Subj : Re: js engine crashes at NewScopeProperty To : netscape.public.mozilla.jseng From : "Pradip Singh" Date : Tue Mar 23 2004 12:27 pm Hi Brendon, Thanx for replying so fast. Actually the whole scenario is like this. I am compiling a script using the function JS_CompileFileHandle(cx, glob, filename,&fileRef); It was failing in compilation in the file jsemit.c in function JSBool js_SetSrcNoteOffset(JSContext *cx, JSCodeGenerator *cg, uintN index,uintN which, ptrdiff_t offset) at point if ((jsuword)offset >= (jsuword)(((ptrdiff_t)SN_3BYTE_OFFSET_FLAG) << 16)) and it gave me the error statement to large. So i changed the value of the macro SN_3BYTE_OFFSET_FLAG to 0x100. Now after changing the value to hundred the script started compiling. But it failed to execute as it was crashing in the function NewScopeProperty(JSRuntime *rt); As u sugested to Debug more. I debuged and found that it was crashing at point JS_ARENA_ALLOCATE_CAST(sprop, JSScopeProperty *, &rt->propertyArenaPool, sizeof(JSScopeProperty)); Inside this macro it was crashing at point _q = _p + _nb; I feel _p doesnot contain proper value. Its value was comming as 0x0000001 which i think is wrong. The script is given below function test1(event) { var target = event.getTarget(); var x = event.getXPosition(); var y = event.getYPosition(); var attrList = target.get_attributes(); var len = attrList.get_length(); var no = 0; for (no = 0;no To: "Pradip Singh" Sent: Tuesday, March 23, 2004 1:10 AM Subject: Re: js engine crashes at NewScopeProperty > Pradip Singh wrote: > > > in jsscope.c. It crashes at this point > > JS_ARENA_ALLOCATE_CAST(sprop, JSScopeProperty *, > > &rt->propertyArenaPool, > > sizeof(JSScopeProperty)); > > Plz help. Any help will be appriciated. > > You'll have to debug more. Where in that macro's expansion does it > crash? Expand the macro by hand at that call site and re-test. And is > the crash a null pointer, or a misaligned access, or some other kind of > fault? More machine- or OS-specific exception information needed. > > /be > > .