Closed
Bug 3704
Opened 26 years ago
Closed 26 years ago
UMR: nsSelectionMgr::SelectionRequestor()
Categories
(Core :: DOM: Selection, defect, P3)
Tracking
()
VERIFIED
INVALID
M5
People
(Reporter: bruce, Assigned: mcafee)
Details
Solaris 2.6, gcc 2.7.2.3, purify. GTK 1.2. Pull from around 2pm PST on Friday,
March 12, 1999.
UMR: Uninitialized memory read:
* This is occurring while in:
strlen [rtlib.o]
nsSelectionMgr::SelectionRequestor(_GtkWidget*,_GtkSelectionData*)
[nsSelectionMgr.cpp:252]
nsSelectionMgr::SelectionRequestCB(_GtkWidget*,_GtkSelectionData*,unsigned
int,unsigned int,void*) [nsSelectionMgr.cpp:233]
gtk_marshal_NONE__POINTER_INT_INT [gtkmarshal.c:436]
gtk_handlers_run [gtksignal.c:1909]
gtk_signal_real_emit [gtksignal.c:1469]
gtk_signal_emit_by_name [gtksignal.c:618]
gtk_selection_invoke_handler [gtkselection.c:1450]
gtk_selection_convert [gtkselection.c:639]
nsSelectionMgr::PasteTextBlocking(nsString*) [nsSelectionMgr.cpp:291]
nsBrowserWindow::DoPaste() [nsBrowserWindow.cpp:1989]
nsBrowserWindow::DispatchMenuItem(int) [nsBrowserWindow.cpp:524]
nsNativeBrowserWindow::DispatchMenuItem(int) [nsGTKMain.cpp:84]
gtk_ifactory_cb(void*,unsigned int,_GtkWidget*) [nsGTKMenu.cpp:35]
gtk_item_factory_callback_marshal [gtkitemfactory.c:274]
gtk_marshal_NONE__NONE [gtkmarshal.c:363]
gtk_handlers_run [gtksignal.c:1909]
gtk_signal_real_emit [gtksignal.c:1469]
gtk_signal_emit [gtksignal.c:552]
gtk_widget_activate [gtkwidget.c:2810]
gtk_menu_shell_activate_item [gtkmenushell.c:834]
gtk_menu_shell_button_release [gtkmenushell.c:497]
gtk_marshal_BOOL__POINTER [gtkmarshal.c:32]
gtk_signal_real_emit [gtksignal.c:1484]
gtk_signal_emit [gtksignal.c:552]
gtk_widget_event [gtkwidget.c:2784]
gtk_propagate_event [gtkmain.c:1295]
gtk_main_do_event [gtkmain.c:752]
gdk_event_dispatch [gdkevents.c:2086]
g_main_dispatch [gmain.c:647]
* Reading 6 bytes from 0x77cee0 in the heap (1 byte at 0x77cee5 uninit).
* Address 0x77cee0 is at the beginning of a malloc'd block of 100 bytes.
* This block was allocated from:
malloc [rtlib.o]
__bUiLtIn_nEw [libgcc.a]
__builtin_new [rtlib.o]
__bUiLtIn_vEc_nEw [libgcc.a]
__builtin_vec_new [rtlib.o]
default_alloc(unsigned int) [strstream.cc:36]
_IO_str_overflow [strops.c:136]
strstreambuf::overflow(int) [strstream.cc:66]
__overflow [genops.c:162]
_IO_default_xsputn [genops.c:351]
streambuf::xsputn(const char*,int) [streambuf.cc:69]
ostream::operator <<(const char*) [iostream.cc:649]
nsHTMLContentSinkStream::AddLeaf(const nsIParserNode&,ostream&)
[nsHTMLContentSinkStream.cpp:809]
nsHTMLContentSinkStream::AddLeaf(const nsIParserNode&)
[nsHTMLContentSinkStream.cpp:982]
nsXIFDTD::AddLeaf(const nsIParserNode&) [nsXIFDTD.cpp:1431]
nsXIFDTD::HandleTextToken(CToken*) [nsXIFDTD.cpp:589]
XIFDispatchTokenHandler(CToken*,nsIDTD*) [nsXIFDTD.cpp:268]
CTokenHandler::operator ()(CToken*,nsIDTD*) [nsTokenHandler.cpp:80]
nsXIFDTD::HandleToken(CToken*,nsIParser*) [nsXIFDTD.cpp:504]
nsXIFDTD::BuildModel(nsIParser*,nsITokenizer*,nsITokenObserver*,nsIContentSink*)
[nsXIFDTD.cpp:444]
nsParser::BuildModel() [nsParser.cpp:799]
nsParser::ResumeParse(nsIDTD*) [nsParser.cpp:751]
nsParser::Parse(nsString&,void*,const nsString&,int,int)
[nsParser.cpp:719]
PresShell::DoCopy(nsISelectionMgr*) [nsPresShell.cpp:1528]
nsBrowserWindow::DoCopy() [nsBrowserWindow.cpp:1975]
nsBrowserWindow::DispatchMenuItem(int) [nsBrowserWindow.cpp:520]
nsNativeBrowserWindow::DispatchMenuItem(int) [nsGTKMain.cpp:84]
gtk_ifactory_cb(void*,unsigned int,_GtkWidget*) [nsGTKMenu.cpp:35]
gtk_item_factory_callback_marshal [gtkitemfactory.c:274]
gtk_marshal_NONE__NONE [gtkmarshal.c:363]
Comment 1•26 years ago
|
||
Changed to M3
Updated•26 years ago
|
Assignee: mjudge → akkana
Comment 2•26 years ago
|
||
Changing to akkana: error happens in PasteTextBlocking. Akkana: please verify
the problem and re-assign if the error is in gtk
Updated•26 years ago
|
Target Milestone: M3
Updated•26 years ago
|
Target Milestone: M3 → M4
Comment 3•26 years ago
|
||
Changing to M4
Updated•26 years ago
|
Status: NEW → ASSIGNED
Comment 4•26 years ago
|
||
Hmm, that's weird. We're getting str from mCopyStream->str(), which I wouldn't
think would be uninitialized.
One thing that's probably a good idea anyway might be to change
if(str)
on line 250 to
if (str && str[0])
I can't check this in right now since it's not approved for M3, but I'll check
it in after the M3 freeze is over and we can see if it helps the UMR.
Updated•26 years ago
|
Assignee: akkana → mcafee
Status: ASSIGNED → NEW
Comment 5•26 years ago
|
||
nsSelectionMgr is going away any minute now, and I think Chris has already moved
the important code over to the new class. Reassigning to mcafee, who owns the
new code -- Chris, I'd suggest adding the check I mentioned to your equivalent
of the selection request callback, or if you'd prefer, point me at your code
once it's in and I'll make the check.
Updated•26 years ago
|
Target Milestone: M4 → M5
Comment 6•26 years ago
|
||
moving to m5
Assignee | ||
Updated•26 years ago
|
Status: NEW → RESOLVED
Closed: 26 years ago
Resolution: --- → INVALID
Assignee | ||
Comment 7•26 years ago
|
||
code removed, this is now an invalid bug.
QA should just close this.
Updated•26 years ago
|
Status: RESOLVED → VERIFIED
Comment 8•26 years ago
|
||
ok. marking VERIFIED
Per a request from Selection and Search component eng (mjudge) and qa (elig),
moving all "Selection and Search" bugs to new "Selection" component. Original
"Selection and Search" component will be retired.
You need to log in
before you can comment on or make changes to this bug.
Description
•