Closed
Bug 750217
Opened 13 years ago
Closed 13 years ago
Android crash in nsNPAPIPluginInstance::TimerWithID
Categories
(Core Graveyard :: Plug-ins, defect)
Tracking
(firefox15+, firefox16+ fixed, firefox17 fixed, firefox18 fixed, blocking-fennec1.0 -, fennec+)
RESOLVED
FIXED
mozilla18
People
(Reporter: scoobidiver, Assigned: snorp)
References
Details
(Keywords: crash, reproducible, topcrash, Whiteboard: [native-crash])
Crash Data
Attachments
(1 file)
|
1.06 KB,
patch
|
jaas
:
review+
bajaj
:
approval-mozilla-aurora+
bajaj
:
approval-mozilla-beta+
|
Details | Diff | Splinter Review |
Signature nsNPAPIPluginInstance::TimerWithID More Reports Search
UUID a49c0aac-2407-4a85-addb-fe9be2120430
Date Processed 2012-04-30 11:23:42
Uptime 246
Install Age 4.1 minutes since version was first installed.
Install Time 2012-04-30 11:19:27
Product FennecAndroid
Version 14.0a2
Build ID 20120429042006
Release Channel aurora
OS Linux
OS Version 0.0.0 Linux 2.6.35.11-perf #1 SMP PREEMPT Tue Feb 14 18:02:08 KST 2012 armv7l
Build Architecture arm
Build Architecture Info
Crash Reason SIGSEGV
Crash Address 0x0
App Notes
EGL? EGL+ AdapterVendorID: qcom, AdapterDeviceID: LG-MS840.
AdapterDescription: 'Android, Model: 'LG-MS840', Product: 'cayman_mpcs_us', Manufacturer: 'LGE', Hardware: 'qcom''.
GL Context? GL Context+ GL Layers? GL Layers+
LGE LG-MS840
lge/cayman_mpcs_us/cayman:2.3.6/GRK39F/MS840ZV8.47A73A3A:user/release-keys
EMCheckCompatibility True
Frame Module Signature Source
0 libxul.so nsNPAPIPluginInstance::TimerWithID nsTArray.h:224
1 libxul.so PluginTimerCallback dom/plugins/base/nsNPAPIPluginInstance.cpp:1215
2 libxul.so nsTimerImpl::Fire xpcom/threads/nsTimerImpl.cpp:508
3 libxul.so nsTimerEvent::Run xpcom/threads/nsTimerImpl.cpp:591
4 libxul.so nsThread::ProcessNextEvent xpcom/threads/nsThread.cpp:656
5 libxul.so NS_ProcessNextEvent_P obj-firefox/xpcom/build/nsThreadUtils.cpp:245
6 libxul.so mozilla::ipc::MessagePump::Run ipc/glue/MessagePump.cpp:110
7 libxul.so MessageLoop::RunInternal ipc/chromium/src/base/message_loop.cc:208
8 libxul.so MessageLoop::Run ipc/chromium/src/base/message_loop.cc:201
9 libxul.so nsBaseAppShell::Run widget/xpwidgets/nsBaseAppShell.cpp:189
10 libxul.so nsAppStartup::Run toolkit/components/startup/nsAppStartup.cpp:295
11 libxul.so XREMain::XRE_mainRun toolkit/xre/nsAppRunner.cpp:3780
12 libxul.so XREMain::XRE_main toolkit/xre/nsAppRunner.cpp:3857
13 libxul.so XRE_main toolkit/xre/nsAppRunner.cpp:3933
14 libxul.so GeckoStart toolkit/xre/nsAndroidStartup.cpp:109
...
More reports at:
https://crash-stats.mozilla.com/report/list?signature=nsNPAPIPluginInstance%3A%3ATimerWithID
|
Reporter | |
Comment 1•13 years ago
|
||
It's #15 top crasher in 14.0b6.
|
|
Reporter | |
Comment 2•13 years ago
|
||
Now that some top crashers are fixed, it's #11 top crasher in 14.0b8.
