[Bug 38724] New: valgrind shows some invalid reads in ieframe/tests/webbrowser.c (msvc pdb debug build)

wine-bugs at winehq.org wine-bugs at winehq.org
Tue Jun 9 03:51:37 CDT 2015 

https://bugs.winehq.org/show_bug.cgi?id=38724

            Bug ID: 38724
           Summary: valgrind shows some invalid reads in
                    ieframe/tests/webbrowser.c (msvc pdb debug build)
           Product: Wine
           Version: 1.7.44
          Hardware: x86
               URL: http://austinenglish.com/logs/valgrind/wine-1.7.44.log
                    .bz2
                OS: Linux
            Status: NEW
          Keywords: download, source, testcase, valgrind
          Severity: normal
          Priority: P2
         Component: -unknown
          Assignee: wine-bugs at winehq.org
          Reporter: austinenglish at gmail.com
      Distribution: Fedora

../../../tools/runtest -q -P wine -T ../../.. -M ieframe.dll -p
ieframe_test.exe.so webbrowser && touch webbrowser.ok
[48] WARNING: XPCOM objects created/destroyed from static ctor/dtor: file
c:\wine-wine-gecko\xpcom\base\nsTraceRefcnt.cpp, line 143
[48] WARNING: XPCOM objects created/destroyed from static ctor/dtor: file
c:\wine-wine-gecko\xpcom\base\nsTraceRefcnt.cpp, line 143
[48] WARNING: XPCOM objects created/destroyed from static ctor/dtor: file
c:\wine-wine-gecko\xpcom\base\nsTraceRefcnt.cpp, line 143
[48] WARNING: XPCOM objects created/destroyed from static ctor/dtor: file
c:\wine-wine-gecko\xpcom\base\nsTraceRefcnt.cpp, line 143
[48] WARNING: XPCOM objects created/destroyed from static ctor/dtor: file
c:\wine-wine-gecko\xpcom\base\nsTraceRefcnt.cpp, line 143
++DOCSHELL 0C553C00 == 1 [pid = 48] [id = 1]
Assertion failure: SingletonExists(), at
c:\wine_gecko-2.36-x86-dbg\dist\include\gfxPrefs.h:202
### ERROR: WalkStack64: Invalid handle.

==30416== Invalid read of size 1
==30416==    at 0x1728F120: symt_add_func_line (symbol.c:331)
==30416==    by 0x1727D85F: codeview_snarf_linetab2 (msc.c:1488)
==30416==    by 0x172817EE: pdb_process_internal (msc.c:2800)
==30416==    by 0x172819B2: pdb_process_file (msc.c:2849)
==30416==    by 0x17282E8D: codeview_process_info (msc.c:3337)
==30416==    by 0x1728304D: pe_load_debug_directory (msc.c:3393)
==30416==    by 0x1728674D: pe_load_msc_debug_info (pe_module.c:611)
==30416==    by 0x17286A9D: pe_load_debug_info (pe_module.c:714)
==30416==    by 0x17286D52: pe_load_native_module (pe_module.c:773)
==30416==    by 0x17278662: SymLoadModuleExW (module.c:628)
==30416==    by 0x172644EA: process_invade_cb (dbghelp.c:252)
==30416==    by 0x172790A0: EnumerateLoadedModulesW64 (module.c:926)
==30416==    by 0x17264908: SymInitializeW (dbghelp.c:358)
==30416==    by 0x17264A01: SymInitialize (dbghelp.c:391)
==30416==    by 0x103A559E: EnsureSymInitialized (nsstackwalk.cpp:760)
==30416==    by 0x103A5967: NS_DescribeCodeAddress (nsstackwalk.cpp:782)
==30416==    by 0x103A6CEB: PrintStackFrame (nstracerefcnt.cpp:937)
==30416==    by 0x103A6B53: NS_StackWalk (nsstackwalk.cpp:619)
==30416==    by 0x103A47A8: nsTraceRefcnt::WalkTheStack (nstracerefcnt.cpp:963)
==30416==    by 0x1139B681: MOZ_ReportAssertionFailure (assertions.h:145)
==30416==  Address 0x0 is not stack'd, malloc'd or (recently) free'd
==30416== 

==30416== Invalid read of size 2
==30416==    at 0x7BC573D9: RtlImageNtHeader (loader.c:2770)
==30416==    by 0x7BC57AEF: RtlImageDirectoryEntryToData (loader.c:2944)
==30416==    by 0x1728680D: pe_load_export_debug_info (pe_module.c:659)
==30416==    by 0x17286AEE: pe_load_debug_info (pe_module.c:722)
==30416==    by 0x17286D52: pe_load_native_module (pe_module.c:773)
==30416==    by 0x17278662: SymLoadModuleExW (module.c:628)
==30416==    by 0x172644EA: process_invade_cb (dbghelp.c:252)
==30416==    by 0x172790A0: EnumerateLoadedModulesW64 (module.c:926)
==30416==    by 0x17264908: SymInitializeW (dbghelp.c:358)
==30416==    by 0x17264A01: SymInitialize (dbghelp.c:391)
==30416==    by 0x103A559E: EnsureSymInitialized (nsstackwalk.cpp:760)
==30416==    by 0x103A5967: NS_DescribeCodeAddress (nsstackwalk.cpp:782)
==30416==    by 0x103A6CEB: PrintStackFrame (nstracerefcnt.cpp:937)
==30416==    by 0x103A6B53: NS_StackWalk (nsstackwalk.cpp:619)
==30416==    by 0x103A47A8: nsTraceRefcnt::WalkTheStack (nstracerefcnt.cpp:963)
==30416==    by 0x1139B681: MOZ_ReportAssertionFailure (assertions.h:145)
==30416==    by 0x11394FE2: gfxPrefs::CMSMode (in
/home/austin/.wine-valgrind/drive_c/windows/system32/gecko/2.36/wine_gecko/xul.dll)
==30416==    by 0x113969CC: gfxPlatform::GetCMSMode (gfxplatform.cpp:1741)
==30416==    by 0x12E43B11: nsXPLookAndFeel::GetColorImpl
(nsxplookandfeel.cpp:624)
==30416==    by 0x12E43A16: mozilla::LookAndFeel::GetColor
(nsxplookandfeel.cpp:712)
==30416==  Address 0xfffffffe is not stack'd, malloc'd or (recently) free'd
==30416== 

