[PATCH 4/5] msi: Don't increment the refcount when creating dialogs.

Hans Leidekker hans at codeweavers.com
Thu Jul 6 03:20:26 CDT 2017 

On Wed, 2017-07-05 at 23:31 -0500, Zebediah Figura wrote:
> We should only ever have one dialog anyway, and this is destroyed
> when we close the package.

It causes a crash in a random installer here:

$ ./wine msiexec /i "XPSEP XP and Server 2003 32 bit.msi"
fixme:ntdll:NtLockFile I/O completion on lock not implemented yet
err:msi:msiobj_addref Invalid handle!
err:msi:msiobj_addref Invalid handle!
wine: Unhandled page fault on read access to 0x57e5896d at address 0x7ed68688 (thread 0009), starting debugger...
Unhandled exception: page fault on read access to 0x57e5896d in 32-bit code (0x7ed68688).
Register dump:
 CS:0023 SS:002b DS:002b ES:002b FS:0063 GS:006b
 EIP:7ed68688 ESP:0032d078 EBP:0032d088 EFLAGS:00210202(  R- --  I   - - - )
 EAX:57e5896d EBX:7edaf2f4 ECX:00151018 EDX:7ed686d0
 ESI:57e58949 EDI:00000045
Stack dump:
0x0032d078:  00150c40 7edaee74 00150c40 00150c40
0x0032d088:  0032d0e8 7ed6b4ae 7ed84b14 00000016
0x0032d098:  0032d0c8 7edaee40 4d430003 00000000
0x0032d0a8:  00000000 00000000 00000000 00000000
0x0032d0b8:  4d430000 0014947c 0000001c 7bc4fc76
0x0032d0c8:  0032d0f0 7edaf2f4 7edaee40 00150c40
Backtrace:
=>0 0x7ed68688 find_cached_table+0x28(db=<is not available>, name="EventMapping") [/home/hans/wine/dlls/msi/../../include/wine/unicode.h:216] in msi (0x0032d088)
  1 0x7ed6b4ae get_table+0x1d() in msi (0x0032d0e8)
  2 0x7ed6c9e8 TABLE_CreateView+0xe7(db=0x7edaee40, name="EventMapping", view=0x14946c) [/home/hans/wine/dlls/msi/table.c:2179] in msi (0x0032d128)
  3 0x7ed72857 WHERE_CreateView+0xe6(db=0x7edaee40, view=0x32d1e4, tables="EventMapping", cond=0x149400) [/home/hans/wine/dlls/msi/where.c:1242] in msi (0x0032d178)
fixme:dbghelp_dwarf:compute_location Only supporting one reg (ebp/22 -> -2)
  4 0x7ed75cd2 sql_parse+0xd71(info=0x32d9f4) [/home/hans/wine/dlls/msi/sql.y:506] in msi (0x0032d9d8)
  5 0x7ed763af MSI_ParseSQL+0x4e(db=0x7edaee40, command="SELECT * FROM `EventMapping` WHERE `Dialog_` = 'ProgressForm' AND `Control_` = 'NextButton'", phview=0x154370, mem=0x15437c) [/home/hans/wine/dlls/msi/sql.y:1002] in msi (0x0032da18)
  6 0x7ed49012 MSI_DatabaseOpenViewW+0x71() in msi (0x0032da58)
  7 0x7ed4911f MSI_OpenQuery+0x8e(db=0x7edaee40, view=0x32dac4, fmt="SELECT * FROM `EventMapping` WHERE `Dialog_` = '%s' AND `Control_` = '%s'") [/home/hans/wine/dlls/msi/msiquery.c:163] in msi (0x0032da98)
  8 0x7ed21ce2 dialog_map_events+0x31(dialog=<is not available>, control=<is not available>) [/home/hans/wine/dlls/msi/dialog.c:761] in msi (0x0032dad8)
  9 0x7ed26a9e msi_dialog_add_control+0xad(dialog=0x15e0b8, rec=0x154218, szCls="BUTTON", style=0x18010000) [/home/hans/wine/dlls/msi/dialog.c:791] in msi (0x0032db18)
  10 0x7ed28dfa msi_dialog_button_control+0xf9(dialog=0x15e0b8, rec=0x154218) [/home/hans/wine/dlls/msi/dialog.c:1011] in msi (0x0032db58)
  11 0x7ed22070 msi_dialog_create_controls+0xaf(rec=0x154218, param=0x15e0b8) [/home/hans/wine/dlls/msi/dialog.c:3475] in msi (0x0032db88)
