[Webkit-unassigned] [Bug 146729] [GTK] Syscall param sendmsg(msg.msg_iov[0]) points to uninitialised byte(s) in IPC::Connection::sendOutgoingMessage

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Sat Jul 30 16:00:17 PDT 2016 

https://bugs.webkit.org/show_bug.cgi?id=146729

--- Comment #3 from Michael Catanzaro <mcatanzaro at igalia.com> ---
Ran it with --track-origins=yes, looks like two different bugs maybe:

==722== Syscall param sendmsg(msg.msg_iov[0]) points to uninitialised byte(s)
==722==    at 0x17B7B2FD: ??? (in /usr/lib64/libpthread-2.23.so)
==722==    by 0xAD90515: IPC::Connection::sendOutgoingMessage(std::unique_ptr<IPC::MessageEncoder, std::default_delete<IPC::MessageEncoder> >) (ConnectionUnix.cpp:508)
==722==    by 0xA8DB34B: IPC::Connection::sendOutgoingMessages() (Connection.cpp:811)
==722==    by 0xA8D862D: IPC::Connection::sendMessage(std::unique_ptr<IPC::MessageEncoder, std::default_delete<IPC::MessageEncoder> >, unsigned int, bool)::{lambda()#1}::operator()() (Connection.cpp:378)
==722==    by 0xA8E094B: WTF::Function<void ()>::CallableWrapper<IPC::Connection::sendMessage(std::unique_ptr<IPC::MessageEncoder, std::default_delete<IPC::MessageEncoder> >, unsigned int, bool)::{lambda()#1}>::call() (Function.h:89)
==722==    by 0xA8AABF6: WTF::Function<void ()>::operator()() const (Function.h:50)
==722==    by 0x12C62243: WTF::WorkQueue::dispatch(WTF::Function<void ()>&&)::{lambda()#1}::operator()() const (WorkQueueGeneric.cpp:88)
==722==    by 0x12C6364F: WTF::Function<void ()>::CallableWrapper<WTF::WorkQueue::dispatch(WTF::Function<void ()>&&)::{lambda()#1}>::call() (Function.h:89)
==722==    by 0xA8AABF6: WTF::Function<void ()>::operator()() const (Function.h:50)
==722==    by 0x12C29A2D: WTF::RunLoop::performWork() (RunLoop.cpp:122)
==722==    by 0x12C64635: WTF::RunLoop::RunLoop()::{lambda(void*)#1}::operator()(void*) const (RunLoopGLib.cpp:66)
==722==    by 0x12C64659: WTF::RunLoop::RunLoop()::{lambda(void*)#1}::_FUN(void*) (RunLoopGLib.cpp:68)
==722==  Address 0x347ff5d1 is on thread 9's stack
==722==  in frame #1, created by IPC::Connection::sendOutgoingMessage(std::unique_ptr<IPC::MessageEncoder, std::default_delete<IPC::MessageEncoder> >) (ConnectionUnix.cpp:408)
==722==  Uninitialised value was created by a stack allocation
==722==    at 0xAD8FD5C: IPC::Connection::sendOutgoingMessage(std::unique_ptr<IPC::MessageEncoder, std::default_delete<IPC::MessageEncoder> >) (ConnectionUnix.cpp:408)
==722== 
==722== Syscall param sendmsg(msg.msg_iov[1]) points to uninitialised byte(s)
==722==    at 0x17B7B2FD: ??? (in /usr/lib64/libpthread-2.23.so)
==722==    by 0xAD90515: IPC::Connection::sendOutgoingMessage(std::unique_ptr<IPC::MessageEncoder, std::default_delete<IPC::MessageEncoder> >) (ConnectionUnix.cpp:508)
==722==    by 0xA8DB34B: IPC::Connection::sendOutgoingMessages() (Connection.cpp:811)
==722==    by 0xA8D862D: IPC::Connection::sendMessage(std::unique_ptr<IPC::MessageEncoder, std::default_delete<IPC::MessageEncoder> >, unsigned int, bool)::{lambda()#1}::operator()() (Connection.cpp:378)
==722==    by 0xA8E094B: WTF::Function<void ()>::CallableWrapper<IPC::Connection::sendMessage(std::unique_ptr<IPC::MessageEncoder, std::default_delete<IPC::MessageEncoder> >, unsigned int, bool)::{lambda()#1}>::call() (Function.h:89)
==722==    by 0xA8AABF6: WTF::Function<void ()>::operator()() const (Function.h:50)
==722==    by 0x12C62243: WTF::WorkQueue::dispatch(WTF::Function<void ()>&&)::{lambda()#1}::operator()() const (WorkQueueGeneric.cpp:88)
==722==    by 0x12C6364F: WTF::Function<void ()>::CallableWrapper<WTF::WorkQueue::dispatch(WTF::Function<void ()>&&)::{lambda()#1}>::call() (Function.h:89)
==722==    by 0xA8AABF6: WTF::Function<void ()>::operator()() const (Function.h:50)
==722==    by 0x12C29A2D: WTF::RunLoop::performWork() (RunLoop.cpp:122)
==722==    by 0x12C64635: WTF::RunLoop::RunLoop()::{lambda(void*)#1}::operator()(void*) const (RunLoopGLib.cpp:66)
==722==    by 0x12C64659: WTF::RunLoop::RunLoop()::{lambda(void*)#1}::_FUN(void*) (RunLoopGLib.cpp:68)
==722==  Address 0x273e109d is in a rw- anonymous segment
==722==  Uninitialised value was created by a stack allocation
==722==    at 0xAA50943: WebKit::WebProcessPool::ensureNetworkProcess() (WebProcessPool.cpp:338)

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.webkit.org/pipermail/webkit-unassigned/attachments/20160730/c8b26068/attachment.html>

More information about the webkit-unassigned mailing list