Closed
Bug 418377
Opened 18 years ago
Closed 18 years ago
crash [@ XPCWrappedNativeScope::FindInJSObjectScope(XPCCallContext&, JSObject*, int)]
Categories
(Core :: XPConnect, defect, P1)
Core
XPConnect
Tracking
()
RESOLVED
FIXED
mozilla1.9beta4
People
(Reporter: samuel.sidler+old, Assigned: mrbkap)
References
()
Details
(Keywords: crash, topcrash)
Crash Data
Attachments
(1 file)
|
597 bytes,
patch
|
jst
:
review+
jst
:
superreview+
|
Details | Diff | Splinter Review |
Firefox 3 beta 3 has a new topcrash. I don't see this appearing in nightly builds, but I also don't see any bugs fixed recently that could be related to this crash.
See also: bp-2a60d819-ded9-11dc-9bb9-001a4bd43ed6
Crashing Thread
Frame Signature Source
0 XPCWrappedNativeScope::FindInJSObjectScope(XPCCallContext&, JSObject*, int) mozilla/js/src/xpconnect/src/xpcwrappednativescope.cpp:798
1 GetContextFromObject mozilla/js/src/xpconnect/src/xpcwrappedjsclass.cpp:517
2 nsXPCWrappedJSClass::CallMethod(nsXPCWrappedJS*, unsigned short, XPTMethodDescriptor const*, nsXPTCMiniVariant*) mozilla/js/src/xpconnect/src/xpcwrappedjsclass.cpp:1706
3 nsXPCWrappedJS::CallMethod(unsigned short, XPTMethodDescriptor const*, nsXPTCMiniVariant*) mozilla/js/src/xpconnect/src/xpcwrappedjs.cpp:556
4 PrepareAndDispatch mozilla/xpcom/reflect/xptcall/src/md/win32/xptcstubs.cpp:114
5 SharedStub mozilla/xpcom/reflect/xptcall/src/md/win32/xptcstubs.cpp:141
6 nsDNSAsyncRequest::OnLookupComplete(nsHostResolver*, nsHostRecord*, unsigned int) mozilla/netwerk/dns/src/nsDNSService2.cpp:242
Flags: blocking1.9?
|
Reporter | |
Comment 1•18 years ago
|
||
As I said in bug 418378 comment 2, just because this isn't happening on trunk, that doesn't mean it shouldn't be looked at. Trunk users are different than end users. We need to look at this before beta 4.
Priority: -- → P1
Target Milestone: --- → mozilla1.9beta4
|
Assignee | |
Comment 2•18 years ago
|
||
This has all the skidmarks of an invalid ccx.
Assignee: nobody → mrbkap
Status: NEW → ASSIGNED
Attachment #304600 -
Flags: superreview?(jst)
Attachment #304600 -
Flags: review?(jst)
|
||
Comment 3•18 years ago
|
||
Comment on attachment 304600 [details] [diff] [review]
Proposed fix
Yeah, right thing to do for sure. But do we know why this is happening?
Attachment #304600 -
Flags: superreview?(jst)
Attachment #304600 -
Flags: superreview+
Attachment #304600 -
Flags: review?(jst)
Attachment #304600 -
Flags: review+
|
|
||
Updated•18 years ago
|
Flags: blocking1.9? → blocking1.9+
|
|
Assignee | |
Comment 4•18 years ago
|
||
So, looking at the rest of the threads (which I forgot to do earlier) shows 8 (!) threads all in GetContextForObject trying to get the safe JS context and creating it. I suppose this makes sense -- the safe JS context is per-thread. I wonder if the crashes happen when the safe JSContext creation fails (I don't know why it would, though).
|
|
Assignee | |
Updated•18 years ago
|
Keywords: checkin-needed
|
|
||
Comment 5•18 years ago
|
||
Hmm, interesting. Either way, I'll be landing this for you, unless you beat me to it...
|
|
||
Comment 6•18 years ago
|
||
Landed.
Status: ASSIGNED → RESOLVED
Closed: 18 years ago
Resolution: --- → FIXED
|
||
Updated•18 years ago
|
Keywords: checkin-needed
|
||
Updated•14 years ago
|
Crash Signature: [@ XPCWrappedNativeScope::FindInJSObjectScope(XPCCallContext&, JSObject*, int)]
You need to log in
before you can comment on or make changes to this bug.
Description
•