Closed
Bug 334180
Opened 19 years ago
Closed 19 years ago
pldhash/jsdhash should assert that ops don't mutate the table
Categories
(Core :: XPCOM, defect, P1)
Core
XPCOM
Tracking
()
RESOLVED
FIXED
mozilla1.8.1alpha1
People
(Reporter: dbaron, Assigned: dbaron)
References
Details
(Keywords: fixed1.8.1, Whiteboard: [patch])
Attachments
(4 files, 2 obsolete files)
585 bytes,
patch
|
brendan
:
review+
|
Details | Diff | Splinter Review |
12.90 KB,
patch
|
brendan
:
review+
brendan
:
approval-branch-1.8.1+
|
Details | Diff | Splinter Review |
30.54 KB,
patch
|
Details | Diff | Splinter Review | |
1.86 KB,
patch
|
Details | Diff | Splinter Review |
pldhash should assert that its ops don't recursively mutate the table by checking that table->entryCount, table->removedCount, and (maybe) table->generation do not change across calls to ops. See bug 334177 for a crash that this might have caught sooner.
I still haven't thought of a good way to do this without making the code messy, but I'll try to think about it. I expect I'll introduce a macro for calling ops, though.
Assignee | ||
Comment 1•19 years ago
|
||
Then again, much more useful to assert on the inner mutation by adding a DEBUG-only boolean member to PLDHashTable.
Assignee | ||
Comment 2•19 years ago
|
||
Does the JSDHashTable struct attempt to preserve binary compatibility in a way that would prevent adding a DEBUG_only member?
(Also, bug 313309 comment 20 is a pain.)
Comment 3•19 years ago
|
||
Can someone please resync js and pl here, by hacking on js/src/plify_jsdhash.sed? That is the rule, please follow it per the generated comment in pldhash.*.
DEBUG-only binary incompatibility is ok by me.
/be
Assignee | ||
Comment 4•19 years ago
|
||
I'll manually re-merge bsmedberg's changes when landing, if that's still needed.
Attachment #218710 -
Flags: review?(brendan)
Attachment #218710 -
Flags: approval-branch-1.8.1?(brendan)
Assignee | ||
Updated•19 years ago
|
Status: NEW → ASSIGNED
Priority: -- → P1
Whiteboard: [patch]
Target Milestone: --- → mozilla1.8.1alpha1
Comment 5•19 years ago
|
||
Attachment #218712 -
Flags: review?(brendan)
Comment 6•19 years ago
|
||
I'm not so happy with DEBUG-only binary incompatibility: we include pldhash in the XPCOM glue static lib, and it's perfectly reasonable for DEBUG client code to link against non-DEBUG xpcomglue_s
Assignee | ||
Comment 7•19 years ago
|
||
(In reply to comment #6)
> I'm not so happy with DEBUG-only binary incompatibility: we include pldhash in
> the XPCOM glue static lib, and it's perfectly reasonable for DEBUG client code
> to link against non-DEBUG xpcomglue_s
That's actually not a problem in this case since it's at the end of the struct; the only problems would be if:
(1) client code tried to poke at the member variable explicitly, #ifdef DEBUG, along with a non-debug libxpcom.so
(2) non-DEBUG component using the struct rather than PL_NewDHashTable along with a DEBUG libxpcom.so
I think (2) is actually a real problem, though.
Assignee | ||
Comment 8•19 years ago
|
||
Comment on attachment 218710 [details] [diff] [review]
patch
I'll do the less-useful assertions that give the assertion on the way out.
Attachment #218710 -
Flags: review?(brendan)
Attachment #218710 -
Flags: review-
Attachment #218710 -
Flags: approval-branch-1.8.1?(brendan)
(In reply to comment #6)
> I'm not so happy with DEBUG-only binary incompatibility: we include pldhash in
> the XPCOM glue static lib, and it's perfectly reasonable for DEBUG client code
> to link against non-DEBUG xpcomglue_s
FWIW, I've been bitten by mixing DEBUG and non-DEBUG libs and it's a real pain to figure out what went wrong. For me, at least, crashes began happening because of stack corruption and it was difficult to find exactly what was causing it.
I realize that's not exactly a strong argument against the DEBUG-only variable, but if it happened to me then it will probably happen to others, especially once people begin using the gecko SDK more frequently.
Comment 10•19 years ago
|
||
I'm personally not worried about 2), since we're talking about static linkage: it doesn't affect the SDK at all, since that would not be compiled with DEBUG in any released configuration.
Updated•19 years ago
|
Attachment #218712 -
Flags: review?(brendan) → review+
Assignee | ||
Comment 11•19 years ago
|
||
I can just allocate an extra word in the entry store and cover it up with macros.
Assignee | ||
Comment 12•19 years ago
|
||
Attachment #218710 -
Attachment is obsolete: true
Attachment #218790 -
Flags: review?(brendan)
Comment 13•19 years ago
|
||
Comment on attachment 218790 [details] [diff] [review]
patch
>+/*
>+ * The following DEBUG-only code is used to assert that calls to one of
>+ * table->ops or to an enumerator do not cause re-entry into a call that
>+ * can mutate the table. The recursion level is stored in additional
>+ * space allocated at the end of the entry store to avoid changing
>+ * issues when mixing DEBUG and non-DEBUG components.
