Bug 834732 - Assert proper cx stack handling in WrapperFactory::Rewrap. r=mrbkap
authorBobby Holley <bobbyholley@gmail.com>
Tue, 26 Feb 2013 11:04:13 -0800
changeset 123045 a38bbae7a53bff6941854e41ea59b9b87bde8cee
parent 123044 a099a2fcdc4eea37f1eb6545f5c1a50d9f2312d4
child 123046 036f8a67636cc709aa2dccaab8495316bdc6f433
push id23632
push userbobbyholley@gmail.com
push dateTue, 26 Feb 2013 19:04:30 +0000
treeherdermozilla-inbound@a38bbae7a53b [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersmrbkap
bugs834732
milestone22.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 834732 - Assert proper cx stack handling in WrapperFactory::Rewrap. r=mrbkap
js/xpconnect/src/XPCWrappedJSClass.cpp
js/xpconnect/wrappers/WrapperFactory.cpp
--- a/js/xpconnect/src/XPCWrappedJSClass.cpp
+++ b/js/xpconnect/src/XPCWrappedJSClass.cpp
@@ -487,16 +487,17 @@ nsXPCWrappedJSClass::IsWrappedJS(nsISupp
 {
     void* result;
     NS_PRECONDITION(aPtr, "null pointer");
     return aPtr &&
            NS_OK == aPtr->QueryInterface(NS_GET_IID(WrappedJSIdentity), &result) &&
            result == WrappedJSIdentity::GetSingleton();
 }
 
+// NB: This returns null unless there's nothing on the JSContext stack.
 static JSContext *
 GetContextFromObject(JSObject *obj)
 {
     // Don't stomp over a running context.
     XPCJSContextStack* stack = XPCJSRuntime::Get()->GetJSContextStack();
 
     if (stack && stack->Peek())
         return nullptr;
--- a/js/xpconnect/wrappers/WrapperFactory.cpp
+++ b/js/xpconnect/wrappers/WrapperFactory.cpp
@@ -280,18 +280,17 @@ DEBUG_CheckUnwrapSafety(JSObject *obj, j
         // If the caller is chrome (or effectively so), unwrap should always be allowed.
         MOZ_ASSERT(handler->isSafeToUnwrap());
     } else if (WrapperFactory::IsComponentsObject(obj))
     {
         // The Components object that is restricted regardless of origin.
         MOZ_ASSERT(!handler->isSafeToUnwrap());
     } else if (AccessCheck::needsSystemOnlyWrapper(obj)) {
         // SOWs are opaque to everyone but Chrome and XBL scopes.
-        // FIXME: Re-enable in bug 834732.
-        // MOZ_ASSERT(handler->isSafeToUnwrap() == nsContentUtils::CanAccessNativeAnon());
+        MOZ_ASSERT(handler->isSafeToUnwrap() == nsContentUtils::CanAccessNativeAnon());
     } else {
         // Otherwise, it should depend on whether the target subsumes the origin.
         MOZ_ASSERT(handler->isSafeToUnwrap() == AccessCheck::subsumes(target, origin));
     }
 }
 #else
 #define DEBUG_CheckUnwrapSafety(obj, handler, origin, target) {}
 #endif
@@ -337,16 +336,19 @@ WrapperFactory::Rewrap(JSContext *cx, JS
                        unsigned flags)
 {
     MOZ_ASSERT(!IsWrapper(obj) ||
                GetProxyHandler(obj) == &XrayWaiver ||
                js::GetObjectClass(obj)->ext.innerObject,
                "wrapped object passed to rewrap");
     MOZ_ASSERT(JS_GetClass(obj) != &XrayUtils::HolderClass, "trying to wrap a holder");
     MOZ_ASSERT(!js::IsInnerObject(obj));
+    // We sometimes end up here after nsContentUtils has been shut down but before
+    // XPConnect has been shut down, so check the context stack the roundabout way.
+    MOZ_ASSERT(XPCJSRuntime::Get()->GetJSContextStack()->Peek() == cx);
 
     // Compute the information we need to select the right wrapper.
     JSCompartment *origin = js::GetObjectCompartment(obj);
     JSCompartment *target = js::GetContextCompartment(cx);
     bool originIsChrome = AccessCheck::isChrome(origin);
     bool targetIsChrome = AccessCheck::isChrome(target);
     bool originSubsumesTarget = AccessCheck::subsumes(origin, target);
     bool targetSubsumesOrigin = AccessCheck::subsumes(target, origin);