https://bugs.winehq.org/show_bug.cgi?id=38727
Bug ID: 38727 Summary: valgrind shows several invalid reads in shell32/tests/shelldispatch.c Product: Wine Version: 1.7.44 Hardware: x86 OS: Linux Status: NEW Keywords: download, source, testcase, valgrind Severity: normal Priority: P2 Component: shell32 Assignee: wine-bugs@winehq.org Reporter: austinenglish@gmail.com Distribution: Debian
../../../tools/runtest -q -P wine -T ../../.. -M shell32.dll -p shell32_test.exe.so shelldispatch && touch shelldispatch.ok ==3421== Invalid read of size 2 ==3421== at 0x49934E6: ILFindLastID (pidl.c:201) ==3421== by 0x4998225: _ILGetExtension (pidl.c:2369) ==3421== by 0x49C3BA0: SHELL32_CreateExtensionUIObject (shfldr_fs.c:566) ==3421== by 0x49CEDA4: ShellFolder2_GetUIObjectOf (shfldr_unixfs.c:1182) ==3421== by 0x49A02E0: IShellFolder_GetUIObjectOf (shobjidl.h:1417) ==3421== by 0x49A02E0: FolderItemVerbs_Constructor (???:0) ==3421== by 0x49A13BC: FolderItemImpl_Verbs (shelldispatch.c:860) ==3421== by 0x47B3840: FolderItem_Verbs (shldisp.h:2062) ==3421== by 0x47B3840: test_Verbs (???:0) ==3421== by 0x47B3D18: func_shelldispatch (shelldispatch.c:846) ==3421== by 0x47FC676: run_test (test.h:584) ==3421== by 0x47FCABE: main (test.h:666) ==3421== Address 0x4668d98 is 16 bytes inside a block of size 22 free'd ==3421== at 0x7BC4AA49: notify_free (heap.c:262) ==3421== by 0x7BC4EDC8: RtlFreeHeap (heap.c:1761) ==3421== by 0x7BC591CA: get_load_order (loadorder.c:489) ==3421== by 0x7BC5586B: load_dll (loader.c:2073) ==3421== by 0x7BC51814: import_dll (loader.c:588) ==3421== by 0x7BC526A1: fixup_imports (loader.c:892) ==3421== by 0x7BC579A1: LdrInitializeThunk (loader.c:2914) ==3421== by 0x7B860CB1: __wine_kernel_init (process.c:1276) ==3421== by 0x7BC581A3: __wine_process_init (loader.c:3131) ==3421== by 0x401784D: wine_init (loader.c:958) ==3421== by 0x7BF0114D: main (main.c:247) ==3421==
==3421== Invalid read of size 2 ==3421== at 0x4997173: _ILIsDesktop (pidl.c:1816) ==3421== by 0x4992DCE: _ILIsEmpty (pidl.h:220) ==3421== by 0x4997BBD: _ILGetDataPointer (pidl.c:2066) ==3421== by 0x499743B: _ILIsValue (pidl.c:1864) ==3421== by 0x4998236: _ILGetExtension (pidl.c:2371) ==3421== by 0x49C3BA0: SHELL32_CreateExtensionUIObject (shfldr_fs.c:566) ==3421== by 0x49CEDA4: ShellFolder2_GetUIObjectOf (shfldr_unixfs.c:1182) ==3421== by 0x49A02E0: IShellFolder_GetUIObjectOf (shobjidl.h:1417) ==3421== by 0x49A02E0: FolderItemVerbs_Constructor (???:0) ==3421== by 0x49A13BC: FolderItemImpl_Verbs (shelldispatch.c:860) ==3421== by 0x47B3840: FolderItem_Verbs (shldisp.h:2062) ==3421== by 0x47B3840: test_Verbs (???:0) ==3421== by 0x47B3D18: func_shelldispatch (shelldispatch.c:846) ==3421== by 0x47FC676: run_test (test.h:584) ==3421== by 0x47FCABE: main (test.h:666) ==3421== Address 0x4668d98 is 16 bytes inside a block of size 22 free'd ==3421== at 0x7BC4AA49: notify_free (heap.c:262) ==3421== by 0x7BC4EDC8: RtlFreeHeap (heap.c:1761) ==3421== by 0x7BC591CA: get_load_order (loadorder.c:489) ==3421== by 0x7BC5586B: load_dll (loader.c:2073) ==3421== by 0x7BC51814: import_dll (loader.c:588) ==3421== by 0x7BC526A1: fixup_imports (loader.c:892) ==3421== by 0x7BC579A1: LdrInitializeThunk (loader.c:2914) ==3421== by 0x7B860CB1: __wine_kernel_init (process.c:1276) ==3421== by 0x7BC581A3: __wine_process_init (loader.c:3131) ==3421== by 0x401784D: wine_init (loader.c:958) ==3421== by 0x7BF0114D: main (main.c:247) ==3421==
==3421== Invalid read of size 1 ==3421== at 0x4997496: _ILIsValue (pidl.c:1868) ==3421== by 0x4998236: _ILGetExtension (pidl.c:2371) ==3421== by 0x49C3BA0: SHELL32_CreateExtensionUIObject (shfldr_fs.c:566) ==3421== by 0x49CEDA4: ShellFolder2_GetUIObjectOf (shfldr_unixfs.c:1182) ==3421== by 0x49A02E0: IShellFolder_GetUIObjectOf (shobjidl.h:1417) ==3421== by 0x49A02E0: FolderItemVerbs_Constructor (???:0) ==3421== by 0x49A13BC: FolderItemImpl_Verbs (shelldispatch.c:860) ==3421== by 0x47B3840: FolderItem_Verbs (shldisp.h:2062) ==3421== by 0x47B3840: test_Verbs (???:0) ==3421== by 0x47B3D18: func_shelldispatch (shelldispatch.c:846) ==3421== by 0x47FC676: run_test (test.h:584) ==3421== by 0x47FCABE: main (test.h:666) ==3421== Address 0x4668d9a is 18 bytes inside a block of size 22 free'd ==3421== at 0x7BC4AA49: notify_free (heap.c:262) ==3421== by 0x7BC4EDC8: RtlFreeHeap (heap.c:1761) ==3421== by 0x7BC591CA: get_load_order (loadorder.c:489) ==3421== by 0x7BC5586B: load_dll (loader.c:2073) ==3421== by 0x7BC51814: import_dll (loader.c:588) ==3421== by 0x7BC526A1: fixup_imports (loader.c:892) ==3421== by 0x7BC579A1: LdrInitializeThunk (loader.c:2914) ==3421== by 0x7B860CB1: __wine_kernel_init (process.c:1276) ==3421== by 0x7BC581A3: __wine_process_init (loader.c:3131) ==3421== by 0x401784D: wine_init (loader.c:958) ==3421== by 0x7BF0114D: main (main.c:247) ==3421==
==3421== Invalid read of size 2 ==3421== at 0x4994890: ILGetSize (pidl.c:790) ==3421== by 0x49935D4: ILClone (pidl.c:239) ==3421== by 0x49985BA: _ILCopyaPidl (pidl.c:2511) ==3421== by 0x49EF174: ItemMenu_Constructor (shlview_cmenu.c:630) ==3421== by 0x49CEDF0: ShellFolder2_GetUIObjectOf (shfldr_unixfs.c:1188) ==3421== by 0x49A02E0: IShellFolder_GetUIObjectOf (shobjidl.h:1417) ==3421== by 0x49A02E0: FolderItemVerbs_Constructor (???:0) ==3421== by 0x49A13BC: FolderItemImpl_Verbs (shelldispatch.c:860) ==3421== by 0x47B3840: FolderItem_Verbs (shldisp.h:2062) ==3421== by 0x47B3840: test_Verbs (???:0) ==3421== by 0x47B3D18: func_shelldispatch (shelldispatch.c:846) ==3421== by 0x47FC676: run_test (test.h:584) ==3421== by 0x47FCABE: main (test.h:666) ==3421== Address 0x4668d98 is 16 bytes inside a block of size 22 free'd ==3421== at 0x7BC4AA49: notify_free (heap.c:262) ==3421== by 0x7BC4EDC8: RtlFreeHeap (heap.c:1761) ==3421== by 0x7BC591CA: get_load_order (loadorder.c:489) ==3421== by 0x7BC5586B: load_dll (loader.c:2073) ==3421== by 0x7BC51814: import_dll (loader.c:588) ==3421== by 0x7BC526A1: fixup_imports (loader.c:892) ==3421== by 0x7BC579A1: LdrInitializeThunk (loader.c:2914) ==3421== by 0x7B860CB1: __wine_kernel_init (process.c:1276) ==3421== by 0x7BC581A3: __wine_process_init (loader.c:3131) ==3421== by 0x401784D: wine_init (loader.c:958) ==3421== by 0x7BF0114D: main (main.c:247) ==3421==
https://bugs.winehq.org/show_bug.cgi?id=38727
Nikolay Sivov bunglehead@gmail.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Assignee|wine-bugs@winehq.org |bunglehead@gmail.com
https://bugs.winehq.org/show_bug.cgi?id=38727
Nikolay Sivov bunglehead@gmail.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Assignee|bunglehead@gmail.com |wine-bugs@winehq.org
https://bugs.winehq.org/show_bug.cgi?id=38727
--- Comment #1 from Austin English austinenglish@gmail.com --- Another: ==368== Thread 1 shell32_test.exe.so: ==368== Invalid read of size 1 ==368== at 0x4C07B06: _ILIsValue (pidl.c:1880) ==368== by 0x4C6CC5A: ItemMenu_Constructor (shlview_cmenu.c:637) ==368== by 0x4C487B3: ShellFolder2_GetUIObjectOf (shfldr_unixfs.c:1191) ==368== by 0x4C11927: IShellFolder_GetUIObjectOf (shobjidl.h:1617) ==368== by 0x4C11927: FolderItemVerbs_Constructor (???:0) ==368== by 0x4C12AC5: FolderItemImpl_Verbs (shelldispatch.c:871) ==368== by 0x4A33216: FolderItem_Verbs (shldisp.h:1959) ==368== by 0x4A33216: test_Verbs (???:0) ==368== by 0x4A33B6E: func_shelldispatch (shelldispatch.c:1084) ==368== by 0x4A882A0: run_test (test.h:603) ==368== by 0x4A886FF: main (test.h:687) ==368== Address 0x48f2c9a is 386 bytes inside a block of size 512 free'd ==368== at 0x7BC510DB: notify_free (heap.c:262) ==368== by 0x7BC556AC: RtlFreeHeap (heap.c:1762) ==368== by 0x5160E88: FindWindowExW (win.c:1982) ==368== by 0x5161103: FindWindowW (win.c:2036) ==368== by 0x6114A76: query_desktop_work_area (xinerama.c:94) ==368== by 0x61151E2: xinerama_init (xinerama.c:216) ==368== by 0x60D4CE8: X11DRV_init_desktop (desktop.c:123) ==368== by 0x610785D: X11DRV_CreateDesktopWindow (window.c:1740) ==368== by 0x50F49C9: loaderdrv_CreateDesktopWindow (driver.c:688) ==368== by 0x5161676: GetDesktopWindow (win.c:2126) ==368== by 0x50CE770: RegisterClassExW (class.c:623) ==368== by 0x50CE349: RegisterClassW (class.c:554) ==368== by 0x55A0BD7: register_class (compobj.c:1670) ==368== by 0x7BC986C3: RtlRunOnceExecuteOnce (sync.c:1541) ==368== by 0x7B4840A6: InitOnceExecuteOnce (sync.c:2363) ==368== by 0x55A0C47: apartment_createwindowifneeded (compobj.c:1687) ==368== by 0x559E3B9: apartment_get_or_create (compobj.c:678) ==368== by 0x55A1382: CoInitializeEx (compobj.c:1911) ==368== by 0x55A11DB: CoInitialize (compobj.c:1843) ==368== by 0x4A33B02: func_shelldispatch (shelldispatch.c:1072) ==368== Block was alloc'd at ==368== at 0x7BC51061: notify_alloc (heap.c:254) ==368== by 0x7BC5554F: RtlAllocateHeap (heap.c:1716) ==368== by 0x515B934: list_window_children (win.c:319) ==368== by 0x5160D6B: FindWindowExW (win.c:1954) ==368== by 0x5161103: FindWindowW (win.c:2036) ==368== by 0x6114A76: query_desktop_work_area (xinerama.c:94) ==368== by 0x61151E2: xinerama_init (xinerama.c:216) ==368== by 0x60D4CE8: X11DRV_init_desktop (desktop.c:123) ==368== by 0x610785D: X11DRV_CreateDesktopWindow (window.c:1740) ==368== by 0x50F49C9: loaderdrv_CreateDesktopWindow (driver.c:688) ==368== by 0x5161676: GetDesktopWindow (win.c:2126) ==368== by 0x50CE770: RegisterClassExW (class.c:623) ==368== by 0x50CE349: RegisterClassW (class.c:554) ==368== by 0x55A0BD7: register_class (compobj.c:1670) ==368== by 0x7BC986C3: RtlRunOnceExecuteOnce (sync.c:1541) ==368== by 0x7B4840A6: InitOnceExecuteOnce (sync.c:2363) ==368== by 0x55A0C47: apartment_createwindowifneeded (compobj.c:1687) ==368== by 0x559E3B9: apartment_get_or_create (compobj.c:678) ==368== by 0x55A1382: CoInitializeEx (compobj.c:1911) ==368== by 0x55A11DB: CoInitialize (compobj.c:1843) ==368==
-
wine-bugs@winehq.org