Closed
Bug 656006
Opened 13 years ago
Closed 13 years ago
Crash [@ nsPluginStreamListenerPeer::OnStartRequest(nsIRequest*, nsISupports*) ] | ASSERTION: You can't dereference a NULL nsRefPtr with operator->().: 'mRawPtr != 0
Categories
(Core Graveyard :: Plug-ins, defect)
Core Graveyard
Plug-ins
Tracking
(firefox7 affected, firefox8 affected, firefox9 fixed, firefox10 fixed)
VERIFIED
FIXED
mozilla10
People
(Reporter: bc, Assigned: jaas)
References
()
Details
(4 keywords, Whiteboard: [qa!])
Crash Data
Attachments
(2 files)
1.45 KB,
patch
|
bzbarsky
:
review+
|
Details | Diff | Splinter Review |
1.47 KB,
patch
|
christian
:
approval-mozilla-aurora+
|
Details | Diff | Splinter Review |
see also Bug 623638 1. http://www.babista.de/shop/Mode-fuer-Maenner/Themen/Outdoor-Bekleidung-Hemd/product/142003/group/167390/Produktzoom-Flashviewer.a1405.0.html 2. ASSERTION: You can't dereference a NULL nsRefPtr with operator->().: 'mRawPtr != 0', file c:\work\mozilla\builds\2.0.0\mozilla\firefox-debug\dist\include\nsAutoPtr.h, line 1117 3. Crash nightly: bp-1de6430a-e70d-4fdc-8e9d-132582110510 1.9.2 : bp-6a6b023c-d7e0-4244-b3d4-ca48f2110510 xul.dll!nsRefPtr<nsNPAPIPluginInstance>::operator->() Line 1117 + 0x23 bytes C++ xul.dll!nsPluginStreamListenerPeer::OnStartRequest(nsIRequest * request=0x06551ddc, nsISupports * aContext=0x00000000) Line 557 + 0xb bytes C++ xul.dll!nsObjectLoadingContent::OnStartRequest(nsIRequest * aRequest=0x06551ddc, nsISupports * aContext=0x00000000) Line 739 + 0x2d bytes C++ xul.dll!nsHttpChannel::CallOnStartRequest() Line 773 + 0x44 bytes C++ xul.dll!nsHttpChannel::ContinueProcessNormal(unsigned int rv=0) Line 1224 + 0x8 bytes C++ xul.dll!nsHttpChannel::ProcessNormal() Line 1162 C++ xul.dll!nsHttpChannel::ProcessResponse() Line 1111 + 0x8 bytes C++ xul.dll!nsHttpChannel::OnStartRequest(nsIRequest * request=0x067c7e00, nsISupports * ctxt=0x00000000) Line 3899 + 0xe bytes C++ xul.dll!nsInputStreamPump::OnStateStart() Line 441 + 0x2c bytes C++ xul.dll!nsInputStreamPump::OnInputStreamReady(nsIAsyncInputStream * stream=0x05a98920) Line 397 + 0xb bytes C++ xul.dll!nsInputStreamReadyEvent::Run() Line 115 C++ xul.dll!nsThread::ProcessNextEvent(int mayWait=1, int * result=0x0012d730) Line 618 + 0x19 bytes C++ xul.dll!NS_ProcessNextEvent_P(nsIThread * thread=0x04624df0, int mayWait=1) Line 250 + 0x16 bytes C++ xul.dll!mozilla::ipc::MessagePump::Run(base::MessagePump::Delegate * aDelegate=0x0039fcf8) Line 134 + 0xe bytes C++ xul.dll!MessageLoop::RunInternal() Line 219 C++ xul.dll!MessageLoop::RunHandler() Line 203 C++ xul.dll!MessageLoop::Run() Line 177 C++ xul.dll!nsBaseAppShell::Run() Line 191 C++ xul.dll!nsAppShell::Run() Line 248 + 0x9 bytes C++ A quick save and test didn't reproduce. :-(
Comment 1•13 years ago
|
||
I can reproduce on a Mac nightly - https://crash-stats.mozilla.com/report/index/fc7b4f85-9810-4b12-98e2-99cba2110510
OS: Windows XP → All
Hardware: x86 → All
Reporter | ||
Comment 2•13 years ago
|
||
update crash bugs to critical per guidelines.
Severity: normal → critical
Updated•13 years ago
|
Crash Signature: [@ nsPluginStreamListenerPeer::OnStartRequest(nsIRequest*, nsISupports*) ]
Reporter | ||
Comment 3•13 years ago
|
||
There are only a hand full of crashes in the last week (7 total). Two involve Flash (10.3.183.7 and 10.3.183.10) but I can not reproduce them nor the original url in automation or locally. I think this is wfm and any further reproducible instances deserve a new bug.
Status: NEW → RESOLVED
Closed: 13 years ago
Resolution: --- → WORKSFORME
I was reading code for something else, noticed a bug that should cause crashes, and sure enough here is the report. This is our bug, not surprised it is hard to repro though. Patch coming up.
Assignee: nobody → joshmoz
Status: RESOLVED → REOPENED
Resolution: WORKSFORME → ---
Attachment #572097 -
Flags: review?(bzbarsky)
Comment 6•13 years ago
|
||
Comment on attachment 572097 [details] [diff] [review] fix v1.0 r=me
Attachment #572097 -
Flags: review?(bzbarsky) → review+
Attachment #572112 -
Flags: approval-mozilla-aurora?
status-firefox10:
--- → affected
status-firefox7:
--- → affected
status-firefox8:
--- → affected
status-firefox9:
--- → affected
pushed to mozilla-inbound http://hg.mozilla.org/integration/mozilla-inbound/rev/b820af78bed1
Comment 9•13 years ago
|
||
https://hg.mozilla.org/mozilla-central/rev/b820af78bed1
Status: REOPENED → RESOLVED
Closed: 13 years ago → 13 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla10
Comment 10•13 years ago
|
||
Comment on attachment 572112 [details] [diff] [review] aurora fix v1.0 [triage comment] Approved for aurora. Please land today if at all possible.
Attachment #572112 -
Flags: approval-mozilla-aurora? → approval-mozilla-aurora+
Assignee | ||
Comment 11•13 years ago
|
||
pushed to mozilla-aurora http://hg.mozilla.org/releases/mozilla-aurora/rev/3ed4686333f2
Comment 12•13 years ago
|
||
Could you please tell me how to test this ?
Reporter | ||
Comment 13•13 years ago
|
||
Paul, normally just loading the url would be sufficient however I can no longer reproduce the crash on older builds so it is not possible to test a crashing build then test a non crash build to see if the patch actually fixed this particular issue. I think we just need to punt.
Reporter | ||
Comment 14•13 years ago
|
||
FWIW, I just retested the 3 urls I had for this crash in the automation on Beta/9, Aurora/10, Nightly/11 on Linux, Mac, Windows and did not reproduce any crashes. I'll call it verified.
Status: RESOLVED → VERIFIED
Comment 15•13 years ago
|
||
I agree. The issue is not reproducible on: Mozilla/5.0 (Windows NT 5.1; rv:9.0) Gecko/20100101 Firefox/9.0 Mozilla/5.0 (Windows NT 5.1; rv:10.0a2) Gecko/20111127 Firefox/10.0a2 Mozilla/5.0 (Windows NT 5.1; rv:11.0a1) Gecko/20111127 Firefox/11.0a1 Mozilla/5.0 (Windows NT 6.1; rv:9.0) Gecko/20100101 Firefox/9.0 Mozilla/5.0 (Windows NT 6.1; rv:10.0a2) Gecko/20111127 Firefox/10.0a2 Mozilla/5.0 (Windows NT 6.1; rv:11.0a1) Gecko/20111127 Firefox/11.0a1 Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:9.0) Gecko/20100101 Firefox/9.0 Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:10.0a2) Gecko/20111127 Firefox/10.0a2 Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:11.0a1) Gecko/20111127 Firefox/11.0a1 Mozilla/5.0 (X11; Linux i686; rv:9.0) Gecko/20100101 Firefox/9.0 Mozilla/5.0 (X11; Linux i686; rv:10.0a2) Gecko/20111128 Firefox/10.0a2 Mozilla/5.0 (X11; Linux i686; rv:11.0a1) Gecko/20111128 Firefox/11.0a1
Updated•13 years ago
|
Keywords: verified-aurora,
verified-beta
Whiteboard: [qa+] → [qa!]
Updated•9 years ago
|
Keywords: testcase-wanted
Updated•2 years ago
|
Product: Core → Core Graveyard
You need to log in
before you can comment on or make changes to this bug.
Description
•