Beginning on October 25th, 2016, Persona will no longer be an option for authentication on BMO. For more details see Persona Deprecated.
Last Comment Bug 519498 - UMR in XPCWrappedNative::CallMethod
: UMR in XPCWrappedNative::CallMethod
Product: Core
Classification: Components
Component: XPConnect (show other bugs)
: unspecified
: x86 Mac OS X
: -- normal (vote)
: ---
Assigned To: Blake Kaplan (:mrbkap)
: Andrew Overholt [:overholt]
Depends on:
  Show dependency treegraph
Reported: 2009-09-29 12:23 PDT by Robert Sayre
Modified: 2009-11-03 10:13 PST (History)
1 user (show)
See Also:
Crash Signature:
QA Whiteboard:
Iteration: ---
Points: ---
Has Regression Range: ---
Has STR: ---

valgrind stack (1.88 KB, patch)
2009-09-29 12:24 PDT, Robert Sayre
no flags Details | Diff | Splinter Review
Fix (598 bytes, patch)
2009-09-29 17:28 PDT, Blake Kaplan (:mrbkap)
sayrer: review+
jst: approval1.9.2+
dveditz: approval1.9.1.6+
Details | Diff | Splinter Review

Description Robert Sayre 2009-09-29 12:23:54 PDT
looks there's no way this should happen--could be pretty bad.
Comment 1 Robert Sayre 2009-09-29 12:24:30 PDT
Created attachment 403547 [details] [diff] [review]
valgrind stack
Comment 2 Robert Sayre 2009-09-29 13:47:57 PDT
==4856== Conditional jump or move depends on uninitialised value(s)
==4856==    at 0x52C5DCA: XPCWrappedNative::CallMethod(XPCCallContext&, XPCWrappedNative::CallMode) (xpcwrappednative.cpp:2583)
==4856==    by 0x52CACC1: XPC_WN_CallMethod(JSContext*, JSObject*, unsigned int, long*, long*) (xpcwrappednativejsops.cpp:1590)
==4856==    by 0x6565904: js_Invoke (jsinterp.cpp:1386)
==4856==    by 0x655558E: js_Interpret (jsinterp.cpp:5179)
==4856==    by 0x656441D: js_Execute (jsinterp.cpp:1622)
==4856==    by 0x652C9B4: JS_EvaluateUCScriptForPrincipals (jsapi.cpp:5145)
==4856==    by 0x652DC0B: JS_EvaluateScriptForPrincipals (jsapi.cpp:5109)
==4856==    by 0x403C17: ProcessArgs(JSContext*, JSObject*, char**, int) (xpcshell.cpp:1079)
==4856==    by 0x4043C4: main (xpcshell.cpp:1739)
==4856==  Uninitialised value was created by a stack allocation
==4856==    at 0x5B430E2: nsBinaryInputStream::ReadBoolean(int*) (nsBinaryStream.cpp:474)
Comment 3 Blake Kaplan (:mrbkap) 2009-09-29 17:28:24 PDT
Created attachment 403646 [details] [diff] [review]

This shouldn't actually affect non-valgrind builds since we don't convert the uninitialized memory to a return value and we also don't have to deallocate it.
Comment 4 Robert Sayre 2009-09-29 17:46:21 PDT
Comment on attachment 403646 [details] [diff] [review]

Comment 5 Blake Kaplan (:mrbkap) 2009-09-30 19:43:54 PDT
Comment 6 Blake Kaplan (:mrbkap) 2009-10-16 17:31:36 PDT
Comment 7 Daniel Veditz [:dveditz] 2009-10-30 12:35:22 PDT
Comment on attachment 403646 [details] [diff] [review]

Approved for, a=dveditz for release-drivers
Comment 8 Blake Kaplan (:mrbkap) 2009-11-03 10:13:05 PST

Note You need to log in before you can comment on or make changes to this bug.