Lately I've been seeing a failure of ../../../tools/runtest -q -P wine -M msi.dll -T ../../.. -p msi_test.exe.so db.c on patchwatcher on lots of runs. e.g. http://kegel.com/wine/patchwatcher/results/2598.log
It kind of looks like a memory corruption:
wine: Unhandled page fault on read access to 0x00000018 at address 0x60432d58 (thread 0016), starting debugger... Backtrace: =>1 0x60432d58 CompareStringW+0xe8(lcid=1033, style=0, str1=0x12e0f8, len1=10, str2=0x18, len2=0) [include/wine/unicode.h:212] in kernel32 (0x0032f048) 2 0x60432eb5 lstrcmpW+0x75(str1=?, str2=0x18) [dlls/kernel32/locale.c:2830] in kernel32 (0x0032f078) 3 0x606b47bf find_cached_table+0x3f(db=?, name=0x12e0f8) [dlls/msi/table.c:571] in msi (0x0032f098) 4 0x606b8821 get_table+0x21(db=0x12b200, name=?, table_ret=0x12da80) [dlls/msi/table.c:770] in msi (0x0032f108) 6 0x606b8e9b TABLE_CreateView+0xdb(db=0x12b200, name=?, view=0x32f9a8) [dlls/msi/table.c:2143] in msi (0x0032f148) 6 0x606bfebc sql_parse+0x6bc(info=0x32f9f8) [dlls/msi/sql.y:481] in msi (0x0032f9c8) 7 0x606c08da MSI_ParseSQL+0x4a(db=0x12b200, command=0x12e7e8, phview=0x12e330, mem=0x12e33c) [dlls/msi/sql.y:915] in msi (0x0032fa18) 8 0x60699b3d MSI_DatabaseOpenViewW+0x9d(db=0x12b200, szQuery=0x12e7e8, pView=0x32fa78) [dlls/msi/msiquery.c:135] in msi (0x0032fa48) 9 0x60699cf3 MsiDatabaseOpenViewW+0x133(hdb=1, szQuery=?, phView=0x32faec) [dlls/msi/msiquery.c:277] in msi (0x0032fa88) 10 0x6069b07a MsiDatabaseOpenViewA+0xda(hdb=1, szQuery="SELECT * FROM `IDontExist`", phView=0x32faec) [dlls/msi/msiquery.c:105] in msi (0x0032fac8) 11 0x6052f5bf do_query+0x2f(hdb=?, query=?, phrec=?) [dlls/msi/tests/db.c:148] in msi_test (0x0032faf8) 12 0x6052f94a test_droptable+0x31a() [dlls/msi/tests/db.c:6371] in msi_test (0x0032fb38) 13 0x6054bb1a func_db+0x459a() [dlls/msi/tests/db.c:6444] in msi_test (0x0032fdd8) 14 0x605f07ca run_test+0x14a(name="db.c") [dlls/msi/tests/../../../include/wine/test.h:454] in msi_test (0x0032fe18) 15 0x605f1029 main+0x149(argc=?, argv=0x1103c0) [dlls/msi/tests/../../../include/wine/test.h:503] in msi_test (0x0032fed8) 16 0x605f118b __wine_spec_exe_entry+0x5b(peb=0x7ffdf000) [dlls/winecrt0/exe_entry.c:36] in msi_test (0x0032ff08) 17 0x60449b37 start_process+0xc7(arg=(nil)) [dlls/kernel32/process.c:904] in kernel32 (0x0032ffe8) 0x60432d58 CompareStringW+0xe8 [dlls/kernel32/../../include/wine/unicode.h:212] in kernel32: cmpw $0,0x0(%eax) 212 while (*s) s++;
The problem isn't particularly repeatable by hand, so I ran that test under valgrind. It seems to have a few warnings, and sure enough, they seem to be in the same function (test_droptable):
Invalid read of size 4 at 0x4ABF0AE: msi_table_get_row_size (table.c:492) by 0x4AC1609: msi_update_table_columns (table.c:1037) by 0x4AC3515: TABLE_remove_column (table.c:1813) by 0x4AC3592: TABLE_drop (table.c:2064) by 0x4A8913E: DROP_execute (drop.c:60) by 0x4AA1F0D: MSI_ViewExecute (msiquery.c:456) by 0x4AA2423: MsiViewExecute (msiquery.c:482) by 0x49388A5: test_droptable (db.c:6359) by 0x4954B19: func_db (db.c:6443) by 0x49F97C9: run_test (test.h:452) by 0x49FA028: main (test.h:502) Address 0x7f01ccc0 is not stack'd, malloc'd or (recently) free'd
Invalid read of size 4 at 0x4ABF0B4: msi_table_get_row_size (table.c:127) by 0x4AC1609: msi_update_table_columns (table.c:1037) by 0x4AC3515: TABLE_remove_column (table.c:1813) by 0x4AC3592: TABLE_drop (table.c:2064) by 0x4A8913E: DROP_execute (drop.c:60) by 0x4AA1F0D: MSI_ViewExecute (msiquery.c:456) by 0x4AA2423: MsiViewExecute (msiquery.c:482) by 0x49388A5: test_droptable (db.c:6359) by 0x4954B19: func_db (db.c:6443) by 0x49F97C9: run_test (test.h:452) by 0x49FA028: main (test.h:502) Address 0x7f01ccbc is not stack'd, malloc'd or (recently) free'd
Invalid read of size 4 at 0x4AC1614: msi_update_table_columns (table.c:1038) by 0x4AC3515: TABLE_remove_column (table.c:1813) by 0x4AC3592: TABLE_drop (table.c:2064) by 0x4A8913E: DROP_execute (drop.c:60) by 0x4AA1F0D: MSI_ViewExecute (msiquery.c:456) by 0x4AA2423: MsiViewExecute (msiquery.c:482) by 0x49388A5: test_droptable (db.c:6359) by 0x4954B19: func_db (db.c:6443) by 0x49F97C9: run_test (test.h:452) by 0x49FA028: main (test.h:502) Address 0x7f01ccc0 is not stack'd, malloc'd or (recently) free'd
Invalid free() / delete / delete[] at 0x471C5CF: RtlFreeHeap (heap.c:1315) by 0x4ABEEC2: msi_free_colinfo (msipriv.h:1074) by 0x4ABEFED: free_table (table.c:481) by 0x4AC36A9: TABLE_drop (table.c:2089) by 0x4A8913E: DROP_execute (drop.c:60) by 0x4AA1F0D: MSI_ViewExecute (msiquery.c:456) by 0x4AA2423: MsiViewExecute (msiquery.c:482) by 0x49388A5: test_droptable (db.c:6359) by 0x4954B19: func_db (db.c:6443) by 0x49F97C9: run_test (test.h:452) by 0x49FA028: main (test.h:502) Address 0x4d434923 is not stack'd, malloc'd or (recently) free'd
Invalid read of size 4 at 0x4A8E415: msiobj_release (handle.c:247) by 0x4AC3613: TABLE_drop (table.c:2093) by 0x4A8913E: DROP_execute (drop.c:60) by 0x4AA1F0D: MSI_ViewExecute (msiquery.c:456) by 0x4AA2423: MsiViewExecute (msiquery.c:482) by 0x49388A5: test_droptable (db.c:6359) by 0x4954B19: func_db (db.c:6443) by 0x49F97C9: run_test (test.h:452) by 0x49FA028: main (test.h:502) Address 0x7f01ccb0 is not stack'd, malloc'd or (recently) free'd
Could you have a look? (BTW this is valgrind from svn. valgrind-3.3.0 didn't give me stack dumps for some reason.) - Dan