Open Bug 344976 Opened 19 years ago Updated 3 years ago

Must nsIFrame::Reflow's aStatus be initialized by the caller?

Categories

(Core :: Layout, defect)

Product:
Core
Component:
Layout
Platform:
x86
Linux
Type:
defect

Tracking

()

People

(Reporter: dbaron, Unassigned)

Details

I saw the following valgrind warning on the 1.8.0 branch: ==20925== Conditional jump or move depends on uninitialised value(s) ==20925== at 0xF3A73EE: nsBlockFrame::ReflowInlineFrame(nsBlockReflowState&, nsLineLayout&, nsLineList_iterator, nsIFrame*, unsigned char*) (nsBlockFrame.cpp:4015) ==20925== by 0xF3A8414: nsBlockFrame::DoReflowInlineFrames(nsBlockReflowState&, nsLineLayout&, nsLineList_iterator, int*, unsigned char*, int, int) (nsBlockFrame.cpp:3852) ==20925== by 0xF3A87BE: nsBlockFrame::ReflowInlineFrames(nsBlockReflowState&, nsLineList_iterator, int*, int, int) (nsBlockFrame.cpp:3734) ==20925== by 0xF3A9743: nsBlockFrame::ReflowLine(nsBlockReflowState&, nsLineList_iterator, int*, int) (nsBlockFrame.cpp:2728) ==20925== by 0xF3AA1F8: nsBlockFrame::ReflowDirtyLines(nsBlockReflowState&, int) (nsBlockFrame.cpp:2262) ==20925== by 0xF3AB8B8: nsBlockFrame::Reflow(nsPresContext*, nsHTMLReflowMetrics&, nsHTMLReflowState const&, unsigned&) (nsBlockFrame.cpp:902) ==20925== by 0xF3ADF9A: nsBlockReflowContext::ReflowBlock(nsRect const&, int, nsCollapsingMargin&, int, int, nsMargin&, nsHTMLReflowState&, unsigned&) (nsBlockReflowContext.cpp:605) ==20925== by 0xF3A8BCA: nsBlockFrame::ReflowBlockFrame(nsBlockReflowState&, nsLineList_iterator, int*) (nsBlockFrame.cpp:3449) ==20925== by 0xF3A9676: nsBlockFrame::ReflowLine(nsBlockReflowState&, nsLineList_iterator, int*, int) (nsBlockFrame.cpp:2610) ==20925== by 0xF3AA1F8: nsBlockFrame::ReflowDirtyLines(nsBlockReflowState&, int) (nsBlockFrame.cpp:2262) ==20925== by 0xF3AB8B8: nsBlockFrame::Reflow(nsPresContext*, nsHTMLReflowMetrics&, nsHTMLReflowState const&, unsigned&) (nsBlockFrame.cpp:902) ==20925== by 0xF3B569B: nsContainerFrame::ReflowChild(nsIFrame*, nsPresContext*, nsHTMLReflowMetrics&, nsHTMLReflowState const&, int, int, unsigned, unsigned&) (nsContainerFrame.cpp:905) ==20925== by 0xF3CEC35: CanvasFrame::Reflow(nsPresContext*, nsHTMLReflowMetrics&, nsHTMLReflowState const&, unsigned&) (nsHTMLFrame.cpp:531) ==20925== by 0xF3B569B: nsContainerFrame::ReflowChild(nsIFrame*, nsPresContext*, nsHTMLReflowMetrics&, nsHTMLReflowState const&, int, int, unsigned, unsigned&) (nsContainerFrame.cpp:905) ==20925== by 0xF3CB2C5: nsHTMLScrollFrame::ReflowScrolledFrame(ScrollReflowState const&, int, int, nsHTMLReflowMetrics*, int) (nsGfxScrollFrame.cpp:515) ==20925== by 0xF3CB823: nsHTMLScrollFrame::ReflowContents(ScrollReflowState*, nsHTMLReflowMetrics const&) (nsGfxScrollFrame.cpp:570) ==20925== by 0xF3CBB61: nsHTMLScrollFrame::Reflow(nsPresContext*, nsHTMLReflowMetrics&, nsHTMLReflowState const&, unsigned&) (nsGfxScrollFrame.cpp:768) ==20925== by 0xF3B569B: nsContainerFrame::ReflowChild(nsIFrame*, nsPresContext*, nsHTMLReflowMetrics&, nsHTMLReflowState const&, int, int, unsigned, unsigned&) (nsContainerFrame.cpp:905) ==20925== by 0xF41064D: ViewportFrame::Reflow(nsPresContext*, nsHTMLReflowMetrics&, nsHTMLReflowState const&, unsigned&) (nsViewportFrame.cpp:239) ... It's clearly possible for this to happen in the out-of-memory case, but that's not what happened here. It seems like most callers of Reflow initialize aStatus to NS_FRAME_COMPLETE before calling, but this one doesn't. Is that required, or are reflowed frames required to set aStatus? Either way, we should have assertions to warn us more rapidly.
Product: Core → Core Graveyard
Component: Layout: Misc Code → Layout
Product: Core Graveyard → Core
Severity: normal → S3
You need to log in before you can comment on or make changes to this bug.