Closed Bug 74773 Opened 23 years ago Closed 23 years ago

UMR in AccumulateCRC()

Categories

(Core :: CSS Parsing and Computation, defect)

Product:
Core
Component:
CSS Parsing and Computation
Platform:
x86
Windows NT
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED FIXED
Milestone:
mozilla0.9.2

People

(Reporter: kinmoz, Assigned: pierre)

References

(
URL
)

Details

(Whiteboard: [fix in hand])

Attachments

(1 file)

fix
1.90 KB, patch
Details | Diff | Splinter Review 
When running Purify on my 04/04/01 Mozilla Win32 Debug build, with classic skin, 
sfaser and I were seeing a UMR in AccumulateCRC(), nsStyleContext.cpp line 4392:

    i = ( (int) ( crc_accum >> 24) ^ *data_blk_ptr++ ) & 0xff;

I believe the UMR is hit several times just starting up the browser, if not, try 
going to www.mozilla.org.

Note that Purify reported a total of 16 occurrences of this UMR, but the stack 
traces all looked the same, so I'm only including one of them:


[W] UMR: Uninitialized memory read in AccumulateCRC {4 occurrences}
        Reading 1 byte from 0x0bd68484 (1 byte at 0x0bd68484 uninitialized)
        Address 0x0bd68484 is 540 bytes into a 764 byte block at 0x0bd68268
        Address 0x0bd68484 points to a C++ new block in heap 0x03620000
        Thread ID: 0x89
        Error location
            AccumulateCRC  [nsStyleContext.cpp:4392]
            StyleMarginCRC [nsStyleContext.cpp:4426]
            StyleMarginImpl::ComputeCRC32(UINT)const [nsStyleContext.cpp:451]
            nsStyleContextData::ComputeCRC32(UINT)const 
[nsStyleContext.cpp:2456]
            nsStyleContextData::SetCRC32(void) [nsStyleContext.cpp:2084]
            StyleContextImpl::ShareStyleData(void) [nsStyleContext.cpp:3852]
            StyleContextImpl::RemapStyle(nsIPresContext *,int) 
[nsStyleContext.cpp:3617]
            NS_NewStyleContext(nsIStyleContext * *,nsIStyleContext *,nsIAtom 
*,nsISupportsArray *,nsIPresContext *) [nsStyleContext.cpp:4345]
            StyleSetImpl::GetContext(nsIPresContext *,nsIStyleContext *,nsIAtom 
*,nsISupportsArray *,int,int&) [nsStyleSet.cpp:838]
            StyleSetImpl::ResolveStyleFor(nsIPresContext *,nsIContent 
*,nsIStyleContext *,int) [nsStyleSet.cpp:922]
        Allocation location
            new(UINT)      [new.cpp:23]
            nsStyleContextData::Create(nsIPresContext *) 
[nsStyleContext.cpp:2176]
            StyleContextImpl::EnsureStyleData(nsIPresContext *) 
[nsStyleContext.cpp:3787]
            StyleContextImpl::RemapStyle(nsIPresContext *,int) 
[nsStyleContext.cpp:3442]
            NS_NewStyleContext(nsIStyleContext * *,nsIStyleContext *,nsIAtom 
*,nsISupportsArray *,nsIPresContext *) [nsStyleContext.cpp:4345]
            StyleSetImpl::GetContext(nsIPresContext *,nsIStyleContext *,nsIAtom 
*,nsISupportsArray *,int,int&) [nsStyleSet.cpp:838]
            StyleSetImpl::ResolveStyleFor(nsIPresContext *,nsIContent 
*,nsIStyleContext *,int) [nsStyleSet.cpp:922]
            nsPresContext::ResolveStyleContextFor(nsIContent *,nsIStyleContext 
*,int,nsIStyleContext * *) [nsPresContext.cpp:670]
            nsCSSFrameConstructor::ResolveStyleContext(nsIPresContext *,nsIFrame 
*,nsIContent *,nsIAtom *,nsIStyleContext * *) [nsCSSFrameConstructor.cpp:6706]
            nsCSSFrameConstructor::ConstructFrame(nsIPresShell *,nsIPresContext 
*,nsFrameConstructorState&,nsIContent *,nsIFrame *,nsFrameItems&) 
[nsCSSFrameConstructor.cpp:7061]
I'm going to attach a simple fix, if Marc or Simon wants to review.
Status: NEW → ASSIGNED
Whiteboard: [fix in hand]
Target Milestone: --- → mozilla0.9.1
Attached patch fixSplinter Review 

    
    

    
  
*** Bug 68226 has been marked as a duplicate of this bug. ***

    
    

    
  
Looks good. But were mCachedMargin, mCachedPadding, mCachedBorder and 
mCachedOutlineWidth never initialized in the ctor?


    
    

    
  
Pierre, is your patch against your local changes, or am I missing something? I
cannot see how it will remedy the UMR complaints since the association between
the HasCached flag and the data member is semantic, not syntactic. Also, what
Simon asked...


    
    

    
  
Marc, I don't understand your question.


    
    

    
  
Never mind Pierre, I think I was drinking too much Starbucks - I understand it
now and It looks fine. Echoing what Simon mentioned: should we consider
initializing the cache-data (in ResetFrom rather than the ctor, I think?).

    
    

    
  
I prefered to patch it that way (ie. don't use the cached data if it's not valid, 
like everywhere else) rather than initializing the cached data because it was 
more efficient.  A nsMargin contains 4 PRUnt32 and we use approximately 6000 of 
them for margins, 7000 for paddings and 8200 for borders to construct the 
Netscape home page.  That's almost 85000 initializations.


    
    

    
  
Wow, but that is without your data sharing, right? ;)

[s]r=attinasi for the patch as it is, your reasoning is sound Pierre.

    
    

    
  
Ooops, let me rectify these numbers...  They correspond to the number of calls to 
GetStyleData for each of the structs.  My mistake: GetStyleData returns a 
pointer, that's it.  In fact, I should have looked at GetMutableStyleData that 
will result in the new APIs into the creation of a temporary structure on the 
stack to return the data.  The numbers would be much lower: (520 + 880 + 960) * 4 
= 9440 initializations.  Not much of a gain, but why not?

As you have seen, we call GetStyleData a lot but there isn't much we can do about 
it.  I found places, though, where the style context could provide utility 
functions instead of requiring the clients to iterate through the contexts while 
looking for a particular style.


    
    

    
  
Moving to m0.9.2
Target Milestone: mozilla0.9.1 → mozilla0.9.2

    
    

    
  
fixed

Status: ASSIGNED → RESOLVED
Closed: 23 years ago
Resolution: --- → FIXED

    
    

    
  
code level bug, -> reporter for QA
QA Contact: ian → kin

          You need to log in
          before you can comment on or make changes to this bug.
        






  

    
  







  

    

      
Attachment

      

      
      
      
      
    

    

      

        

          

            
General

            

              Creator: 



            

            
Created: 

            
Updated: 

            
Size: