Bug 102117

Summary: valgrind reports use of uninitialized values
Product: poppler Reporter: oliver.sander
Component: generalAssignee: poppler-bugs <poppler-bugs>
Status: RESOLVED FIXED QA Contact:
Severity: minor    
Priority: medium CC: oliver.sander
Version: unspecified   
Hardware: Other   
OS: All   
Whiteboard:
i915 platform: i915 features:
Attachments: pdf file to trigger the error message

Description oliver.sander 2017-08-08 13:17:30 UTC
Created attachment 133379 [details]
pdf file to trigger the error message

I am using Okular and poppler both from today's git master to show a simple pdf file generated by LibreOffice.  Valgrind gives me a "Conditional jump or move depends on uninitialised value(s)" error.  The error occurs in the method Object::free(), so this may be caused by the recent better_object merger.

Complete valgrind trace:

==978== Memcheck, a memory error detector
==978== Copyright (C) 2002-2017, and GNU GPL'd, by Julian Seward et al.
==978== Using Valgrind-3.13.0 and LibVEX; rerun with -h for copyright info
==978== Command: /home/sander/okular-local-poppler-inst/bin/okular /home/sander/tmp/hallo-welt.pdf
==978== 
==978== Thread 5 Okular::TextPage:
==978== Conditional jump or move depends on uninitialised value(s)
==978==    at 0x23454341: Object::free() (Object.cc:129)
==978==    by 0x23472C7F: setToNull (Object.h:177)
==978==    by 0x23472C7F: XRef::copy() (XRef.cc:426)
==978==    by 0x23459AE0: Page::displaySlice(OutputDev*, double, double, int, bool, bool, int, int, int, int, bool, bool (*)(void*), void*, bool (*)(Annot*, void*), void*, bool) (Page.cc:547)
==978==    by 0x230DB57C: Poppler::Page::textList(Poppler::Page::Rotation) const (poppler-page.cc:587)
==978==    by 0x22E5F8D9: PDFGenerator::textPage(Okular::Page*) (in /home/sander/okular-local-poppler-inst/lib/x86_64-linux-gnu/plugins/okular/generators/okularGenerator_poppler.so)
==978==    by 0x1CA9F966: Okular::TextPageGenerationThread::run() (in /home/sander/okular-local-poppler/build/libOkular5Core.so.7.0.0)
==978==    by 0x8A9AC27: ??? (in /usr/lib/x86_64-linux-gnu/libQt5Core.so.5.7.1)
==978==    by 0xAAE1493: start_thread (pthread_create.c:333)
==978==    by 0x983EA8E: clone (clone.S:97)
==978== 
==978== Thread 4 Okular::PixmapGe:
==978== Conditional jump or move depends on uninitialised value(s)
==978==    at 0x23454341: Object::free() (Object.cc:129)
==978==    by 0x23472C7F: setToNull (Object.h:177)
==978==    by 0x23472C7F: XRef::copy() (XRef.cc:426)
==978==    by 0x23459AE0: Page::displaySlice(OutputDev*, double, double, int, bool, bool, int, int, int, int, bool, bool (*)(void*), void*, bool (*)(Annot*, void*), void*, bool) (Page.cc:547)
==978==    by 0x230DC222: Poppler::Page::renderToImage(double, double, int, int, int, int, Poppler::Page::Rotation) const (poppler-page.cc:369)
==978==    by 0x22E5F34C: PDFGenerator::image(Okular::PixmapRequest*) (in /home/sander/okular-local-poppler-inst/lib/x86_64-linux-gnu/plugins/okular/generators/okularGenerator_poppler.so)
==978==    by 0x1CA9F7FC: Okular::PixmapGenerationThread::run() (in /home/sander/okular-local-poppler/build/libOkular5Core.so.7.0.0)
==978==    by 0x8A9AC27: ??? (in /usr/lib/x86_64-linux-gnu/libQt5Core.so.5.7.1)
==978==    by 0xAAE1493: start_thread (pthread_create.c:333)
==978==    by 0x983EA8E: clone (clone.S:97)
==978== 
==978== Thread 1:
==978== Syscall param writev(vector[...]) points to uninitialised byte(s)
==978==    at 0x9836E4D: ??? (syscall-template.S:84)
==978==    by 0xB6AC41C: ??? (in /usr/lib/x86_64-linux-gnu/libxcb.so.1.1.0)
==978==    by 0xB6AC81C: ??? (in /usr/lib/x86_64-linux-gnu/libxcb.so.1.1.0)
==978==    by 0xB6ACAB6: ??? (in /usr/lib/x86_64-linux-gnu/libxcb.so.1.1.0)
==978==    by 0xB6AD2CB: xcb_flush (in /usr/lib/x86_64-linux-gnu/libxcb.so.1.1.0)
==978==    by 0x139E5C9F: QXcbWindow::hide() (in /usr/lib/x86_64-linux-gnu/libQt5XcbQpa.so.5.7.1)
==978==    by 0x852EDAB: QWindow::setVisible(bool) (in /usr/lib/x86_64-linux-gnu/libQt5Gui.so.5.7.1)
==978==    by 0x7F669F6: QWidgetPrivate::hide_sys() (in /usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5.7.1)
==978==    by 0x7F6D03C: QWidgetPrivate::hide_helper() (in /usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5.7.1)
==978==    by 0x7F71A5F: QWidget::setVisible(bool) (in /usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5.7.1)
==978==    by 0x7F6D4D7: QWidgetPrivate::close_helper(QWidgetPrivate::CloseMode) (in /usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5.7.1)
==978==    by 0x8099880: ??? (in /usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5.7.1)
==978==  Address 0x13417751 is 4,545 bytes inside a block of size 21,152 alloc'd
==978==    at 0x4C2DC05: calloc (vg_replace_malloc.c:711)
==978==    by 0xB6ABDCB: xcb_connect_to_fd (in /usr/lib/x86_64-linux-gnu/libxcb.so.1.1.0)
==978==    by 0xB6AFD28: xcb_connect_to_display_with_auth_info (in /usr/lib/x86_64-linux-gnu/libxcb.so.1.1.0)
==978==    by 0xB39FE89: _XConnectXCB (in /usr/lib/x86_64-linux-gnu/libX11.so.6.3.0)
==978==    by 0xB390BC1: XOpenDisplay (in /usr/lib/x86_64-linux-gnu/libX11.so.6.3.0)
==978==    by 0x139D06A4: QXcbConnection::QXcbConnection(QXcbNativeInterface*, bool, unsigned int, char const*) (in /usr/lib/x86_64-linux-gnu/libQt5XcbQpa.so.5.7.1)
==978==    by 0x139D3E5D: QXcbIntegration::QXcbIntegration(QStringList const&, int&, char**) (in /usr/lib/x86_64-linux-gnu/libQt5XcbQpa.so.5.7.1)
==978==    by 0x40274AC: ??? (in /usr/lib/x86_64-linux-gnu/qt5/plugins/platforms/libqxcb.so)
==978==    by 0x851042C: QPlatformIntegrationFactory::create(QString const&, QStringList const&, int&, char**, QString const&) (in /usr/lib/x86_64-linux-gnu/libQt5Gui.so.5.7.1)
==978==    by 0x851E767: QGuiApplicationPrivate::createPlatformIntegration() (in /usr/lib/x86_64-linux-gnu/libQt5Gui.so.5.7.1)
==978==    by 0x851F2EC: QGuiApplicationPrivate::createEventDispatcher() (in /usr/lib/x86_64-linux-gnu/libQt5Gui.so.5.7.1)
==978==    by 0x8C6DCCE: QCoreApplicationPrivate::init() (in /usr/lib/x86_64-linux-gnu/libQt5Core.so.5.7.1)
==978== 
No frame loaded
No frame loaded
No frame loaded
==978== 
==978== HEAP SUMMARY:
==978==     in use at exit: 381,719 bytes in 4,803 blocks
==978==   total heap usage: 265,082 allocs, 260,279 frees, 109,539,013 bytes allocated
==978== 
==978== LEAK SUMMARY:
==978==    definitely lost: 7,416 bytes in 38 blocks
==978==    indirectly lost: 9,681 bytes in 165 blocks
==978==      possibly lost: 0 bytes in 0 blocks
==978==    still reachable: 364,622 bytes in 4,600 blocks
==978==         suppressed: 0 bytes in 0 blocks
==978== Rerun with --leak-check=full to see details of leaked memory
==978== 
==978== For counts of detected and suppressed errors, rerun with: -v
==978== Use --track-origins=yes to see where uninitialised values come from
==978== ERROR SUMMARY: 71 errors from 3 contexts (suppressed: 0 from 0)
Comment 1 Albert Astals Cid 2017-08-08 20:43:43 UTC
Should be fixed

Use of freedesktop.org services, including Bugzilla, is subject to our Code of Conduct. How we collect and use information is described in our Privacy Policy.