| Issue 12993: | Shockwave plugin crash on Google Finance | |
| Back to list |
Sign in to add a comment
|
Chrome Version: 3.0.183.0 (Developer Build 17288) URLs (if applicable) : http://www.google.com/finance?catid=57629812 1. Go to http://www.google.com/finance?catid=57629812 2. Wait for a few seconds. 3. The plugin crashes. Also, try to exit the tab while the page is loading and the browser becomes unresponsive. Both problems are 100% reproducible. |
||||||||||||||||||||||
,
May 30, 2009
Ok..this does not reproduce when going directly to the link stated above..follow these new reproduce steps: 1. Go to http://www.google.com/finance 2. Scroll down and Control (Ctrl) + Left click on "Basic Materials" or any link under "Sector Summary" and wait for a few seconds. 3. The shockwave plugin crashes. 100% reproducible. |
|||||||||||||||||||||||
,
May 30, 2009
Note from Google Chrome Releases Blog: andre said... Chrome hangs up all the time and then has to kill the flash plugin if I do the following. Can anybody try to reproduce this: Press CTRL + Left mouse click on a stock link on google finance. 4:12 PM, May 29, 2009 Also, whoever looks at this issue can also look at Issue 12168 (another shockwave plugin crash which has not been looked at yet). |
|||||||||||||||||||||||
,
Jun 03, 2009
We appear to have a Flash crasher in 3. It reproduced readily for me in 3.0.182.3 (Official Build 17055) using the steps in Comment 2. Also reproduced 100% in 3.0.184.0 (Developer Build 17480)
Status: Assigned
Owner: ana...@chromium.org Cc: m...@chromium.org lafo...@chromium.org Labels: -Pri-2 -Area-Misc Pri-0 Area-Plugins Mstone-3 Size-Medium |
|||||||||||||||||||||||
,
Jun 05, 2009
Jon: I couldn't repo the crash. This is a hang. However it seems we always had it, so I'm not sure this should be a P0 since it's not a regression. |
|||||||||||||||||||||||
,
Jun 05, 2009
(No comment was entered for this change.)
Labels: -Pri-0 Pri-1
|
|||||||||||||||||||||||
,
Jun 05, 2009
It does not reproduce for me on 2.0.172.30 (Official Build) so it is a regression (everything works fine, it does not hang..no shockwave plugin unresponsive box and it does not crash). Also, I manually updated to 2.0.172.30 yesterday but there is no release notes for it..why? |
|||||||||||||||||||||||
,
Jun 05, 2009
I can reproduce it on 172.30. |
|||||||||||||||||||||||
,
Jun 05, 2009
Strangely enough..on 172.30, I can only reproduce it if I open a link under "Sector Summary" more than once. On the latest builds, only one attempt is needed. |
|||||||||||||||||||||||
,
Jun 08, 2009
The following revision refers to this bug:
http://src.chromium.org/viewvc/chrome?view=rev&revision=17918
------------------------------------------------------------------------
r17918 | ananta@chromium.org | 2009-06-08 18:23:05 -0700 (Mon, 08 Jun 2009) | 23 lines
Changed paths:
M http://src.chromium.org/viewvc/chrome/trunk/src/chrome/renderer/render_view.cc?r1=17918&r2=17917
M http://src.chromium.org/viewvc/chrome/trunk/src/chrome/renderer/render_view.h?r1=17918&r2=17917
M http://src.chromium.org/viewvc/chrome/trunk/src/chrome/renderer/render_widget.cc?r1=17918&r2=17917
M http://src.chromium.org/viewvc/chrome/trunk/src/chrome/renderer/render_widget.h?r1=17918&r2=17917
M http://src.chromium.org/viewvc/chrome/trunk/src/chrome/renderer/webplugin_delegate_proxy.cc?r1=17918&r2=17917
M http://src.chromium.org/viewvc/chrome/trunk/src/chrome/renderer/webplugin_delegate_proxy.h?r1=17918&r2=17917
M http://src.chromium.org/viewvc/chrome/trunk/src/webkit/glue/plugins/webplugin_delegate_impl.h?r1=17918&r2=17917
M http://src.chromium.org/viewvc/chrome/trunk/src/webkit/glue/webplugin_delegate.h?r1=17918&r2=17917
M http://src.chromium.org/viewvc/chrome/trunk/src/webkit/glue/webplugin_impl.cc?r1=17918&r2=17917
Fixes a flash plugin hang caused by opening google finance ticker symbols in a background tab.
From what I can tell this bug always existed in Chrome.
The flash plugin gets instantiated and gets initial geometry updates during initialization. We download the plugin url after the geometry update. After these geometry updates the webkit layout timer runs and the plugin gets additional geometry updates. However these don't get sent over to the flash plugin instance in the plugin process as the geometry updates for windowed plugins are only flushed during paint, which does not happen in this case. The flash plugin ends up receiving data before geometry update and ends up behaving in a wierd fashion, i.e. not peeking for messages, etc.
The fact that this is a windowed plugin results in the browser ui thread also getting hung until the plugin gets out of this state.
The fix for the geometry update issue is to remove the deferred geometry update stuff. This only exists
for windowed plugins anyway. The geometry update IPC is a plain routed message and it should not be a big
overhead to send these IPCs to the plugin process.
I found that while this change fixes the basic issue, we still see some hangs in the flash plugin because of it receiving
data before the valid geometry update kicks in. John is working on a fix where we never have to call setFrameRect ourselves
and always honor the setFrameRect calls made by Webkit. This issue can be marked as fixed once both fixes get checked in.
This fixes http://code.google.com/p/chromium/issues/detail?id=12993
Bug=12993
TEST=Open google finance and Ctrl Click on the tickers in the page like Basic Materials, etc.
Review URL: http://codereview.chromium.org/119200
------------------------------------------------------------------------
|
|||||||||||||||||||||||
,
Jun 08, 2009
The following revision refers to this bug:
http://src.chromium.org/viewvc/chrome?view=rev&revision=17920
------------------------------------------------------------------------
r17920 | jam@chromium.org | 2009-06-08 18:43:49 -0700 (Mon, 08 Jun 2009) | 6 lines
Changed paths:
M http://src.chromium.org/viewvc/chrome/trunk/src/chrome/browser/renderer_host/render_widget_host_view_win.cc?r1=17920&r2=17919
M http://src.chromium.org/viewvc/chrome/trunk/src/chrome/common/render_messages.h?r1=17920&r2=17919
M http://src.chromium.org/viewvc/chrome/trunk/src/webkit/glue/plugins/webplugin_delegate_impl.cc?r1=17920&r2=17919
M http://src.chromium.org/viewvc/chrome/trunk/src/webkit/glue/webplugin.h?r1=17920&r2=17919
M http://src.chromium.org/viewvc/chrome/trunk/src/webkit/glue/webplugin_impl.cc?r1=17920&r2=17919
M http://src.chromium.org/viewvc/chrome/trunk/src/webkit/glue/webplugin_impl.h?r1=17920&r2=17919
Don't call NPP_SetWindow before we have the plugin geometry.
Note: the full fix to the bug also needs Ananta's change at http://codereview.chromium.org/119200
Bug=12993
Review URL: http://codereview.chromium.org/118359
------------------------------------------------------------------------
|
|||||||||||||||||||||||
,
Jun 08, 2009
The following revision refers to this bug:
http://src.chromium.org/viewvc/chrome?view=rev&revision=17928
------------------------------------------------------------------------
r17928 | jam@chromium.org | 2009-06-08 20:40:28 -0700 (Mon, 08 Jun 2009) | 7 lines
Changed paths:
M http://src.chromium.org/viewvc/chrome/trunk/src/webkit/glue/webplugin_impl.cc?r1=17928&r2=17927
M http://src.chromium.org/viewvc/chrome/trunk/src/webkit/glue/webplugin_impl.h?r1=17928&r2=17927
Fix regression from my previous change. Looks like we need to call SetWindowPos in setParent for the sake of layout tests.
TBR=ananta
Bug=12993
Review URL: http://codereview.chromium.org/119344
------------------------------------------------------------------------
|
|||||||||||||||||||||||
,
Jun 09, 2009
The following revision refers to this bug:
http://src.chromium.org/viewvc/chrome?view=rev&revision=18033
------------------------------------------------------------------------
r18033 | ananta@chromium.org | 2009-06-09 21:43:26 -0700 (Tue, 09 Jun 2009) | 8 lines
Changed paths:
M http://src.chromium.org/viewvc/chrome/trunk/src/webkit/glue/webplugin_impl.cc?r1=18033&r2=18032
M http://src.chromium.org/viewvc/chrome/trunk/src/webkit/glue/webplugin_impl.h?r1=18033&r2=18032
For lack of a better approach we now initiate the plugin src url download in a delayed task as the Flash plugin hangs if it starts receiving data before receiving valid plugin geometry.
This fixes bug http://code.google.com/p/chromium/issues/detail?id=12993
Bug=12993
TEST=Navigate to google.com/finance and open the tickers in background tabs. They should not cause the browser to hang.
Review URL: http://codereview.chromium.org/118452
------------------------------------------------------------------------
|
|||||||||||||||||||||||
,
Jun 09, 2009
The following revision refers to this bug:
http://src.chromium.org/viewvc/chrome?view=rev&revision=18035
------------------------------------------------------------------------
r18035 | ananta@chromium.org | 2009-06-09 22:41:47 -0700 (Tue, 09 Jun 2009) | 10 lines
Changed paths:
M http://src.chromium.org/viewvc/chrome/trunk/src/webkit/glue/webplugin_impl.cc?r1=18035&r2=18034
Fix for the Layout test failures occuring as a result of the change to download the plugin
src URL in a background task. The tests fail because the plugin instance is torn down before
the task executes.
The fix is to revoke tasks executing on the current WebPluginImpl instance when it is torn down.
TBR=jam
Bug=12993
Review URL: http://codereview.chromium.org/119410
------------------------------------------------------------------------
|
|||||||||||||||||||||||
,
Jun 09, 2009
(No comment was entered for this change.)
Status: Fixed
|
|||||||||||||||||||||||
,
Dec 18, 2009
(No comment was entered for this change.)
Labels: -Area-Plugins Area-Internals Internals-Plugins
|
|||||||||||||||||||||||
| ► Sign in to add a comment | |||||||||||||||||||||||