>+ */
>+#ifdef DEBUG
>+
>+#define RECURSION_LEVEL(table_) (*(uint32*)(table_->entryStore + \
>+ JS_DHASH_TABLE_SIZE(table_) * table_->entrySize))
>+
>+#define ENTRY_STORE_EXTRA sizeof(uint32)
>+#define INCREMENT_RECURSION_LEVEL(table_) (++RECURSION_LEVEL(table))
>+#define DECREMENT_RECURSION_LEVEL(table_) (--RECURSION_LEVEL(table))
Thanks, only nit is to format the above (and the #else counterparts) like so:
#define RECURSION_LEVEL(table_) (*(uint32*)(table_->entryStore + \
JS_DHASH_TABLE_SIZE(table_) * \
table_->entrySize))
#define ENTRY_STORE_EXTRA sizeof(uint32)
#define INCREMENT_RECURSION_LEVEL(table_) (++RECURSION_LEVEL(table))
#define DECREMENT_RECURSION_LEVEL(table_) (--RECURSION_LEVEL(table))
/be
Attachment #218790 -
Flags: review?(brendan) → review+
Assignee | ||
Comment 14•19 years ago
|
||
And fix the s/table/table_/ which I notice is needed :-)
Assignee | ||
Updated•19 years ago
|
Attachment #218790 -
Flags: approval-branch-1.8.1?(brendan)
Assignee | ||
Comment 15•19 years ago
|
||
Checked in to trunk.
Status: ASSIGNED → RESOLVED
Closed: 19 years ago
Resolution: --- → FIXED
Comment 16•19 years ago
|
||
Comment on attachment 218790 [details] [diff] [review]
patch
a=me for 1.8 branch, with the nits and macro formal name fixed.
/be
Attachment #218790 -
Flags: approval-branch-1.8.1?(brendan) → approval-branch-1.8.1+
Assignee | ||
Comment 17•19 years ago
|
||
This is what I landed on the trunk.
Comment 19•19 years ago
|
||
This causes new warnings in optimized builds:
gcc -o Linux_All_OPT.OBJ/jsdhash.o -c -Wall -Wno-format -O -DXP_UNIX -DSVR4 -DSYSV -D_BSD_SOURCE -DPOSIX_SOURCE -DHAVE_LOCALTIME_R -DX86_LINUX -UDEBUG -DNDEBUG -UDEBUG_ -DEDITLINE -ILinux_All_OPT.OBJ jsdhash.c
jsdhash.c: In function `JS_DHashTableFinish':
jsdhash.c:364: warning: statement with no effect
jsdhash.c:382: warning: statement with no effect
jsdhash.c: In function `JS_DHashTableOperate':
jsdhash.c:537: warning: statement with no effect
jsdhash.c:631: warning: statement with no effect
jsdhash.c: In function `JS_DHashTableEnumerate':
jsdhash.c:663: warning: statement with no effect
jsdhash.c:711: warning: statement with no effect
Assignee | ||
Comment 20•19 years ago
|
||
Yeah, I meant to switch back to this; I was using them as expressions at one point.
Attachment #219033 -
Flags: review?(brendan)
Attachment #219033 -
Flags: approval-branch-1.8.1?(brendan)
Assignee | ||
Comment 21•19 years ago
|
||
Attachment #219033 -
Attachment is obsolete: true
Attachment #219034 -
Flags: review?(brendan)
Attachment #219034 -
Flags: approval-branch-1.8.1?(brendan)
Attachment #219033 -
Flags: review?(brendan)
Attachment #219033 -
Flags: approval-branch-1.8.1?(brendan)
Comment 22•19 years ago
|
||
Comment on attachment 219034 [details] [diff] [review]
make increment and decrement be statements rather than expressions
It's simpler just to (void) cast the real macro defs, and make the stub-macros expand to /* nothing */ rather than (void)0.
/be
Comment 23•19 years ago
|
||
Comment on attachment 219034 [details] [diff] [review]
make increment and decrement be statements rather than expressions
Sorry I didn't mention this, I always (void) cast if possible to make expression statements not invite warnings, else use JS_BEGIN_MACRO/JS_END_MACRO. See jslock.h for an example.
/be
Comment 24•19 years ago
|
||
Comment on attachment 218712 [details] [diff] [review]
backport pldhash -> jsdhash of win32 fastcall support, rev. 1 (checked in)
mozilla/js/src/jsdhash.h 1.33
Attachment #218712 -
Attachment description: backport pldhash -> jsdhash of win32 fastcall support, rev. 1 → backport pldhash -> jsdhash of win32 fastcall support, rev. 1 (checked in)
Comment on attachment 218863 [details] [diff] [review]
final trunk patch
> PLDHashEntryHdr * PL_DHASH_FASTCALL
> PL_DHashTableOperate(PLDHashTable *table, const void *key, PLDHashOperator op)
> {
...
>+ NS_ASSERTION(op == PL_DHASH_LOOKUP || RECURSION_LEVEL(table) == 0,
>+ "op == PL_DHASH_LOOKUP || RECURSION_LEVEL(table) == 0");
>+ INCREMENT_RECURSION_LEVEL(table);
>+
I can trigger this assertion consistently in a fresh 1.8 branch firefox build during XPCOM shutdown after selecting a new profile from the profile manager. Should this be a new bug?
Assignee | ||
Comment 26•19 years ago
|
||
(In reply to comment #25)
> I can trigger this assertion consistently in a fresh 1.8 branch firefox build
> during XPCOM shutdown after selecting a new profile from the profile manager.
> Should this be a new bug?
If it's not the same as bug 334605, yes.
(In reply to comment #26)
> If it's not the same as bug 334605, yes.
It was :)
Updated•18 years ago
|
Attachment #219034 -
Flags: approval-branch-1.8.1?(brendan)
Comment 28•18 years ago
|
||
Comment on attachment 219034 [details] [diff] [review]
make increment and decrement be statements rather than expressions
Fixed otherwise ((void)[01] expressions).
/be
Attachment #219034 -
Flags: review?(brendan)
You need to log in
before you can comment on or make changes to this bug.
Description
•