Note: There are a few cases of duplicates in user autocompletion which are being worked on.

Uninitialised value use in TouchInputMapper::abortPointerUsage

RESOLVED FIXED in mozilla16

Status

()

Core
Widget
RESOLVED FIXED
5 years ago
5 years ago

People

(Reporter: jseward, Assigned: mwu)

Tracking

Trunk
mozilla16
ARM
Gonk (Firefox OS)
Points:
---

Firefox Tracking Flags

(blocking-basecamp:+)

Details

Attachments

(1 attachment)

(Reporter)

Description

5 years ago
When starting up B2G on GalaxyS2.  I saw the complaint below, in various forms.

From a few minutes peering at the code, it seems like we've got this

  void TouchInputMapper::abortPointerUsage(nsecs_t when, uint32_t policyFlags) {
      switch (mPointerUsage) {

on an object created by a call to 
MultiTouchInputMapper::MultiTouchInputMapper(InputDevice*),
which merely defers to the parent class' constructor
TouchInputMapper::TouchInputMapper(InputDevice*)
but that doesn't initialise mPointerUsage.  So I'd guess that's the bug.

Needs checking by someone familiar with the code tho.

Conditional jump or move depends on uninitialised value(s)
   at 0x585891C: android::TouchInputMapper::abortPointerUsage(long long, unsigned int) (widget/gonk/libui/InputReader.cpp:3939)
   by 0x5859269: android::TouchInputMapper::configureSurface(long long, bool*) (widget/gonk/libui/InputReader.cpp:2965)
   by 0x5855097: android::TouchInputMapper::configure(long long, android::InputReaderConfiguration const*, unsigned int) (widget/gonk/libui/InputReader.cpp:2502)
   by 0x58507B3: android::InputDevice::configure(long long, android::InputReaderConfiguration const*, unsigned int) (widget/gonk/libui/InputReader.cpp:910)
   by 0x58554C9: android::InputReader::addDeviceLocked(long long, int) (widget/gonk/libui/InputReader.cpp:348)
   by 0x58555FF: android::InputReader::processEventsLocked(android::RawEvent const*, unsigned int) (widget/gonk/libui/InputReader.cpp:325)
   by 0x58556C9: android::InputReader::loopOnce() (widget/gonk/libui/InputReader.cpp:283)
   by 0x5850749: android::InputReaderThread::threadLoop() (widget/gonk/libui/InputReader.cpp:838)
   by 0x6291197: android::Thread::_threadLoop(void*) (in /system/lib/libutils.so)

 Uninitialised value was created by a heap allocation
   at 0x4806FB8: operator new[](unsigned int) (/home/sewardj/VgTRUNK/trunk-b2g/coregrind/m_replacemalloc/vg_replace_malloc.c:354)
   by 0x58598F5: android::InputReader::createDeviceLocked(int, android::String8 const&, unsigned int) (widget/gonk/libui/InputReader.cpp:432)
   by 0x58554B3: android::InputReader::addDeviceLocked(long long, int) (widget/gonk/libui/InputReader.cpp:347)
   by 0x58555FF: android::InputReader::processEventsLocked(android::RawEvent const*, unsigned int) (widget/gonk/libui/InputReader.cpp:325)
   by 0x58556C9: android::InputReader::loopOnce() (widget/gonk/libui/InputReader.cpp:283)
   by 0x5850749: android::InputReaderThread::threadLoop() (widget/gonk/libui/InputReader.cpp:838)
   by 0x6291197: android::Thread::_threadLoop(void*) (in /system/lib/libutils.so)
(Assignee)

Comment 1

5 years ago
Created attachment 632160 [details] [diff] [review]
Initialize mPointerUsage
Assignee: nobody → mwu
Attachment #632160 - Flags: feedback?(jseward)
(Reporter)

Comment 2

5 years ago
Comment on attachment 632160 [details] [diff] [review]
Initialize mPointerUsage

Yes, that seems to stop valgrind complaining.
Attachment #632160 - Flags: feedback?(jseward) → feedback+
(Assignee)

Updated

5 years ago
Attachment #632160 - Flags: review?(jones.chris.g)
Comment on attachment 632160 [details] [diff] [review]
Initialize mPointerUsage

Did you get an agreement set up with upstream android?  We should send this patch up there if possible.
Attachment #632160 - Flags: review?(jones.chris.g) → review+
(Assignee)

Comment 4

5 years ago
Yeah we did. I'm planning to send this upstream.

Updated

5 years ago
blocking-basecamp: --- → ?
(Assignee)

Comment 5

5 years ago
https://hg.mozilla.org/integration/mozilla-inbound/rev/201b55b36b7e

Comment 6

5 years ago
https://hg.mozilla.org/mozilla-central/rev/201b55b36b7e
Status: NEW → RESOLVED
Last Resolved: 5 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla16
blocking-basecamp: ? → +
You need to log in before you can comment on or make changes to this bug.