Closed
Bug 1170676
Opened 9 years ago
Closed 9 years ago
crash in mozilla::plugins::PluginModuleParent::StreamCast(_NPP*, _NPStream*, mozilla::plugins::PluginAsyncSurrogate**)
Categories
(Core Graveyard :: Plug-ins, defect)
Tracking
(firefox39+ fixed, firefox40+ fixed, firefox41 fixed)
RESOLVED
FIXED
mozilla41
People
(Reporter: kairo, Assigned: bugzilla)
References
Details
(Keywords: crash, topcrash)
Crash Data
Attachments
(1 file)
786 bytes,
patch
|
jimm
:
review+
lizzard
:
approval-mozilla-aurora+
lizzard
:
approval-mozilla-beta+
|
Details | Diff | Splinter Review |
[Tracking Requested - why for this release]: This bug was filed from the Socorro interface and is report bp-dcef83ed-19c4-41b5-87e0-4723b2150531. ============================================================= Stack: 0 xul.dll mozilla::plugins::PluginModuleParent::StreamCast(_NPP*, _NPStream*, mozilla::plugins::PluginAsyncSurrogate**) dom/plugins/ipc/PluginModuleParent.cpp 1 xul.dll mozilla::plugins::PluginModuleParent::NPP_WriteReady(_NPP*, _NPStream*) dom/plugins/ipc/PluginModuleParent.cpp 2 xul.dll nsNPAPIPluginStreamListener::OnDataAvailable(nsPluginStreamListenerPeer*, nsIInputStream*, unsigned int) dom/plugins/base/nsNPAPIPluginStreamListener.cpp 3 xul.dll nsNPAPIPluginStreamListener::Notify(nsITimer*) dom/plugins/base/nsNPAPIPluginStreamListener.cpp 4 xul.dll nsTimerImpl::Fire() xpcom/threads/nsTimerImpl.cpp 5 xul.dll nsTimerEvent::Run() xpcom/threads/nsTimerImpl.cpp This is a new browser crash we are seeing in 39.0b1 (right now 0.9% of all browser crashes), but it's in plugin code, the reports seem to all be EXCEPTION_ACCESS_VIOLATION_READ at 0x20 (32bit, see report linked above) or 0x38 (64bit, e.g. bp-6158001c-0f4f-41d4-a67d-258762150530), spread across all Windows versions from XP to Win10, on both 32bit and 64bit builds. Aaron, given that your async plugin init code is new in 39, can you take a look?
Flags: needinfo?(aklotz)
Assignee | ||
Comment 2•9 years ago
|
||
We should only be doing sanity checks if the BrowserStreamParent is not null.
Assignee: nobody → aklotz
Status: NEW → ASSIGNED
Flags: needinfo?(aklotz)
Attachment #8617068 -
Flags: review?(jmathies)
Updated•9 years ago
|
Attachment #8617068 -
Flags: review?(jmathies) → review+
Assignee | ||
Updated•9 years ago
|
Blocks: asyncplugininit
https://hg.mozilla.org/mozilla-central/rev/91bb0d44384a
Status: ASSIGNED → RESOLVED
Closed: 9 years ago
status-firefox41:
--- → fixed
Resolution: --- → FIXED
Target Milestone: --- → mozilla41
Assignee | ||
Comment 6•9 years ago
|
||
Comment on attachment 8617068 [details] [diff] [review] Fix Approval Request Comment [Feature/regressing bug #]: Async plugin init [User impact if declined]: Crashes [Describe test coverage new/current, TreeHerder]: On m-c, plugin test suite [Risks and why]: None, trivial patch adding a null pointer check. [String/UUID change made/needed]: None
Attachment #8617068 -
Flags: approval-mozilla-beta?
Attachment #8617068 -
Flags: approval-mozilla-aurora?
Comment 7•9 years ago
|
||
RyanVM, if this looks good on m-c in the morning can you uplift it to aurora and beta? (Since you will likely wake up before me.) Thanks!
Flags: needinfo?(ryanvm)
Updated•9 years ago
|
status-firefox40:
--- → affected
tracking-firefox40:
--- → +
Comment 8•9 years ago
|
||
Comment on attachment 8617068 [details] [diff] [review] Fix Approved for uplift to beta and aurora
Attachment #8617068 -
Flags: approval-mozilla-beta?
Attachment #8617068 -
Flags: approval-mozilla-beta+
Attachment #8617068 -
Flags: approval-mozilla-aurora?
Attachment #8617068 -
Flags: approval-mozilla-aurora+
Updated•9 years ago
|
Flags: needinfo?(ryanvm)
Updated•2 years ago
|
Product: Core → Core Graveyard
You need to log in
before you can comment on or make changes to this bug.
Description
•