search

pinkshirt / firebreath

Automatically exported from code.google.com/p/firebreath
0 stars 0 forks source link

Test plugin testStreams() crashes browser on Ubuntu Firefox #118

Open GoogleCodeExporter opened 9 years ago

GoogleCodeExporter commented 9 years ago 

From the mailing list:

> Hi,
>  I tested example plugin on ubuntu 10.04, firefox (3.6.12) is crashed
> when calling plugin().testStreams() in the firebug console. Other
> functions (including thread runner) are OK. Has anyone similar issue?
>
> Regards,
> Quake

Tested on windows xp (complied npFBTestPlugin.dll with Visual Studio
2005), firefox is also crashed, any comments? Is this function broken
or did I miss any libs?

This is error log when firefox crashed:

Invoking testStreams
terminate called after throwing an instance of
'boost::exception_detail::clone_impl<boost::exception_detail::error_info_injecto
r<boost::bad_weak_ptr>
>'
what(): tr1::bad_weak_ptr

Regards,
Quake

Original issue reported on code.google.com by austin_p...@hotmail.com on 14 Dec 2010 at 12:28

GoogleCodeExporter commented 9 years ago 
I suspect this is broken, and there is more than one issue to fix.  I've got 
the same failure mode on Ubuntu Lucid.  From the little research I've done here 
are my observations:

1. StreamTest::run() creates PluginEventSink objects using operator new.  Later 
in createStream(), one of the functions tries to get a shared pointer to this 
sink.  Since the original pointer is not a shared_ptr, an exception is raised.  
My suggestion would be to remove all PluginEventSink* usage, and convert to 
PluginEventSinkPtr shared_ptr type.  I've done this in my test code but still 
get a segfault.

2. The createStream() call has the potential to leak memory.  It uses auto_ptr 
which is then returned to its caller, but the caller must remember to 
deallocate the return value.  The problem is, the return cannot be immediately 
deallocated as the stream is still in use and registered with the browser who 
may call back on that object.  Probably need some way to get rid of auto_ptr 
and convert to managed shared_ptr.

I've attached a patch to get rid of PluginEventSink* and PluginEventSource* and 
convert to use of shared_ptr.  This addresses item 1 above.

In addition, this patch enables debugging information to be added to objects 
compiled under Linux.

Original comment by austin_p...@hotmail.com on 14 Dec 2010 at 12:34

Attachments:

GoogleCodeExporter commented 9 years ago 
Some more thoughts.  After a user has called createStream(), the browser host 
should probably keep a shared_ptr to the object, as well as this being returned 
to the caller.  This is because when the stream is created and GetURLNotify() 
is called, the callback from the browser will expect that the original object 
still exists, even if the caller of createStream() no longer has a valid handle 
to the stream.

Original comment by austin_p...@hotmail.com on 14 Dec 2010 at 12:39

GoogleCodeExporter commented 9 years ago 
This should be fixed in git now

Original comment by richarda...@gmail.com on 14 Dec 2010 at 7:14