http://bugs.winehq.org/show_bug.cgi?id=18434
Mars Liu marsliu2000@hotmail.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Component|shdocvw |-unknown
--- Comment #12 from Mars Liu marsliu2000@hotmail.com 2009-07-27 16:49:19 --- Finally I know how to use winedbg...
Anyway, Here is the detail exception message from winedbg with the wine_gecko-0.9.1-dbg.cab
Unhandled exception: page fault on read access to 0x00000016 in 32-bit code (0x66dfa952). Register dump: CS:0073 SS:007b DS:007b ES:007b FS:0033 GS:003b EIP:66dfa952 ESP:0033d280 EBP:0033d2d8 EFLAGS:00010202( R- -- I - - - ) EAX:00000000 EBX:0033d390 ECX:00139ae0 EDX:0033d2b0 ESI:0033d680 EDI:67582d00 Stack dump: 0x0033d280: 00000001 67510682 0033d2a8 671046e5 0x0033d290: 01ab8474 00139ae0 0033d2a8 00ac099f 0x0033d2a0: 0033d2f0 00000000 0033d2c8 67104834 0x0033d2b0: 01908480 00000000 00000000 40280000 0x0033d2c0: 01aac3f0 00000005 00000005 00000000 0x0033d2d0: 01ab8474 0033d390 0033d318 66dfb049 Backtrace: =>0 0x66dfa952 _ZN14gfxWindowsFont13GetOrMakeFontEP9FontEntryPK12gfxFontStyle+0x1c(aFontEntry=(nil), aStyle=0x1ab8428) [/usr/local/src/wine-mozilla/gfx/thebes/src/gfxWindowsFonts.cpp:800] in xul (0x0033d2d8) 1 0x66dfb049 _ZN19gfxWindowsFontGroup9GetFontAtEi+0xa7(this=0x1ab8410, i=0) [/usr/local/src/wine-mozilla/gfx/thebes/src/gfxWindowsFonts.cpp:902] in xul (0x0033d318) 2 0x66c9d8ae _ZNK19nsThebesFontMetrics10GetMetricsEv+0x2a(this=0x1aac438) [/usr/local/src/wine-mozilla/gfx/src/thebes/nsThebesFontMetrics.cpp:109] in xul (0x0033d348) 3 0x66c9dd2b _ZN19nsThebesFontMetrics18GetExternalLeadingERi+0x15(this=0x1aac438, aLeading=0x33d390) [/usr/local/src/wine-mozilla/gfx/src/thebes/nsThebesFontMetrics.cpp:187] in xul (0x0033d368) 4 0x6634bbf7 _Z19GetNormalLineHeightP14nsIFontMetrics+0x43(aFontMetrics=0x1aac438) [/usr/local/src/wine-mozilla/layout/generic/nsHTMLReflowState.cpp:2029] in xul (0x0033d398) 5 0x6634bdbf _Z17ComputeLineHeightP14nsStyleContext+0x125(aStyleContext=0x1aa9110) [/usr/local/src/wine-mozilla/layout/generic/nsHTMLReflowState.cpp:2069] in xul (0x0033d3f8) 6 0x6634be16 _ZN17nsHTMLReflowState14CalcLineHeightEP14nsStyleContext+0x38(aStyleContext=0x1aa9110) [/usr/local/src/wine-mozilla/layout/generic/nsHTMLReflowState.cpp:2077] in xul (0x0033d418) 7 0x66fb80ba _ZN17nsHTMLReflowState14CalcLineHeightEP8nsIFrame+0x1a(aFrame=0x1aa9274) [/usr/local/src/wine-mozilla/layout/forms/../generic/nsHTMLReflowState.h:406] in xul (0x0033d438) 8 0x663aaaa6 _ZN18nsTextControlFrame17CalcIntrinsicSizeEP19nsIRenderingContextR6nsSize+0x110(this=0x1aa9274, aRenderingContext=0x1b1adb8, aIntrinsicSize=0x33d680) [/usr/local/src/wine-mozilla/layout/forms/nsTextControlFrame.cpp:1335] in xul (0x0033d4d8) 9 0x663ac386 _ZN18nsTextControlFrame15ComputeAutoSizeEP19nsIRenderingContext6nsSizeiS2_S2_S2_i+0x26(this=0x1aa9274, aRenderingContext=0x1b1adb8, aCBSize=0x33d5b0, aAvailableWidth=15000, aMargin=0x33d5c0, aBorder=0x33d5d0, aPadding=0x33d5e0, aShrinkWrap=1) [/usr/local/src/wine-mozilla/layout/forms/nsTextControlFrame.cpp:1786] in xul (0x0033d558) 10 0x663255bd _ZN7nsFrame11ComputeSizeEP19nsIRenderingContext6nsSizeiS2_S2_S2_i+0x7d(this=0x1aa9274, aRenderingContext=0x1b1adb8, aCBSize=0x33d640, aAvailableWidth=15000, aMargin=0x33d650, aBorder=0x33d660, aPadding=0x33d670, aShrinkWrap=1) [/usr/local/src/wine-mozilla/layout/generic/nsFrame.cpp:3118] in xul (0x0033d5f8) 11 0x6634b438 _ZN17nsHTMLReflowState15InitConstraintsEP13nsPresContextiiPK8nsMarginS4_+0x68e(this=0x33d800, aPresContext=0x1a5a478, aContainingBlockWidth=15000, aContainingBlockHeight=1073741824, aBorder=(nil), aPadding=(nil)) [/usr/local/src/wine-mozilla/layout/generic/nsHTMLReflowState.cpp:1826] in xul (0x0033d6c8) 12 0x663485a3 _ZN17nsHTMLReflowState4InitEP13nsPresContextiiPK8nsMarginS4_+0x119(this=0x33d800, aPresContext=0x1a5a478, aContainingBlockWidth=-1, aContainingBlockHeight=-1, aBorder=(nil), aPadding=(nil)) [/usr/local/src/wine-mozilla/layout/generic/nsHTMLReflowState.cpp:286] in xul (0x0033d6f8) 13 0x66348279 _ZN17nsHTMLReflowStateC1EP13nsPresContextRKS_P8nsIFrameRK6nsSizeiii+0x33f(this=0x33d800, aPresContext=0x1a5a478, aParentReflowState=0x33e400, aFrame=0x1aa9274, aAvailableSpace=0x33d8b0, aContainingBlockWidth=-1, aContainingBlockHeight=-1, aInit=1) [/usr/local/src/wine-mozilla/layout/generic/nsHTMLReflowState.cpp:175] in xul (0x0033d738) 14 0x6635af13 _ZN12nsLineLayout11ReflowFrameEP8nsIFrameRjP19nsHTMLReflowMetricsRi+0xe5(this=0x33da50, aFrame=0x1aa9274, aReflowStatus=0x33d96c, aMetrics=(nil), aPushedFrame=0x33d968) [/usr/local/src/wine-mozilla/layout/generic/nsLineLayout.cpp:773] in xul (0x0033d8d8) 15 0x66307ab4 _ZN12nsBlockFrame17ReflowInlineFrameER18nsBlockReflowStateR12nsLineLayout19nsLineList_iteratorP8nsIFrameP16LineReflowStatus+0x58(this=0x1aa8b28, aState=0x33e0a0, aLineLayout=0x33da50, aLine={mCurrent=0x1aa9838, mListLink=0x1aa8b68}, aFrame=0x1aa9274, aLineReflowStatus=0x33d9e8) [/usr/local/src/wine-mozilla/layout/generic/nsBlockFrame.cpp:3593] in xul (0x0033d978) 16 0x663074b7 _ZN12nsBlockFrame20DoReflowInlineFramesER18nsBlockReflowStateR12nsLineLayout19nsLineList_iteratorPiP16LineReflowStatusi+0x273(this=0x1aa8b28, aState=0x33e0a0, aLineLayout=0x33da50, aLine={mCurrent=0x1aa9838, mListLink=0x1aa8b68}, aKeepReflowGoing=0x33dde8, aLineReflowStatus=0x33db34, aAllowPullUp=1) [/usr/local/src/wine-mozilla/layout/generic/nsBlockFrame.cpp:3413] in xul (0x0033da28) 17 0x66307067 _ZN12nsBlockFrame18ReflowInlineFramesER18nsBlockReflowState19nsLineList_iteratorPi+0xf3(this=0x1aa8b28, aState=0x33e0a0, aLine={mCurrent=0x1aa9838, mListLink=0x1aa8b68}, aKeepReflowGoing=0x33dde8) [/usr/local/src/wine-mozilla/layout/generic/nsBlockFrame.cpp:3259] in xul (0x0033db48) 18 0x66304bb4 _ZN12nsBlockFrame10ReflowLineER18nsBlockReflowState19nsLineList_iteratorPi+0x3fc(this=0x1aa8b28, aState=0x33e0a0, aLine={mCurrent=0x1aa9838, mListLink=0x1aa8b68}, aKeepReflowGoing=0x33dde8) [/usr/local/src/wine-mozilla/layout/generic/nsBlockFrame.cpp:2327] in xul (0x0033dc58) 19 0x663037f6 _ZN12nsBlockFrame16ReflowDirtyLinesER18nsBlockReflowState+0x6f0(this=0x1aa8b28, aState=0x33e0a0) [/usr/local/src/wine-mozilla/layout/generic/nsBlockFrame.cpp:1907] in xul (0x0033ddf8) 20 0x66301049 _ZN12nsBlockFrame6ReflowEP13nsPresContextR19nsHTMLReflowMetricsRK17nsHTMLReflowStateRj+0x2bb(this=0x1aa8b28, aPresContext=0x1a5a478, aMetrics=0x33e554, aReflowState=0x33e400, aStatus=0x33e3fc) [/usr/local/src/wine-mozilla/layout/generic/nsBlockFrame.cpp:954] in xul (0x0033e2a8) 21 0x66310fee _ZN20nsBlockReflowContext11ReflowBlockERK6nsRectiR18nsCollapsingMarginiiP9nsLineBoxR17nsHTMLReflowStateRjR18nsBlockReflowState+0x1c6(this=0x33e530, aSpace=0x33e4c0, aApplyTopMargin=1, aPrevMargin=0x33eb98, aClearance=0, aIsAdjacentWithTop=1, aLine=0x1aa9918, aFrameRS=0x33e400, aFrameReflowStatus=0x33e3fc, aState=0x33eb10) [/usr/local/src/wine-mozilla/layout/generic/nsBlockReflowContext.cpp:310] in xul (0x0033e2f8) 22 0x66306306 _ZN12nsBlockFrame16ReflowBlockFrameER18nsBlockReflowState19nsLineList_iteratorPi+0x7e6(this=0x1aa8970, aState=0x33eb10, aLine={mCurrent=0x1aa9918, mListLink=0x1aa89b0}, aKeepReflowGoing=0x33e858) [/usr/local/src/wine-mozilla/layout/generic/nsBlockFrame.cpp:2998] in xul (0x0033e5b8) 23 0x663048c6 _ZN12nsBlockFrame10ReflowLineER18nsBlockReflowState19nsLineList_iteratorPi+0x10e(this=0x1aa8970, aState=0x33eb10, aLine={mCurrent=0x1aa9918, mListLink=0x1aa89b0}, aKeepReflowGoing=0x33e858) [/usr/local/src/wine-mozilla/layout/generic/nsBlockFrame.cpp:2272] in xul (0x0033e6c8) 24 0x663037f6 _ZN12nsBlockFrame16ReflowDirtyLinesER18nsBlockReflowState+0x6f0(this=0x1aa8970, aState=0x33eb10) [/usr/local/src/wine-mozilla/layout/generic/nsBlockFrame.cpp:1907] in xul (0x0033e868) 25 0x66301049 _ZN12nsBlockFrame6ReflowEP13nsPresContextR19nsHTMLReflowMetricsRK17nsHTMLReflowStateRj+0x2bb(this=0x1aa8970, aPresContext=0x1a5a478, aMetrics=0x33efa0, aReflowState=0x33eeb0, aStatus=0x33f11c) [/usr/local/src/wine-mozilla/layout/generic/nsBlockFrame.cpp:954] in xul (0x0033ed18) 26 0x662fd501 _ZN25nsAbsoluteContainingBlock19ReflowAbsoluteFrameEP8nsIFrameP13nsPresContextRK17nsHTMLReflowStateiiiS1_RjP6nsRect+0x43d(this=0x1bbc58, aDelegatingFrame=0x1bbc10, aPresContext=0x1a5a478, aReflowState=0x33f400, aContainingBlockWidth=55920, aContainingBlockHeight=40620, aConstrainHeight=1, aKidFrame=0x1aa8970, aStatus=0x33f11c, aChildBounds=0x33f1a0) [/usr/local/src/wine-mozilla/layout/generic/nsAbsoluteContainingBlock.cpp:436] in