Closed
Bug 532565
Opened 15 years ago
Closed 8 years ago
Crash in [@ QuakeLivePlugin@0x5acc ] when exiting Quake Live game
Categories
(Plugins Graveyard :: Quake Live, defect)
Plugins Graveyard
Quake Live
Tracking
(Not tracked)
RESOLVED
INCOMPLETE
People
(Reporter: marcia, Assigned: dkoenig)
References
()
Details
(Keywords: crash, Whiteboard: [crashkill])
Crash Data
Attachments
(1 file)
1.03 KB,
patch
|
jaas
:
review-
|
Details | Diff | Splinter Review |
Seen while running Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; en-US; rv:1.9.2b4) Gecko/20091124 Firefox/3.6b4. Not able to reproduce using Win 7 or Win XP. STR: 1. Visit http://www.quakelive.com/ 2. Install the plugin 3. Register an account and start the game. Exit the game. 4. Crash Both of these stacks show up in the Beta 4 results with the same description of closing the Quake Live game. It seems that the game might not be compatible with 3.6 but I did not get an unsupported browser message. I also tested this in Namoroka and I crashed with this report - http://crash-stats.mozilla.com/report/index/bp-e33ef54f-1599-4ee6-99b7-3ac692091202 - which just shows a slightly different stack than when I crashed a second time - this time in Yield Request - http://crash-stats.mozilla.com/report/index/bp-69b6905a-dcb7-4905-9be2-715a42091202. Signature JS_YieldRequest UUID 69b6905a-dcb7-4905-9be2-715a42091202 Time 2009-12-02 16:25:08.936378 Uptime 966 Last Crash 3035 seconds before submission Product Firefox Version 3.6b4 Build ID 20091124201530 Branch 1.9.2 OS Mac OS X OS Version 10.6.2 10C540 CPU x86 CPU Info GenuineIntel family 6 model 7 stepping 6 Crash Reason EXC_BAD_ACCESS / KERN_PROTECTION_FAILURE Crash Address 0x1a4 User Comments Quake Live Processor Notes Crashing Thread Frame Module Signature [Expand] Source libmozjs.dylib JS_YieldRequest js/src/jsapi.cpp:929 1 XUL XPCJSContextStack::Pop js/src/xpconnect/src/xpcthreadcontext.cpp:112 2 XUL nsCxPusher::Pop content/base/src/nsContentUtils.cpp:2878 3 XUL nsContentUtils::CopyNewlineNormalizedUnicodeTo content/base/src/nsContentUtils.cpp:2705 4 XUL nsEventListenerManager::HandleEvent content/events/src/nsEventListenerManager.cpp:1166 5 XUL nsEventTargetChainItem::HandleEvent content/events/src/nsEventDispatcher.cpp:246 6 XUL nsEventTargetChainItem::HandleEventTargetChain content/events/src/nsEventDispatcher.cpp:310 7 XUL nsEventDispatcher::Dispatch content/events/src/nsEventDispatcher.cpp:573 8 XUL nsEventDispatcher::DispatchDOMEvent content/events/src/nsEventDispatcher.cpp:636 9 XUL nsGlobalWindow::DispatchEvent dom/base/nsGlobalWindow.cpp:6504 10 XUL nsGlobalWindow::DispatchEvent dom/base/nsGlobalWindow.cpp:6487 11 XUL nsContentUtils::DispatchTrustedEvent content/base/src/nsContentUtils.cpp:3226 12 XUL nsFocusManager::WindowRaised dom/base/nsFocusManager.cpp:663 13 XUL nsWebShellWindow::HandleEvent xpfe/appshell/src/nsWebShellWindow.cpp:416 14 XUL nsCocoaWindow::DispatchEvent widget/src/cocoa/nsCocoaWindow.mm:1259 15 XUL -[WindowDelegate sendFocusEvent:] widget/src/cocoa/nsCocoaWindow.mm:1733 16 XUL -[WindowDelegate sendToplevelActivateEvents] widget/src/cocoa/nsCocoaWindow.mm:1768 17 XUL +[TopLevelWindowData activateInWindow:] widget/src/cocoa/nsWindowMap.mm:221 18 Foundation _nsnote_callback 19 CoreFoundation __CFXNotificationPost 20 CoreFoundation _CFXNotificationPostNotification 21 Foundation -[NSNotificationCenter postNotificationName:object:userInfo:] 22 Foundation -[NSNotificationCenter postNotificationName:object:] 23 AppKit -[NSWindow becomeMainWindow] 24 AppKit -[NSWindow _changeKeyAndMainLimitedOK:] 25 AppKit -[NSWindow _orderOutAndCalcKeyWithCounter:stillVisible:docWindow:] 26 AppKit -[NSWindow _reallyDoOrderWindow:relativeTo:findKey:forCounter:force:isModal:] 27 AppKit -[NSWindow orderWindow:relativeTo:] 28 AppKit -[NSWindow orderOut:] 29 quakelive quakelive@0xdc3d6 30 quakelive quakelive@0xdc4ef 31 quakelive quakelive@0x140a2 32 quakelive quakelive@0x5ea56 33 quakelive quakelive@0x60b52 34 quakelive quakelive@0x76bb9 35 quakelive quakelive@0x74fd0 36 quakelive quakelive@0x7a7fd 37 quakelive quakelive@0xe1502 38 quakelive quakelive@0xe39b0 39 libSystem.B.dylib _pthread_start 40 libSystem.B.dylib thread_start
