Changes between Initial Version and Version 1 of Ticket #230, comment 36


Ignore:
Timestamp:
Dec 10, 2014, 9:22:47 AM (10 years ago)
Author:
dmik

Legend:

Unmodified
Added
Removed
Modified
  • Ticket #230, comment 36

    initial v1  
    11In fact, what happens is the following: according to my debugging and further testing, `nsObjectLoadingContent::SetupProtoChain` works fine (by successfully calling into the plugin DLL to obtain the JSObject instance) and returns to the caller. And the exact place of the crash is this line: https://github.com/bitwiseworks/mozilla-os2/blob/master/js/src/vm/Interpreter.cpp#L3227. According to the debugger, the value of `regs.fp()` is 0x3 which isn't a valid address. As a result, a call to `isYielding()` causes a SIGSEGV (I found that out by single stepping in IPMD through many assembler lines — why it doesn't pop up upon normal debugger run is another story, perhaps some of the exception handlers f*cks up, but that takes really long to single step through such complex code).
    22
    3 I need now to step-by-step it again to see what code breaks EBX value.
     3I need now to step-by-step it again to see what code breaks EBP value.