Closed
Bug 1165904
Opened 10 years ago
Closed 10 years ago
Many runtime error: member call on null pointer of type
Categories
(Core :: JavaScript Engine, defect)
Core
JavaScript Engine
Tracking
()
RESOLVED
FIXED
mozilla41
| Tracking | Status | |
|---|---|---|
| firefox41 | --- | fixed |
People
(Reporter: mliska, Assigned: jandem)
References
Details
Attachments
(1 file)
|
3.50 KB,
patch
|
terrence
:
review+
|
Details | Diff | Splinter Review |
User Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.90 Safari/537.36
Steps to reproduce:
Add -fsanitize=null to compile options. During investigation of https://gcc.gnu.org/bugzilla/show_bug.cgi?id=66163, where GCC 6.0 introduces new consideration for value range propagation of a reference type and this pointer to be never NULL.
As shown in following output, there are many of these errors in Firefox, for which I was able to find also existing issues: #899399 , #899402.
These FF issues are quite old and current master contains these undefined behavior errors.
Thanks,
Martin
Actual results:
/home/marxin/Programming/gecko-dev/js/src/jit/JitFrames.h:377:52: runtime error: member call on null pointer of type 'struct JitFrameLayout'
/home/marxin/Programming/gecko-dev/js/src/jit/JitFrames.h:377:52: runtime error: member call on null pointer of type 'struct JitFrameLayout'
/home/marxin/Programming/gecko-dev/js/src/jit/JitFrames.h:382:52: runtime error: member call on null pointer of type 'struct JitFrameLayout'
/home/marxin/Programming/gecko-dev/js/src/jit/JitFrames.h:382:52: runtime error: member call on null pointer of type 'struct JitFrameLayout'
/home/marxin/Programming/gecko-dev/js/src/jit/JitFrames.h:382:52: runtime error: member call on null pointer of type 'struct JitFrameLayout'
/home/marxin/Programming/gecko-dev/js/src/jit/JitFrames.h:377:52: runtime error: member call on null pointer of type 'struct JitFrameLayout'
/home/marxin/Programming/gecko-dev/js/src/jit/JitFrames.h:382:52: runtime error: member call on null pointer of type 'struct JitFrameLayout'
/home/marxin/Programming/gecko-dev/js/src/jit/JitFrames.h:382:52: runtime error: member call on null pointer of type 'struct JitFrameLayout'
/home/marxin/Programming/gecko-dev/js/src/gc/Marking.cpp:1953:60: runtime error: member call on null pointer of type 'struct HeapSlot'
/home/marxin/Programming/gecko-dev/js/src/gc/Marking.cpp:1953:37: runtime error: member call on null pointer of type 'struct HeapSlot'
/home/marxin/Programming/gecko-dev/js/src/gc/Marking.cpp:1954:56: runtime error: member call on null pointer of type 'struct HeapSlot'
/home/marxin/Programming/gecko-dev/js/src/gc/Marking.cpp:1954:35: runtime error: member call on null pointer of type 'struct HeapSlot'
/home/marxin/Programming/gecko-dev/js/src/jit/JitFrames.h:382:52: runtime error: member call on null pointer of type 'struct JitFrameLayout'
/home/marxin/Programming/gecko-dev/js/src/jit/JitFrames.h:382:52: runtime error: member call on null pointer of type 'struct JitFrameLayout'
/home/marxin/Programming/gecko-dev/js/src/jit/JitFrames.h:382:52: runtime error: member call on null pointer of type 'struct JitFrameLayout'
/home/marxin/Programming/gecko-dev/js/src/jit/JitFrames.h:377:52: runtime error: member call on null pointer of type 'struct JitFrameLayout'
/home/marxin/Programming/gecko-dev/js/src/jit/JitFrames.h:382:52: runtime error: member call on null pointer of type 'struct JitFrameLayout'
/home/marxin/Programming/gecko-dev/js/src/jit/JitFrames.h:382:52: runtime error: member call on null pointer of type 'struct JitFrameLayout'
/home/marxin/Programming/gecko-dev/gfx/harfbuzz/src/hb-ot-layout-gsub-table.hh:878:20: runtime error: reference binding to null pointer of type 'const struct _hb_void_t'
