Subj : Crash in Script.exec() To : netscape.public.mozilla.jseng From : celsoaguiar@hotmail.com (Celso Aguiar) Date : Wed Dec 03 2003 04:30 pm Could someone please help me with this problem? I'm getting a crash in js_CheckRedeclaration when calling Script.exec() from JS_CallfunctionName. I get the crash either if I pass in a scope object parameter to exec (my global object) or not. The script was obtained from frozen/thaw'ed bytecode. 'obj' in js_CheckRedeclaration is NULL, apparently because it could not find my scopeobj, despite passing in one. Looking at the code in script_exec: fp = cx->fp; caller = fp->down; if (!scopeobj) scopeobj = caller->scopeChain; fp->thisp = caller->thisp; JS_ASSERT(fp->scopeChain == caller->scopeChain); fp->sharpArray = caller->sharpArray; return js_Execute(cx, scopeobj, script, fp, 0, rval); it doesn't look like js_Execute will be able to do any good if fp and scopeobj are non-NULL. When called from JS_CallfunctionName, a fp->varobj will not be available, later causing the crash. If I null fp (down) after entering js_Execute, and leave scopeobj (chain) alone, all goes well. The stack is below. Thanks, I appreciate any help. Celso js_CheckRedeclaration(JSContext * cx=0x031c3d70, JSObject * obj=0x00000000, long id=0x04445670, unsigned int attrs=0x00000005, int * foundp=0x0012bcac) Line 1155 + 0x19 C js_Interpret(JSContext * cx=0x031c3d70, long * result=0x0012c2a0) Line 3302 + 0x4e C js_Execute(JSContext * cx=0x031c3d70, JSObject * chain=0x0320bef8, JSScript * script=0x047b4840, JSStackFrame * down=0x0012c280, unsigned int special=0x00000000, long * result=0x0012c2a0) Line 1016 + 0xd C script_exec(JSContext * cx=0x031c3d70, JSObject * obj=0x044465e0, unsigned int argc=0x00000001, long * argv=0x047c6a48, long * rval=0x0012c2a0) Line 250 + 0x1b C js_Invoke(JSContext * cx=0x031c3d70, unsigned int argc=0x00000001, unsigned int flags=0x00000002) Line 836 + 0x1c C js_InternalInvoke(JSContext * cx=0x031c3d70, JSObject * obj=0x044465e0, long fval=0x031ca3b0, unsigned int flags=0x00000000, unsigned int argc=0x00000001, long * argv=0x047cca68, long * rval=0x0012c3d0) Line 928 + 0x14 C JS_CallFunctionName(JSContext * cx=0x031c3d70, JSObject * obj=0x044465e0, const char * name=0x0012c4e0, unsigned int argc=0x00000001, long * argv=0x047cca68, long * rval=0x0012c3d0) Line 3401 + 0x1f C ESObjectCallEx(_s_ESObjectRec * eso=0x045d4a80, const char * szName=0x0012c4e0, _s_ESObjectRec * esoArgs=0x045d4b60, _s_ESValRec * esvRet=0x031f4b58, unsigned short bIgnorePermCheck=0x0001, unsigned short bAllowUserCancel=0x0000) Line 3539 + 0x24 C++ .