Closed
Bug 14171
Opened 25 years ago
Closed 25 years ago
ran viewer under purify, got UMR in nsFrameConstructorState::PushFloaterContainingBlock
Categories
(Core :: Layout, defect, P2)
Tracking
()
VERIFIED
FIXED
People
(Reporter: buster, Assigned: buster)
References
()
Details
from purify:
[W] UMR: Uninitialized memory read in
nsFrameConstructorState::PushFloaterContainingBlock(nsIFrame
*,nsFrameConstructorSaveState&,int,int) {1 occurrence}
Reading 4 bytes from 0x0012f850 (4 bytes at 0x0012f850 uninitialized)
Address 0x0012f850 points into a thread's stack
Address 0x0012f850 is 48 bytes past the start of local variable 'state' in
nsCSSFrameConstructor::ContentInserted(nsIPresContext *,nsIContent *,nsIContent
*,int)
Thread ID: 0x56
Error location
nsFrameConstructorState::PushFloaterContainingBlock(nsIFrame
*,nsFrameConstructorSaveState&,int,int) [nsCSSFrameConstructor.cpp:320]
nsCSSFrameConstructor::ConstructDocElementFrame(nsIPresContext
*,nsFrameConstructorState&,nsIContent *,nsIFrame *,nsIStyleContext *,nsIFrame
*&) [nsCSSFrameConstructor.cpp:2225]
nsCSSFrameConstructor::ContentInserted(nsIPresContext *,nsIContent
*,nsIContent *,int) [nsCSSFrameConstructor.cpp:5512]
StyleSetImpl::ContentInserted(nsIPresContext *,nsIContent *,nsIContent
*,int) [nsStyleSet.cpp:861]
PresShell::InitialReflow(int,int) [nsPresShell.cpp:838]
HTMLContentSink::StartLayout(void) [nsHTMLContentSink.cpp:2349]
HTMLContentSink::OpenBody(nsIParserNode const&)
[nsHTMLContentSink.cpp:1998]
??? [ip=0x05b42de0]
CNavDTD::OpenContainer(nsIParserNode const&,int) [CNavDTD.cpp:2486]
CNavDTD::HandleDefaultStartToken(CToken *,nsHTMLTag,nsIParserNode&)
[CNavDTD.cpp:1056]
CNavDTD::HandleStartToken(CToken *) [CNavDTD.cpp:1288]
NavDispatchTokenHandler [CNavDTD.cpp:241]
CNavDTD::HandleToken(CToken *,nsIParser *) [CNavDTD.cpp:743]
CNavDTD::BuildModel(nsIParser *,nsITokenizer *,nsITokenObserver
*,nsIContentSink *) [CNavDTD.cpp:554]
nsParser::BuildModel(void) [nsParser.cpp:955]
nsParser::ResumeParse(nsIDTD *,int) [nsParser.cpp:900]
nsParser::OnDataAvailable(nsIChannel *,nsISupports *,nsIInputStream
*,UINT,UINT) [nsParser.cpp:1301]
nsDocumentBindInfo::OnDataAvailable(nsIChannel *,nsISupports
*,nsIInputStream *,UINT,UINT) [nsDocLoader.cpp:1991]
nsChannelListener::OnDataAvailable(nsIChannel *,nsISupports
*,nsIInputStream *,UINT,UINT) [nsDocLoader.cpp:2263]
nsFileChannel::OnDataAvailable(nsIChannel *,nsISupports *,nsIInputStream
*,UINT,UINT) [nsFileChannel.cpp:485]
nsOnDataAvailableEvent::HandleEvent(void)
[nsAsyncStreamListener.cpp:344]
nsStreamListenerEvent::HandlePLEvent(PLEvent *)
[nsAsyncStreamListener.cpp:144]
??? [ip=0x0284a6d4]
DispatchMessageA [USER32.dll]
??? [ip=0x028a39a0]
main [nsWinMain.cpp:133]
forgot to mention, many instances of this same UMR occur per url load.
Kipp, this looks to be related to some member data you added.
It looks like PlushFloaterContainingBlock() should also have this line (the
one with the '+' in front) as well:
aSaveState.mFirstLetterStyle = &mFirstLetterStyle;
+ aSaveState.mFirstLineStyle = &mFirstLineStyle;
aSaveState.mSavedItems = mFloatedItems;
Updated•25 years ago
|
Status: RESOLVED → VERIFIED
Comment 4•25 years ago
|
||
Based on Kipp's comments, marking as verified fixed.
You need to log in
before you can comment on or make changes to this bug.
Description
•