[Bug 17214] Proteus VX fails to install (VT_DISPATCH to VT_xxx conversion: uninitialized VARIANTARG passed to DISPID_VALUE invoke call)
wine-bugs at winehq.org
wine-bugs at winehq.org
Fri Feb 7 14:02:10 CST 2014
https://bugs.winehq.org/show_bug.cgi?id=17214
Anastasius Focht <focht at gmx.net> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |focht at gmx.net
Component|-unknown |oleaut32
Summary|Proteus VX fails to install |Proteus VX fails to install
| |(VT_DISPATCH to VT_xxx
| |conversion: uninitialized
| |VARIANTARG passed to
| |DISPID_VALUE invoke call)
--- Comment #12 from Anastasius Focht <focht at gmx.net> ---
Hello folks,
confirming ... a nasty one.
It seems the InstallShield script engine copies the 'out' value during
VarI4FromDisp() -> VARIANT_FromDisp() -> IDispatch_Invoke() using VariantCopy()
without initializing it first.
Wine passes an uninitialized stack based VARIANTARG (param ought to be 'out').
I added additional 'FIXME' traces around the invoke call to make it more
visible:
--- snip ---
$ WINEDEBUG=+tid,+seh,+relay,+ole,+variant wine ./setup.exe >>log.txt 2>&1
...
0039:Call oleaut32.VariantChangeType(003313bc,003313e4,00000000,00000003)
ret=010f1bde
0039:trace:variant:VariantChangeTypeEx
(0x3313bc->(VT_EMPTY),0x3313e4->(VT_DISPATCH),0x00000400,0x0000,VT_I4)
0039:trace:variant:VariantClear (0x3312c8->(VT_EMPTY))
0039:trace:variant:VariantClear (0x3312b8->(VT_EMPTY))
0039:trace:variant:VariantCopyInd
(0x3312b8->(VT_EMPTY),0x3313e4->(VT_DISPATCH))
0039:trace:variant:VariantCopy (0x3312b8->(VT_EMPTY),0x3313e4->(VT_DISPATCH))
0039:trace:variant:VariantClear (0x3312b8->(VT_EMPTY))
0039:trace:variant:VARIANT_Coerce
(0x3312c8->(VT_EMPTY),0x00000400,0x0000,0x3312b8->(VT_DISPATCH),VT_I4)
0039:fixme:variant:VARIANT_FromDisp emptyParams=0x7e60bd10, srcVar=0x331148
0039:Call oleaut32.VariantInit(003310dc) ret=011097ff
0039:trace:variant:VariantInit (0x3310dc)
0039:Ret oleaut32.VariantInit() retval=003310dc ret=011097ff
0039:Call oleaut32.VariantClear(003310dc) ret=010f15a9
0039:trace:variant:VariantClear (0x3310dc->(VT_EMPTY))
0039:Ret oleaut32.VariantClear() retval=00000000 ret=010f15a9
0039:Call oleaut32.VariantCopy(00331148,003310dc) ret=011098a1
0039:trace:variant:VariantCopy
(0x331148->(Invalid|VT_BYREF|VT_HARDTYPE),0x3310dc->(VT_I4))
0039:trace:variant:VariantClear (0x331148->(Invalid|VT_BYREF|VT_HARDTYPE))
0039:Ret oleaut32.VariantCopy() retval=80020008 ret=011098a1
0039:Call oleaut32.VariantClear(003310dc) ret=011098ad
0039:trace:variant:VariantClear (0x3310dc->(VT_I4))
0039:Ret oleaut32.VariantClear() retval=00000000 ret=011098ad
0039:fixme:variant:VARIANT_FromDisp hRet=0x80020008
0039:trace:variant:VariantClear (0x3312c8->(VT_EMPTY))
0039:trace:variant:VariantClear (0x3312b8->(VT_DISPATCH))
0039:trace:variant:VariantChangeTypeEx returning 0x80020005,
0x3313bc->(VT_EMPTY)
0039:Ret oleaut32.VariantChangeType() retval=80020005 ret=010f1bde
0039:Call KERNEL32.RaiseException(e06d7363,00000001,00000003,00331368)
ret=0110fb96
0039:trace:seh:raise_exception code=e06d7363 flags=1 addr=0x7b83a97b
ip=7b83a97b tid=0039
0039:trace:seh:raise_exception info[0]=19930520
0039:trace:seh:raise_exception info[1]=00331384
0039:trace:seh:raise_exception info[2]=01124b38
0039:trace:seh:raise_exception eax=7b8269e1 ebx=7b8bb000 ecx=19930520
edx=003312a4 esi=0033134c edi=00331310
0039:trace:seh:raise_exception ebp=003312e8 esp=00331284 cs=0023 ds=002b
es=002b fs=0063 gs=006b flags=00200283
--- snip ---
Debugging/snooping lets the installer succeed (different stack values).
