlockedDecrement (in doubt I did, but the code is
much less readable this way)
- couldn't it actually hide a refcount problem in wine ?
- if not, then would it be good to extend to other refcounts aswell or include
in [a local wrapper for] InterlockedDecrement ?
Regards,
---
dlls/ddraw/ddraw.c | 6 +++++-
1 files changed, 5 insertions(+), 1 deletions(-)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-ddraw-Prevent-refcount-underflow.patch
Type: text/x-patch
Size: 677 bytes
Desc: not available
URL: <http://www.winehq.org/pipermail/wine-devel/attachments/20100926/00b01429/attachment.bin>
More information about the wine-devel
mailing list