Closed
Bug 457788
Opened 16 years ago
Closed 16 years ago
eval(string) crashes in js_ComputeFilename
Categories
(Core Graveyard :: Installer: XPInstall Engine, defect)
Tracking
(Not tracked)
RESOLVED
DUPLICATE
of bug 452295
People
(Reporter: mnyromyr, Unassigned)
References
Details
(4 keywords, Whiteboard: [fixed by 452295])
Calling eval with a string argument in an install.js XPInstall script crashes
Seamonkey 1.1.12 (it doesn't for numeric arguments to eval).
[This is the exact same sympton as in bug 298054, only this time for SM and with a different crash location.]
SM 1.1.11 (rv:1.8.1.16; Gecko/20080702): okay
SM 1.1.12 (rv:1.8.1.17; Gecko/20080829): crashes
Steps to reproduce:
- try to install the evalcrash.xpi addon from bug 298054 attachment 186678 [details] into SM 1.1.12 under Linux or Windows:
* "before" alert pops up
* SM crashes
Stack, according to gdb under Linux:
Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 0xf275fb90 (LWP 23265)]
0xf7e04b91 in js_ComputeFilename () from ./libmozjs.so
(gdb) bt
#0 0xf7e04b91 in js_ComputeFilename () from ./libmozjs.so
#1 0xf7e04dcc in ?? () from ./libmozjs.so
#2 0xf7dec663 in js_Invoke () from ./libmozjs.so
#3 0xf7df1a9a in js_Interpret () from ./libmozjs.so
#4 0xf7ded0ae in js_Execute () from ./libmozjs.so
#5 0xf7dc2fa6 in JS_EvaluateUCScriptForPrincipals () from ./libmozjs.so
#6 0xf7dc2f24 in JS_EvaluateUCScript () from ./libmozjs.so
#7 0xf7dc2e56 in JS_EvaluateScript () from ./libmozjs.so
#8 0xf4650d04 in ?? () from /xxx/bin/mozilla/seamonkey/1.1.12/seamonkey/components/libxpinstall.so
#9 0xf7d911ca in ?? () from ./libnspr4.so
#10 0xf7d3d4fb in start_thread () from /lib32/libpthread.so.0
#11 0xf757809e in clone () from /lib32/libc.so.6
|
||
Comment 1•16 years ago
|
||
According to a newsgroup reply by Karsten in <news://news.mozdev.org:119/public.mozdev.mnenhy> (thread subject: Cannot Install Mnenhy Under SeaMonkey 1.1.12; reply date: 29 Sep), this causes SeaMonkey 1.1.12 to crash when attempting to install Mnenhy.
As implied by Karsten's Description, this is a regression bug that first appeared in 1.1.12. As such, it should be fixed in the next security/stability release and not put off until SeaMonkey 2.
|
Reporter | |
Updated•16 years ago
|
Flags: blocking1.8.1.18?
|
||
Comment 2•16 years ago
|
||
I don't suppose you can get a narrower regression range?
Flags: wanted1.8.1.x+
Flags: blocking1.8.1.18?
Flags: blocking1.8.1.18+
|
||
Updated•16 years ago
|
Keywords: regressionwindow-wanted
|
|
Reporter | |
Comment 3•16 years ago
|
||
Using nightlies from <http://ftp.mozilla.org/pub/mozilla.org/seamonkey/nightly/2008/07/>, I get this regression window:
nightly 2008-07-15 is okay
nightly 2008-07-16 is broken
The only non-calendar checkin in this (<http://bonsai.mozilla.org/cvsquery.cgi?treeid=default&module=all&branch=MOZILLA_1_8_BRANCH&branchtype=match&dir=&file=&filetype=match&who=&whotype=match&sortby=Date&hours=2&date=explicit&mindate=2008-07-15+00%3A00%3A00&maxdate=2008-07-17+00%3A00%3A00&cvsroot=%2Fcvsroot>) is bug 419848.
|
|
Reporter | |
Updated•16 years ago
|
Keywords: regressionwindow-wanted
|
||
Comment 5•16 years ago
|
||
Already did! I just attached 1.8 and 1.9 versions of the fix for this bug.
Status: NEW → RESOLVED
Closed: 16 years ago
Resolution: --- → DUPLICATE
|
|
||
Updated•16 years ago
|
Whiteboard: [fixed by 452295]
|
|
||
Updated•16 years ago
|
Keywords: fixed1.8.1.18,
fixed1.9.0.4
|
Assignee | |
Updated•9 years ago
|
Product: Core → Core Graveyard
You need to log in
before you can comment on or make changes to this bug.
Description
•