Bug 137426

Summary: [X11] Plugin process crashes in NetscapePlugin::platformPostInitialize()
Product: WebKit Reporter: Michael Catanzaro <mcatanzaro>
Component: WebKitGTKAssignee: Nobody <webkit-unassigned>
Status: RESOLVED FIXED    
Severity: Critical CC: cgarcia, gustavo, pnormand
Priority: P2    
Version: 528+ (Nightly build)   
Hardware: PC   
OS: Linux   
Attachments:
Description Flags
Patch darin: review+

Michael Catanzaro
Reported 2014-10-04 18:14:39 PDT
Here's another crash that's been hit a lot in Fedora, a SIGABRT when (presumably) starting Flash: Downstream report: https://bugzilla.redhat.com/show_bug.cgi?id=1139316 Crash statistics: https://retrace.fedoraproject.org/faf/reports/426221/ Full backtrace: https://bugzilla.redhat.com/attachment.cgi?id=935404
Attachments
Patch (3.39 KB, patch)
2014-10-09 06:40 PDT, Carlos Garcia Campos 		darin: review+
DetailsFormatted DiffDiff
View All Add attachment proposed patch, testcase, etc.
Michael Catanzaro
Comment 1 2014-10-08 09:14:44 PDT
Probably the same as this crash: https://retrace.fedoraproject.org/faf/reports/444412/
Carlos Garcia Campos
Comment 2 2014-10-08 09:28:22 PDT
How can I try to reproduce it? Does it happen for any website having flash?
Michael Catanzaro
Comment 3 2014-10-08 11:44:30 PDT
vrutkovs: mcatanzaro: sorry, no info, it just happened during the day of F21 usage mcatanzaro: vrutkovs: Alas. OK, thanks. vrutkovs: my workstation has been doing lots of background tasks recently so it might be one of these race condition bugs mcatanzaro: Well there's over 900 reports so it's not just you. I'll ask in the downstream bug in case someone else has noticed a pattern.
Carlos Garcia Campos
Comment 4 2014-10-09 06:35:24 PDT
I managed to reproduce this, or at least a similar crash, because here it crashes in NetscapePlugin::initialize, like the bt in comment #2. The thing is that flash in crashing in NPP_GetValue when called with NPPVpluginCancelSrcStream. #0 0x00007f6e52ecb873 in ?? () from /usr/lib/mozilla/plugins/flash-mozilla.so #1 0x00007f6e5306ed1c in ?? () from /usr/lib/mozilla/plugins/flash-mozilla.so #2 0x0000000000b2a2c4 in WebKit::NetscapePlugin::initialize(WebKit::Plugin::Parameters const&) () #3 0x0000000000b015df in WebKit::PluginControllerProxy::initialize(WebKit::PluginCreationParameters const&) () #4 0x0000000000b0569f in WebKit::WebProcessConnection::createPluginInternal(WebKit::PluginCreationParameters const&, bool&, bool&, unsigned int&) () Only adobe can know why, though, but the thing is that it only crashes for windowed plugins, adding wmode=opaque as parameter or not calling NPP_GetValue and always loading the source URL, fixes the crash and the flash thing works perfectly. So, the only thing I can think of is adding a plugin quirk to handle this specific case.
Carlos Garcia Campos
Comment 5 2014-10-09 06:40:36 PDT
Created attachment 239532 [details] Patch
Carlos Garcia Campos
Comment 6 2014-10-09 09:58:58 PDT
Committed r174507: <http://trac.webkit.org/changeset/174507>
Note You need to log in before you can comment on or make changes to this bug.