Ubuntu
firefox package

Bug #875538
Comment #7

Comment 7 for bug 875538

Revision history for this message

Ryan Tandy (rtandy) wrote on 2011-10-26:

pstree:

firefox-bin─┬─plugin-containe───{plugin-contain}
└─2*[{firefox-bin}]

backtraces for firefox-bin (3 threads):

#0 0x00463422 in __kernel_vsyscall ()
#1 0x00830b5d in pthread_join () from /lib/tls/i686/cmov/libpthread.so.0
#2 0x01666f32 in PlatformThread::Join (thread_handle=3073375088) at ./src/base/platform_thread_posix.cc:119
#3 0x016546b1 in base::Thread::Stop (this=0xb7601200) at ./src/base/thread.cc:114
#4 0x015ed24b in ~BrowserProcessSubThread (this=0xb7601200, __in_chrg=<value optimized out>) at BrowserProcessSubThread.cpp:89
#5 0x0167c957 in mozilla::ShutdownXPCOM (servMgr=0xb7661344) at nsXPComInit.cpp:979
#6 0x00d3bf54 in ~ScopedXPCOMStartup (this=0xbfd2a75c, __in_chrg=<value optimized out>) at nsAppRunner.cpp:1052
#7 0x00d3fee4 in XRE_main (argc=1, argv=0xbfd2aa14, aAppData=0xb7618380) at nsAppRunner.cpp:3539
#8 0x00ac49e3 in main (argc=1, argv=0xbfd2aa14) at nsBrowserApp.cpp:158

#0 0x006b1422 in __kernel_vsyscall ()
#1 0x17788b86 in poll () from /lib/tls/i686/cmov/libc.so.6
#2 0x00eea8e9 in google_breakpad::CrashGenerationServer::Run (this=0xacfe7310) at crash_generation_server.cc:278
#3 0x00eea94c in google_breakpad::CrashGenerationServer::ThreadMain (arg=0xacfe7310) at crash_generation_server.cc:462
#4 0x00c3a96e in start_thread () from /lib/tls/i686/cmov/libpthread.so.0
#5 0x17796a4e in clone () from /lib/tls/i686/cmov/libc.so.6

#0 0x006b1422 in __kernel_vsyscall ()
#1 0x00c42e0b in waitpid () from /lib/tls/i686/cmov/libpthread.so.0
#2 0x0180e36f in WaitForChildExit (this=0xab62e130) at ./src/chrome/common/process_watcher_posix_sigchld.cc:112
#3 0x0180e3d4 in KillProcess (this=0xab62e130) at ./src/chrome/common/process_watcher_posix_sigchld.cc:159
#4 0x0180e51a in ~ChildGrimReaper (this=0xab62e130, __in_chrg=<value optimized out>) at ./src/chrome/common/process_watcher_posix_sigchld.cc:134
#5 0x017e5d33 in MessageLoop::DeletePendingTasks (this=0xb71ff1d8) at ./src/base/message_loop.cc:422
#6 0x017e695d in ~MessageLoop (this=0xb71ff1d8, __in_chrg=<value optimized out>) at ./src/base/message_loop.cc:148
#7 0x017f25a0 in base::Thread::ThreadMain (this=0xb7501200) at ./src/base/thread.cc:175
#8 0x01804f0b in ThreadFunc (closure=0xb7501200) at ./src/base/platform_thread_posix.cc:26
#9 0x00c3a96e in start_thread () from /lib/tls/i686/cmov/libpthread.so.0
#10 0x17796a4e in clone () from /lib/tls/i686/cmov/libc.so.6

I wasn't able to attach to the plugin-container process. gdb says "ptrace: Operation not permitted".

