After an evaluation, GNOME has moved from Bugzilla to GitLab. Learn more about GitLab.
No new issues can be reported in GNOME Bugzilla anymore.
To report an issue in a GNOME project, go to GNOME GitLab.
Do not go to GNOME Gitlab for: Bluefish, Doxygen, GnuCash, GStreamer, java-gnome, LDTP, NetworkManager, Tomboy.
Bug 694355 - gjs crash when iterating content array
gjs crash when iterating content array
Status: RESOLVED FIXED
Product: gjs
Classification: Bindings
Component: general
1.35.x
Other Linux
: High critical
: ---
Assigned To: gjs-maint
gjs-maint
Depends on:
Blocks:
 
 
Reported: 2013-02-21 13:16 UTC by Lionel Landwerlin
Modified: 2013-02-21 15:58 UTC
See Also:
GNOME target: ---
GNOME version: ---

Attachments
ByteArray: restore enumerability (922 bytes, patch)
2013-02-21 15:37 UTC, Giovanni Campagna 		committed Details | Review

Description Lionel Landwerlin 2013-02-21 13:16:46 UTC 
The following script crashes gjs :

-----------------------------------------

const Gio = imports.gi.Gio;                                
                                                           
let file = Gio.File.new_for_path('COPYING');               
let [success, fileContent, tag] = file.load_contents(null);
for (let i in fileContent) {                               
    log(fileContent[i]);                                   
}                                                          

-----------------------------------------

just replace 'COPYING' by whatever file on your filesystem.
Comment 1 Lionel Landwerlin 2013-02-21 13:47:16 UTC 
Adding backtrace :

Program received signal SIGSEGV, Segmentation fault.
0x0000000000000000 in ?? ()
(gdb) bt

+ Trace 231541

  • #0 ??
  • #1 ??
    from /usr/lib/libmozjs185.so.1.0
  • #2 ??
    from /usr/lib/libmozjs185.so.1.0
  • #3 js_ValueToIterator(JSContext*, unsigned int, js::Value*)
    from /usr/lib/libmozjs185.so.1.0
  • #4 ??
    from /usr/lib/libmozjs185.so.1.0
  • #5 ??
    from /usr/lib/libmozjs185.so.1.0
  • #6 ??
    from /usr/lib/libmozjs185.so.1.0
  • #7 JS_EvaluateUCScriptForPrincipals
    from /usr/lib/libmozjs185.so.1.0
  • #8 JS_EvaluateScriptForPrincipals
    from /usr/lib/libmozjs185.so.1.0
  • #9 JS_EvaluateScript
    from /usr/lib/libmozjs185.so.1.0
  • #10 gjs_context_eval
    at gjs/context.c line 995
  • #11 main
    at gjs/console.c line 112 






Comment 2


Giovanni Campagna





          2013-02-21 15:05:30 UTC
        



Uh oh: the fileContent object is a ByteArray, not a regular Array, and it's enumerate hook is NULL.
We need to fix it, or replace it JS_EnumerateStub.

Btw, a simple workaround is to use C-style looping, as recommended in the style guide:
for (let i = 0; i < fileContent.length; i++) { ... }






Comment 3


Jasper St. Pierre (not reading bugmail)





          2013-02-21 15:07:00 UTC
        



(In reply to comment #2)
> JS_EnumerateStub.

I think this is the better solution for now.






Comment 4


Giovanni Campagna





          2013-02-21 15:37:34 UTC
        



Created attachment 237052 [details] [review]
ByteArray: restore enumerability

Having a NULL JSClass.enum hook causes a segmentation fault, use
JS_EnumerateStub instead, until we implement proper enumeration.






Comment 5


Jasper St. Pierre (not reading bugmail)





          2013-02-21 15:41:24 UTC
        



Review of attachment 237052 [details] [review]:

OK.






Comment 6


Giovanni Campagna





          2013-02-21 15:58:34 UTC
        



Attachment 237052 [details] pushed as 99208f7 - ByteArray: restore enumerability