[Webkit-unassigned] [Bug 62355] New: NPP_Destroy called from within NPN_ calls
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Wed Jun 8 22:01:01 PDT 2011
https://bugs.webkit.org/show_bug.cgi?id=62355
Summary: NPP_Destroy called from within NPN_ calls
Product: WebKit
Version: 528+ (Nightly build)
Platform: Macintosh Intel
OS/Version: Mac OS X 10.6
Status: UNCONFIRMED
Severity: Major
Priority: P2
Component: Plug-ins
AssignedTo: webkit-unassigned at lists.webkit.org
ReportedBy: duncantebbs at turbulenz.com
This happens when running a 32 bit plugin under the 64-bit version of Safari. Confirmed with latest build as of Jun 9, 2011.
At shutdown, the following callstack shows that NPP_Destroy() is called from within a call to NPN_SetProperty. The plugin is calling NPN_SetProperty from within an NPN_ScheduleTimer callback.
When NPN_SetProperty eventually returns, the NPP and all plugin state is no longer available. The implication is that after any NPN_ function returns code has to somehow check whether its plugin instance has been shutdown, and then immediately exit out without performing any other operations.
I haven't seen this behaviour on any other browsers, and it's non-trivial to work around so I'm assuming this is not the desired behaviour.
If this could be caused by something the plugin does, or if there is a way to make sure the browser waits until any running NPN_ScheduleTimer calls have completed before killing the plugin, I would very much like to know.
... [plugin code] ...
5 com.turbulenz.engine 0x14d959ae NPP_Destroy + 62 (npp_gate.cpp:540)
6 com.apple.WebKit.PluginHost 0x7aabb925 PluginInstance::stop() + 71
7 com.apple.WebKit.PluginHost 0x7aabbb66 PluginInstance::unprotectFromDestruction() + 38
8 com.apple.WebKit.PluginHost 0x7aac24ab std::auto_ptr<PluginInstance::BooleanReply> PluginInstance::performAndWait<PluginInstance::BooleanReply>(unsigned int, bool ( block_pointer)()) + 187
9 com.apple.WebKit.PluginHost 0x7aac1d91 PluginObject::setProperty(void*, _NPVariant const*) + 185
10 com.apple.WebKit.PluginHost 0x7aac1df9 PluginObject::npSetProperty(NPObject*, void*, _NPVariant const*) + 31
11 com.apple.WebKit.PluginHost 0x7aab5ddf NPN_SetProperty + 39
12 com.turbulenz.engine 0x14cfd05f NPN_SetProperty + 79 (npn_gate.cpp:340)
... [plugin code] ...
24 com.turbulenz.engine 0x14df3557 turbulenz::DoTickST(_NPP*, unsigned int) + 23 (timertask.cpp:2020)
25 com.apple.WebKit.PluginHost 0x7aac05a1 PluginTimer::fired() + 31
26 com.apple.CoreFoundation 0x97954adb __CFRunLoopRun + 8059
27 com.apple.CoreFoundation 0x97952464 CFRunLoopRunSpecific + 452
28 com.apple.CoreFoundation 0x97952291 CFRunLoopRunInMode + 97
29 com.apple.HIToolbox 0x9458ee04 RunCurrentEventLoopInMode + 392
30 com.apple.HIToolbox 0x9458ebb9 ReceiveNextEventCommon + 354
31 com.apple.HIToolbox 0x9458ea3e BlockUntilNextEventMatchingListInMode + 81
32 com.apple.AppKit 0x924a678d _DPSNextEvent + 847
33 com.apple.AppKit 0x924a5fce -[NSApplication nextEventMatchingMask:untilDate:inMode:dequeue:] + 156
34 com.apple.AppKit 0x92468247 -[NSApplication run] + 821
35 com.apple.WebKit.PluginHost 0x7aab1404 main + 889
36 com.apple.WebKit.PluginHost 0x7aab0fcd start + 53
Process: WebKitPluginHost [5418]
Path: /Volumes/WebKit/WebKit.app/Contents/Frameworks/10.6/WebKit.framework/WebKitPluginHost.app/Contents/MacOS/WebKitPluginHost
Identifier: com.apple.WebKit.PluginHost
Version: 6535 (6535.1)
Code Type: X86 (Native)
Parent Process: WebKitPluginAgent [5405]
Date/Time: 2011-06-09 13:30:42.699 +0900
OS Version: Mac OS X 10.6.7 (10J869)
Report Version: 6
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list