Run into NPE inside Rhino engine (1.7.14), but not in the previous build with Rhino engine (1.7.7.1).

[Tomcat0123]

Under load run, NPE occurred inside Rhino engine (1.7.14), but not in the previous build with Rhino engine (1.7.7.1).

java.lang.NullPointerException at org.mozilla.javascript.EmbeddedSlotMap.remove(EmbeddedSlotMap.java:244) at org.mozilla.javascript.SlotMapContainer.remove(SlotMapContainer.java:78) at org.mozilla.javascript.ScriptableObject.delete(ScriptableObject.java:347) at org.mozilla.javascript.IdScriptableObject.delete(IdScriptableObject.java:501) at org.mozilla.javascript.ScriptRuntime.deleteObjectElem(ScriptRuntime.java:1849) at org.mozilla.javascript.ScriptRuntime.delete(ScriptRuntime.java:1942) at org.mozilla.javascript.Interpreter.doDelName(Interpreter.java:2705) at org.mozilla.javascript.Interpreter.interpretLoop(Interpreter.java:1532) at org.mozilla.javascript.Interpreter.interpret(Interpreter.java:1053) at org.mozilla.javascript.InterpretedFunction.call(InterpretedFunction.java:90) at org.mozilla.javascript.ContextFactory.doTopCall(ContextFactory.java:380) at ...

public class EmbeddedSlotMap implements SlotMap { 202: public void remove(Object key, int index) { ... 243: prev = firstAdded; 244: while (prev.orderedNext != slot) {

Not sure if people has reported the same issue, I have not seen ticket about this NPE. Could some one please take a look?

Thanks.

[p-bakker]

I don't really have any insight into the substance of the issue that is occurring here, but I think whomever might look into this could do with more info, like:

• How is Rhino being used here? Dynamic scopes? Sealed scopes?
• Might it be that the object (from which the code is trying to delete a property) is being accessed from multiple threads?
• Any way to reproduce this issue?

[p-bakker]

@gbrail have assigned this issue to you, as you've done a lot of work in this area. Hope you can have a look at what this might be