Closed
Bug 777460
Opened 13 years ago
Closed 13 years ago
crash in nsNPAPIPluginInstance::CreateSharedHandle on Honeycomb and above
Categories
(Core Graveyard :: Plug-ins, defect)
Tracking
(firefox17+ fixed, firefox18 fixed, fennec17+)
RESOLVED
FIXED
mozilla19
People
(Reporter: scoobidiver, Assigned: snorp)
Details
(Keywords: crash, topcrash, Whiteboard: [native-crash])
Crash Data
Attachments
(1 file)
|
3.41 KB,
patch
|
blassey
:
review+
lsblakk
:
approval-mozilla-aurora+
lsblakk
:
approval-mozilla-beta+
|
Details | Diff | Splinter Review |
It has been hit by one user in 17.0a1/20120721041038 and 17.0a1/20120725030556, each time after bug 687267 landed on m-c.
Signature nsNPAPIPluginInstance::CreateSharedHandle More Reports Search
UUID 678911b3-3080-4481-982e-63a2d2120725
Date Processed 2012-07-25 19:06:20
Uptime 41
Last Crash 48 seconds before submission
Install Age 7.5 minutes since version was first installed.
Install Time 2012-07-25 18:58:06
Product FennecAndroid
Version 17.0a1
Build ID 20120725030556
Release Channel nightly
OS Linux
OS Version 0.0.0 Linux 2.6.36.3 #1 SMP PREEMPT Fri Dec 9 16:44:21 KST 2011 armv7l
Build Architecture arm
Build Architecture Info
Crash Reason SIGSEGV
Crash Address 0x24
App Notes
AdapterDescription: 'NVIDIA Corporation -- NVIDIA Tegra -- OpenGL ES 2.0 -- Model: GT-P7510, Product: GT-P7510, Manufacturer: samsung, Hardware: p3'
EGL? EGL+ GL Context? GL Context+ GL Layers? GL Layers+
samsung GT-P7510
samsung/GT-P7510/GT-P7510:3.2/HTJ85B/UEKMP:user/release-keys
EMCheckCompatibility True
Adapter Vendor ID NVIDIA Corporation
Adapter Device ID NVIDIA Tegra
Frame Module Signature Source
0 libxul.so nsNPAPIPluginInstance::CreateSharedHandle xpcom/base/nsAutoPtr.h:1003
1 libxul.so nsPluginInstanceOwner::GetImageContainer dom/plugins/base/nsPluginInstanceOwner.cpp:185
2 libxul.so nsObjectFrame::BuildLayer layout/generic/nsObjectFrame.cpp:1607
3 libxul.so nsDisplayPlugin::BuildLayer layout/generic/nsObjectFrame.h:297
4 libxul.so mozilla::::ContainerState::ProcessDisplayItems layout/base/FrameLayerBuilder.cpp:1768
5 libxul.so mozilla::::ContainerState::ProcessDisplayItems layout/base/FrameLayerBuilder.cpp:1713
6 libxul.so mozilla::::ContainerState::ProcessDisplayItems layout/base/FrameLayerBuilder.cpp:1713
7 libxul.so mozilla::FrameLayerBuilder::BuildContainerLayerFor layout/base/FrameLayerBuilder.cpp:2332
8 libxul.so nsDisplayScrollLayer::BuildLayer layout/base/nsDisplayList.cpp:2198
9 libxul.so mozilla::::ContainerState::ProcessDisplayItems layout/base/FrameLayerBuilder.cpp:1768
10 libxul.so mozilla::FrameLayerBuilder::BuildContainerLayerFor layout/base/FrameLayerBuilder.cpp:2332
11 libxul.so nsDisplayOwnLayer::BuildLayer layout/base/nsDisplayList.cpp:2069
12 libxul.so mozilla::::ContainerState::ProcessDisplayItems layout/base/FrameLayerBuilder.cpp:1768
13 libxul.so mozilla::::ContainerState::ProcessDisplayItems layout/base/FrameLayerBuilder.cpp:1713
14 libxul.so mozilla::::ContainerState::ProcessDisplayItems layout/base/FrameLayerBuilder.cpp:1713
15 libxul.so mozilla::FrameLayerBuilder::BuildContainerLayerFor layout/base/FrameLayerBuilder.cpp:2332
16 libxul.so nsDisplayList::PaintForFrame layout/base/nsDisplayList.cpp:615
17 libxul.so nsDisplayList::PaintRoot layout/base/nsDisplayList.cpp:551
18 libxul.so nsLayoutUtils::PaintFrame layout/base/nsLayoutUtils.cpp:1786
19 libxul.so PresShell::Paint layout/base/nsPresShell.cpp:5290
20 libxul.so nsViewManager::Refresh view/src/nsViewManager.cpp:339
21 libxul.so nsViewManager::DispatchEvent view/src/nsViewManager.cpp:763
22 libxul.so HandleEvent view/src/nsView.cpp:127
...
