Closed Bug 572495 Opened 15 years ago Closed 15 years ago

TM: Compute 'this' in the Call objectop

Categories

(Core :: JavaScript Engine, defect)

Product:
Core
Component:
JavaScript Engine
Version:
Other Branch
Platform:
x86
macOS
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED FIXED

People

(Reporter: gal, Assigned: gal)

References

Details

(Whiteboard: fixed-in-tracemonkey)

Attachments

(1 file)

patch
13.57 KB, patch
jorendorff
: review+
Details | Diff | Splinter Review
Non-native wrappers can't distinguish between f() and global.f(). If we compute this in the hook, we should be able to capture the pre-compute-this-value-of-this and thus tell the difference.
Attached patch patchSplinter Review
Assignee: general → gal
Comment on attachment 451672 [details] [diff] [review] patch Nit: undo this change: > /* Ensure that we have a scope chain. */ >- if (!fp->scopeChain) >+ if (!fp->scopeChain) { > fp->scopeChain = parent; >+ }
Attachment #451672 - Flags: review+
http://hg.mozilla.org/tracemonkey/rev/fe9b9fcb23df
Whiteboard: fixed-in-tracemonkey
0.0.0 Linux 2.6.18-8.el5PAE #1 SMP Thu Mar 15 20:29:51 EDT 2007 i686 CPU: x86 GenuineIntel family 6 model 30 stepping 5 1 CPU Crash reason: SIGSEGV Crash address: 0x4 Thread 0 (crashed) 0 libxul.so!JSObject::getClass [jsobj.h : 270 + 0x3] eip = 0x016c1260 esp = 0xbfdd9ed8 ebp = 0xbfdd9ed8 ebx = 0x0298ce30 esi = 0xb5d5b11c edi = 0x00000016 eax = 0x00000000 ecx = 0x016a34f8 edx = 0x00000000 efl = 0x00010216 Found by: given as instruction pointer in context 1 libxul.so!XPCWrapper::UnwrapGeneric [XPCWrapper.h:34c09a36a4d8 : 348 + 0xa] eip = 0x01af654d esp = 0xbfdd9ee0 ebp = 0xbfdd9f08 ebx = 0x0298ce30 esi = 0xb5d5b11c edi = 0x00000016 Found by: call frame info 2 libxul.so!GetWrappedObject [XPCCrossOriginWrapper.cpp:34c09a36a4d8 : 142 + 0x1b] eip = 0x01b0d8b4 esp = 0xbfdd9f10 ebp = 0xbfdd9f28 ebx = 0x0298ce30 esi = 0xb5d5b11c edi = 0x00000016 Found by: call frame info 3 libxul.so!XPC_XOW_Call [XPCCrossOriginWrapper.cpp:34c09a36a4d8 : 1086 + 0xa] eip = 0x01b0f6a0 esp = 0xbfdd9f30 ebp = 0xbfdd9f68 ebx = 0x0298ce30 esi = 0xb5d5b11c edi = 0x00000016 Found by: call frame info 4 libmozjs.so!js_Call [jsobj.cpp:34c09a36a4d8 : 5614 + 0x29] eip = 0x0063abba esp = 0xbfdd9f70 ebp = 0xbfdd9f98 ebx = 0x007b6dd4 esi = 0xb5d5b11c edi = 0x00000016 Found by: call frame info 5 libmozjs.so!Invoke [jsinterp.cpp:34c09a36a4d8 : 551 + 0x2f] eip = 0x00626890 esp = 0xbfdd9fa0 ebp = 0xbfdda048 ebx = 0x007b6dd4 esi = 0xb5d5b11c edi = 0x00000016 Found by: call frame info 6 libmozjs.so!js_Invoke [jsinterp.cpp:34c09a36a4d8 : 678 + 0x2f] eip = 0x00627067 esp = 0xbfdda050 ebp = 0xbfdda0a8 ebx = 0x007b6dd4 esi = 0xb5d5b11c edi = 0x00000016 Found by: call frame info 7 libmozjs.so!js_Interpret [jsops.cpp:34c09a36a4d8 : 2156 + 0x3e] eip = 0x00613c28 esp = 0xbfdda0b0 ebp = 0xbfdda708 ebx = 0x007b6dd4 esi = 0xb5d5b11c edi = 0x00000016 Found by: call frame info 8 libmozjs.so!js_Execute [jsinterp.cpp:34c09a36a4d8 : 855 + 0xa] eip = 0x0062618a