From patchwork Sat Nov 16 13:25:07 2013 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Klaus Schmidinger X-Patchwork-Id: 20739 Received: from localhost ([127.0.0.1] helo=www.linuxtv.org) by www.linuxtv.org with esmtp (Exim 4.72) (envelope-from ) id 1Vhfsb-0006VN-GO; Sat, 16 Nov 2013 14:25:41 +0100 Received: from mail.tu-berlin.de ([130.149.7.33]) by www.linuxtv.org with esmtp (Exim 4.72) (envelope-from ) id 1VhfsB-0006VG-Gg for vdr@linuxtv.org; Sat, 16 Nov 2013 14:25:39 +0100 X-tubIT-Incoming-IP: 188.40.50.18 Received: from racoon.tvdr.de ([188.40.50.18]) by mail.tu-berlin.de (exim-4.72/mailfrontend-6) with esmtps [TLSv1:AES256-SHA:256] for id 1VhfsA-00079G-3W; Sat, 16 Nov 2013 14:25:15 +0100 Received: from dolphin.tvdr.de (dolphin.tvdr.de [192.168.100.2]) by racoon.tvdr.de (8.14.5/8.14.5) with ESMTP id rAGDPDi3010016 for ; Sat, 16 Nov 2013 14:25:13 +0100 Received: from [192.168.100.11] (falcon.tvdr.de [192.168.100.11]) by dolphin.tvdr.de (8.14.4/8.14.4) with ESMTP id rAGDP7fb020354 for ; Sat, 16 Nov 2013 14:25:07 +0100 Message-ID: <52877233.2080806@tvdr.de> Date: Sat, 16 Nov 2013 14:25:07 +0100 From: Klaus Schmidinger User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Thunderbird/24.1.0 MIME-Version: 1.0 To: vdr@linuxtv.org References: <20131115150838.GB4009@x220> <528641FE.2000609@tvdr.de> <20131115171719.GA4244@x220> In-Reply-To: <20131115171719.GA4244@x220> X-PMX-Version: 6.0.0.2142326, Antispam-Engine: 2.7.2.2107409, Antispam-Data: 2013.11.16.131515 X-PMX-Spam: Gauge=IIIIIIII, Probability=8%, Report=' HTML_00_01 0.05, HTML_00_10 0.05, SUPERLONG_LINE 0.05, BODY_SIZE_3000_3999 0, BODY_SIZE_5000_LESS 0, BODY_SIZE_7000_LESS 0, __ANY_URI 0, __BOUNCE_CHALLENGE_SUBJ 0, __BOUNCE_NDR_SUBJ_EXEMPT 0, __C230066_P5 0, __CP_MEDIA_BODY 0, __CT 0, __CTE 0, __CT_TEXT_PLAIN 0, __FORWARDED_MSG 0, __FW_1LN_BOT_MSGID 0, __HAS_FROM 0, __HAS_MSGID 0, __IN_REP_TO 0, __MIME_TEXT_ONLY 0, __MIME_VERSION 0, __MOZILLA_MSGID 0, __MOZILLA_USER_AGENT 0, __OEM_PRICE 0, __SANE_MSGID 0, __STOCK_PHRASE_7 0, __SUBJ_ALPHA_END 0, __SUBJ_ALPHA_NEGATE 0, __TO_MALFORMED_2 0, __TO_NO_NAME 0, __URI_NO_MAILTO 0, __URI_NO_PATH 0, __URI_NO_WWW 0, __USER_AGENT 0' X-LSpam-Score: -1.1 (-) X-LSpam-Report: No, score=-1.1 required=5.0 tests=BAYES_00=-1.9, RDNS_NONE=0.793 autolearn=no Subject: Re: [vdr] Valgrind warnings with LCARS OSD X-BeenThere: vdr@linuxtv.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: VDR Mailing List List-Id: VDR Mailing List List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: vdr-bounces@linuxtv.org Errors-To: vdr-bounces@linuxtv.org On 15.11.2013 18:17, Marko Mäkelä wrote: > Hi Klaus, > > On Fri, Nov 15, 2013 at 04:47:10PM +0100, Klaus Schmidinger wrote: >>> #2 0x0810e3d2 in cPixmapMemory::DrawRectangle (this=0x6d3fe78, Rect=..., Color=2566914048) at osd.c:1333 >>> 1333 cRect r = Rect.Intersected(DrawPort().Size()); >>> >>> As far as I can tell, the entirely uninitialized cRect is being passed as the Rect parameter to cPixmapMemory::DrawRectangle(). Unfortunately, gdb cannot show me the stack above that. It would seem to me that cSkinLCARSDisplayMenu::Clear() is passing uninitialized bounds to cOsd::DrawRectangle(), >>> which will lead to funny values like this: >>> >>> (gdb) p *this >>> $31 = {point = {x = 1418239204, y = 0}, size = {width = -1379480940, height = 201}, static Null = {point = {x = 0, y = 0}, size = {width = 0, height = 0}, static Null = }} >> >> The constructor of cRect makes sure that all members are initialized to zero. >> I'm afraid I can't think of a way there could be an uninitialized cRect. > > Sorry, I used a bit sloppy language. cRect appears to be initialized, but with uninitialized values. You know, Valgrind does not complain when you copy uninitialized data around. It only complains when you are comparing uninitialized data or passing uninitialized data to a system call. The Valgrind > V-bits are tracking which bits are uninitialized. > > The cRect constructor is not at fault. I tried this twice, but both times gdb would only show me the 3 topmost stack frames, claiming that the rest of the stack is corrupted. Valgrind did show more (quoting from my previous message): > > ==3601== by 0x810AA0B: cOsd::DrawRectangle(int, int, int, int, > unsigned int) (osd.c:1922) > ==3601== by 0x8130482: cSkinLCARSDisplayMenu::Clear() (skinlcars.c:1463) > > I could obviously not verify this (due to gdb claiming that the stack is corrupted), but I suspect that the parameters that are being passed are uninitialized: > > void cSkinLCARSDisplayMenu::Clear(void) > { > textScroller.Reset(); > osd->DrawRectangle(xi00, yi00, xi03 - 1, yi01 - 1, Theme.Color(clrBackground)); > } > > AFAICT, it is invoking this code in cOsd::DrawRectangle(): > pixmaps[0]->DrawRectangle(cRect(x1, y1, x2 - x1 + 1, y2 - y1 + 1), Color); > This in turn should be invoking this constructor: > cRect(int X, int Y, int Width, int Height): point(X, Y), size(Width, Height) {} > > cSkinLCARSDisplayMenu::cSkinLCARSDisplayMenu() is not initializing any of the members xi00, yi00, xi03, yi01. > >> Is there a reproducible set of actions that causes this to happen? > > Yes. Hit Play (to start playing the last played recording), Pause, Menu, Recordings while using the LCARS skin. The first 2 or 3 keypresses ought to be optional. I had to stop the video playback with the 2 first keypresses, because the softdevice framerate is measured in seconds per frame when > running under Valgrind :) I have verified that cSkinLCARSDisplayMenu::Clear() actually gets called *before* cSkinLCARSDisplayMenu::SetMenuCategory(), where the variables in question are initialized. And in that call to Clear() the values are actually totally bogus. Thanks for debugging this! Please try whether this fixes it: Klaus --- skinlcars.c +++ skinlcars.c @@ -900,6 +900,15 @@ ys03 = ys04 - Gap; ys05 = yb15; + // The item area (just to have them initialized, actual setting will be done in SetMenuCategory(): + + xi00 = 0; + xi01 = 0; + xi02 = 0; + xi03 = 1; + yi00 = 0; + yi01 = 1; + // The color buttons in submenus: xb00 = xa06; xb15 = xa07;