More reports at:
https://crash-stats.mozilla.com/report/list?signature=nsNPAPIPluginInstance%3A%3ACreateSharedHandle
|
||
Comment 1•13 years ago
|
||
Now that we have solved the CM10 crash stuff, this is the #1 top crasher on (Aurora) 17 for Android.
tracking-firefox17:
--- → ?
|
Reporter | |
Comment 2•13 years ago
|
||
(In reply to Robert Kaiser (:kairo@mozilla.com) from comment #1)
> this is the #1 top crasher on (Aurora) 17 for Android.
... with many dupes.
|
||
Comment 3•13 years ago
|
||
(In reply to Scoobidiver from comment #2)
> (In reply to Robert Kaiser (:kairo@mozilla.com) from comment #1)
> > this is the #1 top crasher on (Aurora) 17 for Android.
> ... with many dupes.
Before tracking, I'd like to make sure that more than one user is seeing this issue. Thanks for clarifying Scoobidiver.
|
|
Reporter | |
Comment 4•13 years ago
|
||
From 19.0a1/20121009, every crash signatures on Linux have a Windows look.
For this bug, more reports at: https://crash-stats.mozilla.com/report/list?signature=nsNPAPIPluginInstance%3A%3ACreateSharedHandle%28%29
Crash Signature: [@ nsNPAPIPluginInstance::CreateSharedHandle] → [@ nsNPAPIPluginInstance::CreateSharedHandle]
[@ nsNPAPIPluginInstance::CreateSharedHandle()]
|
|
Reporter | |
Comment 5•13 years ago
|
||
It's #1 top crasher on 17.0b1 with some dupes.
Keywords: topcrash
Summary: crash in nsNPAPIPluginInstance::CreateSharedHandle on Honeycomb → crash in nsNPAPIPluginInstance::CreateSharedHandle on Honeycomb and above
|
||
Comment 6•13 years ago
|
||
Not sure if this has to do with the outage right now, but I don't see any crashes here (in fact, only 9 total) so let's see if that's still true post-outage
https://crash-stats.mozilla.com/topcrasher/byversion/FennecAndroid/17.0b1/14/browser
|
|
Reporter | |
Comment 7•13 years ago
|
||
(In reply to Lukas Blakk [:lsblakk] from comment #6)
> https://crash-stats.mozilla.com/topcrasher/byversion/FennecAndroid/17.0b1/14/
> browser
This view is updated once a day while https://crash-stats.mozilla.com/query/query?product=FennecAndroid&version=FennecAndroid%3A17.0b1&do_query=1 is updated continuously.
|
|
Reporter | |
Updated•13 years ago
|
tracking-fennec: --- → ?
|
|
||
Comment 8•13 years ago
|
||
It's the # topcrasher right now, lots of duplicate crash reports make me think this is a very reproducible bug. Passing this on to James for now since it looks to be a regression from bug 687267 flash support.
Assignee: nobody → snorp
status-firefox17:
--- → affected
status-firefox18:
--- → affected
status-firefox19:
--- → affected
|
||
Updated•13 years ago
|
tracking-fennec: ? → 17+
|
|
||
Comment 9•13 years ago
|
||
#3 topcrasher - sent email to Brad and James to find out where we're at with this.
|
Assignee | |
Comment 10•13 years ago
|
||
Attachment #675144 -
Flags: review?(blassey.bugs)
|
|
||
Updated•13 years ago
|
Attachment #675144 -
Flags: review?(blassey.bugs) → review+
|
|
Assignee | |
Comment 11•13 years ago
|
||
|
||
Comment 12•13 years ago
|
||
Status: NEW → RESOLVED
Closed: 13 years ago
Flags: in-testsuite-
Resolution: --- → FIXED
Target Milestone: --- → mozilla19
|
|
Reporter | |
Updated•13 years ago
|
status-firefox19:
affected → ---
|
|
||
Comment 13•13 years ago
|
||
Is this a safe enough fix to nominate for branch uplift? We can still take a speculative fix for tomorrow's Beta 4.
|
|
Assignee | |
Comment 14•13 years ago
|
||
Comment on attachment 675144 [details] [diff] [review]
Guard against null plugin instance on Android
[Approval Request Comment]
Low risk patch, fixes a top crasher
Attachment #675144 -
Flags: approval-mozilla-beta?
Attachment #675144 -
Flags: approval-mozilla-aurora?
|
|
||
Updated•13 years ago
|
Attachment #675144 -
Flags: approval-mozilla-beta?
Attachment #675144 -
Flags: approval-mozilla-beta+
Attachment #675144 -
Flags: approval-mozilla-aurora?
Attachment #675144 -
Flags: approval-mozilla-aurora+
|
|
Assignee | |
Comment 15•13 years ago
|
||
|
|
Assignee | |
Updated•13 years ago
|
|
||
Updated•3 years ago
|
Product: Core → Core Graveyard
You need to log in
before you can comment on or make changes to this bug.
Description
•