Closed Bug 876270 Opened 12 years ago Closed 12 years ago

crash in mozilla::plugins::parent::_getvalue

Categories

(Core Graveyard :: Plug-ins, defect)

Product:
Core Graveyard
Component:
Plug-ins
Version:
24 Branch
Platform:
ARM
Android
Type:
defect
Priority:
Not set
Severity:
blocker

Tracking

(firefox23 unaffected, firefox24+ fixed)

Status:
RESOLVED FIXED
Milestone:
mozilla24
Tracking Flags:
Tracking Status
firefox23 --- unaffected
firefox24 + fixed

People

(Reporter: scoobidiver, Assigned: blassey)

References

Details

(Keywords: crash, regression, topcrash, Whiteboard: [native-crash][startupcrash])

Crash Data

Attachments

(1 file)

patch
2.61 KB, patch
snorp
: review+
Details | Diff | Splinter Review
It first showed up in 24.0a1/20130526 with an hourly crash rate of 13 crashes/hour. The regression range is: http://hg.mozilla.org/mozilla-central/pushloghtml?fromchange=7a2f7a45819a&tochange=0fed3377c839 Signature mozilla::plugins::parent::_getvalue More Reports Search UUID a24599ca-3340-4f17-a113-fadd52130526 Date Processed 2013-05-26 16:29:17 Uptime 74 Last Crash 1.4 minutes before submission Install Age 12.6 minutes since version was first installed. Install Time 2013-05-26 16:07:03 Product FennecAndroid Version 24.0a1 Build ID 20130526031046 Release Channel nightly OS Android OS Version 0.0.0 Linux 3.0.31-813049 #1 SMP PREEMPT Thu Apr 25 21:04:17 KST 2013 armv7l samsung/p4notewifiue/p4notewifi:4.1.2/JZO54K/N8013UEUCMD3:user/release-keys Build Architecture arm Build Architecture Info ARMv0 Crash Reason SIGSEGV Crash Address 0xc App Notes AdapterDescription: 'ARM -- Mali-400 MP -- OpenGL ES 2.0 -- Model: GT-N8013, Product: p4notewifiue, Manufacturer: samsung, Hardware: smdk4x12' GL Layers! EGL? EGL+ GL Context? GL Context+ GL Layers+ samsung GT-N8013 samsung/p4notewifiue/p4notewifi:4.1.2/JZO54K/N8013UEUCMD3:user/release-keys Processor Notes sp-processor07_phx1_mozilla_com_22302:2012; exploitability tool: ERROR: unable to analyze dump EMCheckCompatibility True Adapter Vendor ID ARM Adapter Device ID Mali-400 MP Device samsung GT-N8013 Android API Version 16 (REL) Android CPU ABI armeabi-v7a Frame Module Signature Source 0 libdvm.so libdvm.so@0x49704 1 libxul.so mozilla::plugins::parent::_getvalue android-ndk-r8e-arm-gcc4.6/platforms/android-9/arch-arm/usr/include/jni.h:805 ... 15 libxul.so mozilla::PluginPRLibrary::NP_Initialize dom/plugins/base/PluginPRLibrary.cpp:52 16 libxul.so mozilla::PluginPRLibrary::NP_Shutdown dom/plugins/base/PluginPRLibrary.cpp:125 17 libnss3.so PR_UnloadLibrary nsprpub/pr/src/linking/prlink.c:1041 18 libxul.so mozilla::PluginPRLibrary::NPP_New dom/plugins/base/PluginPRLibrary.cpp:204 19 libxul.so nsNPAPIPlugin::CreatePlugin dom/plugins/base/nsNPAPIPlugin.cpp:461 20 libxul.so nsLocalFile::Append xpcom/io/nsLocalFileUnix.cpp:1931 21 libxul.so nsLocalFile::Release obj-firefox/dist/include/mozilla/mozalloc.h:225 22 libxul.so nsLocalFile::Append xpcom/io/nsLocalFileUnix.cpp:1931 23 libxul.so nsPluginHost::EnsurePluginLoaded dom/plugins/base/nsPluginHost.cpp:1422 More reports at: https://crash-stats.mozilla.com/report/list?signature=mozilla%3A%3Aplugins%3A%3Aparent%3A%3A_getvalue
I suspect bug 867517.
Crash Signature: [@ mozilla::plugins::parent::_getvalue] → [@ mozilla::plugins::parent::_getvalue] [@ libstdc++.so@0x8f7] [@ libc malloc (deleted)@0x1505e ] [@ libc malloc (deleted)@0x83e ] [@ libc malloc (deleted)@0xdc6 ] [@ libc malloc (deleted)@0xff7e ] [@ libflashplayer.so@0x79c8ff ]
Summary: crash in mozilla::plugins::parent::_getvalue on ICS and above → crash in mozilla::plugins::parent::_getvalue
Crash Signature: [@ mozilla::plugins::parent::_getvalue] [@ libstdc++.so@0x8f7] [@ libc malloc (deleted)@0x1505e ] [@ libc malloc (deleted)@0x83e ] [@ libc malloc (deleted)@0xdc6 ] [@ libc malloc (deleted)@0xff7e ] [@ libflashplayer.so@0x79c8ff ] → [@ mozilla::plugins::parent::_getvalue] [@ JNI_CreateJavaVM | mozilla::plugins::parent::_getvalue] [@ libstdc++.so@0x8f7] [@ libc malloc (deleted)@0x1505e ] [@ libc malloc (deleted)@0x6cbe ] [@ libc malloc (deleted)@0x83e ] [@ libc malloc (deleted)@…
blassey, does bug 867517 affect Android Fx or is it just the glue for external embedders?
Flags: needinfo?(blassey.bugs)
The bug itself isn't supposed to impact Android Fx, but what has landed so far is a refactor patch. If it caused a crash, I broke something in the refactor.
Flags: needinfo?(blassey.bugs)
Attached patch patchSplinter Review
Assignee: nobody → blassey.bugs
Attachment #754872 - Flags: review?(snorp)
Comment on attachment 754872 [details] [diff] [review] patch Review of attachment 754872 [details] [diff] [review]: ----------------------------------------------------------------- Looks good. It seems weird to return a local ref, but I just checked the Android source and they do the same thing. Whatever. ::: dom/plugins/base/nsNPAPIPlugin.cpp @@ +2266,3 @@ > return NPERR_GENERIC_ERROR; > > + jobject ret = bridge->GetContext(); Probably want to return an error is this is null
Attachment #754872 - Flags: review?(snorp) → review+
https://hg.mozilla.org/mozilla-central/rev/f94b15104c8c
Status: NEW → RESOLVED
Closed: 12 years ago
status-firefox24: affectedfixed
Resolution: --- → FIXED
Target Milestone: --- → mozilla24
tracking-fennec: ? → ---
Product: Core → Core Graveyard
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: