[Wayland-bugs] [Bug 94071] Two subsequent display roundtrips results in sendmsg syscall with uninitialized bytes
bugzilla-daemon at freedesktop.org
bugzilla-daemon at freedesktop.org
Wed Feb 10 02:24:51 UTC 2016
https://bugs.freedesktop.org/show_bug.cgi?id=94071
Bug ID: 94071
Summary: Two subsequent display roundtrips results in sendmsg
syscall with uninitialized bytes
Product: Wayland
Version: unspecified
Hardware: x86-64 (AMD64)
OS: Linux (All)
Status: NEW
Severity: normal
Priority: medium
Component: wayland
Assignee: wayland-bugs at lists.freedesktop.org
Reporter: eyolfson at gmail.com
Created attachment 121636
--> https://bugs.freedesktop.org/attachment.cgi?id=121636&action=edit
The bug triggers on the second roundtrip call.
This occurs in wayland version 1.9.0 (not selectable in Bugzilla).
I'm on Linux 4.4.1 using gcc 5.3.0 and valgrind 3.11.0.
I can compile the attachment like:
> gcc wayland-test.c -lwayland-client -g
Then run valgrind on the resulting executable:
> valgrind --track-origins=yes ./a.out
==14980== Memcheck, a memory error detector
==14980== Copyright (C) 2002-2015, and GNU GPL'd, by Julian Seward et al.
==14980== Using Valgrind-3.11.0 and LibVEX; rerun with -h for copyright info
==14980== Command: ./a.out
==14980==
==14980== Syscall param sendmsg(msg.msg_iov[0]) points to uninitialised byte(s)
==14980== at 0x512C1E0: __sendmsg_nocancel (in /usr/lib/libc-2.22.so)
==14980== by 0x4E3AF30: ??? (in /usr/lib/libwayland-client.so.0.3.0)
==14980== by 0x4E3A738: wl_display_dispatch_queue (in
/usr/lib/libwayland-client.so.0.3.0)
==14980== by 0x4E3AA6E: wl_display_roundtrip_queue (in
/usr/lib/libwayland-client.so.0.3.0)
==14980== by 0x400B6A: main (wayland-test.c:47)
==14980== Address 0x5d1324e is 4,158 bytes inside a block of size 16,424
alloc'd
==14980== at 0x4C2A987: calloc (in
/usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==14980== by 0x4E3B061: ??? (in /usr/lib/libwayland-client.so.0.3.0)
==14980== by 0x4E3A246: wl_display_connect_to_fd (in
/usr/lib/libwayland-client.so.0.3.0)
==14980== by 0x4E3A379: wl_display_connect (in
/usr/lib/libwayland-client.so.0.3.0)
==14980== by 0x400B28: main (wayland-test.c:43)
==14980== Uninitialised value was created by a heap allocation
==14980== at 0x4C28C10: malloc (in
/usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==14980== by 0x4E3C8DF: ??? (in /usr/lib/libwayland-client.so.0.3.0)
==14980== by 0x4E39E71: wl_proxy_marshal_array_constructor (in
/usr/lib/libwayland-client.so.0.3.0)
==14980== by 0x4E3A0F9: wl_proxy_marshal_constructor (in
/usr/lib/libwayland-client.so.0.3.0)
==14980== by 0x400A2C: wl_registry_bind (wayland-client-protocol.h:288)
==14980== by 0x400ABE: global (wayland-test.c:15)
==14980== by 0x53EC1EF: ffi_call_unix64 (in /usr/lib/libffi.so.6.0.4)
==14980== by 0x53EBC57: ffi_call (in /usr/lib/libffi.so.6.0.4)
==14980== by 0x4E3C757: ??? (in /usr/lib/libwayland-client.so.0.3.0)
==14980== by 0x4E39A5F: ??? (in /usr/lib/libwayland-client.so.0.3.0)
==14980== by 0x4E39ADB: ??? (in /usr/lib/libwayland-client.so.0.3.0)
==14980== by 0x4E3A7AE: wl_display_dispatch_queue (in
/usr/lib/libwayland-client.so.0.3.0)
==14980==
==14980==
==14980== HEAP SUMMARY:
==14980== in use at exit: 0 bytes in 0 blocks
==14980== total heap usage: 45 allocs, 45 frees, 24,232 bytes allocated
==14980==
==14980== All heap blocks were freed -- no leaks are possible
==14980==
==14980== For counts of detected and suppressed errors, rerun with: -v
==14980== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 0 from 0)
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.freedesktop.org/archives/wayland-bugs/attachments/20160210/9059c8b9/attachment-0001.html>
More information about the wayland-bugs
mailing list