Crash opening about:plugins[@ JS_GetPrivate][@ PL_strcmp]

VERIFIED FIXED

Status

()

defect
--
blocker
VERIFIED FIXED
15 years ago
14 years ago

People

(Reporter: tracy, Assigned: eagle.lu)

Tracking

({regression, smoketest, topcrash})

Trunk
x86
Windows XP
Points:
---
Dependency tree / graph

Firefox Tracking Flags

(Not tracked)

Details

(crash signature)

Reporter

Description

15 years ago
seen on Windows Mozilla trunk 2004-11-12-06-trunk

-open about:plugins

crash

this regressed since yesterday. 

Possibly culrit?
from bonsai 2004-11-11 17:14 jst: 
Checking in the fix for bug 265936. Fixing memory leak in
nsPluginHostImpl::ScanPluginsDirectory(). Patch by brian.lu@sun.com,
r+sr=jst@mozilla.org
Reporter

Comment 1

15 years ago
the public talkback server seems to be down at the moment. Here as a talkback id
for the crash: TB1905442Y
Stacktrace:
JS_GetPrivate(JSContext * 0x0301e2d8, JSObject * 0x2474ff08) line 2060 + 13 bytes
nsScriptSecurityManager::GetFunctionObjectPrincipal(nsScriptSecurityManager *
const 0x00ef41c8, JSContext * 0x0301e2d8, JSObject * 0x2474ff08, nsIPrincipal *
* 0x0012f804) line 1829 + 16 bytes
nsScriptSecurityManager::GetFramePrincipal(nsScriptSecurityManager * const
0x00ef41c8, JSContext * 0x0301e2d8, JSStackFrame * 0x0012ef04, nsIPrincipal * *
0x0012f804) line 1868 + 12 bytes
nsScriptSecurityManager::GetPrincipalAndFrame(nsScriptSecurityManager * const
0x00ef41c8, JSContext * 0x0301e2d8, nsIPrincipal * * 0x0012ef04, JSStackFrame *
* 0x0012f7e0) line 1896 + 13 bytes
nsScriptSecurityManager::GetSubjectPrincipal(nsScriptSecurityManager * const
0x00ef41c8, JSContext * 0x0301e2d8, nsIPrincipal * * 0x0012f804) line 1932
nsScriptSecurityManager::GetSubjectPrincipal(nsScriptSecurityManager * const
0x00ef41c8, nsIPrincipal * * 0x0012f804) line 1618
nsScriptSecurityManager::SubjectPrincipalIsSystem(nsScriptSecurityManager *
const 0x00ef41c8, int * 0x00000000) line 1652
nsContentUtils::IsCallerChrome() line 925
PresShell::HandleEventInternal(PresShell * const 0x00ef41c8, nsEvent *
0x00000000, nsIView * 0x05b6c3b0, unsigned int 0x00000001, nsEventStatus *
0x0012f958) line 5926 + 5 bytes
PresShell::HandleEvent(PresShell * const 0x00000000, nsIView * 0x05b6c3b0,
nsGUIEvent * 0x0012f9f4, nsEventStatus * 0x0012f958, int 0x00000001, int &
0x01892450) line 5813 + 19 bytes
nsViewManager::HandleEvent(nsViewManager * const 0x00ef41c8, nsView *
0x00000001, nsGUIEvent * 0x00000000, int 0x00000000) line 2356
nsViewManager::DispatchEvent(nsViewManager * const 0x0282c0c8, nsGUIEvent *
0x05b6c3b0, nsEventStatus * 0x0012f9b4) line 2129 + 32 bytes
HandleEvent(nsGUIEvent * 0x0012f9f4) line 166
nsWindow::DispatchEvent(nsWindow * const 0x0288047c, nsGUIEvent * 0x0012f9f4,
nsEventStatus & nsEventStatus_eIgnore) line 1074 + 3 bytes
nsWindow::DispatchWindowEvent(nsWindow * const 0x00ef41c8, nsGUIEvent *
0x00000000) line 1095
nsWindow::DispatchFocus(nsWindow * const 0x00ef41c8, unsigned int 0x0000006c,
int 0x00000000) line 5520 + 14 bytes
nsWindow::ProcessMessage(nsWindow * const 0x00ef41c8, unsigned int 0x00000008,
unsigned int 0x00000000, long 0x00000000, long * 0x0012fcf4) line 4220
nsWindow::WindowProc(HWND__ * 0x0005028c, unsigned int 0x00000008, unsigned int
0x00000000, long 0x0288047c) line 1355 + 16 bytes
USER32! 77e01ef0()
USER32! 77e03869()
USER32! 77e038ab()
NTDLL! 7789ff57()
USER32! 77e018ec()
PeekKeyAndIMEMessage(tagMSG * 0x0012fe54 {msg=0x00000101 wp=0x0000005b
lp=0xc15b0001}, HWND__ * 0x00000000) line 91
nsAppShell::Run(nsAppShell * const 0x00fdd238) line 128 + 10 bytes
nsAppStartup::Run(nsAppStartup * const 0x00f637b0) line 221
main1(int 0x00000000, char * * 0x00243fb0, nsISupports * 0x00000000) line 1321 +
9 bytes
main(int 0x00000001, char * * 0x00243fb0) line 1799 + 22 bytes
WinMain(HINSTANCE__ * 0x00400000, HINSTANCE__ * 0x00400000, char * 0x001331cb,
HINSTANCE__ * 0x00400000) line 1827 + 23 bytes
MOZILLA! WinMainCRTStartup + 308 bytes
KERNEL32! 77e9893d()
Summary: Crash opening about:plugins → Crash opening about:plugins[@ JS_GetPrivate]
Brian, can you look into this?

