Public bug reported:
lua s = box.socket.tcp()
lua sr, se = s:connect('somewhereelse', '30303', 0.0001)
roman@work:/data/work/tarantool/master3/test/var$ valgrind --track-origins=yes
../../src/box/tarantool_box
==25307== Memcheck, a memory error detector
==25307== Copyright (C) 2002-2012, and GNU GPL'd, by Julian Seward et al.
==25307== Using Valgrind-3.8.1 and LibVEX; rerun with -h for copyright info
==25307== Command: ../../src/box/tarantool_box
==25307==
==25307== Conditional jump or move depends on uninitialised value(s)
==25307== at 0x48766E: lj_str_new (in
/data/work/tarantool/master3/src/box/tarantool_box)
==25307== by 0x48ED78: lua_pushlstring (in
/data/work/tarantool/master3/src/box/tarantool_box)
==25307== by 0x4A188D: emptybuffer (in
/data/work/tarantool/master3/src/box/tarantool_box)
==25307== by 0x4A1C71: luaL_pushresult (in
/data/work/tarantool/master3/src/box/tarantool_box)
==25307== by 0x4A1DD2: luaL_gsub (in
/data/work/tarantool/master3/src/box/tarantool_box)
==25307== by 0x4432FD: tarantool_lua (init.m:1190)
==25307== by 0x466F7F: admin_dispatch (admin.rl:233)
==25307== by 0x4699E7: admin_handler (admin.rl:345)
==25307== by 0x452FCB: fiber_loop (fiber.m:368)
==25307== by 0x4805CF: coro_init (coro.c:95)
==25307== by 0x414BBF: ??? (in
/data/work/tarantool/master3/src/box/tarantool_box)
==25307== Uninitialised value was created by a stack allocation
==25307== at 0x4A1D39: luaL_gsub (in
/data/work/tarantool/master3/src/box/tarantool_box)
==25307==
==25307== Thread 3:
==25307== Invalid read of size 4
==25307== at 0x5614E21: gaih_inet (getaddrinfo.c:839)
==25307== by 0x5618243: getaddrinfo (getaddrinfo.c:2465)
==25307== by 0x45EA68: getaddrinfo_cb (coeio.m:224)
==25307== by 0x45E735: coeio_custom_cb (coeio.m:133)
==25307== by 0x47E63C: eio_execute (eio.c:2480)
==25307== by 0x47D758: etp_proc (eio.c:2216)
==25307== by 0x4E3AE0D: start_thread (pthread_create.c:311)
==25307== by 0x563995C: clone (clone.S:113)
==25307== Address 0x41afcb4 is not stack'd, malloc'd or (recently) free'd
==25307==
==25307== Syscall param sendmsg(mmsg[0].msg_hdr) points to uninitialised byte(s)
==25307== at 0x563AF6B: sendmmsg (sendmmsg.c:36)
==25307== by 0xE1362DE: __libc_res_nsend (res_send.c:1140)
==25307== by 0xE133B8B: __libc_res_nquery (res_query.c:226)
==25307== by 0xE134147: __libc_res_nquerydomain (res_query.c:582)
==25307== by 0xE1345C2: __libc_res_nsearch (res_query.c:416)
==25307== by 0xDF28A55: _nss_dns_gethostbyname4_r (dns-host.c:314)
==25307== by 0x5614E81: gaih_inet (getaddrinfo.c:849)
==25307== by 0x5618243: getaddrinfo (getaddrinfo.c:2465)
==25307== by 0x45EA68: getaddrinfo_cb (coeio.m:224)
==25307== by 0x45E735: coeio_custom_cb (coeio.m:133)
==25307== by 0x47E63C: eio_execute (eio.c:2480)
==25307== by 0x47D758: etp_proc (eio.c:2216)
==25307== Address 0xdb10a30 is on thread 3's stack
==25307== Uninitialised value was created by a stack allocation
==25307== at 0xE1356D0: __libc_res_nsend (res_send.c:347)
==25307== at 0x563AF6B: sendmmsg (sendmmsg.c:36)
==25307== by 0xE1362DE: __libc_res_nsend (res_send.c:1140)
==25307== by 0xE133B8B: __libc_res_nquery (res_query.c:226)
==25307== by 0xE134147: __libc_res_nquerydomain (res_query.c:582)
==25307== by 0xE1345C2: __libc_res_nsearch (res_query.c:416)
==25307== by 0xDF28A55: _nss_dns_gethostbyname4_r (dns-host.c:314)
==25307== by 0x5614E81: gaih_inet (getaddrinfo.c:849)
==25307== by 0x5618243: getaddrinfo (getaddrinfo.c:2465)
==25307== by 0x45EA68: getaddrinfo_cb (coeio.m:224)
==25307== by 0x45E735: coeio_custom_cb (coeio.m:133)
==25307== by 0x47E63C: eio_execute (eio.c:2480)
==25307== by 0x47D758: etp_proc (eio.c:2216)
==25307== Address 0xdb10a30 is on thread 3's stack
==25307== Uninitialised value was created by a stack allocation
==25307== at 0xE1356D0: __libc_res_nsend (res_send.c:347)
** Affects: tarantool
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Tarantool
Development Team, which is subscribed to tarantool.
https://bugs.launchpad.net/bugs/1186982
Title:
Uninitialised memory access in getaddrinfo
Status in Tarantool - an efficient in-memory data store:
New
Bug description:
lua s = box.socket.tcp()
lua sr, se = s:connect('somewhereelse', '30303', 0.0001)
roman@work:/data/work/tarantool/master3/test/var$ valgrind
--track-origins=yes ../../src/box/tarantool_box
==25307== Memcheck, a memory error detector
==25307== Copyright (C) 2002-2012, and GNU GPL'd, by Julian Seward et al.
