Closed Bug 589577 Opened 14 years ago Closed 14 years ago

valgrind - Conditional jump or move depends on uninitialised value(s) at (nsEditor::SetFlags(unsigned int)|nsEditor::CanEnableSpellCheck()) at startup and dom mochitest

Categories

(Core :: DOM: Editor, defect)

Product:
Core
Component:
DOM: Editor
Platform:
x86_64
Linux
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED FIXED
Milestone:
mozilla2.0b5

People

(Reporter: bc, Assigned: ehsan.akhgari)

References

Details

(Keywords: regression, valgrind)

Attachments

(1 file)

Patch (v1)
1002 bytes, patch
roc
: review+
roc
: approval2.0+
Details | Diff | Splinter Review
Found during valgrind of mochtests on Linux x86_64. These appear to be recent. startup ==17555== Conditional jump or move depends on uninitialised value(s) ==17555== at 0x5D686FB: nsEditor::SetFlags(unsigned int) (nsEditor.cpp:448) ==17555== by 0x5D67A41: nsEditor::Init(nsIDOMDocument*, nsIPresShell*, nsIContent*, nsISelectionController*, unsigned int) (nsEditor.cpp:233) ==17555== by 0x5D5348D: nsPlaintextEditor::Init(nsIDOMDocument*, nsIPresShell*, nsIContent*, nsISelectionController*, unsigned int) (nsPlaintextEditor.cpp:164) ==17555== by 0x5A473D8: nsTextEditorState::PrepareEditor(nsAString_internal const*) (nsTextEditorState.cpp:1165) ==17555== by 0x5A46680: nsTextEditorState::GetEditor() (nsTextEditorState.cpp:961) ==17555== by 0x5A77DA4: nsHTMLInputElement::GetTextEditor() (nsHTMLInputElement.cpp:769) ==17555== by 0x5A3C5A8: nsGenericHTMLElement::GetEditorInternal(nsIEditor**) (nsGenericHTMLElement.cpp:3179) ==17555== by 0x5A3C53A: nsGenericHTMLElement::GetEditor(nsIEditor**) (nsGenericHTMLElement.cpp:3169) ==17555== by 0x5A81592: nsHTMLInputElement::GetEditor(nsIEditor**) (nsHTMLInputElement.h:113) ==17555== by 0x69D4373: NS_InvokeByIndex_P (xptcinvoke_x86_64_unix.cpp:208) ==17555== by 0x61BA1EF: CallMethodHelper::Invoke() (xpcwrappednative.cpp:3080) ==17555== by 0x61B81DA: CallMethodHelper::Call() (xpcwrappednative.cpp:2347) ==17555== Uninitialised value was created by a heap allocation ==17555== at 0x4A0614F: malloc (vg_replace_malloc.c:236) ==17555== by 0x82B0E6D: moz_xmalloc (mozalloc.cpp:98) ==17555== by 0x5539B3E: nsPlaintextEditorConstructor(nsISupports*, nsID const&, void**) (mozalloc.h:226) ==17555== by 0x694690E: mozilla::GenericFactory::CreateInstance(nsISupports*, nsID const&, void**) (GenericFactory.cpp:48) ==17555== by 0x69AA759: nsComponentManagerImpl::CreateInstance(nsID const&, nsISupports*, nsID const&, void**) (nsComponentManager.cpp:1196) ==17555== by 0x6935954: CallCreateInstance(nsID const&, nsISupports*, nsID const&, void**) (nsComponentManagerUtils.cpp:157) ==17555== by 0x6935B1B: nsCreateInstanceByCID::operator()(nsID const&, void**) const (nsComponentManagerUtils.cpp:199) ==17555== by 0x5A4C46E: nsCOMPtr<nsIEditor>::assign_from_helper(nsCOMPtr_helper const&, nsID const&) (nsCOMPtr.h:1272) ==17555== by 