19736 – Assertion failure due to exceptions thrown from Netscape plugins being ignored

RESOLVED DUPLICATE of bug 19853 19736

Assertion failure due to exceptions thrown from Netscape plugins being ignored

https://bugs.webkit.org/show_bug.cgi?id=19736

Summary Assertion failure due to exceptions thrown from Netscape plugins being ignored

Matt Lilek

Reported 2008-06-23 21:22:01 PDT

1. Load <http://ebay.com/> 2. Click "Sign in" 3. Search for something (ie: iPhone or perhaps something cheaper incase you accidently hit "Commit to buy" ;) 4. Click "Buy it Now" tab 5. Select an item in the list 6. Click "Buy it Now" button on the item page 7. If it's a multiple item auction, click Continue 8. Click the eBay logo in the upper left hand corner of the page -> ASSERT ASSERTION FAILED: !exec->m_exception (/Users/matt/Code/WebKit/JavaScriptCore/kjs/ExecState.cpp:56 KJS::ExecState::ExecState(KJS::ExecState*, KJS::RegisterFile*, KJS::ScopeChainNode*, int)) Thread 0 Crashed: 0 com.apple.JavaScriptCore 0x004d07f7 KJS::ExecState::ExecState(KJS::ExecState*, KJS::RegisterFile*, KJS::ScopeChainNode*, int) + 161 1 com.apple.JavaScriptCore 0x004e512b KJS::Machine::execute(KJS::FunctionBodyNode*, KJS::ExecState*, KJS::JSFunction*, KJS::JSObject*, KJS::ArgList const&, KJS::RegisterFileStack*, KJS::ScopeChainNode*, KJS::JSValue**) + 563 (Machine.cpp:728) 2 com.apple.JavaScriptCore 0x004504bb KJS::JSFunction::callAsFunction(KJS::ExecState*, KJS::JSObject*, KJS::ArgList const&) + 187 (JSFunction.cpp:90) 3 com.apple.WebCore 0x02bd871f WebCore::JSAbstractEventListener::handleEvent(WebCore::Event*, bool) + 671 (JSEventListener.cpp:93) 4 com.apple.WebCore 0x026d4af7 WebCore::EventTarget::handleLocalEvents(WebCore::EventTargetNode*, WebCore::Event*, bool) + 385 (EventTarget.cpp:323) 5 com.apple.WebCore 0x026d5c14 WebCore::EventTargetNode::handleLocalEvents(WebCore::Event*, bool) + 118 (EventTargetNode.cpp:117) 6 com.apple.WebCore 0x026d51cc WebCore::EventTarget::dispatchGenericEvent(WebCore::EventTargetNode*, WTF::PassRefPtr<WebCore::Event>, int&, bool) + 1260 (EventTarget.cpp:231) 7 com.apple.WebCore 0x026d5eb6 WebCore::EventTargetNode::dispatchEvent(WTF::PassRefPtr<WebCore::Event>, int&, bool) + 364 (EventTargetNode.cpp:132) 8 com.apple.WebCore 0x026d6da8 WebCore::EventTargetNode::dispatchMouseEvent(WebCore::AtomicString const&, int, int, int, int, int, int, bool, bool, bool, bool, bool, WebCore::Node*, WTF::PassRefPtr<WebCore::Event>) + 760 (EventTargetNode.cpp:306) 9 com.apple.WebCore 0x026d75c1 WebCore::EventTargetNode::dispatchMouseEvent(WebCore::PlatformMouseEvent const&, WebCore::AtomicString const&, int, WebCore::Node*) + 497 (EventTargetNode.cpp:224) 10 com.apple.WebCore 0x026cccd4 WebCore::EventHandler::dispatchMouseEvent(WebCore::AtomicString const&, WebCore::Node*, bool, int, WebCore::PlatformMouseEvent const&, bool) + 148 (EventHandler.cpp:1278) 11 com.apple.WebCore 0x026cd52c WebCore::EventHandler::handleMouseReleaseEvent(WebCore::PlatformMouseEvent const&) + 900 (EventHandler.cpp:1100) 12 com.apple.WebCore 0x026d23e5 WebCore::EventHandler::mouseUp(NSEvent*) + 435 (EventHandlerMac.mm:541) 13 com.apple.WebKit 0x001e2c88 -[WebHTMLView mouseUp:] + 274 (WebHTMLView.mm:3276) 14 com.apple.AppKit 0x92cc6929 -[NSWindow sendEvent:] + 5539 15 com.apple.Safari 0x000296d3 0x1000 + 165587 16 com.apple.AppKit 0x92c93431 -[NSApplication sendEvent:] + 2941 17 com.apple.Safari 0x00029250 0x1000 + 164432 18 com.apple.AppKit 0x92bf0e27 -[NSApplication run] + 847 19 com.apple.AppKit 0x92bbe030 NSApplicationMain + 574 20 com.apple.Safari 0x000b4de6 0x1000 + 736742

Attachments
ExecState::setException() backtrace (4.72 KB, text/plain) 2008-06-26 14:35 PDT, Cameron Zwarich (cpst)	no flags	Details
View All Add attachment proposed patch, testcase, etc.

Cameron Zwarich (cpst)

Comment 1 2008-06-24 19:13:53 PDT

When JSEventListener::handleEvent() grabs the window's ExecState, the ExecState already has an exception set. I'll get to the bottom of this.

Cameron Zwarich (cpst)

Comment 2 2008-06-26 14:35:40 PDT

Created attachment 21962 [details] ExecState::setException() backtrace Here's the backtrace for the call to ExecState::setException() that sets the offending exception.

Cameron Zwarich (cpst)

Comment 3 2008-06-26 15:23:49 PDT

There is nothing done to propagate exceptions in the Netscape plugin API, so they stay set on the window object until the next time the window object is used. I am not exactly sure what should be done, especially in this case, where the call is ultimately from JS code. Perhaps someone with more Netscape plugin knowledge can fix this or let me know how it should be fixed.

Cameron Zwarich (cpst)

Comment 4 2008-07-03 06:25:46 PDT

*** Bug 19853 has been marked as a duplicate of this bug. ***

Cameron Zwarich (cpst)

Comment 5 2008-07-03 06:27:25 PDT

*** This bug has been marked as a duplicate of 19853 ***

Note You need to log in before you can comment on or make changes to this bug.

Status RESOLVED

Resolution DUPLICATE

of bug 19853

Priority P1

Severity Normal

Classification Unclassified

Version 528+ (Nightly build)

Hardware Mac

OS OS X 10.5

Product WebKit

Component JavaScriptCore

Assignee

Cameron Zwarich (cpst)

Reported

2008-06-23 21:22 PDT

Modified

2008-07-03 06:27 PDT History

CC List

2 users Show

URL

http://ebay.com/

Keywords NeedsReduction

Depends on

Blocks