Closed Bug 700583 Opened 8 years ago Closed 7 years ago

Crash in nsPluginFile::GetPluginInfo @ pr_FindSymbolInLib


(Core :: Plug-ins, defect, critical)

10 Branch
Not set



Tracking Status
firefox11 --- affected
firefox12 --- affected
firefox15 + fixed
firefox16 + fixed
firefox17 --- fixed
blocking-fennec1.0 --- -
fennec + ---


(Reporter: nhirata, Assigned: benjamin)



(Keywords: crash, topcrash, Whiteboard: [mobile-crash],[native-crash:P4], str-needed, startupcrash)

Crash Data


(1 file)

Crashing Thread
Frame 	Module 	Signature [Expand] 	Source
0 	pr_FindSymbolInLib 	nsprpub/pr/src/linking/prlink.c:1100
1 	PR_FindSymbol 	nsprpub/pr/src/linking/prlink.c:1242
2 	nsPluginFile::GetPluginInfo 	dom/plugins/base/nsPluginsDirUnix.cpp:360
3 	nsPluginHost::ScanPluginsDirectory 	dom/plugins/base/nsPluginHost.cpp:2091
4 	nsPluginHost::ScanPluginsDirectoryList 	dom/plugins/base/nsPluginHost.cpp:2241
5 	nsPluginHost::FindPlugins 	dom/plugins/base/nsPluginHost.cpp:2326
6 	nsPluginHost::LoadPlugins 	dom/plugins/base/nsPluginHost.cpp:2269
7 	nsPluginHost::GetPluginTags 	dom/plugins/base/nsPluginHost.cpp:1548
8 	NS_InvokeByIndex_P 	xpcom/reflect/xptcall/src/md/unix/xptcinvoke_arm.cpp:194
9 	XPCWrappedNative::CallMethod 	js/src/xpconnect/src/xpcwrappednative.cpp:3148
10 	XPC_WN_CallMethod 	js/src/xpconnect/src/xpcwrappednativejsops.cpp:1629
11 	js::Interpret 	js/src/jscntxtinlines.h:298
12 	js::RunScript 	js/src/jsinterp.cpp:585
13 	js::InvokeKernel 	js/src/jsinterp.cpp:648
14 	js_fun_apply 	js/src/jsinterp.h:148
15 	js::Interpret 	js/src/jscntxtinlines.h:298
16 	js::RunScript 	js/src/jsinterp.cpp:585
17 	js::InvokeKernel 	js/src/jsinterp.cpp:648
18 	array_extra 	js/src/jsinterp.h:148
19 	array_forEach 	js/src/jsarray.cpp:3371
20 	js::Interpret 	js/src/jscntxtinlines.h:298
21 	js::RunScript 	js/src/jsinterp.cpp:585
22 	js::Invoke 	js/src/jsinterp.cpp:648
23 	JS_CallFunctionValue 	js/src/jsapi.cpp:5126
24 	nsXPCWrappedJSClass::CallMethod 	js/src/xpconnect/src/xpcwrappedjsclass.cpp:1660
25 	nsXPCWrappedJS::CallMethod 	js/src/xpconnect/src/xpcwrappedjs.cpp:585
26 	PrepareAndDispatch 	xpcom/reflect/xptcall/src/md/unix/xptcstubs_arm.cpp:131
28 	mozilla::storage::::CompletionNotifier::Run 	storage/src/mozStorageAsyncStatementExecution.cpp:179

Need to confirm STR:
1) go to about:plugins
str-needed for Native; XUL crashes just by going to about:plugins.
Whiteboard: [mobile-crash] → [mobile-crash],[native-crash:P4], str-needed
Crash Signature: [@ pr_FindSymbolInLib ] → [@ pr_FindSymbolInLib ] [@ pr_FindSymbolInLib]
native and XUL do not crash with the given steps to repro on droid 2
issue occurs still on Pearl Touchlet X7G w/ 20120114042007


HTC Desire :
with buildid 20120112031044

Most of the crashes seem to be on the Pearl Touchlet.
Looks like most of the crashes will happen on startup.

Uptime Range 	Percentage 	Number Of Crashes
< 1 min 	88.7 %	134
1-5 min 	9.3 %	14

Product 	Version 	Percentage 	Number Of Crashes
FennecAndroid 	12.0a1 	25.8 %	39
FennecAndroid 	11.0a2 	25.2 %	38
(In reply to Naoki Hirata :nhirata from comment #3)
> < 1 min 	88.7 %	134
I add the startupcrash keyword.
Summary: Crash Report [@ pr_FindSymbolInLib ] → Crash in nsPluginFile::GetPluginInfo @ pr_FindSymbolInLib
Whiteboard: [mobile-crash],[native-crash:P4], str-needed → [mobile-crash],[native-crash:P4], str-needed, startupcrash
I checked the devices where it happens:
* WA CT704
* Sony Ericsson LT15i
* telechips MID8024
* telechips MID8127
* HTC Desire
* MBX MBX DVBT reference board (c03ref)
* telechips X7G
* samsung GT-I9100
* renesas Livall
There are no CPU or graphical controller correlations.

My guess is that it's caused by an old Flash version.
Crash Signature: [@ pr_FindSymbolInLib ] [@ pr_FindSymbolInLib] → [@ pr_FindSymbolInLib]
Samsung 'GT-I9100M'

URL at : 

Uptime 2

I wonder if we can put a trap in for detecting old versions of flash?
It's #49 top crasher in 14.0b2. I am removing the topcrash keyword.
Keywords: topcrash
It's #10 top crasher in 14.0.
blocking-fennec1.0: --- → ?
Keywords: topcrash
Let's get URLs for this bug to see if we can find STR.
Keywords: needURLs
From previous to this date:

Bugs listed with this crash signature:

27 	about:home
9 	about:blank
tracking-fennec: --- → +
blocking-fennec1.0: ? → -
This is rising on 14.0.1 now.
Bug 783263 has kinda-str for this. I'll dup it to this one. This has to do with a Flash upgrade, probably we timed out the plugin container after 5 minutes of no-use and then try to restart it but the Flash DLL is no longer present.
Duplicate of this bug: 783263
ok, I didn't realize that this was filed against mobile: I think that it's the same basic issue though: the Flash player DLL is either missing (uninstalled while we're running? or cannot be loaded for some reason. We can certainly protected against that with null check which should cover both desktop and mobile. In the desktop case, this is because the Flash DLL name changes on upgrade and we weren't locking it, but the root problem might be fundamentally different on mobile.
Assignee: nobody → benjamin
Attachment #652826 - Flags: review?(joshmoz)
As this seems to be connected to Flash and is in the top 10 crashes on mobile, CCing snorp, so he knows about it. Would be nice to get that patch in possibly for 15, if it really helps with those mobile crashes.
This is #5 in FennecAndroid 14.0.1 now, and #6 on FennecAndroid 15.0b5, in the latter case with only a Flash signatures in front of it besides four that are fixed for 15.0b6, so this might very well turn out to be #2 for 15.
I'd like to know the risk assessment for this fix if it was nominated for beta approval.  It will indeed rise in Fennec topcrashers but to what extent?  Could we live with this for 6 weeks or keep it as a possible ride-along in case there's a 15 chemspill?
Attachment #652826 - Flags: review?(joshmoz) → review+
Closed: 7 years ago
Resolution: --- → FIXED
Comment on attachment 652826 [details] [diff] [review]
Null checking and error handling, rev. 1

[Approval Request Comment]
Bug caused by (feature/regressing bug #): inability to load the Flash plugin. On Windows desktop we have found that this can happen if Flash updates itself while the browser has been idle for a while. On mobile we're not sure why this is happening: perhaps Flash doesn't work on the device at all, or it is currently being updated, or it is currently being uninstalled or was uninstalled in the past.
User impact if declined: Continued crashes, most notably on mobile 
Testing completed (on m-c, etc.): just landed on m-c
Risk to taking this patch (and alternatives if risky): This patch is a straightforward null-check with error propagation. It feels very non-risky to me, but this is of course plugin code so it's difficult to test in the wild.
String or UUID changes made by this patch: None
Attachment #652826 - Flags: approval-mozilla-beta?
Attachment #652826 - Flags: approval-mozilla-aurora?
Target Milestone: --- → mozilla17
Comment on attachment 652826 [details] [diff] [review]
Null checking and error handling, rev. 1

While this bug will shoot up to being a higher crash in Fennec (due to other topcrashers being fixed for b6) we're too close to final beta to get the proper crash data back on this between now and gtb for RC on Friday 8/24.  Approving for Aurora, we can watch how this helps there when it moved to Beta on 8/27.
Attachment #652826 - Flags: approval-mozilla-beta?
Attachment #652826 - Flags: approval-mozilla-beta-
Attachment #652826 - Flags: approval-mozilla-aurora?
Attachment #652826 - Flags: approval-mozilla-aurora+
(In reply to Lukas Blakk [:lsblakk] from comment #24)
> While this bug will shoot up to being a higher crash in Fennec (due to other
> topcrashers being fixed for b6)
It's indeed #1 top crasher in 15.0b6.
Scoobidiver, with such a low amount of people running that (and a low amount of crashes in the list), we should be careful with statements like that, with more usage the ranking can easily change. Still, you are right for early 15.0b6 data, we'll see after the weekend if 15.0b7 looks the same, but we should expect it to.
This crash exists in 14.0.1 as well, and the relative volume seems to be similar, so this is all expected and we are OK with that (as long as the volume doesn't explode).

We might have fixed this crash for 16 (note that so far there's no real confirmation that the patch even helps for mobile), and we'll need to verify there and on Nightly.
(In reply to Robert Kaiser ( from comment #27)
> Scoobidiver, with such a low amount of people running that (and a low amount
> of crashes in the list), we should be careful with statements like that,
> with more usage the ranking can easily change.
For top crashers, the rank is usually stable although it's early in the cycle.
It also confirms that the fix of bug 776334 has made other top crashers shift in ranking.
Finally, I am fine with the decision of not fixing it for 15.0, but if no regression is found in 16.0 Beta or Aurora 17.0, building a 15.0.1 should be considered.
I am 99.44% certain that this patch fixes the crash on mobile. I don't know what will happen next: Flash just won't work, or no visible issue at all.
(In reply to Scoobidiver from comment #28)
> [...], building a 15.0.1 should be
> considered.

We will not do a 15.0.1 just for this issue. If a 15.0.1 comes along for *other* reasons (security or bad regressions) and we have confirmation that this patch works on 16, then this patch might be a ride-along for that.
This is not a regression, at least it doesn't look like one right now, so no concern at all that could trigger a 15.0.1 by itself and no reason to push hard for making 15.0 itself. Actually, if something would come up right now that would be grave enough that we'd know we'd need to do a 15.0.1 for it, we'd probably instead see to get it into 15.0 itself, as only large regressions and critical security issues (0days) would trigger such a chemspill and we'd not want to ship a final knowing about such issues.

All that said, thanks to bsmedberg for comment 29, makes me feel more confident that we have the crash itself fixed for 16 - though we'll only feel really good when we see data confirming that.
Now that bug 783754 is fixed in 15.0b7, a Flash crash takes the lead and this one is only #2.
(In reply to Scoobidiver from comment #31)
> Now that bug 783754 is fixed in 15.0b7, a Flash crash takes the lead and
> this one is only #2.

Given the prevalence of this crash on 14.* and 15.0b*, I'm really surprised that it's not showing up in the reviews more often. I don't have a good feel for why that might be - perhaps it's really intermittent but affecting a large population?
Comment on attachment 652826 [details] [diff] [review]
Null checking and error handling, rev. 1

[Triage Comment]
We're doing a 15.0.1 and taking this as a ride-along
Attachment #652826 - Flags: approval-mozilla-release+
Attachment #652826 - Flags: approval-mozilla-beta-
Attachment #652826 - Flags: approval-mozilla-beta+
pushed to mozilla-release

Required re-application due to a context difference, and the patch on the bug here has an error ("nresult" instead of "nsresult").
Adjusting status flags (note, i reverted the approval for beta but this is already landed on 16 so we're all good here).
Duplicate of this bug: 693363
Please note that Bug 693363 " Crash in mozilla::plugins::PluginModuleChild::Init @ pr_FindSymbolInLib " was reported much earlier and was recently marked a duplicate of this Bug.

There may be some info over there that can assist you (for the x86 Platform).

You need to log in before you can comment on or make changes to this bug.