Status: Untriaged Owner: [EMAIL PROTECTED] Labels: Type-Bug Pri-2 OS-All Area-Misc
New issue 5307 by [EMAIL PROTECTED]: uninitialized memory read in LayoutTests\svg\W3C-SVG-1.1\text-deco-01-b.svg http://code.google.com/p/chromium/issues/detail?id=5307 from a recent purify run: [W] UMR: Uninitialized memory read in WebCore::SimpleFontData::unitsPerEm(void)const {1 occurrence} Reading 4 bytes from 0x06b68b24 (4 bytes at 0x06b68b24 uninitialized) Address 0x06b68b24 is 36 bytes into a 1128 byte block at 0x06b68b00 Address 0x06b68b24 points to a C++ new block in heap 0x069a0000 Thread ID: 0x240 Error location WebCore::SimpleFontData::unitsPerEm(void)const [c:\b\slave\pl\build\src\third_party\webkit\webcore\platform\graphics\simplefontdata.h:78] WebCore::Font::unitsPerEm(void)const [c:\b\slave\pl\build\src\third_party\webkit\webcore\platform\graphics\font.cpp:328] WebCore::pathForDecoration [c:\b\slave\pl\build\src\third_party\webkit\webcore\rendering\svginlinetextbox.cpp:490] WebCore::SVGInlineTextBox::paintDecoration(ETextDecoration::WebCore,GraphicsContext::WebCore *,int,int,int,SVGChar::WebCore const&,SVGTextDecorationInfo::WebCore const&) [c:\b\slave\pl\build\src\third_party\webkit\webcore\rendering\svginlinetextbox.cpp:530] WebCore::SVGRootInlineBoxPaintWalker::chunkPortionCallback(SVGInlineTextBox::WebCore *,int,AffineTransform::WebCore const&,SVGChar::WebCore * const const&,SVGChar::WebCore * const const&) [c:\b\slave\pl\build\src\third_party\webkit\webcore\rendering\svgrootinlinebox.cpp:543] WebCore::SVGTextChunkWalker<SVGRootInlineBoxPaintWalker::WebCore>::()(SVGInlineTextBox::WebCore *,int,AffineTransform::WebCore const&,SVGChar::WebCore * const const&,SVGChar::WebCore * const const&) [c:\b\slave\pl\build\src\third_party\webkit\webcore\rendering\svgcharacterlayoutinfo.h:342] WebCore::SVGRootInlineBox::walkTextChunks(SVGTextChunkWalkerBase::WebCore *,SVGInlineTextBox::WebCore const*) [c:\b\slave\pl\build\src\third_party\webkit\webcore\rendering\svgrootinlinebox.cpp:1689] WebCore::SVGRootInlineBox::paint(PaintInfo::RenderObject::WebCore&,int,int) [c:\b\slave\pl\build\src\third_party\webkit\webcore\rendering\svgrootinlinebox.cpp:599] WebCore::RenderFlow::paintLines(PaintInfo::RenderObject::WebCore&,int,int) [c:\b\slave\pl\build\src\third_party\webkit\webcore\rendering\renderflow.cpp:434] WebCore::RenderBlock::paintContents(PaintInfo::RenderObject::WebCore&,int,int) [c:\b\slave\pl\build\src\third_party\webkit\webcore\rendering\renderblock.cpp:1603] WebCore::RenderBlock::paintObject(PaintInfo::RenderObject::WebCore&,int,int) [c:\b\slave\pl\build\src\third_party\webkit\webcore\rendering\renderblock.cpp:1692] WebCore::RenderBlock::paint(PaintInfo::RenderObject::WebCore&,int,int) [c:\b\slave\pl\build\src\third_party\webkit\webcore\rendering\renderblock.cpp:1517] WebCore::RenderSVGText::paint(PaintInfo::RenderObject::WebCore&,int,int) [c:\b\slave\pl\build\src\third_party\webkit\webcore\rendering\rendersvgtext.cpp:202] WebCore::RenderSVGContainer::paint(PaintInfo::RenderObject::WebCore&,int,int) [c:\b\slave\pl\build\src\third_party\webkit\webcore\rendering\rendersvgcontainer.cpp:350] WebCore::RenderSVGContainer::paint(PaintInfo::RenderObject::WebCore&,int,int) [c:\b\slave\pl\build\src\third_party\webkit\webcore\rendering\rendersvgcontainer.cpp:350] WebCore::RenderBox::paint(PaintInfo::RenderObject::WebCore&,int,int) [c:\b\slave\pl\build\src\third_party\webkit\webcore\rendering\renderbox.cpp:341] WebCore::RenderSVGRoot::paint(PaintInfo::RenderObject::WebCore&,int,int) [c:\b\slave\pl\build\src\third_party\webkit\webcore\rendering\rendersvgroot.cpp:192] WebCore::RenderLayer::paintLayer(RenderLayer::WebCore *,GraphicsContext::WebCore *,IntRect::WebCore const&,bool,PaintRestriction::WebCore,RenderObject::WebCore *,bool) [c:\b\slave\pl\build\src\third_party\webkit\webcore\rendering\renderlayer.cpp:1776] WebCore::RenderLayer::paintLayer(RenderLayer::WebCore *,GraphicsContext::WebCore *,IntRect::WebCore const&,bool,PaintRestriction::WebCore,RenderObject::WebCore *,bool) [c:\b\slave\pl\build\src\third_party\webkit\webcore\rendering\renderlayer.cpp:1801] WebCore::RenderLayer::paint(GraphicsContext::WebCore *,IntRect::WebCore const&,PaintRestriction::WebCore,RenderObject::WebCore *) [c:\b\slave\pl\build\src\third_party\webkit\webcore\rendering\renderlayer.cpp:1618] WebCore::FrameView::paintContents(GraphicsContext::WebCore *,IntRect::WebCore const&) [c:\b\slave\pl\build\src\third_party\webkit\webcore\page\frameview.cpp:1190] WebCore::ScrollView::paint(GraphicsContext::WebCore *,IntRect::WebCore const&) [c:\b\slave\pl\build\src\third_party\webkit\webcore\platform\scrollview.cpp:633] WebFrameImpl::CaptureImage(scoped_ptr<BitmapPlatformDeviceWin::gfx> *,bool) [c:\b\slave\pl\build\src\webkit\glue\webframe_impl.cc:1470] TestShell::DumpImage(class WebFrame *,class std::basic_string<wchar_t,struct std::char_traits<wchar_t>,class std::allocator<wchar_t> > const &) [c:\b\slave\pl\build\src\webkit\tools\test_shell\test_shell.cc:173] TestShell::RunFileTest(char const*,TestParams::TestShell const&) [c:\b\slave\pl\build\src\webkit\tools\test_shell\test_shell_win.cc:306] main [c:\b\slave\pl\build\src\webkit\tools\test_shell\test_shell_main.cc:378] _tmainCRTStartup [f:\sp\vctools\crt_bld\self_x86\crt\src\crt0.c:327] Allocation location new(UINT) [c:\b\slave\pl\build\src\third_party\webkit\javascriptcore\wtf\fastmalloc.h:92] WebCore::FontCache::getCachedFontData(FontPlatformData::WebCore const*) [c:\b\slave\pl\build\src\third_party\webkit\webcore\platform\graphics\fontcache.cpp:214] WebCore::FontCache::getFontData(Font::WebCore const&,int&,FontSelector::WebCore *) [c:\b\slave\pl\build\src\third_party\webkit\webcore\platform\graphics\fontcache.cpp:343] WebCore::FontFallbackList::fontDataAt(Font::WebCore const*,UINT)const [c:\b\slave\pl\build\src\third_party\webkit\webcore\platform\graphics\fontfallbacklist.cpp:100] WebCore::FontFallbackList::primaryFont(Font::WebCore const*)const [c:\b\slave\pl\build\src\third_party\webkit\webcore\platform\graphics\fontfallbacklist.h:60] WebCore::Font::cachePrimaryFont(void)const [c:\b\slave\pl\build\src\third_party\webkit\webcore\platform\graphics\font.cpp:266] WebCore::Font::primaryFont(void)const [c:\b\slave\pl\build\src\third_party\webkit\webcore\platform\graphics\font.h:131] WebCore::RenderSVGText::relativeBBox(bool)const [c:\b\slave\pl\build\src\third_party\webkit\webcore\rendering\rendersvgtext.cpp:223] WebCore::RenderSVGText::absoluteClippedOverflowRect(void) [c:\b\slave\pl\build\src\third_party\webkit\webcore\rendering\rendersvgtext.cpp:53] WebCore::RenderSVGContainer::absoluteClippedOverflowRect(void) [c:\b\slave\pl\build\src\third_party\webkit\webcore\rendering\rendersvgcontainer.cpp:371] WebCore::RenderSVGContainer::absoluteClippedOverflowRect(void) [c:\b\slave\pl\build\src\third_party\webkit\webcore\rendering\rendersvgcontainer.cpp:371] WebCore::RenderSVGRoot::absoluteClippedOverflowRect(void) [c:\b\slave\pl\build\src\third_party\webkit\webcore\rendering\rendersvgroot.cpp:239] WebCore::RenderSVGRoot::layout(void) [c:\b\slave\pl\build\src\third_party\webkit\webcore\rendering\rendersvgroot.cpp:103] WebCore::RenderBlock::layoutBlockChildren(bool,int&) [c:\b\slave\pl\build\src\third_party\webkit\webcore\rendering\renderblock.cpp:1330] WebCore::RenderBlock::layoutBlock(bool) [c:\b\slave\pl\build\src\third_party\webkit\webcore\rendering\renderblock.cpp:657] WebCore::RenderBlock::layout(void) [c:\b\slave\pl\build\src\third_party\webkit\webcore\rendering\renderblock.cpp:568] WebCore::RenderView::layout(void) [c:\b\slave\pl\build\src\third_party\webkit\webcore\rendering\renderview.cpp:118] WebCore::FrameView::layout(bool) [c:\b\slave\pl\build\src\third_party\webkit\webcore\page\frameview.cpp:529] WebCore::FrameView::layoutTimerFired(Timer<FrameView::WebCore>::WebCore *) [c:\b\slave\pl\build\src\third_party\webkit\webcore\page\frameview.cpp:736] WebCore::Timer<FrameView::WebCore>::fired(void) [c:\b\slave\pl\build\src\third_party\webkit\webcore\platform\timer.h:99] WebCore::TimerBase::fireTimers(double,Vector<TimerBase::WebCore *,0>::WTF const&) [c:\b\slave\pl\build\src\third_party\webkit\webcore\platform\timer.cpp:347] WebCore::TimerBase::sharedTimerFired(void) [c:\b\slave\pl\build\src\third_party\webkit\webcore\platform\timer.cpp:368] WebCore::SharedTimerTask::Run(void) [c:\b\slave\pl\build\src\webkit\glue\chromium_bridge_impl.cc:442] MessageLoop::RunTask(Task *) [c:\b\slave\pl\build\src\base\message_loop.cc:308] MessageLoop::DeferOrRunPendingTask(PendingTask::MessageLoop const&) [c:\b\slave\pl\build\src\base\message_loop.cc:316] MessageLoop::DoWork(void) [c:\b\slave\pl\build\src\base\message_loop.cc:408] base::MessagePumpForUI::DoRunLoop(void) [c:\b\slave\pl\build\src\base\message_pump_win.cc:208] base::MessagePumpWin::RunWithDispatcher(Delegate::MessagePump::base *,Dispatcher::MessagePumpWin::base *) [c:\b\slave\pl\build\src\base\message_pump_win.cc:52] base::MessagePumpWin::Run(Delegate::MessagePump::base *) [c:\b\slave\pl\build\src\base\message_pump_win.h:78] MessageLoop::RunInternal(void) [c:\b\slave\pl\build\src\base\message_loop.cc:197] -- You received this message because you are listed in the owner or CC fields of this issue, or because you starred this issue. You may adjust your issue notification preferences at: http://code.google.com/hosting/settings --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Chromium-bugs" group. To post to this group, send email to chromium-bugs@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/chromium-bugs?hl=en -~----------~----~----~----~------~----~------~--~---
![[chromium-bugs] Issue 5307 in chromium: uninitialized memory read in LayoutTests\svg\W3C-SVG-1.1\text-deco-01-b.svg](/search?l=chromium-bugs@googlegroups.com&q=subject:%22%5C%5Bchromium%5C-bugs%5C%5D+Issue+5307+in+chromium%5C%3A+uninitialized+memory+read+in++LayoutTests%5C%5Csvg%5C%5CW3C%5C-SVG%5C-1.1%5C%5Ctext%5C-deco%5C-01%5C-b.svg%22&o=newest){kind=link}
