Closed Bug 433880 Opened 11 years ago Closed 11 years ago

Crash when switching to full-screen during play (eg youtube) [@ 0x0 - NPSWF32.dll@0x10a61]

Categories

(Core :: Plug-ins, defect, P1, critical)

x86
Windows 2000
defect

Tracking

()

VERIFIED FIXED

People

(Reporter: jmjjeffery, Assigned: mats)

References

()

Details

(Keywords: crash, regression, verified1.9.1)

Crash Data

Attachments

(1 file)

Go to the URL and choose any video, when the video starts click the 'full-screen' mode button.  Crash! 

This does not happen in 3.0 RC1 builds, only in the moz-central 3.1a1pre builds.
Same in safe-mode and a new profile. 

Using the new Beta of FlashPlayer 10.0.218 crashes are captured: 
http://crash-stats.mozilla.com/report/index/39de30e3-2277-11dd-9470-001a4bd46e84
http://crash-stats.mozilla.com/report/index/e4303bb3-2277-11dd-8cb9-001a4bd46e84

Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:1.9.1a1pre) Gecko/2008051502 Minefield/3.1a1pre Firefox/3.0 ID:2008051502
It's not just limited to YouTube, I've had it crashing using flash-based video players on other sites as well

http://crash-stats.mozilla.com/report/index/7d77139c-22cb-11dd-b077-001321b13766
http://crash-stats.mozilla.com/report/index/728181f0-2275-11dd-8e6f-001321b13766

Flash Player 9.0 r124 also produces the crash

Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:1.9.1a1pre) Gecko/2008051502 Minefield/3.1a1pre ID:2008051502
Signature	@0x0
UUID	39de30e3-2277-11dd-9470-001a4bd46e84
Time	2008-05-15 05:04:42-07:00
Uptime	3841
Product	Firefox
Version	3.1a1pre
Build ID	2008051502
OS	Windows NT
OS Version	6.0.6001 Service Pack 1
CPU	x86
CPU Info	AuthenticAMD family 6 model 4 stepping 4
Crash Reason	EXCEPTION_ACCESS_VIOLATION
Crash Address	0x0
Comments	clicking a youtube vid to full screen - crashes
Crashing Thread
Frame 	Module 	Signature 	Source
0 		@0x0 	
1 	NPSWF32.dll 	NPSWF32.dll@0x10a61 	
2 	NPSWF32.dll 	NPSWF32.dll@0xd2040 	
3 	NPSWF32.dll 	NPSWF32.dll@0xc9541 	
4 	NPSWF32.dll 	NPSWF32.dll@0xc0530 	
5 	NPSWF32.dll 	NPSWF32.dll@0x8fc5a 	
6 	NPSWF32.dll 	NPSWF32.dll@0x92b02 	
7 		@0x80c3d57 	

Filename 	Version 	Debug Identifier 	Debug Filename
NPSWF32.dll 	10.0.1.218 	DB152AFE5A9E49C28C15A2E7AF217EB31 	NPSWF32.pdb
Assignee: nobody → msintov
Severity: major → critical
Keywords: crash
Summary: Crash when switching to full-screen during play → Crash when switching to full-screen during play [@ 0x0 - NPSWF32.dll@0x10a61]
Duplicate of this bug: 434811
maybe its linked to bug 435334
Duplicate of this bug: 435564
Duplicate of this bug: 436117
Summary: Crash when switching to full-screen during play [@ 0x0 - NPSWF32.dll@0x10a61] → Crash when switching to full-screen during play (eg youtube) [@ 0x0 - NPSWF32.dll@0x10a61]
Flags: blocking1.9.1?
regression range is before 2008.02.20

It crashes on
Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:2.0a1pre) 
Gecko/2008022002 Minefield/4.0a1pre

Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:2.0a1pre) 
Gecko/2008050602 Minefield/4.0a1pre
OS: Windows Vista → Windows XP
Duplicate of this bug: 438418
From the Flash Player team: it appears this bug is Windows NT only, but the bug is set to Windows XP. Please let me know if this is not a Windows NT-only bug.
Vista Ultimate SP1 is affected too.
Windows XP and Vista are affected by this bug. Not sure about Windows 2000.

Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:1.9.1a1pre) Gecko/2008061012 Minefield/3.1a1pre ID:2008061012
Windows 2000 is affected also.

Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.9.1a1pre) Gecko/2008061107 Minefield/3.1a1pre ID:2008061107
OS: Windows XP → Windows 2000
Flags: blocking1.9.1? → blocking1.9.1+
Priority: -- → P1
Mats, do you think you could have a looksee here?
Assignee: msintov → mats.palmgren
Attached patch Patch rev. 1Splinter Review
It's a regression from disabling OJI.  It looks like Flash is "reusing" the
ns4xPlugin::CALLBACKS.getJavaEnv and .getJavaPeer slots for some internal
purpose?  I can see that when the plugin goes full-screen it calls each
function once.  With OJI enabled the slots are valid functions that would
return NULL when called.  When disabled the slots are NULL.

I don't see the harm in having the dummy functions that return NULL
by default, even if OJI is disabled.
Attachment #325060 - Flags: superreview?(jonas)
Attachment #325060 - Flags: review?(jonas)
Comment on attachment 325060 [details] [diff] [review]
Patch rev. 1

This sounds like jsts territory. Sounds good to me though. Possibly add a comment saying why we're doing this so that we can remove it in the future.
Attachment #325060 - Flags: superreview?(jst)
Attachment #325060 - Flags: superreview?(jonas)
Attachment #325060 - Flags: review?(jst)
Attachment #325060 - Flags: review?(jonas)
(In reply to comment #14)
> Created an attachment (id=325060) [details]
> Patch rev. 1
> 
> It's a regression from disabling OJI.  It looks like Flash is "reusing" the
> ns4xPlugin::CALLBACKS.getJavaEnv and .getJavaPeer slots for some internal
> purpose?  I can see that when the plugin goes full-screen it calls each
> function once.  With OJI enabled the slots are valid functions that would
> return NULL when called.  When disabled the slots are NULL.
> 
> I don't see the harm in having the dummy functions that return NULL
> by default, even if OJI is disabled.
> 

Interesting, similar fix maybe for https://bugzilla.mozilla.org/show_bug.cgi?id=435334




Duplicate of this bug: 439288
Comment on attachment 325060 [details] [diff] [review]
Patch rev. 1

Yeah, that'll do it. I already have this fix in a tree here that gets rid of all the OJI garbage, but that's not ready to land yet, so this'll do until it does.
Attachment #325060 - Flags: superreview?(jst)
Attachment #325060 - Flags: superreview+
Attachment #325060 - Flags: review?(jst)
Attachment #325060 - Flags: review+
Fix committed to mozilla-central (to unblock myself).
Status: NEW → RESOLVED
Closed: 11 years ago
Resolution: --- → FIXED
Has the fixed checked in? Youtube still crashes using the latest hourly. 

Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:1.9.1a1pre) Gecko/2008061817 Minefield/3.1a1pre ID:2008061817
WFM using
Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:1.9.1a1pre) Gecko/2008061818 Minefield/3.1a1pre Firefox/3.0 ID:2008061818 

Vista HP SP1 

WFM too now, the new build works :)

Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:1.9.1a1pre) Gecko/2008061818 Minefield/3.1a1pre ID:2008061818
Status: RESOLVED → VERIFIED
Adding verified1.9.1 since this is fine using Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:1.9.1b3pre) Gecko/20090106 Shiretoko/3.1b3pre
I think I'm still seeing this on Linux: going to fullscreen in Flash crashes reproducibly. I'm using:

Ubuntu 8.10, Gnome 2.24.1, Linux 2.6.27-11-generic
Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.1b3pre) Gecko/20090116 Shiretoko/3.1b3pre
Flash 10,0,15,3

Example crashes:
http://crash-stats.mozilla.com/report/index/a3d1c632-8422-4dbd-9aff-3d5442090116
http://crash-stats.mozilla.com/report/index/49ba5be1-a3de-4607-aae0-a36d82090116

This also crash using latest-trunk, but not using Ubuntu's Firefox 3.0 package.
Crash Signature: [@ 0x0 - NPSWF32.dll@0x10a61]
what happened while trying javascript,chek it.
You need to log in before you can comment on or make changes to this bug.