wine-bugs November 2007

wine-bugs@winehq.org

19 participants
2259 discussions

[Bug 10417] New: OLEAUT32: crash if >128 methods in an interface
by wine-bugs＠winehq.org 05 Jan '16

05 Jan '16

http://bugs.winehq.org/show_bug.cgi?id=10417 Summary: OLEAUT32: crash if >128 methods in an interface Product: Wine Version: 0.9.49. Platform: Macintosh OS/Version: Mac OS X 10.5 Status: UNCONFIRMED Severity: normal Priority: P1 Component: wine-ole AssignedTo: wine-bugs(a)winehq.org ReportedBy: mjk(a)cardbox.com This bug was encountered in build cxoffice-6.2.0rc1-2-g024be42 of Wine (part of CrossOver Mac). The bug has been identified in the current source code at http://source.winehq.org/source/dlls/oleaut32/tmarshal.c. Using any marshaled interface with more than 128 methods causes a crash within OLEAUT32 if any method at position >=128 is called. This was detected when using Cardbox (http://www.cardbox.com) and is a SHOW-STOPPER because it makes the use of VBScript macros impossible. However, the bug is completely general and applies to any application at all that has interfaces with large number of methods. It is quite possible that many random OLE / COM - related bugs that have already been reported have this bug as their underlying cause. The version of Cardbox on which the bug was found is more recent than the one currently available on the web site. If anyone wants to have a copy for testing, together with instructions for reproducing the crash, please contact me. LOCATION OF THE BUG The bug is in dlls/oleaut32/tmarshal.c. When constructing a proxy interface, PSFacBuf_CreateProxy at line #1712 constructs the following proxy code for each method: popl %eax pushl <nr> pushl %eax call xCall lret <n> (+4) where <nr> is the position of the method in the list of methods: 0, 1, 2, and so on. The pushl <nr> instruction is defined by following code: 374 BYTE pushlval; // set to 0x6a by line #1712 375 BYTE nr; The fact that the method position is a byte already limits the maximum size of an interface to 256 methods, which is less than the 512-method limit of Windows NT4.0 SP3, and the 1024-method limit of Windows 2000: see "MIDL2362" in http://msdn2.microsoft.com/en-us/library/aa366756.aspx for details. Thus this needs to be corrected in any case. The proxy code as it stands will call method 0 instead of method 256, method 1 instead of method 257, and so on, leading to random behaviour and possible stack corruption. The crash when method 128 is called has a different cause. The proxy for method 128 contains the instruction 6A 80, because the programmer thought that this would push 00000080 onto the stack. In fact the PUSH instruction with opcode 6A SIGN-EXTENDS its operand and does not zero-extend it. Thus the proxy for the 128th method pushes FFFFFF80 onto the stack before calling xCall. xCall interprets this as a negative number (-128) and thus attempts to synthesize a call not to method 128 but to a non-existent method -128. In the same way it will call method -127 instead of method 129,... and so on. SUGGESTED CORRECTION The very simple correction to this bug, which is guaranteed to work, is to alter line 375 to 375 DWORD nr; and line 1712 to 1712 xasm->pushlval = 0x68; which expects a 32-bit operand rather than an 8-bit one. This will result in every proxy using 15 bytes per method instead of 12 bytes. This does not seem an excessive price to pay for complete reliability in the future: there will then be no limit to the number of methods that can be supported. ALTERNATIVE CORRECTIONS If the 25% expansion in proxy size is considered unacceptable (it should not really be: proxies are small) then there are several ways round the problem. An increase to 256 methods could be achieved simply by adding a line at the very beginning of xCall: method &= 0xff; but this would HAVE to be accompanied by an explicit test for the method count limit (now 256) in PSFacBuf_CreateProxy so that the attempt to create a proxy with too methods would simply fail rather than (as now) generate a proxy that will randomly crash the application. Another approach would be to create dummy functions (in assembler) that would add 128, 256, 384, 512, etc to the 'method' argument before forwarding it on to xCall. In that case, method numbers after 127 would generate proxies that called one of the variant xCalls instead of the original one. The programming in PSFacBuf_CreateProxy would be relatively straightforward, and the dummy functions would not need to do any stack manipulation: they would simply add an offset to the DWORD at [ESP+8] and then JMP straight to the start of xCall. This would *still* give a finite limit to the number of methods, but the limit would be much larger. Again, good engineering practice dictates that PSFacBuf_CreateProxy should report an error if it encounters a number of methods beyond the number that it was designed to cope with. -- Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are watching all bug changes.

1 11

[Bug 10536] New: ITypeInfo_fnInvoke failed to convert param 0 to VT_BOOL from VT_BSTR
by wine-bugs＠winehq.org 05 Jan '16

05 Jan '16

http://bugs.winehq.org/show_bug.cgi?id=10536 Summary: ITypeInfo_fnInvoke failed to convert param 0 to VT_BOOL from VT_BSTR Product: Wine Version: 0.9.49. Platform: PC URL: http://uniqlo.jp/uniqlock OS/Version: Linux Status: UNCONFIRMED Severity: enhancement Priority: P2 Component: wine-ole AssignedTo: wine-bugs(a)winehq.org ReportedBy: fnjordy(a)gmail.com Uniqlock screensaver doesn't display anything, presumably it might be related to the Wine output: in CSoundUtils constructor: fixme:win:WIN_CreateWindowEx Parent is HWND_MESSAGE err:ole:ITypeInfo_fnInvoke failed to convert param 0 to VT_BOOL from VT_BSTR -- Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are watching all bug changes.

1 4

[Bug 9919] New: Microsoft Access Snapshot Viewer 10.0 install fails
by wine-bugs＠winehq.org 04 Dec '15

04 Dec '15

http://bugs.winehq.org/show_bug.cgi?id=9919 Summary: Microsoft Access Snapshot Viewer 10.0 install fails Product: Wine Version: 0.9.46. Platform: Other URL: http://www.microsoft.com/downloads/details.aspx?familyid =B73DF33F-6D74-423D-8274-8B7E6313EDFB&displaylang=en OS/Version: other Status: NEW Keywords: download, Installer Severity: enhancement Priority: P2 Component: wine-misc AssignedTo: wine-bugs(a)winehq.org ReportedBy: dank(a)kegel.com md5sum: 2aec4a3c7a1c928deeb7d1e9b8779bb2 snpvw.exe The installer aborts with "A setup initialization file has been corrupted." The installer seems to be a win16 app. -- Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are watching all bug changes.

1 24

[Bug 9491] New: CListCtrl:GetSubItemRect doesn't work for the label row
by wine-bugs＠winehq.org 04 Dec '15

04 Dec '15

http://bugs.winehq.org/show_bug.cgi?id=9491 Summary: CListCtrl:GetSubItemRect doesn't work for the label row Product: Wine Version: 0.9.44. Platform: PC OS/Version: Linux Status: UNCONFIRMED Severity: minor Priority: P2 Component: wine-comctl32 AssignedTo: wine-bugs(a)winehq.org ReportedBy: bgp(a)cs.elte.hu When I call CListCtrl::GetSubItemRect with m_item = -1, it supposed to handle the label row. It works in windows. Under wine, it doesn't work, ref will contain garbage. res = CListCtrl::GetSubItemRect(m_item,m_subitem,LVIR_BOUNDS,ref); -- Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are watching all bug changes.

1 19

[Bug 10346] New: Cabelas Big Game Hunter 3 fails with series of Direct Draw error Dialogs
by wine-bugs＠winehq.org 02 Dec '15

02 Dec '15

http://bugs.winehq.org/show_bug.cgi?id=10346 Summary: Cabelas Big Game Hunter 3 fails with series of Direct Draw error Dialogs Product: Wine Version: CVS/GIT Platform: PC OS/Version: Linux Status: UNCONFIRMED Severity: minor Priority: P2 Component: wine-directx-ddraw AssignedTo: wine-bugs(a)winehq.org ReportedBy: ead1234(a)hotmail.com When I try to launch Cabelas Big Game Hunter 3 I get a series of Direct Draw error dialog boxes. The first states unknown directdraw error, and the second says DDraw Unsupported. -- Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are watching all bug changes.

1 25

[Bug 9620] New: Bad pictures display in Pentax Photo Laboratory software
by wine-bugs＠winehq.org 02 Dec '15

02 Dec '15

http://bugs.winehq.org/show_bug.cgi?id=9620 Summary: Bad pictures display in Pentax Photo Laboratory software Product: Wine Version: 0.9.3. Platform: PC OS/Version: Linux Status: UNCONFIRMED Severity: normal Priority: P2 Component: wine-binary AssignedTo: wine-bugs(a)winehq.org ReportedBy: rpbyc(a)w.tkb.pl Created an attachment (id=8011) --> (http://bugs.winehq.org/attachment.cgi?id=8011) A screenshot presenting the coloured strips on the preview window. There is a problem with proper display of an actually loaded picture in a preview window in the Pentax Photo Laboratory software, v. 3.0. Some part of the preview is always covered with a few coloured strips, and what is more, the strips influence the look of the histogram taken from the picture, so you do not really know how the histogram should really look... I attach a screenshot that represents the problem. -- Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are watching all bug changes.

1 23

[Bug 9597] New: Sony Digital Voice Editor 3 locks up when you try to play or convert an . msv file
by wine-bugs＠winehq.org 02 Dec '15

