Last Comment Bug 700583 - Crash in nsPluginFile::GetPluginInfo @ pr_FindSymbolInLib
: Crash in nsPluginFile::GetPluginInfo @ pr_FindSymbolInLib
Status: RESOLVED FIXED
[mobile-crash],[native-crash:P4], str...
: crash, topcrash
Product: Core
Classification: Components
Component: Plug-ins (show other bugs)
: 10 Branch
: ARM Android
: -- critical (vote)
: mozilla17
Assigned To: Benjamin Smedberg AWAY UNTIL 2-AUG-2016 [:bsmedberg]
:
Mentors:
: 693363 783263 (view as bug list)
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2011-11-08 00:13 PST by Naoki Hirata :nhirata (please use needinfo instead of cc)
Modified: 2012-09-17 15:41 PDT (History)
10 users (show)
See Also:
Crash Signature:
QA Whiteboard:
Iteration: ---
Points: ---
Has Regression Range: ---
Has STR: ---
affected
affected
+
fixed
+
fixed
fixed
-
+


Attachments
Null checking and error handling, rev. 1 (1.88 KB, patch)
2012-08-17 10:39 PDT, Benjamin Smedberg AWAY UNTIL 2-AUG-2016 [:bsmedberg]
jaas: review+
lukasblakk+bugs: approval‑mozilla‑aurora+
lukasblakk+bugs: approval‑mozilla‑beta+
lukasblakk+bugs: approval‑mozilla‑release+
Details | Diff | Splinter Review

Description Naoki Hirata :nhirata (please use needinfo instead of cc) 2011-11-08 00:13:56 PST
Crashing Thread
Frame 	Module 	Signature [Expand] 	Source
0 	libnspr4.so 	pr_FindSymbolInLib 	nsprpub/pr/src/linking/prlink.c:1100
1 	libnspr4.so 	PR_FindSymbol 	nsprpub/pr/src/linking/prlink.c:1242
2 	libxul.so 	nsPluginFile::GetPluginInfo 	dom/plugins/base/nsPluginsDirUnix.cpp:360
3 	libxul.so 	nsPluginHost::ScanPluginsDirectory 	dom/plugins/base/nsPluginHost.cpp:2091
4 	libxul.so 	nsPluginHost::ScanPluginsDirectoryList 	dom/plugins/base/nsPluginHost.cpp:2241
5 	libxul.so 	nsPluginHost::FindPlugins 	dom/plugins/base/nsPluginHost.cpp:2326
6 	libxul.so 	nsPluginHost::LoadPlugins 	dom/plugins/base/nsPluginHost.cpp:2269
7 	libxul.so 	nsPluginHost::GetPluginTags 	dom/plugins/base/nsPluginHost.cpp:1548
8 	libxul.so 	NS_InvokeByIndex_P 	xpcom/reflect/xptcall/src/md/unix/xptcinvoke_arm.cpp:194
9 	libxul.so 	XPCWrappedNative::CallMethod 	js/src/xpconnect/src/xpcwrappednative.cpp:3148
10 	libxul.so 	XPC_WN_CallMethod 	js/src/xpconnect/src/xpcwrappednativejsops.cpp:1629
11 	libxul.so 	js::Interpret 	js/src/jscntxtinlines.h:298
12 	libxul.so 	js::RunScript 	js/src/jsinterp.cpp:585
13 	libxul.so 	js::InvokeKernel 	js/src/jsinterp.cpp:648
14 	libxul.so 	js_fun_apply 	js/src/jsinterp.h:148
15 	libxul.so 	js::Interpret 	js/src/jscntxtinlines.h:298
16 	libxul.so 	js::RunScript 	js/src/jsinterp.cpp:585
17 	libxul.so 	js::InvokeKernel 	js/src/jsinterp.cpp:648
18 	libxul.so 	array_extra 	js/src/jsinterp.h:148
19 	libxul.so 	array_forEach 	js/src/jsarray.cpp:3371
20 	libxul.so 	js::Interpret 	js/src/jscntxtinlines.h:298
21 	libxul.so 	js::RunScript 	js/src/jsinterp.cpp:585
22 	libxul.so 	js::Invoke 	js/src/jsinterp.cpp:648
23 	libxul.so 	JS_CallFunctionValue 	js/src/jsapi.cpp:5126
24 	libxul.so 	nsXPCWrappedJSClass::CallMethod 	js/src/xpconnect/src/xpcwrappedjsclass.cpp:1660
25 	libxul.so 	nsXPCWrappedJS::CallMethod 	js/src/xpconnect/src/xpcwrappedjs.cpp:585
26 	libxul.so 	PrepareAndDispatch 	xpcom/reflect/xptcall/src/md/unix/xptcstubs_arm.cpp:131
27 	libxul.so 	libxul.so@0x963b53 	
28 	libxul.so 	mozilla::storage::::CompletionNotifier::Run 	storage/src/mozStorageAsyncStatementExecution.cpp:179

https://crash-stats.mozilla.com/report/list?range_value=7&range_unit=days&date=2011-11-06&signature=pr_FindSymbolInLib&version=Fennec%3A10.0a1

Need to confirm STR:
1) go to about:plugins
Comment 1 Naoki Hirata :nhirata (please use needinfo instead of cc) 2011-11-22 17:05:52 PST
str-needed for Native; XUL crashes just by going to about:plugins.
Comment 2 Naoki Hirata :nhirata (please use needinfo instead of cc) 2012-01-17 15:18:03 PST
native and XUL do not crash with the given steps to repro on droid 2

https://crash-stats.mozilla.com/report/index/b3b78e65-91a7-4c7d-8bee-c918a2120116
issue occurs still on Pearl Touchlet X7G w/ 20120114042007

and 

HTC Desire : 
https://crash-stats.mozilla.com/report/index/374f3852-d90f-4b41-aeff-31e242120114
with buildid 20120112031044

Most of the crashes seem to be on the Pearl Touchlet.
Comment 3 Naoki Hirata :nhirata (please use needinfo instead of cc) 2012-01-24 14:19:02 PST
Looks like most of the crashes will happen on startup.

Uptime Range 	Percentage 	Number Of Crashes
< 1 min 	88.7 %	134
1-5 min 	9.3 %	14

Product 	Version 	Percentage 	Number Of Crashes
FennecAndroid 	12.0a1 	25.8 %	39
FennecAndroid 	11.0a2 	25.2 %	38
Comment 4 Scoobidiver (away) 2012-01-25 09:39:33 PST
(In reply to Naoki Hirata :nhirata from comment #3)
> < 1 min 	88.7 %	134
I add the startupcrash keyword.
Comment 5 Scoobidiver (away) 2012-02-01 07:30:51 PST
I checked the devices where it happens:
* PANTECH IS06
* WA CT704
* FUJITSU TOSHIBA MOBILE COMMUNICATIONS LIMITED IS04
* FUJITSU TOSHIBA MOBILE COMMUNICATIONS LIMITED ISW11F
* FUJITSU TOSHIBA MOBILE COMMUNICATIONS LIMITED T-01C
* Sony Ericsson LT15i
* telechips MID8024
* telechips MID8127
* HTC Desire
* MBX MBX DVBT reference board (c03ref)
* telechips X7G
* samsung GT-I9100
* renesas Livall
There are no CPU or graphical controller correlations.

My guess is that it's caused by an old Flash version.
Comment 7 Naoki Hirata :nhirata (please use needinfo instead of cc) 2012-02-28 10:38:55 PST
https://crash-stats.mozilla.com/report/index/0fa5978f-9caf-4a4f-93e6-57fd12120223
Samsung 'GT-I9100M'

