Closed
Bug 486585
Opened 15 years ago
Closed 15 years ago
"ASSERTION: bad!" in XPCCallContext::XPCCallContext with feed in frame, gc
Categories
(Core :: XPConnect, defect, P4)
Tracking
()
VERIFIED
FIXED
mozilla1.9.2a1
People
(Reporter: jruderman, Assigned: peterv)
References
Details
(Keywords: assertion, testcase, verified1.9.1)
Attachments
(3 files)
178 bytes,
text/html
|
Details | |
5.88 KB,
text/plain
|
Details | |
1.36 KB,
patch
|
mrbkap
:
review+
mrbkap
:
superreview+
|
Details | Diff | Splinter Review |
Steps: 1. Load the testcase. 2. Wait a few seconds while it reloads itself a few times. 3. Cmd+Q. Result: near the end of shutdown, several of ###!!! ASSERTION: bad!: 'Error', file js/src/xpconnect/src/xpccallcontext.cpp, line 88 in XPCCallContext::XPCCallContext: if(!stack || NS_FAILED(stack->Peek(&topJSContext))) { NS_ERROR("bad!"); mJSContext = nsnull; return; }
Reporter | ||
Comment 1•15 years ago
|
||
Comment 2•15 years ago
|
||
For what it's worth, the steps in comment 0 work for me. No assertions. That said, I see no reason the stack given here couldn't arise if the wrapped js lives long enough into shutdown (e.g. leaks).
Reporter | ||
Comment 3•15 years ago
|
||
I can only reproduce about 50% of the time. I forgot to mention that in comment 0, sorry. Is the assertion bogus or does it point to a real problem? Or is it hard to tell without debugging?
Comment 4•15 years ago
|
||
I'm not sure. It points to an inability to actually set up an XPCCallContext properly because we're too far into shutdown. But I'm not sure what that means in practice.
Assignee | ||
Comment 5•15 years ago
|
||
We could avoid this particular case by checking if mIdentity is an nsXPCWrappedJS, but not sure we want to do that for every call to FlatJSObjectFinalized.
Assignee | ||
Comment 7•15 years ago
|
||
BTW, nothing bad happens after the assertion AFAICT, because we check if the XPCCallContext is valid.
Comment 8•15 years ago
|
||
Test disabled in TM tre until this is fixed. http://hg.mozilla.org/tracemonkey/rev/1d2bb1304fe4
Updated•15 years ago
|
Flags: blocking1.9.1+
Assignee | ||
Comment 9•15 years ago
|
||
I added the assertion to SetCallInfo and SetIDispatchInfo because they set mState and we want to know if somebody clobbers INIT_FAILED/SYSTEM_SHUTDOWN.
Assignee: nobody → peterv
Status: NEW → ASSIGNED
Attachment #371128 -
Flags: superreview?(mrbkap)
Attachment #371128 -
Flags: review?(mrbkap)
Updated•15 years ago
|
Attachment #371128 -
Flags: superreview?(mrbkap)
Attachment #371128 -
Flags: superreview+
Attachment #371128 -
Flags: review?(mrbkap)
Attachment #371128 -
Flags: review+
Assignee | ||
Comment 10•15 years ago
|
||
I also reenabled test_urlformatter.js on trunk.
Status: ASSIGNED → RESOLVED
Closed: 15 years ago
Keywords: fixed1.9.1
Priority: -- → P4
Resolution: --- → FIXED
Target Milestone: --- → mozilla1.9.2a1
Comment 11•15 years ago
|
||
verified FIXED on debug builds using the attached testcase (no assertions): Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.5; en-US; rv:1.9.1pre) Gecko/20090608 Shiretoko/3.5pre ID:20090608122057 and Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.5; en-US; rv:1.9.2a1pre) Gecko/20090608 Minefield/3.6a1pre ID:20090608122028
Status: RESOLVED → VERIFIED
Keywords: fixed1.9.1 → verified1.9.1
Comment 12•15 years ago
|
||
Just for dotting the I's (so to speak): pushed: http://hg.mozilla.org/mozilla-central/rev/76e5019b7ff4 and http://hg.mozilla.org/releases/mozilla-1.9.1/rev/23363f342a9c
You need to log in
before you can comment on or make changes to this bug.
Description
•