Closed Bug 530937 Opened 15 years ago Closed 15 years ago

New crash [@ XPCCallContext::Init(XPCContext::LangType, int, JSObject*, JSObject*, int, int, unsigned int, int*, int*)] in Firefox 3.6b3

Categories

(Core :: XPConnect, defect)

Product:
Core
Component:
XPConnect
Version:
1.9.2 Branch
Type:
defect
Priority:
Not set
Severity:
critical

Tracking

()

Status:
RESOLVED DUPLICATE of bug 500538

People

(Reporter: jst, Assigned: peterv)

References

(
URL
)

Details

(Keywords: crash, regression)

Crash Data

There's a new crash in Firefox 3.6b3 with the signature "XPCCallContext::Init(XPCContext::LangType, int, JSObject*, JSObject*, int, int, unsigned int, int*, int*)" in Firefox 3.6b3 that hasn't been seen in any of the versions 3\.5.*.
This wasn't necessarily introduced in 3.6b3, but it's new since 3.5.*
i see a couple of different crashes here, the one that matters is this:

Signature	XPCCallContext::Init(XPCContext::LangType, int, JSObject*, JSObject*, int, int, unsigned int, int*, int*)
UUID	253bcb68-8405-4835-a776-4b7b92091123
Version	3.6b3
Build ID	20091115182845
Branch	1.9.2
Crash Reason	EXCEPTION_ACCESS_VIOLATION
Crash Address	0x18

Crashing Thread
Frame 	Module 	Signature [Expand] 	Source
0 	xul.dll 	XPCCallContext::Init 	js/src/xpconnect/src/xpccallcontext.cpp:168
1 	xul.dll 	nsXPCWrappedJSClass::CallMethod 	js/src/xpconnect/src/xpcwrappedjsclass.cpp:1283
2 	xul.dll 	nsXPCWrappedJS::CallMethod 	js/src/xpconnect/src/xpcwrappedjs.cpp:570
3 	xul.dll 	PrepareAndDispatch 	xpcom/reflect/xptcall/src/md/win32/xptcstubs.cpp:114
4 	xul.dll 	SharedStub 	xpcom/reflect/xptcall/src/md/win32/xptcstubs.cpp:141
5 	xul.dll 	nsThread::ProcessNextEvent 	xpcom/threads/nsThread.cpp:527
6 	xul.dll 	nsBaseAppShell::Run 	widget/src/xpwidgets/nsBaseAppShell.cpp:170
7 	xul.dll 	nsAppStartup::Run 	toolkit/components/startup/src/nsAppStartup.cpp:182

167     mXPCContext = XPCContext::GetXPCContext(mJSContext);
820     static XPCContext* GetXPCContext(JSContext* aJSContext)
821         {
822             NS_ASSERTION(aJSContext->data2, "should already have XPCContext");
823             return static_cast<XPCContext *>(aJSContext->data2);
824         }
168     mPrevCallerLanguage = mXPCContext->SetCallingLangType(mCallerLanguage);
Keywords: crash
Summary: New crash [@XPCCallContext::Init(XPCContext::LangType, int, JSObject*, JSObject*, int, int, unsigned int, int*, int*)] in Firefox 3.6b3 → New crash [@ XPCCallContext::Init(XPCContext::LangType, int, JSObject*, JSObject*, int, int, unsigned int, int*, int*)] in Firefox 3.6b3
Looked at a couple of minidumps. We seem to crash trying to set mCallingLangType on either a null or a bogus XPCContext. XPConnect has a context callback that sets data2 when a new JSContext is created, and we install that callback immediately after creating the JSRuntime, so each JSContext should have a non-null data2 member. topJSContext is null and we got a null JSContext passed in too, so I think mJSContext is the safe context.
Might be related to bug 500538.
yeah, same bug
Status: NEW → RESOLVED
Closed: 15 years ago
Resolution: --- → DUPLICATE
Crash Signature: [@ XPCCallContext::Init(XPCContext::LangType, int, JSObject*, JSObject*, int, int, unsigned int, int*, int*)]
You need to log in before you can comment on or make changes to this bug.