xul (0x0033f088) 27 0x662fc9b2 _ZN25nsAbsoluteContainingBlock6ReflowEP16nsContainerFrameP13nsPresContextRK17nsHTMLReflowStateRjiiiiiP6nsRect+0xda(this=0x1bbc58, aDelegatingFrame=0x1bbc10, aPresContext=0x1a5a478, aReflowState=0x33f400, aReflowStatus=0x33f3fc, aContainingBlockWidth=55920, aContainingBlockHeight=40620, aConstrainHeight=1, aCBWidthChanged=1, aCBHeightChanged=1, aChildBounds=0x33f1a0) [/usr/local/src/wine-mozilla/layout/generic/nsAbsoluteContainingBlock.cpp:155] in xul (0x0033f158) 28 0x663476d2 _ZN11CanvasFrame6ReflowEP13nsPresContextR19nsHTMLReflowMetricsRK17nsHTMLReflowStateRj+0x69e(this=0x1bbc10, aPresContext=0x1a5a478, aDesiredSize=0x33f580, aReflowState=0x33f400, aStatus=0x33f3fc) [/usr/local/src/wine-mozilla/layout/generic/nsHTMLFrame.cpp:731] in xul (0x0033f338) 29 0x6631aa47 _ZN16nsContainerFrame11ReflowChildEP8nsIFrameP13nsPresContextR19nsHTMLReflowMetricsRK17nsHTMLReflowStateiijRjP29nsOverflowContinuationTracker+0x12f(this=0x1bc034, aKidFrame=0x1bbc10, aPresContext=0x1a5a478, aDesiredSize=0x33f580, aReflowState=0x33f400, aX=0, aY=0, aFlags=3, aStatus=0x33f3fc, aTracker=(nil)) [/usr/local/src/wine-mozilla/layout/generic/nsContainerFrame.cpp:792] in xul (0x0033f3a8) 30 0x6633d1b0 _ZN17nsHTMLScrollFrame19ReflowScrolledFrameEP17ScrollReflowStateiiP19nsHTMLReflowMetricsi+0x2e4(this=0x1bc034, aState=0x33f680, aAssumeHScroll=0, aAssumeVScroll=1, aMetrics=0x33f580, aFirstPass=1) [/usr/local/src/wine-mozilla/layout/generic/nsGfxScrollFrame.cpp:528] in xul (0x0033f4f8) 31 0x6633d3ca _ZN17nsHTMLScrollFrame14ReflowContentsEP17ScrollReflowStateRK19nsHTMLReflowMetrics+0x54(this=0x1bc034, aState=0x33f680, aDesiredSize=0x33f870) [/usr/local/src/wine-mozilla/layout/generic/nsGfxScrollFrame.cpp:622] in xul (0x0033f5c8) 32 0x6633ddc5 _ZN17nsHTMLScrollFrame6ReflowEP13nsPresContextR19nsHTMLReflowMetricsRK17nsHTMLReflowStateRj+0x27b(this=0x1bc034, aPresContext=0x1a5a478, aDesiredSize=0x33f870, aReflowState=0x33f7b0, aStatus=0x33f98c) [/usr/local/src/wine-mozilla/layout/generic/nsGfxScrollFrame.cpp:823] in xul (0x0033f6f8) 33 0x6631aa47 _ZN16nsContainerFrame11ReflowChildEP8nsIFrameP13nsPresContextR19nsHTMLReflowMetricsRK17nsHTMLReflowStateiijRjP29nsOverflowContinuationTracker+0x12f(this=0x1bbe70, aKidFrame=0x1bc034, aPresContext=0x1a5a478, aDesiredSize=0x33f870, aReflowState=0x33f7b0, aX=0, aY=0, aFlags=0, aStatus=0x33f98c, aTracker=(nil)) [/usr/local/src/wine-mozilla/layout/generic/nsContainerFrame.cpp:792] in xul (0x0033f768) 34 0x6639a2ed _ZN13ViewportFrame6ReflowEP13nsPresContextR19nsHTMLReflowMetricsRK17nsHTMLReflowStateRj+0x187(this=0x1bbe70, aPresContext=0x1a5a478, aDesiredSize=0x33f940, aReflowState=0x33f990, aStatus=0x33f98c) [/usr/local/src/wine-mozilla/layout/generic/nsViewportFrame.cpp:282] in xul (0x0033f8e8) 35 0x662f0faa _ZN9PresShell8DoReflowEP8nsIFrame+0x36a(this=0x1ba0f8, target=0x1bbe70) [/usr/local/src/wine-mozilla/layout/base/nsPresShell.cpp:6373] in xul (0x0033fab8) 36 0x662f143d _ZN9PresShell21ProcessReflowCommandsEi+0x12d(this=0x1ba0f8, aInterruptible=1) [/usr/local/src/wine-mozilla/layout/base/nsPresShell.cpp:6479] in xul (0x0033fb18) 37 0x662ebd13 _ZN9PresShell27DoFlushPendingNotificationsE12mozFlushTypei+0x1ad(this=0x1ba0f8, aType=Flush_Layout, aInterruptibleReflow=1) [/usr/local/src/wine-mozilla/layout/base/nsPresShell.cpp:4590] in xul (0x0033fb88) 38 0x662f093b _ZN9PresShell11ReflowEvent3RunEv+0xbd(this=0x1926760) [/usr/local/src/wine-mozilla/layout/base/nsPresShell.cpp:6236] in xul (0x0033fbc8) 39 0x66d9d45a _ZN8nsThread16ProcessNextEventEiPi+0x250(this=0x138df8, mayWait=0, result=0x33fc6c) [/usr/local/src/wine-mozilla/xpcom/threads/nsThread.cpp:510] in xul (0x0033fc48) 40 0x66d48f40 _Z25NS_ProcessPendingEvents_PP9nsIThreadj+0x6a(thread=0x138df8, timeout=20) [/usr/local/src/wine_gecko-dbg/xpcom/build/nsThreadUtils.cpp:180] in xul (0x0033fc78) 41 0x66cddc2c _ZN14nsBaseAppShell19NativeEventCallbackEv+0xa6(this=0x196a188) [/usr/local/src/wine-mozilla/widget/src/xpwidgets/nsBaseAppShell.cpp:121] in xul (0x0033fca8) 42 0x66cb3a3e _ZN10nsAppShell15EventWindowProcEP6HWND__jjl+0x22(hwnd=0x10038, uMsg=49222, wParam=0, lParam=26648968) [/usr/local/src/wine-mozilla/widget/src/windows/nsAppShell.cpp:75] in xul (0x0033fcc8) 43 0x7e7597ea WINPROC_wrapper+0x1a() in user32 (0x0033fcf8) 44 0x7e75af37 in user32 (+0xcaf37) (0x0033fd38) 45 0x7e75f242 in user32 (+0xcf242) (0x0033fd78) 46 0x7e718716 DispatchMessageW+0x96() in user32 (0x0033fdb8) 47 0x7e9e7bf0 IEWinMain+0x160() in shdocvw (0x0033fe38) 48 0x7ef435c4 WinMain+0x24() in iexplore (0x0033fe58) 49 0x7ef4370d main+0xad() in iexplore (0x0033fed8) 50 0x7ef43654 in iexplore (+0x3654) (0x0033ff08) 51 0x7ee0db40 in kernel32 (+0x5db40) (0x0033ffe8) 52 0xb7e7484d wine_call_on_stack+0x1d() in libwine.so.1 (0x00000000) 0x66dfa952 _ZN14gfxWindowsFont13GetOrMakeFontEP9FontEntryPK12gfxFontStyle+0x1c [/usr/local/src/wine-mozilla/gfx/thebes/src/gfxWindowsFonts.cpp:800] in xul: movw0x16(%eax),%ax
gfxWindowsFonts.cpp:800 is: style.weight = aFontEntry->mWeight;
from the above message, we see :aFontEntry=(nil), aStyle=0x1ab8428.
There isn't any null pointer protections in that function GetOrMakeFont. It looks like the gecko developer thought this pointer would never be null. I don't know if this should be a gecko bug or a font bug...