Bug 1367896: Include script filename in crash reason. r?shu data-r?bsmedberg
If the scope that we're trying to clone is actually a function script, this
should give us the script URL. If it's not (presumably due to some sort of
data corruption), it should give us a different crash, which should hopefully
give us more information.
MozReview-Commit-ID: Fppi0qt4GJP
--- a/js/src/vm/Scope.cpp
+++ b/js/src/vm/Scope.cpp
@@ -367,19 +367,27 @@ Scope::clone(JSContext* cx, HandleScope
RootedShape envShape(cx);
if (scope->environmentShape()) {
envShape = scope->maybeCloneEnvironmentShape(cx);
if (!envShape)
return nullptr;
}
switch (scope->kind_) {
- case ScopeKind::Function:
+ case ScopeKind::Function: {
+ RootedScript script(cx, scope->as<FunctionScope>().script());
+ const char* filename = script->filename();
+ // If the script has an internal URL, include it in the crash reason. If
+ // not, it may be a web URL, and therefore privacy-sensitive.
+ if (!strncmp(filename, "chrome:", 7) || !strncmp(filename, "resource:", 9))
+ MOZ_CRASH_UNSAFE_PRINTF("Use FunctionScope::clone (script URL: %s)", filename);
+
MOZ_CRASH("Use FunctionScope::clone.");
break;
+ }
case ScopeKind::FunctionBodyVar:
case ScopeKind::ParameterExpressionVar: {
Rooted<VarScope::Data*> original(cx, &scope->as<VarScope>().data());
UniquePtr<VarScope::Data> dataClone = CopyScopeData<VarScope>(cx, original);
if (!dataClone)
return nullptr;
return create(cx, scope->kind_, enclosing, envShape, Move(dataClone));