Debugger callstack to show the invocation:
--- snip ---
Wine-dbg>bt
Backtrace:
=>0 0x094c972a in iscript (+0x1972a) (0x003311d8)
1 0x7e53bcf5 VarI4FromDisp+0x31(pdispIn=0x97ca058, lcid=0x400,
piOut=0x331310)
[/home/focht/projects/wine/wine.repo/src/dlls/oleaut32/vartype.c:1635] in
oleaut32 (0x00331208)
2 0x7e527e51 VARIANT_Coerce+0xbac(pd=0x331308, lcid=0x400, wFlags=0,
ps=0x3312f8, vt=0x3)
[/home/focht/projects/wine/wine.repo/src/dlls/oleaut32/variant.c:210] in
oleaut32 (0x00331298)
3 0x7e52b64c VariantChangeTypeEx+0x347(pvargDest=<couldn't compute location>,
pvargSrc=<couldn't compute location>, lcid=<couldn't compute location>,
wFlags=0, vt=0x3)
[/home/focht/projects/wine/wine.repo/src/dlls/oleaut32/variant.c:1047] in
oleaut32 (0x00331348)
4 0x7e52b2f5 VariantChangeType+0x55(pvargDest=<couldn't compute location>,
pvargSrc=<couldn't compute location>, wFlags=0, vt=0x3)
[/home/focht/projects/wine/wine.repo/src/dlls/oleaut32/variant.c:982] in
oleaut32 (0x00331388)
5 0x094b1bde in iscript (+0x1bdd) (0x003313d8)
6 0x094b3eb8 in iscript (+0x3eb7) (0x00331400)
...
--- snip ---
Source:
http://source.winehq.org/git/wine.git/blob/ca1a1d54c0d2bee13926a1edca789c09e0c35512:/dlls/oleaut32/vartype.c#l113
--- snip ---
113 /* Coerce VT_DISPATCH to another type */
114 static HRESULT VARIANT_FromDisp(IDispatch* pdispIn, LCID lcid, void* pOut,
115 VARTYPE vt, DWORD dwFlags)
116 {
117 static DISPPARAMS emptyParams = { NULL, NULL, 0, 0 };
118 VARIANTARG srcVar, dstVar;
119 HRESULT hRet;
120
121 if (!pdispIn)
122 return DISP_E_BADVARTYPE;
123
124 /* Get the default 'value' property from the IDispatch */
125 hRet = IDispatch_Invoke(pdispIn, DISPID_VALUE, &IID_NULL, lcid,
DISPATCH_PROPERTYGET,
126 &emptyParams, &srcVar, NULL, NULL);
127
128 if (SUCCEEDED(hRet))
...
--- snip ---
Initializing 'srcVar' before invoke call fixes this.
$ sha1sum ProteusVX.zip
99b8de9a0468540fd6210d47717c8c3d452434c6 ProteusVX.zip
$ du -sh ProteusVX.zip
66M ProteusVX.zip
$ wine --version
wine-1.7.11-322-gafadda8
Regards
--
Do not reply to this email, post in Bugzilla using the
above URL to reply.
You are receiving this mail because:
You are watching all bug changes.
More information about the wine-bugs
mailing list