Closed
Bug 147279
Opened 23 years ago
Closed 23 years ago
Crash when QT plug-in is intialized [@ SetOrigin]
Categories
(Camino Graveyard :: Page Layout, defect)
Tracking
(Not tracked)
VERIFIED
FIXED
People
(Reporter: chrispetersen, Assigned: beard)
References
()
Details
(Keywords: crash)
Crash Data
Attachments
(2 files, 1 obsolete file)
|
2.75 KB,
patch
|
Details | Diff | Splinter Review | |
|
1.04 KB,
patch
|
Details | Diff | Splinter Review |
Build: 0.2.7
Platform: OS X 10.1.4
Expected Results: QT Plugin should be succeusfully intialized
What I got: Application crashes when attempting open a JS window that contains
QT content.
Stack trace:
Date/Time: 2002-05-26 18:58:19 -0700
Command: Navigator
PID: 419
Exception: EXC_BAD_ACCESS (0x0001)
Codes: KERN_PROTECTION_FAILURE (0x0002) at 0x0000358b
Thread 0 Crashed:
#0 0x734fc5d0 in SetOrigin
#1 0x0449ca38 in 0x449ca38
#2 0x044a8550 in 0x44a8550
#3 0x0449c298 in 0x449c298
#4 0x043a8724 in ns4xPluginInstance::SetWindow(nsPluginWindow *)
#5 0x043b0d5c in nsPluginHostImpl::InstantiateEmbededPlugin(char const *,
nsIURI *, nsIPluginInstanceOwner *)
#6 0x035558a4 in nsObjectFrame::InstantiatePlugin(nsIPresContext *,
nsHTMLReflowMetrics &, nsHTMLReflowState const &, nsIPluginHost *, char const *,
nsIURI *)
#7 0x03554dd0 in nsObjectFrame::Reflow(nsIPresContext *, nsHTMLReflowMetrics
&, nsHTMLReflowState const &, unsigned int &)
#8 0x0354f480 in nsLineLayout::ReflowFrame(nsIFrame *, nsIFrame **, unsigned
int &, nsHTMLReflowMetrics *, int &)
#9 0x0351bb8c in nsBlockFrame::ReflowInlineFrame(nsBlockReflowState &,
nsLineLayout &, nsLineList_iterator, nsIFrame *, unsigned char *)
#10 0x0351b93c in nsBlockFrame::DoReflowInlineFrames(nsBlockReflowState &,
nsLineLayout &, nsLineList_iterator, int *, unsigned char *, int, int)
#11 0x0351b784 in nsBlockFrame::DoReflowInlineFramesAuto(nsBlockReflowState &,
nsLineList_iterator, int *, unsigned char *, int, int)
#12 0x0351b608 in nsBlockFrame::ReflowInlineFrames(nsBlockReflowState &,
nsLineList_iterator, int *, int, int)
#13 0x0351a038 in nsBlockFrame::ReflowLine(nsBlockReflowState &,
nsLineList_iterator, int *, int)
#14 0x035197ac in nsBlockFrame::ReflowDirtyLines(nsBlockReflowState &)
#15 0x03518284 in nsBlockFrame::Reflow(nsIPresContext *, nsHTMLReflowMetrics
&, nsHTMLReflowState const &, unsigned int &)
#16 0x03526d90 in nsContainerFrame::ReflowChild(nsIFrame *, nsIPresContext *,
nsHTMLReflowMetrics &, nsHTMLReflowState const &, int, int, unsigned int,
unsigned int &)
#17 0x035e61fc in nsTableCellFrame::Reflow(nsIPresContext *,
nsHTMLReflowMetrics &, nsHTMLReflowState const &, unsigned int &)
#18 0x03526d90 in nsContainerFrame::ReflowChild(nsIFrame *, nsIPresContext *,
nsHTMLReflowMetrics &, nsHTMLReflowState const &, int, int, unsigned int,
unsigned int &)
#19 0x03600070 in nsTableRowFrame::ReflowChildren(nsIPresContext *,
