Subj : Crash when Compiling Script
To   : netscape.public.mozilla.jseng
From : njaguar
Date : Sat Mar 19 2005 08:07 pm

Hi,

I am trying to update my application to use the latest spidermonkey
core. I am presently using something around v1.4. However, it crashes
immediately when attempting to Evaluate or Compile a script.

I have narrowed it down to the following very simple piece of code,
using 'var' crashes it every time! Here's the test I was using, using
the standard global class, with LAZY_STANDARD_CLASSES undefined (makes
no difference either way).


    JSVersion version;
    JSRuntime *rt;
    JSContext *cx;
    JSObject *glob;
	jsval rval;
    int result=3D0;

    version =3D JSVERSION_DEFAULT;

    rt =3D JS_NewRuntime(64L * 1024L * 1024L);
    if (!rt)
        return 1;

    cx =3D JS_NewContext(rt, 8*1024);
    if (!cx)
        return 1;
    JS_SetErrorReporter(cx, my_ErrorReporter);

    glob =3D JS_NewObject(cx, &global_class, NULL, NULL);
    if (!glob) return 1;
#ifdef LAZY_STANDARD_CLASSES
    JS_SetGlobalObject(cx, glob);
#else
    if (!JS_InitStandardClasses(cx, glob))
        return 1;
#endif
    if (version !=3D JSVERSION_DEFAULT)
        JS_SetVersion(cx, version);

	char buffer[1024];
	strcpy(buffer,"var x=3D1;");
	JSScript *jss =3D JS_CompileScript(cx, glob, buffer, strlen(buffer),
NULL, 1);
	if(jss) {
		JS_ExecuteScript(cx,glob,jss,&rval);
	}

    JS_DestroyContext(cx);
    JS_DestroyRuntime(rt);
    JS_ShutDown();
    return result;


Crashes every time for me. My project is set to Release with numerous
optimizations. If I do something like: function x() { return 1; } x();
 =2E. That works!

Here's a partial stack trace:

                     // EIP =3D 0x039D4E5A - js32.dll -
js_CompileTokenStream+25EA

              03B7F8DC: 70768300 A8DE8300 F7FFFFFF 54FAB703
pv..=A8=DE..=F7=FF=FF=FFT=FA=B7.
              03B7F8EC: 20E28300 702B9A03                     =E2..p+..

                           // 0x039A2B70 - js32.dll -
JS_EnumerateStub+0000

              03B7F8F4: 48AF8300 702B9A03                    H=AF..p+..

                           // 0x039A2B70 - js32.dll -
JS_EnumerateStub+0000

              03B7F8FC: A0F9B703 702B9A03
 =F9=B7.p+..

                           // 0x039A2B70 - js32.dll -
JS_EnumerateStub+0000

              03B7F904: 702B9A03                             p+..

                           // 0x039A2B70 - js32.dll -
JS_EnumerateStub+0000

              03B7F908: 00000000 00000000 F0F1006B
..=2E......=F0=F1.k



Any help on this at all would be greatly appreciated, thanks in
advance!

PS: Is this a bug in js.c?

    version =3D JSVERSION_DEFAULT;
[snip]
    if (version !=3D JSVERSION_DEFAULT)
        JS_SetVersion(cx, version);

Er uh, wouldn't that never fire off?

Thanks :)

.