Closed Bug 703912 Opened 13 years ago Closed 12 years ago

window.dump broken in debug mode

Categories

(Firefox for Android Graveyard :: General, defect)

Product:
Firefox for Android Graveyard
Component:
General
Platform:
ARM
Android
Type:
defect
Priority:
Not set
Severity:
critical

Tracking

(Not tracked)

Status:
RESOLVED FIXED
Milestone:
Firefox 12

People

(Reporter: decoder, Assigned: decoder)

Details

(Keywords: crash)

Crash Data

Attachments

(1 file, 2 obsolete files)

Updated patch
773 bytes, patch
decoder
: review+
Details | Diff | Splinter Review 
This bug was filed from the Socorro interface and is 
report bp-3875dc99-c6d8-4909-8c87-8eadb2111119 .
============================================================= 

I just got the crash above on my debug build of Fennec and quickly inspected the code. I found this in dom/base/nsGlobalWindow.cpp:

      if (cstr) {
    #ifdef ANDROID
        __android_log_print(ANDROID_LOG_INFO, "Gecko", cstr);
    #endif
        FILE *fp = gDumpFile ? gDumpFile : stdout;
        fputs(cstr, fp);
        fflush(fp);
        nsMemory::Free(cstr);
      }
     
    #if defined(ANDROID) && defined(DEBUG)
      __android_log_print(ANDROID_LOG_INFO, "GeckoDump", "%s", cstr);
    #endif 


It seems like the second call to __android_log_print shouldn't be there, it uses cstr after free and without a null check.
I forgot to mention that even the first log statement is wrong, as it misses the format string (and therefore cstr is the format string). Try something like "dump('%s %s %s') to get a crash. It should be done as in the second log call.
:decoder, is this in native fennec or Xul fennec in terms of the debug version?
This is native fennec (birch rev e056708c00aa).
Attached patch Patch (obsolete) — Splinter Review 
The attached (trivial) patch just removes the second print call entirely and fixes the format string issue with the first one.
Attachment #576169 - Flags: review?(blassey.bugs)
Comment on attachment 576169 [details] [diff] [review]
Patch

Review of attachment 576169 [details] [diff] [review]:
-----------------------------------------------------------------

r+ with those two changes

::: dom/base/nsGlobalWindow.cpp
@@ +4572,5 @@
>  #endif
>  
>    if (cstr) {
>  #ifdef ANDROID
> +    __android_log_print(ANDROID_LOG_INFO, "Gecko", "%s", cstr);

I think it would be better if this were __android_log_write(ANDROID_LOG_INFO, "Gecko", cstr);

Also, "GeckoDump" might be a better tag than "Gecko"
Attachment #576169 - Flags: review?(blassey.bugs) → review+
Attached patch Updated patch (obsolete) — Splinter Review 
Updated patch according to review comments. This needs to be checked in by someone :)
Attachment #576169 - Attachment is obsolete: true
Attached patch Updated patchSplinter Review 
Rebased patch for mozilla-central and removed last patch hunk (code was already removed by someone else by now).
Attachment #576180 - Attachment is obsolete: true
Comment on attachment 591879 [details] [diff] [review]
Updated patch

r+ taken from previous patch.
Attachment #591879 - Flags: review+
https://hg.mozilla.org/integration/mozilla-inbound/rev/ff7d18fbe8c8

Should this be nominated for Aurora?
Assignee: nobody → choller
Target Milestone: --- → Firefox 12
https://hg.mozilla.org/mozilla-central/rev/ff7d18fbe8c8
Status: NEW → RESOLVED
Closed: 12 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: