Closed
Bug 127135
Opened 23 years ago
Closed 22 years ago
Quicktime plugin crashes when exiting Mozilla
Categories
(Core Graveyard :: Plug-ins, defect, P2)
Tracking
(Not tracked)
RESOLVED
INVALID
mozilla1.0
People
(Reporter: smontagu, Assigned: serhunt)
References
()
Details
Attachments
(2 files)
8.99 KB,
text/plain
|
Details | |
700 bytes,
patch
|
peterlubczynski-bugs
:
review+
|
Details | Diff | Splinter Review |
Steps to reproduce: 1) Go to http://visibleearth.nasa.gov/cgi-bin/viewrecord?11664 2) Click on one of the links. In practice I find that the animation never finishes loading, but I can't tell if this is crucial for reproducing the bug. 3) Exit Mozilla Actual behaviour: The following dialog appears: Illegal Operation in Plugin The plugin performed an illegal operation. You are strongly advised to restart Navigator. This sounds as if it might be a dupe of bug 120815, but the steps to reproduce are not quite the same. It also looks like a regression of bug 33105.
Comment 1•23 years ago
|
||
what's the version of ur qt plugin?
Reporter | ||
Comment 2•23 years ago
|
||
5.0.2
Comment 3•23 years ago
|
||
I see the issue of the plugin appearing to take forever to load. I tried the first testcase (1.8mb)..but u know what ! If I hit the BACK button the movie actually plays ( and all the time I was thinking that it has not loaded). How did u exit mozilla ? File menu or 'x' ?
Comment 4•23 years ago
|
||
yup, I see the error('Illegal operation in plugin'). However, the browser does not crash... not sure if this is a dup of the mentioned bugs...
Comment 5•23 years ago
|
||
bug 121072 mentions this dialog..but it does not seem like to be our (netscape) problem..if this dialog comes up, is it a bug in quicktime?
Comment 6•23 years ago
|
||
same problem with 4.x, video loads very slowwwwwwww
Comment 7•23 years ago
|
||
Could someone attach a stack (with pref plugin.dont_try_safe_calls turn on) or a plugin trace log?
Reporter | ||
Comment 8•23 years ago
|
||
Here is a stack trace: NTDLL! 77fa018c() NTDLL! 77fceb56() NTDLL! 77f8b60b() NTDLL! 77fb5721() NTDLL! 77fa760a() NTDLL! 77fcba9e() QUICKTIME! 629b3104() QUICKTIMEWEBHELPER! 62c9ab50() QUICKTIME! 62a72410() QUICKTIMEWEBHELPER! 62c91274()
I did not try it yet, but if it crashes in the debug build, it could be useful to put a break point in |nsPluginHostImpl::HandleBadPlugin| and look at the stack trace at that point.
Reporter | ||
Comment 10•22 years ago
|
||
Here is the stack trace av asked for: nsPluginHostImpl::HandleBadPlugin(nsPluginHostImpl * const 0x01649684, PRLibrary * 0x054ad900) line 5993 ns4xPluginStreamListener::CleanUpStream(short 0x0002) line 156 + 209 bytes ns4xPluginInstance::Stop(ns4xPluginInstance * const 0x054e7b28) line 809 PluginViewerImpl::Destroy(PluginViewerImpl * const 0x05565ec4) line 502 nsDocShell::Destroy(nsDocShell * const 0x054cda4c) line 2614 nsWebShell::Destroy(nsWebShell * const 0x054cda4c) line 1245 nsHTMLFrameInnerFrame::~nsHTMLFrameInnerFrame() line 675 nsHTMLFrameInnerFrame::`scalar deleting destructor'(unsigned int 0x00000001) + 15 bytes nsFrame::Destroy(nsFrame * const 0x054bd5b8, nsIPresContext * 0x02e8a2d0) line 466 + 34 bytes nsFrameList::DestroyFrames(nsIPresContext * 0x02e8a2d0) line 131 nsContainerFrame::Destroy(nsContainerFrame * const 0x054bd578, nsIPresContext * 0x02e8a2d0) line 141 nsFrameList::DestroyFrame(nsIPresContext * 0x02e8a2d0, nsIFrame * 0x054bd578) line 218 nsBoxFrame::RemoveFrame(nsBoxFrame * const 0x042430b4, nsIPresContext * 0x02e8a2d0, nsIPresShell & {...