Crash while using JS_EvaluateScript

CLOSED DUPLICATE of bug 51954

Status

()

Core
JavaScript Engine
--
critical
CLOSED DUPLICATE of bug 51954
16 years ago
16 years ago

People

(Reporter: Rahul Chauhan, Assigned: Kenton Hanson (gone))

Tracking

({crash})

Trunk
x86
Linux
crash
Points:
---

Firefox Tracking Flags

(Not tracked)

Details

(Reporter)

Description

16 years ago
Hi, 
We are using the SpiderMonkey JavaScript Engine to implement
JavaScript functionality within our software. Our single threaded software is 
running on Linux Red Hat 7.2 and we are using rc 1.2 of the JavaScipt Engine. 
While using the JavaScript Engine, one of our customers have seen a
Segmentation Fault with the following stack trace,

#0  0x081e80a6 in js_CompareStrings (str1=0x7fffd388, str2=0xaa8e860) at 
jsstr.c:2441
#1  0x0818e070 in js_compare_atom_keys (k1=0x7fffd38c, k2=0xaa8e864) at 
jsatom.c:145
#2  0x081ab865 in JS_HashTableRawLookup (ht=0x9916e40, keyHash=3903879692, 
key=0x7fffd38c) at jshash.c:179
#3  0x0818f1a0 in js_AtomizeString (cx=0xaa8be60, str=0x7fffd388, flags=2) at 
jsatom.c:517
#4  0x0818f3c6 in js_AtomizeChars (cx=0xaa8be60, chars=0xa6f0978, length=15, 
flags=0) at jsatom.c:605
#5  0x081dd428 in js_GetToken (cx=0xaa8be60, ts=0xa6f0680) at jsscan.c:769
#6  0x081d0040 in Variables (cx=0xaa8be60, ts=0xa6f0680, tc=0x7fffd830) at 
jsparse.c:1628
#7  0x081cf844 in Statement (cx=0xaa8be60, ts=0xa6f0680, tc=0x7fffd830) at 
jsparse.c:1411
#8  0x081cd525 in Statements (cx=0xaa8be60, ts=0xa6f0680, tc=0x7fffd830) at 
jsparse.c:628
#9  0x081cc699 in js_CompileTokenStream (cx=0xaa8be60, chain=0x986f760, 
ts=0xa6f0680, cg=0x7fffd7f8) at jsparse.c:261
#10 0x08189669 in CompileTokenStream (cx=0xaa8be60, obj=0x986f760, 
ts=0xa6f0680, tempMark=0xaa8bee0, eofp=0x0) at jsapi.c:2639
#11 0x081898ad in JS_CompileUCScriptForPrincipals (cx=0xaa8be60, obj=0x986f760, 
principals=0x0, chars=0xa2b4d40, length=25, filename=0x0, lineno=0) at 
jsapi.c:2718
#12 0x0818a496 in JS_EvaluateUCScriptForPrincipals (cx=0xaa8be60, 
obj=0x986f760, principals=0x0, chars=0xa2b4d40, length=25, filename=0x0, 
lineno=0, rval=0x7fffd9b0) at jsapi.c:3124
#13 0x0818a45d in JS_EvaluateUCScript (cx=0xaa8be60, obj=0x986f760, 
chars=0xa2b4d40, length=25, filename=0x0, lineno=0, rval=0x7fffd9b0) at 
jsapi.c:3109
#14 0x0818a394 in JS_EvaluateScript (cx=0xaa8be60, obj=0x986f760, 
bytes=0xa165008 "var nbestconfidence='32';", length=25, filename=0x0, lineno=0, 
rval=0x7fffd9b0) at jsapi.c:3077

If anyone has any insights into this, it will be much appreciated. 

Thanks,
Rahul
Severity: blocker → critical
Keywords: crash

Comment 1

16 years ago
rc 1.2?

Sounds out of date; we are up to RC4a of JS1.5. Could you try the tarball
at ftp://ftp.mozilla.org/pub/js/js-1.5-rc4a.tar.gz and report back?

Thanks -
Assignee: rogerl → khanson
(Reporter)

Comment 2

16 years ago

*** This bug has been marked as a duplicate of 51954 ***
Status: UNCONFIRMED → RESOLVED
Last Resolved: 16 years ago
Resolution: --- → DUPLICATE
(Reporter)

Comment 3

16 years ago
This bug has already been found and fixed in rc3.
Status: RESOLVED → CLOSED
You need to log in before you can comment on or make changes to this bug.