Closed
Bug 486940
Opened 15 years ago
Closed 15 years ago
Opening any pdf causes crash [@ libgobject-2.0.so.0.1600.6@0xca1a ] or [@ libgobject-2.0.so.0.1800.2@0xcf0a ] or [@ libgobject-2.0.so.0.2000.0@0xcf4a ]
Categories
(Core Graveyard :: Plug-ins, defect, P1)
Tracking
(status1.9.2 beta1-fixed)
VERIFIED
FIXED
mozilla1.9.2a1
Tracking | Status | |
---|---|---|
status1.9.2 | --- | beta1-fixed |
People
(Reporter: kbrosnan, Assigned: Swatinem)
References
()
Details
(Keywords: crash, regression)
Crash Data
Attachments
(1 file, 2 obsolete files)
1.65 KB,
patch
|
karlt
:
review+
roc
:
superreview+
|
Details | Diff | Splinter Review |
In the trunk install the Adobe Reader plug-in and open any pdf. Crash stats shows that this started around February 3rd. All the comments say open a pdf. http://crash-stats.mozilla.com/report/list?product=Firefox&version=Firefox%3A3.2a1pre&version=Firefox%3A3.6a1pre&query_search=signature&query_type=exact&query=libgobject-2.0.so.0.1800.2%400xcf0a&date=&range_value=4&range_unit=weeks&do_query=1&signature=libgobject-2.0.so.0.1800.2%400xcf0a 0 libgobject-2.0.so.0.1800.2 libgobject-2.0.so.0.1800.2@0xcf0a 1 libgtk-x11-2.0.so.0.1400.4 libgtk-x11-2.0.so.0.1400.4@0x247107 2 libxul.so gtk_xtbin_new widget/src/gtkxtbin/gtk2xtbin.c:385 3 libxul.so _getvalue modules/plugin/base/src/nsNPAPIPlugin.cpp:1900 4 nppdf.so nppdf.so@0x10999 5 nppdf.so nppdf.so@0x3831 6 nppdf.so nppdf.so@0x10f55 7 libxul.so nsNPAPIPlugin::CreatePlugin(char const*, char const*, PRLibrary*, nsIPlugin**) modules/plugin/base/src/nsNPAPIPlugin.cpp:391 8 libxul.so nsPluginHostImpl::GetPluginFactory(char const*, nsIPlugin**) modules/plugin/base/src/nsPluginHostImpl.cpp:4403 9 libxul.so nsPluginHostImpl::TrySetUpPluginInstance(char const*, nsIURI*, nsIPluginInstanceOwner*) modules/plugin/base/src/nsPluginHostImpl.cpp:3777 10 libxul.so nsPluginHostImpl::SetUpPluginInstance(char const*, nsIURI*, nsIPluginInstanceOwner*) modules/plugin/base/src/nsPluginHostImpl.cpp:3639 11 libxul.so nsPluginHostImpl::InstantiateFullPagePlugin(char const*, nsIURI*, nsIStreamListener*&, nsIPluginInstanceOwner*) modules/plugin/base/src/nsPluginHostImpl.cpp:3453 12 libxul.so nsObjectFrame::InstantiatePlugin(nsIPluginHost*, char const*, nsIURI*) layout/generic/nsObjectFrame.cpp:896 13 libxul.so nsObjectFrame::Instantiate(char const*, nsIURI*) layout/generic/nsObjectFrame.cpp:1808 14 libxul.so nsPluginStreamListener::SetupPlugin() content/html/document/src/nsPluginDocument.cpp:154 15 libxul.so nsPluginStreamListener::OnStartRequest(nsIRequest*, nsISupports*) content/html/document/src/nsPluginDocument.cpp:112 16 libxul.so nsDocumentOpenInfo::OnStartRequest(nsIRequest*, nsISupports*) uriloader/base/nsURILoader.cpp:290 17 libxul.so nsHttpChannel::CallOnStartRequest() netwerk/protocol/http/src/nsHttpChannel.cpp:846 18 libxul.so nsHttpChannel::ProcessNormal() netwerk/protocol/http/src/nsHttpChannel.cpp:1030 19 libxul.so nsHttpChannel::ProcessResponse() netwerk/protocol/http/src/nsHttpChannel.cpp:955 20 libxul.so nsHttpChannel::OnStartRequest(nsIRequest*, nsISupports*) netwerk/protocol/http/src/nsHttpChannel.cpp:4792 21 libxul.so nsInputStreamPump::OnStateStart() netwerk/base/src/nsInputStreamPump.cpp:439 22 libxul.so nsInputStreamPump::OnInputStreamReady(nsIAsyncInputStream*) netwerk/base/src/nsInputStreamPump.cpp:395 23 libxul.so nsInputStreamReadyEvent::Run() xpcom/io/nsStreamUtils.cpp:111 24 libxul.so nsThread::ProcessNextEvent(int, int*) xpcom/threads/nsThread.cpp:510 25 libxul.so NS_ProcessNextEvent_P(nsIThread*, int) nsThreadUtils.cpp:230 26 libxul.so nsBaseAppShell::Run() widget/src/xpwidgets/nsBaseAppShell.cpp:170 27 libxul.so nsAppStartup::Run() toolkit/components/startup/src/nsAppStartup.cpp:192 28 libxul.so XRE_main toolkit/xre/nsAppRunner.cpp:3340 29 firefox-bin main browser/app/nsBrowserApp.cpp:156 30 libc-2.8.90.so libc-2.8.90.so@0x16684
Flags: blocking1.9.2?
Reporter | ||
Comment 1•15 years ago
|
||
Does not crash - Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.2a1pre) Gecko/20090202 Minefield/3.2a1pre Crashes - Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.2a1pre) Gecko/20090203 Minefield/3.2a1pre Checkins involved. http://hg.mozilla.org/mozilla-central/pushloghtml?fromchange=3dfb11111142&tochange=db4d22859940
Comment 2•15 years ago
|
||
Bug 474022 and bug 474116 both seem like potential candidates; bug 475811 is a possibility if Adobe was using nsIXULRuntime (but I doubt it). It might be nice to get someone from Adobe to look at this...
Comment 3•15 years ago
|
||
Given that it's crashing in GTK code, I doubt bug 475811 is to blame. The GTK symbols bug seems fairly possible, Arpad's patch did touch some code in the last Gecko function on the stack (gtk_xtbin_new): http://hg.mozilla.org/mozilla-central/annotate/6cfe70091cfc/widget/src/gtkxtbin/gtk2xtbin.c#l385 so we could be passing bogus data to the GTK libs.
Assignee | ||
Comment 4•15 years ago
|
||
Indeed looks like my xtbin changes are the culprit. I'm looking into this.
Assignee | ||
Comment 5•15 years ago
|
||
This may have been caused by wrong parent class initialization. Unfortonately I can't test this myself as the adobe plugin is not available on x64. I've pushed it to the tryserver. Kevin: would you be so kind as to test the patch as soon as the try server builds are there?
Assignee: nobody → arpad.borsos
Status: NEW → ASSIGNED
Assignee | ||
Comment 6•15 years ago
|
||
https://build.mozilla.org/tryserver-builds/2009-04-05_12:40-arpad.borsos@googlemail.com-try-f74c0ebb564/ There you go.
Reporter | ||
Comment 7•15 years ago
|
||
Still crashes with the tryserver build.
Assignee | ||
Comment 8•15 years ago
|
||
Karlt just pushed this changeset: http://hg.mozilla.org/mozilla-central/rev/c302c800e6f0 Looks like it may be related to this bug. If that doesn't fix it either, then lets back out my changes. Kevin: please test the newest m-c build and check back.
Attachment #371162 -
Attachment is obsolete: true
Comment 9•15 years ago
|
||
The problem change is here: http://hg.mozilla.org/mozilla-central/diff/ce7f39495675/modules/plugin/base/src/nsNPAPIPlugin.cpp GDK_ROOT_WINDOW() returns an XID which is not a GdkWindow*. gdk_get_default_root_window() is the function to use here.
Blocks: 474116
Assignee | ||
Comment 10•15 years ago
|
||
Thanks a lot for catching this Karl. Try server build on its way.
Attachment #371205 -
Attachment is obsolete: true
Attachment #371221 -
Flags: superreview?(roc)
Attachment #371221 -
Flags: review?(mozbugz)
Attachment #371221 -
Flags: superreview?(roc) → superreview+
Reporter | ||
Comment 11•15 years ago
|
||
https://build.mozilla.org/tryserver-builds/2009-04-06_04:35-arpad.borsos@googlemail.com-try-a2b8271ab5f/arpad.borsos@googlemail.com-try-a2b8271ab5f-firefox-try-linux.tar.bz2 - Does not crash when opening a pdf document.
Updated•15 years ago
|
Attachment #371221 -
Flags: review?(mozbugz) → review+
Comment 12•15 years ago
|
||
Adding one more crash signature to bug summary, from a crash on Ubuntu 9.04 (Jaunty) with libgtk2.0-0 package version 2.16.0-1ubuntu2.
Keywords: crash
Summary: Opening any pdf causes crash [@ libgobject-2.0.so.0.1800.2@0xcf0a ] or [@ libgobject-2.0.so.0.1600.6@0xca1a ] → Opening any pdf causes crash [@ libgobject-2.0.so.0.1600.6@0xca1a ] or [@ libgobject-2.0.so.0.1800.2@0xcf0a ] or [@ libgobject-2.0.so.0.2000.0@0xcf4a ]
Assignee | ||
Comment 13•15 years ago
|
||
Comment on attachment 371221 [details] [diff] [review] fix crash [pushed: comment 13] http://hg.mozilla.org/mozilla-central/rev/d056669074c7
Attachment #371221 -
Attachment description: fix crash → fix crash [pushed: comment 13]
Assignee | ||
Updated•15 years ago
|
Status: ASSIGNED → RESOLVED
Closed: 15 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla1.9.2a1
Reporter | ||
Comment 14•15 years ago
|
||
Verified fixed on Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.2a1pre) Gecko/20090407 Minefield/3.6a1pre
Status: RESOLVED → VERIFIED
Updated•15 years ago
|
Updated•13 years ago
|
Crash Signature: [@ libgobject-2.0.so.0.1600.6@0xca1a ]
[@ libgobject-2.0.so.0.1800.2@0xcf0a ]
[@ libgobject-2.0.so.0.2000.0@0xcf4a ]
Updated•2 years ago
|
Product: Core → Core Graveyard
You need to log in
before you can comment on or make changes to this bug.
Description
•