Closed Bug 284549 Opened 20 years ago Closed 20 years ago

crash if nsIClassInfo.getInterfaces includes a null interface [@ HashIIDPtrKey]

Categories

(Core :: XPConnect, defect)

Product:
Core
Component:
XPConnect
Platform:
x86
Windows XP
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED FIXED

People

(Reporter: timeless, Assigned: timeless)

Details

(Keywords: crash)

Crash Data

Attachments

(1 file, 1 obsolete file)

testcase
1.05 KB, text/plain
Details
> xpc3250.dll!HashIIDPtrKey(JSDHashTable * table=0x00bf9c60, const void * key=0x00000000) Line 54 + 0x3 C++ js3250.dll!JS_DHashTableOperate(JSDHashTable * table=0x00bf9c60, const void * key=0x00000000, JSDHashOperator op=JS_DHASH_LOOKUP) Line 489 + 0x10 C xpc3250.dll!IID2NativeInterfaceMap::Find(const nsID & iid={...}) Line 297 + 0x12 C++ xpc3250.dll!XPCNativeInterface::GetNewOrUsed(XPCCallContext & ccx={...}, const nsID * iid=0x00000000) Line 195 + 0xc C++ xpc3250.dll!XPCNativeSet::GetNewOrUsed(XPCCallContext & ccx={...}, nsIClassInfo * classInfo=0x00c5cb88) Line 606 + 0xd C++ xpc3250.dll!XPCWrappedNativeProto::GetNewOrUsed(XPCCallContext & ccx={...}, XPCWrappedNativeScope * Scope=0x015c2310, nsIClassInfo * ClassInfo=0x00c5cb88, const XPCNativeScriptableCreateInfo * ScriptableCreateInfo=0x0012dc64, int ForceNoSharing=0) Line 216 + 0xd C++ xpc3250.dll!XPCWrappedNative::GetNewOrUsed(XPCCallContext & ccx={...}, nsISupports * Object=0x00c25d68, XPCWrappedNativeScope * Scope=0x015c2310, XPCNativeInterface * Interface=0x00bf3970, XPCWrappedNative * * resultWrapper=0x0012dc94) Line 359 + 0x1c C++ xpc3250.dll!XPCConvert::NativeInterface2JSObject(XPCCallContext & ccx={...}, nsIXPConnectJSObjectHolder * * dest=0x0012dd24, nsISupports * src=0x00c25d68, const nsID * iid=0x0012e010, JSObject * scope=0x00c67850, unsigned int * pErr=0x0012df5c) Line 1058 + 0x1e C++ xpc3250.dll!XPCConvert::NativeData2JS(XPCCallContext & ccx={...}, long * d=0x0012de60, const void * s=0x0012dec0, const nsXPTType & type={...}, const nsID * iid=0x0012e010, JSObject * scope=0x00c67850, unsigned int * pErr=0x0012df5c) Line 464 + 0x31 C++ xpc3250.dll!XPCWrappedNative::CallMethod(XPCCallContext & ccx={...}, XPCWrappedNative::CallMode mode=CALL_GETTER) Line 2159 + 0x32 C++ xpc3250.dll!XPCWrappedNative::GetAttribute(XPCCallContext & ccx={...}) Line 1887 + 0xe C++ xpc3250.dll!XPC_WN_GetterSetter(JSContext * cx=0x00bf98e0, JSObject * obj=0x00c67850, unsigned int argc=0, long * argv=0x00c5a070, long * vp=0x0012e1a8) Line 1343 + 0x9 C++ js3250.dll!js_Invoke(JSContext * cx=0x00bf98e0, unsigned int argc=0, unsigned int flags=2) Line 1293 + 0x20 C js3250.dll!js_InternalInvoke(JSContext * cx=0x00bf98e0, JSObject * obj=0x00c67850, long fval=13006952, unsigned int flags=0, unsigned int argc=0, long * argv=0x00000000, long * rval=0x0012eca8) Line 1390 + 0x14 C js3250.dll!js_InternalGetOrSet(JSContext * cx=0x00bf98e0, JSObject * obj=0x00c67850, long id=12677160, long fval=13006952, JSAccessMode mode=JSACC_READ, unsigned int argc=0, long * argv=0x00000000, long * rval=0x0012eca8) Line 1433 + 0x1f C js3250.dll!js_Interpret(JSContext * cx=0x00bf98e0, unsigned char * pc=0x00c65012, long * result=0x0012ed1c) Line 3393 + 0x3cb C js3250.dll!js_Execute(JSContext * cx=0x00bf98e0, JSObject * chain=0x00b8a768, JSScript * script=0x00c64fb8, JSStackFrame * down=0x00000000, unsigned int flags=0, long * result=0x0012fdcc) Line 1523 + 0x13 C js3250.dll!JS_ExecuteScript(JSContext * cx=0x00bf98e0, JSObject * obj=0x00b8a768, JSScript * script=0x00c64fb8, long * rval=0x0012fdcc) Line 3657 + 0x19 C xpcshell.exe!ProcessFile(JSContext * cx=0x00bf98e0, JSObject * obj=0x00b8a768, const char * filename=0x00000000, _iobuf * file=0x1027c838) Line 646 + 0x16 C++ xpcshell.exe!Process(JSContext * cx=0x00bf98e0, JSObject * obj=0x00b8a768, const char * filename=0x00000000) Line 699 + 0x15 C++ xpcshell.exe!ProcessArgs(JSContext * cx=0x00bf98e0, JSObject * obj=0x00b8a768, char * * argv=0x0036797c, int argc=0) Line 827 + 0x11 C++ xpcshell.exe!main(int argc=0, char * * argv=0x0036797c, char * * envp=0x00362ff8) Line 1639 + 0x15 C++ xpcshell.exe!mainCRTStartup() Line 398 + 0x11 C kernel32.dll!RegisterWaitForInputIdle() + 0x49 yes, this normally shouldn't happen, but i copied a component from one build (which had an interface) to another (which didn't).
Attached file testcase
Attached patch skip null interfaces (obsolete) — Splinter Review
Attachment #176185 - Flags: superreview?(shaver)
Attachment #176185 - Flags: review?(shaver)
Comment on attachment 176185 [details] [diff] [review] skip null interfaces Can we make it an assertion? This sounds like a bug in the classinfo impl, which we should judge harshly in DEBUG builds. r+sr=shaver
Attachment #176185 - Flags: superreview?(shaver)
Attachment #176185 - Flags: superreview+
Attachment #176185 - Flags: review?(shaver)
Attachment #176185 - Flags: review+
Comment on attachment 176185 [details] [diff] [review] skip null interfaces mozilla/js/src/xpconnect/src/xpcwrappednativeinfo.cpp 1.11
Attachment #176185 - Attachment is obsolete: true
Status: NEW → RESOLVED
Closed: 20 years ago
Resolution: --- → FIXED
Crash Signature: [@ HashIIDPtrKey]
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: