[Bug 36310] New: valgrind shows lots of uninitialized reads/writes in msxml3/tests/xmlview.c
wine-bugs at winehq.org
wine-bugs at winehq.org
Sun May 4 03:50:15 CDT 2014
https://bugs.winehq.org/show_bug.cgi?id=36310
Bug ID: 36310
Summary: valgrind shows lots of uninitialized reads/writes in
msxml3/tests/xmlview.c
Product: Wine
Version: 1.7.18
Hardware: x86
OS: Linux
Status: NEW
Keywords: download, source, testcase
Severity: normal
Priority: P2
Component: msxml3
Assignee: wine-bugs at winehq.org
Reporter: austinenglish at gmail.com
==6314== Invalid read of size 4
==6314== at 0x7018C5F3: ???
==6314== by 0x70197781: ???
==6314== by 0x70181492: ???
==6314== by 0x7BC555FE: MODULE_InitDLL (loader.c:1068)
==6314== by 0x7BC5597C: process_attach (loader.c:1157)
==6314== by 0x7BC5592C: process_attach (loader.c:1149)
==6314== by 0x7BC585E2: LdrLoadDll (loader.c:2129)
==6314== by 0x7B85A79A: load_library (module.c:933)
==6314== by 0x7B85A908: LoadLibraryExW (module.c:990)
==6314== by 0x73A81BA: load_xul (nsembed.c:484)
==6314== by 0x73A8E4A: load_wine_gecko_v (nsembed.c:587)
==6314== by 0x73A8EB7: load_wine_gecko (nsembed.c:605)
==6314== by 0x73A97E5: load_gecko (nsembed.c:772)
==6314== by 0x73AE233: create_nscontainer (nsembed.c:2047)
==6314== by 0x732CB68: HTMLDocument_Create (htmldoc.c:4751)
==6314== by 0x7398C60: ClassFactory_CreateInstance (main.c:238)
==6314== by 0x5373E26: CoCreateInstance (unknwn.h:226)
==6314== by 0x6CA4DB0: XMLView_create (xmlview.c:1444)
==6314== by 0x6C62320: ClassFactory_CreateInstance (factory.c:178)
==6314== by 0x5373E26: CoCreateInstance (unknwn.h:226)
==6314== Address 0x4eddfe4 is not stack'd, malloc'd or (recently) free'd
==6314==
==6530== Thread 4:
==6530== Invalid read of size 4
==6530== at 0x7E41033: ???
==6530== by 0x7E362D2: ???
==6530== Address 0xcc3d7fc is on thread 1's stack
==6530==
==6652== Conditional jump or move depends on uninitialised value(s)
==6652== at 0x69DA2A6E: ???
==6652== by 0x69D912D8: ???
==6652== by 0x6B05358C: ???
==6652== by 0x69FA8430: ???
==6652== by 0x69F7B782: ???
==6652== by 0x69F7C6BE: ???
==6652== by 0x73A5E34: init_nscontainer (nsiface.h:59567)
==6652== by 0x73A62D1: create_nscontainer (nsembed.c:2065)
==6652== by 0x7324B68: HTMLDocument_Create (htmldoc.c:4751)
==6652== by 0x7390C60: ClassFactory_CreateInstance (main.c:238)
==6652== by 0x5373E26: CoCreateInstance (unknwn.h:226)
==6652== by 0x6CA4DB0: XMLView_create (xmlview.c:1444)
==6652== by 0x6C62320: ClassFactory_CreateInstance (factory.c:178)
==6652== by 0x5373E26: CoCreateInstance (unknwn.h:226)
==6652== by 0x4CA707B: test_QueryInterface (xmlview.c:156)
==6652== by 0x4CA7B69: func_xmlview (xmlview.c:269)
==6652== by 0x4CA896C: run_test (test.h:584)
==6652== by 0x4CA8D5B: main (test.h:654)
==6652== Uninitialised value was created by a stack allocation
==6652== at 0x69DA29E6: ???
==6652==
==6753== Conditional jump or move depends on uninitialised value(s)
==6753== at 0x69D80B25: ???
==6753== by 0x6A0E6970: ???
==6753== by 0x6A0E645E: ???
==6753== by 0x6AFE5020: ???
==6753== by 0x69CAB81E: ???
==6753== by 0x6A0E65B1: ???
==6753== by 0x69D80A6F: ???