/home/marxin/Programming/gecko-dev/gfx/harfbuzz/src/hb-private.hh:805:72: runtime error: reference binding to null pointer of type 'const struct _hb_void_t'
/home/marxin/Programming/gecko-dev/gfx/harfbuzz/src/hb-ot-layout-gsub-table.hh:878:20: runtime error: reference binding to null pointer of type 'const struct _hb_void_t'
/home/marxin/Programming/gecko-dev/gfx/harfbuzz/src/hb-ot-layout-gsub-table.hh:1075:26: runtime error: reference binding to null pointer of type 'const struct _hb_void_t'
/home/marxin/Programming/gecko-dev/gfx/harfbuzz/src/hb-private.hh:805:72: runtime error: reference binding to null pointer of type 'const struct _hb_void_t'
/home/marxin/Programming/gecko-dev/gfx/harfbuzz/src/hb-ot-layout-gsub-table.hh:1075:26: runtime error: reference binding to null pointer of type 'const struct _hb_void_t'
/home/marxin/Programming/gecko-dev/gfx/harfbuzz/src/hb-ot-layout-common-private.hh:614:95: runtime error: reference binding to null pointer of type 'const struct _hb_void_t'
/home/marxin/Programming/gecko-dev/gfx/harfbuzz/src/hb-ot-layout-common-private.hh:615:7: runtime error: reference binding to null pointer of type 'const struct _hb_void_t'
/home/marxin/Programming/gecko-dev/gfx/harfbuzz/src/hb-ot-layout-common-private.hh:618:12: runtime error: reference binding to null pointer of type 'const struct _hb_void_t'
/home/marxin/Programming/gecko-dev/gfx/harfbuzz/src/hb-private.hh:805:72: runtime error: reference binding to null pointer of type 'const struct _hb_void_t'
/home/marxin/Programming/gecko-dev/gfx/harfbuzz/src/hb-ot-layout-common-private.hh:618:12: runtime error: reference binding to null pointer of type 'const struct _hb_void_t'
/home/marxin/Programming/gecko-dev/gfx/harfbuzz/src/hb-ot-layout-gsub-table.hh:1219:52: runtime error: reference binding to null pointer of type 'const struct _hb_void_t'
/home/marxin/Programming/gecko-dev/gfx/harfbuzz/src/hb-ot-layout-gsub-table.hh:1137:12: runtime error: reference binding to null pointer of type 'const struct _hb_void_t'
/home/marxin/Programming/gecko-dev/gfx/harfbuzz/src/hb-private.hh:805:72: runtime error: reference binding to null pointer of type 'const struct _hb_void_t'
/home/marxin/Programming/gecko-dev/gfx/harfbuzz/src/hb-ot-layout-gsub-table.hh:1137:12: runtime error: reference binding to null pointer of type 'const struct _hb_void_t'
/home/marxin/Programming/gecko-dev/gfx/harfbuzz/src/hb-ot-layout-gpos-table.hh:1100:20: runtime error: reference binding to null pointer of type 'const struct _hb_void_t'
/home/marxin/Programming/gecko-dev/gfx/harfbuzz/src/hb-private.hh:805:72: runtime error: reference binding to null pointer of type 'const struct _hb_void_t'
/home/marxin/Programming/gecko-dev/gfx/harfbuzz/src/hb-ot-layout-gpos-table.hh:1100:20: runtime error: reference binding to null pointer of type 'const struct _hb_void_t'
/home/marxin/Programming/gecko-dev/gfx/harfbuzz/src/hb-ot-layout-gpos-table.hh:1380:26: runtime error: reference binding to null pointer of type 'const struct _hb_void_t'
/home/marxin/Programming/gecko-dev/gfx/harfbuzz/src/hb-private.hh:805:72: runtime error: reference binding to null pointer of type 'const struct _hb_void_t'
/home/marxin/Programming/gecko-dev/gfx/harfbuzz/src/hb-ot-layout-gpos-table.hh:1380:26: runtime error: reference binding to null pointer of type 'const struct _hb_void_t'
/home/marxin/Programming/gecko-dev/gfx/harfbuzz/src/hb-ot-layout-common-private.hh:614:95: runtime error: reference binding to null pointer of type 'const struct _hb_void_t'
/home/marxin/Programming/gecko-dev/gfx/harfbuzz/src/hb-ot-layout-common-private.hh:615:7: runtime error: reference binding to null pointer of type 'const struct _hb_void_t'
/home/marxin/Programming/gecko-dev/js/src/jit/JitFrames.h:377:52: runtime error: member call on null pointer of type 'struct JitFrameLayout'
/home/marxin/Programming/gecko-dev/js/src/jit/JitFrames.h:382:52: runtime error: member call on null pointer of type 'struct JitFrameLayout'
/home/marxin/Programming/gecko-dev/js/src/jit/JitFrames.h:382:52: runtime error: member call on null pointer of type 'struct JitFrameLayout'
/home/marxin/Programming/gecko-dev/js/src/jit/JitFrames.h:377:52: runtime error: member call on null pointer of type 'struct JitFrameLayout'
/home/marxin/Programming/gecko-dev/js/src/jit/JitFrames.h:377:52: runtime error: member call on null pointer of type 'struct JitFrameLayout'
/home/marxin/Programming/gecko-dev/js/src/jit/JitFrames.h:377:52: runtime error: member call on null pointer of type 'struct JitFrameLayout'
/home/marxin/Programming/gecko-dev/js/src/jit/JitFrames.h:382:52: runtime error: member call on null pointer of type 'struct JitFrameLayout'
/home/marxin/Programming/gecko-dev/js/src/jit/JitFrames.h:382:52: runtime error: member call on null pointer of type 'struct JitFrameLayout'
/home/marxin/Programming/gecko-dev/js/src/jit/JitFrames.h:382:52: runtime error: member call on null pointer of type 'struct JitFrameLayout'
/home/marxin/Programming/gecko-dev/js/src/jit/JitFrames.h:377:52: runtime error: member call on null pointer of type 'struct JitFrameLayout'
/home/marxin/Programming/gecko-dev/js/src/jit/JitFrames.h:382:52: runtime error: member call on null pointer of type 'struct JitFrameLayout'
/home/marxin/Programming/gecko-dev/js/src/jit/JitFrames.h:382:52: runtime error: member call on null pointer of type 'struct JitFrameLayout'
/home/marxin/Programming/gecko-dev/js/src/jit/JitFrames.h:377:52: runtime error: member call on null pointer of type 'struct JitFrameLayout'
/home/marxin/Programming/gecko-dev/js/src/gc/Heap.h:1189:40: runtime error: member call on null pointer of type 'struct ArenaHeader'
/home/marxin/Programming/gecko-dev/js/src/gc/Heap.h:1140:19: runtime error: member call on null pointer of type 'const struct ArenaHeader'
/home/marxin/Programming/gecko-dev/js/src/gc/Heap.h:1189:40: runtime error: member call on null pointer of type 'struct ArenaHeader'
/home/marxin/Programming/gecko-dev/js/src/gc/Heap.h:1140:19: runtime error: member call on null pointer of type 'const struct ArenaHeader'
/home/marxin/Programming/gecko-dev/js/src/gc/Heap.h:1212:40: runtime error: member call on null pointer of type 'struct ArenaHeader'
/home/marxin/Programming/gecko-dev/js/src/gc/Heap.h:1140:19: runtime error: member call on null pointer of type 'const struct ArenaHeader'
/home/marxin/Programming/gecko-dev/js/src/jit/JitFrames.h:382:52: runtime error: member call on null pointer of type 'struct JitFrameLayout'
/home/marxin/Programming/gecko-dev/gfx/harfbuzz/src/hb-ot-layout-gsubgpos-private.hh:2134:20: runtime error: reference binding to null pointer of type 'const struct _hb_void_t'
/home/marxin/Programming/gecko-dev/gfx/harfbuzz/src/hb-private.hh:805:72: runtime error: reference binding to null pointer of type 'const struct _hb_void_t'
/home/marxin/Programming/gecko-dev/gfx/harfbuzz/src/hb-ot-layout-gsubgpos-private.hh:2134:20: runtime error: reference binding to null pointer of type 'const struct _hb_void_t'
/home/marxin/Programming/gecko-dev/gfx/harfbuzz/src/hb-ot-layout-gsub-table.hh:1080:32: runtime error: reference binding to null pointer of type 'const struct _hb_void_t'
/home/marxin/Programming/gecko-dev/gfx/harfbuzz/src/hb-private.hh:805:72: runtime error: reference binding to null pointer of type 'const struct _hb_void_t'
/home/marxin/Programming/gecko-dev/gfx/harfbuzz/src/hb-ot-layout-gsub-table.hh:1080:32: runtime error: reference binding to null pointer of type 'const struct _hb_void_t'
/home/marxin/Programming/gecko-dev/gfx/harfbuzz/src/hb-ot-layout-gsub-table.hh:231:20: runtime error: reference binding to null pointer of type 'const struct _hb_void_t'
/home/marxin/Programming/gecko-dev/gfx/harfbuzz/src/hb-private.hh:805:72: runtime error: reference binding to null pointer of type 'const struct _hb_void_t'
/home/marxin/Programming/gecko-dev/gfx/harfbuzz/src/hb-ot-layout-gsub-table.hh:231:20: runtime error: reference binding to null pointer of type 'const struct _hb_void_t'
/home/marxin/Programming/gecko-dev/gfx/harfbuzz/src/hb-ot-layout-gsub-table.hh:230:20: runtime error: reference binding to null pointer of type 'const struct _hb_void_t'
/home/marxin/Programming/gecko-dev/gfx/harfbuzz/src/hb-private.hh:805:72: runtime error: reference binding to null pointer of type 'const struct _hb_void_t'
/home/marxin/Programming/gecko-dev/gfx/harfbuzz/src/hb-ot-layout-gsub-table.hh:230:20: runtime error: reference binding to null pointer of type 'const struct _hb_void_t'
/home/marxin/Programming/gecko-dev/gfx/harfbuzz/src/hb-ot-layout-gsub-table.hh:567:20: runtime error: reference binding to null pointer of type 'const struct _hb_void_t'
/home/marxin/Programming/gecko-dev/gfx/harfbuzz/src/hb-private.hh:805:72: runtime error: reference binding to null pointer of type 'const struct _hb_void_t'
/home/marxin/Programming/gecko-dev/gfx/harfbuzz/src/hb-ot-layout-gsub-table.hh:567:20: runtime error: reference binding to null pointer of type 'const struct _hb_void_t'
/home/marxin/Programming/gecko-dev/gfx/harfbuzz/src/hb-ot-layout-gpos-table.hh:1328:20: runtime error: reference binding to null pointer of type 'const struct _hb_void_t'
/home/marxin/Programming/gecko-dev/gfx/harfbuzz/src/hb-private.hh:805:72: runtime error: reference binding to null pointer of type 'const struct _hb_void_t'
/home/marxin/Programming/gecko-dev/gfx/harfbuzz/src/hb-ot-layout-gpos-table.hh:1328:20: runtime error: reference binding to null pointer of type 'const struct _hb_void_t'
/home/marxin/Programming/gecko-dev/gfx/harfbuzz/src/hb-ot-layout-gpos-table.hh:1215:20: runtime error: reference binding to null pointer of type 'const struct _hb_void_t'
/home/marxin/Programming/gecko-dev/gfx/harfbuzz/src/hb-private.hh:805:72: runtime error: reference binding to null pointer of type 'const struct _hb_void_t'
/home/marxin/Programming/gecko-dev/gfx/harfbuzz/src/hb-ot-layout-gpos-table.hh:1215:20: runtime error: reference binding to null pointer of type 'const struct _hb_void_t'
/home/marxin/Programming/gecko-dev/gfx/harfbuzz/src/hb-ot-layout-gpos-table.hh:848:20: runtime error: reference binding to null pointer of type 'const struct _hb_void_t'
/home/marxin/Programming/gecko-dev/gfx/harfbuzz/src/hb-private.hh:805:72: runtime error: reference binding to null pointer of type 'const struct _hb_void_t'
/home/marxin/Programming/gecko-dev/gfx/harfbuzz/src/hb-ot-layout-gpos-table.hh:848:20: runtime error: reference binding to null pointer of type 'const struct _hb_void_t'
/home/marxin/Programming/gecko-dev/js/src/jit/JitFrames.h:377:52: runtime error: member call on null pointer of type 'struct JitFrameLayout'
/home/marxin/Programming/gecko-dev/js/src/jit/JitFrames.h:382:52: runtime error: member call on null pointer of type 'struct JitFrameLayout'
/home/marxin/Programming/gecko-dev/js/src/jit/JitFrames.h:382:52: runtime error: member call on null pointer of type 'struct JitFrameLayout'
/home/marxin/Programming/gecko-dev/js/src/jit/JitFrames.h:382:52: runtime error: member call on null pointer of type 'struct JitFrameLayout'
/home/marxin/Programming/gecko-dev/js/src/jit/JitFrames.h:382:52: runtime error: member call on null pointer of type 'struct JitFrameLayout'
