Closed Bug 327897 Opened 18 years ago Closed 18 years ago

Crash [@ js_GetStringBytes] involving apply, __proto__, E4X

Categories

(Core :: JavaScript Engine, defect, P1)

Product:
Core
Component:
JavaScript Engine
Type:
defect

Tracking

()

Status:
VERIFIED FIXED
Milestone:
mozilla1.9alpha1

People

(Reporter: jruderman, Assigned: mrbkap)

Details

(4 keywords, Whiteboard: [patch][rft-dl])

Crash Data

Attachments

(3 files)

testcase
97 bytes, text/html
Details
Talkback Record TB15420219 Windows/Win98
29.75 KB, text/html
Details
Fix
3.24 KB, patch
brendan
: review+
brendan
: approval-branch-1.8.1+
dveditz
: approval1.8.0.2+
Details | Diff | Splinter Review
Attached file testcase 

    
    

    
  


  
Mozilla/5.0 (Windows; U; Win98; en-US; rv:1.9a1) Gecko/20060212 SeaMonkey/1.5a
crash Talkback Record TB15420219W Seamonkey Trunk, Win98, so it isn't Mac only.

    
  

        Attachment #212590 -
        Attachment mime type: application/vnd.mozilla.xul+xml → text/html

    
    

    
  
This is easily fixed.
OS: MacOS X → All
Priority: -- → P1
Hardware: Macintosh → All
Whiteboard: [patch]
Target Milestone: --- → mozilla1.9alpha

    
    

    
  

      
      
      
      

        Attached patch
          
          
        FixSplinter Review
      

    


  
The error message spat out is suboptimal, but close anyway. Chaining fallible functions together in a language without native exceptions is asking for trouble.
Assignee: general → mrbkap
Status: NEW → ASSIGNED

        Attachment #212682 -
        Flags: review?(brendan)

    
    

    
  
Comment on attachment 212682 [details] [diff] [review]
Fix

mrbkap: blame fur, I do ;-):

3.9          (fur%nets 14-Oct-98):                              JS_GetStringBytes(JS_ValueToString(cx, fval)));

r=me, good for 1.8.1 at least.

/be

        Attachment #212682 -
        Flags: review?(brendan)

        Attachment #212682 -
        Flags: review+

        Attachment #212682 -
        Flags: approval1.8.0.2?

        Attachment #212682 -
        Flags: approval-branch-1.8.1+

    
    

    
  
Fix checked into trunk.
Status: ASSIGNED → RESOLVED
Closed: 18 years ago
Resolution: --- → FIXED
Flags: blocking1.8.0.2+

    
    

    
  
Comment on attachment 212682 [details] [diff] [review]
Fix

approved for 1.8.0 branch, a=dveditz

        Attachment #212682 -
        Flags: approval1.8.0.2? → approval1.8.0.2+

    
    

    
  
Fix checked into the 1.8 branches.
Keywords: fixed1.8.0.2, 
          
            fixed1.8.1

    
    

    
  
Checking in regress-327897.js;
/cvsroot/mozilla/js/tests/e4x/Regress/regress-327897.js,v  <--  regress-327897.js
initial revision: 1.1
done

Flags: testcase+

    
    

    
  
Marking [rft-dl] (ready for testing in Firefox 1.5.0.2 release candidates) since in-testsuite+ indicates a test case exists in the js test library.
Whiteboard: [patch] → [patch][rft-dl]

    
    

    
  
v ff 1.8.0.1/1.8/1.9 20060302 win/linux/mac
Status: RESOLVED → VERIFIED
Keywords: fixed1.8.0.2, 
          
            fixed1.8.1verified1.8.0.2, 
          
            verified1.8.1
Crash Signature: [@ js_GetStringBytes]

          You need to log in
          before you can comment on or make changes to this bug.
        






  

    
  







  

    

      
Attachment

      

      
      
      
      
    

    

      

        

          

            
General

            

              Creator: 



            

            
Created: 

            
Updated: 

            
Size: