Closed
Bug 538143
Opened 15 years ago
Closed 13 years ago
[@ XPCJSStackFrame::CreateStack] should not use recursion
Categories
(Core :: XPConnect, defect)
Core
XPConnect
Tracking
()
RESOLVED
FIXED
People
(Reporter: timeless, Assigned: timeless)
References
Details
(Keywords: crash, Whiteboard: fixed-in-tracemonkey)
Crash Data
Attachments
(1 file, 2 obsolete files)
|
7.33 KB,
patch
|
mrbkap
:
review+
|
Details | Diff | Splinter Review |
this is bug 303821 again. I'm tired of reading this code and think it's time to switch to iteration.
Attachment #420309 -
Flags: review?(mrbkap)
|
||
Comment 3•14 years ago
|
||
Comment on attachment 420309 [details] [diff] [review] switch away from recursion >diff --git a/js/src/xpconnect/src/xpcstack.cpp b/js/src/xpconnect/src/xpcstack.cpp So, we haven't yet gone to infallible new, so IMO you should deal with it. > XPCJSStackFrame::CreateStack(JSContext* cx, JSStackFrame* fp, > XPCJSStackFrame** stack) > { >- XPCJSStackFrame* self = new XPCJSStackFrame(); >- JSBool failed = JS_FALSE; >- if(self) >+ XPCJSStackFrame* first = new XPCJSStackFrame(); >+ XPCJSStackFrame* self = first; Any reason to not make self and first nsRefPtrs? >+ while (fp && self) Nit: no space before the `('. > { > NS_ADDREF(self); > >- if(fp->down) >+ if (JS_IsNativeFrame(cx, fp)) Ditto. And there's one more spot below. r- until the checks for OOM have been dealt with (feel free to correct me if I'm off base by asking for this).
Attachment #420309 -
Flags: review?(mrbkap) → review-
Attachment #420309 -
Attachment is obsolete: true
Attachment #430869 -
Flags: review?(mrbkap)
|
|
||
Comment 5•14 years ago
|
||
Comment on attachment 430869 [details] [diff] [review] use refptr >+ nsRefPtr<XPCJSStackFrame> first = new XPCJSStackFrame(); >+ if(!first) >+ return NS_ERROR_OUT_OF_MEMORY; Heh, of course now that you've re-requested review, infallible new has landed and you can get rid of this. Sorry. >+ if((fp = fp->down)) >+ XPCJSStackFrame* frame = new XPCJSStackFrame(); >+ self->mCaller = frame; >+ self = frame; This seems wrong. self->mCaller isn't a smart pointer (though perhaps it should be!) so this looks like it'll end up freeing self->mCaller too early. This actually suggests that we just make |self| a raw pointer and let the refptr to |first| and its mCaller chain represent the strong pointers to the whole chain. >+ NS_ADDREF(*stack = first); This could just be |*stack = first.forget();|
Attachment #430869 -
Flags: review?(mrbkap) → review-
sorry for the delay. this has been maintained in my queue, and i had addressed most of those items except for the oom check and the forget bit. i've now added them as well. please do whatever is necessary to get this landed. do not wait for me to address further review comments. this bug is really closer to a decade old than the year of lag on my part makes it look (i've actually written this patch before at other companies too possibly both around 2002 and 2004). it's actually somewhat important as you end up crashing in cases with deep stacks when something wants to report a problem with them.
Attachment #430869 -
Attachment is obsolete: true
Attachment #523244 -
Flags: review?(mrbkap)
|
|
||
Comment 7•13 years ago
|
||
Comment on attachment 523244 [details] [diff] [review] addresses comments Review of attachment 523244 [details] [diff] [review]: ----------------------------------------------------------------- I fixed a merge conflict locally. I'll check this in as soon as tracemonkey reopens.
Attachment #523244 -
Flags: review?(mrbkap) → review+
|
|
||
Comment 8•13 years ago
|
||
http://hg.mozilla.org/tracemonkey/rev/ece0feb51587
Whiteboard: fixed-in-tracemonkey
|
||
Comment 9•13 years ago
|
||
cdleary-bot mozilla-central merge info: http://hg.mozilla.org/mozilla-central/rev/ece0feb51587
|
|
||
Updated•13 years ago
|
Status: NEW → RESOLVED
Closed: 13 years ago
Resolution: --- → FIXED
|
||
Updated•13 years ago
|
Crash Signature: [@ XPCJSStackFrame::CreateStack]
You need to log in
before you can comment on or make changes to this bug.
Description
•