Closed
Bug 4836
Opened 26 years ago
Closed 26 years ago
UMR: nsBlockFrame::ComputeLineMaxElementSize()
Categories
(Core :: Layout, defect, P1)
Tracking
()
VERIFIED
FIXED
People
(Reporter: bruce, Assigned: buster)
References
()
Details
Pull/build from April 8, 1999. Solaris 2.6, gcc 2.7.2.3, Purify. Going to the
given URL will cause this to happen many many times. Might be related to bug
#1431. cc'ing karnaze as he owns bug #1431.
**** Purify instrumented ./apprunner.pure (pid 10892) ****
UMR: Uninitialized memory read (15 times):
* This is occurring while in:
nsBlockFrame::ComputeLineMaxElementSize(nsBlockReflowState&,nsLineBox*,nsSize*)
[nsBlockFrame.cpp:3290]
nsBlockFrame::ReflowBlockFrame(nsBlockReflowState&,nsLineBox*,int*)
[nsBlockFrame.cpp:2617]
nsBlockFrame::ReflowLine(nsBlockReflowState&,nsLineBox*,int*)
[nsBlockFrame.cpp:1961]
nsBlockFrame::ReflowDirtyLines(nsBlockReflowState&)
[nsBlockFrame.cpp:1769]
nsBlockFrame::Reflow(nsIPresContext&,nsHTMLReflowMetrics&,const
nsHTMLReflowState&,unsigned int&) [nsBlockFrame.cpp:1206]
nsBlockReflowContext::ReflowBlock(nsIFrame*,const
nsRect&,int,int,int,nsMargin&,unsigned int&) [nsBlockReflowContext.cpp:225]
nsBlockFrame::ReflowBlockFrame(nsBlockReflowState&,nsLineBox*,int*)
[nsBlockFrame.cpp:2527]
nsBlockFrame::ReflowLine(nsBlockReflowState&,nsLineBox*,int*)
[nsBlockFrame.cpp:1961]
nsBlockFrame::ReflowDirtyLines(nsBlockReflowState&)
[nsBlockFrame.cpp:1769]
nsBlockFrame::Reflow(nsIPresContext&,nsHTMLReflowMetrics&,const
nsHTMLReflowState&,unsigned int&) [nsBlockFrame.cpp:1206]
nsBlockReflowContext::ReflowBlock(nsIFrame*,const
nsRect&,int,int,int,nsMargin&,unsigned int&) [nsBlockReflowContext.cpp:225]
nsBlockFrame::ReflowBlockFrame(nsBlockReflowState&,nsLineBox*,int*)
[nsBlockFrame.cpp:2527]
nsBlockFrame::ReflowLine(nsBlockReflowState&,nsLineBox*,int*)
[nsBlockFrame.cpp:1961]
nsBlockFrame::ReflowDirtyLines(nsBlockReflowState&)
[nsBlockFrame.cpp:1769]
nsBlockFrame::Reflow(nsIPresContext&,nsHTMLReflowMetrics&,const
nsHTMLReflowState&,unsigned int&) [nsBlockFrame.cpp:1206]
nsAreaFrame::Reflow(nsIPresContext&,nsHTMLReflowMetrics&,const
nsHTMLReflowState&,unsigned int&) [nsAreaFrame.cpp:465]
nsContainerFrame::ReflowChild(nsIFrame*,nsIPresContext&,nsHTMLReflowMetrics&,con
st nsHTMLReflowState&,unsigned int&) [nsContainerFrame.cpp:388]
RootFrame::Reflow(nsIPresContext&,nsHTMLReflowMetrics&,const
nsHTMLReflowState&,unsigned int&) [nsHTMLFrame.cpp:231]
nsContainerFrame::ReflowChild(nsIFrame*,nsIPresContext&,nsHTMLReflowMetrics&,con
st nsHTMLReflowState&,unsigned int&) [nsContainerFrame.cpp:388]
ViewportFrame::Reflow(nsIPresContext&,nsHTMLReflowMetrics&,const
nsHTMLReflowState&,unsigned int&) [nsViewportFrame.cpp:432]
nsHTMLReflowCommand::Dispatch(nsIPresContext&,nsHTMLReflowMetrics&,const
nsSize&,nsIRenderingContext&) [nsHTMLReflowCommand.cpp:165]
PresShell::ProcessReflowCommands() [nsPresShell.cpp:1242]
PresShell::ExitReflowLock() [nsPresShell.cpp:668]
PresShell::ContentAppended(nsIDocument*,nsIContent*,int)
[nsPresShell.cpp:1748]
nsDocument::ContentAppended(nsIContent*,int) [nsDocument.cpp:1456]
nsHTMLDocument::ContentAppended(nsIContent*,int)
[nsHTMLDocument.cpp:631]
HTMLContentSink::DidBuildModel(int) [nsHTMLContentSink.cpp:1536]
CNavDTD::DidBuildModel(unsigned int,int,nsIParser*,nsIContentSink*)
[CNavDTD.cpp:577]
nsParser::DidBuildModel(unsigned int) [nsParser.cpp:447]
nsParser::ResumeParse(nsIDTD*) [nsParser.cpp:803]
* Reading 4 bytes from 0xefff6850 on the stack.
* Address 0xefff6850 is 240 bytes below frame pointer in function
nsBlockFrame::ReflowBlockFrame(nsBlockReflowState&,nsLineBox*,int*).
This happens because nsBlockFrame::ReflowBlockFrame() is passing it
&maxElementSize, which is calculates from the
nsBlockReflowContext.GetMaxElementSize(). the 'mMaxElementSize' value on
nsBlockReflowContext is never initialized at all that I can see.
Reporter | ||
Updated•25 years ago
|
Status: RESOLVED → VERIFIED
You need to log in
before you can comment on or make changes to this bug.
Description
•