Closed Bug 778071 Opened 12 years ago Closed 12 years ago

Uninitialised value use in mozilla::layers::BasicShadowLayerManager::EndTransaction

Categories

(Core :: Graphics: Layers, defect)

x86_64
Linux
defect
Not set
normal

Tracking

()

RESOLVED DUPLICATE of bug 775848

People

(Reporter: jseward, Unassigned)

Details

Seen on all startups on x86_64-Linux now. Stack trace below. void BasicShadowLayerManager::EndTransaction(DrawThebesLayerCallback aCallback, void* aCallbackData, EndTransactionFlags aFlags) ... if (mRepeatTransaction) { mRepeatTransaction isn't initialised (I suppose), and BasicShadowLayerManager::BasicShadowLayerManager doesn't assign anything to it. Conditional jump or move depends on uninitialised value(s) at 0x7147ABF: mozilla::layers::BasicShadowLayerManager::EndTransaction(void (*)(mozilla::layers::ThebesLayer*, gfxContext*, nsIntRegion const&, nsIntRegion const&, void*), void*, mozilla::layers::LayerManager::EndTransactionFlags) (BasicLayerManager.cpp:1025) by 0x649FC54: nsDisplayList::PaintForFrame(nsDisplayListBuilder*, nsRenderingContext*, nsIFrame*, unsigned int) const (nsDisplayList.cpp:655) by 0x649FF16: nsDisplayList::PaintRoot(nsDisplayListBuilder*, nsRenderingContext*, unsigned int) const (nsDisplayList.cpp:552) by 0x64BA649: nsLayoutUtils::PaintFrame(nsRenderingContext*, nsIFrame*, nsRegion const&, unsigned int, unsigned int) (nsLayoutUtils.cpp:1786) by 0x64D23D8: PresShell::Paint(nsIView*, nsIWidget*, nsRegion const&, nsIntRegion const&, bool) (nsPresShell.cpp:5290) by 0x6893B9C: nsViewManager::Refresh(nsView*, nsIWidget*, nsIntRegion const&, bool) (nsViewManager.cpp:339) by 0x6894F7F: nsViewManager::DispatchEvent(nsGUIEvent*, nsIView*, nsEventStatus*) (nsViewManager.cpp:763) by 0x68918D8: HandleEvent(nsGUIEvent*) (nsView.cpp:127) by 0x6E966D3: nsWindow::DispatchEvent(nsGUIEvent*, nsEventStatus&) (nsWindow.cpp:474) by 0x6EA084F: nsWindow::OnExposeEvent(_GdkEventExpose*) (nsWindow.cpp:2210) by 0x6EA0C04: expose_event_cb(_GtkWidget*, _GdkEventExpose*) (nsWindow.cpp:5088) by 0xA97C187: _gtk_marshal_BOOLEAN__BOXED (gtkmarshalers.c:84) Uninitialised value was created by a heap allocation at 0x402AD1C: malloc (vg_replace_malloc.c:267) by 0x403E038: moz_xmalloc (mozalloc.cpp:54) by 0x6EBF992: nsBaseWidget::CreateBasicLayerManager() (mozalloc.h:200) by 0x6EBFB60: nsBaseWidget::GetLayerManager(mozilla::layers::PLayersChild*, mozilla::layers::LayersBackend, nsIWidget::LayerManagerPersistence, bool*) (nsBaseWidget.cpp:949) by 0x6EA01FA: nsWindow::OnExposeEvent(_GdkEventExpose*) (nsWindow.cpp:2123) by 0x6EA0C04: expose_event_cb(_GtkWidget*, _GdkEventExpose*) (nsWindow.cpp:5088) by 0xA97C187: _gtk_marshal_BOOLEAN__BOXED (gtkmarshalers.c:84) by 0x90CC5DD: g_closure_invoke (gclosure.c:767) by 0x90E0597: signal_emit_unlocked_R (gsignal.c:3248) by 0x90E18B8: g_signal_emit_valist (gsignal.c:2991) by 0x90E2032: g_signal_emit (gsignal.c:3038) by 0xAA930CE: gtk_widget_event_internal (gtkwidget.c:4951)
Status: NEW → RESOLVED
Closed: 12 years ago
Resolution: --- → DUPLICATE
You need to log in before you can comment on or make changes to this bug.