esp = 0xbfdda710 ebp = 0xbfdda798 ebx = 0x007b6dd4 esi = 0x00000000 edi = 0x00000016 Found by: call frame info 9 libmozjs.so!obj_eval [jsobj.cpp:34c09a36a4d8 : 1353 + 0x5b] eip = 0x00647762 esp = 0xbfdda7a0 ebp = 0xbfdda878 ebx = 0x007b6dd4 esi = 0x00000042 edi = 0x00000016 Found by: call frame info 10 libmozjs.so!js_Interpret [jsops.cpp:34c09a36a4d8 : 2146 + 0x26] eip = 0x00613ab1 esp = 0xbfdda880 ebp = 0xbfddaed8 ebx = 0x007b6dd4 esi = 0x00000012 edi = 0xb16d4c40 Found by: call frame info 11 libmozjs.so!js_Execute [jsinterp.cpp:34c09a36a4d8 : 855 + 0xa] eip = 0x0062618a esp = 0xbfddaee0 ebp = 0xbfddaf68 ebx = 0x007b6dd4 esi = 0x00000008 edi = 0xb16d4c40 Found by: call frame info 12 libmozjs.so!JS_EvaluateUCScriptForPrincipals [jsapi.cpp:34c09a36a4d8 : 4657 + 0x2f] eip = 0x00580ec2 esp = 0xbfddaf70 ebp = 0xbfddafc8 ebx = 0x007b6dd4 esi = 0x000009a7 edi = 0xb16d4c40 Found by: call frame info 13 libxul.so!nsJSContext::EvaluateString [nsJSEnvironment.cpp:34c09a36a4d8 : 1779 + 0x73] eip = 0x016479d7 esp = 0xbfddafd0 ebp = 0xbfddb098 ebx = 0x0298ce30 esi = 0x000009a7 edi = 0xb16d4c40 Found by: call frame info 14 libxul.so!nsScriptLoader::EvaluateScript [nsScriptLoader.cpp:34c09a36a4d8 : 752 + 0xbc] eip = 0x013e72ab esp = 0xbfddb0a0 ebp = 0xbfddb188 ebx = 0x0298ce30 esi = 0x090a3858 edi = 0x016475d6 Found by: call frame info 15 libxul.so!nsScriptLoader::ProcessRequest [nsScriptLoader.cpp:34c09a36a4d8 : 665 + 0x18] eip = 0x013e7569 esp = 0xbfddb190 ebp = 0xbfddb258 ebx = 0x0298ce30 esi = 0xb0388c28 edi = 0x000009a7 Found by: call frame info 16 libxul.so!nsScriptLoader::ProcessPendingRequests [nsScriptLoader.cpp:34c09a36a4d8 : 825 + 0x19] eip = 0x013e774f esp = 0xbfddb260 ebp = 0xbfddb288 ebx = 0x0298ce30 esi = 0xb0388c28 edi = 0x000009a7 Found by: call frame info 17 libxul.so!nsScriptLoader::OnStreamComplete [nsScriptLoader.cpp:34c09a36a4d8 : 1013 + 0xa] eip = 0x013e7a4d esp = 0xbfddb290 ebp = 0xbfddb2c8 ebx = 0x0298ce30 esi = 0xb0388c28 edi = 0x000009a7 Found by: call frame info 18 libxul.so!nsStreamLoader::OnStopRequest [nsStreamLoader.cpp:34c09a36a4d8 : 125 + 0x5c] eip = 0x00e3d1c7 esp = 0xbfddb2d0 ebp = 0xbfddb308 ebx = 0x0298ce30 esi = 0xb0388c28 edi = 0x000009a7 Found by: call frame info 19 libxul.so!nsBaseChannel::OnStopRequest [nsBaseChannel.cpp:34c09a36a4d8 : 704 + 0x4a] eip = 0x00df2f6f esp = 0xbfddb310 ebp = 0xbfddb338 ebx = 0x0298ce30 esi = 0x00000000 edi = 0xacd23f80 Found by: call frame info 20 libxul.so!nsInputStreamPump::OnStateStop [nsInputStreamPump.cpp:34c09a36a4d8 : 578 + 0x42] eip = 0x00e07065 esp = 0xbfddb340 ebp = 0xbfddb368 ebx = 0x0298ce30 esi = 0xb03596dc edi = 0x00000000 Found by: call frame info 21 libxul.so!nsInputStreamPump::OnInputStreamReady [nsInputStreamPump.cpp:34c09a36a4d8 : 403 + 0xa] eip = 0x00e0718d esp = 0xbfddb370 ebp = 0xbfddb3a8 ebx = 0x0298ce30 esi = 0xaefea214 edi = 0x00e070ea Found by: call frame info 22 libxul.so!nsInputStreamReadyEvent::Run [nsStreamUtils.cpp:34c09a36a4d8 : 112 + 0x2d] eip = 0x021a6c66 esp = 0xbfddb3b0 ebp = 0xbfddb3c8 ebx = 0x0298ce30 esi = 0xaefea214 edi = 0x00e070ea Found by: call frame info 23 libxul.so!nsThread::ProcessNextEvent [nsThread.cpp:34c09a36a4d8 : 547 + 0x18] eip = 0x021d1da7 esp = 0xbfddb3d0 ebp = 0xbfddb438 ebx = 0x0298ce30 esi = 0x08d5aa14 edi = 0x0201051c Found by: call frame info 24 libxul.so!NS_ProcessNextEvent_P [nsThreadUtils.cpp : 250 + 0x1f] eip = 0x02164a94 esp = 0xbfddb440 ebp = 0xbfddb478 ebx = 0x0298ce30 esi = 0x00000001 edi = 0x0201051c Found by: call frame info 25 libxul.so!mozilla::ipc::MessagePump::Run [MessagePump.cpp:34c09a36a4d8 : 118 + 0x15] eip = 0x020899d6 esp = 0xbfddb480 ebp = 0xbfddb4c8 ebx = 0x0298ce30 esi = 0x00000001 edi = 0x0201051c Found by: call frame info 26 libxul.so!MessageLoop::RunInternal [message_loop.cc:34c09a36a4d8 : 216 + 0x22] eip = 0x0224a337 esp = 0xbfddb4d0 ebp = 0xbfddb4f8 ebx = 0x0298ce30 esi = 0x08a88f70 edi = 0x0201051c Found by: call frame info 27 libxul.so!MessageLoop::RunHandler [message_loop.cc:34c09a36a4d8 : 199 + 0xa] eip = 0x0224a34f esp = 0xbfddb500 ebp = 0xbfddb508 ebx = 0x0298ce30 esi = 0x08a88f70 edi = 0x0201051c Found by: call frame info 28 libxul.so!MessageLoop::Run [message_loop.cc:34c09a36a4d8 : 173 + 0xa] eip = 0x0224a3b3 esp = 0xbfddb510 ebp = 0xbfddb528 ebx = 0x0298ce30 esi = 0x08a88f70 edi = 0x0201051c Found by: call frame info 29 libxul.so!nsBaseAppShell::Run [nsBaseAppShell.cpp:34c09a36a4d8 : 175 + 0xc] eip = 0x01f33084 esp = 0xbfddb530 ebp = 0xbfddb568 ebx = 0x0298ce30 esi = 0x08a88f70 edi = 0x0201051c Found by: call frame info 30 libxul.so!nsAppStartup::Run [nsAppStartup.cpp:34c09a36a4d8 : 192 + 0x1b] eip = 0x01c9a745 esp = 0xbfddb570 ebp = 0xbfddb5a8 ebx = 0x0298ce30 esi = 0x08a88f70 edi = 0x0201051c Found by: call frame info 31 libxul.so!XRE_main [nsAppRunner.cpp:34c09a36a4d8 : 3628 + 0x1b] eip = 0x00dbc28a esp = 0xbfddb5b0 ebp = 0xbfddbb28 ebx = 0x0298ce30 esi = 0x08a88f70 edi = 0x0201051c Found by: call frame info 32 firefox-bin!main [nsBrowserApp.cpp:34c09a36a4d8 : 158 + 0x1d] eip = 0x08048e42 esp = 0xbfddbb30 ebp = 0xbfddbb98 ebx = 0x0804bafc esi = 0x085d4ec8 edi = 0x021bc018 Found by: call frame info 33 libc-2.5.so + 0x15deb eip = 0x060e8dec esp = 0xbfddbbb0 ebp = 0xbfddbc08 ebx = 0x0620bff4 esi = 0x00998ca0 edi = 0x00000000 Found by: call frame info 34 firefox-bin + 0x9f0 eip = 0x080489f1 esp = 0xbfddbc10 ebp = 0x00000000 Found by: previous frame's frame pointer 35 firefox-bin!Output [nsBrowserApp.cpp:34c09a36a4d8 : 77 + 0x5] eip = 0x08048b42 esp = 0xbfddbc14 ebp = 0x00000000 Found by: stack scanning 36 ld-2.5.so + 0xe2cf eip = 0x0098d2d0 esp = 0xbfddbc28 ebp = 0x00000000 Found by: stack scanning 37 ld-2.5.so + 0x1688a eip = 0x0099588b esp = 0xbfddbc30 ebp = 0x00000000 Found by: stack scanning
Looks like we are getting a NULL object here. How can that be after the getThisObject hook?
Depends on: 572774
http://hg.mozilla.org/mozilla-central/rev/fe9b9fcb23df
Status: NEW → RESOLVED
Closed: 15 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: