Closed
Bug 562442
Opened 14 years ago
Closed 13 years ago
Crash in [@ nsPluginInstanceOwner::ReleasePluginPort(void*)]
Categories
(Core Graveyard :: Plug-ins, defect)
Tracking
(firefox7 affected, firefox8 affected, firefox9 fixed, firefox10 fixed, status1.9.2 unaffected)
VERIFIED
FIXED
| Tracking | Status | |
|---|---|---|
| firefox7 | --- | affected |
| firefox8 | --- | affected |
| firefox9 | --- | fixed |
| firefox10 | --- | fixed |
| status1.9.2 | --- | unaffected |
People
(Reporter: marcia, Assigned: jaas)
Details
(Keywords: crash, verified-aurora, verified-beta, Whiteboard: [sg:high][qa!])
Crash Data
Attachments
(2 files, 1 obsolete file)
|
1.45 KB,
patch
|
jimm
:
review+
|
Details | Diff | Splinter Review |
|
1.46 KB,
patch
|
jst
:
approval-mozilla-aurora+
|
Details | Diff | Splinter Review |
Seen while running Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.3a5pre) Gecko/20100428 Minefield/3.7a5pre https://crash-stats.mozilla.com/report/index/7c982f11-1f35-42ca-bb03-c34a92100428 STR: 1. I was composing an email in Gmail. 2. Added http://www.caltrain.com/pdf/Holiday_Schedules/Caltrain_Weekend_Holiday_Schedule_08-31-2009.pdf to the email and hit Send. 3. The crash occurred Have not been able to repro Frame Module Signature [Expand] Source 0 xul.dll nsPluginInstanceOwner::ReleasePluginPort layout/generic/nsObjectFrame.cpp:5725 1 xul.dll nsObjectFrame::CallSetWindow layout/generic/nsObjectFrame.cpp:1057 2 xul.dll nsObjectFrame::DidReflow layout/generic/nsObjectFrame.cpp:1149 3 xul.dll nsLineLayout::ReflowFrame layout/generic/nsLineLayout.cpp:967 4 xul.dll nsBlockFrame::ReflowInlineFrame layout/generic/nsBlockFrame.cpp:3716 5 xul.dll nsBlockFrame::DoReflowInlineFrames layout/generic/nsBlockFrame.cpp:3511 6 xul.dll nsBlockFrame::ReflowInlineFrames layout/generic/nsBlockFrame.cpp:3365 7 xul.dll nsBlockFrame::ReflowLine layout/generic/nsBlockFrame.cpp:2461 8 xul.dll nsBlockFrame::ReflowDirtyLines layout/generic/nsBlockFrame.cpp:1907 9 xul.dll nsBlockFrame::Reflow layout/generic/nsBlockFrame.cpp:1009 10 xul.dll nsContainerFrame::ReflowChild layout/generic/nsContainerFrame.cpp:736 11 xul.dll nsHTMLReflowState::Init layout/generic/nsHTMLReflowState.cpp:285 12 xul.dll nsCSSFrameConstructor::RestyleElement layout/base/nsCSSFrameConstructor.cpp:8007 13 @0x3802a3f
|
Reporter | |
Updated•14 years ago
|
Summary: Crash in [@nsPluginInstanceOwner::ReleasePluginPort(void*)] → Crash in [@ nsPluginInstanceOwner::ReleasePluginPort(void*)]
Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:1.9.3a5pre) Gecko/20100603 Minefield/3.7a5pre Works for me in the latest trunk build.
|
||
Comment 2•14 years ago
|
||
Happens also in XP in Fx4... http://crash-stats.mozilla.com/report/index/f086e727-aa10-4215-8aa0-73d252101125
|
||
Updated•13 years ago
|
Crash Signature: [@ nsPluginInstanceOwner::ReleasePluginPort(void*)]
This will fix the crash but in cases where we would crash we'll leak the plugin port on Windows. That's much better than what happens now but this patch could be expanded to avoid the leak if someone takes the time to figure out how to re-factor the plugin port memory management here. We could file a separate bug on that and fix it later, a strategy that makes even more sense if we want to lower risk porting this patch to aurora and beta.
Attachment #570328 -
Flags: review?(bzbarsky)
Attachment #570328 -
Flags: review?(bzbarsky)
Includes a fix for the memory leak.
Attachment #570328 -
Attachment is obsolete: true
Attachment #570696 -
Flags: review?(jmathies)
|
||
Comment 5•13 years ago
|
||
Comment on attachment 570696 [details] [diff] [review] fix v1.1 Looks ok to me.
Attachment #570696 -
Flags: review?(jmathies) → review+
Attachment #571075 -
Flags: approval-mozilla-aurora?
pushed to mozilla-central http://hg.mozilla.org/mozilla-central/rev/978002c0b0ad
Status: NEW → RESOLVED
Closed: 13 years ago
Resolution: --- → FIXED
|
||
Comment 8•13 years ago
|
||
Comment on attachment 571075 [details] [diff] [review] aurora fix v1.0 a=drivers per today's meeting.
Attachment #571075 -
Flags: approval-mozilla-aurora? → approval-mozilla-aurora+
pushed to aurora http://hg.mozilla.org/releases/mozilla-aurora/rev/3c039628db9b
status-firefox10:
--- → fixed
status-firefox7:
--- → affected
status-firefox8:
--- → affected
status-firefox9:
--- → fixed
|
||
Comment 10•13 years ago
|
||
Adding [qa+] for bug verification. We can try the steps in comment #0, but since we can't reproduce reliably we can check crash-stats before and after fix.
Whiteboard: sg:high → sg:high,[qa+]
|
||
Comment 11•13 years ago
|
||
I'm seeing no instances of this crash on crash-stats for anything newer than Firefox 8. Marking verified.
Status: RESOLVED → VERIFIED
Keywords: verified-aurora,
verified-beta
Whiteboard: sg:high,[qa+] → sg:high,[qa!]
|
||
Updated•13 years ago
|
Whiteboard: sg:high,[qa!] → [sg:high][qa!]
|
|
||
Comment 12•13 years ago
|
||
Does not appear to affect the 1.9.2 branch https://crash-stats.mozilla.com/report/list?product=Firefox&query_search=signature&query_type=contains&query=nsPluginInstanceOwner%3A%3AReleasePluginPort%28void*%29&reason_type=contains&date=12%2F07%2F2011%2014%3A25%3A51&range_value=1&range_unit=weeks&hang_type=any&process_type=any&do_query=1&signature=nsPluginInstanceOwner%3A%3AReleasePluginPort%28void*%29
status1.9.2:
--- → unaffected
|
|
||
Updated•12 years ago
|
Group: core-security
|
||
Updated•2 years ago
|
Product: Core → Core Graveyard
You need to log in
before you can comment on or make changes to this bug.
Description
•