Closed
Bug 1675586
Opened 4 years ago
Closed 1 year ago
Assertion failure: !mScriptObject (Leaking script object.), at src/dom/xul/nsXULElement.cpp:1875
Categories
(Core :: Print Preview, defect)
Core
Print Preview
Tracking
()
RESOLVED
WORKSFORME
| Tracking | Status | |
|---|---|---|
| firefox84 | --- | affected |
People
(Reporter: tsmith, Unassigned)
References
(Blocks 1 open bug)
Details
(Keywords: assertion, testcase)
Attachments
(1 file)
|
1.00 KB,
text/html
|
Details |
Assertion failure: !mScriptObject (Leaking script object.), at src/dom/xul/nsXULElement.cpp:1875
#0 0x7fce8cf72368 in nsXULPrototypeScript::Set(JSScript*) src/dom/xul/nsXULElement.cpp:1875:3
#1 0x7fce8cf6780e in nsXULPrototypeScript::Compile(char16_t const*, unsigned long, JS::SourceOwnership, nsIURI*, unsigned int, mozilla::dom::Document*, nsIOffThreadScriptReceiver*) src/dom/xul/nsXULElement.cpp:1862:5
#2 0x7fce8cb900ad in mozilla::dom::PrototypeDocumentContentSink::OnStreamComplete(nsIStreamLoader*, nsISupports*, nsresult, unsigned int, unsigned char const*) src/dom/prototype/PrototypeDocumentContentSink.cpp:821:33
#3 0x7fce88ebaab2 in mozilla::net::nsStreamLoader::OnStopRequest(nsIRequest*, nsresult) src/netwerk/base/nsStreamLoader.cpp:89:20
#4 0x7fce89e1c5d4 in nsJARChannel::OnStopRequest(nsIRequest*, nsresult) src/modules/libjar/nsJARChannel.cpp:1034:16
#5 0x7fce89e1e6cc in non-virtual thunk to nsJARChannel::OnStopRequest(nsIRequest*, nsresult) src/modules/libjar/nsJARChannel.cpp
#6 0x7fce88e5d81f in nsInputStreamPump::OnStateStop() src/netwerk/base/nsInputStreamPump.cpp:649:16
#7 0x7fce88e5ce0e in nsInputStreamPump::OnInputStreamReady(nsIAsyncInputStream*) src/netwerk/base/nsInputStreamPump.cpp:397:21
#8 0x7fce88e5dbdc in non-virtual thunk to nsInputStreamPump::OnInputStreamReady(nsIAsyncInputStream*) src/netwerk/base/nsInputStreamPump.cpp
#9 0x7fce88c99108 in nsInputStreamReadyEvent::Run() src/xpcom/io/nsStreamUtils.cpp:94:20
#10 0x7fce88cd16bf in mozilla::RunnableTask::Run() src/xpcom/threads/TaskController.cpp:245:16
#11 0x7fce88ccfd3a in mozilla::TaskController::DoExecuteNextTaskOnlyMainThreadInternal(mozilla::detail::BaseAutoLock<mozilla::Mutex&> const&) src/xpcom/threads/TaskController.cpp:515:26
#12 0x7fce88ccede4 in mozilla::TaskController::ExecuteNextTaskOnlyMainThreadInternal(mozilla::detail::BaseAutoLock<mozilla::Mutex&> const&) src/xpcom/threads/TaskController.cpp:374:15
#13 0x7fce88ccef97 in mozilla::TaskController::ProcessPendingMTTask(bool) src/xpcom/threads/TaskController.cpp:171:36
#14 0x7fce88cd4c59 in operator() src/xpcom/threads/TaskController.cpp:88:37
#15 0x7fce88cd4c59 in mozilla::detail::RunnableFunction<mozilla::TaskController::InitializeInternal()::$_4>::Run() /builds/worker/workspace/obj-build/dist/include/nsThreadUtils.h:577:5
#16 0x7fce88ce5e37 in nsThread::ProcessNextEvent(bool, bool*) src/xpcom/threads/nsThread.cpp:1197:14
#17 0x7fce88ceb9da in NS_ProcessNextEvent(nsIThread*, bool) src/xpcom/threads/nsThreadUtils.cpp:513:10
#18 0x7fce8e58c7c6 in SpinEventLoopUntil<mozilla::ProcessFailureBehavior::ReportToCaller, (lambda at src/xpfe/appshell/AppWindow.cpp:503:24)> /builds/worker/workspace/obj-build/dist/include/nsThreadUtils.h:362:25
#19 0x7fce8e58c7c6 in mozilla::AppWindow::ShowModal() src/xpfe/appshell/AppWindow.cpp:503:5
#20 0x7fce8e9ca8a2 in nsWindowWatcher::OpenWindowInternal(mozIDOMWindowProxy*, nsTSubstring<char> const&, nsTSubstring<char> const&, nsTSubstring<char> const&, bool, bool, bool, nsIArray*, bool, bool, bool, nsPIWindowWatcher::PrintKind, nsDocShellLoadState*, mozilla::dom::BrowsingContext**) src/toolkit/components/windowwatcher/nsWindowWatcher.cpp:1328:18
#21 0x7fce8e9c79f7 in nsWindowWatcher::OpenWindow(mozIDOMWindowProxy*, nsTSubstring<char> const&, nsTSubstring<char> const&, nsTSubstring<char> const&, nsISupports*, mozIDOMWindowProxy**) src/toolkit/components/windowwatcher/nsWindowWatcher.cpp:293:3
#22 0x7fce88d106e5 in NS_InvokeByIndex src/xpcom/reflect/xptcall/md/unix/xptcinvoke_asm_x86_64_unix.S:101
#23 0x7fce89df331d in Invoke src/js/xpconnect/src/XPCWrappedNative.cpp:1620:10
#24 0x7fce89df331d in CallMethodHelper::Call() src/js/xpconnect/src/XPCWrappedNative.cpp:1176:19
#25 0x7fce89df3067 in XPCWrappedNative::CallMethod(XPCCallContext&, XPCWrappedNative::CallMode) src/js/xpconnect/src/XPCWrappedNative.cpp:1142:23
#26 0x7fce89df4bd1 in XPC_WN_CallMethod(JSContext*, unsigned int, JS::Value*) src/js/xpconnect/src/XPCWrappedNativeJSOps.cpp:925:10
#27 0x7fce8eb5dd21 in CallJSNative(JSContext*, bool (*)(JSContext*, unsigned int, JS::Value*), js::CallReason, JS::CallArgs const&) src/js/src/vm/Interpreter.cpp:506:13
#28 0x7fce8eb5d438 in js::InternalCallOrConstruct(JSContext*, JS::CallArgs const&, js::MaybeConstruct, js::CallReason) src/js/src/vm/Interpreter.cpp:598:12
#29 0x7fce8eb5f003 in InternalCall(JSContext*, js::AnyInvokeArgs const&, js::CallReason) src/js/src/vm/Interpreter.cpp:663:10
#30 0x7fce8eb52da3 in CallFromStack src/js/src/vm/Interpreter.cpp:667:10
#31 0x7fce8eb52da3 in Interpret(JSContext*, js::RunState&) src/js/src/vm/Interpreter.cpp:3336:16
#32 0x7fce8eb49f14 in js::RunScript(JSContext*, js::RunState&) src/js/src/vm/Interpreter.cpp:476:13
#33 0x7fce8eb5d409 in js::InternalCallOrConstruct(JSContext*, JS::CallArgs const&, js::MaybeConstruct, js::CallReason) src/js/src/vm/Interpreter.cpp:635:13
#34 0x7fce8eb5f003 in InternalCall(JSContext*, js::AnyInvokeArgs const&, js::CallReason) src/js/src/vm/Interpreter.cpp:663:10
#35 0x7fce8eb5f23f in js::Call(JSContext*, JS::Handle<JS::Value>, JS::Handle<JS::Value>, js::AnyInvokeArgs const&, JS::MutableHandle<JS::Value>, js::CallReason) src/js/src/vm/Interpreter.cpp:680:8
#36 0x7fce8f148711 in JS_CallFunctionValue(JSContext*, JS::Handle<JSObject*>, JS::Handle<JS::Value>, JS::HandleValueArray const&, JS::MutableHandle<JS::Value>) src/js/src/jsapi.cpp:2766:10
#37 0x7fce89debb8e in nsXPCWrappedJS::CallMethod(unsigned short, nsXPTMethodInfo const*, nsXPTCMiniVariant*) src/js/xpconnect/src/XPCWrappedJSClass.cpp:970:17
#38 0x7fce88d1150a in PrepareAndDispatch src/xpcom/reflect/xptcall/md/unix/xptcstubs_x86_64_linux.cpp:115:37
#39 0x7fce88d1084e in SharedStub (/home/worker/builds/m-c-20201019213835-fuzzing-debug/libxul.so+0x2e6584e)
#40 0x7fce88d106e5 in NS_InvokeByIndex src/xpcom/reflect/xptcall/md/unix/xptcinvoke_asm_x86_64_unix.S:101
#41 0x7fce89df331d in Invoke src/js/xpconnect/src/XPCWrappedNative.cpp:1620:10
#42 0x7fce89df331d in CallMethodHelper::Call() src/js/xpconnect/src/XPCWrappedNative.cpp:1176:19
#43 0x7fce89df3067 in XPCWrappedNative::CallMethod(XPCCallContext&, XPCWrappedNative::CallMode) src/js/xpconnect/src/XPCWrappedNative.cpp:1142:23
#44 0x7fce89df4bd1 in XPC_WN_CallMethod(JSContext*, unsigned int, JS::Value*) src/js/xpconnect/src/XPCWrappedNativeJSOps.cpp:925:10
#45 0x7fce8eb5dd21 in CallJSNative(JSContext*, bool (*)(JSContext*, unsigned int, JS::Value*), js::CallReason, JS::CallArgs const&) src/js/src/vm/Interpreter.cpp:506:13
#46 0x7fce8eb5d438 in js::InternalCallOrConstruct(JSContext*, JS::CallArgs const&, js::MaybeConstruct, js::CallReason) src/js/src/vm/Interpreter.cpp:598:12
#47 0x7fce8eb5f003 in InternalCall(JSContext*, js::AnyInvokeArgs const&, js::CallReason) src/js/src/vm/Interpreter.cpp:663:10
#48 0x7fce8eb52da3 in CallFromStack src/js/src/vm/Interpreter.cpp:667:10
#49 0x7fce8eb52da3 in Interpret(JSContext*, js::RunState&) src/js/src/vm/Interpreter.cpp:3336:16
#50 0x7fce8eb49f14 in js::RunScript(JSContext*, js::RunState&) src/js/src/vm/Interpreter.cpp:476:13
#51 0x7fce8eb5d409 in js::InternalCallOrConstruct(JSContext*, JS::CallArgs const&, js::MaybeConstruct, js::CallReason) src/js/src/vm/Interpreter.cpp:635:13
#52 0x7fce8eb5f003 in InternalCall(JSContext*, js::AnyInvokeArgs const&, js::CallReason) src/js/src/vm/Interpreter.cpp:663:10
#53 0x7fce8eb5f23f in js::Call(JSContext*, JS::Handle<JS::Value>, JS::Handle<JS::Value>, js::AnyInvokeArgs const&, JS::MutableHandle<JS::Value>, js::CallReason) src/js/src/vm/Interpreter.cpp:680:8
#54 0x7fce8f14968b in JS::Call(JSContext*, JS::Handle<JS::Value>, JS::Handle<JS::Value>, JS::HandleValueArray const&, JS::MutableHandle<JS::Value>) src/js/src/jsapi.cpp:2829:10
#55 0x7fce8add31b5 in mozilla::dom::MessageListener::ReceiveMessage(mozilla::dom::BindingCallContext&, JS::Handle<JS::Value>, mozilla::dom::ReceiveMessageArgument const&, JS::MutableHandle<JS::Value>, mozilla::ErrorResult&) /builds/worker/workspace/obj-build/dom/bindings/MessageManagerBinding.cpp:6444:8
#56 0x7fce8a765fed in void mozilla::dom::MessageListener::ReceiveMessage<JS::Rooted<JS::Value> >(JS::Rooted<JS::Value> const&, mozilla::dom::ReceiveMessageArgument const&, JS::MutableHandle<JS::Value>, mozilla::ErrorResult&, char const*, mozilla::dom::CallbackObject::ExceptionHandling, JS::Realm*) /builds/worker/workspace/obj-build/dist/include/mozilla/dom/MessageManagerBinding.h:769:12
#57 0x7fce8a7650cd in nsFrameMessageManager::ReceiveMessage(nsISupports*, nsFrameLoader*, bool, nsTSubstring<char16_t> const&, bool, mozilla::dom::ipc::StructuredCloneData*, nsTArray<mozilla::dom::ipc::StructuredCloneData>*, mozilla::ErrorResult&) src/dom/base/nsFrameMessageManager.cpp:691:25
#58 0x7fce8a765b00 in nsFrameMessageManager::ReceiveMessage(nsISupports*, nsFrameLoader*, bool, nsTSubstring<char16_t> const&, bool, mozilla::dom::ipc::StructuredCloneData*, nsTArray<mozilla::dom::ipc::StructuredCloneData>*, mozilla::ErrorResult&) src/dom/base/nsFrameMessageManager.cpp:770:22
#59 0x7fce8cd418ce in ReceiveMessage src/dom/base/nsFrameMessageManager.h:206:5
#60 0x7fce8cd418ce in mozilla::dom::BrowserParent::ReceiveMessage(nsTString<char16_t> const&, bool, mozilla::dom::ipc::StructuredCloneData*, nsTArray<mozilla::dom::ipc::StructuredCloneData>*) src/dom/ipc/BrowserParent.cpp:3214:14
#61 0x7fce8cd4acca in mozilla::dom::BrowserParent::RecvAsyncMessage(nsTString<char16_t> const&, mozilla::dom::ClonedMessageData const&) src/dom/ipc/BrowserParent.cpp:2033:8
#62 0x7fce89cf1281 in mozilla::dom::PBrowserParent::OnMessageReceived(IPC::Message const&) /builds/worker/workspace/obj-build/ipc/ipdl/PBrowserParent.cpp:2708:57
#63 0x7fce8978f11d in mozilla::dom::PContentParent::OnMessageReceived(IPC::Message const&) /builds/worker/workspace/obj-build/ipc/ipdl/PContentParent.cpp:6627:32
#64 0x7fce895d5eee in mozilla::ipc::MessageChannel::DispatchAsyncMessage(mozilla::ipc::ActorLifecycleProxy*, IPC::Message const&) src/ipc/glue/MessageChannel.cpp:2150:25
#65 0x7fce895d26af in mozilla::ipc::MessageChannel::DispatchMessage(IPC::Message&&) src/ipc/glue/MessageChannel.cpp:2074:9
#66 0x7fce895d3ab6 in mozilla::ipc::MessageChannel::RunMessage(mozilla::ipc::MessageChannel::MessageTask&) src/ipc/glue/MessageChannel.cpp:1922:3
#67 0x7fce895d46db in mozilla::ipc::MessageChannel::MessageTask::Run() src/ipc/glue/MessageChannel.cpp:1953:13
#68 0x7fce88cd16bf in mozilla::RunnableTask::Run() src/xpcom/threads/TaskController.cpp:245:16
#69 0x7fce88ccfd3a in mozilla::TaskController::DoExecuteNextTaskOnlyMainThreadInternal(mozilla::detail::BaseAutoLock<mozilla::Mutex&> const&) src/xpcom/threads/TaskController.cpp:515:26
#70 0x7fce88ccede4 in mozilla::TaskController::ExecuteNextTaskOnlyMainThreadInternal(mozilla::detail::BaseAutoLock<mozilla::Mutex&> const&) src/xpcom/threads/TaskController.cpp:374:15
#71 0x7fce88ccef97 in mozilla::TaskController::ProcessPendingMTTask(bool) src/xpcom/threads/TaskController.cpp:171:36
#72 0x7fce88cd4c59 in operator() src/xpcom/threads/TaskController.cpp:88:37
#73 0x7fce88cd4c59 in mozilla::detail::RunnableFunction<mozilla::TaskController::InitializeInternal()::$_4>::Run() /builds/worker/workspace/obj-build/dist/include/nsThreadUtils.h:577:5
#74 0x7fce88ce5e37 in nsThread::ProcessNextEvent(bool, bool*) src/xpcom/threads/nsThread.cpp:1197:14
#75 0x7fce88ceb9da in NS_ProcessNextEvent(nsIThread*, bool) src/xpcom/threads/nsThreadUtils.cpp:513:10
#76 0x7fce8e58c7c6 in SpinEventLoopUntil<mozilla::ProcessFailureBehavior::ReportToCaller, (lambda at src/xpfe/appshell/AppWindow.cpp:503:24)> /builds/worker/workspace/obj-build/dist/include/nsThreadUtils.h:362:25
#77 0x7fce8e58c7c6 in mozilla::AppWindow::ShowModal() src/xpfe/appshell/AppWindow.cpp:503:5
#78 0x7fce8e9ca8a2 in nsWindowWatcher::OpenWindowInternal(mozIDOMWindowProxy*, nsTSubstring<char> const&, nsTSubstring<char> const&, nsTSubstring<char> const&, bool, bool, bool, nsIArray*, bool, bool, bool, nsPIWindowWatcher::PrintKind, nsDocShellLoadState*, mozilla::dom::BrowsingContext**) src/toolkit/components/windowwatcher/nsWindowWatcher.cpp:1328:18
#79 0x7fce8e9c79f7 in nsWindowWatcher::OpenWindow(mozIDOMWindowProxy*, nsTSubstring<char> const&, nsTSubstring<char> const&, nsTSubstring<char> const&, nsISupports*, mozIDOMWindowProxy**) src/toolkit/components/windowwatcher/nsWindowWatcher.cpp:293:3
#80 0x7fce88d106e5 in NS_InvokeByIndex src/xpcom/reflect/xptcall/md/unix/xptcinvoke_asm_x86_64_unix.S:101
#81 0x7fce89df331d in Invoke src/js/xpconnect/src/XPCWrappedNative.cpp:1620:10
#82 0x7fce89df331d in CallMethodHelper::Call() src/js/xpconnect/src/XPCWrappedNative.cpp:1176:19
#83 0x7fce89df3067 in XPCWrappedNative::CallMethod(XPCCallContext&, XPCWrappedNative::CallMode) src/js/xpconnect/src/XPCWrappedNative.cpp:1142:23
#84 0x7fce89df4bd1 in XPC_WN_CallMethod(JSContext*, unsigned int, JS::Value*) src/js/xpconnect/src/XPCWrappedNativeJSOps.cpp:925:10
#85 0x7fce8eb5dd21 in CallJSNative(JSContext*, bool (*)(JSContext*, unsigned int, JS::Value*), js::CallReason, JS::CallArgs const&) src/js/src/vm/Interpreter.cpp:506:13
#86 0x7fce8eb5d438 in js::InternalCallOrConstruct(JSContext*, JS::CallArgs const&, js::MaybeConstruct, js::CallReason) src/js/src/vm/Interpreter.cpp:598:12
#87 0x7fce8eb5f003 in InternalCall(JSContext*, js::AnyInvokeArgs const&, js::CallReason) src/js/src/vm/Interpreter.cpp:663:10
#88 0x7fce8eb52da3 in CallFromStack src/js/src/vm/Interpreter.cpp:667:10
#89 0x7fce8eb52da3 in Interpret(JSContext*, js::RunState&) src/js/src/vm/Interpreter.cpp:3336:16
#90 0x7fce8eb49f14 in js::RunScript(JSContext*, js::RunState&) src/js/src/vm/Interpreter.cpp:476:13
#91 0x7fce8eb5d409 in js::InternalCallOrConstruct(JSContext*, JS::CallArgs const&, js::MaybeConstruct, js::CallReason) src/js/src/vm/Interpreter.cpp:635:13
#92 0x7fce8eb5f003 in InternalCall(JSContext*, js::AnyInvokeArgs const&, js::CallReason) src/js/src/vm/Interpreter.cpp:663:10
#93 0x7fce8eb5f23f in js::Call(JSContext*, JS::Handle<JS::Value>, JS::Handle<JS::Value>, js::AnyInvokeArgs const&, JS::MutableHandle<JS::Value>, js::CallReason) src/js/src/vm/Interpreter.cpp:680:8
#94 0x7fce8f148711 in JS_CallFunctionValue(JSContext*, JS::Handle<JSObject*>, JS::Handle<JS::Value>, JS::HandleValueArray const&, JS::MutableHandle<JS::Value>) src/js/src/jsapi.cpp:2766:10
#95 0x7fce89debb8e in nsXPCWrappedJS::CallMethod(unsigned short, nsXPTMethodInfo const*, nsXPTCMiniVariant*) src/js/xpconnect/src/XPCWrappedJSClass.cpp:970:17
#96 0x7fce88d1150a in PrepareAndDispatch src/xpcom/reflect/xptcall/md/unix/xptcstubs_x86_64_linux.cpp:115:37
#97 0x7fce88d1084e in SharedStub (/home/worker/builds/m-c-20201019213835-fuzzing-debug/libxul.so+0x2e6584e)
#98 0x7fce88d106e5 in NS_InvokeByIndex src/xpcom/reflect/xptcall/md/unix/xptcinvoke_asm_x86_64_unix.S:101
#99 0x7fce89df331d in Invoke src/js/xpconnect/src/XPCWrappedNative.cpp:1620:10
#100 0x7fce89df331d in CallMethodHelper::Call() src/js/xpconnect/src/XPCWrappedNative.cpp:1176:19
#101 0x7fce89df3067 in XPCWrappedNative::CallMethod(XPCCallContext&, XPCWrappedNative::CallMode) src/js/xpconnect/src/XPCWrappedNative.cpp:1142:23
#102 0x7fce89df4bd1 in XPC_WN_CallMethod(JSContext*, unsigned int, JS::Value*) src/js/xpconnect/src/XPCWrappedNativeJSOps.cpp:925:10
#103 0x7fce8eb5dd21 in CallJSNative(JSContext*, bool (*)(JSContext*, unsigned int, JS::Value*), js::CallReason, JS::CallArgs const&) src/js/src/vm/Interpreter.cpp:506:13
#104 0x7fce8eb5d438 in js::InternalCallOrConstruct(JSContext*, JS::CallArgs const&, js::MaybeConstruct, js::CallReason) src/js/src/vm/Interpreter.cpp:598:12
#105 0x7fce8eb5f003 in InternalCall(JSContext*, js::AnyInvokeArgs const&, js::CallReason) src/js/src/vm/Interpreter.cpp:663:10
#106 0x7fce8eb52da3 in CallFromStack src/js/src/vm/Interpreter.cpp:667:10
#107 0x7fce8eb52da3 in Interpret(JSContext*, js::RunState&) src/js/src/vm/Interpreter.cpp:3336:16
#108 0x7fce8eb49f14 in js::RunScript(JSContext*, js::RunState&) src/js/src/vm/Interpreter.cpp:476:13
#109 0x7fce8eb5d409 in js::InternalCallOrConstruct(JSContext*, JS::CallArgs const&, js::MaybeConstruct, js::CallReason) src/js/src/vm/Interpreter.cpp:635:13
#110 0x7fce8eb5f003 in InternalCall(JSContext*, js::AnyInvokeArgs const&, js::CallReason) src/js/src/vm/Interpreter.cpp:663:10
#111 0x7fce8eb5f23f in js::Call(JSContext*, JS::Handle<JS::Value>, JS::Handle<JS::Value>, js::AnyInvokeArgs const&, JS::MutableHandle<JS::Value>, js::CallReason) src/js/src/vm/Interpreter.cpp:680:8
#112 0x7fce8f14968b in JS::Call(JSContext*, JS::Handle<JS::Value>, JS::Handle<JS::Value>, JS::HandleValueArray const&, JS::MutableHandle<JS::Value>) src/js/src/jsapi.cpp:2829:10
#113 0x7fce8add31b5 in mozilla::dom::MessageListener::ReceiveMessage(mozilla::dom::BindingCallContext&, JS::Handle<JS::Value>, mozilla::dom::ReceiveMessageArgument const&, JS::MutableHandle<JS::Value>, mozilla::ErrorResult&) /builds/worker/workspace/obj-build/dom/bindings/MessageManagerBinding.cpp:6444:8
#114 0x7fce8a765fed in void mozilla::dom::MessageListener::ReceiveMessage<JS::Rooted<JS::Value> >(JS::Rooted<JS::Value> const&, mozilla::dom::ReceiveMessageArgument const&, JS::MutableHandle<JS::Value>, mozilla::ErrorResult&, char const*, mozilla::dom::CallbackObject::ExceptionHandling, JS::Realm*) /builds/worker/workspace/obj-build/dist/include/mozilla/dom/MessageManagerBinding.h:769:12
#115 0x7fce8a7650cd in nsFrameMessageManager::ReceiveMessage(nsISupports*, nsFrameLoader*, bool, nsTSubstring<char16_t> const&, bool, mozilla::dom::ipc::StructuredCloneData*, nsTArray<mozilla::dom::ipc::StructuredCloneData>*, mozilla::ErrorResult&) src/dom/base/nsFrameMessageManager.cpp:691:25
#116 0x7fce8a765b00 in nsFrameMessageManager::ReceiveMessage(nsISupports*, nsFrameLoader*, bool, nsTSubstring<char16_t> const&, bool, mozilla::dom::ipc::StructuredCloneData*, nsTArray<mozilla::dom::ipc::StructuredCloneData>*, mozilla::ErrorResult&) src/dom/base/nsFrameMessageManager.cpp:770:22
#117 0x7fce8cd418ce in ReceiveMessage src/dom/base/nsFrameMessageManager.h:206:5
#118 0x7fce8cd418ce in mozilla::dom::BrowserParent::ReceiveMessage(nsTString<char16_t> const&, bool, mozilla::dom::ipc::StructuredCloneData*, nsTArray<mozilla::dom::ipc::StructuredCloneData>*) src/dom/ipc/BrowserParent.cpp:3214:14
#119 0x7fce8cd4acca in mozilla::dom::BrowserParent::RecvAsyncMessage(nsTString<char16_t> const&, mozilla::dom::ClonedMessageData const&) src/dom/ipc/BrowserParent.cpp:2033:8
#120 0x7fce89cf1281 in mozilla::dom::PBrowserParent::OnMessageReceived(IPC::Message const&) /builds/worker/workspace/obj-build/ipc/ipdl/PBrowserParent.cpp:2708:57
#121 0x7fce8978f11d in mozilla::dom::PContentParent::OnMessageReceived(IPC::Message const&) /builds/worker/workspace/obj-build/ipc/ipdl/PContentParent.cpp:6627:32
#122 0x7fce895d5eee in mozilla::ipc::MessageChannel::DispatchAsyncMessage(mozilla::ipc::ActorLifecycleProxy*, IPC::Message const&) src/ipc/glue/MessageChannel.cpp:2150:25
#123 0x7fce895d26af in mozilla::ipc::MessageChannel::DispatchMessage(IPC::Message&&) src/ipc/glue/MessageChannel.cpp:2074:9
#124 0x7fce895d3ab6 in mozilla::ipc::MessageChannel::RunMessage(mozilla::ipc::MessageChannel::MessageTask&) src/ipc/glue/MessageChannel.cpp:1922:3
#125 0x7fce895d46db in mozilla::ipc::MessageChannel::MessageTask::Run() src/ipc/glue/MessageChannel.cpp:1953:13
#126 0x7fce88cd16bf in mozilla::RunnableTask::Run() src/xpcom/threads/TaskController.cpp:245:16
#127 0x7fce88ccfd3a in mozilla::TaskController::DoExecuteNextTaskOnlyMainThreadInternal(mozilla::detail::BaseAutoLock<mozilla::Mutex&> const&) src/xpcom/threads/TaskController.cpp:515:26
#128 0x7fce88ccede4 in mozilla::TaskController::ExecuteNextTaskOnlyMainThreadInternal(mozilla::detail::BaseAutoLock<mozilla::Mutex&> const&) src/xpcom/threads/TaskController.cpp:374:15
#129 0x7fce88ccef97 in mozilla::TaskController::ProcessPendingMTTask(bool) src/xpcom/threads/TaskController.cpp:171:36
#130 0x7fce88cd4c59 in operator() src/xpcom/threads/TaskController.cpp:88:37
#131 0x7fce88cd4c59 in mozilla::detail::RunnableFunction<mozilla::TaskController::InitializeInternal()::$_4>::Run() /builds/worker/workspace/obj-build/dist/include/nsThreadUtils.h:577:5
#132 0x7fce88ce5e37 in nsThread::ProcessNextEvent(bool, bool*) src/xpcom/threads/nsThread.cpp:1197:14
#133 0x7fce88ceb9da in NS_ProcessNextEvent(nsIThread*, bool) src/xpcom/threads/nsThreadUtils.cpp:513:10
#134 0x7fce8e58c7c6 in SpinEventLoopUntil<mozilla::ProcessFailureBehavior::ReportToCaller, (lambda at src/xpfe/appshell/AppWindow.cpp:503:24)> /builds/worker/workspace/obj-build/dist/include/nsThreadUtils.h:362:25
#135 0x7fce8e58c7c6 in mozilla::AppWindow::ShowModal() src/xpfe/appshell/AppWindow.cpp:503:5
#136 0x7fce8e9ca8a2 in nsWindowWatcher::OpenWindowInternal(mozIDOMWindowProxy*, nsTSubstring<char> const&, nsTSubstring<char> const&, nsTSubstring<char> const&, bool, bool, bool, nsIArray*, bool, bool, bool, nsPIWindowWatcher::PrintKind, nsDocShellLoadState*, mozilla::dom::BrowsingContext**) src/toolkit/components/windowwatcher/nsWindowWatcher.cpp:1328:18
#137 0x7fce8e9c79f7 in nsWindowWatcher::OpenWindow(mozIDOMWindowProxy*, nsTSubstring<char> const&, nsTSubstring<char> const&, nsTSubstring<char> const&, nsISupports*, mozIDOMWindowProxy**) src/toolkit/components/windowwatcher/nsWindowWatcher.cpp:293:3
#138 0x7fce88d106e5 in NS_InvokeByIndex src/xpcom/reflect/xptcall/md/unix/xptcinvoke_asm_x86_64_unix.S:101
