Closed Bug 3945 Opened 26 years ago Closed 26 years ago

core dump in NS_ScriptErrorReporter

Categories

(Core :: JavaScript Engine, defect, P3)

Sun
Solaris
defect

Tracking

()

VERIFIED FIXED

People

(Reporter: brad, Assigned: vidur)

Details

Unfortunatly I didn't get to capture the html in time.. but the crash is due to report->linebuf is null when printf is called. (gdb) bt #0 0xee324614 in strlen () #1 0xee35a4ac in _doprnt () #2 0xee363608 in printf () #3 0xeeb1f8b8 in NS_ScriptErrorReporter (cx=0x2bf848, message=0x21c000 "win has no properties", report=0xefffe098) at ../../../../mozilla/dom/src/base/nsJSEnvironment.cpp:56 #4 0xeea25504 in js_ReportErrorAgain (cx=0x2bf848, message=0x21bfc0 "win has no properties", reportp=0xefffe098) at ../../../mozilla/js/src/jscntxt.c:419 #5 0xeea25308 in js_ReportErrorNumberVA (cx=0x2bf848, flags=0, callback=0xeea255b0 <js_GetErrorMessage>, userRef=0x0, errorNumber=39, charArgs=1, ap=0xefffe1ac) at ../../../mozilla/js/src/jscntxt.c:378 #6 0xeea1c89c in JS_ReportErrorNumber (cx=0x2bf848, errorCallback=0xeea255b0 <js_GetErrorMessage>, userRef=0x0, errorNumber=39) at ../../../mozilla/js/src/jsapi.c:2566 #7 0xeea6ff40 in js_ValueToNonNullObject (cx=0x2bf848, v=0) at ../../../mozilla/js/src/jsobj.c:2494 #8 0xeea55998 in js_Interpret (cx=0x2bf848, result=0xefffe470) at ../../../mozilla/js/src/jsinterp.c:2149 #9 0xeea4b3c8 in js_Invoke (cx=0x2bf848, argc=0, constructing=0) at ../../../mozilla/js/src/jsinterp.c:666 #10 0xeea56d14 in js_Interpret (cx=0x2bf848, result=0xefffe788) at ../../../mozilla/js/src/jsinterp.c:2183 #11 0xeea4b3c8 in js_Invoke (cx=0x2bf848, argc=1, constructing=0) at ../../../mozilla/js/src/jsinterp.c:666 #12 0xeea4b750 in js_CallFunctionValue (cx=0x2bf848, obj=0x1f8ce0, fval=2069800, argc=1, argv=0xefffe9d4, rval=0xefffe9d8) at ../../../mozilla/js/src/jsinterp.c:735 #13 0xeea1c22c in JS_CallFunctionValue (cx=0x2bf848, obj=0x1f8ce0, fval=2069800, argc=1, argv=0xefffe9d4, rval=0xefffe9d8) at ../../../mozilla/js/src/jsapi.c:2371 #14 0xeeb49770 in nsJSEventListener::ProcessEvent (this=0x2c3b48, aEvent=0x40aec8) at ../../../../mozilla/dom/src/events/nsJSEventListener.cpp:97 #15 0xeee5f50c in nsEventListenerManager::HandleEvent (this=0x356ef8, aPresContext=@0x34aef0, aEvent=0xefffeba8, aDOMEvent=0xefffead8, aEventStatus=@0xefffebd8) at ../../../../mozilla/layout/events/src/nsEventListenerManager.cpp:499 #16 0xeeb2f620 in GlobalWindowImpl::HandleDOMEvent (this=0x2bf7e8, aPresContext=@0x34aef0, aEvent=0xefffeba8, aDOMEvent=0xefffead8, aFlags=1, aEventStatus=@0xefffebd8) at ../../../../mozilla/dom/src/base/nsGlobalWindow.cpp:1831 #17 0xef266658 in nsWebShell::OnConnectionsComplete (this=0x273d88) at ../../../mozilla/webshell/src/nsWebShell.cpp:2083 #18 0xef2572a8 in nsDocLoaderImpl::AreAllConnectionsComplete (this=0x274150) at ../../../mozilla/webshell/src/nsDocLoader.cpp:1343 #19 0xef257158 in nsDocLoaderImpl::LoadURLComplete (this=0x274150, aURL=0x407e68, aBindInfo=0x407940, aStatus=-2142568447) at ../../../mozilla/webshell/src/nsDocLoader.cpp:1312 #20 0xef258fc4 in nsDocumentBindInfo::OnStopBinding (this=0x407940, aURL=0x407e68, aStatus=2152398849, aMsg=0xefffede8) at ../../../mozilla/webshell/src/nsDocLoader.cpp:1818 #21 0xef2a37d8 in bam_exit_routine (URL_s=0x407f60, status=-252, window_id=0x40c628) at ../../../mozilla/network/module/nsNetService.cpp:1403 #22 0xef2f9080 in net_CallExitRoutine ( exit_routine=0xef2a35f0 <bam_exit_routine(URL_Struct_ *, int, MWContext_ *)>, URL_s=0x407f60, status=-252, format_out=102, window_id=0x40c628) at ../../../mozilla/network/main/mkgeturl.c:1158 #23 0xef2fe3b8 in NET_ProcessNet (ready_fd=0x40b9b8, fd_type=2) at ../../../mozilla/network/main/mkgeturl.c:3496 #24 0xef30a464 in NET_PollSockets () at ../../../mozilla/network/main/mkselect.c:320 #25 0xef2a33d8 in nsNetlibService::NetPollSocketsCallback (aTimer=0x14b670, aClosure=0x84bd8) at ../../../mozilla/network/module/nsNetService.cpp:1220 #26 0xef5c1028 in TimerImpl::FireTimeout (this=0x14b670) at ../../../../mozilla/base/src/gtk/nsTimer.cpp:73 #27 0xef5c183c in nsTimerExpired (aCallData=0x14b670) at ../../../../mozilla/base/src/gtk/nsTimer.cpp:189 #28 0xee668808 in g_timeout_dispatch (source_data=0x2c8fd8, current_time=0xeffff598, user_data=0x14b670) at gmain.c:1147 #29 0xee6674a4 in g_main_dispatch (current_time=0xeffff598) at gmain.c:647 #30 0xee667c70 in g_main_iterate (block=757376, dispatch=1) at gmain.c:854 #31 0xee667ea4 in g_main_run (loop=0x147ca0) at gmain.c:912 #32 0xee7cb4a0 in gtk_main () at gtkmain.c:475 #33 0xef6b3010 in nsAppShell::Run (this=0x13f7b8) at ../../../../mozilla/widget/src/gtk/nsAppShell.cpp:152 #34 0xef78c4b4 in nsAppShellService::Run (this=0x125420) at ../../../../mozilla/xpfe/appshell/src/nsAppShellService.cpp:154 #35 0x1ea54 in main (argc=1, argv=0xeffff8fc) at ../../../mozilla/xpfe/bootstrap/nsAppRunner.cpp:349 (gdb) up #1 0xee35a4ac in _doprnt () (gdb) up #2 0xee363608 in printf () (gdb) up #3 0xeeb1f8b8 in NS_ScriptErrorReporter (cx=0x2bf848, message=0x21c000 "win has no properties", report=0xefffe098) at ../../../../mozilla/dom/src/base/nsJSEnvironment.cpp:56 56 report->filename, report->lineno, report->linebuf, report->tokenptr); (gdb) list 51 void PR_CALLBACK 52 NS_ScriptErrorReporter(JSContext *cx, const char *message, JSErrorReport *report) 53 { 54 if (nsnull != report) { 55 printf("JavaScript error: %s\nURL :%s, LineNo :%u\nLine text: '%s', Error text: '%s'\n", message, 56 report->filename, report->lineno, report->linebuf, report->tokenptr); 57 } 58 else { 59 printf("JavaScript error: %s\n", message); 60 } (gdb) print message $1 = 0x21c000 "win has no properties" (gdb) print *report $2 = <incomplete type> (gdb) up #4 0xeea25504 in js_ReportErrorAgain (cx=0x2bf848, message=0x21bfc0 "win has no properties", reportp=0xefffe098) at ../../../mozilla/js/src/jscntxt.c:419 419 (*onError)(cx, cx->lastMessage, reportp); Current language: auto; currently c (gdb) print *reportp $3 = {filename = 0x2c1478 "http://www.netscape.com/", lineno = 31, linebuf = 0x0, tokenptr = 0x0, uclinebuf = 0xef2d1524, uctokenptr = 0xef7c02ac, flags = 0, errorNumber = 39, ucmessage = 0x2a46d8, messageArgs = 0x4075a0}
Assignee: norris → vidur
Looks like it just needs a simple null pointer check. It's off in the dom, so reassigning.
QA Contact: 4590 → 4015
you heard the man!
Status: NEW → RESOLVED
Closed: 26 years ago
Resolution: --- → FIXED
Fixed on 3/19 by Chris McAfee. Yeah, baby!
Vidur, please could you verify this bug as I have no way to reproduce the failure. Thanks!
Status: RESOLVED → VERIFIED
Unfortunately, neither do I, since the bug report doesn't have an example. I can verify that the change was made in the code.
Javacsript component begin retired. Moving this bug to Javascript Engine.
You need to log in before you can comment on or make changes to this bug.