Closed Bug 334427 Opened 18 years ago Closed 17 years ago

Crash ecma_3/Date/15.9.5.5.js ecma_3/Date/15.9.5.6.js

Categories

(Core :: JavaScript Engine, defect)

Product:
Core
Component:
JavaScript Engine
Platform:
x86
Windows XP
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED WORKSFORME

People

(Reporter: bc, Unassigned)

References

Details

(Keywords: crash) 

I get crashes in the shell only using jsDriver.pl only in opt/dbg builds on windows in ecma_3/Date/15.9.5.5.js and ecma_3/Date/15.9.5.6.js.  Running the test case in the browser or from the command line using js alone does not crash. 


>	msvcr80.dll!_crt_debugger_hook(int _Reserved=)  Line 65	C
 	msvcr80.dll!_invoke_watson(const wchar_t * pszExpression=0x00000000, const wchar_t * pszFunction=0x00000000, const wchar_t * pszFile=0x00000000, unsigned int nLine=0, unsigned int pReserved=0)  Line 181 + 0x7 bytes	C++
 	msvcr80.dll!_expandtime(localeinfo_struct * plocinfo=0x0013eac8, char specifier=0, const tm * timeptr=0x00000000, char * * string=0x00000000, unsigned int * left=0x0013eae4, __lc_time_data * lc_time=0x00362db8, unsigned int alternate_form=0)  Line 541 + 0x23 bytes	C++
 	msvcr80.dll!_store_winword(localeinfo_struct * plocinfo=0x0013eac8, int field_code=1, const tm * tmptr=0x0013eb1c, char * * out=0x0013eaf0, unsigned int * count=0x0013eae4, __lc_time_data * lc_time=0x00362db8)  Line 1290 + 0x14 bytes	C++
 	msvcr80.dll!_expandtime(localeinfo_struct * plocinfo=0x0013eac8, char specifier=0, const tm * timeptr=0x00000000, char * * string=0x00000000, unsigned int * left=0x0013eae4, __lc_time_data * lc_time=0x00362db8, unsigned int alternate_form=1)  Line 580 + 0x19 bytes	C++
 	msvcr80.dll!_Strftime_l(char * string=0x0013eb9d, unsigned int maxsize=100, const char * format=0x610672e0, const tm * timeptr=0x0013eb1c, void * lc_time_arg=0x00000000, localeinfo_struct * plocinfo=0x00000000)  Line 415 + 0x16 bytes	C++
 	msvcr80.dll!strftime(char * string=0x0013eb88, unsigned int maxsize=100, const char * format=0x610672e0, const tm * timeptr=0x0013eb1c)  Line 301 + 0x19 bytes	C++
 	js32.dll!61063892() 	
 	[Frames below may be incorrect and/or missing, no symbols loaded for js32.dll]	
 	js32.dll!610115e7() 	
 	msvcr80.dll!_getptd_noexit()  Line 583 + 0x7 bytes	C
 	msvcr80.dll!_getptd()  Line 608 + 0x5 bytes	C
 	js32.dll!6101178d() 	
 	js32.dll!610251cd() 	
 	js32.dll!6102be24() 	
 	msvcr80.dll!__lock_fhandle(int fh=-2147481648)  Line 468 + 0x5 bytes	C
 	msvcr80.dll!free(void * pBlock=0x00000007)  Line 115 + 0x5 bytes	C
 	00440e4c()	

In the >	msvcr80.dll!strftime(char * string=0x0013eb88, unsigned int maxsize=100, const char * format=0x610672e0, const tm * timeptr=0x0013eb1c)  Line 301 + 0x19 bytes	C++
 frame 

+		format	0x610672e0 "%#c"	const char *
		maxsize	100	unsigned int
+		string	0x0013eb88 "Sunday, December 31, "	char *
-		timeptr	0x0013eb1c {tm_sec=0 tm_min=0 tm_hour=16 ...}	const tm *
		tm_sec	0	int
		tm_min	0	int
		tm_hour	16	int
		tm_mday	31	int
		tm_mon	11	int
		tm_year	-1	int
		tm_wday	0	int
		tm_yday	364	int
		tm_isdst	0	int
Blocks: 332722
bc: why don't you have symbols for js32.dll?

