[Webkit-unassigned] [Bug 242517] New: WebCore::Document::createDOMWindow() Conditional jump or move depends on uninitialised value(s)
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Fri Jul 8 09:32:00 PDT 2022
https://bugs.webkit.org/show_bug.cgi?id=242517
Bug ID: 242517
Summary: WebCore::Document::createDOMWindow() Conditional jump
or move depends on uninitialised value(s)
Product: WebKit
Version: WebKit Nightly Build
Hardware: PC
OS: Linux
Status: NEW
Severity: Normal
Priority: P2
Component: WebCore Misc.
Assignee: webkit-unassigned at lists.webkit.org
Reporter: james.hilliard1 at gmail.com
I'm seeing this get flagged by valgrind
==137== Conditional jump or move depends on uninitialised value(s)
==137== at 0x144770C4: WebCore::operator==(WebCore::GlobalWindowIdentifier const&, WebCore::GlobalWindowIdentifier const&) (GlobalWindowIdentifier.h:49)
==137== by 0x1447715D: WTF::GlobalWindowIdentifierHash::equal(WebCore::GlobalWindowIdentifier const&, WebCore::GlobalWindowIdentifier const&) (GlobalWindowIdentifier.h:85)
==137== by 0x1447ACBA: bool WTF::HashMapTranslator<WTF::HashMap<WebCore::GlobalWindowIdentifier, WebCore::AbstractDOMWindow*, WTF::DefaultHash<WebCore::GlobalWindowIdentifier>, WTF::HashTraits<WebCore::GlobalWindowIdentifier>, WTF::HashTraits<WebCore::AbstractDOMWindow*>, WTF::HashTableTraits>::KeyValuePairTraits, WTF::DefaultHash<WebCore::GlobalWindowIdentifier> >::equal<WebCore::GlobalWindowIdentifier, WebCore::GlobalWindowIdentifier>(WebCore::GlobalWindowIdentifier const&, WebCore::GlobalWindowIdentifier const&) (HashMap.h:229)
==137== by 0x1447AAEB: void WTF::HashTable<WebCore::GlobalWindowIdentifier, WTF::KeyValuePair<WebCore::GlobalWindowIdentifier, WebCore::AbstractDOMWindow*>, WTF::KeyValuePairKeyExtractor<WTF::KeyValuePair<WebCore::GlobalWindowIdentifier, WebCore::AbstractDOMWindow*> >, WTF::DefaultHash<WebCore::GlobalWindowIdentifier>, WTF::HashMap<WebCore::GlobalWindowIdentifier, WebCore::AbstractDOMWindow*, WTF::DefaultHash<WebCore::GlobalWindowIdentifier>, WTF::HashTraits<WebCore::GlobalWindowIdentifier>, WTF::HashTraits<WebCore::AbstractDOMWindow*>, WTF::HashTableTraits>::KeyValuePairTraits, WTF::HashTraits<WebCore::GlobalWindowIdentifier> >::checkKey<WTF::HashMapTranslator<WTF::HashMap<WebCore::GlobalWindowIdentifier, WebCore::AbstractDOMWindow*, WTF::DefaultHash<WebCore::GlobalWindowIdentifier>, WTF::HashTraits<WebCore::GlobalWindowIdentifier>, WTF::HashTraits<WebCore::AbstractDOMWindow*>, WTF::HashTableTraits>::KeyValuePairTraits, WTF::DefaultHash<WebCore::GlobalWindowIdentifier> >, WebCore::GlobalWindowIdentifier>(WebCore::GlobalWindowIdentifier const&) (HashTable.h:664)
==137== by 0x14479888: WTF::HashTableAddResult<WTF::HashTableIterator<WTF::HashTable<WebCore::GlobalWindowIdentifier, WTF::KeyValuePair<WebCore::GlobalWindowIdentifier, WebCore::AbstractDOMWindow*>, WTF::KeyValuePairKeyExtractor<WTF::KeyValuePair<WebCore::GlobalWindowIdentifier, WebCore::AbstractDOMWindow*> >, WTF::DefaultHash<WebCore::GlobalWindowIdentifier>, WTF::HashMap<WebCore::GlobalWindowIdentifier, WebCore::AbstractDOMWindow*, WTF::DefaultHash<WebCore::GlobalWindowIdentifier>, WTF::HashTraits<WebCore::GlobalWindowIdentifier>, WTF::HashTraits<WebCore::AbstractDOMWindow*>, WTF::HashTableTraits>::KeyValuePairTraits, WTF::HashTraits<WebCore::GlobalWindowIdentifier> >, WebCore::GlobalWindowIdentifier, WTF::KeyValuePair<WebCore::GlobalWindowIdentifier, WebCore::AbstractDOMWindow*>, WTF::KeyValuePairKeyExtractor<WTF::KeyValuePair<WebCore::GlobalWindowIdentifier, WebCore::AbstractDOMWindow*> >, WTF::DefaultHash<WebCore::GlobalWindowIdentifier>, WTF::HashMap<WebCore::GlobalWindowIdentifier, WebCore::AbstractDOMWindow*, WTF::DefaultHash<WebCore::GlobalWindowIdentifier>, WTF::HashTraits<WebCore::GlobalWindowIdentifier>, WTF::HashTraits<WebCore::AbstractDOMWindow*>, WTF::HashTableTraits>::KeyValuePairTraits, WTF::HashTraits<WebCore::GlobalWindowIdentifier> > > WTF::HashTable<WebCore::GlobalWindowIdentifier, WTF::KeyValuePair<WebCore::GlobalWindowIdentifier, WebCore::AbstractDOMWindow*>, WTF::KeyValuePairKeyExtractor<WTF::KeyValuePair<WebCore::GlobalWindowIdentifier, WebCore::AbstractDOMWindow*> >, WTF::DefaultHash<WebCore::GlobalWindowIdentifier>, WTF::HashMap<WebCore::GlobalWindowIdentifier, WebCore::AbstractDOMWindow*, WTF::DefaultHash<WebCore::GlobalWindowIdentifier>, WTF::HashTraits<WebCore::GlobalWindowIdentifier>, WTF::HashTraits<WebCore::AbstractDOMWindow*>, WTF::HashTableTraits>::KeyValuePairTraits, WTF::HashTraits<WebCore::GlobalWindowIdentifier> >::add<WTF::HashMapTranslator<WTF::HashMap<WebCore::GlobalWindowIdentifier, WebCore::AbstractDOMWindow*, WTF::DefaultHash<WebCore::GlobalWindowIdentifier>, WTF::HashTraits<WebCore::GlobalWindowIdentifier>, WTF::HashTraits<WebCore::AbstractDOMWindow*>, WTF::HashTableTraits>::KeyValuePairTraits, WTF::DefaultHash<WebCore::GlobalWindowIdentifier> >, WebCore::GlobalWindowIdentifier const&, WebCore::AbstractDOMWindow*>(WebCore::GlobalWindowIdentifier const&, WebCore::AbstractDOMWindow*&&) (HashTable.h:932)
==137== by 0x1447895D: WTF::HashTableAddResult<WTF::HashTableIterator<WTF::HashTable<WebCore::GlobalWindowIdentifier, WTF::KeyValuePair<WebCore::GlobalWindowIdentifier, WebCore::AbstractDOMWindow*>, WTF::KeyValuePairKeyExtractor<WTF::KeyValuePair<WebCore::GlobalWindowIdentifier, WebCore::AbstractDOMWindow*> >, WTF::DefaultHash<WebCore::GlobalWindowIdentifier>, WTF::HashMap<WebCore::GlobalWindowIdentifier, WebCore::AbstractDOMWindow*, WTF::DefaultHash<WebCore::GlobalWindowIdentifier>, WTF::HashTraits<WebCore::GlobalWindowIdentifier>, WTF::HashTraits<WebCore::AbstractDOMWindow*>, WTF::HashTableTraits>::KeyValuePairTraits, WTF::HashTraits<WebCore::GlobalWindowIdentifier> >, WebCore::GlobalWindowIdentifier, WTF::KeyValuePair<WebCore::GlobalWindowIdentifier, WebCore::AbstractDOMWindow*>, WTF::KeyValuePairKeyExtractor<WTF::KeyValuePair<WebCore::GlobalWindowIdentifier, WebCore::AbstractDOMWindow*> >, WTF::DefaultHash<WebCore::GlobalWindowIdentifier>, WTF::HashMap<WebCore::GlobalWindowIdentifier, WebCore::AbstractDOMWindow*, WTF::DefaultHash<WebCore::GlobalWindowIdentifier>, WTF::HashTraits<WebCore::GlobalWindowIdentifier>, WTF::HashTraits<WebCore::AbstractDOMWindow*>, WTF::HashTableTraits>::KeyValuePairTraits, WTF::HashTraits<WebCore::GlobalWindowIdentifier> > > WTF::HashMap<WebCore::GlobalWindowIdentifier, WebCore::AbstractDOMWindow*, WTF::DefaultHash<WebCore::GlobalWindowIdentifier>, WTF::HashTraits<WebCore::GlobalWindowIdentifier>, WTF::HashTraits<WebCore::AbstractDOMWindow*>, WTF::HashTableTraits>::inlineAdd<WebCore::GlobalWindowIdentifier const&, WebCore::AbstractDOMWindow*>(WebCore::GlobalWindowIdentifier const&, WebCore::AbstractDOMWindow*&&) (HashMap.h:382)
==137== by 0x1447795B: WTF::HashTableAddResult<WTF::HashTableIterator<WTF::HashTable<WebCore::GlobalWindowIdentifier, WTF::KeyValuePair<WebCore::GlobalWindowIdentifier, WebCore::AbstractDOMWindow*>, WTF::KeyValuePairKeyExtractor<WTF::KeyValuePair<WebCore::GlobalWindowIdentifier, WebCore::AbstractDOMWindow*> >, WTF::DefaultHash<WebCore::GlobalWindowIdentifier>, WTF::HashMap<WebCore::GlobalWindowIdentifier, WebCore::AbstractDOMWindow*, WTF::DefaultHash<WebCore::GlobalWindowIdentifier>, WTF::HashTraits<WebCore::GlobalWindowIdentifier>, WTF::HashTraits<WebCore::AbstractDOMWindow*>, WTF::HashTableTraits>::KeyValuePairTraits, WTF::HashTraits<WebCore::GlobalWindowIdentifier> >, WebCore::GlobalWindowIdentifier, WTF::KeyValuePair<WebCore::GlobalWindowIdentifier, WebCore::AbstractDOMWindow*>, WTF::KeyValuePairKeyExtractor<WTF::KeyValuePair<WebCore::GlobalWindowIdentifier, WebCore::AbstractDOMWindow*> >, WTF::DefaultHash<WebCore::GlobalWindowIdentifier>, WTF::HashMap<WebCore::GlobalWindowIdentifier, WebCore::AbstractDOMWindow*, WTF::DefaultHash<WebCore::GlobalWindowIdentifier>, WTF::HashTraits<WebCore::GlobalWindowIdentifier>, WTF::HashTraits<WebCore::AbstractDOMWindow*>, WTF::HashTableTraits>::KeyValuePairTraits, WTF::HashTraits<WebCore::GlobalWindowIdentifier> > > WTF::HashMap<WebCore::GlobalWindowIdentifier, WebCore::AbstractDOMWindow*, WTF::DefaultHash<WebCore::GlobalWindowIdentifier>, WTF::HashTraits<WebCore::GlobalWindowIdentifier>, WTF::HashTraits<WebCore::AbstractDOMWindow*>, WTF::HashTableTraits>::add<WebCore::AbstractDOMWindow*>(WebCore::GlobalWindowIdentifier const&, WebCore::AbstractDOMWindow*&&) (HashMap.h:417)
==137== by 0x144705B3: WebCore::AbstractDOMWindow::AbstractDOMWindow(WebCore::GlobalWindowIdentifier&&) (AbstractDOMWindow.cpp:48)
==137== by 0x1448AA3C: WebCore::DOMWindow::DOMWindow(WebCore::Document&) (DOMWindow.cpp:405)
==137== by 0x1392F767: WebCore::DOMWindow::create(WebCore::Document&) (DOMWindow.h:124)
==137== by 0x139026F1: WebCore::Document::createDOMWindow() (Document.cpp:5119)
==137== by 0x142DD1B7: WebCore::DocumentWriter::begin(WTF::URL const&, bool, WebCore::Document*, WebCore::ProcessQualified<WTF::UUID>)::{lambda()#1}::operator()() const (DocumentWriter.cpp:165)
==137== by 0x142E61DB: WTF::Detail::CallableWrapper<WebCore::DocumentWriter::begin(WTF::URL const&, bool, WebCore::Document*, WebCore::ProcessQualified<WTF::UUID>)::{lambda()#1}, void>::call() (Function.h:53)
==137== by 0xD9D5E94: WTF::Function<void ()>::operator()() const (Function.h:82)
==137== by 0x1431A333: WebCore::FrameLoader::clear(WTF::RefPtr<WebCore::Document, WTF::RawPtrTraits<WebCore::Document>, WTF::DefaultRefDerefTraits<WebCore::Document> >&&, bool, bool, bool, WTF::Function<void ()>&&) (FrameLoader.cpp:646)
==137== by 0x142DD5B1: WebCore::DocumentWriter::begin(WTF::URL const&, bool, WebCore::Document*, WebCore::ProcessQualified<WTF::UUID>) (DocumentWriter.cpp:168)
