19736 – Assertion failure due to exceptions thrown from Netscape plugins being ignored

Bug 19736 - Assertion failure due to exceptions thrown from Netscape plugins being ignored

Summary: Assertion failure due to exceptions thrown from Netscape plugins being ignored

Status:	RESOLVED DUPLICATE of bug 19853

Alias:	None

Product:	WebKit
Classification:	Unclassified
Component:	JavaScriptCore (show other bugs)
Version:	528+ (Nightly build)
Hardware:	Mac OS X 10.5

Importance:	P1 Normal
Assignee:	Cameron Zwarich (cpst)

URL:	http://ebay.com/
Keywords:	NeedsReduction

Depends on:
Blocks:

Reported:	2008-06-23 21:22 PDT by Matt Lilek
Modified:	2008-07-03 06:27 PDT (History)
CC List:	2 users (show)

See Also:

Attachments
ExecState::setException() backtrace (4.72 KB, text/plain) 2008-06-26 14:35 PDT, Cameron Zwarich (cpst)	no flags	Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Matt Lilek 2008-06-23 21:22:01 PDT

1. Load <http://ebay.com/>
2. Click "Sign in"
3. Search for something (ie: iPhone or perhaps something cheaper incase you accidently hit "Commit to buy" ;)
4. Click "Buy it Now" tab
5. Select an item in the list
6. Click "Buy it Now" button on the item page
7. If it's a multiple item auction, click Continue
8. Click the eBay logo in the upper left hand corner of the page -> ASSERT

ASSERTION FAILED: !exec->m_exception
(/Users/matt/Code/WebKit/JavaScriptCore/kjs/ExecState.cpp:56 KJS::ExecState::ExecState(KJS::ExecState*, KJS::RegisterFile*, KJS::ScopeChainNode*, int))

Thread 0 Crashed:
0   com.apple.JavaScriptCore      	0x004d07f7 KJS::ExecState::ExecState(KJS::ExecState*, KJS::RegisterFile*, KJS::ScopeChainNode*, int) + 161
1   com.apple.JavaScriptCore      	0x004e512b KJS::Machine::execute(KJS::FunctionBodyNode*, KJS::ExecState*, KJS::JSFunction*, KJS::JSObject*, KJS::ArgList const&, KJS::RegisterFileStack*, KJS::ScopeChainNode*, KJS::JSValue**) + 563 (Machine.cpp:728)
2   com.apple.JavaScriptCore      	0x004504bb KJS::JSFunction::callAsFunction(KJS::ExecState*, KJS::JSObject*, KJS::ArgList const&) + 187 (JSFunction.cpp:90)
3   com.apple.WebCore             	0x02bd871f WebCore::JSAbstractEventListener::handleEvent(WebCore::Event*, bool) + 671 (JSEventListener.cpp:93)
4   com.apple.WebCore             	0x026d4af7 WebCore::EventTarget::handleLocalEvents(WebCore::EventTargetNode*, WebCore::Event*, bool) + 385 (EventTarget.cpp:323)
5   com.apple.WebCore             	0x026d5c14 WebCore::EventTargetNode::handleLocalEvents(WebCore::Event*, bool) + 118 (EventTargetNode.cpp:117)
6   com.apple.WebCore             	0x026d51cc WebCore::EventTarget::dispatchGenericEvent(WebCore::EventTargetNode*, WTF::PassRefPtr<WebCore::Event>, int&, bool) + 1260 (EventTarget.cpp:231)
7   com.apple.WebCore             	0x026d5eb6 WebCore::EventTargetNode::dispatchEvent(WTF::PassRefPtr<WebCore::Event>, int&, bool) + 364 (EventTargetNode.cpp:132)
8   com.apple.WebCore             	0x026d6da8 WebCore::EventTargetNode::dispatchMouseEvent(WebCore::AtomicString const&, int, int, int, int, int, int, bool, bool, bool, bool, bool, WebCore::Node*, WTF::PassRefPtr<WebCore::Event>) + 760 (EventTargetNode.cpp:306)
9   com.apple.WebCore             	0x026d75c1 WebCore::EventTargetNode::dispatchMouseEvent(WebCore::PlatformMouseEvent const&, WebCore::AtomicString const&, int, WebCore::Node*) + 497 (EventTargetNode.cpp:224)
10  com.apple.WebCore             	0x026cccd4 WebCore::EventHandler::dispatchMouseEvent(WebCore::AtomicString const&, WebCore::Node*, bool, int, WebCore::PlatformMouseEvent const&, bool) + 148 (EventHandler.cpp:1278)
11  com.apple.WebCore             	0x026cd52c WebCore::EventHandler::handleMouseReleaseEvent(WebCore::PlatformMouseEvent const&) + 900 (EventHandler.cpp:1100)
12  com.apple.WebCore             	0x026d23e5 WebCore::EventHandler::mouseUp(NSEvent*) + 435 (EventHandlerMac.mm:541)
13  com.apple.WebKit              	0x001e2c88 -[WebHTMLView mouseUp:] + 274 (WebHTMLView.mm:3276)
14  com.apple.AppKit              	0x92cc6929 -[NSWindow sendEvent:] + 5539
15  com.apple.Safari              	0x000296d3 0x1000 + 165587
16  com.apple.AppKit              	0x92c93431 -[NSApplication sendEvent:] + 2941
17  com.apple.Safari              	0x00029250 0x1000 + 164432
18  com.apple.AppKit              	0x92bf0e27 -[NSApplication run] + 847
19  com.apple.AppKit              	0x92bbe030 NSApplicationMain + 574
20  com.apple.Safari              	0x000b4de6 0x1000 + 736742

Comment 1 Cameron Zwarich (cpst) 2008-06-24 19:13:53 PDT

When JSEventListener::handleEvent() grabs the window's ExecState, the ExecState already has an exception set. I'll get to the bottom of this.

Comment 2 Cameron Zwarich (cpst) 2008-06-26 14:35:40 PDT

Created attachment 21962 [details]
ExecState::setException() backtrace

Here's the backtrace for the call to ExecState::setException() that sets the offending exception.

Comment 3 Cameron Zwarich (cpst) 2008-06-26 15:23:49 PDT

There is nothing done to propagate exceptions in the Netscape plugin API, so they stay set on the window object until the next time the window object is used. I am not exactly sure what should be done, especially in this case, where the call is ultimately from JS code. Perhaps someone with more Netscape plugin knowledge can fix this or let me know how it should be fixed.

Comment 4 Cameron Zwarich (cpst) 2008-07-03 06:25:46 PDT

*** Bug 19853 has been marked as a duplicate of this bug. ***

Comment 5 Cameron Zwarich (cpst) 2008-07-03 06:27:25 PDT


*** This bug has been marked as a duplicate of 19853 ***