/home/marxin/Programming/gecko-dev/gfx/harfbuzz/src/hb-ot-layout-gsub-table.hh:230:20: runtime error: reference binding to null pointer of type 'const struct _hb_void_t'
/home/marxin/Programming/gecko-dev/gfx/harfbuzz/src/hb-private.hh:805:72: runtime error: reference binding to null pointer of type 'const struct _hb_void_t'
/home/marxin/Programming/gecko-dev/gfx/harfbuzz/src/hb-ot-layout-gsub-table.hh:230:20: runtime error: reference binding to null pointer of type 'const struct _hb_void_t'
/home/marxin/Programming/gecko-dev/gfx/harfbuzz/src/hb-ot-layout-gsub-table.hh:1075:26: runtime error: reference binding to null pointer of type 'const struct _hb_void_t'
/home/marxin/Programming/gecko-dev/gfx/harfbuzz/src/hb-private.hh:805:72: runtime error: reference binding to null pointer of type 'const struct _hb_void_t'
/home/marxin/Programming/gecko-dev/gfx/harfbuzz/src/hb-ot-layout-gsub-table.hh:1075:26: runtime error: reference binding to null pointer of type 'const struct _hb_void_t'
/home/marxin/Programming/gecko-dev/gfx/harfbuzz/src/hb-ot-layout-common-private.hh:614:95: runtime error: reference binding to null pointer of type 'const struct _hb_void_t'
/home/marxin/Programming/gecko-dev/gfx/harfbuzz/src/hb-ot-layout-common-private.hh:615:7: runtime error: reference binding to null pointer of type 'const struct _hb_void_t'
/home/marxin/Programming/gecko-dev/gfx/harfbuzz/src/hb-ot-layout-common-private.hh:618:12: runtime error: reference binding to null pointer of type 'const struct _hb_void_t'
/home/marxin/Programming/gecko-dev/gfx/harfbuzz/src/hb-private.hh:805:72: runtime error: reference binding to null pointer of type 'const struct _hb_void_t'
/home/marxin/Programming/gecko-dev/gfx/harfbuzz/src/hb-ot-layout-common-private.hh:618:12: runtime error: reference binding to null pointer of type 'const struct _hb_void_t'
/home/marxin/Programming/gecko-dev/gfx/harfbuzz/src/hb-ot-layout-gsub-table.hh:1219:52: runtime error: reference binding to null pointer of type 'const struct _hb_void_t'
/home/marxin/Programming/gecko-dev/gfx/harfbuzz/src/hb-ot-layout-gsub-table.hh:1137:12: runtime error: reference binding to null pointer of type 'const struct _hb_void_t'
/home/marxin/Programming/gecko-dev/gfx/harfbuzz/src/hb-private.hh:805:72: runtime error: reference binding to null pointer of type 'const struct _hb_void_t'
/home/marxin/Programming/gecko-dev/gfx/harfbuzz/src/hb-ot-layout-gsub-table.hh:1137:12: runtime error: reference binding to null pointer of type 'const struct _hb_void_t'
/home/marxin/Programming/gecko-dev/gfx/harfbuzz/src/hb-ot-layout-gpos-table.hh:848:20: runtime error: reference binding to null pointer of type 'const struct _hb_void_t'
/home/marxin/Programming/gecko-dev/gfx/harfbuzz/src/hb-private.hh:805:72: runtime error: reference binding to null pointer of type 'const struct _hb_void_t'
/home/marxin/Programming/gecko-dev/gfx/harfbuzz/src/hb-ot-layout-gpos-table.hh:848:20: runtime error: reference binding to null pointer of type 'const struct _hb_void_t'
/home/marxin/Programming/gecko-dev/gfx/harfbuzz/src/hb-ot-layout-gpos-table.hh:1380:26: runtime error: reference binding to null pointer of type 'const struct _hb_void_t'
/home/marxin/Programming/gecko-dev/gfx/harfbuzz/src/hb-private.hh:805:72: runtime error: reference binding to null pointer of type 'const struct _hb_void_t'
/home/marxin/Programming/gecko-dev/gfx/harfbuzz/src/hb-ot-layout-gpos-table.hh:1380:26: runtime error: reference binding to null pointer of type 'const struct _hb_void_t'
/home/marxin/Programming/gecko-dev/gfx/harfbuzz/src/hb-ot-layout-common-private.hh:614:95: runtime error: reference binding to null pointer of type 'const struct _hb_void_t'
/home/marxin/Programming/gecko-dev/gfx/harfbuzz/src/hb-ot-layout-common-private.hh:615:7: runtime error: reference binding to null pointer of type 'const struct _hb_void_t'
/home/marxin/Programming/gecko-dev/layout/generic/nsBlockFrame.cpp:6151:51: runtime error: member call on null pointer of type 'struct nsBlockFrame'
/home/marxin/Programming/gecko-dev/js/src/jit/JitFrames.h:382:52: runtime error: member call on null pointer of type 'struct JitFrameLayout'
ATTENTION: default value of option force_s3tc_enable overridden by environment.
/home/marxin/Programming/gecko-dev/gfx/harfbuzz/src/hb-ot-layout-gsub-table.hh:878:20: runtime error: reference binding to null pointer of type 'const struct _hb_void_t'
/home/marxin/Programming/gecko-dev/gfx/harfbuzz/src/hb-private.hh:805:72: runtime error: reference binding to null pointer of type 'const struct _hb_void_t'
/home/marxin/Programming/gecko-dev/gfx/harfbuzz/src/hb-ot-layout-gsub-table.hh:878:20: runtime error: reference binding to null pointer of type 'const struct _hb_void_t'
/home/marxin/Programming/gecko-dev/gfx/harfbuzz/src/hb-ot-layout-gsub-table.hh:231:20: runtime error: reference binding to null pointer of type 'const struct _hb_void_t'
/home/marxin/Programming/gecko-dev/gfx/harfbuzz/src/hb-private.hh:805:72: runtime error: reference binding to null pointer of type 'const struct _hb_void_t'
/home/marxin/Programming/gecko-dev/gfx/harfbuzz/src/hb-ot-layout-gsub-table.hh:231:20: runtime error: reference binding to null pointer of type 'const struct _hb_void_t'
/home/marxin/Programming/gecko-dev/gfx/harfbuzz/src/hb-ot-layout-gsub-table.hh:567:20: runtime error: reference binding to null pointer of type 'const struct _hb_void_t'
/home/marxin/Programming/gecko-dev/gfx/harfbuzz/src/hb-private.hh:805:72: runtime error: reference binding to null pointer of type 'const struct _hb_void_t'
/home/marxin/Programming/gecko-dev/gfx/harfbuzz/src/hb-ot-layout-gsub-table.hh:567:20: runtime error: reference binding to null pointer of type 'const struct _hb_void_t'
/home/marxin/Programming/gecko-dev/gfx/harfbuzz/src/hb-ot-layout-gpos-table.hh:553:20: runtime error: reference binding to null pointer of type 'const struct _hb_void_t'
/home/marxin/Programming/gecko-dev/gfx/harfbuzz/src/hb-private.hh:805:72: runtime error: reference binding to null pointer of type 'const struct _hb_void_t'
/home/marxin/Programming/gecko-dev/gfx/harfbuzz/src/hb-ot-layout-gpos-table.hh:553:20: runtime error: reference binding to null pointer of type 'const struct _hb_void_t'
/home/marxin/Programming/gecko-dev/js/src/gc/Marking.cpp:1954:56: runtime error: member call on null pointer of type 'struct HeapSlot'
/home/marxin/Programming/gecko-dev/js/src/gc/Marking.cpp:1954:35: runtime error: member call on null pointer of type 'struct HeapSlot'
/home/marxin/Programming/gecko-dev/js/src/gc/Marking.cpp:1953:60: runtime error: member call on null pointer of type 'struct HeapSlot'
/home/marxin/Programming/gecko-dev/js/src/gc/Marking.cpp:1953:37: runtime error: member call on null pointer of type 'struct HeapSlot'
/home/marxin/Programming/gecko-dev/js/src/jit/JitFrames.h:377:52: runtime error: member call on null pointer of type 'struct JitFrameLayout'
/home/marxin/Programming/gecko-dev/js/src/jit/JitFrames.h:382:52: runtime error: member call on null pointer of type 'struct JitFrameLayout'
/home/marxin/Programming/gecko-dev/js/src/jit/JitFrames.h:382:52: runtime error: member call on null pointer of type 'struct JitFrameLayout'
|
||
Comment 1•10 years ago
|
||
> js/src/jit/JitFrames.h:377:52: runtime error: member call on null pointer of type 'struct JitFrameLayout'
That's this function:
static size_t offsetOfThis() {
JitFrameLayout* base = nullptr;
return reinterpret_cast<size_t>(&base->argv()[0]);
}
Turns out the implementation of argv() works just fine with a null this....
|
Assignee | |
Comment 2•10 years ago
|
||
This fixes all the JS related issues.
Assignee: nobody → jdemooij
Status: UNCONFIRMED → ASSIGNED
Ever confirmed: true
Attachment #8607645 -
Flags: review?(terrence)
|
|
Assignee | |
Comment 3•10 years ago
|
||
Comment on attachment 8607645 [details] [diff] [review]
Patch
Review of attachment 8607645 [details] [diff] [review]:
-----------------------------------------------------------------
::: js/src/gc/Heap.h
@@ +1186,5 @@
> {
> MOZ_ASSERT(!(uintptr_t(aheader) & ArenaMask));
> MOZ_ASSERT(!auxNextLink && !hasDelayedMarking);
> hasDelayedMarking = 1;
> + auxNextLink = aheader ? (aheader->arenaAddress() >> ArenaShift) : 0;
I just noticed auxNextLink should be 0 here (see MOZ_ASSERT above), so this could also be written as:
if (aheader)
auxNextLink = ...;
Let me know if you prefer that. Same below.
|
||
Comment 4•10 years ago
|
||
Comment on attachment 8607645 [details] [diff] [review]
Patch
Review of attachment 8607645 [details] [diff] [review]:
-----------------------------------------------------------------
::: js/src/gc/Heap.h
@@ +1186,5 @@
> {
> MOZ_ASSERT(!(uintptr_t(aheader) & ArenaMask));
> MOZ_ASSERT(!auxNextLink && !hasDelayedMarking);
> hasDelayedMarking = 1;
> + auxNextLink = aheader ? (aheader->arenaAddress() >> ArenaShift) : 0;
Yes, I think an explicit |if| makes the existing invariant clearer.
Attachment #8607645 -
Flags: review?(terrence) → review+
|
|
Assignee | |
Comment 6•10 years ago
|
||
Martin, can you verify the patch fixes the js/src errors? It landed on mozilla-inbound and will be on mozilla-central in a day or so, assuming it doesn't regress anything.
We should probably file a separate graphics or HarfBuzz bug for the remaining issues...
|
Reporter | |
Comment 8•10 years ago
|
||
(In reply to Jan de Mooij [:jandem] from comment #6)
> Martin, can you verify the patch fixes the js/src errors? It landed on
> mozilla-inbound and will be on mozilla-central in a day or so, assuming it
> doesn't regress anything.
>
> We should probably file a separate graphics or HarfBuzz bug for the
> remaining issues...
Thanks a lot, really quick fix.
I've been just rebuilding inbound branch with enabled sanitizer.
Martin
|
|
Reporter | |
Comment 9•10 years ago
|
||
I can confirm that except HarfBuzz issues, all aforementioned runtime errors has gone.
Thanks,
Martin
Status: ASSIGNED → RESOLVED
Closed: 10 years ago
status-firefox41:
--- → fixed
Resolution: --- → FIXED
Target Milestone: --- → mozilla41
|
|
Reporter | |
Comment 11•10 years ago
|
||
I've just created related issue for the rest of errors:
https://bugzilla.mozilla.org/show_bug.cgi?id=1167119
You need to log in
before you can comment on or make changes to this bug.
Description
•