Keywords: topcrash
|
|
Reporter | |
Updated•13 years ago
|
blocking-fennec1.0: --- → ?
|
|
||
Updated•13 years ago
|
URLs listed:
4 http://www.adobe.com/software/flash/about/
2 http://37092.com/supplyself/Shanghai-Automation-Instrumentation-Far-East-Instr_3
1 http://www.kicker.de/news/fussball/bundesliga/spieltag/1-bundesliga/2012-13/1/ta
1 http://www.borsaitaliana.it/borsa/azioni/listino-a-z.html?initial=E
1 http://www.ynet.co.il/home/0,7340,L-8,00.html
1 http://www.nrg.co.il/online/HP_29.html
1 http://truyen.hixx.info/truyen/truyen-kiem-hiep/105326/Vinh-Sinh.html
1 http://www.ynet.co.il/articles/0,7340,L-4246000,00.html
1 http://www.amazon.co.uk/product-reviews/B000Q36488/ref=cm_cr_dp_hist_5?ie=UTF8&s
1 http://www.mangareader.net/damned
1 http://www.dynatron-corp.com/en/products.aspx
|
|
||
Updated•13 years ago
|
|
||
Updated•13 years ago
|
tracking-fennec: --- → +
blocking-fennec1.0: ? → -
|
||
Updated•13 years ago
|
Keywords: reproducible
|
|
Reporter | |
Comment 4•13 years ago
|
||
Cristian, what are the STR?
|
||
Updated•13 years ago
|
Summary: crash in nsNPAPIPluginInstance::TimerWithID → Android crash in nsNPAPIPluginInstance::TimerWithID
|
|
||
Comment 5•13 years ago
|
||
This looks a lot to me like we're tearing down the plugin instance from within the timer (it could also be calling a timer on a dead instance, but I'd expect that to normally crash earlier in the method) . The comment "Make sure we still have an instance and the timer is still alive" is scary. We should almost certainly be protecting against plugin teardown using a PluginDestructionGuard at the top of PluginTimerCallback. Do we have a good way of verifying hunches like that?
|
|
||
Comment 6•13 years ago
|
||
(In reply to Scoobidiver from comment #4)
> Cristian, what are the STR?
I was able to reproduce this crash always with the following STR, but I cannot anymore now on latest Nightly, Aurora or Beta builds.
STR:
1. Open Fennec
2. Go to http://www.adobe.com/software/flash/about/
3. Tap to activate flash plugin
4. Wait
Expected result:
No crash should occur.
Actual result:
This crash will occur.
On the latest builds, instead of this crash, I will get some libflashplayer.so crashes.
--
Device: Galaxy Nexus
OS: Android 4.0.4
Keywords: reproducible
|
|
Reporter | |
Comment 7•13 years ago
|
||
It's now #3 top crasher in 15.0b6.
|
|
||
Comment 8•13 years ago
|
||
I am always able to reproduce this crash on the latest Nightly by following these STR:
1. Go to http://goo.gl/j3xAP (http://www.digisport.ro/Sport/FOTBAL/Competitii/Liga+1/fc+vaslui+steaua+live+text+video)
2. Tap on any video to enable the flash plug in
3. Tap on the Reader Mode icon from URL Bar
Expected result:
The page should be displayed in Reader Mode correctly.
Actual result:
https://crash-stats.mozilla.com/report/index/bp-ced8caed-1b5d-458c-83f3-82aed2120828
--
Firefox 18.0a1 (2012-08-28)
Device: Galaxy Note
OS: Android 4.0.4
|
|
Reporter | |
Updated•13 years ago
|
tracking-firefox16:
--- → ?
|
|
||
Updated•13 years ago
|
tracking-firefox15:
--- → +
|
|
||
Comment 9•13 years ago
|
||
Snorp - do you have the time to look into this? If not, please hand this off to blassey to reassign.
Assignee: nobody → snorp
|
Assignee | |
Comment 10•13 years ago
|
||
(In reply to Alex Keybl [:akeybl] from comment #9)
> Snorp - do you have the time to look into this? If not, please hand this off
> to blassey to reassign.
I can look at it.
|
|
Assignee | |
Comment 11•13 years ago
|
||
Attachment #659754 -
Flags: review?(joshmoz)
|
||
Comment 14•13 years ago
|
||
(In reply to James Willcox (:snorp) (jwillcox@mozilla.com) from comment #11)
> Created attachment 659754 [details] [diff] [review]
> Don't schedule plugin timers if the plugin isn't running
How did you confirm that this patch works? Were you able to reproduce locally, and this patch fixed the problem, or is this a guess?
|
|
Assignee | |
Comment 15•13 years ago
|
||
(In reply to Josh Aas (Mozilla Corporation) from comment #14)
> (In reply to James Willcox (:snorp) (jwillcox@mozilla.com) from comment #11)
> > Created attachment 659754 [details] [diff] [review]
> > Don't schedule plugin timers if the plugin isn't running
>
> How did you confirm that this patch works? Were you able to reproduce
> locally, and this patch fixed the problem, or is this a guess?
Yes, I was able to reproduce it locally. This patch fixed it.
Attachment #659754 -
Flags: review?(joshmoz) → review+
|
|
Assignee | |
Comment 16•13 years ago
|
||
|
||
Comment 17•13 years ago
|
||
Status: NEW → RESOLVED
Closed: 13 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla18
|
|
Reporter | |
Updated•13 years ago
|
status-firefox15:
--- → affected
status-firefox16:
--- → affected
status-firefox17:
--- → affected
status-firefox18:
affected → ---
|
|
||
Comment 18•13 years ago
|
||
Please nominate for Aurora/Beta approval this week, once comfortable with the landed change.
|
|
Assignee | |
Comment 19•13 years ago
|
||
No crashes since 9/9 build it looks like, which doesn't include my fix. Still, seems to be good now.
status-firefox15:
affected → ---
status-firefox16:
affected → ---
status-firefox17:
affected → ---
status-firefox18:
--- → affected
Target Milestone: mozilla18 → ---
|
|
Assignee | |
Comment 20•13 years ago
|
||
Comment on attachment 659754 [details] [diff] [review]
Don't schedule plugin timers if the plugin isn't running
[Approval Request Comment]
Fixes prominent plugin crash, low-risk
Attachment #659754 -
Flags: approval-mozilla-beta?
Attachment #659754 -
Flags: approval-mozilla-aurora?
|
|
Reporter | |
Updated•13 years ago
|
status-firefox18:
affected → ---
Target Milestone: --- → mozilla18
|
||
Updated•13 years ago
|
Attachment #659754 -
Flags: approval-mozilla-beta?
Attachment #659754 -
Flags: approval-mozilla-beta+
Attachment #659754 -
Flags: approval-mozilla-aurora?
Attachment #659754 -
Flags: approval-mozilla-aurora+
|
|
Assignee | |
Comment 21•13 years ago
|
||
|
|
Assignee | |
Comment 22•13 years ago
|
||
|
|
Assignee | |
Updated•13 years ago
|
|
|
Reporter | |
Comment 23•13 years ago
|
||
It's not fully fixed because there are one crash in 18.0a1/20120919 and another in 17.0a2/20120920.
|
|
||
Comment 24•12 years ago
|
||
Do the same
> (In reply to Scoobidiver from comment #4)
> > Cristian, what are the STR?
>
> I was able to reproduce this crash always with the following STR, but I
> cannot anymore now on latest Nightly, Aurora or Beta builds.
>
> STR:
> 1. Open Fennec
> 2. Go to http://www.adobe.com/software/flash/about/
> 3. Tap to activate flash plugin
> 4. Wait
>
> Expected result:
> No crash should occur.
>
> Actual result:
> This crash will occur.
>
>
> On the latest builds, instead of this crash, I will get some
> libflashplayer.so crashes.
>
> --
> Device: Galaxy Nexus
> OS: Android 4.0.4
But there're still crash page: http://truyenyy.com/doc-truyen/dinh-cap-luu-manh/chuong-957/ in 19.02 version.
|
|
Reporter | |
Comment 25•12 years ago
|
||
Steve, this bug is fixed. In addition, the release version is 20.0.1.
If you experience crashes on that site, type about:crashes, click the crash report and scroll down to Related Bugs to see where there's a related bug.
|
||
Updated•3 years ago
|
Product: Core → Core Graveyard
You need to log in
before you can comment on or make changes to this bug.
Description
•