Closed Bug 771345 Opened 8 years ago Closed 3 years ago

crash in mozilla::plugins::PluginInstanceChild::EnsureCurrentBuffer

Categories

(Core :: Plug-ins, defect, critical)

14 Branch
x86
Windows 7
defect
Not set
critical

Tracking

()

RESOLVED WORKSFORME

People

(Reporter: marcia, Unassigned)

Details

(Keywords: crash)

Crash Data

This bug was filed from the Socorro interface and is 
report bp-1237e594-a3b5-4ff1-ba1e-ffbd32120705 .
============================================================= 

Seen while looking at the explosive report - https://crash-stats.mozilla.com/report/list?signature=mozalloc_abort%28char%20const*%20const%29%20|%20mozalloc_handle_oom%28unsigned%20int%29%20|%20moz_xmalloc%20|%20mozilla::plugins::PluginInstanceChild::EnsureCurrentBuffer%28%29

Small spike in FF 14B10 in this signature. 99% correlation to Flash Version 11.3.300.262. Almost all crashes are Windows 7.

Frame 	Module 	Signature 	Source
0 	mozalloc.dll 	mozalloc_abort 	memory/mozalloc/mozalloc_abort.cpp:79
1 	mozalloc.dll 	mozalloc_handle_oom 	memory/mozalloc/mozalloc_oom.cpp:60
2 	mozalloc.dll 	moz_xmalloc 	
3 	xul.dll 	mozilla::plugins::PluginInstanceChild::EnsureCurrentBuffer 	dom/plugins/ipc/PluginInstanceChild.cpp:2647
4 	xul.dll 	mozilla::plugins::PluginInstanceChild::ShowPluginFrame 	dom/plugins/ipc/PluginInstanceChild.cpp:3102
5 	xul.dll 	mozilla::plugins::PluginInstanceChild::InvalidateRectDelayed 	dom/plugins/ipc/PluginInstanceChild.cpp:3352
6 	xul.dll 	MessageLoop::RunTask 	ipc/chromium/src/base/message_loop.cc:318
7 	xul.dll 	MessageLoop::DeferOrRunPendingTask 	ipc/chromium/src/base/message_loop.cc:326
8 	xul.dll 	MessageLoop::DoWork 	ipc/chromium/src/base/message_loop.cc:426
9 	xul.dll 	base::MessagePumpForUI::DoRunLoop 	ipc/chromium/src/base/message_pump_win.cc:214
10 	xul.dll 	base::MessagePumpWin::RunWithDispatcher 	ipc/chromium/src/base/message_pump_win.cc:53
11 	xul.dll 	base::MessagePumpWin::Run 	ipc/chromium/src/base/message_pump_win.h:78
12 	xul.dll 	MessageLoop::RunInternal 	ipc/chromium/src/base/message_loop.cc:208
13 	xul.dll 	MessageLoop::RunHandler 	
14 	xul.dll 	MessageLoop::Run 	ipc/chromium/src/base/message_loop.cc:175
15 	xul.dll 	XRE_InitChildProcess 	toolkit/xre/nsEmbedFunctions.cpp:513
16 	plugin-container.exe 	wmain 	toolkit/xre/nsWindowsWMain.cpp:107
17 	plugin-container.exe 	__tmainCRTStartup 	crtexe.c:594
18 	kernel32.dll 	BaseThreadInitThunk 	
19 	ntdll.dll 	__RtlUserThreadStart 	
20 	ntdll.dll 	_RtlUserThreadStart
Whiteboard: oom
It's #71 top crasher in 14.0b10 and #98 in 15.0a2.

The Beta regression range is (between 14.0b9 and b10):
http://hg.mozilla.org/releases/mozilla-beta/pushloghtml?fromchange=d050090e578c&tochange=e4445f905091
The Aurora regression range is (spiked in 15.0a2/20120624):
http://hg.mozilla.org/releases/mozilla-aurora/pushloghtml?fromchange=2107bc8dd678&tochange=e967f0934767
It might be a regression from bug 686335 that landed in 14.0b9, not b10, and was backed out in 14.0b11.
Keywords: regression
It has replaced a preexisting crash signature that is #69 top crasher in 13.0.1.
Crash Signature: [@ mozalloc_abort(char const* const) | mozalloc_handle_oom(unsigned int) | moz_xmalloc | mozilla::plugins::PluginInstanceChild::EnsureCurrentBuffer()] → [@ mozalloc_abort(char const* const) | mozalloc_handle_oom(unsigned int) | moz_xmalloc | mozilla::plugins::PluginInstanceChild::EnsureCurrentBuffer()] [@ mozalloc_abort(char const* const) | mozalloc_handle_oom(unsigned int) | moz_xmalloc | mozilla::plugi…
Keywords: regression
Blocks: 686335
This doesn't look related to bug 686335 to me: it's present in 13.0.1 and the 14 betas where bug 7686335 was backed out or never landed, and from my current diagnosis I'm pretty sure this is just a protected-mode bug in Flash 11.3.
No longer blocks: 686335
Whiteboard: oom
Crash Signature: mozilla::plugins::PluginInstanceChild::CreateOptSurface()] → mozilla::plugins::PluginInstanceChild::CreateOptSurface()] [@ mozalloc_abort | mozalloc_handle_oom | moz_xmalloc | mozilla::plugins::PluginInstanceChild::EnsureCurrentBuffer] [@ mozalloc_abort | mozalloc_handle_oom | moz_xmalloc | mozilla::plugins::Plu…
I'm marking this bug as WORKSFORME as bug crashlog signature didn't appear from a long time (over half year) in Firefox.
Status: NEW → RESOLVED
Closed: 3 years ago
Resolution: --- → WORKSFORME
You need to log in before you can comment on or make changes to this bug.