==6753== by 0x5778509: ??? (winproc.c:173)
==6753== by 0x577867E: call_window_proc (winproc.c:244)
==6753== by 0x577986C: WINPROC_CallProcAtoW (winproc.c:603)
==6753== by 0x577A911: WINPROC_call_window (winproc.c:911)
==6753== by 0x573B8F9: DispatchMessageA (message.c:3948)
==6753== by 0x4CB7928: test_Load (xmlview.c:247)
==6753== by 0x4CB7B6E: func_xmlview (xmlview.c:270)
==6753== by 0x4CB896C: run_test (test.h:584)
==6753== by 0x4CB8D5B: main (test.h:654)
==6753== Uninitialised value was created by a stack allocation
==6753== at 0x69D80AB6: ???
==6753==
==6998== Conditional jump or move depends on uninitialised value(s)
==6998== at 0x6AEE5337: ???
==6998== by 0x69ECD001: ???
==6998== by 0x6A1714F7: ???
==6998== by 0x6A36FB0A: ???
==6998== by 0x6AECA4E7: ???
==6998== by 0x6AECA48F: ???
==6998== by 0x69CAB81E: ???
==6998== by 0x6A0E65B1: ???
==6998== by 0x69D80A6F: ???
==6998== by 0x5768509: ??? (winproc.c:173)
==6998== by 0x576867E: call_window_proc (winproc.c:244)
==6998== by 0x576986C: WINPROC_CallProcAtoW (winproc.c:603)
==6998== by 0x576A911: WINPROC_call_window (winproc.c:911)
==6998== by 0x572B8F9: DispatchMessageA (message.c:3948)
==6998== by 0x4CB3928: test_Load (xmlview.c:247)
==6998== by 0x4CB3B6E: func_xmlview (xmlview.c:270)
==6998== by 0x4CB496C: run_test (test.h:584)
==6998== by 0x4CB4D5B: main (test.h:654)
==6998== Uninitialised value was created by a client request
==6998== at 0x7BC4C52C: mark_block_uninitialized (heap.c:209)
==6998== by 0x7BC4C697: initialize_block (heap.c:240)
==6998== by 0x7BC50FA3: RtlAllocateHeap (heap.c:1717)
==6998== by 0x76E1CE0: MSVCRT_malloc (heap.c:329)
==6998== by 0x61E426BF: ???
==6998== by 0x69D2235D: ???
==6998== by 0x6A74092C: ???
==6998== by 0x6A5B7D64: ???
==6998== by 0x69C860AB: ???
==6998== by 0x6B073403: ???
==6998== by 0x6A4BD183: ???
==6998== by 0x6AFE511D: ???
==6998== by 0x69CAB81E: ???
==6998== by 0x6A0E65B1: ???
==6998== by 0x69D80A6F: ???
==6998== by 0x5768509: ??? (winproc.c:173)
==6998== by 0x576867E: call_window_proc (winproc.c:244)
==6998== by 0x576986C: WINPROC_CallProcAtoW (winproc.c:603)
==6998== by 0x576A911: WINPROC_call_window (winproc.c:911)
==6998== by 0x572B8F9: DispatchMessageA (message.c:3948)
==6998==
==6998== 8 bytes in 1 blocks are possibly lost in loss record 421 of 6,589
==6998== at 0x7BC4C735: notify_alloc (heap.c:255)
==6998== by 0x7BC50F79: RtlAllocateHeap (heap.c:1716)
==6998== by 0x7B84586B: HeapAlloc (heap.c:271)
==6998== by 0x7B845B40: GlobalAlloc (heap.c:376)
==6998== by 0x53683E7: OLEClipbrd_Initialize (clipboard.c:1732)
==6998== by 0x53A1772: OleInitialize (ole2.c:215)
==6998== by 0x6AFF45B4: ???
==6998== by 0x69D19393: ???
==6998== by 0x6A74092C: ???
==6998== by 0x69C92A72: ???
==6998== by 0x6B06D8C2: ???
==6998== by 0x69F7C26F: ???
==6998== by 0x73ADE34: init_nscontainer (nsiface.h:59567)
==6998== by 0x73AE2D1: create_nscontainer (nsembed.c:2065)
==6998== by 0x732CB68: HTMLDocument_Create (htmldoc.c:4751)
==6998== by 0x7398C60: ClassFactory_CreateInstance (main.c:238)
==6998== by 0x5373E26: CoCreateInstance (unknwn.h:226)
==6998== by 0x6CA4DB0: XMLView_create (xmlview.c:1444)
==6998== by 0x6C62320: ClassFactory_CreateInstance (factory.c:178)
==6998== by 0x5373E26: CoCreateInstance (unknwn.h:226)
==6998==
==7281== 8 bytes in 1 blocks are possibly lost in loss record 428 of 6,602
==7281== at 0x7BC4C735: notify_alloc (heap.c:255)
==7281== by 0x7BC50F79: RtlAllocateHeap (heap.c:1716)
==7281== by 0x7B84586B: HeapAlloc (heap.c:271)
==7281== by 0x7B845B40: GlobalAlloc (heap.c:376)
==7281== by 0x532204A: CreateStreamOnHGlobal (hglobalstream.c:603)
==7281== by 0x6C4D838: domdoc_load_from_stream (domdoc.c:772)
==7281== by 0x6C52086: domdoc_load (domdoc.c:2198)
==7281== by 0x6C9CCBA: handle_xml_load (msxml6.h:5228)
==7281== by 0x6C9D60C: XMLView_BindStatusCallback_OnDataAvailable
(xmlview.c:539)
==7281== by 0x5FF159A: BindStatusCallback_OnDataAvailable (urlmon.h:820)
==7281== by 0x5FF73A2: report_data (urlmon.h:820)
==7281== by 0x5FF7595: InternetProtocolSink_ReportData (binding.c:1126)
==7281== by 0x5FFC920: ProtocolSinkHandler_ReportData (urlmon.h:3113)
==7281== by 0x5FFD5D6: BPInternetProtocolSink_ReportData (urlmon.h:3113)
==7281== by 0x73D062D: ResProtocol_Start (urlmon.h:3113)
==7281== by 0x5FFB2D1: BindProtocol_StartEx (urlmon.h:3296)
==7281== by 0x5FF8A1B: start_binding (urlmon.h:7870)
==7281== by 0x5FF8BCD: bind_to_storage (binding.c:1567)
==7281== by 0x6018CF1: URLMoniker_BindToStorage (umon.c:280)
==7281== by 0x6C9F74D: XMLView_PersistMoniker_Load (objidl.h:3488)
==7281==
==7281== 32 bytes in 1 blocks are possibly lost in loss record 2,478 of 6,602
==7281== at 0x7BC4C735: notify_alloc (heap.c:255)
==7281== by 0x7BC50F79: RtlAllocateHeap (heap.c:1716)
==7281== by 0x7BC39AE9: RtlInitializeCriticalSectionEx (critsection.c:326)
==7281== by 0x7B876B51: InitializeCriticalSectionEx (sync.c:356)
==7281== by 0x7B876B17: InitializeCriticalSectionAndSpinCount (sync.c:334)
==7281== by 0x6AFB523E: ???
==7281== by 0x69DFCC68: ???
==7281== by 0x6A6C7944: ???
==7281== by 0x69E6E0B7: ???
==7281== by 0x7BC870D0: call_thread_func (signal_i386.c:2630)
==7281== by 0x7BC87065: ??? (signal_i386.c:2571)
==7281== by 0x7BC8E4B0: start_thread (thread.c:428)
==7281== by 0x4EA7BD89: start_thread (in /usr/lib/libpthread-2.18.so)
==7281== by 0x4E95CA0D: clone (in /usr/lib/libc-2.18.so)
==7449== 8 bytes in 1 blocks are possibly lost in loss record 422 of 6,591
==7449== at 0x7BC4C735: notify_alloc (heap.c:255)
==7449== by 0x7BC50F79: RtlAllocateHeap (heap.c:1716)
==7449== by 0x7B84586B: HeapAlloc (heap.c:271)
==7449== by 0x7B845B40: GlobalAlloc (heap.c:376)
==7449== by 0x53683E7: OLEClipbrd_Initialize (clipboard.c:1732)
==7449== by 0x53A1772: OleInitialize (ole2.c:215)
==7449== by 0x6AFF45B4: ???
==7449== by 0x69D19393: ???
==7449== by 0x6A74092C: ???
==7449== by 0x69C92A72: ???
==7449== by 0x6B06D8C2: ???
==7449== by 0x69F7C26F: ???
==7449== by 0x739DE34: init_nscontainer (nsiface.h:59567)
==7449== by 0x739E2D1: create_nscontainer (nsembed.c:2065)
==7449== by 0x731CB68: HTMLDocument_Create (htmldoc.c:4751)
==7449== by 0x7388C60: ClassFactory_CreateInstance (main.c:238)
==7449== by 0x5373E26: CoCreateInstance (unknwn.h:226)
==7449== by 0x6C94DB0: XMLView_create (xmlview.c:1444)
==7449== by 0x6C52320: ClassFactory_CreateInstance (factory.c:178)
==7449== by 0x5373E26: CoCreateInstance (unknwn.h:226)
==7449==
etc.
--
Do not reply to this email, post in Bugzilla using the
above URL to reply.
You are receiving this mail because:
You are watching all bug changes.
More information about the wine-bugs
mailing list