  12 0x7ed49a2a MSI_IterateRecords+0x79(view=0x1f0e48, count=0x0(nil), func=0x7ed21fc0, param=0x15e0b8) [/home/hans/wine/dlls/msi/msiquery.c:188] in msi (0x0032dbd8)
  13 0x7ed264f2 MSIDialog_WndProc+0xb71(hwnd=<couldn't compute location>, msg=<couldn't compute location>, wParam=<couldn't compute location>, lParam=<couldn't compute location>) [/home/hans/wine/dlls/msi/dialog.c:3502] in msi (0x0032dcd8)
  14 0x7e9ee37a WINPROC_wrapper+0x19() in user32 (0x0032dd18)
  15 0x7e9ee9ba call_window_proc+0x49(hwnd=0x2005a, msg=0x1, wp=0, lp=0x32e050, result=0x32dde8, arg=0x7ed25980) [/home/hans/wine/dlls/user32/winproc.c:245] in user32 (0x0032dd68)
  16 0x7e9f0ce5 WINPROC_call_window+0xc4(hwnd=0x2005a, msg=0x1, wParam=0, lParam=0x32e050, result=0x32dde8, unicode=0x1, mapping=2124605252) [/home/hans/wine/dlls/user32/winproc.c:920] in user32 (0x0032ddb8)
  17 0x7e9b4b14 call_window_proc+0x63(hwnd=0x2005a, msg=0x1, wparam=0, lparam=0x32e050, unicode=0x1, same_thread=0x1, mapping=2124605252) [/home/hans/wine/dlls/user32/message.c:2224] in user32 (0x0032de18)
  18 0x7e9bbb0e send_message+0x1bd(info=0x32dea4, res_ptr=0x32dea0, unicode=0x1) [/home/hans/wine/dlls/user32/message.c:3269] in user32 (0x0032de88)
  19 0x7e9bbd61 SendMessageW+0x50(hwnd=<couldn't compute location>, msg=<couldn't compute location>, wparam=<couldn't compute location>, lparam=<couldn't compute location>) [/home/hans/wine/dlls/user32/message.c:3469] in user32 (0x0032ded8)
  20 0x7e9e54aa WIN_CreateWindowEx+0xba9(cs=0x32e050, className="MsiDialogCloseClass", module=(nil), unicode=0x1) [/home/hans/wine/dlls/user32/win.c:1641] in user32 (0x0032e038)
  21 0x7e9df098 CreateWindowExW+0x72(exStyle=<couldn't compute location>, className=<couldn't compute location>, windowName=<couldn't compute location>, style=<couldn't compute location>, x=<couldn't compute location>, y=<couldn't compute location>, width=<couldn't compute location>, height=<couldn't compute location>, parent=<couldn't compute location>, menu=<couldn't compute location>, instance=<couldn't compute location>, data=<couldn't compute location>) [/home/hans/wine/dlls/user32/win.c:1776] in user32 (0x0032e088)
  22 0x7ed231c6 dialog_run_message_loop+0x65() in msi (0x0032e0f8)
  23 0x7ed2ad43 event_do_dialog+0x42(package=0x13f538, name=<is not available>, parent=(nil), destroy_modeless=0x1) [/home/hans/wine/dlls/msi/dialog.c:4349] in msi (0x0032e128)
  24 0x7ed2c0e9 ACTION_DialogBox+0x48(package=0x13f538, dialog="ProgressForm") [/home/hans/wine/dlls/msi/dialog.c:4567] in msi (0x0032e168)
  25 0x7ed4c8ca MSI_ProcessMessage+0x5d9(package=0x13f538, eMessageType=INSTALLMESSAGE_SHOWDIALOG, record=0x146d60) [/home/hans/wine/dlls/msi/package.c:1794] in msi (0x0032f288)
  26 0x7ed2bfc7 ACTION_ShowDialog+0x76(package=0x13f538, dialog="ProgressForm") [/home/hans/wine/dlls/msi/dialog.c:4522] in msi (0x0032fac8)
  27 0x7ecfad88 ACTION_HandleCustomAction.part+0x77() in msi (0x0032faf8)
  28 0x7ed0ab3c ACTION_PerformUIAction+0xab() in msi (0x0032fb38)
  29 0x7ed0acdc ITERATE_Actions+0x13b(row=0x152b60, param=0x13f538) [/home/hans/wine/dlls/msi/action.c:499] in msi (0x0032fb78)
  30 0x7ed49a2a MSI_IterateRecords+0x79(view=0x146928, count=0x0(nil), func=0x7ed0aba0, param=0x13f538) [/home/hans/wine/dlls/msi/msiquery.c:188] in msi (0x0032fbc8)
  31 0x7ed0b463 MSI_InstallPackage+0x4f2(package=0x13f538, szPackagePath="XPSEP XP and Server 2003 32 bit.msi", szCommandLine=0x0(nil)) [/home/hans/wine/dlls/msi/action.c:604] in msi (0x0032fc18)
  32 0x7ed3dd51 MsiInstallProductW+0xc0(szPackagePath=<is not available>, szCommandLine=<is not available>) [/home/hans/wine/dlls/msi/msi.c:251] in msi (0x0032fc68)
  33 0x7efefbee WinMain+0x73d(hInstance=<is not available>, hPrevInstance=<is not available>, lpCmdLine=<is not available>, nCmdShow=<is not available>) [/home/hans/wine/programs/msiexec/msiexec.c:994] in msiexec (0x0032fd48)
  34 0x7efee904 main+0xc3(argc=<couldn't compute location>, argv=<couldn't compute location>) [/home/hans/wine/dlls/winecrt0/exe_main.c:49] in msiexec (0x0032fde8)
  35 0x7eff12ff __wine_spec_exe_entry+0x6e(peb=<couldn't compute location>) [/home/hans/wine/dlls/winecrt0/exe_entry.c:36] in msiexec (0x0032fe38)
  36 0x7b45ee6c call_process_entry+0xb() in kernel32 (0x0032fe58)
  37 0x7b45fe09 start_process+0x68(entry=<couldn't compute location>) [/home/hans/wine/dlls/kernel32/process.c:1116] in kernel32 (0x0032fe98)
  38 0x7bc7e5b0 call_thread_func_wrapper+0xb() in ntdll (0x0032feb8)
  39 0x7bc813a1 call_thread_func+0xb0(entry=0x7b45fda0, arg=0x7eff1290, frame=0x32ffc8) [/home/hans/wine/dlls/ntdll/signal_i386.c:2759] in ntdll (0x0032ffa8)
  40 0x7bc7e58e call_thread_entry_point+0x11() in ntdll (0x0032ffc8)
  41 0x7bc53473 start_process+0x12(arg=0xffaf6bd8) [/home/hans/wine/dlls/ntdll/loader.c:3083] in ntdll (0x0032ffe8)
  42 0xf757d81d wine_call_on_stack+0x1c() in libwine.so.1 (0x00000000)
  43 0xf757d980 wine_switch_to_stack+0x1f(func=0x7bc53460, arg=0xffaf6bd8, stack=0x330000) [/home/hans/wine/libs/wine/port.c:77] in libwine.so.1 (0xffaf6ba8)
  44 0x7bc5911a LdrInitializeThunk+0x239(kernel_start=<couldn't compute location>, unknown2=<couldn't compute location>, unknown3=<couldn't compute location>, unknown4=<couldn't compute location>) [/home/hans/wine/dlls/ntdll/loader.c:3144] in ntdll (0xffaf6bf8)
  45 0x7b465c33 __wine_kernel_init+0x962() [/home/hans/wine/dlls/kernel32/process.c:1310] in kernel32 (0xffaf7ae8)
  46 0x7bc59ee3 __wine_process_init+0x152() [/home/hans/wine/dlls/ntdll/loader.c:3353] in ntdll (0xffaf7b58)
  47 0xf757bbe3 wine_init+0x292(argc=0x4, argv=0xffaf8094, error="", error_size=0x400) [/home/hans/wine/libs/wine/loader.c:974] in libwine.so.1 (0xffaf7ba8)
  48 0x7c000aaa main+0x79(argc=<is not available>, argv=<is not available>) [/home/hans/wine/loader/main.c:258] in <wine-loader> (0xffaf7fe8)
  49 0xf739ea63 __libc_start_main+0xf2() in libc.so.6 (0x00000000)
0x7ed68688 find_cached_table+0x28 [/home/hans/wine/dlls/msi/../../include/wine/unicode.h:216] in msi: cmpw	0x24(%esi),%di
216	    while (*str1 && (*str1 == *str2)) { str1++; str2++; }

More information about the wine-devel mailing list