#139 0x7fce89df331d in Invoke src/js/xpconnect/src/XPCWrappedNative.cpp:1620:10
#140 0x7fce89df331d in CallMethodHelper::Call() src/js/xpconnect/src/XPCWrappedNative.cpp:1176:19
#141 0x7fce89df3067 in XPCWrappedNative::CallMethod(XPCCallContext&, XPCWrappedNative::CallMode) src/js/xpconnect/src/XPCWrappedNative.cpp:1142:23
#142 0x7fce89df4bd1 in XPC_WN_CallMethod(JSContext*, unsigned int, JS::Value*) src/js/xpconnect/src/XPCWrappedNativeJSOps.cpp:925:10
#143 0x7fce8eb5dd21 in CallJSNative(JSContext*, bool (*)(JSContext*, unsigned int, JS::Value*), js::CallReason, JS::CallArgs const&) src/js/src/vm/Interpreter.cpp:506:13
#144 0x7fce8eb5d438 in js::InternalCallOrConstruct(JSContext*, JS::CallArgs const&, js::MaybeConstruct, js::CallReason) src/js/src/vm/Interpreter.cpp:598:12
#145 0x7fce8eb5f003 in InternalCall(JSContext*, js::AnyInvokeArgs const&, js::CallReason) src/js/src/vm/Interpreter.cpp:663:10
#146 0x7fce8eb52da3 in CallFromStack src/js/src/vm/Interpreter.cpp:667:10
#147 0x7fce8eb52da3 in Interpret(JSContext*, js::RunState&) src/js/src/vm/Interpreter.cpp:3336:16
#148 0x7fce8eb49f14 in js::RunScript(JSContext*, js::RunState&) src/js/src/vm/Interpreter.cpp:476:13
#149 0x7fce8eb5d409 in js::InternalCallOrConstruct(JSContext*, JS::CallArgs const&, js::MaybeConstruct, js::CallReason) src/js/src/vm/Interpreter.cpp:635:13
#150 0x7fce8eb5f003 in InternalCall(JSContext*, js::AnyInvokeArgs const&, js::CallReason) src/js/src/vm/Interpreter.cpp:663:10
#151 0x7fce8eb5f23f in js::Call(JSContext*, JS::Handle<JS::Value>, JS::Handle<JS::Value>, js::AnyInvokeArgs const&, JS::MutableHandle<JS::Value>, js::CallReason) src/js/src/vm/Interpreter.cpp:680:8
#152 0x7fce8f148711 in JS_CallFunctionValue(JSContext*, JS::Handle<JSObject*>, JS::Handle<JS::Value>, JS::HandleValueArray const&, JS::MutableHandle<JS::Value>) src/js/src/jsapi.cpp:2766:10
#153 0x7fce89debb8e in nsXPCWrappedJS::CallMethod(unsigned short, nsXPTMethodInfo const*, nsXPTCMiniVariant*) src/js/xpconnect/src/XPCWrappedJSClass.cpp:970:17
#154 0x7fce88d1150a in PrepareAndDispatch src/xpcom/reflect/xptcall/md/unix/xptcstubs_x86_64_linux.cpp:115:37
#155 0x7fce88d1084e in SharedStub (/home/worker/builds/m-c-20201019213835-fuzzing-debug/libxul.so+0x2e6584e)
#156 0x7fce88d106e5 in NS_InvokeByIndex src/xpcom/reflect/xptcall/md/unix/xptcinvoke_asm_x86_64_unix.S:101
#157 0x7fce89df331d in Invoke src/js/xpconnect/src/XPCWrappedNative.cpp:1620:10
#158 0x7fce89df331d in CallMethodHelper::Call() src/js/xpconnect/src/XPCWrappedNative.cpp:1176:19
#159 0x7fce89df3067 in XPCWrappedNative::CallMethod(XPCCallContext&, XPCWrappedNative::CallMode) src/js/xpconnect/src/XPCWrappedNative.cpp:1142:23
#160 0x7fce89df4bd1 in XPC_WN_CallMethod(JSContext*, unsigned int, JS::Value*) src/js/xpconnect/src/XPCWrappedNativeJSOps.cpp:925:10
#161 0x7fce8eb5dd21 in CallJSNative(JSContext*, bool (*)(JSContext*, unsigned int, JS::Value*), js::CallReason, JS::CallArgs const&) src/js/src/vm/Interpreter.cpp:506:13
#162 0x7fce8eb5d438 in js::InternalCallOrConstruct(JSContext*, JS::CallArgs const&, js::MaybeConstruct, js::CallReason) src/js/src/vm/Interpreter.cpp:598:12
#163 0x7fce8eb5f003 in InternalCall(JSContext*, js::AnyInvokeArgs const&, js::CallReason) src/js/src/vm/Interpreter.cpp:663:10
#164 0x7fce8eb52da3 in CallFromStack src/js/src/vm/Interpreter.cpp:667:10
#165 0x7fce8eb52da3 in Interpret(JSContext*, js::RunState&) src/js/src/vm/Interpreter.cpp:3336:16
#166 0x7fce8eb49f14 in js::RunScript(JSContext*, js::RunState&) src/js/src/vm/Interpreter.cpp:476:13
#167 0x7fce8eb5d409 in js::InternalCallOrConstruct(JSContext*, JS::CallArgs const&, js::MaybeConstruct, js::CallReason) src/js/src/vm/Interpreter.cpp:635:13
#168 0x7fce8eb5f003 in InternalCall(JSContext*, js::AnyInvokeArgs const&, js::CallReason) src/js/src/vm/Interpreter.cpp:663:10
#169 0x7fce8eb5f23f in js::Call(JSContext*, JS::Handle<JS::Value>, JS::Handle<JS::Value>, js::AnyInvokeArgs const&, JS::MutableHandle<JS::Value>, js::CallReason) src/js/src/vm/Interpreter.cpp:680:8
#170 0x7fce8f14968b in JS::Call(JSContext*, JS::Handle<JS::Value>, JS::Handle<JS::Value>, JS::HandleValueArray const&, JS::MutableHandle<JS::Value>) src/js/src/jsapi.cpp:2829:10
#171 0x7fce8add31b5 in mozilla::dom::MessageListener::ReceiveMessage(mozilla::dom::BindingCallContext&, JS::Handle<JS::Value>, mozilla::dom::ReceiveMessageArgument const&, JS::MutableHandle<JS::Value>, mozilla::ErrorResult&) /builds/worker/workspace/obj-build/dom/bindings/MessageManagerBinding.cpp:6444:8
#172 0x7fce8a765fed in void mozilla::dom::MessageListener::ReceiveMessage<JS::Rooted<JS::Value> >(JS::Rooted<JS::Value> const&, mozilla::dom::ReceiveMessageArgument const&, JS::MutableHandle<JS::Value>, mozilla::ErrorResult&, char const*, mozilla::dom::CallbackObject::ExceptionHandling, JS::Realm*) /builds/worker/workspace/obj-build/dist/include/mozilla/dom/MessageManagerBinding.h:769:12
#173 0x7fce8a7650cd in nsFrameMessageManager::ReceiveMessage(nsISupports*, nsFrameLoader*, bool, nsTSubstring<char16_t> const&, bool, mozilla::dom::ipc::StructuredCloneData*, nsTArray<mozilla::dom::ipc::StructuredCloneData>*, mozilla::ErrorResult&) src/dom/base/nsFrameMessageManager.cpp:691:25
#174 0x7fce8a765b00 in nsFrameMessageManager::ReceiveMessage(nsISupports*, nsFrameLoader*, bool, nsTSubstring<char16_t> const&, bool, mozilla::dom::ipc::StructuredCloneData*, nsTArray<mozilla::dom::ipc::StructuredCloneData>*, mozilla::ErrorResult&) src/dom/base/nsFrameMessageManager.cpp:770:22
#175 0x7fce8cd418ce in ReceiveMessage src/dom/base/nsFrameMessageManager.h:206:5
#176 0x7fce8cd418ce in mozilla::dom::BrowserParent::ReceiveMessage(nsTString<char16_t> const&, bool, mozilla::dom::ipc::StructuredCloneData*, nsTArray<mozilla::dom::ipc::StructuredCloneData>*) src/dom/ipc/BrowserParent.cpp:3214:14
#177 0x7fce8cd4acca in mozilla::dom::BrowserParent::RecvAsyncMessage(nsTString<char16_t> const&, mozilla::dom::ClonedMessageData const&) src/dom/ipc/BrowserParent.cpp:2033:8
#178 0x7fce89cf1281 in mozilla::dom::PBrowserParent::OnMessageReceived(IPC::Message const&) /builds/worker/workspace/obj-build/ipc/ipdl/PBrowserParent.cpp:2708:57
#179 0x7fce8978f11d in mozilla::dom::PContentParent::OnMessageReceived(IPC::Message const&) /builds/worker/workspace/obj-build/ipc/ipdl/PContentParent.cpp:6627:32
#180 0x7fce895d5eee in mozilla::ipc::MessageChannel::DispatchAsyncMessage(mozilla::ipc::ActorLifecycleProxy*, IPC::Message const&) src/ipc/glue/MessageChannel.cpp:2150:25
#181 0x7fce895d26af in mozilla::ipc::MessageChannel::DispatchMessage(IPC::Message&&) src/ipc/glue/MessageChannel.cpp:2074:9
#182 0x7fce895d3ab6 in mozilla::ipc::MessageChannel::RunMessage(mozilla::ipc::MessageChannel::MessageTask&) src/ipc/glue/MessageChannel.cpp:1922:3
#183 0x7fce895d46db in mozilla::ipc::MessageChannel::MessageTask::Run() src/ipc/glue/MessageChannel.cpp:1953:13
#184 0x7fce88cd16bf in mozilla::RunnableTask::Run() src/xpcom/threads/TaskController.cpp:245:16
#185 0x7fce88ccfd3a in mozilla::TaskController::DoExecuteNextTaskOnlyMainThreadInternal(mozilla::detail::BaseAutoLock<mozilla::Mutex&> const&) src/xpcom/threads/TaskController.cpp:515:26
#186 0x7fce88ccede4 in mozilla::TaskController::ExecuteNextTaskOnlyMainThreadInternal(mozilla::detail::BaseAutoLock<mozilla::Mutex&> const&) src/xpcom/threads/TaskController.cpp:374:15
#187 0x7fce88ccef97 in mozilla::TaskController::ProcessPendingMTTask(bool) src/xpcom/threads/TaskController.cpp:171:36
#188 0x7fce88cd4c59 in operator() src/xpcom/threads/TaskController.cpp:88:37
#189 0x7fce88cd4c59 in mozilla::detail::RunnableFunction<mozilla::TaskController::InitializeInternal()::$_4>::Run() /builds/worker/workspace/obj-build/dist/include/nsThreadUtils.h:577:5
#190 0x7fce88ce5e37 in nsThread::ProcessNextEvent(bool, bool*) src/xpcom/threads/nsThread.cpp:1197:14
#191 0x7fce88ceb9da in NS_ProcessNextEvent(nsIThread*, bool) src/xpcom/threads/nsThreadUtils.cpp:513:10
#192 0x7fce8e58c7c6 in SpinEventLoopUntil<mozilla::ProcessFailureBehavior::ReportToCaller, (lambda at src/xpfe/appshell/AppWindow.cpp:503:24)> /builds/worker/workspace/obj-build/dist/include/nsThreadUtils.h:362:25
#193 0x7fce8e58c7c6 in mozilla::AppWindow::ShowModal() src/xpfe/appshell/AppWindow.cpp:503:5
#194 0x7fce8e9ca8a2 in nsWindowWatcher::OpenWindowInternal(mozIDOMWindowProxy*, nsTSubstring<char> const&, nsTSubstring<char> const&, nsTSubstring<char> const&, bool, bool, bool, nsIArray*, bool, bool, bool, nsPIWindowWatcher::PrintKind, nsDocShellLoadState*, mozilla::dom::BrowsingContext**) src/toolkit/components/windowwatcher/nsWindowWatcher.cpp:1328:18
#195 0x7fce8e9c79f7 in nsWindowWatcher::OpenWindow(mozIDOMWindowProxy*, nsTSubstring<char> const&, nsTSubstring<char> const&, nsTSubstring<char> const&, nsISupports*, mozIDOMWindowProxy**) src/toolkit/components/windowwatcher/nsWindowWatcher.cpp:293:3
#196 0x7fce88d106e5 in NS_InvokeByIndex src/xpcom/reflect/xptcall/md/unix/xptcinvoke_asm_x86_64_unix.S:101
#197 0x7fce89df331d in Invoke src/js/xpconnect/src/XPCWrappedNative.cpp:1620:10
#198 0x7fce89df331d in CallMethodHelper::Call() src/js/xpconnect/src/XPCWrappedNative.cpp:1176:19
#199 0x7fce89df3067 in XPCWrappedNative::CallMethod(XPCCallContext&, XPCWrappedNative::CallMode) src/js/xpconnect/src/XPCWrappedNative.cpp:1142:23
#200 0x7fce89df4bd1 in XPC_WN_CallMethod(JSContext*, unsigned int, JS::Value*) src/js/xpconnect/src/XPCWrappedNativeJSOps.cpp:925:10
#201 0x7fce8eb5dd21 in CallJSNative(JSContext*, bool (*)(JSContext*, unsigned int, JS::Value*), js::CallReason, JS::CallArgs const&) src/js/src/vm/Interpreter.cpp:506:13
#202 0x7fce8eb5d438 in js::InternalCallOrConstruct(JSContext*, JS::CallArgs const&, js::MaybeConstruct, js::CallReason) src/js/src/vm/Interpreter.cpp:598:12
#203 0x7fce8eb5f003 in InternalCall(JSContext*, js::AnyInvokeArgs const&, js::CallReason) src/js/src/vm/Interpreter.cpp:663:10
#204 0x7fce8eb52da3 in CallFromStack src/js/src/vm/Interpreter.cpp:667:10
#205 0x7fce8eb52da3 in Interpret(JSContext*, js::RunState&) src/js/src/vm/Interpreter.cpp:3336:16
#206 0x7fce8eb49f14 in js::RunScript(JSContext*, js::RunState&) src/js/src/vm/Interpreter.cpp:476:13
#207 0x7fce8eb5d409 in js::InternalCallOrConstruct(JSContext*, JS::CallArgs const&, js::MaybeConstruct, js::CallReason) src/js/src/vm/Interpreter.cpp:635:13
#208 0x7fce8eb5f003 in InternalCall(JSContext*, js::AnyInvokeArgs const&, js::CallReason) src/js/src/vm/Interpreter.cpp:663:10
#209 0x7fce8eb5f23f in js::Call(JSContext*, JS::Handle<JS::Value>, JS::Handle<JS::Value>, js::AnyInvokeArgs const&, JS::MutableHandle<JS::Value>, js::CallReason) src/js/src/vm/Interpreter.cpp:680:8
#210 0x7fce8f148711 in JS_CallFunctionValue(JSContext*, JS::Handle<JSObject*>, JS::Handle<JS::Value>, JS::HandleValueArray const&, JS::MutableHandle<JS::Value>) src/js/src/jsapi.cpp:2766:10
#211 0x7fce89debb8e in nsXPCWrappedJS::CallMethod(unsigned short, nsXPTMethodInfo const*, nsXPTCMiniVariant*) src/js/xpconnect/src/XPCWrappedJSClass.cpp:970:17
#212 0x7fce88d1150a in PrepareAndDispatch src/xpcom/reflect/xptcall/md/unix/xptcstubs_x86_64_linux.cpp:115:37
#213 0x7fce88d1084e in SharedStub (/home/worker/builds/m-c-20201019213835-fuzzing-debug/libxul.so+0x2e6584e)
#214 0x7fce88d106e5 in NS_InvokeByIndex src/xpcom/reflect/xptcall/md/unix/xptcinvoke_asm_x86_64_unix.S:101
#215 0x7fce89df331d in Invoke src/js/xpconnect/src/XPCWrappedNative.cpp:1620:10
#216 0x7fce89df331d in CallMethodHelper::Call() src/js/xpconnect/src/XPCWrappedNative.cpp:1176:19
#217 0x7fce89df3067 in XPCWrappedNative::CallMethod(XPCCallContext&, XPCWrappedNative::CallMode) src/js/xpconnect/src/XPCWrappedNative.cpp:1142:23
#218 0x7fce89df4bd1 in XPC_WN_CallMethod(JSContext*, unsigned int, JS::Value*) src/js/xpconnect/src/XPCWrappedNativeJSOps.cpp:925:10
#219 0x7fce8eb5dd21 in CallJSNative(JSContext*, bool (*)(JSContext*, unsigned int, JS::Value*), js::CallReason, JS::CallArgs const&) src/js/src/vm/Interpreter.cpp:506:13
#220 0x7fce8eb5d438 in js::InternalCallOrConstruct(JSContext*, JS::CallArgs const&, js::MaybeConstruct, js::CallReason) src/js/src/vm/Interpreter.cpp:598:12
#221 0x7fce8eb5f003 in InternalCall(JSContext*, js::AnyInvokeArgs const&, js::CallReason) src/js/src/vm/Interpreter.cpp:663:10
#222 0x7fce8eb52da3 in CallFromStack src/js/src/vm/Interpreter.cpp:667:10
#223 0x7fce8eb52da3 in Interpret(JSContext*, js::RunState&) src/js/src/vm/Interpreter.cpp:3336:16
#224 0x7fce8eb49f14 in js::RunScript(JSContext*, js::RunState&) src/js/src/vm/Interpreter.cpp:476:13
#225 0x7fce8eb5d409 in js::InternalCallOrConstruct(JSContext*, JS::CallArgs const&, js::MaybeConstruct, js::CallReason) src/js/src/vm/Interpreter.cpp:635:13
#226 0x7fce8eb5f003 in InternalCall(JSContext*, js::AnyInvokeArgs const&, js::CallReason) src/js/src/vm/Interpreter.cpp:663:10
#227 0x7fce8eb5f23f in js::Call(JSContext*, JS::Handle<JS::Value>, JS::Handle<JS::Value>, js::AnyInvokeArgs const&, JS::MutableHandle<JS::Value>, js::CallReason) src/js/src/vm/Interpreter.cpp:680:8
#228 0x7fce8f14968b in JS::Call(JSContext*, JS::Handle<JS::Value>, JS::Handle<JS::Value>, JS::HandleValueArray const&, JS::MutableHandle<JS::Value>) src/js/src/jsapi.cpp:2829:10
#229 0x7fce8add31b5 in mozilla::dom::MessageListener::ReceiveMessage(mozilla::dom::BindingCallContext&, JS::Handle<JS::Value>, mozilla::dom::ReceiveMessageArgument const&, JS::MutableHandle<JS::Value>, mozilla::ErrorResult&) /builds/worker/workspace/obj-build/dom/bindings/MessageManagerBinding.cpp:6444:8
#230 0x7fce8a765fed in void mozilla::dom::MessageListener::ReceiveMessage<JS::Rooted<JS::Value> >(JS::Rooted<JS::Value> const&, mozilla::dom::ReceiveMessageArgument const&, JS::MutableHandle<JS::Value>, mozilla::ErrorResult&, char const*, mozilla::dom::CallbackObject::ExceptionHandling, JS::Realm*) /builds/worker/workspace/obj-build/dist/include/mozilla/dom/MessageManagerBinding.h:769:12
#231 0x7fce8a7650cd in nsFrameMessageManager::ReceiveMessage(nsISupports*, nsFrameLoader*, bool, nsTSubstring<char16_t> const&, bool, mozilla::dom::ipc::StructuredCloneData*, nsTArray<mozilla::dom::ipc::StructuredCloneData>*, mozilla::ErrorResult&) src/dom/base/nsFrameMessageManager.cpp:691:25
#232 0x7fce8a765b00 in nsFrameMessageManager::ReceiveMessage(nsISupports*, nsFrameLoader*, bool, nsTSubstring<char16_t> const&, bool, mozilla::dom::ipc::StructuredCloneData*, nsTArray<mozilla::dom::ipc::StructuredCloneData>*, mozilla::ErrorResult&) src/dom/base/nsFrameMessageManager.cpp:770:22
#233 0x7fce8cd418ce in ReceiveMessage src/dom/base/nsFrameMessageManager.h:206:5
#234 0x7fce8cd418ce in mozilla::dom::BrowserParent::ReceiveMessage(nsTString<char16_t> const&, bool, mozilla::dom::ipc::StructuredCloneData*, nsTArray<mozilla::dom::ipc::StructuredCloneData>*) src/dom/ipc/BrowserParent.cpp:3214:14
#235 0x7fce8cd4acca in mozilla::dom::BrowserParent::RecvAsyncMessage(nsTString<char16_t> const&, mozilla::dom::ClonedMessageData const&) src/dom/ipc/BrowserParent.cpp:2033:8
#236 0x7fce89cf1281 in mozilla::dom::PBrowserParent::OnMessageReceived(IPC::Message const&) /builds/worker/workspace/obj-build/ipc/ipdl/PBrowserParent.cpp:2708:57
#237 0x7fce8978f11d in mozilla::dom::PContentParent::OnMessageReceived(IPC::Message const&) /builds/worker/workspace/obj-build/ipc/ipdl/PContentParent.cpp:6627:32
#238 0x7fce895d5eee in mozilla::ipc::MessageChannel::DispatchAsyncMessage(mozilla::ipc::ActorLifecycleProxy*, IPC::Message const&) src/ipc/glue/MessageChannel.cpp:2150:25
#239 0x7fce895d26af in mozilla::ipc::MessageChannel::DispatchMessage(IPC::Message&&) src/ipc/glue/MessageChannel.cpp:2074:9
#240 0x7fce895d3ab6 in mozilla::ipc::MessageChannel::RunMessage(mozilla::ipc::MessageChannel::MessageTask&) src/ipc/glue/MessageChannel.cpp:1922:3
#241 0x7fce895d46db in mozilla::ipc::MessageChannel::MessageTask::Run() src/ipc/glue/MessageChannel.cpp:1953:13
#242 0x7fce88cd16bf in mozilla::RunnableTask::Run() src/xpcom/threads/TaskController.cpp:245:16
#243 0x7fce88ccfd3a in mozilla::TaskController::DoExecuteNextTaskOnlyMainThreadInternal(mozilla::detail::BaseAutoLock<mozilla::Mutex&> const&) src/xpcom/threads/TaskController.cpp:515:26
#244 0x7fce88ccede4 in mozilla::TaskController::ExecuteNextTaskOnlyMainThreadInternal(mozilla::detail::BaseAutoLock<mozilla::Mutex&> const&) src/xpcom/threads/TaskController.cpp:374:15
#245 0x7fce88ccef97 in mozilla::TaskController::ProcessPendingMTTask(bool) src/xpcom/threads/TaskController.cpp:171:36
#246 0x7fce88cd4c59 in operator() src/xpcom/threads/TaskController.cpp:88:37
#247 0x7fce88cd4c59 in mozilla::detail::RunnableFunction<mozilla::TaskController::InitializeInternal()::$_4>::Run() /builds/worker/workspace/obj-build/dist/include/nsThreadUtils.h:577:5
#248 0x7fce88ce5e37 in nsThread::ProcessNextEvent(bool, bool*) src/xpcom/threads/nsThread.cpp:1197:14
#249 0x7fce88ceb9da in NS_ProcessNextEvent(nsIThread*, bool) src/xpcom/threads/nsThreadUtils.cpp:513:10
#250 0x7fce8e58c7c6 in SpinEventLoopUntil<mozilla::ProcessFailureBehavior::ReportToCaller, (lambda at src/xpfe/appshell/AppWindow.cpp:503:24)> /builds/worker/workspace/obj-build/dist/include/nsThreadUtils.h:362:25
#251 0x7fce8e58c7c6 in mozilla::AppWindow::ShowModal() src/xpfe/appshell/AppWindow.cpp:503:5
#252 0x7fce8e9ca8a2 in nsWindowWatcher::OpenWindowInternal(mozIDOMWindowProxy*, nsTSubstring<char> const&, nsTSubstring<char> const&, nsTSubstring<char> const&, bool, bool, bool, nsIArray*, bool, bool, bool, nsPIWindowWatcher::PrintKind, nsDocShellLoadState*, mozilla::dom::BrowsingContext**) src/toolkit/components/windowwatcher/nsWindowWatcher.cpp:1328:18
#253 0x7fce8e9c79f7 in nsWindowWatcher::OpenWindow(mozIDOMWindowProxy*, nsTSubstring<char> const&, nsTSubstring<char> const&, nsTSubstring<char> const&, nsISupports*, mozIDOMWindowProxy**) src/toolkit/components/windowwatcher/nsWindowWatcher.cpp:293:3
#254 0x7fce88d106e5 in NS_InvokeByIndex src/xpcom/reflect/xptcall/md/unix/xptcinvoke_asm_x86_64_unix.S:101
#255 0x7fce89df331d in Invoke src/js/xpconnect/src/XPCWrappedNative.cpp:1620:10
#256 0x7fce89df331d in CallMethodHelper::Call() src/js/xpconnect/src/XPCWrappedNative.cpp:1176:19
#257 0x7fce89df3067 in XPCWrappedNative::CallMethod(XPCCallContext&, XPCWrappedNative::CallMode) src/js/xpconnect/src/XPCWrappedNative.cpp:1142:23
#258 0x7fce89df4bd1 in XPC_WN_CallMethod(JSContext*, unsigned int, JS::Value*) src/js/xpconnect/src/XPCWrappedNativeJSOps.cpp:925:10
#259 0x7fce8eb5dd21 in CallJSNative(JSContext*, bool (*)(JSContext*, unsigned int, JS::Value*), js::CallReason, JS::CallArgs const&) src/js/src/vm/Interpreter.cpp:506:13
#260 0x7fce8eb5d438 in js::InternalCallOrConstruct(JSContext*, JS::CallArgs const&, js::MaybeConstruct, js::CallReason) src/js/src/vm/Interpreter.cpp:598:12
#261 0x7fce8eb5f003 in InternalCall(JSContext*, js::AnyInvokeArgs const&, js::CallReason) src/js/src/vm/Interpreter.cpp:663:10
#262 0x7fce8eb52da3 in CallFromStack src/js/src/vm/Interpreter.cpp:667:10
#263 0x7fce8eb52da3 in Interpret(JSContext*, js::RunState&) src/js/src/vm/Interpreter.cpp:3336:16
#264 0x7fce8eb49f14 in js::RunScript(JSContext*, js::RunState&) src/js/src/vm/Interpreter.cpp:476:13
#265 0x7fce8eb5d409 in js::InternalCallOrConstruct(JSContext*, JS::CallArgs const&, js::MaybeConstruct, js::CallReason) src/js/src/vm/Interpreter.cpp:635:13
#266 0x7fce8eb5f003 in InternalCall(JSContext*, js::AnyInvokeArgs const&, js::CallReason) src/js/src/vm/Interpreter.cpp:663:10
#267 0x7fce8eb5f23f in js::Call(JSContext*, JS::Handle<JS::Value>, JS::Handle<JS::Value>, js::AnyInvokeArgs const&, JS::MutableHandle<JS::Value>, js::CallReason) src/js/src/vm/Interpreter.cpp:680:8
#268 0x7fce8f148711 in JS_CallFunctionValue(JSContext*, JS::Handle<JSObject*>, JS::Handle<JS::Value>, JS::HandleValueArray const&, JS::MutableHandle<JS::Value>) src/js/src/jsapi.cpp:2766:10
#269 0x7fce89debb8e in nsXPCWrappedJS::CallMethod(unsigned short, nsXPTMethodInfo const*, nsXPTCMiniVariant*) src/js/xpconnect/src/XPCWrappedJSClass.cpp:970:17
#270 0x7fce88d1150a in PrepareAndDispatch src/xpcom/reflect/xptcall/md/unix/xptcstubs_x86_64_linux.cpp:115:37
#271 0x7fce88d1084e in SharedStub (/home/worker/builds/m-c-20201019213835-fuzzing-debug/libxul.so+0x2e6584e)
#272 0x7fce88d106e5 in NS_InvokeByIndex src/xpcom/reflect/xptcall/md/unix/xptcinvoke_asm_x86_64_unix.S:101
#273 0x7fce89df331d in Invoke src/js/xpconnect/src/XPCWrappedNative.cpp:1620:10
#274 0x7fce89df331d in CallMethodHelper::Call() src/js/xpconnect/src/XPCWrappedNative.cpp:1176:19
#275 0x7fce89df3067 in XPCWrappedNative::CallMethod(XPCCallContext&, XPCWrappedNative::CallMode) src/js/xpconnect/src/XPCWrappedNative.cpp:1142:23
#276 0x7fce89df4bd1 in XPC_WN_CallMethod(JSContext*, unsigned int, JS::Value*) src/js/xpconnect/src/XPCWrappedNativeJSOps.cpp:925:10
#277 0x7fce8eb5dd21 in CallJSNative(JSContext*, bool (*)(JSContext*, unsigned int, JS::Value*), js::CallReason, JS::CallArgs const&) src/js/src/vm/Interpreter.cpp:506:13
#278 0x7fce8eb5d438 in js::InternalCallOrConstruct(JSContext*, JS::CallArgs const&, js::MaybeConstruct, js::CallReason) src/js/src/vm/Interpreter.cpp:598:12
#279 0x7fce8eb5f003 in InternalCall(JSContext*, js::AnyInvokeArgs const&, js::CallReason) src/js/src/vm/Interpreter.cpp:663:10
#280 0x7fce8eb52da3 in CallFromStack src/js/src/vm/Interpreter.cpp:667:10
#281 0x7fce8eb52da3 in Interpret(JSContext*, js::RunState&) src/js/src/vm/Interpreter.cpp:3336:16
#282 0x7fce8eb49f14 in js::RunScript(JSContext*, js::RunState&) src/js/src/vm/Interpreter.cpp:476:13
Flags: in-testsuite?
|
Reporter | |
Comment 1•4 years ago
|
||
I've also seen this test case trigger crashes near null.
==187257==ERROR: UndefinedBehaviorSanitizer: SEGV on unknown address 0x000000000038 (pc 0x7faca5fbe5b0 bp 0x7ffdf6b8a8e0 sp 0x7ffdf6b8a850 T187257)
==187257==The signal is caused by a READ memory access.
==187257==Hint: address points to the zero page.
#0 0x7faca5fbe5b0 in exposeToActiveJS /builds/worker/workspace/obj-build/dist/include/js/RootingAPI.h:335:69
#1 0x7faca5fbe5b0 in get /builds/worker/workspace/obj-build/dist/include/js/RootingAPI.h:337:5
#2 0x7faca5fbe5b0 in operator JSScript *const & /builds/worker/workspace/obj-build/dist/include/js/RootingAPI.h:330:3
#3 0x7faca5fbe5b0 in HasScriptObject src/dom/xul/nsXULElement.h:215:12
#4 0x7faca5fbe5b0 in mozilla::dom::PrototypeDocumentContentSink::OnScriptCompileComplete(JSScript*, nsresult) src/dom/prototype/PrototypeDocumentContentSink.cpp:840:40
#5 0x7faca63a4026 in NotifyOffThreadScriptCompletedRunnable::Run() src/dom/xul/nsXULElement.cpp:1799:20
#6 0x7faca20f0ecf in mozilla::RunnableTask::Run() src/xpcom/threads/TaskController.cpp:450:16
#7 0x7faca20ef53a in mozilla::TaskController::DoExecuteNextTaskOnlyMainThreadInternal(mozilla::detail::BaseAutoLock<mozilla::Mutex&> const&) src/xpcom/threads/TaskController.cpp:720:26
#8 0x7faca20ee5e4 in mozilla::TaskController::ExecuteNextTaskOnlyMainThreadInternal(mozilla::detail::BaseAutoLock<mozilla::Mutex&> const&) src/xpcom/threads/TaskController.cpp:579:15
#9 0x7faca20ee797 in mozilla::TaskController::ProcessPendingMTTask(bool) src/xpcom/threads/TaskController.cpp:373:36
#10 0x7faca20f4799 in operator() src/xpcom/threads/TaskController.cpp:123:37
#11 0x7faca20f4799 in mozilla::detail::RunnableFunction<mozilla::TaskController::InitializeInternal()::$_4>::Run() /builds/worker/workspace/obj-build/dist/include/nsThreadUtils.h:577:5
#12 0x7faca2105ca7 in nsThread::ProcessNextEvent(bool, bool*) src/xpcom/threads/nsThread.cpp:1197:14
#13 0x7faca210b9ea in NS_ProcessNextEvent(nsIThread*, bool) src/xpcom/threads/nsThreadUtils.cpp:513:10
#14 0x7faca79ccdd6 in SpinEventLoopUntil<mozilla::ProcessFailureBehavior::ReportToCaller, (lambda at src/xpfe/appshell/AppWindow.cpp:504:24)> /builds/worker/workspace/obj-build/dist/include/nsThreadUtils.h:362:25
#15 0x7faca79ccdd6 in mozilla::AppWindow::ShowModal() src/xpfe/appshell/AppWindow.cpp:504:5
#16 0x7faca7e0c032 in nsWindowWatcher::OpenWindowInternal(mozIDOMWindowProxy*, nsTSubstring<char> const&, nsTSubstring<char> const&, nsTSubstring<char> const&, bool, bool, bool, nsIArray*, bool, bool, bool, nsPIWindowWatcher::PrintKind, nsDocShellLoadState*, mozilla::dom::BrowsingContext**) src/toolkit/components/windowwatcher/nsWindowWatcher.cpp:1328:18
#17 0x7faca7e09187 in nsWindowWatcher::OpenWindow(mozIDOMWindowProxy*, nsTSubstring<char> const&, nsTSubstring<char> const&, nsTSubstring<char> const&, nsISupports*, mozIDOMWindowProxy**) src/toolkit/components/windowwatcher/nsWindowWatcher.cpp:293:3
#18 0x7faca21306f5 in NS_InvokeByIndex src/xpcom/reflect/xptcall/md/unix/xptcinvoke_asm_x86_64_unix.S:101
#19 0x7faca320cb0d in Invoke src/js/xpconnect/src/XPCWrappedNative.cpp:1620:10
#20 0x7faca320cb0d in CallMethodHelper::Call() src/js/xpconnect/src/XPCWrappedNative.cpp:1176:19
#21 0x7faca320c857 in XPCWrappedNative::CallMethod(XPCCallContext&, XPCWrappedNative::CallMode) src/js/xpconnect/src/XPCWrappedNative.cpp:1142:23
#22 0x7faca320e411 in XPC_WN_CallMethod(JSContext*, unsigned int, JS::Value*) src/js/xpconnect/src/XPCWrappedNativeJSOps.cpp:925:10
#23 0x7faca7fa0431 in CallJSNative(JSContext*, bool (*)(JSContext*, unsigned int, JS::Value*), js::CallReason, JS::CallArgs const&) src/js/src/vm/Interpreter.cpp:507:13
#24 0x7faca7f9fb68 in js::InternalCallOrConstruct(JSContext*, JS::CallArgs const&, js::MaybeConstruct, js::CallReason) src/js/src/vm/Interpreter.cpp:599:12
#25 0x7faca7fa1713 in InternalCall(JSContext*, js::AnyInvokeArgs const&, js::CallReason) src/js/src/vm/Interpreter.cpp:664:10
#26 0x7faca7f954e3 in CallFromStack src/js/src/vm/Interpreter.cpp:668:10
#27 0x7faca7f954e3 in Interpret(JSContext*, js::RunState&) src/js/src/vm/Interpreter.cpp:3337:16
#28 0x7faca7f8c654 in js::RunScript(JSContext*, js::RunState&) src/js/src/vm/Interpreter.cpp:477:13
#29 0x7faca7f9fb39 in js::InternalCallOrConstruct(JSContext*, JS::CallArgs const&, js::MaybeConstruct, js::CallReason) src/js/src/vm/Interpreter.cpp:636:13
#30 0x7faca7fa1713 in InternalCall(JSContext*, js::AnyInvokeArgs const&, js::CallReason) src/js/src/vm/Interpreter.cpp:664:10
#31 0x7faca7fa194f in js::Call(JSContext*, JS::Handle<JS::Value>, JS::Handle<JS::Value>, js::AnyInvokeArgs const&, JS::MutableHandle<JS::Value>, js::CallReason) src/js/src/vm/Interpreter.cpp:681:8
#32 0x7faca8583811 in JS_CallFunctionValue(JSContext*, JS::Handle<JSObject*>, JS::Handle<JS::Value>, JS::HandleValueArray const&, JS::MutableHandle<JS::Value>) src/js/src/jsapi.cpp:2767:10
#33 0x7faca320537e in nsXPCWrappedJS::CallMethod(unsigned short, nsXPTMethodInfo const*, nsXPTCMiniVariant*) src/js/xpconnect/src/XPCWrappedJSClass.cpp:970:17
#34 0x7faca213151a in PrepareAndDispatch src/xpcom/reflect/xptcall/md/unix/xptcstubs_x86_64_linux.cpp:115:37
#35 0x7faca213085e in SharedStub (/home/user/workspace/browsers/m-c-20201102171039-fuzzing-debug/libxul.so+0x2e6585e)
#36 0x7faca21306f5 in NS_InvokeByIndex src/xpcom/reflect/xptcall/md/unix/xptcinvoke_asm_x86_64_unix.S:101
#37 0x7faca320cb0d in Invoke src/js/xpconnect/src/XPCWrappedNative.cpp:1620:10
#38 0x7faca320cb0d in CallMethodHelper::Call() src/js/xpconnect/src/XPCWrappedNative.cpp:1176:19
#39 0x7faca320c857 in XPCWrappedNative::CallMethod(XPCCallContext&, XPCWrappedNative::CallMode) src/js/xpconnect/src/XPCWrappedNative.cpp:1142:23
#40 0x7faca320e411 in XPC_WN_CallMethod(JSContext*, unsigned int, JS::Value*) src/js/xpconnect/src/XPCWrappedNativeJSOps.cpp:925:10
#41 0x7faca7fa0431 in CallJSNative(JSContext*, bool (*)(JSContext*, unsigned int, JS::Value*), js::CallReason, JS::CallArgs const&) src/js/src/vm/Interpreter.cpp:507:13
#42 0x7faca7f9fb68 in js::InternalCallOrConstruct(JSContext*, JS::CallArgs const&, js::MaybeConstruct, js::CallReason) src/js/src/vm/Interpreter.cpp:599:12
#43 0x7faca7fa1713 in InternalCall(JSContext*, js::AnyInvokeArgs const&, js::CallReason) src/js/src/vm/Interpreter.cpp:664:10
#44 0x7faca7f954e3 in CallFromStack src/js/src/vm/Interpreter.cpp:668:10
#45 0x7faca7f954e3 in Interpret(JSContext*, js::RunState&) src/js/src/vm/Interpreter.cpp:3337:16
#46 0x7faca7f8c654 in js::RunScript(JSContext*, js::RunState&) src/js/src/vm/Interpreter.cpp:477:13
#47 0x7faca7f9fb39 in js::InternalCallOrConstruct(JSContext*, JS::CallArgs const&, js::MaybeConstruct, js::CallReason) src/js/src/vm/Interpreter.cpp:636:13
#48 0x7faca7fa1713 in InternalCall(JSContext*, js::AnyInvokeArgs const&, js::CallReason) src/js/src/vm/Interpreter.cpp:664:10
#49 0x7faca7fa194f in js::Call(JSContext*, JS::Handle<JS::Value>, JS::Handle<JS::Value>, js::AnyInvokeArgs const&, JS::MutableHandle<JS::Value>, js::CallReason) src/js/src/vm/Interpreter.cpp:681:8
#50 0x7faca858478b in JS::Call(JSContext*, JS::Handle<JS::Value>, JS::Handle<JS::Value>, JS::HandleValueArray const&, JS::MutableHandle<JS::Value>) src/js/src/jsapi.cpp:2830:10
#51 0x7faca41f20d5 in mozilla::dom::MessageListener::ReceiveMessage(mozilla::dom::BindingCallContext&, JS::Handle<JS::Value>, mozilla::dom::ReceiveMessageArgument const&, JS::MutableHandle<JS::Value>, mozilla::ErrorResult&) /builds/worker/workspace/obj-build/dom/bindings/MessageManagerBinding.cpp:6297:8
#52 0x7faca621bdfe in mozilla::dom::MessageListener::ReceiveMessage(mozilla::dom::ReceiveMessageArgument const&, JS::MutableHandle<JS::Value>, mozilla::ErrorResult&, char const*, mozilla::dom::CallbackObject::ExceptionHandling, JS::Realm*) /builds/worker/workspace/obj-build/dist/include/mozilla/dom/MessageManagerBinding.h:784:12
#53 0x7faca621bc09 in mozilla::dom::JSActor::CallReceiveMessage(JSContext*, mozilla::dom::JSActorMessageMeta const&, JS::Handle<JS::Value>, JS::MutableHandle<JS::Value>, mozilla::ErrorResult&) src/dom/ipc/jsactor/JSActor.cpp:257:22
#54 0x7faca621bf82 in mozilla::dom::JSActor::ReceiveMessage(JSContext*, mozilla::dom::JSActorMessageMeta const&, JS::Handle<JS::Value>, mozilla::ErrorResult&) src/dom/ipc/jsactor/JSActor.cpp:270:3
#55 0x7faca621f156 in mozilla::dom::JSActorManager::ReceiveRawMessage(mozilla::dom::JSActorMessageMeta const&, mozilla::Maybe<mozilla::dom::ipc::StructuredCloneData>&&, mozilla::Maybe<mozilla::dom::ipc::StructuredCloneData>&&) src/dom/ipc/jsactor/JSActorManager.cpp:182:14
#56 0x7faca620c1b4 in mozilla::dom::WindowGlobalParent::RecvRawMessage(mozilla::dom::JSActorMessageMeta const&, mozilla::Maybe<mozilla::dom::ClonedMessageData> const&, mozilla::Maybe<mozilla::dom::ClonedMessageData> const&) src/dom/ipc/WindowGlobalParent.cpp:439:3
#57 0x7faca2ff999a in mozilla::dom::PWindowGlobalParent::OnMessageReceived(IPC::Message const&) /builds/worker/workspace/obj-build/ipc/ipdl/PWindowGlobalParent.cpp:650:62
#58 0x7faca2baad8d in mozilla::dom::PContentParent::OnMessageReceived(IPC::Message const&) /builds/worker/workspace/obj-build/ipc/ipdl/PContentParent.cpp:6632:32
#59 0x7faca29f123e in mozilla::ipc::MessageChannel::DispatchAsyncMessage(mozilla::ipc::ActorLifecycleProxy*, IPC::Message const&) src/ipc/glue/MessageChannel.cpp:2150:25
#60 0x7faca29ed9ff in mozilla::ipc::MessageChannel::DispatchMessage(IPC::Message&&) src/ipc/glue/MessageChannel.cpp:2074:9
#61 0x7faca29eee06 in mozilla::ipc::MessageChannel::RunMessage(mozilla::ipc::MessageChannel::MessageTask&) src/ipc/glue/MessageChannel.cpp:1922:3
#62 0x7faca29efa2b in mozilla::ipc::MessageChannel::MessageTask::Run() src/ipc/glue/MessageChannel.cpp:1953:13
#63 0x7faca20f0ecf in mozilla::RunnableTask::Run() src/xpcom/threads/TaskController.cpp:450:16
#64 0x7faca20ef53a in mozilla::TaskController::DoExecuteNextTaskOnlyMainThreadInternal(mozilla::detail::BaseAutoLock<mozilla::Mutex&> const&) src/xpcom/threads/TaskController.cpp:720:26
#65 0x7faca20ee5e4 in mozilla::TaskController::ExecuteNextTaskOnlyMainThreadInternal(mozilla::detail::BaseAutoLock<mozilla::Mutex&> const&) src/xpcom/threads/TaskController.cpp:579:15
#66 0x7faca20ee797 in mozilla::TaskController::ProcessPendingMTTask(bool) src/xpcom/threads/TaskController.cpp:373:36
#67 0x7faca20f4799 in operator() src/xpcom/threads/TaskController.cpp:123:37
#68 0x7faca20f4799 in mozilla::detail::RunnableFunction<mozilla::TaskController::InitializeInternal()::$_4>::Run() /builds/worker/workspace/obj-build/dist/include/nsThreadUtils.h:577:5
#69 0x7faca2105ca7 in nsThread::ProcessNextEvent(bool, bool*) src/xpcom/threads/nsThread.cpp:1197:14
#70 0x7faca210b9ea in NS_ProcessNextEvent(nsIThread*, bool) src/xpcom/threads/nsThreadUtils.cpp:513:10
#71 0x7faca79ccdd6 in SpinEventLoopUntil<mozilla::ProcessFailureBehavior::ReportToCaller, (lambda at src/xpfe/appshell/AppWindow.cpp:504:24)> /builds/worker/workspace/obj-build/dist/include/nsThreadUtils.h:362:25
#72 0x7faca79ccdd6 in mozilla::AppWindow::ShowModal() src/xpfe/appshell/AppWindow.cpp:504:5
#73 0x7faca7e0c032 in nsWindowWatcher::OpenWindowInternal(mozIDOMWindowProxy*, nsTSubstring<char> const&, nsTSubstring<char> const&, nsTSubstring<char> const&, bool, bool, bool, nsIArray*, bool, bool, bool, nsPIWindowWatcher::PrintKind, nsDocShellLoadState*, mozilla::dom::BrowsingContext**) src/toolkit/components/windowwatcher/nsWindowWatcher.cpp:1328:18
#74 0x7faca7e09187 in nsWindowWatcher::OpenWindow(mozIDOMWindowProxy*, nsTSubstring<char> const&, nsTSubstring<char> const&, nsTSubstring<char> const&, nsISupports*, mozIDOMWindowProxy**) src/toolkit/components/windowwatcher/nsWindowWatcher.cpp:293:3
#75 0x7faca21306f5 in NS_InvokeByIndex src/xpcom/reflect/xptcall/md/unix/xptcinvoke_asm_x86_64_unix.S:101
#76 0x7faca320cb0d in Invoke src/js/xpconnect/src/XPCWrappedNative.cpp:1620:10
#77 0x7faca320cb0d in CallMethodHelper::Call() src/js/xpconnect/src/XPCWrappedNative.cpp:1176:19
#78 0x7faca320c857 in XPCWrappedNative::CallMethod(XPCCallContext&, XPCWrappedNative::CallMode) src/js/xpconnect/src/XPCWrappedNative.cpp:1142:23
#79 0x7faca320e411 in XPC_WN_CallMethod(JSContext*, unsigned int, JS::Value*) src/js/xpconnect/src/XPCWrappedNativeJSOps.cpp:925:10
#80 0x7faca7fa0431 in CallJSNative(JSContext*, bool (*)(JSContext*, unsigned int, JS::Value*), js::CallReason, JS::CallArgs const&) src/js/src/vm/Interpreter.cpp:507:13
#81 0x7faca7f9fb68 in js::InternalCallOrConstruct(JSContext*, JS::CallArgs const&, js::MaybeConstruct, js::CallReason) src/js/src/vm/Interpreter.cpp:599:12
#82 0x7faca7fa1713 in InternalCall(JSContext*, js::AnyInvokeArgs const&, js::CallReason) src/js/src/vm/Interpreter.cpp:664:10
#83 0x7faca7f954e3 in CallFromStack src/js/src/vm/Interpreter.cpp:668:10
#84 0x7faca7f954e3 in Interpret(JSContext*, js::RunState&) src/js/src/vm/Interpreter.cpp:3337:16
#85 0x7faca7f8c654 in js::RunScript(JSContext*, js::RunState&) src/js/src/vm/Interpreter.cpp:477:13
#86 0x7faca7f9fb39 in js::InternalCallOrConstruct(JSContext*, JS::CallArgs const&, js::MaybeConstruct, js::CallReason) src/js/src/vm/Interpreter.cpp:636:13
#87 0x7faca7fa1713 in InternalCall(JSContext*, js::AnyInvokeArgs const&, js::CallReason) src/js/src/vm/Interpreter.cpp:664:10
#88 0x7faca7fa194f in js::Call(JSContext*, JS::Handle<JS::Value>, JS::Handle<JS::Value>, js::AnyInvokeArgs const&, JS::MutableHandle<JS::Value>, js::CallReason) src/js/src/vm/Interpreter.cpp:681:8
#89 0x7faca8583811 in JS_CallFunctionValue(JSContext*, JS::Handle<JSObject*>, JS::Handle<JS::Value>, JS::HandleValueArray const&, JS::MutableHandle<JS::Value>) src/js/src/jsapi.cpp:2767:10
#90 0x7faca320537e in nsXPCWrappedJS::CallMethod(unsigned short, nsXPTMethodInfo const*, nsXPTCMiniVariant*) src/js/xpconnect/src/XPCWrappedJSClass.cpp:970:17
#91 0x7faca213151a in PrepareAndDispatch src/xpcom/reflect/xptcall/md/unix/xptcstubs_x86_64_linux.cpp:115:37
#92 0x7faca213085e in SharedStub (/home/user/workspace/browsers/m-c-20201102171039-fuzzing-debug/libxul.so+0x2e6585e)
#93 0x7faca21306f5 in NS_InvokeByIndex src/xpcom/reflect/xptcall/md/unix/xptcinvoke_asm_x86_64_unix.S:101
#94 0x7faca320cb0d in Invoke src/js/xpconnect/src/XPCWrappedNative.cpp:1620:10
#95 0x7faca320cb0d in CallMethodHelper::Call() src/js/xpconnect/src/XPCWrappedNative.cpp:1176:19
#96 0x7faca320c857 in XPCWrappedNative::CallMethod(XPCCallContext&, XPCWrappedNative::CallMode) src/js/xpconnect/src/XPCWrappedNative.cpp:1142:23
#97 0x7faca320e411 in XPC_WN_CallMethod(JSContext*, unsigned int, JS::Value*) src/js/xpconnect/src/XPCWrappedNativeJSOps.cpp:925:10
#98 0x7faca7fa0431 in CallJSNative(JSContext*, bool (*)(JSContext*, unsigned int, JS::Value*), js::CallReason, JS::CallArgs const&) src/js/src/vm/Interpreter.cpp:507:13
#99 0x7faca7f9fb68 in js::InternalCallOrConstruct(JSContext*, JS::CallArgs const&, js::MaybeConstruct, js::CallReason) src/js/src/vm/Interpreter.cpp:599:12
#100 0x7faca7fa1713 in InternalCall(JSContext*, js::AnyInvokeArgs const&, js::CallReason) src/js/src/vm/Interpreter.cpp:664:10
#101 0x7faca7f954e3 in CallFromStack src/js/src/vm/Interpreter.cpp:668:10
#102 0x7faca7f954e3 in Interpret(JSContext*, js::RunState&) src/js/src/vm/Interpreter.cpp:3337:16
#103 0x7faca7f8c654 in js::RunScript(JSContext*, js::RunState&) src/js/src/vm/Interpreter.cpp:477:13
#104 0x7faca7f9fb39 in js::InternalCallOrConstruct(JSContext*, JS::CallArgs const&, js::MaybeConstruct, js::CallReason) src/js/src/vm/Interpreter.cpp:636:13
#105 0x7faca7fa1713 in InternalCall(JSContext*, js::AnyInvokeArgs const&, js::CallReason) src/js/src/vm/Interpreter.cpp:664:10
#106 0x7faca7fa194f in js::Call(JSContext*, JS::Handle<JS::Value>, JS::Handle<JS::Value>, js::AnyInvokeArgs const&, JS::MutableHandle<JS::Value>, js::CallReason) src/js/src/vm/Interpreter.cpp:681:8
#107 0x7faca858478b in JS::Call(JSContext*, JS::Handle<JS::Value>, JS::Handle<JS::Value>, JS::HandleValueArray const&, JS::MutableHandle<JS::Value>) src/js/src/jsapi.cpp:2830:10
#108 0x7faca41f20d5 in mozilla::dom::MessageListener::ReceiveMessage(mozilla::dom::BindingCallContext&, JS::Handle<JS::Value>, mozilla::dom::ReceiveMessageArgument const&, JS::MutableHandle<JS::Value>, mozilla::ErrorResult&) /builds/worker/workspace/obj-build/dom/bindings/MessageManagerBinding.cpp:6297:8
#109 0x7faca621bdfe in mozilla::dom::MessageListener::ReceiveMessage(mozilla::dom::ReceiveMessageArgument const&, JS::MutableHandle<JS::Value>, mozilla::ErrorResult&, char const*, mozilla::dom::CallbackObject::ExceptionHandling, JS::Realm*) /builds/worker/workspace/obj-build/dist/include/mozilla/dom/MessageManagerBinding.h:784:12
#110 0x7faca621bc09 in mozilla::dom::JSActor::CallReceiveMessage(JSContext*, mozilla::dom::JSActorMessageMeta const&, JS::Handle<JS::Value>, JS::MutableHandle<JS::Value>, mozilla::ErrorResult&) src/dom/ipc/jsactor/JSActor.cpp:257:22
#111 0x7faca621bf82 in mozilla::dom::JSActor::ReceiveMessage(JSContext*, mozilla::dom::JSActorMessageMeta const&, JS::Handle<JS::Value>, mozilla::ErrorResult&) src/dom/ipc/jsactor/JSActor.cpp:270:3
#112 0x7faca621f156 in mozilla::dom::JSActorManager::ReceiveRawMessage(mozilla::dom::JSActorMessageMeta const&, mozilla::Maybe<mozilla::dom::ipc::StructuredCloneData>&&, mozilla::Maybe<mozilla::dom::ipc::StructuredCloneData>&&) src/dom/ipc/jsactor/JSActorManager.cpp:182:14
#113 0x7faca620c1b4 in mozilla::dom::WindowGlobalParent::RecvRawMessage(mozilla::dom::JSActorMessageMeta const&, mozilla::Maybe<mozilla::dom::ClonedMessageData> const&, mozilla::Maybe<mozilla::dom::ClonedMessageData> const&) src/dom/ipc/WindowGlobalParent.cpp:439:3
#114 0x7faca2ff999a in mozilla::dom::PWindowGlobalParent::OnMessageReceived(IPC::Message const&) /builds/worker/workspace/obj-build/ipc/ipdl/PWindowGlobalParent.cpp:650:62
#115 0x7faca2baad8d in mozilla::dom::PContentParent::OnMessageReceived(IPC::Message const&) /builds/worker/workspace/obj-build/ipc/ipdl/PContentParent.cpp:6632:32
#116 0x7faca29f123e in mozilla::ipc::MessageChannel::DispatchAsyncMessage(mozilla::ipc::ActorLifecycleProxy*, IPC::Message const&) src/ipc/glue/MessageChannel.cpp:2150:25
#117 0x7faca29ed9ff in mozilla::ipc::MessageChannel::DispatchMessage(IPC::Message&&) src/ipc/glue/MessageChannel.cpp:2074:9
#118 0x7faca29eee06 in mozilla::ipc::MessageChannel::RunMessage(mozilla::ipc::MessageChannel::MessageTask&) src/ipc/glue/MessageChannel.cpp:1922:3
#119 0x7faca29efa2b in mozilla::ipc::MessageChannel::MessageTask::Run() src/ipc/glue/MessageChannel.cpp:1953:13
#120 0x7faca20f0ecf in mozilla::RunnableTask::Run() src/xpcom/threads/TaskController.cpp:450:16
#121 0x7faca20ef53a in mozilla::TaskController::DoExecuteNextTaskOnlyMainThreadInternal(mozilla::detail::BaseAutoLock<mozilla::Mutex&> const&) src/xpcom/threads/TaskController.cpp:720:26
#122 0x7faca20ee5e4 in mozilla::TaskController::ExecuteNextTaskOnlyMainThreadInternal(mozilla::detail::BaseAutoLock<mozilla::Mutex&> const&) src/xpcom/threads/TaskController.cpp:579:15
#123 0x7faca20ee797 in mozilla::TaskController::ProcessPendingMTTask(bool) src/xpcom/threads/TaskController.cpp:373:36
#124 0x7faca20f4799 in operator() src/xpcom/threads/TaskController.cpp:123:37
#125 0x7faca20f4799 in mozilla::detail::RunnableFunction<mozilla::TaskController::InitializeInternal()::$_4>::Run() /builds/worker/workspace/obj-build/dist/include/nsThreadUtils.h:577:5
#126 0x7faca2105ca7 in nsThread::ProcessNextEvent(bool, bool*) src/xpcom/threads/nsThread.cpp:1197:14
#127 0x7faca210b9ea in NS_ProcessNextEvent(nsIThread*, bool) src/xpcom/threads/nsThreadUtils.cpp:513:10
#128 0x7faca79ccdd6 in SpinEventLoopUntil<mozilla::ProcessFailureBehavior::ReportToCaller, (lambda at src/xpfe/appshell/AppWindow.cpp:504:24)> /builds/worker/workspace/obj-build/dist/include/nsThreadUtils.h:362:25
#129 0x7faca79ccdd6 in mozilla::AppWindow::ShowModal() src/xpfe/appshell/AppWindow.cpp:504:5
#130 0x7faca7e0c032 in nsWindowWatcher::OpenWindowInternal(mozIDOMWindowProxy*, nsTSubstring<char> const&, nsTSubstring<char> const&, nsTSubstring<char> const&, bool, bool, bool, nsIArray*, bool, bool, bool, nsPIWindowWatcher::PrintKind, nsDocShellLoadState*, mozilla::dom::BrowsingContext**) src/toolkit/components/windowwatcher/nsWindowWatcher.cpp:1328:18
#131 0x7faca7e09187 in nsWindowWatcher::OpenWindow(mozIDOMWindowProxy*, nsTSubstring<char> const&, nsTSubstring<char> const&, nsTSubstring<char> const&, nsISupports*, mozIDOMWindowProxy**) src/toolkit/components/windowwatcher/nsWindowWatcher.cpp:293:3
#132 0x7faca21306f5 in NS_InvokeByIndex src/xpcom/reflect/xptcall/md/unix/xptcinvoke_asm_x86_64_unix.S:101
#133 0x7faca320cb0d in Invoke src/js/xpconnect/src/XPCWrappedNative.cpp:1620:10
#134 0x7faca320cb0d in CallMethodHelper::Call() src/js/xpconnect/src/XPCWrappedNative.cpp:1176:19
#135 0x7faca320c857 in XPCWrappedNative::CallMethod(XPCCallContext&, XPCWrappedNative::CallMode) src/js/xpconnect/src/XPCWrappedNative.cpp:1142:23
#136 0x7faca320e411 in XPC_WN_CallMethod(JSContext*, unsigned int, JS::Value*) src/js/xpconnect/src/XPCWrappedNativeJSOps.cpp:925:10
#137 0x7faca7fa0431 in CallJSNative(JSContext*, bool (*)(JSContext*, unsigned int, JS::Value*), js::CallReason, JS::CallArgs const&) src/js/src/vm/Interpreter.cpp:507:13
#138 0x7faca7f9fb68 in js::InternalCallOrConstruct(JSContext*, JS::CallArgs const&, js::MaybeConstruct, js::CallReason) src/js/src/vm/Interpreter.cpp:599:12
#139 0x7faca7fa1713 in InternalCall(JSContext*, js::AnyInvokeArgs const&, js::CallReason) src/js/src/vm/Interpreter.cpp:664:10
#140 0x7faca7f954e3 in CallFromStack src/js/src/vm/Interpreter.cpp:668:10
#141 0x7faca7f954e3 in Interpret(JSContext*, js::RunState&) src/js/src/vm/Interpreter.cpp:3337:16
#142 0x7faca7f8c654 in js::RunScript(JSContext*, js::RunState&) src/js/src/vm/Interpreter.cpp:477:13
#143 0x7faca7f9fb39 in js::InternalCallOrConstruct(JSContext*, JS::CallArgs const&, js::MaybeConstruct, js::CallReason) src/js/src/vm/Interpreter.cpp:636:13
#144 0x7faca7fa1713 in InternalCall(JSContext*, js::AnyInvokeArgs const&, js::CallReason) src/js/src/vm/Interpreter.cpp:664:10
#145 0x7faca7fa194f in js::Call(JSContext*, JS::Handle<JS::Value>, JS::Handle<JS::Value>, js::AnyInvokeArgs const&, JS::MutableHandle<JS::Value>, js::CallReason) src/js/src/vm/Interpreter.cpp:681:8
#146 0x7faca8583811 in JS_CallFunctionValue(JSContext*, JS::Handle<JSObject*>, JS::Handle<JS::Value>, JS::HandleValueArray const&, JS::MutableHandle<JS::Value>) src/js/src/jsapi.cpp:2767:10
#147 0x7faca320537e in nsXPCWrappedJS::CallMethod(unsigned short, nsXPTMethodInfo const*, nsXPTCMiniVariant*) src/js/xpconnect/src/XPCWrappedJSClass.cpp:970:17
#148 0x7faca213151a in PrepareAndDispatch src/xpcom/reflect/xptcall/md/unix/xptcstubs_x86_64_linux.cpp:115:37
#149 0x7faca213085e in SharedStub (/home/user/workspace/browsers/m-c-20201102171039-fuzzing-debug/libxul.so+0x2e6585e)
#150 0x7faca21306f5 in NS_InvokeByIndex src/xpcom/reflect/xptcall/md/unix/xptcinvoke_asm_x86_64_unix.S:101
#151 0x7faca320cb0d in Invoke src/js/xpconnect/src/XPCWrappedNative.cpp:1620:10
#152 0x7faca320cb0d in CallMethodHelper::Call() src/js/xpconnect/src/XPCWrappedNative.cpp:1176:19
#153 0x7faca320c857 in XPCWrappedNative::CallMethod(XPCCallContext&, XPCWrappedNative::CallMode) src/js/xpconnect/src/XPCWrappedNative.cpp:1142:23
#154 0x7faca320e411 in XPC_WN_CallMethod(JSContext*, unsigned int, JS::Value*) src/js/xpconnect/src/XPCWrappedNativeJSOps.cpp:925:10
#155 0x7faca7fa0431 in CallJSNative(JSContext*, bool (*)(JSContext*, unsigned int, JS::Value*), js::CallReason, JS::CallArgs const&) src/js/src/vm/Interpreter.cpp:507:13
#156 0x7faca7f9fb68 in js::InternalCallOrConstruct(JSContext*, JS::CallArgs const&, js::MaybeConstruct, js::CallReason) src/js/src/vm/Interpreter.cpp:599:12
#157 0x7faca7fa1713 in InternalCall(JSContext*, js::AnyInvokeArgs const&, js::CallReason) src/js/src/vm/Interpreter.cpp:664:10
#158 0x7faca7f954e3 in CallFromStack src/js/src/vm/Interpreter.cpp:668:10
#159 0x7faca7f954e3 in Interpret(JSContext*, js::RunState&) src/js/src/vm/Interpreter.cpp:3337:16
#160 0x7faca7f8c654 in js::RunScript(JSContext*, js::RunState&) src/js/src/vm/Interpreter.cpp:477:13
#161 0x7faca7f9fb39 in js::InternalCallOrConstruct(JSContext*, JS::CallArgs const&, js::MaybeConstruct, js::CallReason) src/js/src/vm/Interpreter.cpp:636:13
#162 0x7faca7fa1713 in InternalCall(JSContext*, js::AnyInvokeArgs const&, js::CallReason) src/js/src/vm/Interpreter.cpp:664:10
#163 0x7faca7fa194f in js::Call(JSContext*, JS::Handle<JS::Value>, JS::Handle<JS::Value>, js::AnyInvokeArgs const&, JS::MutableHandle<JS::Value>, js::CallReason) src/js/src/vm/Interpreter.cpp:681:8
#164 0x7faca858478b in JS::Call(JSContext*, JS::Handle<JS::Value>, JS::Handle<JS::Value>, JS::HandleValueArray const&, JS::MutableHandle<JS::Value>) src/js/src/jsapi.cpp:2830:10
#165 0x7faca41f20d5 in mozilla::dom::MessageListener::ReceiveMessage(mozilla::dom::BindingCallContext&, JS::Handle<JS::Value>, mozilla::dom::ReceiveMessageArgument const&, JS::MutableHandle<JS::Value>, mozilla::ErrorResult&) /builds/worker/workspace/obj-build/dom/bindings/MessageManagerBinding.cpp:6297:8
#166 0x7faca621bdfe in mozilla::dom::MessageListener::ReceiveMessage(mozilla::dom::ReceiveMessageArgument const&, JS::MutableHandle<JS::Value>, mozilla::ErrorResult&, char const*, mozilla::dom::CallbackObject::ExceptionHandling, JS::Realm*) /builds/worker/workspace/obj-build/dist/include/mozilla/dom/MessageManagerBinding.h:784:12
#167 0x7faca621bc09 in mozilla::dom::JSActor::CallReceiveMessage(JSContext*, mozilla::dom::JSActorMessageMeta const&, JS::Handle<JS::Value>, JS::MutableHandle<JS::Value>, mozilla::ErrorResult&) src/dom/ipc/jsactor/JSActor.cpp:257:22
#168 0x7faca621bf82 in mozilla::dom::JSActor::ReceiveMessage(JSContext*, mozilla::dom::JSActorMessageMeta const&, JS::Handle<JS::Value>, mozilla::ErrorResult&) src/dom/ipc/jsactor/JSActor.cpp:270:3
#169 0x7faca621f156 in mozilla::dom::JSActorManager::ReceiveRawMessage(mozilla::dom::JSActorMessageMeta const&, mozilla::Maybe<mozilla::dom::ipc::StructuredCloneData>&&, mozilla::Maybe<mozilla::dom::ipc::StructuredCloneData>&&) src/dom/ipc/jsactor/JSActorManager.cpp:182:14
#170 0x7faca620c1b4 in mozilla::dom::WindowGlobalParent::RecvRawMessage(mozilla::dom::JSActorMessageMeta const&, mozilla::Maybe<mozilla::dom::ClonedMessageData> const&, mozilla::Maybe<mozilla::dom::ClonedMessageData> const&) src/dom/ipc/WindowGlobalParent.cpp:439:3
#171 0x7faca2ff999a in mozilla::dom::PWindowGlobalParent::OnMessageReceived(IPC::Message const&) /builds/worker/workspace/obj-build/ipc/ipdl/PWindowGlobalParent.cpp:650:62
#172 0x7faca2baad8d in mozilla::dom::PContentParent::OnMessageReceived(IPC::Message const&) /builds/worker/workspace/obj-build/ipc/ipdl/PContentParent.cpp:6632:32
#173 0x7faca29f123e in mozilla::ipc::MessageChannel::DispatchAsyncMessage(mozilla::ipc::ActorLifecycleProxy*, IPC::Message const&) src/ipc/glue/MessageChannel.cpp:2150:25
#174 0x7faca29ed9ff in mozilla::ipc::MessageChannel::DispatchMessage(IPC::Message&&) src/ipc/glue/MessageChannel.cpp:2074:9
#175 0x7faca29eee06 in mozilla::ipc::MessageChannel::RunMessage(mozilla::ipc::MessageChannel::MessageTask&) src/ipc/glue/MessageChannel.cpp:1922:3
#176 0x7faca29efa2b in mozilla::ipc::MessageChannel::MessageTask::Run() src/ipc/glue/MessageChannel.cpp:1953:13
#177 0x7faca20f0ecf in mozilla::RunnableTask::Run() src/xpcom/threads/TaskController.cpp:450:16
#178 0x7faca20ef53a in mozilla::TaskController::DoExecuteNextTaskOnlyMainThreadInternal(mozilla::detail::BaseAutoLock<mozilla::Mutex&> const&) src/xpcom/threads/TaskController.cpp:720:26
#179 0x7faca20ee5e4 in mozilla::TaskController::ExecuteNextTaskOnlyMainThreadInternal(mozilla::detail::BaseAutoLock<mozilla::Mutex&> const&) src/xpcom/threads/TaskController.cpp:579:15
#180 0x7faca20ee797 in mozilla::TaskController::ProcessPendingMTTask(bool) src/xpcom/threads/TaskController.cpp:373:36
#181 0x7faca20f4799 in operator() src/xpcom/threads/TaskController.cpp:123:37
#182 0x7faca20f4799 in mozilla::detail::RunnableFunction<mozilla::TaskController::InitializeInternal()::$_4>::Run() /builds/worker/workspace/obj-build/dist/include/nsThreadUtils.h:577:5
#183 0x7faca2105ca7 in nsThread::ProcessNextEvent(bool, bool*) src/xpcom/threads/nsThread.cpp:1197:14
#184 0x7faca210b9ea in NS_ProcessNextEvent(nsIThread*, bool) src/xpcom/threads/nsThreadUtils.cpp:513:10
#185 0x7faca79ccdd6 in SpinEventLoopUntil<mozilla::ProcessFailureBehavior::ReportToCaller, (lambda at src/xpfe/appshell/AppWindow.cpp:504:24)> /builds/worker/workspace/obj-build/dist/include/nsThreadUtils.h:362:25
#186 0x7faca79ccdd6 in mozilla::AppWindow::ShowModal() src/xpfe/appshell/AppWindow.cpp:504:5
#187 0x7faca7e0c032 in nsWindowWatcher::OpenWindowInternal(mozIDOMWindowProxy*, nsTSubstring<char> const&, nsTSubstring<char> const&, nsTSubstring<char> const&, bool, bool, bool, nsIArray*, bool, bool, bool, nsPIWindowWatcher::PrintKind, nsDocShellLoadState*, mozilla::dom::BrowsingContext**) src/toolkit/components/windowwatcher/nsWindowWatcher.cpp:1328:18
#188 0x7faca7e09187 in nsWindowWatcher::OpenWindow(mozIDOMWindowProxy*, nsTSubstring<char> const&, nsTSubstring<char> const&, nsTSubstring<char> const&, nsISupports*, mozIDOMWindowProxy**) src/toolkit/components/windowwatcher/nsWindowWatcher.cpp:293:3
#189 0x7faca21306f5 in NS_InvokeByIndex src/xpcom/reflect/xptcall/md/unix/xptcinvoke_asm_x86_64_unix.S:101
#190 0x7faca320cb0d in Invoke src/js/xpconnect/src/XPCWrappedNative.cpp:1620:10
#191 0x7faca320cb0d in CallMethodHelper::Call() src/js/xpconnect/src/XPCWrappedNative.cpp:1176:19
#192 0x7faca320c857 in XPCWrappedNative::CallMethod(XPCCallContext&, XPCWrappedNative::CallMode) src/js/xpconnect/src/XPCWrappedNative.cpp:1142:23
#193 0x7faca320e411 in XPC_WN_CallMethod(JSContext*, unsigned int, JS::Value*) src/js/xpconnect/src/XPCWrappedNativeJSOps.cpp:925:10
#194 0x7faca7fa0431 in CallJSNative(JSContext*, bool (*)(JSContext*, unsigned int, JS::Value*), js::CallReason, JS::CallArgs const&) src/js/src/vm/Interpreter.cpp:507:13
#195 0x7faca7f9fb68 in js::InternalCallOrConstruct(JSContext*, JS::CallArgs const&, js::MaybeConstruct, js::CallReason) src/js/src/vm/Interpreter.cpp:599:12
#196 0x7faca7fa1713 in InternalCall(JSContext*, js::AnyInvokeArgs const&, js::CallReason) src/js/src/vm/Interpreter.cpp:664:10
#197 0x7faca7f954e3 in CallFromStack src/js/src/vm/Interpreter.cpp:668:10
#198 0x7faca7f954e3 in Interpret(JSContext*, js::RunState&) src/js/src/vm/Interpreter.cpp:3337:16
#199 0x7faca7f8c654 in js::RunScript(JSContext*, js::RunState&) src/js/src/vm/Interpreter.cpp:477:13
#200 0x7faca7f9fb39 in js::InternalCallOrConstruct(JSContext*, JS::CallArgs const&, js::MaybeConstruct, js::CallReason) src/js/src/vm/Interpreter.cpp:636:13
#201 0x7faca7fa1713 in InternalCall(JSContext*, js::AnyInvokeArgs const&, js::CallReason) src/js/src/vm/Interpreter.cpp:664:10
#202 0x7faca7fa194f in js::Call(JSContext*, JS::Handle<JS::Value>, JS::Handle<JS::Value>, js::AnyInvokeArgs const&, JS::MutableHandle<JS::Value>, js::CallReason) src/js/src/vm/Interpreter.cpp:681:8
#203 0x7faca8583811 in JS_CallFunctionValue(JSContext*, JS::Handle<JSObject*>, JS::Handle<JS::Value>, JS::HandleValueArray const&, JS::MutableHandle<JS::Value>) src/js/src/jsapi.cpp:2767:10
#204 0x7faca320537e in nsXPCWrappedJS::CallMethod(unsigned short, nsXPTMethodInfo const*, nsXPTCMiniVariant*) src/js/xpconnect/src/XPCWrappedJSClass.cpp:970:17
#205 0x7faca213151a in PrepareAndDispatch src/xpcom/reflect/xptcall/md/unix/xptcstubs_x86_64_linux.cpp:115:37
#206 0x7faca213085e in SharedStub (/home/user/workspace/browsers/m-c-20201102171039-fuzzing-debug/libxul.so+0x2e6585e)
#207 0x7faca21306f5 in NS_InvokeByIndex src/xpcom/reflect/xptcall/md/unix/xptcinvoke_asm_x86_64_unix.S:101
#208 0x7faca320cb0d in Invoke src/js/xpconnect/src/XPCWrappedNative.cpp:1620:10
#209 0x7faca320cb0d in CallMethodHelper::Call() src/js/xpconnect/src/XPCWrappedNative.cpp:1176:19
#210 0x7faca320c857 in XPCWrappedNative::CallMethod(XPCCallContext&, XPCWrappedNative::CallMode) src/js/xpconnect/src/XPCWrappedNative.cpp:1142:23
#211 0x7faca320e411 in XPC_WN_CallMethod(JSContext*, unsigned int, JS::Value*) src/js/xpconnect/src/XPCWrappedNativeJSOps.cpp:925:10
#212 0x7faca7fa0431 in CallJSNative(JSContext*, bool (*)(JSContext*, unsigned int, JS::Value*), js::CallReason, JS::CallArgs const&) src/js/src/vm/Interpreter.cpp:507:13
#213 0x7faca7f9fb68 in js::InternalCallOrConstruct(JSContext*, JS::CallArgs const&, js::MaybeConstruct, js::CallReason) src/js/src/vm/Interpreter.cpp:599:12
#214 0x7faca7fa1713 in InternalCall(JSContext*, js::AnyInvokeArgs const&, js::CallReason) src/js/src/vm/Interpreter.cpp:664:10
#215 0x7faca7f954e3 in CallFromStack src/js/src/vm/Interpreter.cpp:668:10
#216 0x7faca7f954e3 in Interpret(JSContext*, js::RunState&) src/js/src/vm/Interpreter.cpp:3337:16
#217 0x7faca7f8c654 in js::RunScript(JSContext*, js::RunState&) src/js/src/vm/Interpreter.cpp:477:13
#218 0x7faca7f9fb39 in js::InternalCallOrConstruct(JSContext*, JS::CallArgs const&, js::MaybeConstruct, js::CallReason) src/js/src/vm/Interpreter.cpp:636:13
#219 0x7faca7fa1713 in InternalCall(JSContext*, js::AnyInvokeArgs const&, js::CallReason) src/js/src/vm/Interpreter.cpp:664:10
#220 0x7faca7fa194f in js::Call(JSContext*, JS::Handle<JS::Value>, JS::Handle<JS::Value>, js::AnyInvokeArgs const&, JS::MutableHandle<JS::Value>, js::CallReason) src/js/src/vm/Interpreter.cpp:681:8
#221 0x7faca858478b in JS::Call(JSContext*, JS::Handle<JS::Value>, JS::Handle<JS::Value>, JS::HandleValueArray const&, JS::MutableHandle<JS::Value>) src/js/src/jsapi.cpp:2830:10
#222 0x7faca41f20d5 in mozilla::dom::MessageListener::ReceiveMessage(mozilla::dom::BindingCallContext&, JS::Handle<JS::Value>, mozilla::dom::ReceiveMessageArgument const&, JS::MutableHandle<JS::Value>, mozilla::ErrorResult&) /builds/worker/workspace/obj-build/dom/bindings/MessageManagerBinding.cpp:6297:8
#223 0x7faca621bdfe in mozilla::dom::MessageListener::ReceiveMessage(mozilla::dom::ReceiveMessageArgument const&, JS::MutableHandle<JS::Value>, mozilla::ErrorResult&, char const*, mozilla::dom::CallbackObject::ExceptionHandling, JS::Realm*) /builds/worker/workspace/obj-build/dist/include/mozilla/dom/MessageManagerBinding.h:784:12
#224 0x7faca621bc09 in mozilla::dom::JSActor::CallReceiveMessage(JSContext*, mozilla::dom::JSActorMessageMeta const&, JS::Handle<JS::Value>, JS::MutableHandle<JS::Value>, mozilla::ErrorResult&) src/dom/ipc/jsactor/JSActor.cpp:257:22
#225 0x7faca621bf82 in mozilla::dom::JSActor::ReceiveMessage(JSContext*, mozilla::dom::JSActorMessageMeta const&, JS::Handle<JS::Value>, mozilla::ErrorResult&) src/dom/ipc/jsactor/JSActor.cpp:270:3
#226 0x7faca621f156 in mozilla::dom::JSActorManager::ReceiveRawMessage(mozilla::dom::JSActorMessageMeta const&, mozilla::Maybe<mozilla::dom::ipc::StructuredCloneData>&&, mozilla::Maybe<mozilla::dom::ipc::StructuredCloneData>&&) src/dom/ipc/jsactor/JSActorManager.cpp:182:14
#227 0x7faca620c1b4 in mozilla::dom::WindowGlobalParent::RecvRawMessage(mozilla::dom::JSActorMessageMeta const&, mozilla::Maybe<mozilla::dom::ClonedMessageData> const&, mozilla::Maybe<mozilla::dom::ClonedMessageData> const&) src/dom/ipc/WindowGlobalParent.cpp:439:3
#228 0x7faca2ff999a in mozilla::dom::PWindowGlobalParent::OnMessageReceived(IPC::Message const&) /builds/worker/workspace/obj-build/ipc/ipdl/PWindowGlobalParent.cpp:650:62
#229 0x7faca2baad8d in mozilla::dom::PContentParent::OnMessageReceived(IPC::Message const&) /builds/worker/workspace/obj-build/ipc/ipdl/PContentParent.cpp:6632:32
#230 0x7faca29f123e in mozilla::ipc::MessageChannel::DispatchAsyncMessage(mozilla::ipc::ActorLifecycleProxy*, IPC::Message const&) src/ipc/glue/MessageChannel.cpp:2150:25
#231 0x7faca29ed9ff in mozilla::ipc::MessageChannel::DispatchMessage(IPC::Message&&) src/ipc/glue/MessageChannel.cpp:2074:9
#232 0x7faca29eee06 in mozilla::ipc::MessageChannel::RunMessage(mozilla::ipc::MessageChannel::MessageTask&) src/ipc/glue/MessageChannel.cpp:1922:3
#233 0x7faca29efa2b in mozilla::ipc::MessageChannel::MessageTask::Run() src/ipc/glue/MessageChannel.cpp:1953:13
#234 0x7faca20f0ecf in mozilla::RunnableTask::Run() src/xpcom/threads/TaskController.cpp:450:16
#235 0x7faca20ef53a in mozilla::TaskController::DoExecuteNextTaskOnlyMainThreadInternal(mozilla::detail::BaseAutoLock<mozilla::Mutex&> const&) src/xpcom/threads/TaskController.cpp:720:26
#236 0x7faca20ee5e4 in mozilla::TaskController::ExecuteNextTaskOnlyMainThreadInternal(mozilla::detail::BaseAutoLock<mozilla::Mutex&> const&) src/xpcom/threads/TaskController.cpp:579:15
#237 0x7faca20ee797 in mozilla::TaskController::ProcessPendingMTTask(bool) src/xpcom/threads/TaskController.cpp:373:36
#238 0x7faca20f4799 in operator() src/xpcom/threads/TaskController.cpp:123:37
#239 0x7faca20f4799 in mozilla::detail::RunnableFunction<mozilla::TaskController::InitializeInternal()::$_4>::Run() /builds/worker/workspace/obj-build/dist/include/nsThreadUtils.h:577:5
#240 0x7faca2105ca7 in nsThread::ProcessNextEvent(bool, bool*) src/xpcom/threads/nsThread.cpp:1197:14
#241 0x7faca210b9ea in NS_ProcessNextEvent(nsIThread*, bool) src/xpcom/threads/nsThreadUtils.cpp:513:10
#242 0x7faca79ccdd6 in SpinEventLoopUntil<mozilla::ProcessFailureBehavior::ReportToCaller, (lambda at src/xpfe/appshell/AppWindow.cpp:504:24)> /builds/worker/workspace/obj-build/dist/include/nsThreadUtils.h:362:25
#243 0x7faca79ccdd6 in mozilla::AppWindow::ShowModal() src/xpfe/appshell/AppWindow.cpp:504:5
#244 0x7faca7e0c032 in nsWindowWatcher::OpenWindowInternal(mozIDOMWindowProxy*, nsTSubstring<char> const&, nsTSubstring<char> const&, nsTSubstring<char> const&, bool, bool, bool, nsIArray*, bool, bool, bool, nsPIWindowWatcher::PrintKind, nsDocShellLoadState*, mozilla::dom::BrowsingContext**) src/toolkit/components/windowwatcher/nsWindowWatcher.cpp:1328:18
#245 0x7faca7e09187 in nsWindowWatcher::OpenWindow(mozIDOMWindowProxy*, nsTSubstring<char> const&, nsTSubstring<char> const&, nsTSubstring<char> const&, nsISupports*, mozIDOMWindowProxy**) src/toolkit/components/windowwatcher/nsWindowWatcher.cpp:293:3
#246 0x7faca21306f5 in NS_InvokeByIndex src/xpcom/reflect/xptcall/md/unix/xptcinvoke_asm_x86_64_unix.S:101
#247 0x7faca320cb0d in Invoke src/js/xpconnect/src/XPCWrappedNative.cpp:1620:10
#248 0x7faca320cb0d in CallMethodHelper::Call() src/js/xpconnect/src/XPCWrappedNative.cpp:1176:19
#249 0x7faca320c857 in XPCWrappedNative::CallMethod(XPCCallContext&, XPCWrappedNative::CallMode) src/js/xpconnect/src/XPCWrappedNative.cpp:1142:23
#250 0x7faca320e411 in XPC_WN_CallMethod(JSContext*, unsigned int, JS::Value*) src/js/xpconnect/src/XPCWrappedNativeJSOps.cpp:925:10
#251 0x7faca7fa0431 in CallJSNative(JSContext*, bool (*)(JSContext*, unsigned int, JS::Value*), js::CallReason, JS::CallArgs const&) src/js/src/vm/Interpreter.cpp:507:13
#252 0x7faca7f9fb68 in js::InternalCallOrConstruct(JSContext*, JS::CallArgs const&, js::MaybeConstruct, js::CallReason) src/js/src/vm/Interpreter.cpp:599:12
#253 0x7faca7fa1713 in InternalCall(JSContext*, js::AnyInvokeArgs const&, js::CallReason) src/js/src/vm/Interpreter.cpp:664:10
#254 0x7faca7f954e3 in CallFromStack src/js/src/vm/Interpreter.cpp:668:10
#255 0x7faca7f954e3 in Interpret(JSContext*, js::RunState&) src/js/src/vm/Interpreter.cpp:3337:16
#256 0x7faca7f8c654 in js::RunScript(JSContext*, js::RunState&) src/js/src/vm/Interpreter.cpp:477:13
#257 0x7faca7f9fb39 in js::InternalCallOrConstruct(JSContext*, JS::CallArgs const&, js::MaybeConstruct, js::CallReason) src/js/src/vm/Interpreter.cpp:636:13
#258 0x7faca7fa1713 in InternalCall(JSContext*, js::AnyInvokeArgs const&, js::CallReason) src/js/src/vm/Interpreter.cpp:664:10
#259 0x7faca7fa194f in js::Call(JSContext*, JS::Handle<JS::Value>, JS::Handle<JS::Value>, js::AnyInvokeArgs const&, JS::MutableHandle<JS::Value>, js::CallReason) src/js/src/vm/Interpreter.cpp:681:8
#260 0x7faca8583811 in JS_CallFunctionValue(JSContext*, JS::Handle<JSObject*>, JS::Handle<JS::Value>, JS::HandleValueArray const&, JS::MutableHandle<JS::Value>) src/js/src/jsapi.cpp:2767:10
#261 0x7faca320537e in nsXPCWrappedJS::CallMethod(unsigned short, nsXPTMethodInfo const*, nsXPTCMiniVariant*) src/js/xpconnect/src/XPCWrappedJSClass.cpp:970:17
#262 0x7faca213151a in PrepareAndDispatch src/xpcom/reflect/xptcall/md/unix/xptcstubs_x86_64_linux.cpp:115:37
#263 0x7faca213085e in SharedStub (/home/user/workspace/browsers/m-c-20201102171039-fuzzing-debug/libxul.so+0x2e6585e)
#264 0x7faca21306f5 in NS_InvokeByIndex src/xpcom/reflect/xptcall/md/unix/xptcinvoke_asm_x86_64_unix.S:101
#265 0x7faca320cb0d in Invoke src/js/xpconnect/src/XPCWrappedNative.cpp:1620:10
#266 0x7faca320cb0d in CallMethodHelper::Call() src/js/xpconnect/src/XPCWrappedNative.cpp:1176:19
#267 0x7faca320c857 in XPCWrappedNative::CallMethod(XPCCallContext&, XPCWrappedNative::CallMode) src/js/xpconnect/src/XPCWrappedNative.cpp:1142:23
#268 0x7faca320e411 in XPC_WN_CallMethod(JSContext*, unsigned int, JS::Value*) src/js/xpconnect/src/XPCWrappedNativeJSOps.cpp:925:10
#269 0x7faca7fa0431 in CallJSNative(JSContext*, bool (*)(JSContext*, unsigned int, JS::Value*), js::CallReason, JS::CallArgs const&) src/js/src/vm/Interpreter.cpp:507:13
#270 0x7faca7f9fb68 in js::InternalCallOrConstruct(JSContext*, JS::CallArgs const&, js::MaybeConstruct, js::CallReason) src/js/src/vm/Interpreter.cpp:599:12
#271 0x7faca7fa1713 in InternalCall(JSContext*, js::AnyInvokeArgs const&, js::CallReason) src/js/src/vm/Interpreter.cpp:664:10
#272 0x7faca7f954e3 in CallFromStack src/js/src/vm/Interpreter.cpp:668:10
#273 0x7faca7f954e3 in Interpret(JSContext*, js::RunState&) src/js/src/vm/Interpreter.cpp:3337:16
#274 0x7faca7f8c654 in js::RunScript(JSContext*, js::RunState&) src/js/src/vm/Interpreter.cpp:477:13
#275 0x7faca7f9fb39 in js::InternalCallOrConstruct(JSContext*, JS::CallArgs const&, js::MaybeConstruct, js::CallReason) src/js/src/vm/Interpreter.cpp:636:13
#276 0x7faca7fa1713 in InternalCall(JSContext*, js::AnyInvokeArgs const&, js::CallReason) src/js/src/vm/Interpreter.cpp:664:10
#277 0x7faca7fa194f in js::Call(JSContext*, JS::Handle<JS::Value>, JS::Handle<JS::Value>, js::AnyInvokeArgs const&, JS::MutableHandle<JS::Value>, js::CallReason) src/js/src/vm/Interpreter.cpp:681:8
#278 0x7faca858478b in JS::Call(JSContext*, JS::Handle<JS::Value>, JS::Handle<JS::Value>, JS::HandleValueArray const&, JS::MutableHandle<JS::Value>) src/js/src/jsapi.cpp:2830:10
#279 0x7faca41f20d5 in mozilla::dom::MessageListener::ReceiveMessage(mozilla::dom::BindingCallContext&, JS::Handle<JS::Value>, mozilla::dom::ReceiveMessageArgument const&, JS::MutableHandle<JS::Value>, mozilla::ErrorResult&) /builds/worker/workspace/obj-build/dom/bindings/MessageManagerBinding.cpp:6297:8
#280 0x7faca621bdfe in mozilla::dom::MessageListener::ReceiveMessage(mozilla::dom::ReceiveMessageArgument const&, JS::MutableHandle<JS::Value>, mozilla::ErrorResult&, char const*, mozilla::dom::CallbackObject::ExceptionHandling, JS::Realm*) /builds/worker/workspace/obj-build/dist/include/mozilla/dom/MessageManagerBinding.h:784:12
#281 0x7faca621bc09 in mozilla::dom::JSActor::CallReceiveMessage(JSContext*, mozilla::dom::JSActorMessageMeta const&, JS::Handle<JS::Value>, JS::MutableHandle<JS::Value>, mozilla::ErrorResult&) src/dom/ipc/jsactor/JSActor.cpp:257:22
#282 0x7faca621bf82 in mozilla::dom::JSActor::ReceiveMessage(JSContext*, mozilla::dom::JSActorMessageMeta const&, JS::Handle<JS::Value>, mozilla::ErrorResult&) src/dom/ipc/jsactor/JSActor.cpp:270:3
|
|
Reporter | |
Comment 2•4 years ago
|
||
A Pernosco session is available here: https://pernos.co/debug/x6bn5C6jonnod_dz4NauLg/index.html
|
||
Comment 3•4 years ago
|
||
The severity field is not set for this bug.
:nordzilla, could you have a look please?
For more information, please visit auto_nag documentation.
Flags: needinfo?(enordin)
|
||
Comment 4•3 years ago
|
||
Hmm. I am not seeing these errors on my macOS machine (10.15.7)
Flags: needinfo?(enordin)
|
||
Comment 5•1 year ago
|
||
I'm not seeing any issues when loading the testcase in a Linux debug build.
Tyson, are you still able to reproduce this? (I wonder if it was fixed in the past 2 years; or maybe I'm not running with the appropriate fuzzing prefs toggled.)
In any case: to the extent this is still reproducible, I'm triaging as S3, since the testcase seems to rely on a precisely-timed print-preview instantiation, and the bad-results don't sound exploitable.
Severity: -- → S3
Flags: needinfo?(twsmith)
|
|
Reporter | |
Comment 6•1 year ago
|
||
I am also no longer able to reproduce this issue with the attached test case. Fuzzers are also no longer reporting the issue.
I have no idea what the fix may have been. There is a Pernosco session if you want to poke around.
Flags: needinfo?(twsmith)
|
|
||
Updated•1 year ago
|
Status: NEW → RESOLVED
Closed: 1 year ago
Resolution: --- → WORKSFORME
You need to log in
before you can comment on or make changes to this bug.
Description
•