/be
Assignee: jag → brian.lu
btw: With a debug build it doesn't crash.

Updated

15 years ago
Depends on: 265936

Comment 6

15 years ago
mozilla/modules/plugin/base/src/nsPluginHostImpl.cpp,v  <--  nsPluginHostImpl.cpp
new revision: 1.508; previous revision: 1.507

kb@allsky.de, a crash in PL_strcmp (really strcmp) usually means that the params
to (PL_)strcmp are corrupt, in this case it should mean that we were using a
plugintag that was deleted by brian.
Summary: Crash opening about:plugins[@ JS_GetPrivate] → Crash opening about:plugins[@ JS_GetPrivate][@ PL_strcmp]
timeless, how about getting a review before checkin?  This wasn't a blazing
emergency, exactly.

brian.lu, please see bug 265936 comment 11.

/be

Comment 8

15 years ago
i'm 75 gmail crash conversations behind being caught up. i need to catch up w/o
killing my hands, there are at least 3 bugs about this problem, and given that
the stacks are somewhat aimless, tracking bugs to this source is a big waste of
my time, energy, and hands.
Component: XP Apps → Plug-ins

Updated

15 years ago
Keywords: zt4newcrash

Updated

15 years ago
Keywords: topcrash

Comment 9

15 years ago
Topcrashers for Trunk (MozillaOrgTrunk)
Topcrashers by Build ID for 10 days worth of Talkback data - 708 Incidents
(Table generated Mon Nov 15 04:02:43 PST 2004 )
Rank 	Signature 				111404 	111305 	111204 	Win
2   PL_strcmp 					17 	20 	79 	116
12  nsPluginTag::TryUnloadPlugin 		0 	1 	6 	7
45  nsPluginHostImpl::RemoveCachedPluginsInfo 	0 	1 	1 	2
146 nsPluginTag::RegisterWithCategoryManager 	0 	0 	1 	1

rough estimate says that this one crash hurt MTBF by 1 3/4 hrs
Assignee

Comment 10

15 years ago
I have tried the latest nightly build 2004-11-15 on windows XP. I can't
re-produce the bug. Tracy, can you provide more detailed information? Thanks

Comment 11

15 years ago
Brian, see bug 265936 comment 9, timeless backed the patch out due to the
numerous crashes it has caused. In general its not good style to cause a
smoketest blocker and to be available.

Comment 12

15 years ago
s/to be/not to be/
Reporter

Comment 13

15 years ago
no longer crashing in about:plugins as seen on windows 2004-11-18-07-trunk
mozilla build

marking fixed per comments that the change that caused this was backed out in
bug 265936
Status: NEW → RESOLVED
Closed: 15 years ago
Resolution: --- → FIXED
Verified FIXED, build 2004-11-18-05, WinXP.
Status: RESOLVED → VERIFIED

Comment 15

15 years ago
*** Bug 269824 has been marked as a duplicate of this bug. ***
*** Bug 269604 has been marked as a duplicate of this bug. ***
Crash Signature: [@ JS_GetPrivate] [@ PL_strcmp]
You need to log in before you can comment on or make changes to this bug.