Alex Villacís Lasso wrote:
I would like to draw attention to bug 4502. This bug can cause any VB application to crash when the DatePicker control is used, and an attempt is made to assign a date value in VB code. Even though I found this bug while testing an application I wrote, this might not be specific to this application. It is only recently that I have some time to dedicate to this bug, but I would like somebody to comment on this.
When the sample application is run with WINEDEBUG=ole,variant, the failing invocation looks like this:
trace:ole:ITypeInfo_fnInvoke (0x7fdd5440)(0x7fd9f61c,id=20,flags=0x00000004,0x7fa3ee8c,(nil),0x7fa3ee6c,0x7fa3ee9c)
trace:ole:dump_DispParms args=1 named args=1 trace:ole:dump_Variant 0x7fa3eef4->{VT_DATE(38788,0x7fa3ec7c) trace:variant:VarUdateFromDate (38788,0x00000000,0x7fa3ec36) trace:ole:dump_Variant ,2006/03/12 00:00:00} trace:ole:ITypeInfo_fnInvoke invoking: L"Value"(1) parm0: L"Value" memid is 00000014 Param 0: tdesc.vartype 12 (VT_VARIANT) u.paramdesc.wParamFlags PARAMFLAG_FIN u.paramdesc.lpex (nil) funckind: 1 (pure virtual) invkind: 4 (property put) callconv: 4 (stdcall) oVft: 224 cParamsOpt: 0 wFlags: 3c elemdescFunc (return value type): tdesc.vartype 25 (VT_HRESULT) u.paramdesc.wParamFlags PARAMFLAGS_NONE u.paramdesc.lpex (nil) helpstring: L"Returns/sets the current date." entry: (null) trace:ole:ITypeInfo_fnInvoke changing args trace:ole:dump_Variant 0x7fa3eef4->{VT_DATE(38788,0x7fa3ec7c) trace:variant:VarUdateFromDate (38788,0x00000000,0x7fa3ec36) trace:ole:dump_Variant ,2006/03/12 00:00:00} trace:variant:VariantChangeTypeEx (0x7fdd5520->(VT_DATE),0x7fa3eef4->(VT_DATE),0x00000400,0x0000,VT_VARIANT)
trace:variant:VariantClear (0x7fa3ec40->(VT_EMPTY)) trace:variant:VariantClear (0x7fa3ec30->(VT_EMPTY)) trace:variant:VariantCopyInd (0x7fa3ec30->(VT_EMPTY),0x7fa3eef4->(VT_DATE)) trace:variant:VariantCopy (0x7fa3ec30->(VT_EMPTY),0x7fa3eef4->(VT_DATE)) trace:variant:VariantClear (0x7fa3ec30->(VT_EMPTY)) trace:variant:VARIANT_Coerce (0x7fa3ec40->(VT_EMPTY),0x00000400,0x0000,0x7fa3ec30->(VT_DATE),VT_VARIANT)
trace:variant:VariantClear (0x7fa3ec40->(VT_EMPTY)) trace:variant:VariantClear (0x7fa3ec30->(VT_DATE)) trace:variant:VariantChangeTypeEx returning 0x80020005, 0x7fdd5520->(VT_DATE) err:ole:ITypeInfo_fnInvoke failed to convert param 0 to VT_VARIANT from VT_DATE trace:ole:ITypeInfo_fnInvoke -- 0x80020005
The Property Put seems to be declared as taking one VT_VARIANT parameter, and the VB code supplies a VT_DATE value. Therefore, an attempt is made to coerce VT_DATE --> VT_VARIANT. However, VariantChangeTypeEx() does not support conversion of *any* kind of variant into VT_VARIANT, so the call fails, and this brings down the application. I was on half a mind to add the VT_VARIANT conversion to VariantChangeTypeEx() myself, but then I checked the tests for this operation, and it seems that the absence of support for VT_VARIANT is actually expected (unless I am misreading the code). Therefore, one of the following two things is happening:
- There is some error in the reading of the typelib, since a Property
Put should not have a VT_VARIANT parameter in the first place. 2) ITypeInfo::Invoke should do the VT_VARIANT conversion itself, precisely because VariantChangeTypeEx() won't do it.
I am inclined to the second option, but I want to hear some comment before attempting to create a patch.
Alex Villacís Lasso
After some digging, I found that bugs 4370 and 4573 seem to expose the same problem. The root cause (in bug 4370) seems to be a patch by Robert Shearman that rewrites ITypeInfo::Invoke to use VariantChangeTypeEx (commit at http://source.winehq.org/git/?p=wine.git;a=commit;h=8cf5373f60aca5345a0c55df...). Saved me the trouble of the regression testing.
Alex Villacís Lasso