User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; cs-CZ; rv:1.9.1b4) Gecko/20090427 Fedora/3.5-0.20.beta4.fc11 Firefox/3.5b4 Build Identifier: firefox-3.5-0.20.beta4.fc11.x86_64 (originally filed as https://bugzilla.redhat.com/show_bug.cgi?id=506692) When I close a tab containing an IBM server remote management applet, firefox segfaults. This may be specific to the particular applet as I tested some tests applets at sun.com and FF did survive..but anyway, it shouldn't crash. Version packages used: firefox-3.5-0.20.beta4.fc11.x86_64 xulrunner-1.9.1-0.20.beta4.fc11.x86_64 nspluginwrapper-1.3.0-5.fc11.x86_64 java-1.6.0-openjdk-18.104.22.168-22.b16.fc11.x86_64 java-1.6.0-openjdk-plugin-22.214.171.124-22.b16.fc11.x86_64 Reproducible: Always Steps to Reproduce: 1. login into the IBM remote server web tool 2. use their applet 3. close the tab with the applet 4. Kaboooom Actual Results: crash Expected Results: no crash
Created attachment 384089 [details] backtrace > It's here: > > rv = mOwner->GetDocument(getter_AddRefs(document)); > > so i suppose the mOwner is null or some bogus value. Reporter, can you attach > the mOwner value and some extended bactrace with local variables? The mOwner value indeed is NULL: --- 805 rv = mOwner->GetDocument(getter_AddRefs(document)); (gdb) print mOwner $1 = (class nsIPluginInstanceOwner *) 0x0 ---
1.46 <email@example.com> 2001-05-19 01:31 Fixing xpcdom plugin regression bug 80794, patch by myself and firstname.lastname@example.org
Created attachment 384092 [details] [diff] [review] this is the only instance for this class that isn't checked
Can we have this fix in 1.9.1? The fix looks safe and users keep reporting this crash on Fedora12/ff 3.5.x.
Comment on attachment 384092 [details] [diff] [review] this is the only instance for this class that isn't checked Martin Stránský, please use attachment flags to request approval.
Comment on attachment 384092 [details] [diff] [review] this is the only instance for this class that isn't checked a=beltzner
i tried this with ubuntu within a virtual machine, and cannot reproduce the crash on Fx3.6.7. can someone with IBM remote server and fedora verify the fix here on Fx3.6.7? i dont have the environment where the crash is reported.