New crash [@ XPCCallContext::Init(XPCContext::LangType, int, JSObject*, JSObject*, int, int, unsigned int, int*, int*)] in Firefox 3.6b3

RESOLVED DUPLICATE of bug 500538

Status

()

Core
XPConnect
--
critical
RESOLVED DUPLICATE of bug 500538
9 years ago
7 years ago

People

(Reporter: jst, Assigned: peterv)

Tracking

({crash, regression})

1.9.2 Branch
crash, regression
Points:
---

Firefox Tracking Flags

(Not tracked)

Details

(crash signature, URL)

(Reporter)

Description

9 years ago
There's a new crash in Firefox 3.6b3 with the signature "XPCCallContext::Init(XPCContext::LangType, int, JSObject*, JSObject*, int, int, unsigned int, int*, int*)" in Firefox 3.6b3 that hasn't been seen in any of the versions 3\.5.*.
(Reporter)

Comment 1

9 years ago
This wasn't necessarily introduced in 3.6b3, but it's new since 3.5.*

Comment 2

9 years ago
i see a couple of different crashes here, the one that matters is this:

Signature	XPCCallContext::Init(XPCContext::LangType, int, JSObject*, JSObject*, int, int, unsigned int, int*, int*)
UUID	253bcb68-8405-4835-a776-4b7b92091123
Version	3.6b3
Build ID	20091115182845
Branch	1.9.2
Crash Reason	EXCEPTION_ACCESS_VIOLATION
Crash Address	0x18

Crashing Thread
Frame 	Module 	Signature [Expand] 	Source
0 	xul.dll 	XPCCallContext::Init 	js/src/xpconnect/src/xpccallcontext.cpp:168
1 	xul.dll 	nsXPCWrappedJSClass::CallMethod 	js/src/xpconnect/src/xpcwrappedjsclass.cpp:1283
2 	xul.dll 	nsXPCWrappedJS::CallMethod 	js/src/xpconnect/src/xpcwrappedjs.cpp:570
3 	xul.dll 	PrepareAndDispatch 	xpcom/reflect/xptcall/src/md/win32/xptcstubs.cpp:114
4 	xul.dll 	SharedStub 	xpcom/reflect/xptcall/src/md/win32/xptcstubs.cpp:141
5 	xul.dll 	nsThread::ProcessNextEvent 	xpcom/threads/nsThread.cpp:527
6 	xul.dll 	nsBaseAppShell::Run 	widget/src/xpwidgets/nsBaseAppShell.cpp:170
7 	xul.dll 	nsAppStartup::Run 	toolkit/components/startup/src/nsAppStartup.cpp:182

167     mXPCContext = XPCContext::GetXPCContext(mJSContext);
820     static XPCContext* GetXPCContext(JSContext* aJSContext)
821         {
822             NS_ASSERTION(aJSContext->data2, "should already have XPCContext");
823             return static_cast<XPCContext *>(aJSContext->data2);
824         }
168     mPrevCallerLanguage = mXPCContext->SetCallingLangType(mCallerLanguage);
Keywords: crash
Summary: New crash [@XPCCallContext::Init(XPCContext::LangType, int, JSObject*, JSObject*, int, int, unsigned int, int*, int*)] in Firefox 3.6b3 → New crash [@ XPCCallContext::Init(XPCContext::LangType, int, JSObject*, JSObject*, int, int, unsigned int, int*, int*)] in Firefox 3.6b3
(Assignee)

Comment 3

9 years ago
Looked at a couple of minidumps. We seem to crash trying to set mCallingLangType on either a null or a bogus XPCContext. XPConnect has a context callback that sets data2 when a new JSContext is created, and we install that callback immediately after creating the JSRuntime, so each JSContext should have a non-null data2 member. topJSContext is null and we got a null JSContext passed in too, so I think mJSContext is the safe context.
(Assignee)

Comment 4

9 years ago
Might be related to bug 500538.

Comment 5

9 years ago
yeah, same bug
Status: NEW → RESOLVED
Last Resolved: 9 years ago
Resolution: --- → DUPLICATE
Duplicate of bug: 500538
Crash Signature: [@ XPCCallContext::Init(XPCContext::LangType, int, JSObject*, JSObject*, int, int, unsigned int, int*, int*)]
You need to log in before you can comment on or make changes to this bug.