661319 - JSBool assertion failure causes crash when connecting to GMail IMAP

Status: RESOLVED FIXED

(Thunderbird :: General, defect)

Description

[Mike Conley (:mconley) (:⚙️)]

Attachment: JSBool Assertion Stacktrace

I've got a GMail account that I connect to with TB for testing, and recent builds are crashing when syncing with GMail.

See attached stacktrace.

Comment 1

[Mike Conley (:mconley) (:⚙️)]

Attachment: Patch v1

Bienvenu tracked down the problem to the way nsMsgDBFolder::OnFlagChange called NotifyBoolPropertyChanged.

This patch fixes the crash in my build.

Comment 2

[David :Bienvenu]

Comment on attachment 536691 [details] [diff] [review]
Patch v1

looks good - I grepped through the code and couldn't find any other code abusing bools this way.

Comment 3

[Mark Banner (:standard8)]

Checked in: http://hg.mozilla.org/comm-central/rev/7b686a8fd57c

Should we be back porting this to aurora?

Comment 4

[Mike Conley (:mconley) (:⚙️)]

I don't see how it could hurt.

Comment 5

[Jonathan Protzenko [:protz]]

We initially made it fatal to pass malformed PRBools through XPConnect to the js engine. During the brief window where this was a fatal assert, quite a few bugs cropped up, such as this one. However, it caused too much fallout on the Firefox side of things so we had to make xpcconnect do the !! thing before passing a prbool into a jsbool. There's now a warning if xpcconnect has to do that, so please watch out in debug builds for a "Passing a malformed PRBool through XPConnect".

If any good souls want to keep running their mozilla/ subdirectory without the !! thing in xpcconvert.cpp, that would be a great way to catch any potential bad PRBools.

All the details are in https://bugzilla.mozilla.org/show_bug.cgi?id=661319

Comment 6

[Joshua Cranmer [:jcranmer]]

I could probably revive a quick prcheck tool to run on c-c code that actually ensures that PRBools receive only [0,1] values.

Comment 7

[Jonathan Protzenko [:protz]]

Firefox could use this as well, I think...