209468 2020-03-24 02:33:04 -0700 valgrind claims uninitialized memory when opening inspector (WebKit::InspectorBrowserAgent::enable(WTF::String&)) 2022-11-23 16:01:22 -0800 1 1 1 Unclassified WebKit WebKitGTK Other Unspecified Unspecified RESOLVED FIXED https://bugs.webkit.org/show_bug.cgi?id=248293 P2 Normal --- 1 mcrha webkit-unassigned bugs-noreply cgarcia hi mcatanzaro oldest_to_newest 1633262 0 mcrha 2020-03-24 02:33:04 -0700 I'm currently at r258908, but I noticed this earlier, using WebKitGTK+. Steps: a) run MiniBrowser under valgrind $ export GIGACAGE_ENABLED=0 $ G_SLICE=always-malloc valgrind --show-leak-kinds=definite --num-callers=30 --leak-check=no --aspace-minaddr=0x100000000 --track-origins=yes ./MiniBrowser b) right-click in the body and pick "Inspect Element" This shows on console: ==16894== Conditional jump or move depends on uninitialised value(s) ==16894== at 0x10123C193: WebKit::InspectorBrowserAgent::enable(WTF::String&) (InspectorBrowserAgent.cpp:69) ==16894== by 0x104FA215D: Inspector::BrowserBackendDispatcher::enable(long, WTF::RefPtr<WTF::JSONImpl::Object, WTF::DumbPtrTraits<WTF::JSONImpl::Object> >&&) (InspectorBackendDispatchers.cpp:560) ==16894== by 0x104FA1F7B: Inspector::BrowserBackendDispatcher::dispatch(long, WTF::String const&, WTF::Ref<WTF::JSONImpl::Object, WTF::DumbPtrTraits<WTF::JSONImpl::Object> >&&) (InspectorBackendDispatchers.cpp:542) ==16894== by 0x104F9E609: Inspector::BackendDispatcher::dispatch(WTF::String const&) (InspectorBackendDispatcher.cpp:180) ==16894== by 0x100F4C215: callMemberFunctionImpl<WebKit::WebInspectorProxy, void (WebKit::WebInspectorProxy::*)(const WTF::String &), std::tuple<WTF::String>, 0> (HandleMessage.h:41) ==16894== by 0x100F4C215: callMemberFunction<WebKit::WebInspectorProxy, void (WebKit::WebInspectorProxy::*)(const WTF::String &), std::tuple<WTF::String>, std::integer_sequence<unsigned long, 0> > (HandleMessage.h:47) ==16894== by 0x100F4C215: handleMessage<Messages::WebInspectorProxy::SendMessageToBackend, WebKit::WebInspectorProxy, void (WebKit::WebInspectorProxy::*)(const WTF::String &)> (HandleMessage.h:114) ==16894== by 0x100F4C215: WebKit::WebInspectorProxy::didReceiveMessage(IPC::Connection&, IPC::Decoder&) (WebInspectorProxyMessageReceiver.cpp:55) ==16894== by 0x101082B4A: IPC::MessageReceiverMap::dispatchMessage(IPC::Connection&, IPC::Decoder&) (MessageReceiverMap.cpp:123) ==16894== by 0x101162059: didReceiveMessage (WebProcessProxy.cpp:751) ==16894== by 0x101162059: non-virtual thunk to