==137== by 0x142D05BB: WebCore::DocumentLoader::commitData(WebCore::SharedBuffer const&) (DocumentLoader.cpp:1235)
==137== by 0x142CAE8C: WebCore::DocumentLoader::finishedLoading() (DocumentLoader.cpp:493)
==137== by 0x142D44AA: WebCore::DocumentLoader::maybeLoadEmpty() (DocumentLoader.cpp:2038)
==137== by 0x142D4D93: WebCore::DocumentLoader::startLoadingMainResource() (DocumentLoader.cpp:2065)
==137== by 0x143188E2: WebCore::FrameLoader::init() (FrameLoader.cpp:351)
==137== by 0x144DB8BF: WebCore::Frame::init() (Frame.cpp:192)
==137== by 0xEFD71C5: WebKit::WebFrame::initWithCoreMainFrame(WebKit::WebPage&, WebCore::Frame&) (WebFrame.cpp:115)
==137== by 0xEF7CECD: WebKit::WebPage::WebPage(WTF::ObjectIdentifier<WebCore::PageIdentifierType>, WebKit::WebPageCreationParameters&&) (WebPage.cpp:721)
==137== by 0xEF7B307: WebKit::WebPage::create(WTF::ObjectIdentifier<WebCore::PageIdentifierType>, WebKit::WebPageCreationParameters&&) (WebPage.cpp:461)
==137== by 0xECA85C2: WebKit::WebProcess::createWebPage(WTF::ObjectIdentifier<WebCore::PageIdentifierType>, WebKit::WebPageCreationParameters&&) (WebProcess.cpp:837)
==137== by 0xDEB4991: void IPC::callMemberFunctionImpl<WebKit::WebProcess, void (WebKit::WebProcess::*)(WTF::ObjectIdentifier<WebCore::PageIdentifierType>, WebKit::WebPageCreationParameters&&), std::tuple<WTF::ObjectIdentifier<WebCore::PageIdentifierType>, WebKit::WebPageCreationParameters>, 0ul, 1ul>(WebKit::WebProcess*, void (WebKit::WebProcess::*)(WTF::ObjectIdentifier<WebCore::PageIdentifierType>, WebKit::WebPageCreationParameters&&), std::tuple<WTF::ObjectIdentifier<WebCore::PageIdentifierType>, WebKit::WebPageCreationParameters>&&, std::integer_sequence<unsigned long, 0ul, 1ul>) (HandleMessage.h:131)
==137== by 0xDEB1B6F: void IPC::callMemberFunction<WebKit::WebProcess, void (WebKit::WebProcess::*)(WTF::ObjectIdentifier<WebCore::PageIdentifierType>, WebKit::WebPageCreationParameters&&), std::tuple<WTF::ObjectIdentifier<WebCore::PageIdentifierType>, WebKit::WebPageCreationParameters>, std::integer_sequence<unsigned long, 0ul, 1ul> >(std::tuple<WTF::ObjectIdentifier<WebCore::PageIdentifierType>, WebKit::WebPageCreationParameters>&&, WebKit::WebProcess*, void (WebKit::WebProcess::*)(WTF::ObjectIdentifier<WebCore::PageIdentifierType>, WebKit::WebPageCreationParameters&&)) (HandleMessage.h:137)
==137== by 0xDEACC26: void IPC::handleMessage<Messages::WebProcess::CreateWebPage, WebKit::WebProcess, void (WebKit::WebProcess::*)(WTF::ObjectIdentifier<WebCore::PageIdentifierType>, WebKit::WebPageCreationParameters&&)>(IPC::Connection&, IPC::Decoder&, WebKit::WebProcess*, void (WebKit::WebProcess::*)(WTF::ObjectIdentifier<WebCore::PageIdentifierType>, WebKit::WebPageCreationParameters&&)) (HandleMessage.h:259)
==137== by 0xDEAA311: WebKit::WebProcess::didReceiveWebProcessMessage(IPC::Connection&, IPC::Decoder&) (WebProcessMessageReceiver.cpp:280)
==137== by 0xECA8AA3: WebKit::WebProcess::didReceiveMessage(IPC::Connection&, IPC::Decoder&) (WebProcess.cpp:916)
==137== by 0xE58AFE3: IPC::Connection::dispatchMessage(IPC::Decoder&) (Connection.cpp:1108)
==137== by 0xE58B27A: IPC::Connection::dispatchMessage(std::unique_ptr<IPC::Decoder, std::default_delete<IPC::Decoder> >) (Connection.cpp:1153)
==137== by 0xE58B821: IPC::Connection::dispatchOneIncomingMessage() (Connection.cpp:1222)
==137== by 0xE58ACF3: IPC::Connection::enqueueIncomingMessage(std::unique_ptr<IPC::Decoder, std::default_delete<IPC::Decoder> >)::{lambda()#1}::operator()() (Connection.cpp:1072)
==137== by 0xE591DD7: WTF::Detail::CallableWrapper<IPC::Connection::enqueueIncomingMessage(std::unique_ptr<IPC::Decoder, std::default_delete<IPC::Decoder> >)::{lambda()#1}, void>::call() (Function.h:53)
==137== by 0xD9D5E94: WTF::Function<void ()>::operator()() const (Function.h:82)
==137== by 0x10FD4BEE: WTF::RunLoop::performWork() (RunLoop.cpp:133)
==137== by 0x110803FD: WTF::RunLoop::RunLoop()::{lambda(void*)#1}::operator()(void*) const (RunLoopGLib.cpp:80)
==137== by 0x11080421: WTF::RunLoop::RunLoop()::{lambda(void*)#1}::_FUN(void*) (RunLoopGLib.cpp:82)
==137== by 0x11080390: WTF::RunLoop::{lambda(_GSource*, int (*)(void*), void*)#1}::operator()(_GSource*, int (*)(void*), void*) const (RunLoopGLib.cpp:53)
==137== by 0x110803DE: WTF::RunLoop::{lambda(_GSource*, int (*)(void*), void*)#1}::_FUN(_GSource*, int (*)(void*), void*) (RunLoopGLib.cpp:56)
==137== by 0x15FB4293: g_main_dispatch (gmain.c:3381)
==137== by 0x15FB4293: g_main_context_dispatch (gmain.c:4099)
==137== by 0x15FB4637: g_main_context_iterate.constprop.0 (gmain.c:4175)
==137== by 0x15FB4942: g_main_loop_run (gmain.c:4373)
==137== by 0x11080A49: WTF::RunLoop::run() (RunLoopGLib.cpp:108)
==137== by 0xF022010: WebKit::AuxiliaryProcessMainBase<WebKit::WebProcess, true>::run(int, char**) (AuxiliaryProcessMain.h:70)
==137== by 0xF01F6C2: int WebKit::AuxiliaryProcessMain<WebKit::WebProcessMainWPE>(int, char**) (AuxiliaryProcessMain.h:96)
==137== by 0xF01BC1A: WebKit::WebProcessMain(int, char**) (WebProcessMainWPE.cpp:75)
==137== by 0x109918: main (WebProcessMain.cpp:31)
==137== Uninitialised value was created by a stack allocation
==137== at 0x1447AA1A: void WTF::HashTable<WebCore::GlobalWindowIdentifier, WTF::KeyValuePair<WebCore::GlobalWindowIdentifier, WebCore::AbstractDOMWindow*>, WTF::KeyValuePairKeyExtractor<WTF::KeyValuePair<WebCore::GlobalWindowIdentifier, WebCore::AbstractDOMWindow*> >, WTF::DefaultHash<WebCore::GlobalWindowIdentifier>, WTF::HashMap<WebCore::GlobalWindowIdentifier, WebCore::AbstractDOMWindow*, WTF::DefaultHash<WebCore::GlobalWindowIdentifier>, WTF::HashTraits<WebCore::GlobalWindowIdentifier>, WTF::HashTraits<WebCore::AbstractDOMWindow*>, WTF::HashTableTraits>::KeyValuePairTraits, WTF::HashTraits<WebCore::GlobalWindowIdentifier> >::checkKey<WTF::HashMapTranslator<WTF::HashMap<WebCore::GlobalWindowIdentifier, WebCore::AbstractDOMWindow*, WTF::DefaultHash<WebCore::GlobalWindowIdentifier>, WTF::HashTraits<WebCore::GlobalWindowIdentifier>, WTF::HashTraits<WebCore::AbstractDOMWindow*>, WTF::HashTableTraits>::KeyValuePairTraits, WTF::DefaultHash<WebCore::GlobalWindowIdentifier> >, WebCore::GlobalWindowIdentifier>(WebCore::GlobalWindowIdentifier const&) (HashTable.h:655)
==137==
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20220708/ed498c96/attachment-0001.htm>
More information about the webkit-unassigned
mailing list