Closed
Bug 820905
Opened 12 years ago
Closed 12 years ago
crash in nsNPAPIPluginInstance::UnscheduleTimer
Categories
(Core Graveyard :: Plug-ins, defect)
Tracking
(firefox18+ fixed, firefox19+ fixed, firefox20 fixed, b2g18 fixed, fennec18+)
RESOLVED
FIXED
mozilla20
People
(Reporter: scoobidiver, Assigned: snorp)
References
Details
(Keywords: crash, regression, topcrash, Whiteboard: [native-crash])
Crash Data
It's #1 top crasher in 19.0a2 over the last day. It first showed up in 20.0a1/20121212 and 19.0a2/20121212. The regression ranges are: http://hg.mozilla.org/mozilla-central/pushloghtml?fromchange=4dfe323a663d&tochange=634180132e68 http://hg.mozilla.org/releases/mozilla-aurora/pushloghtml?fromchange=c042ea08a2b4&tochange=cb34bd8957ec It's likely a regression from bug 800838. 18.0b4 will be affected. Signature @0x0 | nsNPAPIPluginInstance::UnscheduleTimer(unsigned int) More Reports Search UUID ef746b24-3096-44fd-b0fd-d9a5d2121212 Date Processed 2012-12-12 16:58:19 Uptime 56 Install Age 56 seconds since version was first installed. Install Time 2012-12-12 16:57:08 Product FennecAndroid Version 19.0a2 Build ID 20121212042015 Release Channel aurora OS Android OS Version 0.0.0 Linux 3.0.15-1029495-user #1 SMP PREEMPT Mon Aug 13 22:20:09 KST 2012 armv7l samsung/m0bv/m0:4.0.4/IMM76D/I9300BVBLH2:user/release-keys Build Architecture arm Build Architecture Info Crash Reason SIGSEGV Crash Address 0x0 App Notes AdapterDescription: 'ARM -- Mali-400 MP -- OpenGL ES 2.0 -- Model: GT-I9300, Product: m0bv, Manufacturer: samsung, Hardware: smdk4x12' EGL? EGL+ GL Context? GL Context+ GL Layers? GL Layers+ samsung GT-I9300 samsung/m0bv/m0:4.0.4/IMM76D/I9300BVBLH2:user/release-keys Processor Notes /data/socorro/stackwalk/bin/exploitable: ERROR: unable to analyze dump EMCheckCompatibility True Adapter Vendor ID ARM Adapter Device ID Mali-400 MP Device samsung GT-I9300 Android API Version 15 (REL) Android CPU ABI armeabi-v7a Frame Module Signature Source 0 @0x0 1 libxul.so nsNPAPIPluginInstance::UnscheduleTimer nsNPAPIPluginInstance.cpp:1482 2 @0x4001 3 libxul.so nsTimerEvent::Run nsTimerImpl.cpp:565 4 libxul.so nsThread::ProcessNextEvent nsThread.cpp:627 5 libxul.so NS_ProcessNextEvent_P nsThreadUtils.cpp:221 6 libxul.so mozilla::ipc::MessagePump::Run MessagePump.cpp:117 7 libxul.so MessageLoop::RunInternal message_loop.cc:215 8 libxul.so MessageLoop::Run message_loop.cc:208 9 libxul.so nsBaseAppShell::Run nsBaseAppShell.cpp:163 10 libxul.so nsAppStartup::Run nsAppStartup.cpp:290 11 libxul.so XREMain::XRE_mainRun nsAppRunner.cpp:3823 12 libxul.so XREMain::XRE_main nsAppRunner.cpp:3890 13 libxul.so XRE_main nsAppRunner.cpp:4084 More reports at: https://crash-stats.mozilla.com/report/list?signature=%400x0+|+nsNPAPIPluginInstance%3A%3AUnscheduleTimer%28unsigned+int%29
|
Reporter | |
Comment 1•12 years ago
|
||
More reports also at: https://crash-stats.mozilla.com/report/list?signature=PluginTimerCallback
Crash Signature: [@ @0x0 | nsNPAPIPluginInstance::UnscheduleTimer(unsigned int)] → [@ @0x0 | nsNPAPIPluginInstance::UnscheduleTimer(unsigned int)]
[@ PluginTimerCallback]
|
||
Comment 2•12 years ago
|
||
Snorp - can you start looking at this already given the impact to FF19 and likely impact to FF18? If the crash volume is higher than bug 800838, we'll obviously back it out, but we'd prefer a forward fix landed asap.
