Last Comment Bug 763771 - Uninitialised value use in TouchInputMapper::abortPointerUsage
: Uninitialised value use in TouchInputMapper::abortPointerUsage
Status: RESOLVED FIXED
:
Product: Core
Classification: Components
Component: Widget (show other bugs)
: Trunk
: ARM Gonk (Firefox OS)
: -- normal (vote)
: mozilla16
Assigned To: Michael Wu [:mwu]
:
Mentors:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2012-06-11 16:51 PDT by Julian Seward [:jseward]
Modified: 2012-07-24 13:33 PDT (History)
5 users (show)
See Also:
Crash Signature:
(edit)
QA Whiteboard:
Iteration: ---
Points: ---
Has Regression Range: ---
Has STR: ---
+


Attachments
Initialize mPointerUsage (784 bytes, patch)
2012-06-12 01:09 PDT, Michael Wu [:mwu]
cjones.bugs: review+
jseward: feedback+
Details | Diff | Review

Description Julian Seward [:jseward] 2012-06-11 16:51:41 PDT
When starting up B2G on GalaxyS2.  I saw the complaint below, in various forms.

From a few minutes peering at the code, it seems like we've got this

  void TouchInputMapper::abortPointerUsage(nsecs_t when, uint32_t policyFlags) {
      switch (mPointerUsage) {

on an object created by a call to 
MultiTouchInputMapper::MultiTouchInputMapper(InputDevice*),
which merely defers to the parent class' constructor
TouchInputMapper::TouchInputMapper(InputDevice*)
but that doesn't initialise mPointerUsage.  So I'd guess that's the bug.

Needs checking by someone familiar with the code tho.

Conditional jump or move depends on uninitialised value(s)
   at 0x585891C: android::TouchInputMapper::abortPointerUsage(long long, unsigned int) (widget/gonk/libui/InputReader.cpp:3939)
   by 0x5859269: android::TouchInputMapper::configureSurface(long long, bool*) (widget/gonk/libui/InputReader.cpp:2965)
   by 0x5855097: android::TouchInputMapper::configure(long long, android::InputReaderConfiguration const*, unsigned int) (widget/gonk/libui/InputReader.cpp:2502)
   by 0x58507B3: android::InputDevice::configure(long long, android::InputReaderConfiguration const*, unsigned int) (widget/gonk/libui/InputReader.cpp:910)
   by 0x58554C9: android::InputReader::addDeviceLocked(long long, int) (widget/gonk/libui/InputReader.cpp:348)
   by 0x58555FF: android::InputReader::processEventsLocked(android::RawEvent const*, unsigned int) (widget/gonk/libui/InputReader.cpp:325)
   by 0x58556C9: android::InputReader::loopOnce() (widget/gonk/libui/InputReader.cpp:283)
   by 0x5850749: android::InputReaderThread::threadLoop() (widget/gonk/libui/InputReader.cpp:838)
   by 0x6291197: android::Thread::_threadLoop(void*) (in /system/lib/libutils.so)

 Uninitialised value was created by a heap allocation
   at 0x4806FB8: operator new[](unsigned int) (/home/sewardj/VgTRUNK/trunk-b2g/coregrind/m_replacemalloc/vg_replace_malloc.c:354)
   by 0x58598F5: android::InputReader::createDeviceLocked(int, android::String8 const&, unsigned int) (widget/gonk/libui/InputReader.cpp:432)
   by 0x58554B3: android::InputReader::addDeviceLocked(long long, int) (widget/gonk/libui/InputReader.cpp:347)
   by 0x58555FF: android::InputReader::processEventsLocked(android::RawEvent const*, unsigned int) (widget/gonk/libui/InputReader.cpp:325)
   by 0x58556C9: android::InputReader::loopOnce() (widget/gonk/libui/InputReader.cpp:283)
   by 0x5850749: android::InputReaderThread::threadLoop() (widget/gonk/libui/InputReader.cpp:838)
   by 0x6291197: android::Thread::_threadLoop(void*) (in /system/lib/libutils.so)
Comment 1 Michael Wu [:mwu] 2012-06-12 01:09:23 PDT
Created attachment 632160 [details] [diff] [review]
Initialize mPointerUsage
Comment 2 Julian Seward [:jseward] 2012-06-13 15:41:50 PDT
Comment on attachment 632160 [details] [diff] [review]
Initialize mPointerUsage

Yes, that seems to stop valgrind complaining.
Comment 3 Chris Jones [:cjones] inactive; ni?/f?/r? if you need me 2012-06-13 18:03:24 PDT
Comment on attachment 632160 [details] [diff] [review]
Initialize mPointerUsage

Did you get an agreement set up with upstream android?  We should send this patch up there if possible.
Comment 4 Michael Wu [:mwu] 2012-06-13 18:06:30 PDT
Yeah we did. I'm planning to send this upstream.
Comment 6 Ed Morley [:emorley] 2012-06-21 04:06:02 PDT
https://hg.mozilla.org/mozilla-central/rev/201b55b36b7e

Note You need to log in before you can comment on or make changes to this bug.