Subj : Re: Crash during compilation To : netscape.public.mozilla.jseng From : Oscar Date : Mon Aug 23 2004 07:41 am Hi, I was just wondering how to go forward, should I submit a bug in Bugzilla? Should I suggest a fix along with the bug report? Brendan: Have you had an opportunity to check the validity of my concerns regarding possible erroneous freeing of the tempPool, when FILO deallocating after having invoked JS_ArenaFreeAllocation? I'm asking because I wouldn't want to add an invalid bug report to Bugzilla. Best regards Oscar "Oscar" wrote in message news:zxpVc.1001$d5.8142@newsb.telia.net... > Hi Brendan > > Thanks for your response... > > > Atoms are malloc'd, you must mean a JSAtomListElement allocated om > > cx->tempPool. > > Yes sorry about that. > > > That is strange -- arena-pool allocation is LIFO, so there ouldn't > > be > > any way for an older allocation, below the mark stored in cg2mark rly > > in the TOK_FUNCTION case of js_EmitTree, to be freed by a newer lease. > > Well... I have a therory... (Not that my theories are worth much, but here > goes)... > > Is it not possible that the following two lines in JS_ArenaFreeAllocation > puts us at risk of coming to this precise situation? > > if (pool->current == a) > pool->current = &pool->first; > > Seems rather dangerous to reset the current pointer if we > have LILO deallocation. As I understand it, if we manage to get to a > point in which we emit a new function body after running > JS_ArenaFreeAllocation without having had to allocate too much on the > tempPool we could very well risk > purging basically our entire tempPool when cleaning up after the > function. > > I'm sure this is not the problem but perhaps your response can help me > be able to investigate my annoying crash further (it does disappear when > instead repositioning the current pointer to the last arena in the pool) > > > Anyway, no a global variable is set, so something's missing from e > > testcase -- right? > > You are absolutely right; the script is really not in human readable > form, it wasn't the original script but in my efforts of making an as small > script as possible and still be able to reproduce the crash this was what > ended up with :) > > (I wanted to make sure that nothing that I have defined in my global > object was causing the crash) > > Have a nice weekend > > Regards > Oscar .