Closed
Bug 883826
Opened 11 years ago
Closed 1 year ago
Assertion failure: !bce->script->noScriptRval, at js/src/frontend/BytecodeEmitter.cpp:4874
Categories
(Core :: JavaScript Engine, defect)
Core
JavaScript Engine
Tracking
()
RESOLVED
WORKSFORME
People
(Reporter: Yoric, Unassigned)
References
Details
(Keywords: crash, Whiteboard: qa-not-actionable)
Attachments
(2 files)
2.21 KB,
patch
|
Details | Diff | Splinter Review | |
1.49 KB,
application/x-gzip
|
Details |
Trying to perform a |new Function()| call in a chrome worker seems to crash down everything.
Reporter | ||
Comment 1•11 years ago
|
||
Ohoh. (almost) same sample crashes web code. Making confidential/critical.
Group: mozilla-corporation-confidential
Severity: major → critical
Reporter | ||
Comment 2•11 years ago
|
||
Here's the relevant stack: Thread 41 Crashed:: DOM Worker 0 XUL 0x000000010574ce64 JSScript::fullyInitFromEmitter(JSContext*, JS::Handle<JSScript*>, js::frontend::BytecodeEmitter*) + 2708 1 XUL 0x000000010534f425 js::frontend::EmitFunctionScript(JSContext*, js::frontend::BytecodeEmitter*, js::frontend::ParseNode*) + 1093 2 XUL 0x0000000105344bde js::frontend::CompileFunctionBody(JSContext*, JS::MutableHandle<JSFunction*>, JS::CompileOptions, js::AutoNameVector const&, unsigned short const*, unsigned long, bool) + 3326 3 XUL 0x00000001056242a3 js::Function(JSContext*, unsigned int, JS::Value*) + 3619 4 XUL 0x00000001053deb1d js::CallJSNative(JSContext*, int (*)(JSContext*, unsigned int, JS::Value*), JS::CallArgs const&) + 173 5 XUL 0x00000001053dedcf js::CallJSNativeConstructor(JSContext*, int (*)(JSContext*, unsigned int, JS::Value*), JS::CallArgs const&) + 207 6 XUL 0x00000001053d31c3 js::InvokeConstructor(JSContext*, JS::CallArgs) + 499 7 XUL 0x00000001053ccc0a _ZL9InterpretP9JSContextPN2js10StackFrameE + 24154 8 XUL 0x00000001053c6c94 js::RunScript(JSContext*, js::StackFrame*) + 1316 9 XUL 0x00000001053d398a js::ExecuteKernel(JSContext*, JS::Handle<JSScript*>, JSObject&, JS::Value const&, js::ExecuteType, js::AbstractFramePtr, JS::Value*) + 794 10 XUL 0x00000001053d3cb4 js::Execute(JSContext*, JS::Handle<JSScript*>, JSObject&, JS::Value*) + 660 11 XUL 0x0000000105571ef5 JS::Evaluate(JSContext*, JS::Handle<JSObject*>, JS::CompileOptions, unsigned short const*, unsigned long, JS::Value*) + 1093 12 XUL 0x0000000102b5f22b (anonymous namespace)::ScriptExecutorRunnable::WorkerRun(JSContext*, mozilla::dom::workers::WorkerPrivate*) + 1179 (ScriptLoader.cpp:661) 13 XUL 0x0000000102b66e08 mozilla::dom::workers::WorkerRunnable::Run() + 648 (WorkerPrivate.cpp:1678) 14 XUL 0x0000000102b6d34d mozilla::dom::workers::WorkerPrivate::RunSyncLoop(JSContext*, unsigned int) + 413 (WorkerPrivate.cpp:3567) 15 XUL 0x0000000102b5a3f5 mozilla::dom::workers::AutoSyncLoopHolder::RunAndForget(JSContext*) + 53 (WorkerPrivate.h:1016) 16 XUL 0x0000000102b5c3b0 (anonymous namespace)::LoadAllScripts(JSContext*, mozilla::dom::workers::WorkerPrivate*, nsTArray<(anonymous namespace)::ScriptLoadInfo>&, bool) + 576 (ScriptLoader.cpp:718) 17 XUL 0x0000000102b5c101 mozilla::dom::workers::scriptloader::LoadWorkerScript(JSContext*) + 161 (ScriptLoader.cpp:909) 18 XUL 0x0000000102b77688 (anonymous namespace)::CompileScriptRunnable::WorkerRun(JSContext*, mozilla::dom::workers::WorkerPrivate*) + 200 (WorkerPrivate.cpp:706) 19 XUL 0x0000000102b66e08 mozilla::dom::workers::WorkerRunnable::Run() + 648 (WorkerPrivate.cpp:1678) 20 XUL 0x0000000102b69898 mozilla::dom::workers::WorkerPrivate::DoRunLoop(JSContext*) + 1448 (WorkerPrivate.cpp:2863) 21 XUL 0x0000000102b5570e (anonymous namespace)::WorkerThreadRunnable::Run() + 238 (RuntimeService.cpp:876) 22 XUL 0x0000000104341326 nsThread::ProcessNextEvent(bool, bool*) + 1654 (nsThread.cpp:627) 23 XUL 0x00000001042a19a9 NS_ProcessNextEvent(nsIThread*, bool) + 169 (nsThreadUtils.cpp:238) 24 XUL 0x000000010433fd17 nsThread::ThreadFunc(void*) + 295 (nsThread.cpp:264) 25 libnss3.dylib 0x00000001012376e5 _pt_root + 357 26 libsystem_c.dylib 0x00007fff9a3558bf _pthread_start + 335 27 libsystem_c.dylib 0x00007fff9a358b75 thread_start + 13
Reporter | ||
Updated•11 years ago
|
Group: mozilla-corporation-confidential
Assignee | ||
Updated•10 years ago
|
Assignee: general → nobody
Updated•3 years ago
|
Whiteboard: qa-not-actionable
Updated•2 years ago
|
Severity: critical → S2
Updated•1 year ago
|
Status: NEW → RESOLVED
Closed: 1 year ago
Resolution: --- → WORKSFORME
You need to log in
before you can comment on or make changes to this bug.
Description
•