[Webkit-unassigned] [Bug 33468] New: PluginView::m_mode not initialized when constructed with null PluginPackage

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Mon Jan 11 07:42:41 PST 2010 

https://bugs.webkit.org/show_bug.cgi?id=33468

           Summary: PluginView::m_mode not initialized when constructed
                    with null PluginPackage
           Product: WebKit
           Version: 528+ (Nightly build)
          Platform: PC
        OS/Version: Linux
            Status: NEW
          Severity: Normal
          Priority: P2
         Component: Plug-ins
        AssignedTo: webkit-unassigned at lists.webkit.org
        ReportedBy: andreas.kling at nokia.com



Andreas Kling <andreas.kling at nokia.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
  Attachment #46275|                            |review?, commit-queue?
               Flag|                            |


Created an attachment (id=46275)
 --> (https://bugs.webkit.org/attachment.cgi?id=46275)
Proposed patch

Valgrind complains like so:

==19266== Conditional jump or move depends on uninitialised value(s)
==19266==    at 0x6BFD294: WebCore::PluginView::setFrameRect(WebCore::IntRect
const&) (PluginView.cpp:133)
==19266==    by 0x6D13EA5:
WebCore::RenderWidget::setWidgetGeometry(WebCore::IntRect const&)
(RenderWidget.cpp:159)
==19266==    by 0x6D14DFC: WebCore::RenderWidget::updateWidgetPosition()
(RenderWidget.cpp:308)
==19266==    by 0x6D0B4FF: WebCore::RenderView::updateWidgetPositions()
(RenderView.cpp:543)
==19266==    by 0x6B1E6F3: WebCore::FrameView::performPostLayoutTasks()
(FrameView.cpp:1380)
==19266==    by 0x6B1C05E: WebCore::FrameView::layout(bool) (FrameView.cpp:732)
==19266==    by 0x6B1D21A: WebCore::FrameView::visibleContentsResized()
(FrameView.cpp:1010)
==19266==    by 0x6BC6D06:
WebCore::ScrollView::updateScrollbars(WebCore::IntSize const&)
(ScrollView.cpp:403)
==19266==    by 0x6BC6347:
WebCore::ScrollView::setContentsSize(WebCore::IntSize const&)
(ScrollView.cpp:239)
==19266==    by 0x6B1B0CF: WebCore::FrameView::setContentsSize(WebCore::IntSize
const&) (FrameView.cpp:372)
==19266==    by 0x6B1B244: WebCore::FrameView::adjustViewSize()
(FrameView.cpp:392)
==19266==    by 0x6B1BEE7: WebCore::FrameView::layout(bool) (FrameView.cpp:698)

For something like:

<object type="application/some-invalid-type"></object>

-- 
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

More information about the webkit-unassigned mailing list