IRC Log Viewer » #firebreath » 2013-12-23

IRC Nick Time (GMT-7) Message
bradd_ 13:12 Hi, while doing some load testing, we ran across what appears to be a null pointer derefence in the PluginCore::~PluginCore() method (m_host is NULL). We've added a simple pointer check on that member variable before dereferencing it to address the issue. What's the best way to submit this change to the project?
Here is the relevant call stack where we saw it:
0031dca8 6ac3a51b 0031dcc0 0031dd10 0031dcc0 ntdll!KiUserExceptionDispatcher+0xf
0031e190 731fdfb7 6ac70478 ffffffff 0031e1b0 npchip!FB::PluginCore::~PluginCore+0x3b [c:\jenkins\workspace\chip_windows_release\src\plugincore\plugincore.cpp @ 59]
0031ee6c 6abb53a7 0031ee88 94e444da 06893c8c msvcr90!_NLG_Return
taxilian 13:12 can you give me a link ot the source line in github?
bradd_ 13:12 0031eec4 6ac28375 06893c8c 0031f0a0 94e4447e npchip!PluginFactory::createPlugin+0x37 [c:\jenkins\workspace\chip_windows_release\projects\chip\factory.cpp @ 25]
Um... sure...
taxilian 13:12 because I strongly suspect that's actually pointing to a more serious issue in your code
because I strongly suspect that's actually pointing to a more serious issue in your code
resulting in a memory leak
but I could be wrong =]
bradd_ 13:12 That could be the case, this happened on a system where they were refreshing the page and doing something over and over.
The source line is plugincore.cpp line 59, but I'm not sure how to give you a link to that in github...
The source line is plugincore.cpp line 59, but I'm not sure how to give you a link to that in github...
Here's the file: https://github.com/firebreath/FireBreath/blob/master/src/PluginCore/PluginCore.cpp
line 59
I believe I have the user dump with the crash on it
(windows system)
taxilian 13:12 hmm. that is not where I was expecting; if you could get me a stack trace, that would be helpful
bradd_ 13:12 I can, should I email it to you... I can't seem to add more than one line at a time through this HTML chat interface
I can, should I email it to you... I can't seem to add more than one line at a time through this HTML chat interface
taxilian 13:12 you are correct, though; that should have a if (m_host) around that call
you should never paste to IRC is the reason
you should use a gist or a pastebin
fpaste.org, gist.github.com, etc
fpaste.org, gist.github.com, etc
pasting into chat is considered bad etiquet
pasting into chat is considered bad etiquet
bradd_ 13:12 I'm a technophobe who's developed for 25 years... does it show?
taxilian 13:12 jira.firebreath.org is one place to submit issues; the best way to get it fixed, though, is to submit a pull request through github
jira.firebreath.org is one place to submit issues; the best way to get it fixed, though, is to submit a pull request through github
lol
lol
well, since IRC has been around nearly that long…. no, not really =]
bradd_ 13:12 I was the guy working on IMoria, while everyone prentended to be girls on IRC via VT80 terminals.
So I missed all that
But I heard it in the background while I wrote Pascal game code.
The pull request was what I was thinking, I'm just not sure how to do that on the firebreath project. I'll get one of the guys who's more up to speed on this to help me with it. I assume I can just make the change and send you a pull request, you can review and merge it, correct?
taxilian 13:12 yeah. 30 second version:
create a branch off of master or 1.7, whichever you're using
create a branch off of master or 1.7, whichever you're using
make your change in that branch, then commit it. ideally make a jira ticket and commit with the ticket reference in the commit msg
push it to your github fork (you'll have to create the fork to make a branch)
push it to your github fork (you'll have to create the fork to make a branch)
then create a pull request from your pushed branch. I can then accept it very easily and it will be merged into master
then create a pull request from your pushed branch. I can then accept it very easily and it will be merged into master
bradd_ 13:12 Here is the link to the stack trace, I don't have the registers and stuff, but I can get that...
Here is the link to the stack trace, I don't have the registers and stuff, but I can get that...
anonymous / gist:8104428
anonymous / gist:8104428
Thanks, I'll copy that info and pass it along...
Thanks, I'll copy that info and pass it along...
taxilian 13:12 the full link would have been easier to use =] I'll take a look
(I found it https://gist.github.com/anonymous/8104428)
bradd_ 13:12 https://gist.github.com/anonymous/8104428
taxilian 14:12 hmm. you may want to look through that; It looks like youre plugin is being destroyed in the createPlugin function of your factory
which should never happen
that stack trace doesn't make sense, though; createPlugin shouldn't be ever calling a destructor on the plugin.
bradd_ 14:12 I noticed that, but I'm not sure if that was some local or something..
taxilian 14:12 shouldn't be. you could gist me your factory file and I can look if you want
bradd_ 14:12 What was going on is one tab was being created while another was being destroyed
That would be great.
By factory file, are you talking about the .dmp file or something else. I guess you'd need our symbols to get anything decent out of the dmp.
taxilian 14:12 c:\jenkins\workspace\chip_windows_release\projects\chip\factory.cpp
c:\jenkins\workspace\chip_windows_release\projects\chip\factory.cpp
I want to see that file =]
I want to see that file =]
bradd_ 14:12 Okay. I'll upload it.
taxilian 14:12 or just copy it into a gist or whatever
bradd_ 14:12 I'll copy it.
https://gist.github.com/anonymous/8104525
https://gist.github.com/anonymous/8104525
I don't think we modified this file.
Yeah, our SCM log doesn't show any changes to it.
taxilian 14:12 hmm. this stack trace really doesn't make any sense at all… could you load the microsoft symbols and resolve the stack trace in the msvcr90 line and see if that clears it up at all?
I actually need to get going right now… I'd try to track that down a bit more, though, by resolving more of the symbols. You can even get the chrome symbols if you look, they have a symbol server up somewhere
my best guess at this point would probably be that you've got an out of memory exception of some kind that is causing it to destruct the object and roll back out
that's just a guess off the cuff, though, since I don't understand how else you could be getting to the PluginCore destructor through that path
that's just a guess off the cuff, though, since I don't understand how else you could be getting to the PluginCore destructor through that path
good luck
bradd_ 14:12 Thanks, I'll do that.
bradd_ 14:12 FWIW, here is the stack trace with chrome symbols resolved: https://gist.github.com/anonymous/8104787