}, nsIAtom * 0x00000000, nsIFrame * 0x054bd578) line 1295 FrameManager::RemoveFrame(FrameManager * const 0x02eae068, nsIPresContext * 0x02e8a2d0, nsIPresShell & {...}, nsIFrame * 0x042430b4, nsIAtom * 0x00000000, nsIFrame * 0x054bd578) line 976 nsCSSFrameConstructor::ContentRemoved(nsCSSFrameConstructor * const 0x02efa6e0, nsIPresContext * 0x02e8a2d0, nsIContent * 0x0406e3f0, nsIContent * 0x054c9690, int 0x00000001, int 0x00000000) line 9735 + 58 bytes StyleSetImpl::ContentRemoved(StyleSetImpl * const 0x02efa5e0, nsIPresContext * 0x02e8a2d0, nsIContent * 0x0406e3f0, nsIContent * 0x054c9690, int 0x00000001) line 1472 PresShell::ContentRemoved(PresShell * const 0x02e61a30, nsIDocument * 0x02febe68, nsIContent * 0x0406e3f0, nsIContent * 0x054c9690, int 0x00000001) line 5208 + 53 bytes nsXULDocument::ContentRemoved(nsXULDocument * const 0x02febe68, nsIContent * 0x0406e3f0, nsIContent * 0x054c9690, int 0x00000001) line 2200 nsXULElement::RemoveChildAt(nsXULElement * const 0x0406e3f0, int 0x00000001, int 0x00000001) line 2443 nsXULElement::RemoveChild(nsXULElement * const 0x0406e3f4, nsIDOMNode * 0x054c9694, nsIDOMNode * * 0x0012d3d8) line 1129 + 22 bytes XPTC_InvokeByIndex(nsISupports * 0x0406e3f4, unsigned int 0x00000011, unsigned int 0x00000002, nsXPTCVariant * 0x0012d3c8) line 106 XPCWrappedNative::CallMethod(XPCCallContext & {...}, XPCWrappedNative::CallMode CALL_METHOD) line 2025 + 42 bytes XPC_WN_CallMethod(JSContext * 0x03043f98, JSObject * 0x0415d4c8, unsigned int 0x00000001, long * 0x0556b0fc, long * 0x0012d6a4) line 1266 + 14 bytes js_Invoke(JSContext * 0x03043f98, unsigned int 0x00000001, unsigned int 0x00000000) line 788 + 23 bytes js_Interpret(JSContext * 0x03043f98, long * 0x0012e4e4) line 2745 + 15 bytes js_Invoke(JSContext * 0x03043f98, unsigned int 0x00000001, unsigned int 0x00000002) line 805 + 13 bytes js_InternalInvoke(JSContext * 0x03043f98, JSObject * 0x0415dac8, long 0x0428da68, unsigned int 0x00000000, unsigned int 0x00000001, long * 0x0012e73c, long * 0x0012e60c) line 880 + 20 bytes JS_CallFunctionValue(JSContext * 0x03043f98, JSObject * 0x0415dac8, long 0x0428da68, unsigned int 0x00000001, long * 0x0012e73c, long * 0x0012e60c) line 3412 + 31 bytes nsJSContext::CallEventHandler(nsJSContext * const 0x02fbdc78, void * 0x0415dac8, void * 0x0428da68, unsigned int 0x00000001, void * 0x0012e73c, int * 0x0012e740, int 0x00000000) line 1016 + 33 bytes nsJSEventListener::HandleEvent(nsJSEventListener * const 0x0423c410, nsIDOMEvent * 0x05505a90) line 180 + 77 bytes nsEventListenerManager::HandleEventSubType(nsListenerStruct * 0x0423c4f0, nsIDOMEvent * 0x05505a90, nsIDOMEventTarget * 0x0423b070, unsigned int 0x00000008, unsigned int 0x00000007) line 1217 + 20 bytes nsEventListenerManager::HandleEvent(nsEventListenerManager * const 0x0423c398, nsIPresContext * 0x02e8a2d0, nsEvent * 0x0012f24c, nsIDOMEvent * * 0x0012f100, nsIDOMEventTarget * 0x0423b070, unsigned int 0x00000007, nsEventStatus * 0x0012f294) line 2207 + 36 bytes nsXULElement::HandleDOMEvent(nsXULElement * const 0x0423b068, nsIPresContext * 0x02e8a2d0, nsEvent * 0x0012f24c, nsIDOMEvent * * 0x0012f100, unsigned int 0x00000001, nsEventStatus * 0x0012f294) line 3457 PresShell::HandleDOMEventWithTarget(PresShell * const 0x02e61a28, nsIContent * 0x0423b068, nsEvent * 0x0012f24c, nsEventStatus * 0x0012f294) line 6101 + 36 bytes nsButtonBoxFrame::MouseClicked(nsIPresContext * 0x02e8a2d0, nsGUIEvent * 0x0012f440) line 195 nsButtonBoxFrame::HandleEvent(nsButtonBoxFrame * const 0x04242bb4, nsIPresContext * 0x02e8a2d0, nsGUIEvent * 0x0012f440, nsEventStatus * 0x0012f718) line 142 PresShell::HandleEventInternal(nsEvent * 0x0012f440, nsIView * 0x00000000, unsigned int 0x00000001, nsEventStatus * 0x0012f718) line 6069 + 38 bytes PresShell::HandleEventWithTarget(PresShell * const 0x02e61a28, nsEvent * 0x0012f440, nsIFrame * 0x04242bb4, nsIContent * 0x0423b068, unsigned int 0x00000001, nsEventStatus * 0x0012f718) line 6023 + 22 bytes nsEventStateManager::CheckForAndDispatchClick(nsEventStateManager * const 0x03178730, nsIPresContext * 0x02e8a2d0, nsMouseEvent * 0x0012f90c, nsEventStatus * 0x0012f718) line 2602 + 63 bytes nsEventStateManager::PostHandleEvent(nsEventStateManager * const 0x03178738, nsIPresContext * 0x02e8a2d0, nsEvent * 0x0012f90c, nsIFrame * 0x04242bb4, nsEventStatus * 0x0012f718, nsIView * 0x02efa320) line 1684 + 28 bytes PresShell::HandleEventInternal(nsEvent * 0x0012f90c, nsIView * 0x02efa320, unsigned int 0x00000001, nsEventStatus * 0x0012f718) line 6074 + 43 bytes PresShell::HandleEvent(PresShell * const 0x02e61a2c, nsIView * 0x02efa320, nsGUIEvent * 0x0012f90c, nsEventStatus * 0x0012f718, int 0x00000001, int & 0x00000001) line 5977 + 25 bytes nsViewManager::HandleEvent(nsView * 0x02efa320, nsGUIEvent * 0x0012f90c, int 0x00000001) line 2043 nsView::HandleEvent(nsViewManager * 0x02efa0a0, nsGUIEvent * 0x0012f90c, int 0x00000001) line 306 nsViewManager::DispatchEvent(nsViewManager * const 0x02efa0a0, nsGUIEvent * 0x0012f90c, nsEventStatus * 0x0012f808) line 1857 + 23 bytes HandleEvent(nsGUIEvent * 0x0012f90c) line 83 nsWindow::DispatchEvent(nsWindow * const 0x02efa3cc, nsGUIEvent * 0x0012f90c, nsEventStatus & nsEventStatus_eIgnore) line 865 + 10 bytes nsWindow::DispatchWindowEvent(nsGUIEvent * 0x0012f90c) line 886 nsWindow::DispatchMouseEvent(unsigned int 0x0000012d, unsigned int 0x00000000, nsPoint * 0x00000000) line 4711 + 21 bytes ChildWindow::DispatchMouseEvent(unsigned int 0x0000012d, unsigned int 0x00000000, nsPoint * 0x00000000) line 4963 nsWindow::ProcessMessage(unsigned int 0x00000202, unsigned int 0x00000000, long 0x006c03ed, long * 0x0012fd20) line 3596 + 28 bytes nsWindow::WindowProc(HWND__ * 0x00220ba6, unsigned int 0x00000202, unsigned int 0x00000000, long 0x006c03ed) line 1130 + 27 bytes USER32! 77e12e98() USER32! 77e130e0() USER32! 77e15824() nsAppShellService::Run(nsAppShellService * const 0x015d3d38) line 309 main1(int 0x00000001, char * * 0x003078a0, nsISupports * 0x00000000) line 1350 + 32 bytes main(int 0x00000001, char * * 0x003078a0) line 1698 + 37 bytes mainCRTStartup() line 338 + 17 bytes KERNEL32! 77e97d08()
Comment 11•22 years ago
|
||
adding all the bug header goodies : crash, P2, major, moz1.0, nsbeta1 float over to 1.01 if we need to
Comment 12•22 years ago
|
||
I just tested this on win98 using the build from 2002031403, and I am not crashing on exit. On mac OSX, there are othe problems, but I am not crashing
