Closed Bug 605760 Opened 15 years ago Closed 15 years ago

crash [@ xpc::AccessCheck::documentDomainMakesSameOrigin(JSContext*, JSObject*) ]

Categories

(Core :: XPConnect, defect)

Product:
Core
Component:
XPConnect
Platform:
x86
Windows 7
Type:
defect
Priority:
Not set
Severity:
critical

Tracking

()

Status:
RESOLVED FIXED
Tracking Flags:
Tracking Status
blocking2.0 --- beta8+

People

(Reporter: scoobidiver, Assigned: mrbkap)

Details

(Keywords: crash, regression, Whiteboard: [compartments] fixed-in-tracemonkey)

Crash Data

Attachments

(1 file)

Fix
823 bytes, patch
jst
: review+
Details | Diff | Splinter Review
Build: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:2.0b8pre) Gecko/20101019 Firefox/4.0b8pre It is a new crash signature that was introduced by 4.0b8pre/20101018 build. It is #27 top crasher in 4.0b8pre/20101019 build. Signature xpc::AccessCheck::documentDomainMakesSameOrigin(JSContext*, JSObject*) UUID b24b6a31-0029-4213-9860-1e5c72101019 Time 2010-10-19 18:13:31.935049 Uptime 1585 Last Crash 7852 seconds (2.2 hours) before submission Install Age 27383 seconds (7.6 hours) since version was first installed. Product Firefox Version 4.0b8pre Build ID 20101019041714 Branch 2.0 OS Windows NT OS Version 6.1.7600 CPU x86 CPU Info GenuineIntel family 6 model 23 stepping 6 Crash Reason EXCEPTION_ACCESS_VIOLATION_READ Crash Address 0x0 App Notes AdapterVendorID: 8086, AdapterDeviceID: 2e22 Frame Module Signature [Expand] Source 0 xul.dll xpc::AccessCheck::documentDomainMakesSameOrigin js/src/xpconnect/wrappers/AccessCheck.cpp:260 1 xul.dll xpc::Transparent 2 xul.dll xpc::AccessCheck::isScriptAccessOnly js/src/xpconnect/wrappers/AccessCheck.cpp:374 3 xul.dll XPCWrapper::Unwrap js/src/xpconnect/src/XPCWrapper.cpp:131 4 xul.dll XPCWrappedNative::GetWrappedNativeOfJSObject js/src/xpconnect/src/xpcwrappednative.cpp:1760 5 xul.dll XPC_WN_Helper_GetProperty js/src/xpconnect/src/xpcwrappednativejsops.cpp:1017 6 mozjs.dll js::JSProxyHandler::get js/src/jsproxy.cpp:118 7 mozjs.dll js::JSProxy::get js/src/jsproxy.cpp:774 8 mozjs.dll js::proxy_GetProperty js/src/jsproxy.cpp:867 9 mozjs.dll JS_GetUCProperty js/src/jsapi.cpp:3772 10 xul.dll GetProperty modules/plugin/base/src/nsJSNPRuntime.cpp:610 11 xul.dll nsJSObjWrapper::NP_GetProperty modules/plugin/base/src/nsJSNPRuntime.cpp:846 12 xul.dll mozilla::plugins::parent::_getproperty modules/plugin/base/src/nsNPAPIPlugin.cpp:1706 13 xul.dll mozilla::plugins::PluginScriptableObjectParent::AnswerGetParentProperty dom/plugins/PluginScriptableObjectParent.cpp:966 14 xul.dll mozilla::plugins::PPluginScriptableObjectParent::OnCallReceived obj-firefox/ipc/ipdl/PPluginScriptableObjectParent.cpp:1028 15 xul.dll mozilla::plugins::PPluginModuleParent::OnCallReceived obj-firefox/ipc/ipdl/PPluginModuleParent.cpp:601 16 xul.dll mozilla::ipc::RPCChannel::DispatchIncall ipc/glue/RPCChannel.cpp:517 17 xul.dll mozilla::ipc::RPCChannel::Incall ipc/glue/RPCChannel.cpp:503 18 xul.dll mozilla::ipc::RPCChannel::Call ipc/glue/RPCChannel.cpp:310 19 xul.dll mozilla::plugins::PPluginInstanceParent::CallPBrowserStreamConstructor obj-firefox/ipc/ipdl/PPluginInstanceParent.cpp:729 20 xul.dll mozilla::plugins::PluginInstanceParent::NPP_NewStream dom/plugins/PluginInstanceParent.cpp:946 21 xul.dll mozilla::plugins::PluginModuleParent::NPP_NewStream dom/plugins/PluginModuleParent.cpp:429 22 xul.dll nsNPAPIPluginStreamListener::OnStartBinding modules/plugin/base/src/nsNPAPIPluginStreamListener.cpp:319 23 xul.dll nsPluginStreamListenerPeer::SetUpStreamListener modules/plugin/base/src/nsPluginStreamListenerPeer.cpp:1180 24 xul.dll nsPluginStreamListenerPeer::OnStartRequest modules/plugin/base/src/nsPluginStreamListenerPeer.cpp:614 25 xul.dll nsHTTPCompressConv::OnStartRequest netwerk/streamconv/converters/nsHTTPCompressConv.cpp:120 26 xul.dll NS_InvokeByIndex_P xpcom/reflect/xptcall/src/md/win32/xptcinvoke.cpp:102 27 xul.dll XPCWrappedNative::CallMethod js/src/xpconnect/src/xpcwrappednative.cpp:2285 28 xul.dll XPC_WN_CallMethod js/src/xpconnect/src/xpcwrappednativejsops.cpp:1631 29 mozjs.dll js::Interpret js/src/jsinterp.cpp:4716 ... The regression range is: http://hg.mozilla.org/mozilla-central/pushloghtml?fromchange=bfe85b4ed5cd&tochange=cfd18201f49b More reports at: http://crash-stats.mozilla.com/report/list?product=Firefox&query_search=signature&query_type=exact&query=&range_value=4&range_unit=weeks&hang_type=any&process_type=any&plugin_field=&plugin_query_type=&plugin_query=&do_query=1&admin=&signature=xpc%3A%3AAccessCheck%3A%3AdocumentDomainMakesSameOrigin%28JSContext*%2C%20JSObject*%29
blocking2.0: --- → ?
mrbkap, fallout from bug 593602 or bug 604368?
Assignee: nobody → mrbkap
blocking2.0: ? → beta8+
Attached patch FixSplinter Review
This isn't great, but it should do the safe thing and not crash.
Attachment #486535 - Flags: review?(jst)
Attachment #486535 - Flags: review?(jst) → review+
Whiteboard: [compartments]
http://hg.mozilla.org/tracemonkey/rev/bfe06159bb2f I'll get this into m-c once tracemonkey goes green.
Whiteboard: [compartments] → [compartments] fixed-in-tracemonkey
http://hg.mozilla.org/mozilla-central/rev/69d43cbd595a
Status: NEW → RESOLVED
Closed: 15 years ago
Resolution: --- → FIXED
Crash Signature: [@ xpc::AccessCheck::documentDomainMakesSameOrigin(JSContext*, JSObject*) ]
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: