[App Verifier] UnmapViewOfFile() called with null lpBaseAddress

RESOLVED FIXED in Firefox 52

Status

()

P1
normal
RESOLVED FIXED
2 years ago
2 years ago

People

(Reporter: cyu, Assigned: cyu)

Tracking

(Blocks: 1 bug)

Trunk
mozilla53
Unspecified
Windows
Points:
---

Firefox Tracking Flags

(firefox52 fixed, firefox-esr52 fixed, firefox53 fixed)

Details

(Whiteboard: app_verifier)

MozReview Requests

()

Submitter Diff Changes Open Issues Last Updated
Loading...
Error loading review requests:

Attachments

(2 attachments)

(Assignee)

Description

2 years ago
Created attachment 8823582 [details]
App verifier error report

The error is found when running one of the test suites with m-c revision c91249f41e37. App Verifier reports that mozilla::HandleToFilename() tries to call UnmapViewOfFile() with a memory block address with value = 0. Excerpt of the error log:

<avrf:logEntry Time="2017-01-03 : 14:16:26" LayerName="Memory" StopCode="0x60B" Severity="Error">
        <avrf:message>Trying to free virtual memory block that is already free.</avrf:message>
        <avrf:parameter1>0 - Memory block address.</avrf:parameter1>
        <avrf:parameter2>0 - Not used.</avrf:parameter2>
        <avrf:parameter3>0 - Not used.</avrf:parameter3>
        <avrf:parameter4>0 - Not used.</avrf:parameter4>
        <avrf:stackTrace>
                <avrf:trace>vfbasics!+7ff8af1b41d6 ( @ 0)</avrf:trace> 
                <avrf:trace>vfbasics!+7ff8af1b3f1f ( @ 0)</avrf:trace> 
                <avrf:trace>KERNELBASE!UnmapViewOfFile+22 ( @ 0)</avrf:trace> 
                <avrf:trace>vfbasics!+7ff8af1b4ab2 ( @ 0)</avrf:trace> 
                <avrf:trace>xul!mozilla::HandleToFilename+18e (e:\hg\mozilla-central\xpcom\io\fileutilswin.cpp @ 68)</avrf:trace>
Comment hidden (mozreview-request)

Comment 2

2 years ago
mozreview-review
Comment on attachment 8823586 [details]
Bug 1328569 - Don't call UnmapViewOfFile() with a null address.

https://reviewboard.mozilla.org/r/102128/#review102464
Attachment #8823586 - Flags: review?(nfroyd) → review+

Comment 3

2 years ago
Pushed by cyu@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/51419ce26c15
Don't call UnmapViewOfFile() with a null address. r=froydnj

Comment 4

2 years ago
bugherder
https://hg.mozilla.org/mozilla-central/rev/51419ce26c15
Status: NEW → RESOLVED
Last Resolved: 2 years ago
status-firefox53: affected → fixed
Resolution: --- → FIXED
Target Milestone: --- → mozilla53
Should we consider uplifting this to 52 ahead of the next ESR as well?
status-firefox52: --- → affected
Flags: needinfo?(cyu)
(Assignee)

Comment 6

2 years ago
It does no harm. We should uplift.
Flags: needinfo?(cyu)
(Assignee)

Comment 7

2 years ago
Comment on attachment 8823586 [details]
Bug 1328569 - Don't call UnmapViewOfFile() with a null address.

Approval Request Comment
[Feature/Bug causing the regression]: No bug. This is in the utility function for the Windows platform.
[User impact if declined]: Possibly stability issues.
[Is this code covered by automated tests?]: No. The impact of this bug is undefined behavior, though in reality it doesn't seem to have issues.
[Has the fix been verified in Nightly?]: Yes
[Needs manual test from QE? If yes, steps to reproduce]: No. This needs to be verified with debugger or dynamic check tool.
[List of other uplifts needed for the feature/fix]: None.
[Is the change risky?]: No.
[Why is the change risky/not risky?]: This adds a simple check so that we don't call the system call with a null argument. It's obvious that this patch does no harm.
[String changes made/needed]: No.
Attachment #8823586 - Flags: approval-mozilla-beta?
Comment on attachment 8823586 [details]
Bug 1328569 - Don't call UnmapViewOfFile() with a null address.

silence static analyzer with a null check, beta52+
Attachment #8823586 - Flags: approval-mozilla-beta? → approval-mozilla-beta+

Comment 9

2 years ago
bugherderuplift
https://hg.mozilla.org/releases/mozilla-beta/rev/ec7ea9c6e94a
status-firefox52: affected → fixed

Comment 10

2 years ago
bugherderuplift
https://hg.mozilla.org/releases/mozilla-esr52/rev/ec7ea9c6e94a
status-firefox-esr52: --- → fixed
You need to log in before you can comment on or make changes to this bug.