Subj : Re: automatic variable that holds JSAtom* in JS_DefineFunction() To : itaj sherman From : Brendan Eich Date : Wed Mar 12 2003 09:06 am > > >i'm not sure. >the atom was read by js_Interpret() is case JSOP_DEFFUN from the >compiled bytecode of the JSScript, expected to hold the function >object that is going to be used there, but it points to garbage - this >is where it crashes most of the times. there are a some other places >sometimes, i can send stack dumps tomorrow. >and it is the executing JSScript as you can see i did protect it with >a ScriptObject. so isn't that JSScript supposed to protect that atom? > > Yes, but if it isn't, then you should be able to prove that the script object is not referred to by a root, or something else is going wrong. I did notice that you are not checking for JS_AddNamedRoot failure, and that you always call JS_RemoveRoot, even if for some reason JS_AddNamedRoot was not called. Can you say whether your version of JS_NewScriptObject, in jsapi.c, looks like this: JS_PUBLIC_API(JSObject *) JS_NewScriptObject(JSContext *cx, JSScript *script) { JSObject *obj; /* * We use a dummy stack frame to protect the script from a GC caused * by debugger-hook execution. * * XXX We really need a way to manage local roots and such more * XXX automatically, at which point we can remove this one-off hack * XXX and others within the engine. See bug 40757 for discussion. */ JSStackFrame dummy; If it doesn't, you need to upgrade your engine. /be .