search

ruabmbua / hidapi-rs

Rust bindings for the hidapi C library
MIT License
167 stars 80 forks source link

Crash on Windows in hidapi 1.3.2 on re-opening a device #77

Closed jfro closed 2 years ago

jfro commented 2 years ago

This was working in 1.3.0 & 1.2.7, only able to reproduce in 1.3.2. Our USB device we're talking to has a software reset command, where we issue it, close the device & attempt to reopen with a timeout until it responds, or timeout is hit. So basic code flow:

  1. Send HID message to software reset
  2. We drop the hidapi device to close it, retaining information about it for reopening it later
  3. sleep a moment then start attempting to open the device again in a timeout loop

In 1.3.2, the reopen attempts yield in a crash:


* thread #1, name = 'Main Thread', stop reason = Exception 0xc0000005 encountered at address 0x7ff9ea181d0f: Access violation reading location 0xfffffffffffffff0
  * frame #0: 0x00007ff9ea181d0f hid.dll
    frame #1: 0x00007ff7221d95a4 sw_reset.exe`hid_open_path(path=0x00000196b80aa4c0 "\\?\hid#vid_304c&pid_0001&mi_01#7&5a244bb&0&0000#{4d1e55b2-f16f-11cf-88cb-001111000030}") at hid.c:862
    frame #2: 0x00007ff721fc5abc sw_reset.exe`hidapi::HidApi::open_path(self=0x00007ff72227d020 {devices={buf={ptr={pointer=0x00000196b80b0ff0 {path={inner={data_ptr=0x00000196b80aa340 "\\?\hid#intc816&col01#3&36a7043c&0&0000#{4d1e55b2-f16f-11cf-88cb-001111000030}", length=79}}, serial_number={dataful_variant={__0={vec={buf={ptr={pointer=...}, ...}, ...}}}, ...}, ...}}, ...}, ...}, ...}) at lib.rs:206
    frame #3: 0x00007ff721fc6520 sw_reset.exe`hidapi::DeviceInfo::open_device(self=0x000000576bcfddc0 {path={inner={data_ptr=0x00000196b80aa4c0 "\\?\hid#vid_304c&pid_0001&mi_01#7&5a244bb&0&0000#{4d1e55b2-f16f-11cf-88cb-001111000030}", length=88}}, serial_number={variant0={__0={vec={buf={ptr={pointer=0x00000196b80a88a0 "11AD1D004CCE47033B2C0B00´\t0\x6"}, ...}, ...}}}, ...}, ...}, hidapi=0x00007ff72227d020 {devices={buf={ptr={pointer=0x00000196b80b0ff0 {path={inner={data_ptr=0x00000196b80aa340 "\\?\hid#intc816&col01#3&36a7043c&0&0000#{4d1e55b2-f16f-11cf-88cb-001111000030}", length=79}}, serial_number={dataful_variant={__0={vec={buf={ptr={pointer=...}, ...}, ...}}}, ...}, ...}}, ...}, ...}, ...}) at lib.rs:424
    frame #4: 0x00007ff721fb12f0 sw_reset.exe`luna::device::usbc::impl$4::open(self={info={path={inner={data_ptr=0x236469685c3f5c5c <error>, length=7148391505745701238}}, serial_number={variant0={__0={vec={buf={ptr={pointer=0x2331305f696d2631 <error>}, cap=7076338305489774135}, len=3472328296059905634}}}, variant1={__0={buf={ptr={pointer=0x2331305f696d2631 {...}}, ...}, ...}}, ...}, ...}, ...}) at mod.rs:323
    frame #5: 0x00007ff721fb04d8 sw_reset.exe`luna::device::usbc::LunaDeviceUSBC::close_and_reacquire(self=<unavailable>) at mod.rs:243
    frame #6: 0x00007ff721fb1b92 sw_reset.exe`luna::device::usbc::impl$5::sw_reset(self={info={path={inner={data_ptr=0x236469685c3f5c5c <error>, length=7148391505745701238}}, serial_number={variant0={__0={vec={buf={ptr={pointer=0x2331305f696d2631 <error>}, cap=7076338305489774135}, len=3472328296059905634}}}, variant1={__0={buf={ptr={pointer=0x2331305f696d2631 {...}}, ...}, ...}}, ...}, ...}, ...}) at mod.rs:542
    frame #7: 0x00007ff721fa572a sw_reset.exe`luna::device::impl$4::sw_reset(self={variant0={__0={info={path={inner={data_ptr=0x0000000000000000 <error>, length=???}}, serial_number={variant0={__0={vec={buf={ptr={pointer=0x0000000000000000 <error>}, cap=???}, len=???}}}, variant1={__0={buf={ptr={pointer=???}, cap=???}, len=???}}, variant2=...}, ...}, ...}}, ...}) at mod.rs:307
    frame #8: 0x00007ff721fa1a89 sw_reset.exe`sw_reset::main() at sw_reset.rs:27
    frame #9: 0x00007ff721fa137b sw_reset.exe`core::ops::function::FnOnce::call_once<void (*)(),tuple$<> >(=0x00007ff721fa16d0)()) at function.rs:227
    frame #10: 0x00007ff721fa11db sw_reset.exe`std::sys_common::backtrace::__rust_begin_short_backtrace<void (*)(),tuple$<> >(f=0x00007ff721fa16d0)()) at backtrace.rs:123
    frame #11: 0x00007ff721fa1f41 sw_reset.exe`std::rt::lang_start::closure$0<tuple$<> >(std::rt::lang_start::closure$0 *) at rt.rs:145```
ruabmbua commented 2 years ago

Looks like the only thing changed between 1.3.0 is updating the hidapi C library. I`ll try to reproduce the problem with some other usb device, hopefull I can find something that can do SW resets.

ruabmbua commented 2 years ago

Ok seems like a bug in the hidapi C library, already fixed: https://github.com/libusb/hidapi/pull/373

Will update the dependency.

ruabmbua commented 2 years ago

Ok I released hidapi v1.3.3, if you can, please test, and tell me if I can close this issue. Thanks for the report!

jfro commented 2 years ago

yup, 1.3.3 no longer crashes with our SW reset, thanks!