Closed
Bug 820905
Opened 12 years ago
Closed 12 years ago
crash in nsNPAPIPluginInstance::UnscheduleTimer
Categories
(Core Graveyard :: Plug-ins, defect)
Tracking
(firefox18+ fixed, firefox19+ fixed, firefox20 fixed, b2g18 fixed, fennec18+)
RESOLVED
FIXED
mozilla20
People
(Reporter: scoobidiver, Assigned: snorp)
References
Details
(Keywords: crash, regression, topcrash, Whiteboard: [native-crash])
Crash Data
It's #1 top crasher in 19.0a2 over the last day.
It first showed up in 20.0a1/20121212 and 19.0a2/20121212. The regression ranges are:
http://hg.mozilla.org/mozilla-central/pushloghtml?fromchange=4dfe323a663d&tochange=634180132e68
http://hg.mozilla.org/releases/mozilla-aurora/pushloghtml?fromchange=c042ea08a2b4&tochange=cb34bd8957ec
It's likely a regression from bug 800838.
18.0b4 will be affected.
Signature @0x0 | nsNPAPIPluginInstance::UnscheduleTimer(unsigned int) More Reports Search
UUID ef746b24-3096-44fd-b0fd-d9a5d2121212
Date Processed 2012-12-12 16:58:19
Uptime 56
Install Age 56 seconds since version was first installed.
Install Time 2012-12-12 16:57:08
Product FennecAndroid
Version 19.0a2
Build ID 20121212042015
Release Channel aurora
OS Android
OS Version 0.0.0 Linux 3.0.15-1029495-user #1 SMP PREEMPT Mon Aug 13 22:20:09 KST 2012 armv7l samsung/m0bv/m0:4.0.4/IMM76D/I9300BVBLH2:user/release-keys
Build Architecture arm
Build Architecture Info
Crash Reason SIGSEGV
Crash Address 0x0
App Notes
AdapterDescription: 'ARM -- Mali-400 MP -- OpenGL ES 2.0 -- Model: GT-I9300, Product: m0bv, Manufacturer: samsung, Hardware: smdk4x12'
EGL? EGL+ GL Context? GL Context+ GL Layers? GL Layers+
samsung GT-I9300
samsung/m0bv/m0:4.0.4/IMM76D/I9300BVBLH2:user/release-keys
Processor Notes /data/socorro/stackwalk/bin/exploitable: ERROR: unable to analyze dump
EMCheckCompatibility True
Adapter Vendor ID ARM
Adapter Device ID Mali-400 MP
Device samsung GT-I9300
Android API Version 15 (REL)
Android CPU ABI armeabi-v7a
Frame Module Signature Source
0 @0x0
1 libxul.so nsNPAPIPluginInstance::UnscheduleTimer nsNPAPIPluginInstance.cpp:1482
2 @0x4001
3 libxul.so nsTimerEvent::Run nsTimerImpl.cpp:565
4 libxul.so nsThread::ProcessNextEvent nsThread.cpp:627
5 libxul.so NS_ProcessNextEvent_P nsThreadUtils.cpp:221
6 libxul.so mozilla::ipc::MessagePump::Run MessagePump.cpp:117
7 libxul.so MessageLoop::RunInternal message_loop.cc:215
8 libxul.so MessageLoop::Run message_loop.cc:208
9 libxul.so nsBaseAppShell::Run nsBaseAppShell.cpp:163
10 libxul.so nsAppStartup::Run nsAppStartup.cpp:290
11 libxul.so XREMain::XRE_mainRun nsAppRunner.cpp:3823
12 libxul.so XREMain::XRE_main nsAppRunner.cpp:3890
13 libxul.so XRE_main nsAppRunner.cpp:4084
More reports at:
https://crash-stats.mozilla.com/report/list?signature=%400x0+|+nsNPAPIPluginInstance%3A%3AUnscheduleTimer%28unsigned+int%29
Reporter | ||
Comment 1•12 years ago
|
||
More reports also at:
https://crash-stats.mozilla.com/report/list?signature=PluginTimerCallback
Crash Signature: [@ @0x0 | nsNPAPIPluginInstance::UnscheduleTimer(unsigned int)] → [@ @0x0 | nsNPAPIPluginInstance::UnscheduleTimer(unsigned int)]
[@ PluginTimerCallback]
Comment 2•12 years ago
|
||
Snorp - can you start looking at this already given the impact to FF19 and likely impact to FF18? If the crash volume is higher than bug 800838, we'll obviously back it out, but we'd prefer a forward fix landed asap.
Assignee: nobody → snorp
Updated•12 years ago
|
Reporter | ||
Comment 3•12 years ago
|
||
(In reply to Alex Keybl [:akeybl] from comment #2)
> If the crash volume is higher than bug 800838, we'll obviously back it out
Yes, it is. It accounts for 64% of crashes in 19.0a2 over the last day.
18.0b4 will be unusable.
Severity: critical → blocker
Comment 4•12 years ago
|
||
I'm seeing this crash on http://www.youtube.com/embed/oa2EQpbgKpc
with my Samsung Galaxy Nexus, using latest Aurora build with plugins enabled.
Reporter | ||
Updated•12 years ago
|
Crash Signature: [@ @0x0 | nsNPAPIPluginInstance::UnscheduleTimer(unsigned int)]
[@ PluginTimerCallback] → [@ @0x0 | nsNPAPIPluginInstance::UnscheduleTimer(unsigned int)]
[@ @0x0 | nsNPAPIPluginInstance::UnscheduleTimer]
[@ PluginTimerCallback]
Updated•12 years ago
|
tracking-fennec: ? → 18+
Reporter | ||
Comment 5•12 years ago
|
||
Fixed by the backout of bug 800838 not yet landed in m-c.
Reporter | ||
Updated•12 years ago
|
Crash Signature: [@ @0x0 | nsNPAPIPluginInstance::UnscheduleTimer(unsigned int)]
[@ @0x0 | nsNPAPIPluginInstance::UnscheduleTimer]
[@ PluginTimerCallback] → [@ @0x0 | nsNPAPIPluginInstance::UnscheduleTimer(unsigned int)]
[@ nsNPAPIPluginInstance::UnscheduleTimer(unsigned int)]
[@ @0x0 | nsNPAPIPluginInstance::UnscheduleTimer]
[@ PluginTimerCallback]
Reporter | ||
Updated•12 years ago
|
Crash Signature: [@ @0x0 | nsNPAPIPluginInstance::UnscheduleTimer(unsigned int)]
[@ nsNPAPIPluginInstance::UnscheduleTimer(unsigned int)]
[@ @0x0 | nsNPAPIPluginInstance::UnscheduleTimer]
[@ PluginTimerCallback] → [@ @0x0 | nsNPAPIPluginInstance::UnscheduleTimer(unsigned int)]
[@ nsNPAPIPluginInstance::UnscheduleTimer(unsigned int)]
[@ @0x0 | nsNPAPIPluginInstance::UnscheduleTimer]
[@ PluginTimerCallback]
[@ nsDocShell::GetInterface(nsID const& void**)]
[@ nsD…
Comment 6•12 years ago
|
||
Status: NEW → RESOLVED
Closed: 12 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla20
Reporter | ||
Updated•12 years ago
|
Updated•12 years ago
|
Comment 7•12 years ago
|
||
status-b2g18:
--- → fixed
Updated•3 years ago
|
Product: Core → Core Graveyard
You need to log in
before you can comment on or make changes to this bug.
Description
•