[valgrind] nsRect::UnionRect -- Source and destination overlap in memcpy

RESOLVED WONTFIX

Status

()

Core
Layout
RESOLVED WONTFIX
10 years ago
10 years ago

People

(Reporter: Robert Sayre, Unassigned)

Tracking

({valgrind})

Firefox Tracking Flags

(Not tracked)

Details

Attachments

(1 attachment)

(Reporter)

Description

10 years ago
Happens on most pages

 Source and destination overlap in memcpy(0xBEE0C170, 0xBEE0C170, 16)
    at 0x4024346: memcpy (mc_replace_strmem.c:116)
    by 0x62A35BC: nsRect::UnionRect(nsRect const&, nsRect const&) (nsRect.cpp:125)
    by 0x71ECD01: nsBlockFrame::Reflow(nsPresContext*, nsHTMLReflowMetrics&, nsHTMLReflowState const&, unsigned&) (nsBlockFrame.cpp:1168)
    by 0x71EED6F: nsBlockReflowContext::ReflowBlock(nsRect const&, int, nsCollapsingMargin&, int, int, nsMargin&, nsLineBox*, nsHTMLReflowState&, unsigned&, nsBlockReflowState&) (nsBlockReflowContext.cpp:339)
    by 0x71E9DDB: nsBlockFrame::ReflowBlockFrame(nsBlockReflowState&, nsLineList_iterator, int*) (nsBlockFrame.cpp:2988)
    by 0x71EA862: nsBlockFrame::ReflowLine(nsBlockReflowState&, nsLineList_iterator, int*) (nsBlockFrame.cpp:2261)
    by 0x71EB3DC: nsBlockFrame::ReflowDirtyLines(nsBlockReflowState&) (nsBlockFrame.cpp:1876)
    by 0x71EC847: nsBlockFrame::Reflow(nsPresContext*, nsHTMLReflowMetrics&, nsHTMLReflowState const&, unsigned&) (nsBlockFrame.cpp:936)
    by 0x71EED6F: nsBlockReflowContext::ReflowBlock(nsRect const&, int, nsCollapsingMargin&, int, int, nsMargin&, nsLineBox*, nsHTMLReflowState&, unsigned&, nsBlockReflowState&) (nsBlockReflowContext.cpp:339)
    by 0x71E9DDB: nsBlockFrame::ReflowBlockFrame(nsBlockReflowState&, nsLineList_iterator, int*) (nsBlockFrame.cpp:2988)
    by 0x71EA862: nsBlockFrame::ReflowLine(nsBlockReflowState&, nsLineList_iterator, int*) (nsBlockFrame.cpp:2261)
    by 0x71EB3DC: nsBlockFrame::ReflowDirtyLines(nsBlockReflowState&) (nsBlockFrame.cpp:1876)
(Reporter)

Updated

10 years ago
Summary: nsRect::UnionRect -- Source and destination overlap in memcpy → [valgrind] nsRect::UnionRect -- Source and destination overlap in memcpy
(Reporter)

Comment 1

10 years ago
Created attachment 298027 [details]
possibly related stack

Comment 2

10 years ago
The memcpy seems to be coming from GCC's default implementation for operator= on nsRect.  I think this is a GCC bug; operator= with both arguments the same should not be undefined behavior, but memcpy with both arguments the same apparently is undefined behavior.  http://gcc.gnu.org/bugzilla/show_bug.cgi?id=32667 perhaps?

Note that src and dest are exactly equal (as opposed to partially overlapping) so this isn't likely to cause any real problems.
(Reporter)

Comment 3

10 years ago
(In reply to comment #2)
> 
> http://gcc.gnu.org/bugzilla/show_bug.cgi?id=32667 perhaps?

I think so.
Status: NEW → RESOLVED
Last Resolved: 10 years ago
Resolution: --- → WONTFIX
Keywords: valgrind
You need to log in before you can comment on or make changes to this bug.