Closed Bug 899402 Opened 11 years ago Closed 9 years ago

runtime error: member call on null pointer of type 'js::ion::IonJSFrameLayout'

Tracking

()

Status:

RESOLVED DUPLICATE of bug 1165904

People

(Reporter: yeukhon, Unassigned)

References

Details

(Keywords: regression, Whiteboard: [-fsanitize=null])

Attachments

(1 file)

stack_ionframe.txt 11 years ago Yeuk Hon Wong 8.99 KB, text/plain		Details

Yeuk Hon Wong

Reporter

Description

•

11 years ago

Attached file stack_ionframe.txt — Details

This is the bug following https://bugzilla.mozilla.org/show_bug.cgi?id=899399.

The full stack trace can be seen from that bug ticket, but I am attaching the subset (the relevant) here.

Yeuk Hon Wong

Reporter

Updated

•

11 years ago

Blocks: 899404

Yeuk Hon Wong

Reporter

Updated

•

11 years ago

Whiteboard: [-fsanitize=null] → [-fsanitize=undefined]

Jesse Ruderman

Updated

•

11 years ago

Whiteboard: [-fsanitize=undefined] → [-fsanitize=null]

Jesse Ruderman

Updated

•

11 years ago

Summary: runtime error: member call on null point er of type 'js::ion::IonJSFrameLayout' → runtime error: member call on null pointer of type 'js::ion::IonJSFrameLayout'

Jesse Ruderman

Updated

•

11 years ago

No longer depends on: 899399

Jesse Ruderman

Comment 1

•

11 years ago

../ion/shared/IonFrames-x86-shared.h:72:42: runtime error: member call on null pointer of type 'js::ion::IonJSFrameLayout'

Jesse Ruderman

Comment 2

•

11 years ago

This code so obviously wrong I'm surprised none of our compilers optimize the entire function into __builtin_unreachable.

Introduced:    http://hg.mozilla.org/mozilla-central/rev/b02a7b214e49#l12.12
Spread:        http://hg.mozilla.org/mozilla-central/rev/fd94cdea9dad

Blocks: 735406
No longer blocks: 899404

Keywords: regression

Nicolas B. Pierron [:nbp]

Comment 3

•

11 years ago

(In reply to Jesse Ruderman from comment #2)
> This code so obviously wrong I'm surprised none of our compilers optimize
> the entire function into __builtin_unreachable.

Because this is a well supported undefined behavior.
and so this is not critical at all unless somebody want to change the value of the constant NULL.

Nobody; OK to take it and work on it

Assignee

Updated

•

10 years ago

Assignee: general → nobody

Jan de Mooij [:jandem]

Updated

•

9 years ago

Status: NEW → RESOLVED

Closed: 9 years ago

Resolution: --- → DUPLICATE

You need to log in before you can comment on or make changes to this bug.

Bugzilla

Quick Search

runtime error: member call on null pointer of type 'js::ion::IonJSFrameLayout'

Categories

(Core :: JavaScript Engine, defect)

Tracking

()

People

(Reporter: yeukhon, Unassigned)

References

Details

(Keywords: regression, Whiteboard: [-fsanitize=null])

Crash Data

Security

(public)

User Story

Attachments

(1 file)

Description

Updated

Updated

Updated

Updated

Updated

Comment 1

Comment 2

Comment 3

Updated

Updated

Attachment

General

Description

File Name

Content Type