https://bugs.kde.org/show_bug.cgi?id=369359
Bug ID: 369359 Summary: msghdr_foreachfield can crash when handling bad iovec Product: valgrind Version: unspecified Platform: Other OS: Linux Status: UNCONFIRMED Severity: normal Priority: NOR Component: general Assignee: jsew...@acm.org Reporter: m...@redhat.com LTP testcases/kernel/syscalls/recvmsg/recvmsg01 crashes valgrind: ==29561== Syscall param recvmsg(msg.msg_iov[134]) points to unaddressable byte(s) ==29561== at 0x4F2C690: __recvmsg_nocancel (syscall-template.S:81) ==29561== by 0x402B0E: main (recvmsg01.c:224) ==29561== Address 0x6b636f7364750001 is not stack'd, malloc'd or (recently) free'd ==29561== --29561-- VALGRIND INTERNAL ERROR: Valgrind received a signal 11 (SIGSEGV) - exiting --29561-- si_code=1; Faulting address: 0x618008; sp: 0x80327ad40 valgrind: the 'impossible' happened: Killed by fatal signal host stacktrace: ==29561== at 0x38093BD5: msghdr_foreachfield (syswrap-generic.c:1063) ==29561== by 0x38092CDF: vgPlain_client_syscall (syswrap-main.c:1906) ==29561== by 0x3808F8B2: handle_syscall (scheduler.c:1118) ==29561== by 0x38090E76: vgPlain_scheduler (scheduler.c:1435) ==29561== by 0x380A027A: thread_wrapper (syswrap-linux.c:103) ==29561== by 0x380A027A: run_a_thread_NORETURN (syswrap-linux.c:156) Reproducible: Always -- You are receiving this mail because: You are watching all bug changes.