Assignee: general → nobody
Component: JavaScript Engine → DOM
QA Contact: general → general
Summary: Crash in [ @ JS_YieldRequest ] or [@ JS_RestoreFrameChain] when exiting Quake Live game → Crash in [@ JS_YieldRequest ] or [@ JS_RestoreFrameChain] when exiting Quake Live game
Comment 1•15 years ago
|
||
maybe we should turn this into a tracking bug for crashes on the quake site. There are 3 different signatures reported, but there might be 1-3 or even more problems across those signatures. There is a low volume JS_YieldRequest crash on 3.6beta (mac only so far) There is a low volume QuakeLivePlugin crash on 3.5.x and 3.6beta (mac only) and There is a high volume JS_RestoreFrameChain on 3.0,3.5,3.6 beta crash that is cross platform and also might be multiple crash problems, part of which can be seen on the quake site. 1-7 crashes per day for JS_YieldRequest on 200911 * -crashdata Correlation to releases checking --- 20091126-crashdata.csv JS_YieldRequest release total-crashes JS_YieldRequest crashes pct. all 211758 7 3.30566e-05 3.0.15 45831 0 3.5.5 110383 0 3.6b4 3254 1 0.000307314 3.6b3 12942 6 0.000463607 3.6b2 1318 0 3.6b1 2801 0 os breakdown 4 0.571429 Mac OS X10.5.8 9L30 2 0.285714 Mac OS X10.6.2 10C540 1 0.142857 Mac OS X10.5.8 9L31a 4 JS_YieldRequest Mac OS X 10.5.8 9L30 2 JS_YieldRequest Mac OS X 10.6.2 10C540 1 JS_YieldRequest Mac OS X 10.5.8 9L31a 1-10 crashes per day for QuakeLivePlugin on 200911 * -crashdata all releases 3 3.5.2 7 3.5.5 os breakdown 5 0.5 Mac OS X10.6.2 10C540 5 0.5 Mac OS X10.5.8 9L31a 109 - 191 crashes for JS_RestoreFrameChain on 200911 * -crashdata with increase at the end of the month Correlation to releases checking --- 20091130-crashdata.csv JS_RestoreFrameChain release total-crashes JS_RestoreFrameChain crashes pct. all 233706 191 0.000817266 3.0.15 50334 37 0.00073509 3.5.5 122547 104 0.000848654 3.6b4 16576 18 0.00108591 3.6b3 2703 3 0.00110988 3.6b2 1193 0 3.6b1 2776 3 0.00108069 os breakdown 77 0.403141 Windows NT5.1.2600 Service Pack 3 41 0.21466 Windows NT5.1.2600 Service Pack 2 23 0.120419 Windows NT6.0.6002 Service Pack 2 13 0.0680628 Windows NT6.0.6001 Service Pack 1 13 0.0680628 Windows NT6.0.6000 4 0.0209424 Windows NT6.1.7600 4 0.0209424 Mac OS X10.5.8 9L30 3 0.0157068 Mac OS X10.5.8 9L31a 2 0.0104712 Windows NT5.1.2600 Service Pack 1 2 0.0104712 Windows NT5.1.2600 Dodatek Service Pack 3 2 0.0104712 Windows NT5.1.2600 Dodatek Service Pack 2 2 0.0104712 Mac OS X10.6.2 10C540 2 0.0104712 Mac OS X10.4.11 8S2167 1 0.0052356 Windows NT6.1.7100 1 0.0052356 Windows NT5.1.2600
Summary: Crash in [@ JS_YieldRequest ] or [@ JS_RestoreFrameChain] when exiting Quake Live game → Crash in [@ JS_YieldRequest ] or [@ JS_RestoreFrameChain] [@ QuakeLivePlugin@0x5acc ] when exiting Quake Live game
Reporter | ||
Comment 2•15 years ago
|
||
Bug 532777 is now on file for the [ @ JS_RestoreFrameChain ] crashes. I will create a separate bug for Yield Request and then leave this as the QuakeLive Plugin crash.
Reporter | ||
Comment 3•15 years ago
|
||
Bug 532780 is on file for [ @ JS_YieldRequest ]. Updating bug summary to reflect that fact.
Summary: Crash in [@ JS_YieldRequest ] or [@ JS_RestoreFrameChain] [@ QuakeLivePlugin@0x5acc ] when exiting Quake Live game → Crash in [@ QuakeLivePlugin@0x5acc ] when exiting Quake Live game
bug 520639 seems to have fixed a bunch of crashes related to unloading of plugins. Might it have fixed these too?
