Closed
Bug 419818
Opened 16 years ago
Closed 16 years ago
Crash when doing a typeof java == "object" via JS [@ NP_GetEntryPoints] [@ ns4xPluginInstance::InitializePlugin]
Categories
(Core Graveyard :: Java: OJI, defect)
Tracking
(Not tracked)
RESOLVED
FIXED
People
(Reporter: mcsmurf, Assigned: danielle.pham)
References
Details
(Keywords: crash)
Crash Data
Attachments
(2 files)
To reproduce: 0. Install the new Java SE 6 Update 10 plugin, see https://jdk6.dev.java.net/plugin2/ 1. Open attached testcase 2. Watch it crash This bug is probably a plugin bug, I file it here for cross-reference. I also filed a report on this in the http://bugs.sun.com database, it is waiting for triage/bug number. Stacktrace: WARNING: Stack unwind information not available. Following frames may be wrong. 0012e2f0 6da32c53 npjp2!NP_GetEntryPoints+0x33d 0012e32c 6da31ee2 npjp2!Java_sun_plugin2_main_server_MozillaBrowserService_getBrowserAuthentication+0x1b9 *** WARNING: Unable to verify checksum for F:\mozilla\tree-cvsmo\mozilla\objsuite-debug\dist\bin\components\gkplugin.dll 0012e34c 025333a6 npjp2!NP_Shutdown+0x4b 0012e414 0253288a gkplugin!ns4xPluginInstance::InitializePlugin(class nsIPluginInstancePeer * peer = 0x0614e670)+0x446 [f:\mozilla\tree-cvsmo\mozilla\modules\plugin\base\src\ns4xplugininstance.cpp @ 1096] 0012e420 025462ad gkplugin!ns4xPluginInstance::Initialize(class nsIPluginInstancePeer * peer = 0x0614e670)+0x3a [f:\mozilla\tree-cvsmo\mozilla\modules\plugin\base\src\ns4xplugininstance.cpp @ 869] 0012e82c 0254571a gkplugin!nsPluginHostImpl::TrySetUpPluginInstance(char * aMimeType = 0x02584b9c "application/x-java-vm", class nsIURI * aURL = 0x00000000, class nsIPluginInstanceOwner * aOwner = 0x042c8e78)+0x99d [f:\mozilla\tree-cvsmo\mozilla\modules\plugin\base\src\nspluginhostimpl.cpp @ 4076] 0012e884 025545df gkplugin!nsPluginHostImpl::SetUpPluginInstance(char * aMimeType = 0x02584b9c "application/x-java-vm", class nsIURI * aURL = 0x00000000, class nsIPluginInstanceOwner * aOwner = 0x042c8e78)+0x4a [f:\mozilla\tree-cvsmo\mozilla\modules\plugin\base\src\nspluginhostimpl.cpp @ 3880] *** WARNING: Unable to verify checksum for F:\mozilla\tree-cvsmo\mozilla\objsuite-debug\dist\bin\components\gklayout.dll 0012e8e0 01cea0cc gkplugin!nsPluginHostImpl::InstantiateDummyJavaPlugin(class nsIPluginInstanceOwner * aOwner = 0x042c8e78)+0x6f [f:\mozilla\tree-cvsmo\mozilla\modules\plugin\base\src\nspluginhostimpl.cpp @ 6888] 0012e948 01cc8d15 gklayout!nsGlobalWindow::InitJavaProperties(void)+0x11c [f:\mozilla\tree-cvsmo\mozilla\dom\src\base\nsglobalwindow.cpp @ 5589] *** WARNING: Unable to verify checksum for F:\mozilla\tree-cvsmo\mozilla\objsuite-debug\dist\bin\components\xpc3250.dll 0012eba0 03ba62a4 gklayout!nsWindowSH::NewResolve(class nsIXPConnectWrappedNative * wrapper = 0x00dc3e58, struct JSContext * cx = 0x054258f8, struct JSObject * obj = 0x06bb1200, long id = 74776644, unsigned int flags = 4, struct JSObject ** objp = 0x0012ecc8, int * _retval = 0x0012ec24)+0x18f5 [f:\mozilla\tree-cvsmo\mozilla\dom\src\base\nsdomclassinfo.cpp @ 6139] *** WARNING: Unable to verify checksum for F:\mozilla\tree-cvsmo\mozilla\objsuite-debug\dist\bin\js3250.dll 0012ecd0 00504c79 xpc3250!XPC_WN_Helper_NewResolve(struct JSContext * cx = 0x054258f8, struct JSObject * obj = 0x06bb1200, long idval = 74776644, unsigned int flags = 4, struct JSObject ** objp = 0x0012ed3c)+0x264 [f:\mozilla\tree-cvsmo\mozilla\js\src\xpconnect\src\xpcwrappednativejsops.cpp @ 1068] 0012ed48 0050552b js3250!js_LookupPropertyWithFlags(struct JSContext * cx = 0x054258f8, struct JSObject * obj = 0x06bb1200, long id = 74776644, unsigned int flags = 4, struct JSObject ** objp = 0x0012ed7c, struct JSProperty ** propp = 0x0012ed6c)+0x389 [f:\mozilla\tree-cvsmo\mozilla\js\src\jsobj.c @ 3291] 0012ed88 004e4874 js3250!js_FindPropertyHelper(struct JSContext * cx = 0x054258f8, long id = 74776644, struct JSObject ** objp = 0x0012f324, struct JSObject ** pobjp = 0x0012f3a8, struct JSProperty ** propp = 0x0012f310, struct JSPropCacheEntry ** entryp = 0x0012f148)+0x5b [f:\mozilla\tree-cvsmo\mozilla\js\src\jsobj.c @ 3405] 0012f3ec 004d435c js3250!js_Interpret(struct