then after that, some more stack info:
#01: ???[xul +0x3a47a9]
#02: ???[xul +0x139b682]
#03: ???[xul +0x1394fe3]
#04: ???[xul +0x13969cd]
#05: ???[xul +0x2e43b12]
#06: ???[xul +0x2e43a17]
#07: ???[xul +0x35effaa]
#08: init_nscontainer (/home/austin/wine-valgrind/dlls/mshtml/nsiface.h:36911)
#09: create_nscontainer (/home/austin/wine-valgrind/dlls/mshtml/nsembed.c:2107)
#10: HTMLDocument_Create
(/home/austin/wine-valgrind/dlls/mshtml/htmldoc.c:4864)
#11: ClassFactory_CreateInstance
(/home/austin/wine-valgrind/dlls/mshtml/main.c:271)
#12: CoCreateInstance (/home/austin/wine-valgrind/dlls/ole32/compobj.c:3241)
#13: create_mime_object (/home/austin/wine-valgrind/dlls/urlmon/binding.c:260)
#14: create_object (/home/austin/wine-valgrind/dlls/urlmon/binding.c:310)
#15: report_data (/home/austin/wine-valgrind/dlls/urlmon/binding.c:1079)
#16: InternetProtocolSink_ReportData
(/home/austin/wine-valgrind/dlls/urlmon/binding.c:1128)
#17: ProtocolSinkHandler_ReportData
(/home/austin/wine-valgrind/dlls/urlmon/bindprot.c:972)
#18: BPInternetProtocolSink_ReportData
(/home/austin/wine-valgrind/dlls/urlmon/bindprot.c:1266)
#19: AboutProtocol_Start
(/home/austin/wine-valgrind/dlls/mshtml/../../include/urlmon.h:3113)
#20: BindProtocol_StartEx
(/home/austin/wine-valgrind/dlls/urlmon/../../include/urlmon.h:3296)
#21: start_binding
(/home/austin/wine-valgrind/dlls/urlmon/../../include/urlmon.h:7872)
#22: bind_to_object (/home/austin/wine-valgrind/dlls/urlmon/binding.c:1598)
#23: URLMoniker_BindToObject
(/home/austin/wine-valgrind/dlls/urlmon/umon.c:260)
#24: bind_to_object
(/home/austin/wine-valgrind/dlls/ieframe/../../include/objidl.h:3485)
#25: navigate_bsc (/home/austin/wine-valgrind/dlls/ieframe/navigate.c:910)
#26: navigate_bsc_proc (/home/austin/wine-valgrind/dlls/ieframe/navigate.c:940)
#27: process_dochost_tasks
(/home/austin/wine-valgrind/dlls/ieframe/dochost.c:63)
#28: shell_embedding_proc
(/home/austin/wine-valgrind/dlls/ieframe/oleobject.c:69)
#29: WINPROC_wrapper[user32 +0xa4316]
#30: call_window_proc (/home/austin/wine-valgrind/dlls/user32/winproc.c:245)
#31: WINPROC_call_window (/home/austin/wine-valgrind/dlls/user32/winproc.c:901)
#32: call_window_proc (/home/austin/wine-valgrind/dlls/user32/message.c:2223)
#33: send_message (/home/austin/wine-valgrind/dlls/user32/message.c:3258)
#34: SendMessageW (/home/austin/wine-valgrind/dlls/user32/message.c:3458)
#35: push_dochost_task (/home/austin/wine-valgrind/dlls/ieframe/dochost.c:53)
#36: navigate_url (/home/austin/wine-valgrind/dlls/ieframe/navigate.c:1005)
#37: WebBrowser_Navigate2
(/home/austin/wine-valgrind/dlls/ieframe/webbrowser.c:784)
#38: test_Navigate2
(/home/austin/wine-valgrind/dlls/ieframe/tests/../../../include/exdisp.h:2291)
#39: test_WebBrowser
(/home/austin/wine-valgrind/dlls/ieframe/tests/webbrowser.c:3602)
#40: func_webbrowser
(/home/austin/wine-valgrind/dlls/ieframe/tests/webbrowser.c:3851)
#41: run_test
(/home/austin/wine-valgrind/dlls/ieframe/tests/../../../include/wine/test.h:586)
#42: main
(/home/austin/wine-valgrind/dlls/ieframe/tests/../../../include/wine/test.h:666)
#43: __wine_spec_exe_entry
(/home/austin/wine-valgrind/dlls/winecrt0/exe_entry.c:36)
#44: call_process_entry[kernel32 +0x503b0]
#45: start_process (/home/austin/wine-valgrind/dlls/kernel32/process.c:1104)
#46: call_thread_func_wrapper[ntdll +0x71bb8]
#47: call_thread_func
(/home/austin/wine-valgrind/dlls/ntdll/signal_i386.c:2743)
#48: call_thread_entry_point[ntdll +0x71b96]
#49: LdrInitializeThunk (/home/austin/wine-valgrind/dlls/ntdll/loader.c:2877)
wine: Unhandled exception 0x80000003 in thread 47 at address 0x11394fe6 (thread
0047), starting debugger...

then valgrind explodes, eventually killing windbg:
winedbg: Internal crash at 0x7bc4a50d
/bin/sh: line 1: 30416 Killed                  ../../../tools/runtest -q -P
wine -T ../../.. -M ieframe.dll -p ieframe_test.exe.so webbrowser

unfortunately 64-bit doesn't work well yet (and 2.36 gecko win64 doesn't
build). I can build git, so perhaps the next gecko release will get better
info.

-- 
Do not reply to this email, post in Bugzilla using the
above URL to reply.
You are receiving this mail because:
You are watching all bug changes.

More information about the wine-bugs mailing list