Reporter | ||
Comment 5•15 years ago
|
||
I still use crash using the latest 1.9.2 nightly - see https://bugzilla.mozilla.org/show_bug.cgi?id=532780#c1. Even though the stack is slightly different it is the same set of STR which results in a crash.
Do the same steps cause a crash on 3.5 (and 3.0)?
Reporter | ||
Comment 7•15 years ago
|
||
Just tried using Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5 and I crash following the same steps. The Quakelive Plugin Version # is 0.1.0.277. (In reply to comment #6) > Do the same steps cause a crash on 3.5 (and 3.0)?
Reporter | ||
Comment 8•15 years ago
|
||
Using Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; en-US; rv:1.9.0.15) Gecko/2009101600 Firefox/3.0.15, the plugin does not seem to be recognized so I cannot actually enter the game since the setup never finishes.
Reporter | ||
Comment 9•14 years ago
|
||
Using the latest trunk build, Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; en-US; rv:1.9.3a2pre) Gecko/20100211 Minefield/3.7a2pre I get a crash in [@ JS_DeleteProperty ] when performing the same STR on Mac. http://crash-stats.mozilla.com/report/index/63629de4-0782-4415-a850-87cc62100211 is my report.
Comment 10•14 years ago
|
||
Josh, Neil: These crashes seem to indicate that we're receiving an OSX focus event on a thread that is not the main thread, which ends up calling into main-thread-only code on the wrong thread. Could this be our fault for not proxying OSX focus things to the main thread (or otherwise censoring these events when they're off the main thread)? Or is this QuakeLive calling an illegal function off the main thread?
Reporter | ||
Comment 11•14 years ago
|
||
Note this happens on Windows as well. I see it while testing Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.4) Gecko/20100413 Firefox/3.6.4 (.NET CLR 3.5.30729). In this instance I did not get a crash report.
OS: Mac OS X → All
Hardware: x86 → All
Reporter | ||
Comment 12•14 years ago
|
||
I get a similar crash while running 4.0 Beta 1. Here are the steps for this reproducible crash: 1. Open the game and click on the "Skills test" link 2. The browser opens full screen 3. Click the link which says "Play in Browser" I crash right after Step 4 consistently. http://crash-stats.mozilla.com/report/index/598c9b49-c7dc-4b61-a8e0-36f292100629
Comment 13•14 years ago
|
||
Looking at Marcia's crash linked to in the previous comment shows that we get into our event dispatching code on a thread other than the main thread. By that time we've already lost. Josh, this is either a bug in the quake plugin, or we need to protect against activateInWindow (or something around that code in the stack in comment 0) from ever calling into our code if it's ever called off the main thread.
Assignee: nobody → joshmoz
Comment 14•14 years ago
|
||
Quake Live should not be calling things like "-[NSWindow orderOut:]" on any thread other than the main thread. We should contact them about it.
Assignee: joshmoz → nobody
Component: DOM → Quake Live
Product: Core → Plugins
QA Contact: general → quake-live
Version: 1.9.2 Branch → unspecified
Comment 15•14 years ago
|
||
Email sent to Quake Live developers.
Assignee | ||
Comment 16•14 years ago
|
||
Thanks for the report. We'll be taking a look as soon as possible.
Comment 18•14 years ago
|
||
josh: i've had this patch in my tree for ages. (Well, since Jul 7 at least)
Attachment #466491 -
Flags: review?(joshmoz)
Comment 19•14 years ago
|
||
Comment on attachment 466491 [details] [diff] [review] patch from my tree I don't want to get into doing main thread checks all over the place in our widget code. Let's just let id software take care of this. It is easy enough to tell what is going wrong when this happens.
Attachment #466491 -
Flags: review?(joshmoz) → review-
Reporter | ||
Comment 20•13 years ago
|
||
Today while running the nightly I tested this again to see if we still crash. Since the plugin runs only in 32 bit mode, I restated and I still crash on Mac, but the stack is a bit different: [@ XPCJSContextStack::Push ], https://crash-stats.mozilla.com/report/index/bp-43ab18d2-bbc3-463e-824d-cdeb32110217 is that report.
Updated•13 years ago
|
Crash Signature: [@ QuakeLivePlugin@0x5acc ]
Comment 21•8 years ago
|
||
Closing old bugs in the Plugins component. We aren't going to track issues in 3rd-party plugins in the Mozilla bug tracker. In addition, support for NPAPI plugins will be removed at the end of this year; for more details see the post at https://blog.mozilla.org/futurereleases/2015/10/08/npapi-plugins-in-firefox/ If there is a serious bug in Firefox, it needs to be filed in the "Core" product, "Plug-Ins" component.
Status: NEW → RESOLVED
Closed: 8 years ago
Resolution: --- → INCOMPLETE
Updated•8 years ago
|
Product: Plugins → Plugins Graveyard
You need to log in
before you can comment on or make changes to this bug.
Description
•