Closed Bug 1418083 Opened 2 years ago Closed 2 years ago

Valgrind error in std::sync::once::Once::call_once

Categories

(Core :: CSS Parsing and Computation, defect, P3)

defect

Tracking

()

RESOLVED FIXED
mozilla59
Tracking Status
firefox59 --- fixed

People

(Reporter: rillian, Assigned: rillian)

References

Details

Attachments

(1 file)

Building with rust 1.23.0-nightly (fa26421f5 2017-11-15) in automation fails valgrind tests in a lazy_static evaluation inside StyleNewSubtree:

> TEST-UNEXPECTED-FAIL | valgrind-test | Conditional jump or move depends on uninitialised value(s) at std::sync::once::Once::call_once:: / std::sync::once::Once::call_inner / UnknownInlinedFun / UnknownInlinedFun
> ==34892== Conditional jump or move depends on uninitialised value(s)
> ==34892==    at 0x11819B3E: std::sync::once::Once::call_once::{{closure}} (raw_vec.rs:225)
> ==34892==    by 0x118FDCCC: std::sync::once::Once::call_inner (once.rs:341)
> ==34892==    by 0x1139C761: UnknownInlinedFun (once.rs:228)
> ==34892==    by 0x1139C761: UnknownInlinedFun (lazy.rs:22)
> ==34892==    by 0x1139C761: UnknownInlinedFun (<__lazy_static_internal macros>:20)
> ==34892==    by 0x1139C761: UnknownInlinedFun (<__lazy_static_internal macros>:21)
> ==34892==    by 0x1139C761: geckoservo::glue::traverse_subtree (glue.rs:267)
> ==34892==    by 0x1139C23F: Servo_TraverseSubtree (glue.rs:313)
> ==34892==    by 0xF9F6A94: mozilla::ServoStyleSet::StyleNewSubtree(mozilla::dom::Element*) (ServoStyleSet.cpp:1074)
> ==34892==    by 0xFB04E98: nsCSSFrameConstructor::GetAnonymousContent(nsIContent*, nsIFrame*, nsTArray<nsIAnonymousContentCreator::ContentInfo>&) (nsCSSFrameConstructor.cpp:4416)
> ==34892==    by 0xFB3F44E: nsCSSFrameConstructor::BeginBuildingScrollFrame(nsFrameConstructorState&, nsIContent*, nsStyleContext*, nsContainerFrame*, nsAtom*, bool, nsContainerFrame*&) (nsCSSFrameConstructor.cpp:4726)
> ==34892==    by 0xFB3FBA4: nsCSSFrameConstructor::SetUpDocElementContainingBlock(nsIContent*) (nsCSSFrameConstructor.cpp:3039)
> ==34892==    by 0xFB462DD: nsCSSFrameConstructor::ConstructDocElementFrame(mozilla::dom::Element*, nsILayoutHistoryState*) (nsCSSFrameConstructor.cpp:2537)
> ==34892==    by 0xFB47797: nsCSSFrameConstructor::ContentRangeInserted(nsIContent*, nsIContent*, nsIContent*, nsILayoutHistoryState*, nsCSSFrameConstructor::InsertionKind, TreeMatchContext*) (nsCSSFrameConstructor.cpp:8045)
> ==34892==    by 0xFB48598: nsCSSFrameConstructor::ContentInserted(nsIContent*, nsIContent*, nsILayoutHistoryState*, nsCSSFrameConstructor::InsertionKind) (nsCSSFrameConstructor.cpp:7922)
> ==34892==    by 0xFAF17D0: mozilla::PresShell::Initialize(int, int) (PresShell.cpp:1784)
> ==34892==    by 0xE7F2FAC: nsContentSink::StartLayout(bool) (nsContentSink.cpp:1288)
> ==34892==    by 0xE33EF03: nsHtml5TreeOpExecutor::StartLayout(bool*) (nsHtml5TreeOpExecutor.cpp:677)
> ==34892==    by 0xE356D3A: nsHtml5TreeOperation::Perform(nsHtml5TreeOpExecutor*, nsIContent**, bool*, bool*) (nsHtml5TreeOperation.cpp:1210)
> ==34892==    by 0xE3574FF: nsHtml5TreeOpExecutor::RunFlushLoop() (nsHtml5TreeOpExecutor.cpp:492)
> ==34892==    by 0xE357888: nsHtml5ExecutorFlusher::Run() (nsHtml5StreamParser.cpp:130)
> ==34892==    by 0xD941F7D: nsThread::ProcessNextEvent(bool, bool*) [clone .part.240] (nsThread.cpp:1037)
> ==34892==    by 0xD94371A: NS_ProcessNextEvent(nsIThread*, bool) (nsThreadUtils.cpp:513)
> ==34892==    by 0xDD4FFF1: mozilla::ipc::MessagePump::Run(base::MessagePump::Delegate*) (MessagePump.cpp:97)
> ==34892==    by 0xDD262D1: RunInternal (message_loop.cc:326)
> ==34892==    by 0xDD262D1: RunHandler (message_loop.cc:319)
> ==34892==    by 0xDD262D1: MessageLoop::Run() (message_loop.cc:299)
> ==34892==    by 0xF8A1138: nsBaseAppShell::Run() (nsBaseAppShell.cpp:159)
> ==34892==    by 0x10A4C4E5: nsAppStartup::Run() (nsAppStartup.cpp:288)
> ==34892==    by 0x10AE3046: XREMain::XRE_mainRun() (nsAppRunner.cpp:4685)
> ==34892==    by 0x10AE405A: XREMain::XRE_main(int, char**, mozilla::BootstrapConfig const&) (nsAppRunner.cpp:4847)
> ==34892==    by 0x10AE4483: XRE_main(int, char**, mozilla::BootstrapConfig const&) (nsAppRunner.cpp:4942)
> ==34892==    by 0x406338: do_main(int, char**, char**) (nsBrowserApp.cpp:231)
> ==34892==    by 0x405AFA: main (nsBrowserApp.cpp:304)
> ==34892==  Uninitialised value was created by a stack allocation
> ==34892==    at 0x1181971D: std::sync::once::Once::call_once::{{closure}} (once.rs:228)
> ==34892==
> {
>    <insert_a_suppression_name_here>
>    Memcheck:Cond
>    fun:_ZN3std4sync4once4Once9call_once28_$u7b$$u7b$closure$u7d$$u7d$17h17f424009ffa08beE
>    fun:_ZN3std4sync4once4Once10call_inner17h4102fec5e76df781E
>    fun:UnknownInlinedFun
>    fun:UnknownInlinedFun
>    fun:UnknownInlinedFun
>    fun:UnknownInlinedFun
>    fun:_ZN10geckoservo4glue16traverse_subtree17h933fce8ba21b8563E
>    fun:Servo_TraverseSubtree
>    fun:_ZN7mozilla13ServoStyleSet15StyleNewSubtreeEPNS_3dom7ElementE
>    fun:_ZN21nsCSSFrameConstructor19GetAnonymousContentEP10nsIContentP8nsIFrameR8nsTArrayIN26nsIAnonymousContentCreator11ContentInfoEE
>    fun:_ZN21nsCSSFrameConstructor24BeginBuildingScrollFrameER23nsFrameConstructorStateP10nsIContentP14nsStyleContextP16nsContainerFrameP6nsAtombRS7_
>    fun:_ZN21nsCSSFrameConstructor30SetUpDocElementContainingBlockEP10nsIContent
>    fun:_ZN21nsCSSFrameConstructor24ConstructDocElementFrameEPN7mozilla3dom7ElementEP21nsILayoutHistoryState
>    fun:_ZN21nsCSSFrameConstructor20ContentRangeInsertedEP10nsIContentS1_S1_P21nsILayoutHistoryStateNS_13InsertionKindEP16TreeMatchContext
>    fun:_ZN21nsCSSFrameConstructor15ContentInsertedEP10nsIContentS1_P21nsILayoutHistoryStateNS_13InsertionKindE
>    fun:_ZN7mozilla9PresShell10InitializeEii
>    fun:_ZN13nsContentSink11StartLayoutEb
>    fun:_ZN21nsHtml5TreeOpExecutor11StartLayoutEPb
>    fun:_ZN20nsHtml5TreeOperation7PerformEP21nsHtml5TreeOpExecutorPP10nsIContentPbS5_
>    fun:_ZN21nsHtml5TreeOpExecutor12RunFlushLoopEv
>    fun:_ZN22nsHtml5ExecutorFlusher3RunEv
>    fun:_ZN8nsThread16ProcessNextEventEbPb.part.240
>    fun:_Z19NS_ProcessNextEventP9nsIThreadb
>    fun:_ZN7mozilla3ipc11MessagePump3RunEPN4base11MessagePump8DelegateE
>    fun:RunInternal
>    fun:RunHandler
>    fun:_ZN11MessageLoop3RunEv
>    fun:_ZN14nsBaseAppShell3RunEv
>    fun:_ZN12nsAppStartup3RunEv
>    fun:_ZN7XREMain11XRE_mainRunEv
>    fun:_ZN7XREMain8XRE_mainEiPPcRKN7mozilla15BootstrapConfigE
>    fun:_Z8XRE_mainiPPcRKN7mozilla15BootstrapConfigE
>    fun:_ZL7do_mainiPPcS0_
>    fun:main
> }

https://treeherder.mozilla.org/#/jobs?repo=try&author=rgiles@mozilla.com&selectedJob=145390839
Priority: -- → P3
Given bug 1394696, I suspect this is another case that compiler optimizes the code in a way which valgrind doesn't like.

Maybe we should suppress all "Conditional jump or move depends on uninitialised value(s)" error from Rust code, because in Rust, it is hard to unintentionally write code doing that, so majority, if not all, of this kind of warnings are likely just false positive.
That sounds reasonable, but I don't know how to do that. Submitting another specific patch for now to unblock.
Attachment #8941260 - Flags: review?(xidorn+moz) → review?(jseward)
Assignee: nobody → giles
Comment on attachment 8941260 [details]
Bug 1418083 - stylo: Suppress valgrind error.

https://reviewboard.mozilla.org/r/211546/#review217924
Attachment #8941260 - Flags: review?(jseward) → review+
(In reply to Xidorn Quan [:xidorn] UTC+10 (PTO Jan 19 ~ 29) from comment #1)
> Maybe we should suppress all "Conditional jump or move depends on
> uninitialised value(s)" error from Rust code, because in Rust,

We might have to do that eventually.  But I'd prefer not to do that
right now.  I can say that I looked into the false positive problems
in some detail in December, and landed some fixes in the valgrind
git trunk which significantly reduce the noise level.  So it would be
good to migrate automation to a newer snapshot of valgrind in the
near future.

The relevant changeset is e847cb5429927317023d8410c3c56952aa47fb08
(from 12 Dec 2017).
Pushed by rgiles@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/52100437f9b3
stylo: Suppress valgrind error. r=jseward
https://hg.mozilla.org/mozilla-central/rev/52100437f9b3
Status: NEW → RESOLVED
Closed: 2 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla59
You need to log in before you can comment on or make changes to this bug.