URL at : 
http://phony/ 

Uptime 2

I wonder if we can put a trap in for detecting old versions of flash?
Comment 8 Scoobidiver (away) 2012-05-22 05:11:24 PDT
It's #49 top crasher in 14.0b2. I am removing the topcrash keyword.
Comment 9 Scoobidiver (away) 2012-06-27 01:53:26 PDT
It's #10 top crasher in 14.0.
Comment 10 Alex Keybl [:akeybl] 2012-06-27 11:56:03 PDT
Let's get URLs for this bug to see if we can find STR.
Comment 12 Naoki Hirata :nhirata (please use needinfo instead of cc) 2012-06-27 14:55:39 PDT
From previous to this date:
https://crash-stats.mozilla.com/report/list?product=FennecAndroid&query_search=signature&query_type=contains&query=pr_FindSymbolInLib&reason_type=contains&date=06%2F27%2F2012%2021%3A47%3A38&range_value=4&range_unit=weeks&hang_type=any&process_type=any&do_query=1&admin=1&signature=pr_FindSymbolInLib


Bugs listed with this crash signature:
    693363
    692149
    70543
    747296
    700583

URLs
27 	about:home
9 	about:blank
2 	http://mosa-d-web.mosa-d.gov.sa/infoCust.aspx
2 	http://www.google.com/
2 	http://m.youtube.com/#/watch?v=uW0bXp-jXxI
1 	https://www.google.com/m?q=www&ie=utf-8&oe=utf-8&aq=t&rls=org.mozilla:en-US:offi
1 	http://m.youtube.com/watch?v=g1CJijhGnfo
1 	http://static.bada.com/contents/deviceterms/603.txt
1 	http://m.facebook.com/story.php?story_fbid=453843457968732&id=100000292462822&re
1 	http://coderwall.com/
1 	https://addons.mozilla.org/en-US/android/addon/full-screen-252573/?src=api
1 	https://www.google.com/m?oe=utf-8&q=hayghe.com
1 	http://m.youtube.com/watch?v=uW0bXp-jXxI
1 	http://www.youtube.com/
1 	https://www.icloud.com/
1 	http://www.google.ca/
1 	http://www.google.com/#hl=en&sa=X&ei=vDzIT5n3DILWgQe749lI&sqi=2&ved=0CAQQBSgA&q=
1 	http://www.hulu.com/
1 	http://wap.bild.de/
1 	http://symbianannagame.blogspot.com/2012/02/adobe-shockwave-player-115-free.html
1 	http://www.google.com.tr/#hl=tr&sclient=psy-ab&q=yaygara+tv+kurtlar+vadisi+pusu&
1 	http://ptf.com/shockwave/shockwave+.apk/
1 	http://www.google.com.vn/#hl=vi&gs_nf=1&cp=3&gs_id=m&xhr=t&q=mshoatoeic&pf=p&scl
1 	http://m.youtube.com/#/watch?v=g1CJijhGnfo
1 	http://www.google.com.tr/#hl=tr&sclient=psy-ab&q=yaygara+tv+kurtlar+vadisi+pusu&
1 	https://www.google.com/url?url=http://www.adobe.com/shockwave/welcome/&rct=j&sa=
1 	http://www.freeandroidtv.com/index.php
Comment 13 Naoki Hirata :nhirata (please use needinfo instead of cc) 2012-06-27 15:53:20 PDT
Possibly old flash plugin? ( https://bugzilla.mozilla.org/show_bug.cgi?id=700583#c5 )
Comment 14 Robert Kaiser 2012-08-17 07:33:37 PDT
This is rising on 14.0.1 now.
Comment 15 Benjamin Smedberg AWAY UNTIL 2-AUG-2016 [:bsmedberg] 2012-08-17 07:45:35 PDT
Bug 783263 has kinda-str for this. I'll dup it to this one. This has to do with a Flash upgrade, probably we timed out the plugin container after 5 minutes of no-use and then try to restart it but the Flash DLL is no longer present.
Comment 16 Benjamin Smedberg AWAY UNTIL 2-AUG-2016 [:bsmedberg] 2012-08-17 07:52:55 PDT
*** Bug 783263 has been marked as a duplicate of this bug. ***
Comment 17 Benjamin Smedberg AWAY UNTIL 2-AUG-2016 [:bsmedberg] 2012-08-17 08:19:29 PDT
ok, I didn't realize that this was filed against mobile: I think that it's the same basic issue though: the Flash player DLL is either missing (uninstalled while we're running? or cannot be loaded for some reason. We can certainly protected against that with null check which should cover both desktop and mobile. In the desktop case, this is because the Flash DLL name changes on upgrade and we weren't locking it, but the root problem might be fundamentally different on mobile.
Comment 18 Benjamin Smedberg AWAY UNTIL 2-AUG-2016 [:bsmedberg] 2012-08-17 10:39:45 PDT
Created attachment 652826 [details] [diff] [review]
Null checking and error handling, rev. 1
Comment 19 Robert Kaiser 2012-08-20 09:12:55 PDT
As this seems to be connected to Flash and is in the top 10 crashes on mobile, CCing snorp, so he knows about it. Would be nice to get that patch in possibly for 15, if it really helps with those mobile crashes.
Comment 20 Robert Kaiser 2012-08-21 08:08:18 PDT
This is #5 in FennecAndroid 14.0.1 now, and #6 on FennecAndroid 15.0b5, in the latter case with only a Flash signatures in front of it besides four that are fixed for 15.0b6, so this might very well turn out to be #2 for 15.
Comment 21 Lukas Blakk [:lsblakk] use ?needinfo 2012-08-21 11:12:38 PDT
I'd like to know the risk assessment for this fix if it was nominated for beta approval.  It will indeed rise in Fennec topcrashers but to what extent?  Could we live with this for 6 weeks or keep it as a possible ride-along in case there's a 15 chemspill?
Comment 22 Benjamin Smedberg AWAY UNTIL 2-AUG-2016 [:bsmedberg] 2012-08-21 11:43:58 PDT
http://hg.mozilla.org/mozilla-central/rev/1b51c7bf1e05
Comment 23 Benjamin Smedberg AWAY UNTIL 2-AUG-2016 [:bsmedberg] 2012-08-21 11:46:22 PDT
Comment on attachment 652826 [details] [diff] [review]
Null checking and error handling, rev. 1

[Approval Request Comment]
Bug caused by (feature/regressing bug #): inability to load the Flash plugin. On Windows desktop we have found that this can happen if Flash updates itself while the browser has been idle for a while. On mobile we're not sure why this is happening: perhaps Flash doesn't work on the device at all, or it is currently being updated, or it is currently being uninstalled or was uninstalled in the past.
User impact if declined: Continued crashes, most notably on mobile 
Testing completed (on m-c, etc.): just landed on m-c
Risk to taking this patch (and alternatives if risky): This patch is a straightforward null-check with error propagation. It feels very non-risky to me, but this is of course plugin code so it's difficult to test in the wild.
String or UUID changes made by this patch: None
Comment 24 Lukas Blakk [:lsblakk] use ?needinfo 2012-08-21 12:00:51 PDT
Comment on attachment 652826 [details] [diff] [review]
Null checking and error handling, rev. 1

While this bug will shoot up to being a higher crash in Fennec (due to other topcrashers being fixed for b6) we're too close to final beta to get the proper crash data back on this between now and gtb for RC on Friday 8/24.  Approving for Aurora, we can watch how this helps there when it moved to Beta on 8/27.
Comment 25 Benjamin Smedberg AWAY UNTIL 2-AUG-2016 [:bsmedberg] 2012-08-23 09:34:38 PDT
https://hg.mozilla.org/releases/mozilla-aurora/rev/def773f1aeac
Comment 26 Scoobidiver (away) 2012-08-24 02:51:06 PDT
(In reply to Lukas Blakk [:lsblakk] from comment #24)
> While this bug will shoot up to being a higher crash in Fennec (due to other
> topcrashers being fixed for b6)
It's indeed #1 top crasher in 15.0b6.
Comment 27 Robert Kaiser 2012-08-24 05:41:48 PDT
Scoobidiver, with such a low amount of people running that (and a low amount of crashes in the list), we should be careful with statements like that, with more usage the ranking can easily change. Still, you are right for early 15.0b6 data, we'll see after the weekend if 15.0b7 looks the same, but we should expect it to.
This crash exists in 14.0.1 as well, and the relative volume seems to be similar, so this is all expected and we are OK with that (as long as the volume doesn't explode).

We might have fixed this crash for 16 (note that so far there's no real confirmation that the patch even helps for mobile), and we'll need to verify there and on Nightly.
Comment 28 Scoobidiver (away) 2012-08-24 05:56:49 PDT
(In reply to Robert Kaiser (:kairo@mozilla.com) from comment #27)
> Scoobidiver, with such a low amount of people running that (and a low amount
> of crashes in the list), we should be careful with statements like that,
> with more usage the ranking can easily change.
For top crashers, the rank is usually stable although it's early in the cycle.
It also confirms that the fix of bug 776334 has made other top crashers shift in ranking.
Finally, I am fine with the decision of not fixing it for 15.0, but if no regression is found in 16.0 Beta or Aurora 17.0, building a 15.0.1 should be considered.
Comment 29 Benjamin Smedberg AWAY UNTIL 2-AUG-2016 [:bsmedberg] 2012-08-24 06:05:11 PDT
I am 99.44% certain that this patch fixes the crash on mobile. I don't know what will happen next: Flash just won't work, or no visible issue at all.
Comment 30 Robert Kaiser 2012-08-24 06:49:46 PDT
(In reply to Scoobidiver from comment #28)
> [...], building a 15.0.1 should be
> considered.

We will not do a 15.0.1 just for this issue. If a 15.0.1 comes along for *other* reasons (security or bad regressions) and we have confirmation that this patch works on 16, then this patch might be a ride-along for that.
This is not a regression, at least it doesn't look like one right now, so no concern at all that could trigger a 15.0.1 by itself and no reason to push hard for making 15.0 itself. Actually, if something would come up right now that would be grave enough that we'd know we'd need to do a 15.0.1 for it, we'd probably instead see to get it into 15.0 itself, as only large regressions and critical security issues (0days) would trigger such a chemspill and we'd not want to ship a final knowing about such issues.

All that said, thanks to bsmedberg for comment 29, makes me feel more confident that we have the crash itself fixed for 16 - though we'll only feel really good when we see data confirming that.
Comment 31 Scoobidiver (away) 2012-08-26 04:45:22 PDT
Now that bug 783754 is fixed in 15.0b7, a Flash crash takes the lead and this one is only #2.
Comment 32 Alex Keybl [:akeybl] 2012-08-26 15:46:38 PDT
(In reply to Scoobidiver from comment #31)
> Now that bug 783754 is fixed in 15.0b7, a Flash crash takes the lead and
> this one is only #2.

Given the prevalence of this crash on 14.* and 15.0b*, I'm really surprised that it's not showing up in the reviews more often. I don't have a good feel for why that might be - perhaps it's really intermittent but affecting a large population?
Comment 33 Lukas Blakk [:lsblakk] use ?needinfo 2012-09-05 09:35:48 PDT
Comment on attachment 652826 [details] [diff] [review]
Null checking and error handling, rev. 1

[Triage Comment]
We're doing a 15.0.1 and taking this as a ride-along
Comment 34 Josh Aas 2012-09-05 10:10:54 PDT
pushed to mozilla-release

https://hg.mozilla.org/releases/mozilla-release/rev/faa9affedb6c

Required re-application due to a context difference, and the patch on the bug here has an error ("nresult" instead of "nsresult").
Comment 35 Lukas Blakk [:lsblakk] use ?needinfo 2012-09-05 11:10:57 PDT
Adjusting status flags (note, i reverted the approval for beta but this is already landed on 16 so we're all good here).
Comment 36 Robert Kaiser 2012-09-15 05:45:29 PDT
*** Bug 693363 has been marked as a duplicate of this bug. ***
Comment 37 Rob 2012-09-17 15:41:14 PDT
Please note that Bug 693363 " Crash in mozilla::plugins::PluginModuleChild::Init @ pr_FindSymbolInLib " was reported much earlier and was recently marked a duplicate of this Bug.

There may be some info over there that can assist you (for the x86 Platform).

Thanks.

Note You need to log in before you can comment on or make changes to this bug.