search

DynamoRIO / drmemory

Memory Debugger for Windows, Linux, Mac, and Android
Other
2.44k stars 262 forks source link

UNADDR in RtlLeaveCriticalSection in ui_tests HostRulesTest.TestMap #587

Open derekbruening opened 9 years ago

derekbruening commented 9 years ago

From bruen...@google.com on September 12, 2011 10:57:43

test-name=HostRulesTest.TestMap Error #1: UNADDRESSABLE ACCESS: reading 0x1cd00140-0x1cd00141 1 byte(s) within 0x1cd00140-0x1cd00144 @0:00:47.315 in thread 4868 Note: next higher malloc: 0x1cd009c8-0x1cd00a30 Note: instruction: add $0xffffffff 0x08(%esi) -> 0x08(%esi)

0 ntdll.dll!RtlLeaveCriticalSection

1 ntdll.dll!RtlpAllocateHeap

2 ntdll.dll!RtlAllocateHeap

3 MSWSOCK.dll!SockDoConnectReal

4 MSWSOCK.dll!SockDoConnect

5 MSWSOCK.dll!WSPConnect

6 WS2_32.dll!connect

7 chrome.dll!net::TCPClientSocketWin::DoConnect [e:\src\chromium\src\net\socket\tcp_client_socket_win.cc:488]

8 chrome.dll!net::TCPClientSocketWin::DoConnectLoop [e:\src\chromium\src\net\socket\tcp_client_socket_win.cc:425]

9 chrome.dll!net::TCPClientSocketWin::Connect [e:\src\chromium\src\net\socket\tcp_client_socket_win.cc:403]

10 chrome.dll!net::TransportConnectJob::DoTransportConnect [e:\src\chromium\src\net\socket\transport_client_socket_pool.cc:223]

11 chrome.dll!net::TransportConnectJob::DoLoop [e:\src\chromium\src\net\socket\transport_client_socket_pool.cc:191]

12 chrome.dll!net::TransportConnectJob::ConnectInternal [e:\src\chromium\src\net\socket\transport_client_socket_pool.cc:357]

13 chrome.dll!net::ConnectJob::Connect [e:\src\chromium\src\net\socket\client_socket_pool_base.cc:99]

14 chrome.dll!net::internal::ClientSocketPoolBaseHelper::RequestSocketInternal [e:\src\chromium\src\net\socket\client_socket_pool_base.cc:348]

15 chrome.dll!net::internal::ClientSocketPoolBaseHelper::RequestSocket [e:\src\chromium\src\net\socket\client_socket_pool_base.cc:243]

16 chrome.dll!net::ClientSocketPoolBasenet::TransportSocketParams::RequestSocket [e:\src\chromium\src\net\socket\client_socket_pool_base.h:652]

17 chrome.dll!net::TransportClientSocketPool::RequestSocket [e:\src\chromium\src\net\socket\transport_client_socket_pool.cc:418]

18 chrome.dll!net::ClientSocketHandle::Initnet::HttpProxySocketParams,net::HttpProxyClientSocketPool [e:\src\chromium\src\net\socket\client_socket_handle.h:206]

19 chrome.dll!net::SSLConnectJob::DoTransportConnect [e:\src\chromium\src\net\socket\ssl_client_socket_pool.cc:213]

Error #2: UNADDRESSABLE ACCESS: writing 0x1cd00144-0x1cd00145 1 byte(s) within 0x1cd00144-0x1cd00148 @0:00:47.319 in thread 4868 Note: next higher malloc: 0x1cd009c8-0x1cd00a30 Note: instruction: mov $0x00000000 -> 0x0c(%esi)

0 ntdll.dll!RtlLeaveCriticalSection

1 ntdll.dll!RtlpAllocateHeap

2 ntdll.dll!RtlAllocateHeap

3 MSWSOCK.dll!SockDoConnectReal

4 MSWSOCK.dll!SockDoConnect

5 MSWSOCK.dll!WSPConnect

6 WS2_32.dll!connect

7 chrome.dll!net::TCPClientSocketWin::DoConnect [e:\src\chromium\src\net\socket\tcp_client_socket_win.cc:488]

...

Error #3: UNADDRESSABLE ACCESS: reading 0x1cd0013c-0x1cd0013d 1 byte(s) within 0x1cd0013c-0x1cd00140 @0:00:47.324 in thread 4868 Note: next higher malloc: 0x1cd009c8-0x1cd00a30 Note: instruction: lock xadd (%eax) %ebx -> (%eax) %ebx

0 ntdll.dll!RtlLeaveCriticalSection

1 ntdll.dll!RtlpAllocateHeap

2 ntdll.dll!RtlAllocateHeap

3 MSWSOCK.dll!SockDoConnectReal

4 MSWSOCK.dll!SockDoConnect

5 MSWSOCK.dll!WSPConnect

6 WS2_32.dll!connect

7 chrome.dll!net::TCPClientSocketWin::DoConnect [e:\src\chromium\src\net\socket\tcp_client_socket_win.cc:488]

...

Original issue: http://code.google.com/p/drmemory/issues/detail?id=587

derekbruening commented 9 years ago

From timurrrr@google.com on October 06, 2011 03:45:16

See also https://code.google.com/p/chromium/issues/detail?id=96433

Labels: Hotlist-Chrome

derekbruening commented 9 years ago

From timurrrr@google.com on October 14, 2011 08:42:25

Status: Duplicate
Mergedinto: 533

derekbruening commented 9 years ago

From timurrrr@google.com on October 14, 2011 08:43:10

Oops, I misread the comments at https://code.google.com/p/chromium/issues/detail?id=96433 Shall I undup or do you think it is the same issue?

derekbruening commented 9 years ago

From bruen...@google.com on October 14, 2011 09:52:54

I don't think it's the same issue since it shouldn't happen on add, mov, or xadd, except possibly at the end of a bb. unable to repro on just that test though.

derekbruening commented 9 years ago

From timurrrr@google.com on October 14, 2011 09:57:04

OK, un-dup'ing

Status: Accepted
Mergedinto: