[Bug 35367] New: Cyberlink Powerdirector 8 crashes during media scan (Wine ole32 code must take implicit MTA into account)
wine-bugs at winehq.org
wine-bugs at winehq.org
Sat Jan 11 08:10:53 CST 2014
https://bugs.winehq.org/show_bug.cgi?id=35367
Bug ID: 35367
Summary: Cyberlink Powerdirector 8 crashes during media scan
(Wine ole32 code must take implicit MTA into account)
Product: Wine
Version: 1.7.10
Hardware: x86
OS: Linux
Status: NEW
Severity: normal
Priority: P2
Component: ole32
Assignee: wine-bugs at winehq.org
Reporter: focht at gmx.net
Classification: Unclassified
Hello folks,
Prerequisite: 'winetricks -q mfc42'
Upon startup the app shows a registration dialog with some options:
* "Buy Now"
* "Activate"
* "Try Now"
After selecting "Try Now" the app continues loading and starts importing some
media files.
"Activation" feature also works (tested with some code found here and there).
There is a crash (heap corruption) in libxml2/msxml during media import.
This is a different problem which can be worked around with 'winetricks -q
msxml3'.
This bug is about the COM/OLE part of media import crash.
Relevant part of trace log:
--- snip ---
$ pwd
/home/focht/.wine/drive_c/Program Files/CyberLink/PowerDirector
$ WINEDEBUG=+tid,+seh,+relay,+ole,+variant wine ./PDR8.exe >>log2.txt 2>&1
...
0016:Call shlwapi.PathFileExistsW(0430b2e4 L"C:\\Program
Files\\CyberLink\\PowerDirector\\SampleClips\\ntsc\\Nature.mpg") ret=02cb0bbd
...
0016:Ret shlwapi.PathFileExistsW() retval=00000001 ret=02cb0bbd
0016:Call ole32.CoCreateInstance(02ce6e68,00000000,00000007,02ce6e38,0275b5b4)
ret=02cb5171
0016:trace:ole:CoCreateInstance (rclsid={889ca1c3-e115-47e1-88ec-20df644e982a},
pUnkOuter=(nil), dwClsContext=00000007,
riid={38df9356-47c1-40ef-89ce-af1d019b0baa}, ppv=0x275b5b4)
0016:trace:ole:apartment_addref 2e0000cafe: before = 8
0016:trace:ole:apartment_release 2e0000cafe: after = 8
0016:trace:ole:CoGetClassObject CLSID:
{889ca1c3-e115-47e1-88ec-20df644e982a},IID:
{00000001-0000-0000-c000-000000000046}
0016:trace:ole:apartment_addref 2e0000cafe: before = 8
...
0016:warn:ole:CoGetClassObject class {889ca1c3-e115-47e1-88ec-20df644e982a} not
registered as in-proc server
...
0016:warn:ole:CoGetClassObject class {889ca1c3-e115-47e1-88ec-20df644e982a} not
registered in-proc handler
0016:trace:ole:apartment_release 2e0000cafe: after = 8
0016:trace:ole:RPC_GetLocalClassObject
rclsid={889ca1c3-e115-47e1-88ec-20df644e982a},
iid={00000001-0000-0000-c000-000000000046}
0016:trace:ole:RPC_GetLocalClassObject waiting for
L"\\\\.\\pipe\\{889CA1C3-E115-47E1-88EC-20DF644E982A}"
0016:Call KERNEL32.WaitNamedPipeW(0275b228
L"\\\\.\\pipe\\{889CA1C3-E115-47E1-88EC-20DF644E982A}",ffffffff) ret=7e773bc3
0016:Ret KERNEL32.WaitNamedPipeW() retval=00000001 ret=7e773bc3
0016:Call KERNEL32.CreateFileW(0275b228
L"\\\\.\\pipe\\{889CA1C3-E115-47E1-88EC-20DF644E982A}",c0000000,00000000,00000000,00000003,00000000,00000000)
ret=7e773c04
0016:Ret KERNEL32.CreateFileW() retval=00000914 ret=7e773c04
0016:Call KERNEL32.ReadFile(00000914,0275b158,000000c8,0275b220,00000000)
ret=7e773e29
0016:Ret KERNEL32.ReadFile() retval=00000001 ret=7e773e29
0016:trace:ole:RPC_GetLocalClassObject read marshal id from pipe
...
0016:trace:ole:RPC_GetLocalClassObject unmarshalling local server
0016:trace:ole:CoUnmarshalInterface (0x4365a08,
{6d5140c1-7436-11ce-8034-00aa006009fa}, 0x275b13c)
...
0016:trace:ole:get_unmarshaler_from_stream Using standard unmarshaling
0016:Call ntdll.RtlAllocateHeap(00110000,00000000,00000010) ret=7e75bf7e
0016:Ret ntdll.RtlAllocateHeap() retval=043fd2f8 ret=7e75bf7e
0016:trace:ole:StdMarshalImpl_UnmarshalInterface
(...,{6d5140c1-7436-11ce-8034-00aa006009fa},....)
0016:err:ole:StdMarshalImpl_UnmarshalInterface Apartment not initialized
0016:err:ole:CoUnmarshalInterface IMarshal::UnmarshalInterface failed,
0x800401f0
...
0016:trace:ole:CoUnmarshalInterface completed with hr 0x800401f0
0016:trace:seh:raise_exception code=c0000005 flags=0 addr=0x7e7740f4
ip=7e7740f4 tid=0016
0016:trace:seh:raise_exception info[0]=00000000
0016:trace:seh:raise_exception info[1]=000003de
0016:trace:seh:raise_exception eax=000003de ebx=7e854000 ecx=0275b100
edx=0275ef8c esi=0275ecc5 edi=0275eb8c
0016:trace:seh:raise_exception ebp=0275b378 esp=0275b100 cs=0023 ds=002b
es=002b fs=0063 gs=006b flags=00210286
--- snip ---
"{889ca1c3-e115-47e1-88ec-20df644e982a}" is registered as out-of-process COM
server:
--- snip ---
CLSID: {889CA1C3-E115-47E1-88EC-20DF644E982A}
LOCAL SERVER: %ROOT%\PROGRA~1\CYBERL~1\SHARED~1\RICHVI~1.EXE
TYPELIB: {D37B5B2C-8D1B-4832-89E4-6FCE903B3A18}
VERSION IND. PROGID: RichVideo.RVInterface
--- snip ---
The problem most likely stems from crappy vendor code. The thread in question
that ought to instantiate the COM object never explicitly initializes its COM
apartment.
>From my experience in 99% of the cases the developers forgot the call to
CoInitializeEx() on thread entry and the reason why this works for native is
the so called implicit MTA.
Basically another thread in the process called CoInitializeEx(0,
COINIT_MULTITHREADED), which means that the thread which forgot to call
CoInitializeEx() was implicitly placed in the MTA (the app creates a crapload
of threads).
I had to change quite some code to make a proof-of-concept.
There is various code in Wine ole32 that makes use of COM_CurrentApt() which
doesn't take implicit MTA into account.
--- snip ---
# modified: dlls/ole32/compobj.c
# modified: dlls/ole32/marshal.c
# modified: dlls/ole32/rpc.c
--- snip ---
The app/thread was finally able to instantiate the out-of-process COM server
and make COM calls.
Media files were successfully imported and movies/images showed up in some
thumbnail-like view.
$ sha1sum cyberlink2220_vde09070801.exe
2fbc508b971332872b68761ea0d56803c5d122bd cyberlink2220_vde09070801.exe
$ du -sh cyberlink2220_vde09070801.exe
236M cyberlink2220_vde09070801.exe
$ wine --version
wine-1.7.10-343-g770d09d
Regards
--
Do not reply to this email, post in Bugzilla using the
above URL to reply.
You are receiving this mail because:
You are watching all bug changes.
More information about the wine-bugs
mailing list