Closed Bug 625639 Opened 14 years ago Closed 13 years ago

"Assertion failure: !cx->isExceptionPending()" with setUserData, getter

Categories

(Core :: XPConnect, defect)

Product:
Core
Component:
XPConnect
Platform:
x86
macOS
Type:
defect
Priority:
Not set
Severity:
critical

Tracking

()

Status:
RESOLVED FIXED
Milestone:
mozilla10

People

(Reporter: jruderman, Assigned: sfink)

Details

(Keywords: assertion, testcase)

Attachments

(3 files)

testcase
188 bytes, text/html
Details
stack trace
256.79 KB, text/plain
Details
Fix XPCConvert error handling
1.83 KB, patch
mrbkap
: review+
Details | Diff | Splinter Review
Attached file testcase 
Assertion failure: !cx->isExceptionPending(), at js/src/jscntxtinlines.h:695

The stack trace for the assertion is very long, but an opt build does not crash.
Attached file stack trace 

    
    

    
  
Oh, I bet this is a bug involving JS_CHECK_RECURSION recovery.

    
    

    
  
I think this bug is making it difficult to create reduced testcases for other JS_CHECK_RECURSION bugs, some of which may be more serious.

    
    

    
  


  
I don't know this code either, but the test case and assert seemed nice and straightforward so I took a quick look. The debugger pointed to code that seemed highly suspicious. This patch fixes the attached test case and seems better, at least, than what's there now. I may get lazy and mark this as checkin-needed, though.

The problem seems to be that there are at least half a dozen ways for XPCConvert::NativeInterface2JSObject to return false without setting the nsresult to an error value, because it gets whitewashed prematurely.

        Attachment #569174 -
        Flags: review?(mrbkap)

    
    

    
  
Comment on attachment 569174 [details] [diff] [review]
Fix XPCConvert error handling

Yep, my bad. Thanks for catching this.

        Attachment #569174 -
        Flags: review?(mrbkap) → review+

    
    

    
  
https://hg.mozilla.org/integration/mozilla-inbound/rev/ec39a58d7f39
Assignee: nobody → sphink
Target Milestone: --- → mozilla10

    
    

    
  
https://hg.mozilla.org/mozilla-central/rev/ec39a58d7f39
Status: NEW → RESOLVED
Closed: 13 years ago
Resolution: --- → FIXED

          You need to log in
          before you can comment on or make changes to this bug.
        






  

    
  







  

    

      
Attachment

      

      
      
      
      
    

    

      

        

          

            
General

            

              Creator: 



            

            
Created: 

            
Updated: 

            
Size: