Closed
Bug 592918
Opened 14 years ago
Closed 14 years ago
TM:set right compartment in nsXBLDocGlobalObject::EnsureScriptEnvironment
Categories
(Core :: JavaScript Engine, defect)
Tracking
()
RESOLVED
FIXED
People
(Reporter: gwagner, Assigned: gal)
References
Details
(Whiteboard: fixed-in-tracemonkey)
Attachments
(2 files, 1 obsolete file)
|
(deleted),
text/plain
|
Details | |
|
(deleted),
patch
|
gal
:
review+
|
Details | Diff | Splinter Review |
We are getting closer to a complete startup!
|
Reporter | |
Comment 1•14 years ago
|
||
|
Assignee | |
Comment 2•14 years ago
|
||
Assignee: general → gal
|
||
Updated•14 years ago
|
Attachment #471376 -
Flags: review+
|
|
Assignee | |
Comment 3•14 years ago
|
||
gregor, please test & tryserver
|
|
Reporter | |
Comment 4•14 years ago
|
||
There is another assertion with that patch:
Program received signal EXC_BAD_ACCESS, Could not access memory.
Reason: KERN_INVALID_ADDRESS at address: 0x0000000000000008
0x0000000100e76d78 in JSObject::getClass (this=0x0) at jsobj.h:361
361 js::Class *getClass() const { return clasp; }
(gdb) bt
#0 0x0000000100e76d78 in JSObject::getClass (this=0x0) at jsobj.h:361
#1 0x00000001011041d1 in JSObject::setPrivate (this=0x0, data=0x12111faa0) at jsobj.h:658
#2 0x0000000101775430 in JS_SetPrivate (cx=0x12111a480, obj=0x0, data=0x12111faa0) at /Users/idefix2/moz/ws1/js/src/jsapi.cpp:2803
#3 0x00000001008b67b3 in nsXBLDocGlobalObject::EnsureScriptEnvironment (this=0x12111faa0, aLangID=2) at /Users/idefix2/moz/ws1/content/xbl/src/nsXBLDocumentInfo.cpp:343
#4 0x00000001008b6288 in nsXBLDocGlobalObject::GetContext (this=0x12111faa0) at /Users/idefix2/moz/ws1/content/xbl/src/nsXBLDocumentInfo.cpp:354
#5 0x00000001008bf3ff in nsXBLProtoImpl::CompilePrototypeMembers (this=0x12111c5e0, aBinding=0x12111c460) at /Users/idefix2/moz/ws1/content/xbl/src/nsXBLProtoImpl.cpp:165
#6 0x00000001008bf5e2 in nsXBLProtoImpl::InitTargetObjects (this=0x12111c5e0, aBinding=0x12111c460, aContext=0x11a43ee60, aBoundElement=0x120f2f590, aScriptObjectHolder=0x7fff5fbfcad0, aTargetClassObject=0x7fff5fbfcac8) at /Users/idefix2/moz/ws1/content/xbl/src/nsXBLProtoImpl.cpp:111
#7 0x00000001008bf95c in nsXBLProtoImpl::InstallImplementation (this=0x12111c5e0, aBinding=0x12111c460, aBoundElement=0x120f2f590) at /Users/idefix2/moz/ws1/content/xbl/src/nsXBLProtoImpl.cpp:79
#8 0x00000001008afcb4 in nsXBLPrototypeBinding::InstallImplementation (this=0x12111c460, aBoundElement=0x120f2f590) at /Users/idefix2/moz/ws1/content/xbl/src/nsXBLPrototypeBinding.cpp:539
#9 0x00000001008aa203 in nsXBLBinding::InstallImplementation (this=0x12111f9a0) at /Users/idefix2/moz/ws1/content/xbl/src/nsXBLBinding.cpp:940
#10 0x00000001008ca62a in nsXBLService::LoadBindings (this=0x117959520, aContent=0x120f2f590, aURL=0x10611ff90, aOriginPrincipal=0x106122ac0, aAugmentFlag=0, aBinding=0x7fff5fbfd000, aResolveStyle=0x7fff5fbfd098) at /Users/idefix2/moz/ws1/content/xbl/src/nsXBLService.cpp:646
#11 0x00000001002cbcdb in nsCSSFrameConstructor::ConstructDocElementFrame (this=0x120f2c4c0, aDocElement=0x120f2f590, aFrameState=0x0, aNewFrame=0x7fff5fbfd260) at /Users/idefix2/moz/ws1/layout/base/nsCSSFrameConstructor.cpp:2343
#12 0x00000001002ccb10 in nsCSSFrameConstructor::ContentRangeInserted (this=0x120f2c4c0, aContainer=0x0, aStartChild=0x120f2f590, aEndChild=0x0, aFrameState=0x0, aAllowLazyConstruction=0) at /Users/idefix2/moz/ws1/layout/base/nsCSSFrameConstructor.cpp:6858
#13 0x00000001002cdcc7 in nsCSSFrameConstructor::ContentInserted (this=0x120f2c4c0, aContainer=0x0, aChild=0x120f2f590, aFrameState=0x0, aAllowLazyConstruction=0) at /Users/idefix2/moz/ws1/layout/base/nsCSSFrameConstructor.cpp:6757
#14 0x0000000100346fd4 in PresShell::InitialReflow (this=0x120f2bd20, aWidth=0, aHeight=0) at /Users/idefix2/moz/ws1/layout/base/nsPresShell.cpp:2645
#15 0x00000001008e3080 in nsXULDocument::StartLayout (this=0x107313000) at /Users/idefix2/moz/ws1/content/xul/document/src/nsXULDocument.cpp:2016
#16 0x00000001008e3451 in nsXULDocument::DoneWalking (this=0x107313000) at /Users/idefix2/moz/ws1/content/xul/document/src/nsXULDocument.cpp:3166
#17 0x00000001008ec562 in nsXULDocument::ResumeWalk (this=0x107313000) at /Users/idefix2/moz/ws1/content/xul/document/src/nsXULDocument.cpp:3115
#18 0x00000001008ecd91 in nsXULDocument::OnStreamComplete (this=0x10718b400, aLoader=0x1216a1570, context=0x0, aStatus=0, stringLen=57442, string=0x10756d600 "/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */\n/* ***** BEGIN LICENSE BLOCK *****\n * Version: MPL 1.1/GPL 2.0/LGPL 2.1\n *\n * The contents of this file are subject to t"...) at /Users/idefix2/moz/ws1/content/xul/document/src/nsXULDocument.cpp:3596
#19 0x00000001000bb98e in nsStreamLoader::OnStopRequest (this=0x1216a1570, request=0x1216a1700, ctxt=0x0, aStatus=0) at /Users/idefix2/moz/ws1/netwerk/base/src/nsStreamLoader.cpp:125
#20 0x0000000100071c3f in nsBaseChannel::OnStopRequest (this=0x1216a16b0, request=0x1216a13d0, ctxt=0x0, status=0) at /Users/idefix2/moz/ws1/netwerk/base/src/nsBaseChannel.cpp:727
#21 0x0000000100084c34 in nsInputStreamPump::OnStateStop (this=0x1216a13d0) at /Users/idefix2/moz/ws1/netwerk/base/src/nsInputStreamPump.cpp:578
#22 0x0000000100084d52 in nsInputStreamPump::OnInputStreamReady (this=0x1216a13d0, stream=0x1216a1d18) at /Users/idefix2/moz/ws1/netwerk/base/src/nsInputStreamPump.cpp:403
#23 0x000000010157a4e1 in nsInputStreamReadyEvent::Run (this=0x12169cfb0) at /Users/idefix2/moz/ws1/xpcom/io/nsStreamUtils.cpp:112
#24 0x00000001015a7078 in nsThread::ProcessNextEvent (this=0x10560ac30, mayWait=0, result=0x7fff5fbfdb44) at /Users/idefix2/moz/ws1/xpcom/threads/nsThread.cpp:547
#25 0x000000010152fe79 in NS_ProcessPendingEvents_P (thread=0x10560ac30, timeout=20) at nsThreadUtils.cpp:200
#26 0x0000000101311938 in nsBaseAppShell::NativeEventCallback (this=0x10641aad0) at /Users/idefix2/moz/ws1/widget/src/xpwidgets/nsBaseAppShell.cpp:126
#27 0x00000001012c912e in nsAppShell::ProcessGeckoEvents (aInfo=0x10641aad0) at /Users/idefix2/moz/ws1/widget/src/cocoa/nsAppShell.mm:394
#28 0x00007fff866d2e91 in __CFRunLoopDoSources0 ()
#29 0x00007fff866d1089 in __CFRunLoopRun ()
#30 0x00007fff866d084f in CFRunLoopRunSpecific ()
#31 0x00007fff84c7f91a in RunCurrentEventLoopInMode ()
#32 0x00007fff84c7f67d in ReceiveNextEventCommon ()
#33 0x00007fff84c7f5d8 in BlockUntilNextEventMatchingListInMode ()
#34 0x00007fff877da29e in _DPSNextEvent ()
#35 0x00007fff877d9bed in -[NSApplication nextEventMatchingMask:untilDate:inMode:dequeue:] ()
#36 0x00007fff8779f8d3 in -[NSApplication run] ()
#37 0x00000001012c8a4c in nsAppShell::Run (this=0x10641aad0) at /Users/idefix2/moz/ws1/widget/src/cocoa/nsAppShell.mm:747
#38 0x0000000101039f58 in nsAppStartup::Run (this=0x105652410) at /Users/idefix2/moz/ws1/toolkit/components/startup/src/nsAppStartup.cpp:191
#39 0x000000010002eb50 in XRE_main (argc=1, argv=0x7fff5fbff8b8, aAppData=0x105615ec0) at /Users/idefix2/moz/ws1/toolkit/xre/nsAppRunner.cpp:3662
#40 0x0000000100001297 in main (argc=1, argv=0x7fff5fbff8b8) at /Users/idefix2/moz/ws1/browser/app/nsBrowserApp.cpp:158
|
|
Reporter | |
Comment 5•14 years ago
|
||
With the real global object.
Attachment #471376 -
Attachment is obsolete: true
Attachment #471386 -
Flags: review?(mrbkap)
|
|
Assignee | |
Updated•14 years ago
|
Attachment #471386 -
Flags: review?(mrbkap) → review+
|
|
Reporter | |
Comment 6•14 years ago
|
||
http://hg.mozilla.org/tracemonkey/rev/635252c89fc6
Sorry I got the patch description wrong.
Whiteboard: fixed-in-tracemonkey
|
||
Comment 7•14 years ago
|
||
Status: NEW → RESOLVED
Closed: 14 years ago
Resolution: --- → FIXED
You need to log in
before you can comment on or make changes to this bug.
Description
•