[Webkit-unassigned] [Bug 146729] Syscall param sendmsg(msg.msg_iov[0]) points to uninitialised byte(s) in IPC::Connection::sendOutgoingMessage
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Wed Mar 18 18:09:13 PDT 2020
https://bugs.webkit.org/show_bug.cgi?id=146729
--- Comment #8 from Michael Catanzaro <mcatanzaro at gnome.org> ---
Let's try to fix this one *before* we hit the five-year mark... it is fast approaching!
Modern version looks like this:
==449866== Syscall param sendmsg(msg.msg_iov[0]) points to uninitialised byte(s)
==449866== at 0x57FDBED: __libc_sendmsg (sendmsg.c:28)
==449866== by 0x57FDBED: sendmsg (sendmsg.c:25)
==449866== by 0x6806CEC: IPC::Connection::sendOutputMessage(IPC::UnixMessage&) (ConnectionUnix.cpp:486)
==449866== by 0x68075CC: IPC::Connection::sendOutgoingMessage(std::unique_ptr<IPC::Encoder, std::default_delete<IPC::Encoder> >) (ConnectionUnix.cpp:404)
==449866== by 0x67F1ECD: sendOutgoingMessages (Connection.cpp:899)
==449866== by 0x67F1ECD: IPC::Connection::sendOutgoingMessages() (Connection.cpp:884)
==449866== by 0xA521B88: operator() (Function.h:84)
==449866== by 0xA521B88: WTF::RunLoop::performWork() (RunLoop.cpp:119)
==449866== by 0xA56CCF8: operator() (RunLoopGLib.cpp:68)
==449866== by 0xA56CCF8: WTF::RunLoop::RunLoop()::{lambda(void*)#1}::_FUN(void*) (RunLoopGLib.cpp:70)
==449866== by 0x545851F: g_main_dispatch (gmain.c:3216)
==449866== by 0x545851F: g_main_context_dispatch (gmain.c:3881)
==449866== by 0x54588AF: g_main_context_iterate.isra.0 (gmain.c:3954)
==449866== by 0x5458BA2: g_main_loop_run (gmain.c:4148)
==449866== by 0xA56D71F: WTF::RunLoop::run() (RunLoopGLib.cpp:96)
==449866== by 0xA522FA3: operator() (Function.h:84)
==449866== by 0xA522FA3: WTF::Thread::entryPoint(WTF::Thread::NewThreadContext*) (Threading.cpp:168)
==449866== by 0xA56EAF8: WTF::wtfThreadEntryPoint(void*) (ThreadingPOSIX.cpp:200)
==449866== Address 0x41ed8731 is on thread 53's stack
==449866== in frame #2, created by IPC::Connection::sendOutgoingMessage(std::unique_ptr<IPC::Encoder, std::default_delete<IPC::Encoder> >) (ConnectionUnix.cpp:378)
==449866== Uninitialised value was created by a stack allocation
==449866== at 0x6807550: IPC::Connection::sendOutgoingMessage(std::unique_ptr<IPC::Encoder, std::default_delete<IPC::Encoder> >) (ConnectionUnix.cpp:378)
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20200319/ece465da/attachment.htm>
More information about the webkit-unassigned
mailing list