http://msdn.microsoft.com/library/default.asp?url=/library/en-us/vclib/html/_crt_strftime.2c_.wcsftime.asp
http://forums.microsoft.com/MSDN/ShowPost.aspx?PostID=130426&SiteID=1

_invoke_watson is pulled in for CRT function that do some kind of parameter checking (which will trigger _invalid_parameter which will trigger _invoke_watson).
And the parameter checking was improved in VC8!

can you post the params to strftime so that we can figure out what we're violating?

you might just want to load the source for strftime if you have it and read its explanation about what we're doing wrong :).
(In reply to comment #1)

> 
> can you post the params to strftime so that we can figure out what we're
> violating?
> 
> you might just want to load the source for strftime if you have it and read its
> explanation about what we're doing wrong :).
> 

extern "C" size_t __cdecl strftime (
        char *string,
        size_t maxsize,
        const char *format,
        const struct tm *timeptr
        )
{
        return (_Strftime_l(string, maxsize, format, timeptr, 0, NULL));
}

+		string	0x0013e4ac "Sunday, December 31, "	char *
		maxsize	0x00000064	unsigned int
+		format	0x610b0828 "%#c"	const char *
-		timeptr	0x0013e448 {tm_sec=0x00000000 tm_min=0x00000000 tm_hour=0x00000013 ...}	const tm *
		tm_sec	0x00000000	int
		tm_min	0x00000000	int
		tm_hour	0x00000013	int
		tm_mday	0x0000001f	int
		tm_mon	0x0000000b	int
		tm_year	0xffffffff	int
		tm_wday	0x00000000	int
		tm_yday	0x0000016c	int
		tm_isdst	0x00000000	int

(note no year => tm_year is -1)

calls  	>	msvcr80.dll!_Strftime_l(char * string=0x0013e4c1, unsigned int maxsize=0x00000064, const char * format=0x610b0828, const tm * timeptr=0x0013e448, void * lc_time_arg=0x00000000, localeinfo_struct * plocinfo=0x00000000)  Line 415 + 0x16 bytes	C++

calls _expandtime

                if(!_expandtime (_loc_update.GetLocaleT(), *format, timeptr, &string,
                             &left,lc_time, alternate_form))


static BOOL __cdecl _expandtime (
        _locale_t plocinfo,
        char specifier,
        const struct tm *timeptr,
        char **string,
        size_t *left,
        struct __lc_time_data *lc_time,
        unsigned alternate_form
        )

		alternate_form	0x00000001	unsigned int
+		lc_time	0x00364db8 {wday_abbr=0x00364db8 wday=0x00364dd4 month_abbr=0x00364df0 ...}	__lc_time_data *
+		left	0x0013e410	unsigned int *
+		plocinfo	0x0013e3f4 {locinfo=0x00362f08 mbcinfo=0x003633a8 }	localeinfo_struct *
+		string	0x00000000	char * *
+		timeptr	0x00000000 {tm_sec=??? tm_min=??? tm_hour=??? ...}	const tm *

It looks like the _Strftime_l call to _expandtime didn't pass the arguments correctly or something.
 
%#c Long date and time representation, appropriate for current locale. For example: "Tuesday, March 14, 1995, 12:41:29". 

not including a year field in the date object would be invalid. it's our fault.

can you fix your build to have symbols (or does this happen in xpcshell?) and find out where the caller got this data object from?
(In reply to comment #3)

> can you fix your build to have symbols (or does this happen in xpcshell?) and
> find out where the caller got this data object from?

I would very much like to do so, but haven't yet. This is a default VC8 shell build. Pointers?


Ok, I can crash in the browser and shell and can get symbols in the shell. If someone wants to walk me through finding the issue, ping me.
Summary: Crash in jsDriver.pl only (ecma_3/Date/15.9.5.5.js ecma_3/Date/15.9.5.6.js) → Crash ecma_3/Date/15.9.5.5.js ecma_3/Date/15.9.5.6.js
Flags: in-testsuite+
I no longer see this->WFM
Status: NEW → RESOLVED
Closed: 17 years ago
Resolution: --- → WORKSFORME
You need to log in before you can comment on or make changes to this bug.