[Bug 26235] Pioneer DJs 1.6 hangs on startup (SetupDiEnumDeviceInterfaces needs to retain DeviceInterfaceData->cbSize upon reset)
wine-bugs at winehq.org
wine-bugs at winehq.org
Sun Mar 9 16:21:57 CDT 2014
https://bugs.winehq.org/show_bug.cgi?id=26235
Anastasius Focht <focht at gmx.net> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|UNCONFIRMED |NEW
CC| |focht at gmx.net
Component|-unknown |setupapi
Summary|Pioneer DJs: page fault on |Pioneer DJs 1.6 hangs on
|read access in MFC71.dll |startup
| |(SetupDiEnumDeviceInterface
| |s needs to retain
| |DeviceInterfaceData->cbSize
| |upon reset)
Ever confirmed|0 |1
Regression SHA1| |53b287530961beaaae89bd063bc
| |0d63ef41036ff
--- Comment #3 from Anastasius Focht <focht at gmx.net> ---
Hello folks,
confirming comment #2 - the app hangs on startup.
Trace log yields the following:
--- snip ---
$ pwd
/home/focht/.wine/drive_c/Program Files/Pioneer/DJS 1.0/DJS
$ WINEDEBUG=+tid,+seh,+relay,+setupapi wine ./DJS10.exe >>log.txt 2>&1
...
0024:Call PE DLL (proc=0x343b69,module=0x340000
L"MMPCOM.dll",reason=PROCESS_ATTACH,res=0x1)
...
0024:Ret PE DLL (proc=0x7e4eb1e0,module=0x7e4e0000
L"hid.dll",reason=PROCESS_ATTACH,res=0x1) retval=1
0024:Call PE DLL (proc=0x3537fe,module=0x350000
L"hidcom.dll",reason=PROCESS_ATTACH,res=0x1)
...
0024:Call KERNEL32.CreateFileA(0033e644
"\\\\.\\MMPCdc0",c0000000,00000003,00000000,00000003,00000000,00000000)
ret=003410b8
0024:Ret KERNEL32.CreateFileA() retval=ffffffff ret=003410b8
0024:Call KERNEL32.CreateFileA(0033e644
"\\\\.\\MMPCdc1",c0000000,00000003,00000000,00000003,00000000,00000000)
ret=003410b8
0024:Ret KERNEL32.CreateFileA() retval=ffffffff ret=003410b8
...
0024:Call setupapi.SetupDiGetClassDevsA(0033e5ec,00000000,00000000,00000012)
ret=0035195b
0024:trace:setupapi:SetupDiGetClassDevsExW
{4d1e55b2-f16f-11cf-88cb-001111000030} (null) (nil) 0x00000012 (nil) (null)
(nil)
0024:warn:setupapi:SetupDiGetClassDevsExW unsupported flags 00000002
0024:trace:setupapi:SetupDiCreateDeviceInfoListExW
{4d1e55b2-f16f-11cf-88cb-001111000030} (nil) (null) (nil)
0024:Call ntdll.RtlAllocateHeap(00110000,00000000,00000024) ret=7ea40a47
0024:Ret ntdll.RtlAllocateHeap() retval=001ca2e0 ret=7ea40a47
0024:Call advapi32.RegOpenKeyExW(80000002,7ea6b460
L"System\\CurrentControlSet\\Control\\DeviceClasses",00000000,00020019,0033e364)
ret=7ea4618e
0024:Ret advapi32.RegOpenKeyExW() retval=00000002 ret=7ea4618e
0024:trace:setupapi:SETUPDI_EnumerateInterfaces 0x1ca2e0,
{4d1e55b2-f16f-11cf-88cb-001111000030}, (null), 00000012
0024:Call ntdll.RtlFreeHeap(00110000,00000000,00000000) ret=7ea424ff
0024:Ret ntdll.RtlFreeHeap() retval=00000001 ret=7ea424ff
0024:Ret setupapi.SetupDiGetClassDevsA() retval=001ca2e0 ret=0035195b
0024:Call
setupapi.SetupDiEnumDeviceInterfaces(001ca2e0,00000000,0033e5ec,00000000,0033e5d0)
ret=00351988
0024:trace:setupapi:SetupDiEnumDeviceInterfaces 0x1ca2e0, (nil),
{4d1e55b2-f16f-11cf-88cb-001111000030}, 0, 0x33e5d0
0024:Ret setupapi.SetupDiEnumDeviceInterfaces() retval=00000000 ret=00351988
0024:Call KERNEL32.GetLastError() ret=00351a25
0024:Ret KERNEL32.GetLastError() retval=00000103 ret=00351a25
0024:Call KERNEL32.LocalAlloc(00000040,00000000) ret=00351513
0024:Ret KERNEL32.LocalAlloc() retval=001c1820 ret=00351513
0024:Call
setupapi.SetupDiEnumDeviceInterfaces(001ca2e0,00000000,0033e5ec,00000000,0033e5d0)
ret=00351a7c
0024:trace:setupapi:SetupDiEnumDeviceInterfaces 0x1ca2e0, (nil),
{4d1e55b2-f16f-11cf-88cb-001111000030}, 0, 0x33e5d0
0024:Ret setupapi.SetupDiEnumDeviceInterfaces() retval=00000000 ret=00351a7c
0024:Call KERNEL32.GetLastError() ret=00351b2e
0024:Ret KERNEL32.GetLastError() retval=00000057 ret=00351b2e
0024:Call
setupapi.SetupDiEnumDeviceInterfaces(001ca2e0,00000000,0033e5ec,00000001,0033e5d0)
ret=00351a7c
0024:trace:setupapi:SetupDiEnumDeviceInterfaces 0x1ca2e0, (nil),
{4d1e55b2-f16f-11cf-88cb-001111000030}, 1, 0x33e5d0
0024:Ret setupapi.SetupDiEnumDeviceInterfaces() retval=00000000 ret=00351a7c
0024:Call KERNEL32.GetLastError() ret=00351b2e
0024:Ret KERNEL32.GetLastError() retval=00000057 ret=00351b2e
0024:Call
setupapi.SetupDiEnumDeviceInterfaces(001ca2e0,00000000,0033e5ec,00000002,0033e5d0)
ret=00351a7c
0024:trace:setupapi:SetupDiEnumDeviceInterfaces 0x1ca2e0, (nil),
{4d1e55b2-f16f-11cf-88cb-001111000030}, 2, 0x33e5d0
0024:Ret setupapi.SetupDiEnumDeviceInterfaces() retval=00000000 ret=00351a7c
0024:Call KERNEL32.GetLastError() ret=00351b2e
0024:Ret KERNEL32.GetLastError() retval=00000057 ret=00351b2e
<endless repeating>
--- snip ---
The app searches for HID devices (managed by PnP device manager):
{4D1E55B2-F16F-11CF-88CB-001111000030} -> GUID_DEVINTERFACE_HID
MSDN:
http://msdn.microsoft.com/en-us/library/windows/hardware/ff545860%28v=vs.85%29.aspx
There is some code in app hidcom.dll that checks for:
vid = 08E4 (Pioneer)
pid = [0140,0141,0143]
Before coming to that part it enumerates devices using following code (reduced
snippet just to show the problem):
--- snip ---
...
00351A67 8D45 D0 LEA EAX,DWORD PTR SS:[EBP-30]
00351A6A 50 PUSH EAX
00351A6B FF75 C4 PUSH DWORD PTR SS:[EBP-3C]
00351A6E 8D45 EC LEA EAX,DWORD PTR SS:[EBP-14]
00351A71 50 PUSH EAX
00351A72 53 PUSH EBX
00351A73 FF75 CC PUSH DWORD PTR SS:[EBP-34]
00351A76 FF15 D4103500 CALL DWORD PTR SETUPAPI.SetupDiEnumDeviceInterfaces
00351A7C 85C0 TEST EAX,EAX
00351A7E 0F84 A4000000 JE hidcom.00351B28
...
00351B28 FF15 B0103500 CALL DWORD PTR DS:[<&KERNEL32.GetLastError>]
00351B2E 3D 03010000 CMP EAX,103 ; ERROR_NO_MORE_ITEMS
00351B33 74 30 JE SHORT hidcom.00351B65
00351B35 FF45 C4 INC DWORD PTR SS:[EBP-3C]
00351B38 E9 2AFFFFFF JMP hidcom.00351A67
--- snip ---
Poor error handling on app side and some Wine oversight results in endless
looping here.
In first call to SetupDiEnumDeviceInterfaces( member index = 0), Wine resets
DeviceInterfaceData (user supplied buffer) and returns ERROR_NO_MORE_ITEMS.
Source:
http://source.winehq.org/git/wine.git/blob/9c76ccfda124ca471b3de4d8a04aed1e15a6b9f2:/dlls/setupapi/devinst.c#l2770
--- snip ---
2770 BOOL WINAPI SetupDiEnumDeviceInterfaces(HDEVINFO DeviceInfoSet,
PSP_DEVINFO_DATA DeviceInfoData,
2771 const GUID *InterfaceClassGuid, DWORD MemberIndex,
2772 PSP_DEVICE_INTERFACE_DATA DeviceInterfaceData)
2773 {
...
2792 if (!DeviceInterfaceData ||
2793 DeviceInterfaceData->cbSize != sizeof(SP_DEVICE_INTERFACE_DATA))
2794 {
2795 SetLastError(ERROR_INVALID_PARAMETER);
2796 return FALSE;
2797 }
2798 /* In case application fails to check return value, clear output */
2799 memset(DeviceInterfaceData, 0, sizeof(*DeviceInterfaceData));
2800 if (DeviceInfoData)
...
--- snip ---
In the second call which ought to restart it (member index = 0), the app still
passes the _same_ buffer:
--- snip ---
p *DeviceInterfaceData
{cbSize=0, InterfaceClassGuid={Data1=0, Data2=0, Data3=0, Data4=""}, Flags=0,
Reserved=0}
--- snip ---
That of course doesn't work because 'DeviceInterfaceData->cbSize' member is now
zero due to previous 'reset' by Wine code.
Just from reading the code this looks like a regression if it worked earlier
(initial report by OP):
http://source.winehq.org/git/wine.git/commitdiff/53b287530961beaaae89bd063bc0d63ef41036ff
If you fix that -> DeviceInterfaceData->cbSize =
sizeof(SP_DEVICE_INTERFACE_DATA) the app starts fine and the even the initial
problem is gone.
I imported some mp3 files without crash.
$ sha1sum instdjs1601tr_en.exe
fb31a1caba42c56d19ef09713cdefe12ba9c126a instdjs1601tr_en.exe
$ du -sh instdjs1601tr_en.exe
54M instdjs1601tr_en.exe
$ wine --version
wine-1.7.14
Regards
--
Do not reply to this email, post in Bugzilla using the
above URL to reply.
You are receiving this mail because:
You are watching all bug changes.
More information about the wine-bugs
mailing list