Closed
Bug 900998
Opened 11 years ago
Closed 11 years ago
Static analysis is missing WorkerPrivate::Create
Categories
(Core :: JavaScript Engine, defect)
Core
JavaScript Engine
Tracking
()
RESOLVED
FIXED
mozilla28
Tracking | Status | |
---|---|---|
firefox28 | --- | fixed |
People
(Reporter: sfink, Unassigned)
References
Details
(Whiteboard: [qa-])
Attachments
(1 file)
(deleted),
text/plain
|
Details |
jonco noticed that the static analysis doesn't seem to know about WorkerPrivate::Create.
It *is* mentioned in callgraph.txt, but only as a callee. The full name is
static already_AddRefed<mozilla::dom::workers::WorkerPrivate> mozilla::dom::workers::WorkerPrivate::Create(JSContext*, JS::Handle<JSObject*>, mozilla::dom::workers::WorkerPrivate*, JS::Handle<JSString*>, bool)
called by
Worker.cpp:int32 {anonymous}::Worker::ConstructInternal(JSContext*, uint32, JS::Value*, uint8, JSClass*)
WorkerPrivate::Create is not a key in any of the *.xdb files. It is a static function, and shows up in the json output of the above caller. It can trigger a GC, hence the concern. Here's the portion that mentions it:
"Exp": [
{
"Kind": "Var",
"Variable": {
"Kind": "Func",
"Name": [
"static already_AddRefed<mozilla::dom::workers::WorkerPrivate> mozilla::dom::workers::WorkerPrivate::Create(JSContext*, JS::Handle<JSObject*>, mozilla::dom::workers::WorkerPrivate*, JS::Handle<JSString*>, bool)",
"Create"
]
}
},
{
"Kind": "Var",
"Variable": {
"BlockId": {
"Kind": "Function",
"Variable": {
"Kind": "Func",
"Name": [
"Worker.cpp:int32 {anonymous}::Worker::ConstructInternal(JSContext*, uint32, JS::Value*, uint8, JSClass*)",
"ConstructInternal"
]
}
},
"Kind": "Temp",
"Name": [
"__temp_16",
"__temp_16"
]
}
}
],
Reporter | ||
Comment 1•11 years ago
|
||
For posterity, this is the portion of the log file that clued bhackett into the fact that it's not handling nullptr yet.
Comment 2•11 years ago
|
||
It actually turns out that nullptr constants were being handled ok, just not the nullptr type (???) and this function was missing due to some other unhandled constructs the details of which I forget or never knew (fixed this a couple weeks ago but didn't post or push anything). I've updated the sixgill repository so that the CFG for WorkerPrivate::Create and various other functions should now be generated, mostly by making the translation more tolerant of unhandled language constructs like pointer-to-member. The translation will not be correct in these cases but there will at least be an approximate CFG generated with uses of the bad expressions replaced by some 'error' variable. This work isn't quite done yet, there are still about 1200 different CFGs (many are template instantiations) being dropped, and I'd like to drive this to zero.
Reporter | ||
Comment 4•11 years ago
|
||
(In reply to Terrence Cole [:terrence] from comment #3)
> Has this been fixed?
Yes. Yes? I guess.
WorkerPrivate::Create was removed in 22c5b68ae2e9 (bug 919885), so I don't have a good test for that. I'd need to redo the analysis on an older version or something. It is no longer spitting out an error for that file, though I can't tell if it's doing the right thing for the analysis instead, or just omitting the interesting parts of the CFG from the output.
But we do have bhackett's fix in, at least.
Flags: needinfo?(sphink)
Updated•11 years ago
|
Status: NEW → RESOLVED
Closed: 11 years ago
Resolution: --- → FIXED
Updated•11 years ago
|
Target Milestone: --- → mozilla28
status-firefox28:
--- → fixed
Whiteboard: [qa-]
You need to log in
before you can comment on or make changes to this bug.
Description
•