Assignee: nobody → snorp
|
|
||
Updated•12 years ago
|
|
|
Reporter | |
Comment 3•12 years ago
|
||
(In reply to Alex Keybl [:akeybl] from comment #2) > If the crash volume is higher than bug 800838, we'll obviously back it out Yes, it is. It accounts for 64% of crashes in 19.0a2 over the last day. 18.0b4 will be unusable.
Severity: critical → blocker
|
||
Comment 4•12 years ago
|
||
I'm seeing this crash on http://www.youtube.com/embed/oa2EQpbgKpc with my Samsung Galaxy Nexus, using latest Aurora build with plugins enabled.
|
|
Reporter | |
Updated•12 years ago
|
Crash Signature: [@ @0x0 | nsNPAPIPluginInstance::UnscheduleTimer(unsigned int)]
[@ PluginTimerCallback] → [@ @0x0 | nsNPAPIPluginInstance::UnscheduleTimer(unsigned int)]
[@ @0x0 | nsNPAPIPluginInstance::UnscheduleTimer]
[@ PluginTimerCallback]
|
||
Updated•12 years ago
|
tracking-fennec: ? → 18+
|
|
Reporter | |
Comment 5•12 years ago
|
||
Fixed by the backout of bug 800838 not yet landed in m-c.
|
|
Reporter | |
Updated•12 years ago
|
Crash Signature: [@ @0x0 | nsNPAPIPluginInstance::UnscheduleTimer(unsigned int)]
[@ @0x0 | nsNPAPIPluginInstance::UnscheduleTimer]
[@ PluginTimerCallback] → [@ @0x0 | nsNPAPIPluginInstance::UnscheduleTimer(unsigned int)]
[@ nsNPAPIPluginInstance::UnscheduleTimer(unsigned int)]
[@ @0x0 | nsNPAPIPluginInstance::UnscheduleTimer]
[@ PluginTimerCallback]
|
|
Reporter | |
Updated•12 years ago
|
Crash Signature: [@ @0x0 | nsNPAPIPluginInstance::UnscheduleTimer(unsigned int)]
[@ nsNPAPIPluginInstance::UnscheduleTimer(unsigned int)]
[@ @0x0 | nsNPAPIPluginInstance::UnscheduleTimer]
[@ PluginTimerCallback] → [@ @0x0 | nsNPAPIPluginInstance::UnscheduleTimer(unsigned int)]
[@ nsNPAPIPluginInstance::UnscheduleTimer(unsigned int)]
[@ @0x0 | nsNPAPIPluginInstance::UnscheduleTimer]
[@ PluginTimerCallback]
[@ nsDocShell::GetInterface(nsID const& void**)]
[@ nsD…
|
||
Comment 6•12 years ago
|
||
https://hg.mozilla.org/mozilla-central/rev/437aa90c4fe7
Status: NEW → RESOLVED
Closed: 12 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla20
|
|
Reporter | |
Updated•12 years ago
|
|
|
||
Updated•12 years ago
|
|
||
Comment 7•12 years ago
|
||
https://hg.mozilla.org/releases/mozilla-b2g18/rev/84bba6bf11bb
status-b2g18:
--- → fixed
|
||
Updated•2 years ago
|
Product: Core → Core Graveyard
You need to log in
before you can comment on or make changes to this bug.
Description
•