Closed
Bug 201097
Opened 21 years ago
Closed 21 years ago
[AxPlugin] activex Plugin performs illegal operation when active-x content opened
Categories
(Core Graveyard :: Embedding: ActiveX Wrapper, defect)
Tracking
(Not tracked)
VERIFIED
FIXED
People
(Reporter: ashshbhatt, Assigned: adamlock)
References
Details
Attachments
(3 files)
6.55 KB,
text/plain
|
Details | |
1.43 KB,
text/plain
|
Details | |
1.20 KB,
patch
|
dbradley
:
review+
alecf
:
superreview+
|
Details | Diff | Splinter Review |
Tested with 20030407 illegal operation dialog comes up when a page with active-x content is opened. Mozilla does not crash and the execution os the script on the page continues. Closing mozilla crashes it. Does not happen in mozilla debug build. Looks like pref issue since the crash happens in xppref32.dll Stack trace xppref32.dll!00c44332() xppref32.dll!00c4418c() xpcom.dll!100046e9() mozilla.exe!004102d1() mozilla.exe!00402f1e() kernel32.dll!77e814c7()
is this a dupe of bug 200680?
Reporter | ||
Comment 2•21 years ago
|
||
NO, this is something I only get in nightly builds. This does not happen in the debug build
Comment 3•21 years ago
|
||
Is there a specific URL that causes this?
Reporter | ||
Comment 4•21 years ago
|
||
This happens on any page which has Active-x content like <object> tag Testcase: <html> <head> </head> <body> <object ID="Player" height="10" width="10" CLASSID="CLSID:6BF52A52-394A-11d3-B153-00C04F79FAA6" foo="Foo()"> <param name="baseURL" value="file:///c:/m/activex_samples"> </object> </body> </html>
It seems to be any control. The plugin or something it calls crashes and the NPAPI and puts up a 'plugin has crashed' dialog. I can't find any way to stop it doing this so I can see a stack trace of talkback incident. Even setting a "plugin.dont_try_safe_calls" pref doesn't make any difference. I'll have to do an optimized build and see if I can reproduce it. Ashish if you can generate a talkback ID, can you attach it please? Thanks
Reporter | ||
Comment 6•21 years ago
|
||
Works until 2003-04-01-05-trunk_ax and crashes 2003-04-02-05-trunk_ax onwards. caused by somethig that was checked in on 04/01.
Comment 7•21 years ago
|
||
This is the stack of a crash I get in the plugin code. Not entirely sure it's the same. pData looks bad, it's not null, but it's not a valid pointer either.
Well I've figured out how to use the pref. It seems to be read even before there is a user profile, so it has to go into the defaults\pref folder to be picked up, e.g. add this to activex.js: pref("plugin.dont_try_safe_calls", true); I have been unable to reproduce this with my own local optimized build this morning, but here is the (not very helpful) stack trace for a downloaded nightly version: NPMOZAX! 02112192() GKPLUGIN! 01a136c5() GKPLUGIN! 01a18935() GKLAYOUT! 00e77525() GKLAYOUT! 00e76b19() GKLAYOUT! 00e8f2ce() GKLAYOUT! 00e93c2e() GKLAYOUT! 00e93a8c() GKLAYOUT! 00e93915() GKLAYOUT! 00e937f9() GKLAYOUT! 00e92acb() GKLAYOUT! 00e925b3() GKLAYOUT! 00e916f3() GKLAYOUT! 00e9a81a() GKLAYOUT! 00e93471() GKLAYOUT! 00e928b7() GKLAYOUT! 00e925b3() GKLAYOUT! 00e916f3() GKLAYOUT! 00e84a7a() GKLAYOUT! 00e75160() GKLAYOUT! 00ef5a0f() GKLAYOUT! 00ef5746() GKLAYOUT! 00ed6cf4() GKLAYOUT! 00ed6cf4() GKLAYOUT! 0101ab85() GKLAYOUT! 0101abb0() GKLAYOUT! 00ed6cf4() GKLAYOUT! 0101a455() GKLAYOUT! 00e84a7a() GKLAYOUT! 01018fe3() GKLAYOUT! 00e65fcf() GKLAYOUT! 00e6d112() GKLAYOUT! 00e6cf05() XPCOM! 1002c30b() SHELL32! 778b0c24() The only change that has gone into the plugin recently is changes to the control param parsing code in LegacyPlugin.cpp on 2nd April for bug 199163. This fits in with the timetable but I don't see anything about it which would cause this crash.
I've tried a couple of combinations of flags to replicate the issue in my local build with no success. So far I have been testing with VC++ 7.0 but I'm now trying a build using VC++ 6.0 to see if that makes a difference. The only checkin that went into the plugin in the timeframe was this: http://bonsai.mozilla.org/cvsview2.cgi?diff_mode=context&whitespace_mode=show&file=LegacyPlugin.cpp&root=/cvsroot&subdir=mozilla/embedding/browser/activex/src/plugin&command=DIFF_FRAMESET&rev1=1.35&rev2=1.36 Perhaps the CComVariant constructor in the call is confusing it or perhaps something else. I'm also trying to determine what build flags and other settings were used in producing the faulty build to see if it is a specific issue with the build environment.
Assignee | ||
Comment 10•21 years ago
|
||
Well, I've tried and tried again to reproduce this locally and have not managed it. I spoke to Loan Pham about the mozconfig settings being used, the compiler version, the clobber / incremental settings and as far as I know my local build configuration is identical yet I still can't reproduce the problem. I have just completed a clean fetch and build from scratch using the same mozconfig and have uploaded it to http://blues.netscape.com/users/adamlock/publish/mozilla_ax4.zip Ashish can you test this and see if it works better than the build machine? I'll attach the mozconfig to this bug next.
Assignee | ||
Comment 11•21 years ago
|
||
Reporter | ||
Comment 12•21 years ago
|
||
OK, so there is something wrong in the build machine, I do not get the illegal operation dialog with this build
Assignee | ||
Comment 13•21 years ago
|
||
This patch works for Ashish. It fixes two potential issues, that may be tripping up compilers with certain headers or patch levels: 1. Moves the decl of CComVariant out of the call to AddNamedProperty 2. Renames variable 'i' to 'j' as there is another 'i' in the class.
Assignee | ||
Comment 14•21 years ago
|
||
Comment on attachment 120585 [details] [diff] [review] Patch Requesting r/sr on this simple patch that fixes some machines that build plugins that crash.
Attachment #120585 -
Flags: superreview?(alecf)
Attachment #120585 -
Flags: review?(dbradley)
Comment 15•21 years ago
|
||
Comment on attachment 120585 [details] [diff] [review] Patch r=dbradley Silly compilers.
Attachment #120585 -
Flags: review?(dbradley) → review+
Comment 16•21 years ago
|
||
Comment on attachment 120585 [details] [diff] [review] Patch sr=alecf
Attachment #120585 -
Flags: superreview?(alecf) → superreview+
Assignee | ||
Comment 17•21 years ago
|
||
Fix is checked in. Reopen the bug if the problem persists. Ashish, can you do me a favour and run this command from your DevStudio\VC98\ATL\Include directory? FOR %f IN (*.h) DO @md5sum %f My results are below: 9063104c36a02ece5c02abf8e4a90ced *ATLBASE.H 1430ed90f8c285d63f94350acfb7c50c *ATLCOM.H ed301bbfac602eafb573a82a08448fde *ATLCONV.H e574c4a9914e40e14287c6077b08aae2 *ATLCTL.H 1fbc47f696032f3018b8c7c9686dc9fc *ATLDB.H 68b4b5ac3f860de3407cf2fa12261919 *ATLDBCLI.H 6bb21abbf97689555ef0e919a2f15a59 *ATLDBSCH.H 201bce787c60c10bd87c440787503392 *ATLDEF.H ac5f243fe8c60355120c4e2c6e07d7c3 *ATLHOST.H 35692cf18c943ca79277a7c0fee89e69 *ATLIFACE.H cd44d8ffe983f6e8427c851f38a6ddaa *ATLSNAP.H e2c742f9ca1d1e79fcb29c003300605a *ATLWIN.H e405b717ddcf339d4fae6bb8ef24a26b *STATREG.H
Status: NEW → RESOLVED
Closed: 21 years ago
Resolution: --- → FIXED
Reporter | ||
Comment 18•21 years ago
|
||
From my machine Which has visual studio.net installed a28868d027a95a4475c178c7db511fd8 *ATLBASE.H a2bc73deb54e70f44b2dece511003231 *ATLCOM.H ed301bbfac602eafb573a82a08448fde *ATLCONV.H e574c4a9914e40e14287c6077b08aae2 *ATLCTL.H f17bb9261f1554a9d860c60651f04e13 *ATLDB.H 9d925415dd8d79b25777cef7de039251 *ATLDBCLI.H 05b42a7b4c311a067f140150aa908e49 *ATLDBSCH.H 201bce787c60c10bd87c440787503392 *ATLDEF.H ac5f243fe8c60355120c4e2c6e07d7c3 *ATLHOST.H 35692cf18c943ca79277a7c0fee89e69 *ATLIFACE.H cd44d8ffe983f6e8427c851f38a6ddaa *ATLSNAP.H e2c742f9ca1d1e79fcb29c003300605a *ATLWIN.H e405b717ddcf339d4fae6bb8ef24a26b *STATREG.H From the machine where I did the optimized build 9063104c36a02ece5c02abf8e4a90ced *ATLBASE.H 1430ed90f8c285d63f94350acfb7c50c *ATLCOM.H ed301bbfac602eafb573a82a08448fde *ATLCONV.H e574c4a9914e40e14287c6077b08aae2 *ATLCTL.H 1fbc47f696032f3018b8c7c9686dc9fc *ATLDB.H 68b4b5ac3f860de3407cf2fa12261919 *ATLDBCLI.H 6bb21abbf97689555ef0e919a2f15a59 *ATLDBSCH.H 201bce787c60c10bd87c440787503392 *ATLDEF.H ac5f243fe8c60355120c4e2c6e07d7c3 *ATLHOST.H 35692cf18c943ca79277a7c0fee89e69 *ATLIFACE.H cd44d8ffe983f6e8427c851f38a6ddaa *ATLSNAP.H e2c742f9ca1d1e79fcb29c003300605a *ATLWIN.H e405b717ddcf339d4fae6bb8ef24a26b *STATREG.H
Assignee | ||
Comment 19•21 years ago
|
||
Hmm, ATL headers seem the same. Loan sent me a list of checksums for the standard SDK headers and there were some minor differences to mine. Frankly I'm stumped as to the cause. We'll have to wait and see if the patch makes a difference.
Assignee | ||
Comment 20•21 years ago
|
||
Todays build seems to work, so I guess the problem has been solved. Ashish, can you verify please? Thanks
Updated•12 years ago
|
Product: Core → Core Graveyard
You need to log in
before you can comment on or make changes to this bug.
Description
•