Closed
Bug 278038
Opened 20 years ago
Closed 12 years ago
venkman/jsd exposed another rooting problem (last ditch gc?)
Categories
(Core :: JavaScript Engine, defect)
Tracking
()
RESOLVED
WONTFIX
People
(Reporter: timeless, Assigned: timeless)
Details
(Keywords: crash)
Attachments
(2 files)
|
32.78 KB,
text/plain
|
Details | |
|
1.03 KB,
patch
|
Details | Diff | Splinter Review |
jsinterp.c based on 1.8a5 w/ one patch (for another venkman/jsd related crash) Unhandled exception at 0x00ac10c0 (js3250.dll) in mozilla.exe: 0xC0000005: Access violation reading location 0x00000004. brendan's already found the fix for this.
|
||
Comment 2•20 years ago
|
||
I bet the dd(ex); call at http://lxr.mozilla.org/seamonkey/source/extensions/venkman/resources/content/venkman-views.js#2883 passed a dead object. I doubt the JSOP_TYPEOF code dropped the ball, because I do not see a way for venkman to run and nest a GC (or any other last-ditch nesting path in JS_TypeOfValue). How could a thrown exception object be wrongly GC'd? cx->exception ought to protect it. Maybe the catch code needs some scrutiny. But, FWIW, here's a patch to home sp above the typeof operand in case a GC ever could nest in JS_TypeOfValue. /be
|
|
||
Comment 3•20 years ago
|
||
Timeless, I'm gonna let you own this, since I am not likely to reproduce it. /be
Assignee: brendan → timeless
|
||
Updated•19 years ago
|
Flags: testcase-
|
|
||
Updated•18 years ago
|
QA Contact: pschwartau → general
|
||
Updated•12 years ago
|
Status: NEW → RESOLVED
Closed: 12 years ago
Resolution: --- → WONTFIX
You need to log in
before you can comment on or make changes to this bug.
Description
•