Bug 228710

Summary: nspluginviewer crashes because of flash
Product: [Applications] konqueror Reporter: kavol <kavol>
Component: nspluginviewerAssignee: Konqueror Developers <konq-bugs>
Status: RESOLVED DUPLICATE    
Severity: crash CC: frank78ac
Priority: NOR    
Version First Reported In: unspecified   
Target Milestone: ---   
Platform: Unlisted Binaries   
OS: Linux   
Latest Commit: Version Fixed In:
Sentry Crash Report:

Description kavol 2010-02-27 08:00:37 UTC 
Application that crashed: nspluginviewer
Version of the application: 
KDE Version: 4.3.5 (KDE 4.3.5)
Qt Version: 4.5.3
Operating System: Linux 2.6.31-gentoo-r6 x86_64

What I was doing when the application crashed:
this happens quite often (not 100%) while trying to watch a series at TV JOJ, for example here:
http://televizia.joj.sk/tv-archiv/panelak/24-02-2010.html

while this is clearly a problem of Flash itself, still I think it should not shot down the wrapper (you know, if you run a crashing program in gdb, gdb itself does not crash, at least usually :-))

btw, and it doesn't seem to be a duplicate of 193273, IMHO

 -- Backtrace:
Application: nspluginviewer (nspluginviewer), signal: Segmentation fault
The current source language is "auto; currently c".
[Current thread is 1 (Thread 0x7fc6ab464740 (LWP 2920))]

Thread 5 (Thread 0x7fc69e565910 (LWP 2924)):
#0  pthread_cond_wait@@GLIBC_2.3.2 () at ../nptl/sysdeps/unix/sysv/linux/x86_64/pthread_cond_wait.S:261
#1  0x00007fc69fe88fdc in ?? () from /opt/netscape/plugins/libflashplayer.so
#2  0x00007fc69ff8ff6d in ?? () from /opt/netscape/plugins/libflashplayer.so
#3  0x00007fc69fe89401 in ?? () from /opt/netscape/plugins/libflashplayer.so
#4  0x00000033802072a7 in start_thread (arg=<value optimized out>) at pthread_create.c:297
#5  0x000000337f6d06ad in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:112
#6  0x0000000000000000 in ?? ()

Thread 4 (Thread 0x7fc69dd64910 (LWP 2925)):
#0  pthread_cond_wait@@GLIBC_2.3.2 () at ../nptl/sysdeps/unix/sysv/linux/x86_64/pthread_cond_wait.S:261
#1  0x00007fc69fe88fdc in ?? () from /opt/netscape/plugins/libflashplayer.so
#2  0x00007fc69ff8ff6d in ?? () from /opt/netscape/plugins/libflashplayer.so
#3  0x00007fc69fe89401 in ?? () from /opt/netscape/plugins/libflashplayer.so
#4  0x00000033802072a7 in start_thread (arg=<value optimized out>) at pthread_create.c:297
#5  0x000000337f6d06ad in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:112
#6  0x0000000000000000 in ?? ()
The current source language is "auto; currently asm".

Thread 3 (Thread 0x7fc69c548910 (LWP 2928)):
#0  pthread_cond_timedwait@@GLIBC_2.3.2 () at ../nptl/sysdeps/unix/sysv/linux/x86_64/pthread_cond_timedwait.S:220
#1  0x000000359765c567 in QWaitConditionPrivate::wait (this=<value optimized out>, mutex=<value optimized out>, time=<value optimized out>) at thread/qwaitcondition_unix.cpp:85
#2  QWaitCondition::wait (this=<value optimized out>, mutex=<value optimized out>, time=<value optimized out>) at thread/qwaitcondition_unix.cpp:159
#3  0x00000035976538e1 in QThreadPoolThread::run (this=<value optimized out>) at concurrent/qthreadpool.cpp:140
#4  0x000000359765b804 in QThreadPrivate::start (arg=<value optimized out>) at thread/qthread_unix.cpp:188
#5  0x00000033802072a7 in start_thread (arg=<value optimized out>) at pthread_create.c:297
#6  0x000000337f6d06ad in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:112
#7  0x0000000000000000 in ?? ()

Thread 2 (Thread 0x7fc69ba87910 (LWP 2933)):
#0  pthread_cond_timedwait@@GLIBC_2.3.2 () at ../nptl/sysdeps/unix/sysv/linux/x86_64/pthread_cond_timedwait.S:220
#1  0x000000359765c567 in QWaitConditionPrivate::wait (this=<value optimized out>, mutex=<value optimized out>, time=<value optimized out>) at thread/qwaitcondition_unix.cpp:85
#2  QWaitCondition::wait (this=<value optimized out>, mutex=<value optimized out>, time=<value optimized out>) at thread/qwaitcondition_unix.cpp:159
#3  0x00000035976538e1 in QThreadPoolThread::run (this=<value optimized out>) at concurrent/qthreadpool.cpp:140
#4  0x000000359765b804 in QThreadPrivate::start (arg=<value optimized out>) at thread/qthread_unix.cpp:188
#5  0x00000033802072a7 in start_thread (arg=<value optimized out>) at pthread_create.c:297
#6  0x000000337f6d06ad in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:112
#7  0x0000000000000000 in ?? ()

Thread 1 (Thread 0x7fc6ab464740 (LWP 2920)):
[KCrash Handler]
#5  0x00007fc69f9a98b7 in PL_HashTableLookupConst (ht=<value optimized out>, key=<value optimized out>) at ../../../mozilla/nsprpub/lib/ds/plhash.c:381
#6  0x0000003cea212560 in SECOID_FindOID_Util (oid=<value optimized out>) at secoid.c:1949
#7  0x0000003cec00b5ad in NSS_CMSContentInfo_GetContentTypeTag (cinfo=<value optimized out>) at cmscinfo.c:271
#8  0x0000003cec00c84e in nss_cms_decoder_notify (arg=<value optimized out>, before=<value optimized out>, dest=<value optimized out>, depth=<value optimized out>) at cmsdecode.c:134
#9  0x0000003cea20ee5e in sec_asn1d_notify_after (cx=<value optimized out>, buf=<value optimized out>, len=<value optimized out>) at secasn1d.c:463
#10 sec_asn1d_next_in_sequence (cx=<value optimized out>, buf=<value optimized out>, len=<value optimized out>) at secasn1d.c:1917
#11 SEC_ASN1DecoderUpdate_Util (cx=<value optimized out>, buf=<value optimized out>, len=<value optimized out>) at secasn1d.c:2668
#12 0x0000003cec00c335 in NSS_CMSDecoder_Update (p7dcx=<value optimized out>, buf=<value optimized out>, len=<value optimized out>) at cmsdecode.c:670
#13 0x0000003cec00c4b0 in NSS_CMSMessage_CreateFromDER (DERmessage=<value optimized out>, cb=<value optimized out>, cb_arg=<value optimized out>, pwfn=<value optimized out>, 
    pwfn_arg=<value optimized out>, decrypt_key_cb=<value optimized out>, decrypt_key_cb_arg=) at cmsdecode.c:740
#14 0x00007fc6a0233ee9 in ?? () from /opt/netscape/plugins/libflashplayer.so
#15 0x00007fc6a0220e3d in ?? () from /opt/netscape/plugins/libflashplayer.so
#16 0x00007fc69ff28fde in ?? () from /opt/netscape/plugins/libflashplayer.so
#17 0x00007fc69ff28863 in ?? () from /opt/netscape/plugins/libflashplayer.so
#18 0x00007fc6a0162421 in ?? () from /opt/netscape/plugins/libflashplayer.so
#19 0x00007fc6a01a25f2 in ?? () from /opt/netscape/plugins/libflashplayer.so
#20 0x00007fc69fe8adb9 in ?? () from /opt/netscape/plugins/libflashplayer.so
#21 0x00007fc69fe7adcf in ?? () from /opt/netscape/plugins/libflashplayer.so
#22 0x0000003383639bcb in g_timeout_dispatch (source=<value optimized out>, callback=<value optimized out>, user_data=<value optimized out>) at gmain.c:3260
#23 0x00000033836394b9 in g_main_dispatch (context=<value optimized out>) at gmain.c:1824
#24 IA__g_main_context_dispatch (context=<value optimized out>) at gmain.c:2377
#25 0x000000338363caf8 in g_main_context_iterate (context=<value optimized out>, block=<value optimized out>, dispatch=<value optimized out>, self=<value optimized out>) at gmain.c:2455
#26 0x000000338363ccac in IA__g_main_context_iteration (context=<value optimized out>, may_block=<value optimized out>) at gmain.c:2518
#27 0x000000359775223f in QEventDispatcherGlib::processEvents (this=<value optimized out>, flags=<value optimized out>) at kernel/qeventdispatcher_glib.cpp:327
#28 0x000000341b82196f in QGuiEventDispatcherGlib::processEvents (this=<value optimized out>, flags=<value optimized out>) at kernel/qguieventdispatcher_glib.cpp:202
#29 0x000000359772c212 in QEventLoop::processEvents (this=<value optimized out>, flags=<value optimized out>) at kernel/qeventloop.cpp:149
#30 0x000000359772c3ac in QEventLoop::exec (this=<value optimized out>, flags=<value optimized out>) at kernel/qeventloop.cpp:197
#31 0x000000359772e3fc in QCoreApplication::exec () at kernel/qcoreapplication.cpp:888
#32 0x0000000000415a59 in main (argc=<value optimized out>, argv=<value optimized out>) at /var/tmp/portage/kde-base/nsplugins-4.3.5/work/nsplugins-4.3.5/nsplugins/viewer/viewer.cpp:144
The current source language is "auto; currently c".

Reported using DrKonqi
Comment 1 Frank Reininghaus 2010-06-02 12:34:25 UTC 
Thanks for the bug report! This looks like a bug which has been reported already.

*** This bug has been marked as a duplicate of bug 193273 ***
Comment 2 Frank Reininghaus 2010-06-02 12:39:01 UTC 
(In reply to comment #0)
> btw, and it doesn't seem to be a duplicate of 193273, IMHO

Sorry, I hadn't read that before. Why do you think that it's not a duplicate? Note that I'm not an nspluginviewer expert...
Comment 3 kavol 2010-06-02 13:32:49 UTC 
(In reply to comment #2)
> (In reply to comment #0)
> > btw, and it doesn't seem to be a duplicate of 193273, IMHO
> 
> Sorry, I hadn't read that before. Why do you think that it's not a duplicate?
> Note that I'm not an nspluginviewer expert...

because the code path is different

in bug #193273 there is NSPluginStreamBase::finish before it dives into libflashplayer.so and then there are some Destroys, which cannot be found here 

note that I'm not an C++ debugging expert :-)
Comment 4 Frank Reininghaus 2010-06-02 13:41:28 UTC 
(In reply to comment #3)
> in bug #193273 there is NSPluginStreamBase::finish before it dives into
> libflashplayer.so and then there are some Destroys, which cannot be found here 

You're right, however, very often crashes which have different code paths, but share a couple of frames at the top are due to the same bug. I think this is most likely the case here, but I'm not 100% sure - if you prefer to keep your report separate, feel free to reopen it ;-)