Closed
Bug 588558
Opened 14 years ago
Closed 14 years ago
js_DumpStackFrame(cx) crashes (fatal JS_ASSERT) when cx->fp is null
Categories
(Core :: JavaScript Engine, defect)
Core
JavaScript Engine
Tracking
()
RESOLVED
FIXED
People
(Reporter: dbaron, Assigned: luke)
References
Details
(Whiteboard: fixed-in-tracemonkey)
Attachments
(1 file)
632 bytes,
patch
|
Waldo
:
review+
|
Details | Diff | Splinter Review |
Since http://hg.mozilla.org/mozilla-central/rev/c96ba53e745f , js_DumpStackFrame(cx) has crashed when cx->fp is null. Sometime in the past week or so this started being triggered by a debugging patch I have in my tree: http://hg.mozilla.org/users/dbaron_mozilla.com/patches/raw-file/ab8577e31cf6/no-components-dump-stack It crashes because of the following JS_ASSERT in the FrameRegsIter constructor: #4 <signal handler called> #5 0x00007f6105b6e7bb in raise (sig=<value optimized out>) at ../nptl/sysdeps/unix/sysv/linux/pt-raise.c:42 #6 0x00007f61054f7a45 in FrameRegsIter (cx=0x7f60caf3ecd0, start=0x0) at /home/dbaron/builds/mozilla-central/mozilla/js/src/jscntxtinlines.h:331 #7 js_DumpStackFrame (cx=0x7f60caf3ecd0, start=0x0) at /home/dbaron/builds/mozilla-central/mozilla/js/src/jsobj.cpp:6352
Assignee | ||
Comment 1•14 years ago
|
||
Embarrassing bug; the fix is included with the remove-slow-natives patch, but might as well fix early.
Updated•14 years ago
|
Attachment #467161 -
Flags: review?(jwalden+bmo) → review+
Assignee | ||
Comment 2•14 years ago
|
||
http://hg.mozilla.org/tracemonkey/rev/b5ef64f4655f
Whiteboard: fixed-in-tracemonkey
Comment 3•14 years ago
|
||
http://hg.mozilla.org/mozilla-central/rev/b5ef64f4655f
Status: ASSIGNED → RESOLVED
Closed: 14 years ago
Resolution: --- → FIXED
You need to log in
before you can comment on or make changes to this bug.
Description
•