nsPluginHost::TrySetUpPluginInstance() right now contains the pseudo code: instance = CreateInstance() aOwner->SetInstance(instance) instance->Initialize() if (failed) return which returns out of this code with the owner holding on to a plugin instance that was not successfully initialized. Depending on what happens next, this can cause problems down the road, especially if plugins are reloaded before the instance owner tries to tear down this instance. We should at the very least null out the instance in the owner when we fail to initialize the plugin instance here.
Created attachment 416814 [details] [diff] [review] fix v1.0
pushed to mozilla-central http://hg.mozilla.org/mozilla-central/rev/6515875bfbc3
We should take this fix for 1.9.2 since this fixes bug 491722.
Created attachment 425856 [details] [diff] [review] Fix for 1.9.1
Comment on attachment 416814 [details] [diff] [review] fix v1.0 a1922=beltzner
pushed to mozilla-1.9.2 http://hg.mozilla.org/releases/mozilla-1.9.2/rev/ecfa2e50f8d8
Josh, is that 1.9.1 patch ready to go? We need it to fix the blocker bug 491722.
Comment on attachment 425856 [details] [diff] [review] Fix for 1.9.1 Actually, just a=beltzner for 1.9.1 on this patch. It's reviewed and all :)
Is there a way for QA to verify this fix?