02 Dec '15

http://bugs.winehq.org/show_bug.cgi?id=9597 Summary: Sony Digital Voice Editor 3 locks up when you try to play or convert an .msv file Product: Wine Version: CVS/GIT Platform: Other URL: http://www.sony.jp/products/overseas/contents/support/do wnload/ OS/Version: other Status: NEW Keywords: download Severity: normal Priority: P2 Component: wine-quartz AssignedTo: wine-bugs(a)winehq.org ReportedBy: dank(a)kegel.com Sony "IC Recorder" ICD-SX57 digital voice recorder uses a proprietary format, .msv, and comes with "Sony Digital Voice Editor 3", an app to convert them to .mp3. (I believe you can download several versions of that app from the URL above, haven't tried that myself.) The app's installer completes, but Wine warns that MSCAT32.DLL was not found. Mike Hearn posted a patch that adds stubs for this, http://www.winehq.org/pipermail/wine-patches/2006-April/026116.html , so I updated it a bit, added two missing forwards, and now the app installs without warning. The next problem was a crash on startup, with backtrace starting with =>1 0x7e37a450 convert_888_to_565_asis+0x70(width=0x78, height=0x18, srcbits=0x4537888, srclinebytes=0x168, dstbits=0x7c081940, dstlinebytes=0xffffff10) [/home/dank/wine-git/dlls/winex11.drv/dib_convert.c:733] in winex11 (0x0033eed4) Now, that's an old friend, and a patch for it is in http://bugs.winehq.org/show_bug.cgi?id=7380#c16 With that patch, the app starts up and can find media properly. Once you've done all that, you come to the bug that is the subject of this report, namely, it crashes when you ask it to load a .msv file. First, Wine outputs a stream of warnings for about twenty seconds, saying over and over fixme:devenum:DEVENUM_ICreateDevEnum_CreateClassEnumerator Category {cc7bfb41-f175-11d1-a392-00e0291f3959} not found fixme:devenum:DEVENUM_ICreateDevEnum_CreateClassEnumerator Category {cc7bfb46-f175-11d1-a392-00e0291f3959} not found err:ole:CoGetClassObject class {e30629d1-27e5-11ce-875d-00608cb78066} not registered err:ole:CoGetClassObject no class object {e30629d1-27e5-11ce-875d-00608cb78066} could be created for context 0x1 err:quartz:GraphBuilder_Render Unable to create filter (80040154), trying next one and then finally crashing with err:seh:setup_exception stack overflow 160 bytes in thread 000d eip b7d3b573 esp 7cf39f60 stack 0x7cf3a000-0x7d04a000 -- Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are watching all bug changes.

1 14

[Bug 9435] New: MDI child window outside main window gives scrollbars
by wine-bugs＠winehq.org 27 Nov '15

27 Nov '15

http://bugs.winehq.org/show_bug.cgi?id=9435 Summary: MDI child window outside main window gives scrollbars Product: Wine Version: CVS/GIT Platform: Other OS/Version: Linux Status: UNCONFIRMED Severity: normal Priority: P2 Component: wine-user AssignedTo: wine-bugs(a)winehq.org ReportedBy: peter(a)cendio.se In Wine, if you move a MDI child window outside the borders of the main window, you'll get scrollbars. This does not happen in Windows. This causes problems with some applications which creates MDI child windows that occupies the entire main window area. In this case, scroll windows appears, which obscures parts of the MDI child. Tested with Wine as of 2007-08-23, using http://www.cendio.se/~astrand/wine/11-mdi-scrollbar/mdi1.exe. -- Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are watching all bug changes.

1 29

[Bug 9832] New: Crysis Beta cannot connect to servers
by wine-bugs＠winehq.org 23 Nov '15

23 Nov '15

http://bugs.winehq.org/show_bug.cgi?id=9832 Summary: Crysis Beta cannot connect to servers Product: Wine Version: 0.9.45. Platform: PC URL: http://www.fileplanet.com/144808/140000/fileinfo/Crysis- Beta-Client OS/Version: Linux Status: UNCONFIRMED Severity: normal Priority: P2 Component: wine-net AssignedTo: wine-bugs(a)winehq.org ReportedBy: l_bratch(a)yahoo.co.uk I have linked to the Beta, but I believe you may need a FilePlanet subscription to download. If so I can provide any traces or anything... The game gets as far as the server list, and can see all the servers and all the information about them, however never actually connects. All other networking functionality such as the built in chat works, except for connecting to servers. When you click connect, the terminal outputs this (every time): fixme:winsock:_remap_optname Unknown optname 22, can't remap! fixme:winsock:WS_setsockopt Unknown IPPROTO_IP optname 0x00000016 I'll attach the full +winsock output too, but it's very big which is why I pasted the seperately. -- Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are watching all bug changes.

1 34

[Bug 9953] New: Finereader Installation doesn't work
by wine-bugs＠winehq.org 21 Nov '15

21 Nov '15

http://bugs.winehq.org/show_bug.cgi?id=9953 Summary: Finereader Installation doesn't work Product: Wine Version: 0.9.46. Platform: PC-x86-64 URL: http://finereader.com OS/Version: Linux Status: UNCONFIRMED Severity: critical Priority: P2 Component: wine-kernel AssignedTo: wine-bugs(a)winehq.org ReportedBy: hias(a)kiwimail.de Created an attachment (id=8466) --> (http://bugs.winehq.org/attachment.cgi?id=8466) Finereader 9 Terminal Error Messages Hi, I already posted a bug about FineReader, but I made a misstake, so here is the right Bug: When installing Finereader 9 the Installation Wizards stops suddenly shortly before the ending when the message is something like: Installing Services The Error Log in the Terminal is below in the attachment. I have already tried to fix the problem by reinstalling wine, but the problem exists furthermore. -- Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are watching all bug changes.

1 34

Jump to page:

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

2003

2002

2001

wine-bugs November 2007