Closed Bug 326005 Opened 19 years ago Closed 19 years ago

Crash when embedding Release version (but not Debug version)

Categories

(Core :: JavaScript Engine, defect)

Product:
Core
Component:
JavaScript Engine
Platform:
x86
Windows XP
Type:
defect
Priority:
Not set
Severity:
critical

Tracking

()

Status:
VERIFIED DUPLICATE of bug 151066

People

(Reporter: peebrainx, Unassigned)

References

(
URL
)

Details

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.1) Gecko/20060111 Firefox/1.5.0.1 Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.1) Gecko/20060111 Firefox/1.5.0.1 I am embedding SpiderMonkey into my own MSVC++6.0 project. Using the Debug .dll works fine, but when I switch over to the Release .dll, it crashes. As a note, I have modified the SpiderMonkey source to output the function js_PCToLineNumber to the .dll, so I could call it, but that's the only modification I've made. I traced the bug to jsparse.c, line 2184: if (currentGetter == js_GetLocalVariable && atom != cx->runtime->atomState.argumentsAtom && fp->scopeChain == obj && !js_InWithStatement(tc)) { if (!js_AddNativeProperty(cx, obj, (jsid)atom, currentGetter, currentSetter, SPROP_INVALID_SLOT, pn2->pn_attrs | JSPROP_SHARED, SPROP_HAS_SHORTID, fun->nvars)) { ok = JS_FALSE; } fun->nvars++; } It seems in the Release version, the above condition returns TRUE, which causes the function below to execute. The problem is that the variable fun is NULL. So fun->nvars forces a crash. A simple fix is to include "&& fun" in the conditional - although I'm not sure if that is the CORRECT solution. You can download the program at: http://pbwhere.com/JSWin-crash.zip The Debug version will run correctly (if you have the debug version of MFC). The Release version will crash. The source is included. Reproducible: Always Steps to Reproduce: 1. Run the program JSWin-crash.zip/JSWin/Release/JSWin.exe Actual Results: Crash Expected Results: No crash
Sean, where does js32.dll come from (i.e., how are you building it?). At first blush, it seems that you're running into bug 151066, where a bug in the MSVC optimizer causes otherwise fine code to crash. Can you see if adding -OPT:NOICF to your linker flags when compiling SpiderMonkey fixes this crash for you?
That worked - I added: /opt:ref /opt:noicf And it fixed the problem. Thank you - sorry for the trouble. ~Sean *** This bug has been marked as a duplicate of 151066 ***
Status: UNCONFIRMED → RESOLVED
Closed: 19 years ago
Resolution: --- → DUPLICATE
The release notes warn about this in red text in a red-bordered box. Maybe we should use the blink tag? ;-) /be
Status: RESOLVED → VERIFIED
You need to log in before you can comment on or make changes to this bug.