XHR in worker to bogus URI leads to Assertion failure: foundIndex != size_t(-1), at c:/dev/mozilla-central/dom/workers/Exceptions.cpp:259

RESOLVED FIXED in Firefox 9

Status

()

Product:
Core
Component:
DOM
Status:
RESOLVED FIXED
Reported:
8 years ago
Modified:
7 years ago

People

(Reporter: khuey, Assigned: bent.mozilla)

Tracking

({regression})

Version:
unspecified
Target:
mozilla10
Keywords:
regression
Points:
---
Dependency tree / graph

Firefox Tracking Flags

(firefox7 unaffected, firefox8+ affected, firefox9+ fixed, firefox10 fixed)

Details

(Whiteboard: [inbound][qa-])

Attachments

(1 attachment)

Patch, v1
2.01 KB, patch
sicking
: review+
christian
: approval-mozilla-aurora+
christian
: approval-mozilla-beta-
Details | Diff | Splinter Review
(Reporter)

Description

8 years ago 
Page:

<!DOCTYPE HTML>
<html>
<body>
<script type="text/javascript">

var worker = new Worker("boom.js");
worker.postMessage("abcd");

</script>
</body>
</html>

Worker:

var xhr = new XMLHttpRequest();

onmessage = function(event) {
  xhr.open("POST", event.data);
  xhr.send(null);
}

Result (when run locally):
Assertion failure: foundIndex != size_t(-1), at c:/dev/mozilla-central/dom/worke
rs/Exceptions.cpp:259

On an opt build we print an exception to the error console that has random garbage for text.

Note that I can only reproduce this with a local testcase.

Updated

8 years ago
tracking-firefox8: ? → +
tracking-firefox9: ? → +
 (Assignee)

Comment 1

7 years ago 
Created attachment 572054 [details] [diff] [review]
Patch, v1

We need to safeguard against unknown error codes.
Assignee: nobody → bent.mozilla
Status: NEW → ASSIGNED
Attachment #572054 - Flags: review?(jonas)
status-firefox10: --- → fixed
 (Assignee)

Comment 3

7 years ago 
Comment on attachment 572054 [details] [diff] [review]
Patch, v1

I'd love to get this into the branches before we merge, it's a tiny fix that avoids a JS_ASSERT and a (harmless) undefined memory access.
Attachment #572054 - Flags: approval-mozilla-beta?
Attachment #572054 - Flags: approval-mozilla-aurora?

Comment 4

7 years ago 
https://hg.mozilla.org/mozilla-central/rev/6b3cde4cec7f
Status: ASSIGNED → RESOLVED
Last Resolved: 7 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla10

Comment 5

7 years ago 
Comment on attachment 572054 [details] [diff] [review]
Patch, v1

[triage comment]
We're wiling to take this on aurora as the risk looks low (even if the reward is low). Please land today. It's too late for beta.
Attachment #572054 - Flags: approval-mozilla-beta?
Attachment #572054 - Flags: approval-mozilla-beta-
Attachment #572054 - Flags: approval-mozilla-aurora?
Attachment #572054 - Flags: approval-mozilla-aurora+

Comment 7

7 years ago 
Is there something QA can do to verify this fix?
Whiteboard: [inbound] → [inbound][qa?]
 (Reporter)

Comment 8

7 years ago 
You can verify that

(In reply to Kyle Huey [:khuey] (khuey@mozilla.com) from comment #0)
> On an opt build we print an exception to the error console that has random
> garbage for text.

does not happen.

Comment 9

7 years ago 
qa- for someone who is already set up to test this bug to verify the fix.
Whiteboard: [inbound][qa?] → [inbound][qa-]
You need to log in before you can comment on or make changes to this bug.