Closed
Bug 834459
Opened 12 years ago
Closed 12 years ago
CustomElf refCnt assert when loading Flash plugin on Android
Categories
(Firefox for Android Graveyard :: Plugins, defect)
Tracking
(firefox21 fixed)
RESOLVED
FIXED
Firefox 21
| Tracking | Status | |
|---|---|---|
| firefox21 | --- | fixed |
People
(Reporter: cpeterson, Assigned: glandium)
References
()
Details
(Whiteboard: regression)
Attachments
(2 files)
When using an optimized debug build and a clean profile directory, almost any website with Flash is crashing.
STR:
1. Ensure Firefox's "Plugins" setting is "Tap to play" or "Enabled".
2. Load https://addons.mozilla.org/en-US/android/ or https://support.mozilla.org/en-US/products/mobile
RESULT:
CRASH!
CustomElf's refCnt is -57005 (0xffff2153)?!
E/GeckoLinker( 2799): /data/app-lib/com.adobe.flashplayer-1/libflashplayer.so: Text relocations are not supported
F/MOZ_Assert( 2799): Assertion failure: refCnt >= 0, at ../../dist/include/mozilla/RefPtr.h:54
F/libc ( 2799): Fatal signal 11 (SIGSEGV) at 0x00000000 (code=1), thread 2817 (Gecko)
|
Reporter | |
Comment 1•12 years ago
|
||
I tested an unoptimized debug build. The crash's stack trace and refCnt were the same.
|
|
Reporter | |
Updated•12 years ago
|
status-firefox21:
--- → affected
|
Assignee | |
Comment 2•12 years ago
|
||
Remote debugging through irc confirmed to be a regression from bug 830295.
Blocks: 830295
Whiteboard: regression
|
|
Assignee | |
Updated•12 years ago
|
Assignee: nobody → mh+mozilla
|
|
Assignee | |
Comment 3•12 years ago
|
||
Attachment #706992 -
Flags: review?(nfroyd)
|
|
Assignee | |
Comment 4•12 years ago
|
||
Comment on attachment 706992 [details] [diff] [review]
Specialize RefCounted template for LibHandle to better allow refcounting during destructor execution.
Chris, can you double check this works for you? (it's different from the one I had you test last week)
Attachment #706992 -
Flags: feedback?(cpeterson)
|
||
Comment 5•12 years ago
|
||
Comment on attachment 706992 [details] [diff] [review]
Specialize RefCounted template for LibHandle to better allow refcounting during destructor execution.
Review of attachment 706992 [details] [diff] [review]:
-----------------------------------------------------------------
::: mozglue/linker/CustomElf.cpp
@@ +227,5 @@
> CustomElf::~CustomElf()
> {
> /* While running the destructors, on-demand decompression may get new
> * references on this object, and releasing these references would call
> * the destructor again. Avoid this by always having the refcount > 0 */
This comment is unnecessary now.
Attachment #706992 -
Flags: review?(nfroyd) → review+
|
|
Reporter | |
Comment 6•12 years ago
|
||
Comment on attachment 706992 [details] [diff] [review]
Specialize RefCounted template for LibHandle to better allow refcounting during destructor execution.
Review of attachment 706992 [details] [diff] [review]:
-----------------------------------------------------------------
I tested this patch with Flash and it works for me.
Attachment #706992 -
Flags: feedback?(cpeterson) → feedback+
|
|
Assignee | |
Comment 7•12 years ago
|
||
|
||
Comment 8•12 years ago
|
||
Status: NEW → RESOLVED
Closed: 12 years ago
Resolution: --- → FIXED
Target Milestone: --- → Firefox 21
|
||
Updated•12 years ago
|
|
||
Updated•7 years ago
|
Product: Firefox for Android → Firefox for Android Graveyard
You need to log in
before you can comment on or make changes to this bug.
Description
•