WebKit::WebProcessProxy::didReceiveMessage(IPC::Connection&, IPC::Decoder&) (WebProcessProxy.cpp:0) ==16894== by 0x10107B86A: IPC::Connection::dispatchMessage(std::unique_ptr<IPC::Decoder, std::default_delete<IPC::Decoder> >) (Connection.cpp:1077) ==16894== by 0x10107AD2A: IPC::Connection::dispatchIncomingMessages() (Connection.cpp:1181) ==16894== by 0x105650358: operator() (Lock.h:84) ==16894== by 0x105650358: WTF::RunLoop::performWork() (RunLoop.cpp:119) ==16894== by 0x10569FA15: operator() (RunLoopGLib.cpp:68) ==16894== by 0x10569FA15: WTF::RunLoop::RunLoop()::$_0::__invoke(void*) (RunLoopGLib.cpp:67) ==16894== by 0x10413A139: g_main_dispatch (gmain.c:3202) ==16894== by 0x10413B02F: g_main_context_dispatch (gmain.c:3867) ==16894== by 0x10413B214: g_main_context_iterate (gmain.c:3940) ==16894== by 0x10413B63B: g_main_loop_run (gmain.c:4136) ==16894== by 0x1037881AC: gtk_main (gtkmain.c:1323) ==16894== by 0x416539: main (main.c:649) ==16894== Uninitialised value was created by a heap allocation ==16894== at 0x10083880B: malloc (vg_replace_malloc.c:309) ==16894== by 0x105642525: WTF::fastMalloc(unsigned long) (FastMalloc.cpp:201) ==16894== by 0x10110F05D: operator new (WebPageInspectorController.h:49) ==16894== by 0x10110F05D: make_unique<WebKit::WebPageInspectorController, WebKit::WebPageProxy &> (unique_ptr.h:849) ==16894== by 0x10110F05D: makeUnique<WebKit::WebPageInspectorController, WebKit::WebPageProxy &> (StdLibExtras.h:483) ==16894== by 0x10110F05D: WebKit::WebPageProxy::WebPageProxy(WebKit::PageClient&, WebKit::WebProcessProxy&, WTF::Ref<API::PageConfiguration, WTF::DumbPtrTraits<API::PageConfiguration> >&&) (WebPageProxy.cpp:476) ==16894== by 0x10115AF50: create (WebPageProxy.cpp:428) ==16894== by 0x10115AF50: createWebPage (WebProcessProxy.cpp:465) ==16894== by 0x10115AF50: WebKit::WebProcessPool::createWebPage(WebKit::PageClient&, WTF::Ref<API::PageConfiguration, WTF::DumbPtrTraits<API::PageConfiguration> >&&) (WebProcessPool.cpp:1288) ==16894== by 0x10120D27E: webkitWebViewBaseCreateWebPage(_WebKitWebViewBase*, WTF::Ref<API::PageConfiguration, WTF::DumbPtrTraits<API::PageConfiguration> >&&) (WebKitWebViewBase.cpp:1503) ==16894== by 0x1011EA75D: webkitWebContextCreatePageForWebView(_WebKitWebContext*, _WebKitWebView*, _WebKitUserContentManager*, _WebKitWebView*) (WebKitWebContext.cpp:1818) ==16894== by 0x1011F6D0D: webkitWebViewConstructed(_GObject*) (WebKitWebView.cpp:758) ==16894== by 0x10409D3A0: g_object_new_internal (gobject.c:1999) ==16894== by 0x10409E138: g_object_new_valist (gobject.c:2287) ==16894== by 0x10409CE0D: g_object_new (gobject.c:1797) ==16894== by 0x41694E: createBrowserTab (main.c:81) ==16894== by 0x4164B6: main (main.c:632) 1672100 1 cgarcia 2020-07-16 06:24:26 -0700 I can't reproduce this now because valgrind is not working for me now, but I'm pretty sure it's m_targetAgent not initialized in WebPageInspectorController constructor. I'll submit a patch. 1672101 2 404437 cgarcia 2020-07-16 06:25:55 -0700 Created attachment 404437 Patch 1672998 3 cgarcia 2020-07-20 01:24:59 -0700 Committed r264592: <https://trac.webkit.org/changeset/264592> 404437 2020-07-16 06:25:55 -0700 2020-07-16 06:43:59 -0700 Patch wk2-target-agent-init.diff text/plain 1330 cgarcia ZGlmZiAtLWdpdCBhL1NvdXJjZS9XZWJLaXQvQ2hhbmdlTG9nIGIvU291cmNlL1dlYktpdC9DaGFu Z2VMb2cKaW5kZXggY2Q1MjI4MGJlMjZmLi42NTUwNDNmNWIxNzEgMTAwNjQ0Ci0tLSBhL1NvdXJj ZS9XZWJLaXQvQ2hhbmdlTG9nCisrKyBiL1NvdXJjZS9XZWJLaXQvQ2hhbmdlTG9nCkBAIC0xLDMg KzEsMTQgQEAKKzIwMjAtMDctMTYgIENhcmxvcyBHYXJjaWEgQ2FtcG9zICA8Y2dhcmNpYUBpZ2Fs aWEuY29tPgorCisgICAgICAgIHZhbGdyaW5kIGNsYWltcyB1bmluaXRpYWxpemVkIG1lbW9yeSB3 aGVuIG9wZW5pbmcgaW5zcGVjdG9yIChXZWJLaXQ6Okluc3BlY3RvckJyb3dzZXJBZ2VudDo6ZW5h YmxlKFdURjo6U3RyaW5nJikpCisgICAgICAgIGh0dHBzOi8vYnVncy53ZWJraXQub3JnL3Nob3df YnVnLmNnaT9pZD0yMDk0NjgKKworICAgICAgICBSZXZpZXdlZCBieSBOT0JPRFkgKE9PUFMhKS4K KworICAgICAgICBJbml0aWFsaXplIG1fdGFyZ2V0QWdlbnQuCisKKyAgICAgICAgKiBVSVByb2Nl c3MvSW5zcGVjdG9yL1dlYlBhZ2VJbnNwZWN0b3JDb250cm9sbGVyLmg6CisKIDIwMjAtMDctMTYg IENhcmxvcyBHYXJjaWEgQ2FtcG9zICA8Y2dhcmNpYUBpZ2FsaWEuY29tPgogCiAgICAgICAgIEZp eCBJVFAgZGF0YSBzdW1tYXJ5IHdoZW4gdXNpbmcgdGhlIG1lbW9yeSBzYXRyZSBhbmQgYmxvY2tp bmcgYWxsIHRoaXJkLXBhcnR5IGNvb2tpZXMKZGlmZiAtLWdpdCBhL1NvdXJjZS9XZWJLaXQvVUlQ cm9jZXNzL0luc3BlY3Rvci9XZWJQYWdlSW5zcGVjdG9yQ29udHJvbGxlci5oIGIvU291cmNlL1dl YktpdC9VSVByb2Nlc3MvSW5zcGVjdG9yL1dlYlBhZ2VJbnNwZWN0b3JDb250cm9sbGVyLmgKaW5k ZXggYzJkZjNjZWI0YjY5Li5mOWMyNjgzMmQzZTkgMTAwNjQ0Ci0tLSBhL1NvdXJjZS9XZWJLaXQv VUlQcm9jZXNzL0luc3BlY3Rvci9XZWJQYWdlSW5zcGVjdG9yQ29udHJvbGxlci5oCisrKyBiL1Nv dXJjZS9XZWJLaXQvVUlQcm9jZXNzL0luc3BlY3Rvci9XZWJQYWdlSW5zcGVjdG9yQ29udHJvbGxl ci5oCkBAIC05MSw3ICs5MSw3IEBAIHByaXZhdGU6CiAKICAgICBXZWJQYWdlUHJveHkmIG1fcGFn ZTsKIAotICAgIEluc3BlY3Rvcjo6SW5zcGVjdG9yVGFyZ2V0QWdlbnQqIG1fdGFyZ2V0QWdlbnQ7 CisgICAgSW5zcGVjdG9yOjpJbnNwZWN0b3JUYXJnZXRBZ2VudCogbV90YXJnZXRBZ2VudCB7IG51 bGxwdHIgfTsKICAgICBIYXNoTWFwPFN0cmluZywgc3RkOjp1bmlxdWVfcHRyPEluc3BlY3RvclRh cmdldFByb3h5Pj4gbV90YXJnZXRzOwogCiAgICAgSW5zcGVjdG9yQnJvd3NlckFnZW50KiBtX2Vu YWJsZWRCcm93c2VyQWdlbnQ7Cg==