Closed
Bug 1116825
Opened 9 years ago
Closed 9 years ago
crash in RevocableStore::Revocable::Revocable(RevocableStore*)
Categories
(Core Graveyard :: Plug-ins, defect)
Tracking
(firefox36 unaffected, firefox37+ verified)
VERIFIED
FIXED
mozilla37
| Tracking | Status | |
|---|---|---|
| firefox36 | --- | unaffected |
| firefox37 | + | verified |
People
(Reporter: stephend, Assigned: bugzilla)
References
()
Details
(Keywords: crash, regression, reproducible)
Crash Data
Attachments
(1 file)
This bug was filed from the Socorro interface and is report bp-2f1719e6-6ca6-4749-8954-af01e2141231. ============================================================= STR: 1. With E10S enabled, and using Build identifier: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:37.0) Gecko/20100101 Firefox/37.0, load http://www.octoshape.com/showcase/download-free/ (and/or switch between stream types) 2. Crash: Frame Module Signature Source 0 xul.dll RevocableStore::Revocable::Revocable(RevocableStore*) ipc/chromium/src/base/revocable_store.cc 1 @0x1f5cfff 2 @0x1f2c53f 3 kernelbase.dll RtlAnsiStringToUnicodeString 4 npswf64_16_0_0_235.dll F_576329275__________________________________________________________________________________________________ c:\program files (x86)\microsoft visual studio 9.0\vc\atlmfc\include\atlwin.h:3081 5 mozglue.dll choose_arena memory/mozjemalloc/jemalloc.c
|
||
Comment 1•9 years ago
|
||
At a glance, it looks like maybe somebody is trying to pass -1 to the ctor.
tracking-e10s:
--- → ?
|
||
Comment 2•9 years ago
|
||
Using Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:37.0) Gecko/20100101 Firefox/37.0 ID:20141231030205 CSet: 88037f94b7d7 I can reproduce this fairly consistently by doing the following: 1. Start playing https://www.youtube.com/watch?v=VQJnr1huuCE 2. Select another video in the right hand column and start playing At least 1 out of 3 times I crash with "The Adobe Flash plugin has crashed" and I get this stack.
Keywords: reproducible
|
|
||
Comment 3•9 years ago
|
||
I can also reproduce this with e10s turned off.
|
Reporter | |
Comment 4•9 years ago
|
||
(If it helps, I hit this nearly 100% right now on http://www.gametrailers.com/videos/qihwn6/sukeima-tutorial-mp4 - https://crash-stats.mozilla.com/report/index/607d8166-0ea0-4af6-8984-22d0d2141231)
|
|
||
Comment 5•9 years ago
|
||
The stacks make this look like more of a Flash plugin issue than an IPC issue. (The stack in comment 4 is much better than the one in comment 0.) FWIW, I can't reproduce this with any of the STR in this bug so far, on OSX Nightly.
tracking-e10s:
? → ---
Component: IPC → Plug-ins
Here's is an STR that works reliably for me: 1. Play a flash video on YouTube 2. Single click the video to make sure the flash player object is focused 3. Repeatedly tap the right arrow keyboard key (i.e ->) -- normally this would advance playback forward -- a few times in rapid succession 4. By about the 3rd to 5th key press, the plugin should have crashed. 5. The crash also occurs when repeatedly using the left arrow key to advance backwards.
Regression pushlog: http://hg.mozilla.org/integration/mozilla-inbound/pushloghtml?fromchange=beba124659ca&tochange=54c85be89886 Caused by bug 998863
Blocks: 998863
Keywords: regression
NOTE: To reproduce on YouTube with my STR in comment 6, you'll need to install the following extension to force the use of Flash Player: https://addons.mozilla.org/en-US/firefox/addon/youtube-flash-player/?src=search
|
|
||
Updated•9 years ago
|
|
|
||
Comment 9•9 years ago
|
||
[Tracking Requested - why for this release]: YouTube crashes
tracking-firefox37:
--- → ?
|
||
Updated•9 years ago
|
Version: unspecified → 37 Branch
|
Assignee | |
Comment 10•9 years ago
|
||
Can everybody please let me know what the state of their dom.ipc.plugins.asyncInit preference is? I'm assuming false but I'd like to confirm.
Flags: needinfo?(stephen.donner)
Flags: needinfo?(mozillamarcia.knous)
Flags: needinfo?(aklotz)
|
|
||
Comment 11•9 years ago
|
||
(In reply to Aaron Klotz [:aklotz] (please use needinfo) from comment #10) > Can everybody please let me know what the state of their > dom.ipc.plugins.asyncInit preference is? I'm assuming false but I'd like to > confirm. Hello Aaron - dom.ipc.plugins.asyncInit is set to false on the Windows machine I am seeing the crashes with.
Flags: needinfo?(mozillamarcia.knous)
|
|
Assignee | |
Comment 12•9 years ago
|
||
I can reproduce. Investigating...
Assignee: nobody → aklotz
Status: NEW → ASSIGNED
|
|
Assignee | |
Comment 13•9 years ago
|
||
Flags: needinfo?(stephen.donner)
Attachment #8543409 -
Flags: review?(jmathies)
|
|
Assignee | |
Updated•9 years ago
|
|
||
Comment 14•9 years ago
|
||
Crash report: bp-4c87411c-46eb-4f92-838a-52baa2150103 If it's of any use: I can reproduce with 100% crash failure at http://www.bbc.com/news/technology-30657349 I can watch with 100% success rate at http://www.bbc.com/news/uk-30657551 I'm wondering if both pages use the same player.
|
||
Comment 15•9 years ago
|
||
This is not flash only. Silverlight (Netflix) also crashes. https://crash-stats.mozilla.com/report/index/0221c127-e67e-4f0a-a02a-b39632150105 dom.ipc.plugins.asyncInit: false E10s disabled
|
|
Reporter | |
Comment 16•9 years ago
|
||
(In reply to Aaron Klotz [:aklotz] (please use needinfo) from comment #10) > Can everybody please let me know what the state of their > dom.ipc.plugins.asyncInit preference is? I'm assuming false but I'd like to > confirm. dom.ipc.plugins.asyncInit is false on my Windows 7 machine.
|
||
Updated•9 years ago
|
|
||
Updated•9 years ago
|
Attachment #8543409 -
Flags: review?(jmathies) → review+
|
|
Assignee | |
Comment 17•9 years ago
|
||
https://hg.mozilla.org/integration/mozilla-inbound/rev/7866b505b059
|
||
Comment 18•9 years ago
|
||
https://hg.mozilla.org/mozilla-central/rev/7866b505b059
Status: ASSIGNED → RESOLVED
Closed: 9 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla37
|
||
Comment 19•9 years ago
|
||
Confirmed fixed in latest nightly build, with both settings of dom.ipc.plugins.asyncInit https://hg.mozilla.org/mozilla-central/rev/33781a3a5201
Status: RESOLVED → VERIFIED
|
||
Comment 20•9 years ago
|
||
Encountered this crash while navigating to http://www.microsoft.com/silverlight/iis-smooth-streaming/demo/#/live with Nightly from 2015-01-06, Windows 7 64-bit: bp-68526185-d72e-4893-93df-ab4862150106 bp-81aa01bb-8d4a-4ea8-8e4f-57e9c2150106 Verified as fixed with latest Nightly (Build ID: 20150107030217) on Windows 7 64-bit.
|
|
||
Comment 21•9 years ago
|
||
(In reply to CAK from comment #14) > Crash report: bp-4c87411c-46eb-4f92-838a-52baa2150103 > > If it's of any use: > I can reproduce with 100% crash failure at > http://www.bbc.com/news/technology-30657349 > I can watch with 100% success rate at http://www.bbc.com/news/uk-30657551 > > I'm wondering if both pages use the same player. Works fine now. Thank you Aaron, Ryan!
|
||
Updated•2 years ago
|
Product: Core → Core Graveyard
You need to log in
before you can comment on or make changes to this bug.
Description
•