0x5A4BEE3: nsCOMPtr<nsIEditor>::operator=(nsCOMPtr_helper const&) (nsCOMPtr.h:730) ==17555== by 0x5A4709F: nsTextEditorState::PrepareEditor(nsAString_internal const*) (nsTextEditorState.cpp:1128) ==17555== by 0x5A46680: nsTextEditorState::GetEditor() (nsTextEditorState.cpp:961) ==17555== by 0x5A77DA4: nsHTMLInputElement::GetTextEditor() (nsHTMLInputElement.cpp:769) ==17555== ==17555== Conditional jump or move depends on uninitialised value(s) ==17555== at 0x5D7CE9A: nsEditor::CanEnableSpellCheck() (nsEditor.h:367) ==17555== by 0x5D68712: nsEditor::SetFlags(unsigned int) (nsEditor.cpp:452) ==17555== by 0x5D67A41: nsEditor::Init(nsIDOMDocument*, nsIPresShell*, nsIContent*, nsISelectionController*, unsigned int) (nsEditor.cpp:233) ==17555== by 0x5D5348D: nsPlaintextEditor::Init(nsIDOMDocument*, nsIPresShell*, nsIContent*, nsISelectionController*, unsigned int) (nsPlaintextEditor.cpp:164) ==17555== by 0x5A473D8: nsTextEditorState::PrepareEditor(nsAString_internal const*) (nsTextEditorState.cpp:1165) ==17555== by 0x5A46680: nsTextEditorState::GetEditor() (nsTextEditorState.cpp:961) ==17555== by 0x5A77DA4: nsHTMLInputElement::GetTextEditor() (nsHTMLInputElement.cpp:769) ==17555== by 0x5A3C5A8: nsGenericHTMLElement::GetEditorInternal(nsIEditor**) (nsGenericHTMLElement.cpp:3179) ==17555== by 0x5A3C53A: nsGenericHTMLElement::GetEditor(nsIEditor**) (nsGenericHTMLElement.cpp:3169) ==17555== by 0x5A81592: nsHTMLInputElement::GetEditor(nsIEditor**) (nsHTMLInputElement.h:113) ==17555== by 0x69D4373: NS_InvokeByIndex_P (xptcinvoke_x86_64_unix.cpp:208) ==17555== by 0x61BA1EF: CallMethodHelper::Invoke() (xpcwrappednative.cpp:3080) ==17555== Uninitialised value was created by a heap allocation ==17555== at 0x4A0614F: malloc (vg_replace_malloc.c:236) ==17555== by 0x82B0E6D: moz_xmalloc (mozalloc.cpp:98) ==17555== by 0x5539B3E: nsPlaintextEditorConstructor(nsISupports*, nsID const&, void**) (mozalloc.h:226) ==17555== by 0x694690E: mozilla::GenericFactory::CreateInstance(nsISupports*, nsID const&, void**) (GenericFactory.cpp:48) ==17555== by 0x69AA759: nsComponentManagerImpl::CreateInstance(nsID const&, nsISupports*, nsID const&, void**) (nsComponentManager.cpp:1196) ==17555== by 0x6935954: CallCreateInstance(nsID const&, nsISupports*, nsID const&, void**) (nsComponentManagerUtils.cpp:157) ==17555== by 0x6935B1B: nsCreateInstanceByCID::operator()(nsID const&, void**) const (nsComponentManagerUtils.cpp:199) ==17555== by 0x5A4C46E: nsCOMPtr<nsIEditor>::assign_from_helper(nsCOMPtr_helper const&, nsID const&) (nsCOMPtr.h:1272) ==17555== by 0x5A4BEE3: nsCOMPtr<nsIEditor>::operator=(nsCOMPtr_helper const&) (nsCOMPtr.h:730) ==17555== by 0x5A4709F: nsTextEditorState::PrepareEditor(nsAString_internal const*) (nsTextEditorState.cpp:1128) ==17555== by 0x5A46680: nsTextEditorState::GetEditor() (nsTextEditorState.cpp:961) ==17555== by 0x5A77DA4: nsHTMLInputElement::GetTextEditor() (nsHTMLInputElement.cpp:769) ==17555== 