[Bug 43377] New: valgrind shows an invalid read in dlls/msxml3/tests/ domdoc.c
wine-bugs at winehq.org
wine-bugs at winehq.org
Tue Jul 18 15:53:54 CDT 2017
https://bugs.winehq.org/show_bug.cgi?id=43377
Bug ID: 43377
Summary: valgrind shows an invalid read in
dlls/msxml3/tests/domdoc.c
Product: Wine
Version: 2.12
Hardware: x86
OS: Linux
Status: NEW
Keywords: download, source, testcase, valgrind
Severity: normal
Priority: P2
Component: msxml3
Assignee: wine-bugs at winehq.org
Reporter: austinenglish at gmail.com
Distribution: Debian
../../../tools/runtest -q -P wine -T ../../.. -M msxml3.dll -p
msxml3_test.exe.so domdoc && touch domdoc.ok
==30037== Invalid free() / delete / delete[] / realloc()
==30037== at 0x7BC510DB: notify_free (heap.c:262)
==30037== by 0x7BC556AC: RtlFreeHeap (heap.c:1762)
==30037== by 0x5F97B28: heap_free (msxml_private.h:189)
==30037== by 0x5F9837F: free_properties (domdoc.c:360)
==30037== by 0x5F98CA3: xmldoc_release_refs (domdoc.c:624)
==30037== by 0x5F98CEA: xmldoc_release (domdoc.c:635)
==30037== by 0x5FC36D8: destroy_xmlnode (node.c:1481)
==30037== by 0x5F99C3C: domdoc_Release (domdoc.c:966)
==30037== by 0x4A525C0: IXMLDOMDocument2_Release (msxml2.h:4413)
==30037== by 0x4A525C0: test_get_ownerDocument (???:0)
==30037== by 0x4A76882: func_domdoc (domdoc.c:12609)
==30037== by 0x4AB1624: run_test (test.h:603)
==30037== by 0x4AB1A83: main (test.h:687)
==30037== Address 0x48e0820 is 18 bytes after a recently re-allocated block of
size 46 alloc'd
==30037== at 0x7BC51061: notify_alloc (heap.c:254)
==30037== by 0x7BC5554F: RtlAllocateHeap (heap.c:1716)
==30037== by 0x5608BD0: strdupW (freetype.c:1098)
==30037== by 0x560A0ED: load_face (freetype.c:1650)
==30037== by 0x560A862: load_font_list_from_cache (freetype.c:1778)
==30037== by 0x56132B5: WineEngInit (freetype.c:4402)
==30037== by 0x5622222: DllMain (gdiobj.c:677)
==30037== by 0x5641491: __wine_spec_dll_entry (dll_entry.c:40)
==30037== by 0x7BC57861: ??? (loader.c:150)
==30037== by 0x7BC5A291: MODULE_InitDLL (loader.c:1121)
==30037== by 0x7BC5A7E1: process_attach (loader.c:1222)
==30037== by 0x7BC5A728: process_attach (loader.c:1210)
==30037== by 0x7BC5A728: process_attach (loader.c:1210)
==30037== by 0x7BC5A728: process_attach (loader.c:1210)
==30037== by 0x7BC5A728: process_attach (loader.c:1210)
==30037== by 0x7BC5FB42: attach_process_dlls (loader.c:3011)
==30037== by 0x40413EC: ??? (port.c:78)
==30037==
==30037== Invalid free() / delete / delete[] / realloc()
==30037== at 0x7BC510DB: notify_free (heap.c:262)
==30037== by 0x7BC556AC: RtlFreeHeap (heap.c:1762)
==30037== by 0x5F97B28: heap_free (msxml_private.h:189)
==30037== by 0x5F9839F: free_properties (domdoc.c:362)
==30037== by 0x5F98CA3: xmldoc_release_refs (domdoc.c:624)
==30037== by 0x5F98CEA: xmldoc_release (domdoc.c:635)
==30037== by 0x5FC36D8: destroy_xmlnode (node.c:1481)
==30037== by 0x5F99C3C: domdoc_Release (domdoc.c:966)
==30037== by 0x4A525C0: IXMLDOMDocument2_Release (msxml2.h:4413)
==30037== by 0x4A525C0: test_get_ownerDocument (???:0)
==30037== by 0x4A76882: func_domdoc (domdoc.c:12609)
==30037== by 0x4AB1624: run_test (test.h:603)
==30037== by 0x4AB1A83: main (test.h:687)
==30037== Address 0x49065a0 is 4 bytes after a block of size 92 free'd
==30037== at 0x7BC510DB: notify_free (heap.c:262)
==30037== by 0x7BC556AC: RtlFreeHeap (heap.c:1762)
==30037== by 0x55FF13A: FONT_DeleteObject (font.c:814)
==30037== by 0x5622F04: DeleteObject (gdiobj.c:982)
==30037== by 0x532BDF5: get_text_metr_size (sysparams.c:482)
==30037== by 0x532C66E: normalize_nonclientmetrics (sysparams.c:653)
==30037== by 0x532F087: SystemParametersInfoW (sysparams.c:1610)
==30037== by 0x53321D2: GetSystemMetrics (sysparams.c:2459)
==30037== by 0x5331F4F: GetSystemMetrics (sysparams.c:2394)
==30037== by 0x53183B5: NC_AdjustRectOuter (nonclient.c:115)
==30037== by 0x53190E0: NC_HandleNCCalcSize (nonclient.c:414)
==30037== by 0x52CCDB6: DEFWND_DefWinProc (defwnd.c:262)
==30037== by 0x52CEB60: DefWindowProcW (defwnd.c:1023)
==30037== by 0x6DFA03C: notif_wnd_proc (bindprot.c:83)
==30037== by 0x53502FD: ??? (winproc.c:174)
==30037== by 0x535044C: call_window_proc (winproc.c:245)
==30037== by 0x5352800: WINPROC_call_window (winproc.c:901)
==30037== by 0x530DC60: call_window_proc (message.c:2224)
==30037== by 0x5310C82: send_message (message.c:3269)
==30037== by 0x5311413: SendMessageW (message.c:3469)
==30037== Block was alloc'd at
==30037== at 0x7BC51061: notify_alloc (heap.c:254)
==30037== by 0x7BC5554F: RtlAllocateHeap (heap.c:1716)
==30037== by 0x55FE62B: CreateFontIndirectExW (font.c:509)
==30037== by 0x55FE908: CreateFontIndirectW (font.c:559)
==30037== by 0x532BD42: get_text_metr_size (sysparams.c:470)
==30037== by 0x532C66E: normalize_nonclientmetrics (sysparams.c:653)
==30037== by 0x532F087: SystemParametersInfoW (sysparams.c:1610)
==30037== by 0x53321D2: GetSystemMetrics (sysparams.c:2459)
==30037== by 0x5331F4F: GetSystemMetrics (sysparams.c:2394)
==30037== by 0x53183B5: NC_AdjustRectOuter (nonclient.c:115)
==30037== by 0x53190E0: NC_HandleNCCalcSize (nonclient.c:414)
==30037== by 0x52CCDB6: DEFWND_DefWinProc (defwnd.c:262)
==30037== by 0x52CEB60: DefWindowProcW (defwnd.c:1023)
==30037== by 0x6DFA03C: notif_wnd_proc (bindprot.c:83)
==30037== by 0x53502FD: ??? (winproc.c:174)
==30037== by 0x535044C: call_window_proc (winproc.c:245)
==30037== by 0x5352800: WINPROC_call_window (winproc.c:901)
==30037== by 0x530DC60: call_window_proc (message.c:2224)
==30037== by 0x5310C82: send_message (message.c:3269)
==30037== by 0x5311413: SendMessageW (message.c:3469)
==30037==
--
Do not reply to this email, post in Bugzilla using the
above URL to reply.
You are receiving this mail because:
You are watching all bug changes.
More information about the wine-bugs
mailing list