nsHTMLReflowMetrics &, nsHTMLReflowState const &, nsTableFrame &, unsigned int
&, int)
#20 0x03600ebc in nsTableRowFrame::Reflow(nsIPresContext *,
nsHTMLReflowMetrics &, nsHTMLReflowState const &, unsigned int &)
#21 0x03526d90 in nsContainerFrame::ReflowChild(nsIFrame *, nsIPresContext *,
nsHTMLReflowMetrics &, nsHTMLReflowState const &, int, int, unsigned int,
unsigned int &)
#22 0x036027ac in nsTableRowGroupFrame::ReflowChildren(nsIPresContext *,
nsHTMLReflowMetrics &, nsRowGroupReflowState &, unsigned int &, nsTableRowFrame
*, int, nsTableRowFrame **, int *)
#23 0x036042f0 in nsTableRowGroupFrame::Reflow(nsIPresContext *,
nsHTMLReflowMetrics &, nsHTMLReflowState const &, unsigned int &)
#24 0x03526d90 in nsContainerFrame::ReflowChild(nsIFrame *, nsIPresContext *,
nsHTMLReflowMetrics &, nsHTMLReflowState const &, int, int, unsigned int,
unsigned int &)
#25 0x035f0920 in nsTableFrame::ReflowChildren(nsIPresContext *,
nsTableReflowState &, int, int, unsigned int &, nsIFrame *&, int *)
#26 0x035ed58c in nsTableFrame::Reflow(nsIPresContext *, nsHTMLReflowMetrics
&, nsHTMLReflowState const &, unsigned int &)
#27 0x03526d90 in nsContainerFrame::ReflowChild(nsIFrame *, nsIPresContext *,
nsHTMLReflowMetrics &, nsHTMLReflowState const &, int, int, unsigned int,
unsigned int &)
#28 0x035fbef4 in
OuterReflowChild__17nsTableOuterFrameP14nsIPresContextP8nsIFrameRC17nsHTMLReflowStateR19nsHTMLReflowMetricsPiR6nsSizeR8nsMarginn214nsReflowReasonRUi
#29 0x035fd864 in nsTableOuterFrame::Reflow(nsIPresContext *,
nsHTMLReflowMetrics &, nsHTMLReflowState const &, unsigned int &)
#30 0x03520398 in nsBlockReflowContext::DoReflowBlock(nsHTMLReflowState &,
nsReflowReason, nsIFrame *, nsRect const &, int, nsCollapsingMargin &, int,
nsMargin &, unsigned int &)
#31 0x0351fe48 in nsBlockReflowContext::ReflowBlock(nsIFrame *, nsRect const
&, int, nsCollapsingMargin &, int, nsMargin &, unsigned int &)
#32 0x0351b08c in nsBlockFrame::ReflowBlockFrame(nsBlockReflowState &,
nsLineList_iterator, int *)
#33 0x03519c88 in nsBlockFrame::ReflowLine(nsBlockReflowState &,
nsLineList_iterator, int *, int)
#34 0x035197ac in nsBlockFrame::ReflowDirtyLines(nsBlockReflowState &)
#35 0x03518284 in nsBlockFrame::Reflow(nsIPresContext *, nsHTMLReflowMetrics
&, nsHTMLReflowState const &, unsigned int &)
#36 0x03520398 in nsBlockReflowContext::DoReflowBlock(nsHTMLReflowState &,
nsReflowReason, nsIFrame *, nsRect const &, int, nsCollapsingMargin &, int,
nsMargin &, unsigned int &)
#37 0x0351fe48 in nsBlockReflowContext::ReflowBlock(nsIFrame *, nsRect const
&, int, nsCollapsingMargin &, int, nsMargin &, unsigned int &)
#38 0x0351b08c in nsBlockFrame::ReflowBlockFrame(nsBlockReflowState &,
nsLineList_iterator, int *)
#39 0x03519c88 in nsBlockFrame::ReflowLine(nsBlockReflowState &,
nsLineList_iterator, int *, int)
#40 0x035197ac in nsBlockFrame::ReflowDirtyLines(nsBlockReflowState &)
#41 0x03518284 in nsBlockFrame::Reflow(nsIPresContext *, nsHTMLReflowMetrics
&, nsHTMLReflowState const &, unsigned int &)
#42 0x03526d90 in nsContainerFrame::ReflowChild(nsIFrame *, nsIPresContext *,
nsHTMLReflowMetrics &, nsHTMLReflowState const &, int, int, unsigned int,
unsigned int &)
#43 0x0353a570 in CanvasFrame::Reflow(nsIPresContext *, nsHTMLReflowMetrics &,
nsHTMLReflowState const &, unsigned int &)
#44 0x03616fd0 in nsBoxToBlockAdaptor::Reflow(nsBoxLayoutState &,
nsIPresContext *, nsHTMLReflowMetrics &, nsHTMLReflowState const &, unsigned int
&, int, int, int, int, int)
#45 0x036169b8 in nsBoxToBlockAdaptor::DoLayout(nsBoxLayoutState &)
#46 0x0361354c in nsBox::Layout(nsBoxLayoutState &)
#47 0x03607d08 in nsScrollBoxFrame::DoLayout(nsBoxLayoutState &)
#48 0x0361354c in nsBox::Layout(nsBoxLayoutState &)
#49 0x03627ff4 in nsBoxFrame::Reflow(nsIPresContext *, nsHTMLReflowMetrics &,
nsHTMLReflowState const &, unsigned int &)
#50 0x03526d90 in nsContainerFrame::ReflowChild(nsIFrame *, nsIPresContext *,
nsHTMLReflowMetrics &, nsHTMLReflowState const &, int, int, unsigned int,
unsigned int &)
#51 0x03583860 in ViewportFrame::Reflow(nsIPresContext *, nsHTMLReflowMetrics
&, nsHTMLReflowState const &, unsigned int &)
#52 0x0353ae5c in nsHTMLReflowCommand::Dispatch(nsIPresContext *,
nsHTMLReflowMetrics &, nsSize const &, nsIRenderingContext &)
#53 0x0356c780 in PresShell::ProcessReflowCommand(nsVoidArray &, int,
nsHTMLReflowMetrics &, nsSize &, nsIRenderingContext &)
#54 0x0356c930 in PresShell::ProcessReflowCommands(int)
#55 0x0356c45c in HandlePLEvent(ReflowEvent *)
#56 0x0022cd74 in PL_HandleEvent
#57 0x0022cc5c in PL_ProcessPendingEvents
#58 0x0022dc24 in nsEventQueueImpl::ProcessPendingEvents(void)
#59 0x024c7d98 in -[EventQueueHandler eventTimer:]
#60 0x708d06e8 in __NSFireTimer
#61 0x70196cd0 in __CFRunLoopDoTimer
#62 0x7017c258 in __CFRunLoopRun
#63 0x701b7100 in CFRunLoopRunSpecific
#64 0x7017b8e0 in CFRunLoopRunInMode
#65 0x7312d8f4 in RunEventLoopInModeUntilEventArrives
#66 0x73140808 in ReceiveNextEventCommon
#67 0x731715ec in BlockUntilNextEventMatchingListInMode
#68 0x70bd70b8 in _DPSNextEvent
#69 0x70bfe5d8 in -[NSApplication nextEventMatchingMask:untilDate:inMode:dequeue:]
#70 0x70c23468 in -[NSApplication run]
#71 0x70c91ed0 in NSApplicationMain
#72 0x0000214c in _start
#73 0x00001f7c in start
Thread 1:
#0 0x700252fc in select
#1 0x0015b758 in poll
#2 0x00157e70 in _pr_poll_with_poll
#3 0x01f4730c in nsSocketTransportService::Run(void)
#4 0x0022f7e4 in nsThread::Main(void *)
#5 0x0015932c in _pt_root
#6 0x7002054c in _pthread_body
Thread 2:
#0 0x7003f4c8 in semaphore_wait_signal_trap
#1 0x7003f2c8 in _pthread_cond_wait
#2 0x00154418 in PR_WaitCondVar
#3 0x01f514a0 in nsDNSService::DequeuePendingQ(void)
#4 0x01f50ea8 in nsDNSService::Run(void)
#5 0x0022f7e4 in nsThread::Main(void *)
#6 0x0015932c in _pt_root
#7 0x7002054c in _pthread_body
Thread 3:
#0 0x70044cf8 in semaphore_timedwait_signal_trap
#1 0x70044cd8 in semaphore_timedwait_signal
#2 0x7003f2b8 in _pthread_cond_wait
#3 0x001541b4 in pt_TimedWait
#4 0x0015442c in PR_WaitCondVar
#5 0x0023326c in TimerThread::Run(void)
#6 0x0022f7e4 in nsThread::Main(void *)
#7 0x0015932c in _pt_root
#8 0x7002054c in _pthread_body
Thread 4:
#0 0x70000978 in mach_msg_overwrite_trap
#1 0x70005a04 in mach_msg
#2 0x70026a2c in _pthread_become_available
#3 0x70026724 in pthread_exit
#4 0x70020550 in _pthread_body
Thread 5:
#0 0x7003f4c8 in semaphore_wait_signal_trap
#1 0x7003f2c8 in _pthread_cond_wait
#2 0x00154418 in PR_WaitCondVar
#3 0x00230904 in nsThreadPool::GetRequest(nsIThread *)
#4 0x00231258 in nsThreadPoolRunnable::Run(void)
#5 0x0022f7e4 in nsThread::Main(void *)
#6 0x0015932c in _pt_root
#7 0x7002054c in _pthread_body
PPC Thread State:
srr0: 0x734fc5d0 srr1: 0x0200f030 vrsave: 0x00000000
xer: 0x00000008 lr: 0x734fc594 ctr: 0x702418b0 mq: 0x00000000
r0: 0x0000eb00 r1: 0xbfffa950 r2: 0x7350ec10 r3: 0x0000357b
r4: 0x00000000 r5: 0x0000000e r6: 0x00000001 r7: 0x00000000
r8: 0x00000000 r9: 0xffffbf00 r10: 0x03a7f010 r11: 0x00006090
r12: 0x702418b0 r13: 0x00000001 r14: 0xbfffaf44 r15: 0xbfffb2cc
r16: 0xbfffaf50 r17: 0xbfffadf8 r18: 0x00000000 r19: 0x03f25d70
r20: 0xbfffabdc r21: 0x03f26410 r22: 0x03e17f10 r23: 0x00000001
r24: 0xbfffabc8 r25: 0xbfffabbc r26: 0x00000000 r27: 0x00000000
r28: 0xfffff76f r29: 0xffffbf00 r30: 0x0000357b r31: 0x017c7010
**********
|
Reporter | |
Comment 1•23 years ago
|
||
Steps to reproduce:
1) Go to url
2) Click on any of the three videos regarding the draganflyer product.
3) When window opens, close it.
4) Click on another video link. A JS window should open but application crashes.
|
|
Reporter | |
Updated•23 years ago
|
Severity: major → critical
Chimera/20020602 crashed after Chris' step 2. I guess that confirms it, sort of.
Crash Report is attached.
Keywords: crash
Comment on attachment 86375 [details]
Crash report generated after following reporter's step 2.
Actually, disregard this crash report; the time is suspect. I think the crash
in question didn't generate a report.
Attachment #86375 -
Attachment is obsolete: true
Summary: Crash when QT plug-in is intialized → Crash when QT plug-in is intialized [@ SetOrigin]
|
||
Comment 6•23 years ago
|
||
could be fixed already according to beard
|
Assignee | |
Updated•23 years ago
|
|
|
Assignee | |
Updated•23 years ago
|
|
|
Assignee | |
Comment 7•23 years ago
|
||
This seems to be some kind of a race condition. I was able to load the video labeled
"Twin Draganflyer Eyecam [NEW]" , and it came up just fine. Then I tried to view
"Dinosaur Eyecam Video [NEW]" and got the same crash as above.
Adding a printf to ns4xPluginInstance::SetWindow() is instructive:
+#if defined(XP_MACOSX)
+ printf("@@@@ plugin window: port = %08X (%s), portx = %d, porty = %d @@@@\
n",
+ window->window->port, (IsValidPort(window->window->port) ? "valid" : "invalid"),
+ window->window->portx, window->window->porty);
+#endif
This is what I got when the video loaded:
@@@@ plugin window: port = 0470A6B0 (valid), portx = -8, porty = -33 @@@@
Followed by this when it crashed:
@@@@ plugin window: port = 0000357B (invalid), portx = 0, porty = 0 @@@@
Somehow, an invalid port is getting passed in the nsPluginWindow* window parameter.
Status: NEW → ASSIGNED
|
|
Assignee | |
Comment 8•23 years ago
|
||
Investigating further, it seems that nsPluginInstanceOwner::GetWindow() is getting called
before mPluginWindow.window gets initialized properly. I recall that peterl recently
removed an early return from nsObjectFrame::DidReflow() that was seemingly keeping
mPluginWindow.window from getting initialized on the Mac platform. Initializing
mPluginWindow.window manually nsPluginInstanceOwner::GetWindow() prevents the
crash, as does using the fix from bug #144896.
|
|
Assignee | |
Comment 9•23 years ago
|
||
With this fix, the mPluginWindow.window field should always be properly
initialized.
|
||
Comment 10•23 years ago
|
||
Comment on attachment 88373 [details] [diff] [review]
Use version of nsObjectFrame::DidReflow() from trunk
r=bryner
|
|
Assignee | |
Comment 11•23 years ago
|
||
Fix checked into chimera branch.
Status: ASSIGNED → RESOLVED
Closed: 23 years ago
Resolution: --- → FIXED
|
|
Assignee | |
Comment 12•23 years ago
|
||
Nuts, this doesn't fix the problem. mPluginWindow.window needs to be initialized
EARLIER still. Adding code to initialize it in nsObjectFrame::InstantiatePlugin().
Status: RESOLVED → REOPENED
Resolution: FIXED → ---
|
|
Assignee | |
Comment 13•23 years ago
|
||
The problem appears to be that the Cocoa child window widget is unable to return a
valid nsPluginPort if its NSWindow is invisible. I'm not sure how to work around this yet. I
will do some digging.
Status: REOPENED → ASSIGNED
|
|
Assignee | |
Comment 14•23 years ago
|
||
Actually, the problem is more fundamental. When the invalid port is returned by
nsChildView::GetNativeData(), the call to [mView window] has returned nil. I'm
trying to understand how this could ever be the case. Perhaps the nsChildView's
Cocoa view isn't attached to its parent view. This could happen if the view
hasn't been made visible yet (looking at nsChildView::Show()).
|
|
Assignee | |
Comment 15•23 years ago
|
||
This simple fix gets the NSWindow need for initializing the plugin port.
|
|
Assignee | |
Comment 16•23 years ago
|
||
Please review the 2nd patch.
|
|
||
Comment 17•23 years ago
|
||
Comment on attachment 88595 [details] [diff] [review]
Fixes popup window plugin crash.
No real need to make the indenting inconsistent... also, perhaps an
NS_ASSERTION would be better than a printf+abort.
|
|
Assignee | |
Comment 18•23 years ago
|
||
An assertion won't get fired in the optimized build. And, I did cvs -b because I
was FIXING the indentation of the code. Don't worry, the indentation will be
correct when I check in.
|
|
Assignee | |
Comment 19•23 years ago
|
||
Fix checked in.
Status: ASSIGNED → RESOLVED
Closed: 23 years ago → 23 years ago
Resolution: --- → FIXED
|
|
Reporter | |
Comment 20•23 years ago
|
||
Marking verified in the 2002-06-22-05 NB.
Status: RESOLVED → VERIFIED
|
||
Updated•14 years ago
|
Crash Signature: [@ SetOrigin]
You need to log in
before you can comment on or make changes to this bug.
Description
•