==25307== Using Valgrind-3.8.1 and LibVEX; rerun with -h for copyright info
==25307== Command: ../../src/box/tarantool_box
==25307==
==25307== Conditional jump or move depends on uninitialised value(s)
==25307== at 0x48766E: lj_str_new (in
/data/work/tarantool/master3/src/box/tarantool_box)
==25307== by 0x48ED78: lua_pushlstring (in
/data/work/tarantool/master3/src/box/tarantool_box)
==25307== by 0x4A188D: emptybuffer (in
/data/work/tarantool/master3/src/box/tarantool_box)
==25307== by 0x4A1C71: luaL_pushresult (in
/data/work/tarantool/master3/src/box/tarantool_box)
==25307== by 0x4A1DD2: luaL_gsub (in
/data/work/tarantool/master3/src/box/tarantool_box)
==25307== by 0x4432FD: tarantool_lua (init.m:1190)
==25307== by 0x466F7F: admin_dispatch (admin.rl:233)
==25307== by 0x4699E7: admin_handler (admin.rl:345)
==25307== by 0x452FCB: fiber_loop (fiber.m:368)
==25307== by 0x4805CF: coro_init (coro.c:95)
==25307== by 0x414BBF: ??? (in
/data/work/tarantool/master3/src/box/tarantool_box)
==25307== Uninitialised value was created by a stack allocation
==25307== at 0x4A1D39: luaL_gsub (in
/data/work/tarantool/master3/src/box/tarantool_box)
==25307==
==25307== Thread 3:
==25307== Invalid read of size 4
==25307== at 0x5614E21: gaih_inet (getaddrinfo.c:839)
==25307== by 0x5618243: getaddrinfo (getaddrinfo.c:2465)
==25307== by 0x45EA68: getaddrinfo_cb (coeio.m:224)
==25307== by 0x45E735: coeio_custom_cb (coeio.m:133)
==25307== by 0x47E63C: eio_execute (eio.c:2480)
==25307== by 0x47D758: etp_proc (eio.c:2216)
==25307== by 0x4E3AE0D: start_thread (pthread_create.c:311)
==25307== by 0x563995C: clone (clone.S:113)
==25307== Address 0x41afcb4 is not stack'd, malloc'd or (recently) free'd
==25307==
==25307== Syscall param sendmsg(mmsg[0].msg_hdr) points to uninitialised
byte(s)
==25307== at 0x563AF6B: sendmmsg (sendmmsg.c:36)
==25307== by 0xE1362DE: __libc_res_nsend (res_send.c:1140)
==25307== by 0xE133B8B: __libc_res_nquery (res_query.c:226)
==25307== by 0xE134147: __libc_res_nquerydomain (res_query.c:582)
==25307== by 0xE1345C2: __libc_res_nsearch (res_query.c:416)
==25307== by 0xDF28A55: _nss_dns_gethostbyname4_r (dns-host.c:314)
==25307== by 0x5614E81: gaih_inet (getaddrinfo.c:849)
==25307== by 0x5618243: getaddrinfo (getaddrinfo.c:2465)
==25307== by 0x45EA68: getaddrinfo_cb (coeio.m:224)
==25307== by 0x45E735: coeio_custom_cb (coeio.m:133)
==25307== by 0x47E63C: eio_execute (eio.c:2480)
==25307== by 0x47D758: etp_proc (eio.c:2216)
==25307== Address 0xdb10a30 is on thread 3's stack
==25307== Uninitialised value was created by a stack allocation
==25307== at 0xE1356D0: __libc_res_nsend (res_send.c:347)
==25307== at 0x563AF6B: sendmmsg (sendmmsg.c:36)
==25307== by 0xE1362DE: __libc_res_nsend (res_send.c:1140)
==25307== by 0xE133B8B: __libc_res_nquery (res_query.c:226)
==25307== by 0xE134147: __libc_res_nquerydomain (res_query.c:582)
==25307== by 0xE1345C2: __libc_res_nsearch (res_query.c:416)
==25307== by 0xDF28A55: _nss_dns_gethostbyname4_r (dns-host.c:314)
==25307== by 0x5614E81: gaih_inet (getaddrinfo.c:849)
==25307== by 0x5618243: getaddrinfo (getaddrinfo.c:2465)
==25307== by 0x45EA68: getaddrinfo_cb (coeio.m:224)
==25307== by 0x45E735: coeio_custom_cb (coeio.m:133)
==25307== by 0x47E63C: eio_execute (eio.c:2480)
==25307== by 0x47D758: etp_proc (eio.c:2216)
==25307== Address 0xdb10a30 is on thread 3's stack
==25307== Uninitialised value was created by a stack allocation
==25307== at 0xE1356D0: __libc_res_nsend (res_send.c:347)
To manage notifications about this bug go to:
https://bugs.launchpad.net/tarantool/+bug/1186982/+subscriptions
_______________________________________________
Mailing list: https://launchpad.net/~tarantool-developers
Post to : [email protected]
Unsubscribe : https://launchpad.net/~tarantool-developers
More help : https://help.launchpad.net/ListHelp
