New/delete mismatch in DebugStackFrame::indexOfFirstLocal()

Steven Johnson stejohns at adobe.com
Thu Jun 12 10:34:36 PDT 2008


> a bug is definitely in order

I second that motion, let¹s move future discussion to the comments section
of said bug-to-be-created :-)


On 6/12/08 10:28 AM, "Thomas Reilly" <treilly at adobe.com> wrote:

> 
> 
> That code is suffering from some bitrot.   I submitted some changes recently
> to get it working up to level 3.  Level 4 requires loving.  For instance
> MethodInfo needs to inherit from GCObject in order for the delete to be valid.
> I was hoping Rick/Steven could look at the level 4 arg processing stuff, a bug
> is definitely in order.
> 
> -----Original Message-----
> From: tamarin-devel-bounces at mozilla.org on behalf of Michael Daumling
> Sent: Thu 6/12/2008 10:16 AM
> To: Steven Johnson; tamarin-devel at mozilla.org
> Subject: RE: New/delete mismatch in DebugStackFrame::indexOfFirstLocal()
> 
> There is more...for example, avmplusDebugger::argumentBounds() assumes
> that the 1st argument is "this" which I think is no longer the case...at
> least, arg[0] is also on position 0, leading to a crash because it picks
> a random value behind argc...
> 
> 
> Michael
> 
> 
> -----Original Message-----
> From: Steven Johnson
> Sent: Thursday, June 12, 2008 10:13 AM
> To: Michael Daumling; tamarin-devel at mozilla.org
> Subject: Re: New/delete mismatch in DebugStackFrame::indexOfFirstLocal()
> 
> Yeah, -Dastrace hasn't been thoroughly exercised in a while... we should
> get it working again. Is there a bugzilla bug on it? If not, let's enter
> one (or more)...
> 
> 
> On 6/12/08 10:06 AM, "Michael Daumling" <mdaeumli at adobe.com> wrote:
> 
>> > Hi all,
>> >
>> > I am experimenting with various command line arguments. -Dastrace is
>> > very sensitive:
>> >
>> > 1) If you omit the number, and -Dastrace happened to be the last
>> > argument, avmshell crashes.
>> >
>> > 2) In DebugStackFrame::indexOfFirstLocal(), the code looks like this:
>> >
>> > const MethodInfo* mi = trace->env->buildMethodInfo(); int result = 1 +
> 
>> > mi->param_count; delete mi; // we're done with it, toss it now
>> >
>> > The problem: mi is allocated with new (gc, extra) MethodInfo(), but
>> > the global delete operator is called.
>> >
>> > Very ugly.
>> >
>> > Michael
>> > 
>> > _______________________________________________
>> > Tamarin-devel mailing list
>> > Tamarin-devel at mozilla.org
>> > https://mail.mozilla.org/listinfo/tamarin-devel
> 
> _______________________________________________
> Tamarin-devel mailing list
> Tamarin-devel at mozilla.org
> https://mail.mozilla.org/listinfo/tamarin-devel
> 
> 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.mozilla.org/pipermail/tamarin-devel/attachments/20080612/86247db1/attachment.html 


More information about the Tamarin-devel mailing list