Comment 13•22 years ago
|
||
I got this stack trace, it looks bad from ns4xPluginStreamListener::CleanUpStream(short 2) line 156 + 209 bytes we are calling it again recursively ns4xPluginStreamListener::CleanUpStream(short 0) line 134 To prevent this I would suggest to set mStreamCleanedUp==true before NPP_ calls
Comment 14•22 years ago
|
||
something like this
Comment 15•22 years ago
|
||
Comment on attachment 74232 [details] [diff] [review] patch v1 r=peterl ...but does the orrignal crash still happen and HandleBadPlugin comes up?
Attachment #74232 -
Flags: review+
Comment 16•22 years ago
|
||
well, I cannnot crash my debug build, and my stack trace is different from Simon Montagu, and cvs version of nsPluginHostImpl.cpp is different too, Simon, what cvs version of nsPluginHostImpl.cpp did you use to get a stack trace, I'm just curious what is on line 5993: nsPluginHostImpl::HandleBadPlugin(nsPluginHostImpl * const 0x01649684, PRLibrary * 0x054ad900) line 5993 you can get it using: grep nsPluginHostImpl.cpp \mozilla\modules\plugin\base\src\CVS\Entries
Reporter | ||
Comment 17•22 years ago
|
||
Notice that I got the stack trace by setting a breakpoint in the debugger, at the first line of |nsPluginHostImpl::HandleBadPlugin|
Comment 18•22 years ago
|
||
I got it, in this case the patch probably can fix the crash. Simon, did you crash in debug build?
Reporter | ||
Comment 19•22 years ago
|
||
I get the plugin crash both in debug and optimized builds.
Comment 20•22 years ago
|
||
could you try the patch (attachment 74231 [details]) and see how it'll work, please?
Reporter | ||
Comment 21•22 years ago
|
||
I'm afraid the crash happens exactly the same with the patch applied. I think I can refine the steps to reproduce the crash: it doesn't happen if the animation has already started, only at the first stages of loading while the Quicktime logo is still displayed on the screen. The crash will also happen if you open the animation in a new tab and close the tab while it is still beginning to load.
Comment 22•22 years ago
|
||
did you get "Illegal operation in Plugin" dialog before the crash?
Reporter | ||
Comment 23•22 years ago
|
||
I obviously haven't made myself clear enough. I get the "illegal operation in plugin" dialog, but the browser itself does not crash.
Comment 24•22 years ago
|
||
Why did you call it crash? And I do not get it, how you want us to fix this quicktime plugin problem? If lets say some plugin dll is doing dividing by 0, nothing we can do about it, in best case scenario we can catch the structural exception and warn users to exit the browser.
Updated•22 years ago
|
Assignee | ||
Comment 25•22 years ago
|
||
Marking INALID based on the latest comments from serge.
Status: NEW → RESOLVED
Closed: 22 years ago
Resolution: --- → INVALID
Comment 26•22 years ago
|
||
I filed new bug 131281 to prevent recursively calls into NPP_ functions
Reporter | ||
Comment 27•22 years ago
|
||
Shouldn't we at least let the plugin fail silently if the browser is exiting? The message 'You are strongly advised to restart Navigator' is very confusing in this situation.
Updated•2 years ago
|
Product: Core → Core Graveyard
You need to log in
before you can comment on or make changes to this bug.
Description
•