Comment # 3 on bug 987182 from 
mine look quite different, but it is triggered by pull-down menu from program
running under wine (ultravnc windows client):

==26399== Syscall param write(buf) points to uninitialised byte(s)
==26399==    at 0x6B170E0: __write_nocancel (in /lib64/libpthread-2.23.so)
==26399==    by 0x4C3825: rfbWriteExact (sockets.c:537)
==26399==    by 0x4C1ACD: rfbSendServerCutText (rfbserver.c:3243)
==26399==    by 0x46BC2C: selection_send (selection.c:505)
==26399==    by 0x4B1B04: check_xevents (xevents.c:1470)
==26399==    by 0x469A55: watch_loop (screen.c:4643)
==26399==    by 0x416A05: main (x11vnc.c:5990)
==26399==  Address 0xffefe61e1 is on thread 1's stack
==26399==  in frame #2, created by rfbSendServerCutText (rfbserver.c:3233)
==26399== 
==26399== Invalid read of size 4
==26399==    at 0x4B569A: record_CW (xrecord.c:974)
==26399==    by 0x4B637A: record_switch (xrecord.c:1387)
==26399==    by 0x5779B83: parse_reply_call_callback.isra.2 (XRecord.c:838)
==26399==    by 0x577A034: record_async_handler (XRecord.c:963)
==26399==    by 0x63EB7DC: handle_response (xcb_io.c:305)
==26399==    by 0x63EC114: _XEventsQueued (xcb_io.c:350)
==26399==    by 0x63DDD16: XPending (Pending.c:55)
==26399==    by 0x4956E4: check_xrecord_mouse (userinput.c:2988)
==26399==    by 0x4956E4: check_xrecord (userinput.c:3164)
==26399==    by 0x4A02E4: check_user_input (userinput.c:5712)
==26399==    by 0x46A25B: watch_loop (screen.c:4593)
==26399==    by 0x416A05: main (x11vnc.c:5990)
==26399==  Address 0xe1533fc is 0 bytes after a block of size 28 alloc'd
==26399==    at 0x4C2D12F: malloc (in
/usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==26399==    by 0x5779EBE: alloc_reply_buffer.isra.3 (XRecord.c:577)
==26399==    by 0x5779FB7: record_async_handler (XRecord.c:948)
==26399==    by 0x63EB7DC: handle_response (xcb_io.c:305)
==26399==    by 0x63EC114: _XEventsQueued (xcb_io.c:350)
==26399==    by 0x63DDD16: XPending (Pending.c:55)
==26399==    by 0x4956E4: check_xrecord_mouse (userinput.c:2988)
==26399==    by 0x4956E4: check_xrecord (userinput.c:3164)
==26399==    by 0x4A02E4: check_user_input (userinput.c:5712)
==26399==    by 0x46A25B: watch_loop (screen.c:4593)
==26399==    by 0x416A05: main (x11vnc.c:5990)
==26399== 
*** stack smashing detected ***: x11vnc terminated

You are receiving this mail because: