new file mode 100644
--- /dev/null
+++ b/mozilla-M-C-000-pickle-alignment.patch
@@ -0,0 +1,99 @@
+# HG changeset patch
+# User ISHIKAWA, Chiaki <ishikawa@yk.rim.or.jp>
+# Parent  f26c5f46bdcd7ba4163f79788f8ba030b0eddd3e
+patch to investigate strange sendmsg uninitialized memory access
+
+diff --git a/ipc/chromium/src/base/pickle.cc b/ipc/chromium/src/base/pickle.cc
+--- a/ipc/chromium/src/base/pickle.cc
++++ b/ipc/chromium/src/base/pickle.cc
+@@ -492,23 +492,30 @@ void Pickle::BeginWrite(uint32_t length,
+     MOZ_ALWAYS_TRUE(buffers_.WriteBytes(padding_data, padding));
+   }
+ 
+   DCHECK((header_size_ + header_->payload_size + padding) % alignment == 0);
+ 
+   header_->payload_size = new_size;
+ }
+ 
+-void Pickle::EndWrite(uint32_t length) {
++void Pickle::EndWrite(uint32_t length, uint32_t alignment) {
+   // Zero-pad to keep tools like purify from complaining about uninitialized
+   // memory.
+-  uint32_t padding = AlignInt(length) - length;
++  uint32_t padding = ((length + alignment - 1 ) / alignment) * alignment - length;
++
++  MOZ_ASSERT(alignment == 4 || alignment == 8);
+   if (padding) {
+-    MOZ_RELEASE_ASSERT(padding <= 4);
+-    static const char padding_data[4] = {
++    MOZ_RELEASE_ASSERT(padding <= 8);
++    static const char padding_data[9] = {
++        kBytePaddingMarker,
++        kBytePaddingMarker,
++        kBytePaddingMarker,
++        kBytePaddingMarker,
++        kBytePaddingMarker,
+         kBytePaddingMarker,
+         kBytePaddingMarker,
+         kBytePaddingMarker,
+         kBytePaddingMarker,
+     };
+     MOZ_ALWAYS_TRUE(buffers_.WriteBytes(padding_data, padding));
+   }
+ }
+@@ -623,31 +630,31 @@ bool Pickle::WriteBytesZeroCopy(void* da
+     // going to use more data from the buffer (and let it actually realloc
+     // if it needs to).
+     data = realloc(data, new_capacity);
+   }
+ #endif
+   buffers_.WriteBytesZeroCopy(reinterpret_cast<char*>(data), data_len,
+                               new_capacity);
+ 
+-  EndWrite(data_len);
++  EndWrite(data_len, sizeof(memberAlignmentType));
+   return true;
+ }
+ 
+ bool Pickle::WriteBytes(const void* data, uint32_t data_len,
+                         uint32_t alignment) {
+   DCHECK(alignment == 4 || alignment == 8);
+   DCHECK(intptr_t(header_) % alignment == 0);
+ 
+   BeginWrite(data_len, alignment);
+ 
+   MOZ_ALWAYS_TRUE(
+       buffers_.WriteBytes(reinterpret_cast<const char*>(data), data_len));
+ 
+-  EndWrite(data_len);
++  EndWrite(data_len, alignment);
+   return true;
+ }
+ 
+ bool Pickle::WriteString(const std::string& value) {
+ #ifdef FUZZING
+   std::string v(value);
+   mozilla::ipc::Faulty::instance().FuzzString(v);
+   if (!WriteInt(static_cast<int>(v.size()))) return false;
+diff --git a/ipc/chromium/src/base/pickle.h b/ipc/chromium/src/base/pickle.h
+--- a/ipc/chromium/src/base/pickle.h
++++ b/ipc/chromium/src/base/pickle.h
+@@ -223,17 +223,17 @@ class Pickle {
+   // location that the data should be written at is returned, or NULL if there
+   // was an error. Call EndWrite with the returned offset and the given length
+   // to pad out for the next write.
+   void BeginWrite(uint32_t length, uint32_t alignment);
+ 
+   // Completes the write operation by padding the data with NULL bytes until it
+   // is padded. Should be paired with BeginWrite, but it does not necessarily
+   // have to be called after the data is written.
+-  void EndWrite(uint32_t length);
++  void EndWrite(uint32_t length, uint32_t alignment);
+ 
+   // Round 'bytes' up to the next multiple of 'alignment'.  'alignment' must be
+   // a power of 2.
+   template <uint32_t alignment>
+   struct ConstantAligner {
+     static uint32_t align(int bytes) {
+       static_assert((alignment & (alignment - 1)) == 0,
+                     "alignment must be a power of two");