> From: Andrew Ball [mailto:[EMAIL PROTECTED]]
> Under the 3.5 debug ROM (dr4), tapping any
> poptrigger in any form generates the following error message
> "Test01" has just read from an unallocated chunk of memory.
Here are the guilty lines of your code:
> VoidHand hndTriggerLabel = MemHandleNew( MAX_LENGTH );
> pTriggerLabel = MemHandleLock( hndTriggerLabel );
> StrCopy( pTriggerLabel, LstGetSelectionText( ... ));
> CtlSetLabel( GetObjectPtr( ... ), pTriggerLabel );
> MemHandleUnlock( hndTriggerLabel );
> _MemHandleFree( hndTriggerLabel );
This code allocates a string in a buffer, passes it to CtlSetLabel, and then
frees the buffer. But CtlSetLabel does _not_ make a copy of the passed
string; it only saves the pointer. So when the caller frees the buffer, the
trigger is left with a pointer to unallocated memory (garbage).
> passes 1 million Gremlins on the 3.3 debug ROM.
That's lucky. In pre-3.5, this dangling pointer wasn't actually getting
dereferenced after the CtlSetLabel call. When Gremlins taps the trigger
later, the OS just inverts the trigger pixels without redrawing the text.
So POSE didn't notice.
But in 3.5 the OS does explicitly redraw the text when it highlights a
tapped trigger, due to the new color support. That's why POSE detects the
dangling pointer on the very next tap.
-slj-