JSContext * cx = 0x054258f8, unsigned char * pc = 0x042c737b ";", long * result = 0x0012f424)+0xf774 [f:\mozilla\tree-cvsmo\mozilla\js\src\jsinterp.c @ 4748] 0012f488 0048c167 js3250!js_Execute(struct JSContext * cx = 0x054258f8, struct JSObject * chain = 0x06bb1200, struct JSScript * script = 0x042c7320, struct JSStackFrame * down = 0x00000000, unsigned int flags = 0, long * result = 0x0012f4e8)+0x29c [f:\mozilla\tree-cvsmo\mozilla\js\src\jsinterp.c @ 1649] 0012f4ac 01d01934 js3250!JS_ExecuteScript(struct JSContext * cx = 0x054258f8, struct JSObject * obj = 0x06bb1200, struct JSScript * script = 0x042c7320, long * rval = 0x0012f4e8)+0x57 [f:\mozilla\tree-cvsmo\mozilla\js\src\jsapi.c @ 4823] 0012f500 01c9698f gklayout!nsJSContext::ExecuteScript(void * aScriptObject = 0x06d432a0, void * aScopeObject = 0x06bb1200, class nsAString_internal * aRetValue = 0x00000000, int * aIsUndefined = 0x00000000)+0x134 [f:\mozilla\tree-cvsmo\mozilla\dom\src\base\nsjsenvironment.cpp @ 1666] 0012f528 01c96b62 gklayout!nsXULDocument::ExecuteScript(class nsIScriptContext * aContext = 0x053fcce8, void * aScriptObject = 0x06d432a0)+0xcf [f:\mozilla\tree-cvsmo\mozilla\content\xul\document\src\nsxuldocument.cpp @ 3436] 0012f560 01c9520b gklayout!nsXULDocument::ExecuteScript(class nsXULPrototypeScript * aScript = 0x06127b10)+0x1c2 [f:\mozilla\tree-cvsmo\mozilla\content\xul\document\src\nsxuldocument.cpp @ 3459] 0012f640 01c8e8f6 gklayout!nsXULDocument::ResumeWalk(void)+0x56b [f:\mozilla\tree-cvsmo\mozilla\content\xul\document\src\nsxuldocument.cpp @ 2912]
Reporter | ||
Updated•16 years ago
|
Summary: Crash when doing a typeof=="object" check on an object via JS [@ NP_GetEntryPoints] [@ ns4xPluginInstance::InitializePlugin] → Crash when doing a typeof java == "object" via JS [@ NP_GetEntryPoints] [@ ns4xPluginInstance::InitializePlugin]
Reporter | ||
Comment 1•16 years ago
|
||
Reporter | ||
Comment 2•16 years ago
|
||
This is basically the same testcase, just as HTML. This one does not crash the browser.
Reporter | ||
Comment 3•16 years ago
|
||
BTW: One use case where this occurs is when you launch ChatZilla in SeaMonkey.
Reporter | ||
Comment 4•16 years ago
|
||
http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=6669444 Bug in the Sun Bug Database
Assignee | ||
Comment 6•16 years ago
|
||
I tried on WinXP with latest nightly build of FF3 and 6u10 b23 (from: https://jdk6.dev.java.net/6u10ea.html#Download). All worked fine for me, whether the 'typeof java == "object"' is invoked from an XUL (XML) or HTML page. In the javacrash testcase, if I add: alert("HAS_JAVA = " + jsenv.HAS_JAVA); to the script, I see "TRUE" when Java is installed and "FALSE" when Java is uninstalled. This correct result is seen with both 6u10's new Java Plugin (NPRuntime based) as well as the old OJI Plugin. Please retry using: - Latest nightly FF3: http://ftp.mozilla.org/pub/mozilla.org/firefox/nightly/latest-trunk/ - Latest 6u10 from https://jdk6.dev.java.net/6u10ea.html#Download (b23 is latest today). Also, try both with the online or offline installer as well as the kernel installer of 6u10. If the problem persists, please let know which installer that you use. Thanks.
Assignee | ||
Comment 7•16 years ago
|
||
There's a recent fix in Firefox (https://bugzilla.mozilla.org/show_bug.cgi?id=405357) related to LiveConnect operation. Therefore, it's strongly recommended that you use latest build of FF3 when operating with Java.
Assignee | ||
Comment 8•16 years ago
|
||
Looking at Sun CR 6669444, looks like this bug has been fixed in 6u10 b21 by Ken Russell. So please, try latest 6u10.
Reporter | ||
Comment 9•16 years ago
|
||
You're right, it no longer crashes with the latest plugin update.
Status: NEW → RESOLVED
Closed: 16 years ago
Resolution: --- → FIXED
Comment 10•16 years ago
|
||
After updating to the 6u10 b23 build I no longer get the crash I reported in bug 433869 .
Assignee | ||
Comment 11•16 years ago
|
||
great! thanks.
Updated•13 years ago
|
Crash Signature: [@ NP_GetEntryPoints]
[@ ns4xPluginInstance::InitializePlugin]
You need to log in
before you can comment on or make changes to this bug.
Description
•