Closed
Bug 71610
Opened 24 years ago
Closed 24 years ago
Crash in JS_GetFunctionObject() on startup
Categories
(Core :: JavaScript Engine, defect)
Tracking
()
VERIFIED
FIXED
People
(Reporter: cls, Assigned: bugs)
References
Details
(Keywords: crash, smoketest)
After BenG's bookmark checkins, clobber builds started crashing on startup.
Assigning to the JS engine component because the actual crash appears to occur
from a NULL pointer dereference in JS_GetFunctionObject.
I hate these kind of bugs. Putting the NULL check in JS_GetFunctionObject()
moves the crash into caps, nsScriptSecurityManager::GetObjectPrincipal . Some
how this bug is registry related because the bug does not manifest if
component.reg already exists. This is why the depend builds do not crash.
Comment 2•24 years ago
|
||
Is this really linux-only?
My win32 build is out of date so I dunno. Here's the trace:
(gdb) bt
#0 0x2abc30fe in JS_GetFunctionObject ()
from /usr/cls/moz/main/obj-opt-O/dist/bin/libmozjs.so
#1 0x2bdcf2cc in nsScriptSecurityManager::GetFunctionObjectPrincipal ()
from /usr/cls/moz/main/obj-opt-O/dist/bin/components/libcaps.so
#2 0x2bdce1de in nsScriptSecurityManager::CheckFunctionAccess ()
from /usr/cls/moz/main/obj-opt-O/dist/bin/components/libcaps.so
#3 0x2aee55db in nsJSContext::CallEventHandler ()
from /usr/cls/moz/main/obj-opt-O/dist/bin/libjsdom.so
#4 0x2af20e39 in nsJSDOMEventListener::HandleEvent ()
from /usr/cls/moz/main/obj-opt-O/dist/bin/libjsdom.so
#5 0x2afe8fbc in nsEventListenerManager::HandleEventSubType ()
from /usr/cls/moz/main/obj-opt-O/dist/bin/components/libgkcontent.so
#6 0x2afea28f in nsEventListenerManager::HandleEvent ()
from /usr/cls/moz/main/obj-opt-O/dist/bin/components/libgkcontent.so
#7 0x2aef4dc4 in GlobalWindowImpl::HandleDOMEvent ()
from /usr/cls/moz/main/obj-opt-O/dist/bin/libjsdom.so
#8 0x2b1461db in DocumentViewerImpl::LoadComplete ()
from /usr/cls/moz/main/obj-opt-O/dist/bin/components/libgkcontent.so
#9 0x2ae9c8fc in nsDocShell::EndPageLoad ()
from /usr/cls/moz/main/obj-opt-O/dist/bin/components/libdocshell.so
#10 0x2aea4ed9 in nsWebShell::EndPageLoad ()
from /usr/cls/moz/main/obj-opt-O/dist/bin/components/libdocshell.so
#11 0x2ae9c6d9 in nsDocShell::OnStateChange ()
from /usr/cls/moz/main/obj-opt-O/dist/bin/components/libdocshell.so
#12 0x2aea4e17 in nsWebShell::OnStateChange ()
from /usr/cls/moz/main/obj-opt-O/dist/bin/components/libdocshell.so
#13 0x2c01ec6e in nsDocLoaderImpl::FireOnStateChange ()
from /usr/cls/moz/main/obj-opt-O/dist/bin/components/liburiloader.so
#14 0x2c01df35 in nsDocLoaderImpl::doStopDocumentLoad ()
from /usr/cls/moz/main/obj-opt-O/dist/bin/components/liburiloader.so
#15 0x2c01de13 in nsDocLoaderImpl::DocLoaderIsEmpty ()
from /usr/cls/moz/main/obj-opt-O/dist/bin/components/liburiloader.so
#16 0x2c01dc3b in nsDocLoaderImpl::OnStopRequest ()
from /usr/cls/moz/main/obj-opt-O/dist/bin/components/liburiloader.so
#17 0x2b38041a in nsLoadGroup::RemoveRequest ()
from /usr/cls/moz/main/obj-opt-O/dist/bin/components/libnecko.so
#18 0x2b3c7d4b in nsJARChannel::OnStopRequest ()
from /usr/cls/moz/main/obj-opt-O/dist/bin/components/libnecko.so
#19 0x2b37669a in nsOnStopRequestEvent::HandleEvent ()
from /usr/cls/moz/main/obj-opt-O/dist/bin/components/libnecko.so
#20 0x2b3764b2 in nsStreamObserverEvent::HandlePLEvent ()
from /usr/cls/moz/main/obj-opt-O/dist/bin/components/libnecko.so
#21 0x2ab6f089 in PL_HandleEvent ()
from /usr/cls/moz/main/obj-opt-O/dist/bin/libxpcom.so
#22 0x2ab6ef99 in PL_ProcessPendingEvents ()
from /usr/cls/moz/main/obj-opt-O/dist/bin/libxpcom.so
#23 0x2ab6fedb in nsEventQueueImpl::ProcessPendingEvents ()
from /usr/cls/moz/main/obj-opt-O/dist/bin/libxpcom.so
#24 0x2b8c8f19 in event_processor_callback ()
from /usr/cls/moz/main/obj-opt-O/dist/bin/components/libwidget_gtk.so
#25 0x2b8c8ca6 in our_gdk_io_invoke ()
from /usr/cls/moz/main/obj-opt-O/dist/bin/components/libwidget_gtk.so
#26 0x2ba6aaca in g_io_unix_dispatch () from /usr/lib/libglib-1.2.so.0
#27 0x2ba6c186 in g_main_dispatch () from /usr/lib/libglib-1.2.so.0
#28 0x2ba6c751 in g_main_iterate () from /usr/lib/libglib-1.2.so.0
#29 0x2ba6c8f1 in g_main_run () from /usr/lib/libglib-1.2.so.0
#30 0x2b9915b9 in gtk_main () from /usr/lib/libgtk-1.2.so.0
#31 0x2b8c94aa in nsAppShell::Run ()
from /usr/cls/moz/main/obj-opt-O/dist/bin/components/libwidget_gtk.so
#32 0x2c1423d0 in nsAppShellService::Run ()
from /usr/cls/moz/main/obj-opt-O/dist/bin/components/libnsappshell.so
#33 0x804e2c2 in main1 ()
#34 0x804ec5c in main ()
#35 0x2acfb9cb in __libc_start_main (main=0x804eafc <main>, argc=1,
argv=0x7ffff7f4, init=0x804ad68 <_init>, fini=0x805435c <_fini>,
rtld_fini=0x2aab5ea0 <_dl_fini>, stack_end=0x7ffff7ec)
at ../sysdeps/generic/libc-start.c:92
At dbaron's request, I applied brendan's patch from bug 31847 and it appears to
fix the problem.
Let's get that in ASAP, then.
Depends on: 31847
It's in -- cls, can you verify that this is fixed?
Status: NEW → RESOLVED
Closed: 24 years ago
Resolution: --- → FIXED
Comment 8•24 years ago
|
||
I'm getting no crash on startup using builds from 2001-03-12, 2001-03-13.
Marking Verified. Please re-open if it's still occurring for anyone else -
Status: RESOLVED → VERIFIED
You need to log in
before you can comment on or make changes to this bug.
Description
•