413 INFO SimpleTest finished /tests/dom/tests/mochitest/dom-level2-html/test_HTMLTableSectionElement31.html in 260496ms 414 INFO TEST-START | /tests/dom/tests/mochitest/dom-level2-html/test_HTMLTextAreaElement01.html ++DOMWINDOW == 17 (0x9af2668) [serial = 379] [outer = 0xd82c180] ++DOCSHELL 0x1dec2170 == 10 ++DOMWINDOW == 18 (0x1adc49b8) [serial = 380] [outer = (nil)] --DOCSHELL 0x1e05ffa0 == 9 WARNING: Context has no global.: file /work/mozilla/builds/2.0.0/mozilla/dom/base/nsJSEnvironment.cpp, line 2518 ++DOMWINDOW == 19 (0x1b371dd8) [serial = 381] [outer = 0x1adc4950] --DOMWINDOW == 18 (0x133f81b8) [serial = 374] [outer = 0xd82c180] [url = http://mochi.test:8888/tests/dom/tests/mochitest/dom-level2-html/test_HTMLTableSectionElement31.html] --DOMWINDOW == 17 (0x1c22ba08) [serial = 377] [outer = (nil)] [url = http://mochi.test:8888/tests/dom/tests/mochitest/dom-level2-html/files/tablesection.html] --DOMWINDOW == 16 (0x1ad2b8b8) [serial = 378] [outer = (nil)] [url = about:blank] --DOMWINDOW == 15 (0x1bff83a8) [serial = 376] [outer = 0x18a146d0] [url = http://mochi.test:8888/tests/dom/tests/mochitest/dom-level2-html/files/tablesection.html] --DOCSHELL 0x1b762e00 == 8 --DOMWINDOW == 14 (0x18a14738) [serial = 375] [outer = (nil)] [url = http://mochi.test:8888/tests/dom/tests/mochitest/dom-level2-html/files/tablesection.html] ==17555== Conditional jump or move depends on uninitialised value(s) ==17555== at 0x5D7CEBA: nsEditor::CanEnableSpellCheck() (nsEditor.h:367) ==17555== by 0x5D68712: nsEditor::SetFlags(unsigned int) (nsEditor.cpp:452) ==17555== by 0x5D67A41: nsEditor::Init(nsIDOMDocument*, nsIPresShell*, nsIContent*, nsISelectionController*, unsigned int) (nsEditor.cpp:233) ==17555== by 0x5D5348D: nsPlaintextEditor::Init(nsIDOMDocument*, nsIPresShell*, nsIContent*, nsISelectionController*, unsigned int) (nsPlaintextEditor.cpp:164) ==17555== by 0x5A473D8: nsTextEditorState::PrepareEditor(nsAString_internal const*) (nsTextEditorState.cpp:1165) ==17555== by 0x5AC1150: nsHTMLTextAreaElement::CreateEditor() (nsHTMLTextAreaElement.cpp:482) ==17555== by 0x56FCC9D: nsTextControlFrame::EnsureEditorInitialized() (nsTextControlFrame.cpp:409) ==17555== by 0x57029C2: nsTextControlFrame::EditorInitializer::Run() (nsTextControlFrame.h:285) ==17555== by 0x58A4FB3: nsContentUtils::RemoveScriptBlocker() (nsContentUtils.cpp:4728) ==17555== by 0x556D922: nsAutoScriptBlocker::~nsAutoScriptBlocker() (nsContentUtils.h:1884) ==17555== by 0x55E7930: PresShell::FlushPendingNotifications(mozFlushType) (nsPresShell.cpp:4781) ==17555== by 0x55FFEA5: nsRefreshDriver::Notify(nsITimer*) (nsRefreshDriver.cpp:257) ==17555== Uninitialised value was created by a heap allocation ==17555== at 0x4A0614F: malloc (vg_replace_malloc.c:236) ==17555== by 0x82B0E6D: moz_xmalloc (mozalloc.cpp:98) ==17555== by 0x5539B3E: nsPlaintextEditorConstructor(nsISupports*, nsID const&, void**) (mozalloc.h:226) ==17555== by 0x694690E: mozilla::GenericFactory::CreateInstance(nsISupports*, nsID const&, void**) (GenericFactory.cpp:48) ==17555== by 0x69AA759: nsComponentManagerImpl::CreateInstance(nsID const&, nsISupports*, nsID const&, void**) (nsComponentManager.cpp:1196) ==17555== by 0x6935954: CallCreateInstance(nsID const&, nsISupports*, nsID const&, void**) (nsComponentManagerUtils.cpp:157) ==17555== by 0x6935B1B: nsCreateInstanceByCID::operator()(nsID const&, void**) const (nsComponentManagerUtils.cpp:199) ==17555== by 0x5A4C46E: nsCOMPtr<nsIEditor>::assign_from_helper(nsCOMPtr_helper const&, nsID const&) (nsCOMPtr.h:1272) ==17555== by 0x5A4BEE3: nsCOMPtr<nsIEditor>::operator=(nsCOMPtr_helper const&) (nsCOMPtr.h:730) ==17555== by 0x5A4709F: nsTextEditorState::PrepareEditor(nsAString_internal const*) (nsTextEditorState.cpp:1128) ==17555== by 0x5AC1150: nsHTMLTextAreaElement::CreateEditor() (nsHTMLTextAreaElement.cpp:482) ==17555== by 0x56FCC9D: nsTextControlFrame::EnsureEditorInitialized() (nsTextControlFrame.cpp:409) ==17555== ++ 3765 INFO SimpleTest finished /tests/dom/tests/mochitest/whatwg/test_postMessage_userpass.html in 192075ms 3766 INFO TEST-START | /tests/editor/composer/test/test_bug348497.html ++DOMWINDOW == 15 (0x1bcb5568) [serial = 1337] [outer = 0xd82c180] ++DOCSHELL 0x1f606900 == 9 ++DOMWINDOW == 16 (0x1ad187f8) [serial = 1338] [outer = (nil)] WARNING: Context has no global.: file /work/mozilla/builds/2.0.0/mozilla/dom/base/nsJSEnvironment.cpp, line 2518 WARNING: Context has no global.: file /work/mozilla/builds/2.0.0/mozilla/dom/base/nsJSEnvironment.cpp, line 2518 ++DOMWINDOW == 17 (0x1bcc3618) [serial = 1339] [outer = 0x1ad18790] --DOMWINDOW == 16 (0x1f207108) [serial = 1334] [outer = 0xd82c180] [url = http://mochi.test:8888/tests/dom/tests/mochitest/whatwg/test_postMessage_userpass.html] --DOMWINDOW == 15 (0x1b7bd888) [serial = 1335] [outer = (nil)] [url = http://bobhope:password@example.org/tests/dom/tests/mochitest/whatwg/postMessage_userpass_helper.html] --DOMWINDOW == 14 (0x168df268) [serial = 1336] [outer = (nil)] [url = http://bobhope:password@example.org/tests/dom/tests/mochitest/whatwg/postMessage_userpass_helper.html] --DOCSHELL 0x1f74bcf0 == 8 WARNING: NS_ENSURE_TRUE(mDoneSetup) failed: file /work/mozilla/builds/2.0.0/mozilla/editor/composer/src/nsEditingSession.cpp, line 561 ==17555== Conditional jump or move depends on uninitialised value(s) ==17555== at 0x5D686FB: nsEditor::SetFlags(unsigned int) (nsEditor.cpp:448) ==17555== by 0x60ACCA7: nsHTMLEditor::SetFlags(unsigned int) (nsHTMLEditor.cpp:504) ==17555== by 0x5D67A41: nsEditor::Init(nsIDOMDocument*, nsIPresShell*, nsIContent*, nsISelectionController*, unsigned int) (nsEditor.cpp:233) ==17555== by 0x5D5348D: nsPlaintextEditor::Init(nsIDOMDocument*, nsIPresShell*, nsIContent*, nsISelectionController*, unsigned int) (nsPlaintextEditor.cpp:164) ==17555== by 