Closed
Bug 688608
Opened 13 years ago
Closed 12 years ago
[@ std::_Construct<MessageLoop::PendingTask, MessageLoop::PendingTask>(MessageLoop::PendingTask*, MessageLoop::PendingTask const&) ]
Categories
(Core Graveyard :: Plug-ins, defect)
Tracking
(Not tracked)
RESOLVED
DUPLICATE
of bug 657588
People
(Reporter: bc, Unassigned)
References
()
Details
(Keywords: crash, Whiteboard: [sg:dupe 657588])
Crash Data
1. Load http://adobe.com/software/flash/about in debug Firefox build 2. Attach debugger to plugin-container process 3. Load Url (either reload until crash or load the next url) 4. Crash [@ std::_Construct<MessageLoop::PendingTask, MessageLoop::PendingTask>(MessageLoop::PendingTask*, MessageLoop::PendingTask const&) ] Only seen on Windows XP on Nightly/9, Aurora/8, Beta/7 so far. Seen with 10.3.183.10 as well at least 10.3.183.7. Other crash locations are possible. This may be related to the heap corruption issues seen in bug 678538. Did see one example where a mutex lock was null. One example: http://damewii.com/juego-wii-we-dare-276.fx + _Ptr 0x040b2f18 {task=0xcdcdcdcd delayed_run_time={...} sequence_num=-842150451 ...} MessageLoop::PendingTask * + _Val {task=??? delayed_run_time={...} sequence_num=??? ...} const MessageLoop::PendingTask & _Vptr 0x040b2f18 void * Note unitialized value in _Ptr->task > xul.dll!std::_Construct<MessageLoop::PendingTask,MessageLoop::PendingTask>(MessageLoop::PendingTask * _Ptr=0x040b2f18, const MessageLoop::PendingTask & _Val={...}) Line 53 + 0x1d bytes C++ xul.dll!std::allocator<MessageLoop::PendingTask>::construct(MessageLoop::PendingTask * _Ptr=0x040b2f18, const MessageLoop::PendingTask & _Val={...}) Line 156 + 0xd bytes C++ xul.dll!std::deque<MessageLoop::PendingTask,std::allocator<MessageLoop::PendingTask> >::push_back(const MessageLoop::PendingTask & _Val={...}) Line 827 C++ https://crash-stats.mozilla.com/report/list?product=Firefox&query_search=signature&query_type=contains&query=std%3A%3A_Construct&reason_type=contains&date=09%2F22%2F2011%2013%3A01%3A49&range_value=1&range_unit=weeks&hang_type=any&process_type=any&do_query=1&signature=std%3A%3A_Construct%3CMessageLoop%3A%3APendingTask%2C%20MessageLoop%3A%3APendingTask%3E%28MessageLoop%3A%3APendingTask*%2C%20MessageLoop%3A%3APendingTask%20const%26%29 https://crash-stats.mozilla.com/report/list?product=Firefox&query_search=signature&query_type=contains&query=std%3A%3A_Construct&reason_type=contains&date=09%2F22%2F2011%2013%3A01%3A49&range_value=1&range_unit=weeks&hang_type=any&process_type=any&do_query=1&signature=hang%20|%20std%3A%3A_Construct%3CMessageLoop%3A%3APendingTask%2C%20MessageLoop%3A%3APendingTask%3E%28MessageLoop%3A%3APendingTask*%2C%20MessageLoop%3A%3APendingTask%20const%26%29 http://damewii.com/juego-wii-we-dare-276.fx http://netaatoz.blog21.fc2.com/blog-entry-1813.html (nsfw) http://videomasti.net/page/2/ http://www.kenh88.com/sao-hoa-tim-me--mars-needs-moms-2011-vsub-5-play-66-4536-63-472856.html http://www.blogdelnarco.com/2011/08/capturan-tres-integrantes-de-los-zetas.html http://www.incontri-x-sesso.com/?id=1%252525252526track=IT-Exit-Megasesso (nsfw) http://www.pspiso.com/mkv-movie-collection-t958411.html?t=958411%25252526highlight=bond%2525252Bfilms
|
||
Comment 1•13 years ago
|
||
This looks exactly like bug 657588, are they different?
|
Reporter | |
Comment 2•13 years ago
|
||
Could be the same base issue. Whether we dupe and which direction depends on whether the base issue is in mozilla code or adobe code.
Status: NEW → RESOLVED
Closed: 12 years ago
Resolution: --- → DUPLICATE
|
||
Updated•12 years ago
|
Whiteboard: [sg:investigate] → [sg:dupe 657588]
Group: core-security
|
||
Updated•2 years ago
|
Product: Core → Core Graveyard
You need to log in
before you can comment on or make changes to this bug.
Description
•