So far I've only been able to reproduce this bug on machines with NVIDIA graphics hardware and Flash 11. All of them have been running the nvidia-current proprietary driver; I haven't had a chance to check nv yet. My laptop with ATi graphics and my Virtualbox VMs don't seem to be affected. We downgraded a lot of workstations to the previous adobe-flashplugin package (10.3) to work around the bug.

pstree:

firefox-bin─┬─plugin-containe───{plugin-contain}
            └─2*[{firefox-bin}]

backtraces for firefox-bin (3 threads):

#0  0x00463422 in __kernel_vsyscall ()
#1  0x00830b5d in pthread_join () from /lib/tls/i686/cmov/libpthread.so.0
#2  0x01666f32 in PlatformThread::Join (thread_handle=3073375088) at ./src/base/platform_thread_posix.cc:119
#3  0x016546b1 in base::Thread::Stop (this=0xb7601200) at ./src/base/thread.cc:114
#4  0x015ed24b in ~BrowserProcessSubThread (this=0xb7601200, __in_chrg=<value optimized out>) at BrowserProcessSubThread.cpp:89
#5  0x0167c957 in mozilla::ShutdownXPCOM (servMgr=0xb7661344) at nsXPComInit.cpp:979
#6  0x00d3bf54 in ~ScopedXPCOMStartup (this=0xbfd2a75c, __in_chrg=<value optimized out>) at nsAppRunner.cpp:1052
#7  0x00d3fee4 in XRE_main (argc=1, argv=0xbfd2aa14, aAppData=0xb7618380) at nsAppRunner.cpp:3539
#8  0x00ac49e3 in main (argc=1, argv=0xbfd2aa14) at nsBrowserApp.cpp:158

#0  0x006b1422 in __kernel_vsyscall ()
#1  0x17788b86 in poll () from /lib/tls/i686/cmov/libc.so.6
#2  0x00eea8e9 in google_breakpad::CrashGenerationServer::Run (this=0xacfe7310) at crash_generation_server.cc:278
#3  0x00eea94c in google_breakpad::CrashGenerationServer::ThreadMain (arg=0xacfe7310) at crash_generation_server.cc:462
#4  0x00c3a96e in start_thread () from /lib/tls/i686/cmov/libpthread.so.0
#5  0x17796a4e in clone () from /lib/tls/i686/cmov/libc.so.6

#0  0x006b1422 in __kernel_vsyscall ()
#1  0x00c42e0b in waitpid () from /lib/tls/i686/cmov/libpthread.so.0
#2  0x0180e36f in WaitForChildExit (this=0xab62e130) at ./src/chrome/common/process_watcher_posix_sigchld.cc:112
#3  0x0180e3d4 in KillProcess (this=0xab62e130) at ./src/chrome/common/process_watcher_posix_sigchld.cc:159
#4  0x0180e51a in ~ChildGrimReaper (this=0xab62e130, __in_chrg=<value optimized out>) at ./src/chrome/common/process_watcher_posix_sigchld.cc:134
#5  0x017e5d33 in MessageLoop::DeletePendingTasks (this=0xb71ff1d8) at ./src/base/message_loop.cc:422
#6  0x017e695d in ~MessageLoop (this=0xb71ff1d8, __in_chrg=<value optimized out>) at ./src/base/message_loop.cc:148
#7  0x017f25a0 in base::Thread::ThreadMain (this=0xb7501200) at ./src/base/thread.cc:175
#8  0x01804f0b in ThreadFunc (closure=0xb7501200) at ./src/base/platform_thread_posix.cc:26
#9  0x00c3a96e in start_thread () from /lib/tls/i686/cmov/libpthread.so.0
#10 0x17796a4e in clone () from /lib/tls/i686/cmov/libc.so.6

I wasn't able to attach to the plugin-container process.  gdb says "ptrace: Operation not permitted".

So far I've only been able to reproduce this bug on machines with NVIDIA graphics hardware and Flash 11.  All of them have been running the nvidia-current proprietary driver; I haven't had a chance to check nv yet.  My laptop with ATi graphics and my Virtualbox VMs don't seem to be affected.  We downgraded a lot of workstations to the previous adobe-flashplugin package (10.3) to work around the bug.

Ubuntufirefox package

Comment 7 for bug 875538

Ubuntu
firefox package