0x60ABAFE: nsHTMLEditor::Init(nsIDOMDocument*, nsIPresShell*, nsIContent*, nsISelectionController*, unsigned int) (nsHTMLEditor.cpp:275) ==17555== by 0x64E72B1: nsEditingSession::SetupEditorOnWindow(nsIDOMWindow*) (nsEditingSession.cpp:497) ==17555== by 0x64E5B17: nsEditingSession::MakeWindowEditable(nsIDOMWindow*, char const*, int, int, int) (nsEditingSession.cpp:207) ==17555== by 0x5AF0C6A: nsHTMLDocument::EditingStateChanged() (nsHTMLDocument.cpp:3279) ==17555== by 0x5AF18AC: nsHTMLDocument::SetDesignMode(nsAString_internal const&) (nsHTMLDocument.cpp:3396) ==17555== by 0x5910F16: nsFrameLoader::Show(int, int, int, int, nsIFrameFrame*) (nsFrameLoader.cpp:741) ==17555== by 0x5655FA9: nsSubDocumentFrame::ShowViewer() (nsFrameFrame.cpp:347) ==17555== by 0x56588A8: AsyncFrameInit::Run() (nsFrameFrame.cpp:258) ==17555== Uninitialised value was created by a heap allocation ==17555== at 0x4A0614F: malloc (vg_replace_malloc.c:236) ==17555== by 0x82B0E6D: moz_xmalloc (mozalloc.cpp:98) ==17555== by 0x5539FA2: nsHTMLEditorConstructor(nsISupports*, nsID const&, void**) (mozalloc.h:226) ==17555== by 0x694690E: mozilla::GenericFactory::CreateInstance(nsISupports*, nsID const&, void**) (GenericFactory.cpp:48) ==17555== by 0x69AA970: nsComponentManagerImpl::CreateInstanceByContractID(char const*, nsISupports*, nsID const&, void**) (nsComponentManager.cpp:1284) ==17555== by 0x69359DE: CallCreateInstance(char const*, nsISupports*, nsID const&, void**) (nsComponentManagerUtils.cpp:170) ==17555== by 0x6935B93: nsCreateInstanceByContractID::operator()(nsID const&, void**) const (nsComponentManagerUtils.cpp:210) ==17555== by 0x5A4C46E: nsCOMPtr<nsIEditor>::assign_from_helper(nsCOMPtr_helper const&, nsID const&) (nsCOMPtr.h:1272) ==17555== by 0x6159FEE: nsCOMPtr<nsIEditor>::nsCOMPtr(nsCOMPtr_helper const&) (nsCOMPtr.h:644) ==17555== by 0x64E6A87: nsEditingSession::SetupEditorOnWindow(nsIDOMWindow*) (nsEditingSession.cpp:454) ==17555== by 0x64E5B17: nsEditingSession::MakeWindowEditable(nsIDOMWindow*, char const*, int, int, int) (nsEditingSession.cpp:207) ==17555== by 0x5AF0C6A: nsHTMLDocument::EditingStateChanged() (nsHTMLDocument.cpp:3279) ==17555== ==17555== Conditional jump or move depends on uninitialised value(s) ==17555== at 0x5D7CE9A: nsEditor::CanEnableSpellCheck() (nsEditor.h:367) ==17555== by 0x5D68712: nsEditor::SetFlags(unsigned int) (nsEditor.cpp:452) ==17555== by 0x60ACCA7: nsHTMLEditor::SetFlags(unsigned int) (nsHTMLEditor.cpp:504) ==17555== by 0x5D67A41: nsEditor::Init(nsIDOMDocument*, nsIPresShell*, nsIContent*, nsISelectionController*, unsigned int) (nsEditor.cpp:233) ==17555== by 0x5D5348D: nsPlaintextEditor::Init(nsIDOMDocument*, nsIPresShell*, nsIContent*, nsISelectionController*, unsigned int) (nsPlaintextEditor.cpp:164) ==17555== by 0x60ABAFE: nsHTMLEditor::Init(nsIDOMDocument*, nsIPresShell*, nsIContent*, nsISelectionController*, unsigned int) (nsHTMLEditor.cpp:275) ==17555== by 0x64E72B1: nsEditingSession::SetupEditorOnWindow(nsIDOMWindow*) (nsEditingSession.cpp:497) ==17555== by 0x64E5B17: nsEditingSession::MakeWindowEditable(nsIDOMWindow*, char const*, int, int, int) (nsEditingSession.cpp:207) ==17555== by 0x5AF0C6A: nsHTMLDocument::EditingStateChanged() (nsHTMLDocument.cpp:3279) ==17555== by 0x5AF18AC: nsHTMLDocument::SetDesignMode(nsAString_internal const&) (nsHTMLDocument.cpp:3396) ==17555== by 0x5910F16: nsFrameLoader::Show(int, int, int, int, nsIFrameFrame*) (nsFrameLoader.cpp:741) ==17555== by 0x5655FA9: nsSubDocumentFrame::ShowViewer() (nsFrameFrame.cpp:347) ==17555== Uninitialised value was created by a heap allocation ==17555== at 0x4A0614F: malloc (vg_replace_malloc.c:236) ==17555== by 0x82B0E6D: moz_xmalloc (mozalloc.cpp:98) ==17555== by 0x5539FA2: nsHTMLEditorConstructor(nsISupports*, nsID const&, void**) (mozalloc.h:226) ==17555== by 0x694690E: mozilla::GenericFactory::CreateInstance(nsISupports*, nsID const&, void**) (GenericFactory.cpp:48) ==17555== by 0x69AA970: nsComponentManagerImpl::CreateInstanceByContractID(char const*, nsISupports*, nsID const&, void**) (nsComponentManager.cpp:1284) ==17555== by 0x69359DE: CallCreateInstance(char const*, nsISupports*, nsID const&, void**) (nsComponentManagerUtils.cpp:170) ==17555== by 0x6935B93: nsCreateInstanceByContractID::operator()(nsID const&, void**) const (nsComponentManagerUtils.cpp:210) ==17555== by 0x5A4C46E: nsCOMPtr<nsIEditor>::assign_from_helper(nsCOMPtr_helper const&, nsID const&) (nsCOMPtr.h:1272) ==17555== by 0x6159FEE: nsCOMPtr<nsIEditor>::nsCOMPtr(nsCOMPtr_helper const&) (nsCOMPtr.h:644) ==17555== by 0x64E6A87: nsEditingSession::SetupEditorOnWindow(nsIDOMWindow*) (nsEditingSession.cpp:454) ==17555== by 0x64E5B17: nsEditingSession::MakeWindowEditable(nsIDOMWindow*, char const*, int, int, int) (nsEditingSession.cpp:207) ==17555== by 0x5AF0C6A: nsHTMLDocument::EditingStateChanged() (nsHTMLDocument.cpp:3279)
Blocks: sisyphus-valgrind
Attached patch Patch (v1)Splinter Review
mFlags needs to be initialized in the constructor, otherwise on the first SetFlags calls, its value would be uninitialized, which we try to compare to aFlags.
Assignee: nobody → ehsan
Status: NEW → ASSIGNED
Attachment #468184 - Flags: review?(roc)
Attachment #468184 - Flags: approval2.0?
Blocks: 581576
Attachment #468184 - Flags: review?(roc)
Attachment #468184 - Flags: review+
Attachment #468184 - Flags: approval2.0?
Attachment #468184 - Flags: approval2.0+
http://hg.mozilla.org/mozilla-central/rev/ed7994c14953
Status: ASSIGNED → RESOLVED
Closed: 14 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla2.0b5
Oh, thank you for your work, Ehsan. I think that the fix is right. Even if aFlags of Init() is zero, there is no problem because PostCreate() will call SetFlags() after it sets ~mFlags to mFlags.
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: