Closed
Bug 694926
Opened 13 years ago
Closed 9 years ago
Firefox takes 100% cpu during SSL certificate check
Categories
(Core :: Security: PSM, defect)
Tracking
()
RESOLVED
INCOMPLETE
People
(Reporter: olivier+mozilla, Unassigned)
References
Details
(Keywords: perf)
Attachments
(1 file)
|
12.81 KB,
text/plain
|
Details |
User Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/535.1 (KHTML, like Gecko) Ubuntu/11.04 Chromium/14.0.835.202 Chrome/14.0.835.202 Safari/535.1 Steps to reproduce: I use Firefox 8 with some certificates. I tested this bug with Firefox 8 build from the mozilla-team beta ubuntu PPA. To help debugging, I added the debug package, and I'll provide backtrace in comments. I also encountered the same problem with the vanilla build for Linux, on Mageia Linux. This problem also appears in safe mode. Actual results: After some time, Firefox takes 100% cpu on one core, and freezes. On linux, the firefox windows become grey. Expected results: Firefox doesn't freeze.
|
Reporter | |
Comment 1•13 years ago
|
||
(gdb) bt
#0 0x00007fffd8c95e0c in builtins_match (fwSession=<value optimized out>, pTemplate=0x7fffffff92d0, ulAttributeCount=3, pError=0x7fffffff9158) at bfind.c:188
#1 nss_builtins_FindObjectsInit (fwSession=<value optimized out>, pTemplate=0x7fffffff92d0, ulAttributeCount=3, pError=0x7fffffff9158) at bfind.c:259
#2 0x00007fffd8c96ef2 in nssCKFWSession_FindObjectsInit (fwSession=0x7fffcd089030, pTemplate=0x7fffffff92d0, ulAttributeCount=3, pError=0x7fffffff9158) at session.c:1681
#3 0x00007fffd8c9ae45 in NSSCKFWC_FindObjectsInit (fwInstance=<value optimized out>, hSession=<value optimized out>, pTemplate=0x7fffffff92d0, ulCount=3) at wrap.c:2553
#4 0x00007ffff5b3746c in find_objects (tok=0x7fffcd08a030, sessionOpt=<value optimized out>, obj_template=0x7fffffff92d0, otsize=3, maximumOpt=0, statusOpt=0x7fffffff9368) at devtoken.c:332
#5 0x00007ffff5b37713 in find_objects_by_template (token=0x7fffcd08a030, sessionOpt=0x7fffcc82b230, obj_template=0x7fffffff92d0, otsize=3, maximumOpt=0, statusOpt=0x7fffffff9368)
at devtoken.c:468
#6 0x00007ffff5b37ab2 in nssToken_FindCertificatesBySubject (token=<value optimized out>, sessionOpt=<value optimized out>, subject=<value optimized out>, searchType=<value optimized out>,
maximumOpt=<value optimized out>, statusOpt=<value optimized out>) at devtoken.c:666
#7 0x00007ffff5b325a5 in nssTrustDomain_FindCertificatesBySubject (td=<value optimized out>, subject=0x7fffd7eea130, rvOpt=0x0, maximumOpt=0, arenaOpt=0x7fffba36e8e0) at trustdomain.c:642
#8 0x00007ffff5b30c67 in find_cert_issuer (c=0x7fffd7eea0c0, timeOpt=0x7fffba31d770, usage=<value optimized out>, policiesOpt=0x0, rvOpt=0x7fffffff9480, rvLimit=2, arenaOpt=0x0,
statusOpt=0x7fffffff94ac, td=<value optimized out>, cc=0x7fffcc839030) at certificate.c:441
#9 nssCertificate_BuildChain (c=0x7fffd7eea0c0, timeOpt=0x7fffba31d770, usage=<value optimized out>, policiesOpt=0x0, rvOpt=0x7fffffff9480, rvLimit=2, arenaOpt=0x0, statusOpt=0x7fffffff94ac,
td=<value optimized out>, cc=0x7fffcc839030) at certificate.c:516
#10 0x00007ffff5afa4e6 in CERT_FindCertIssuer (cert=0x7fffd7eec020, validTime=<value optimized out>, usage=<value optimized out>) at certvfy.c:186
#11 0x00007ffff43994d5 in nsNSSCertificate::GetIssuer (this=0x7fffc5764a60, aIssuer=0x7fffffff97c0)
at /build/buildd/firefox-8.0~b3+build1/build-tree/mozilla/security/manager/ssl/src/nsNSSCertificate.cpp:850
#12 0x00007ffff460deb1 in NS_InvokeByIndex_P (that=<value optimized out>, methodIndex=<value optimized out>, paramCount=1, params=<value optimized out>)
at /build/buildd/firefox-8.0~b3+build1/build-tree/mozilla/xpcom/reflect/xptcall/src/md/unix/xptcinvoke_x86_64_unix.cpp:195
#13 0x00007ffff427c512 in Invoke (ccx=<value optimized out>, mode=<value optimized out>) at /build/buildd/firefox-8.0~b3+build1/build-tree/mozilla/js/src/xpconnect/src/xpcwrappednative.cpp:3119
#14 Call (ccx=<value optimized out>, mode=<value optimized out>) at /build/buildd/firefox-8.0~b3+build1/build-tree/mozilla/js/src/xpconnect/src/xpcwrappednative.cpp:2373
#15 XPCWrappedNative::CallMethod (ccx=<value optimized out>, mode=<value optimized out>) at /build/buildd/firefox-8.0~b3+build1/build-tree/mozilla/js/src/xpconnect/src/xpcwrappednative.cpp:2337
#16 0x00007ffff427fd67 in XPC_WN_GetterSetter (cx=0x7fffe45cf000, argc=0, vp=0x7fffe0b001e8)
at /build/buildd/firefox-8.0~b3+build1/build-tree/mozilla/js/src/xpconnect/src/xpcwrappednativejsops.cpp:1649
#17 0x00007ffff47fa23a in CallJSNative (cx=0x7fffe45cf000, argsRef=<value optimized out>, construct=<value optimized out>)
at /build/buildd/firefox-8.0~b3+build1/build-tree/mozilla/js/src/jscntxtinlines.h:281
#18 js::Invoke (cx=0x7fffe45cf000, argsRef=<value optimized out>, construct=<value optimized out>) at /build/buildd/firefox-8.0~b3+build1/build-tree/mozilla/js/src/jsinterp.cpp:657
#19 0x00007ffff47fa859 in Invoke (cx=0x7fffe45cf000, thisv=..., fval=..., argc=0, argv=0x0, rval=0x7fffffffa270) at /build/buildd/firefox-8.0~b3+build1/build-tree/mozilla/js/src/jsinterp.h:169
#20 js::ExternalInvoke (cx=0x7fffe45cf000, thisv=..., fval=..., argc=0, argv=0x0, rval=0x7fffffffa270) at /build/buildd/firefox-8.0~b3+build1/build-tree/mozilla/js/src/jsinterp.cpp:809
#21 0x00007ffff47fa8e0 in js::ExternalGetOrSet (cx=0x7fffe45cf000, obj=0x7fffc3ad2710, id=<value optimized out>, fval=..., mode=<value optimized out>, argc=0, argv=0x0, rval=0x7fffffffa270)
at /build/buildd/firefox-8.0~b3+build1/build-tree/mozilla/js/src/jsinterp.cpp:849
#22 0x00007ffff4817836 in get (cx=0x7fffe45cf000, obj=0x7fffc3ad2710, id=<value optimized out>, getHow=1, vp=0x7fffffffa270)
at /build/buildd/firefox-8.0~b3+build1/build-tree/mozilla/js/src/jsscopeinlines.h:270
#23 js_NativeGetInline (cx=0x7fffe45cf000, obj=0x7fffc3ad2710, id=<value optimized out>, getHow=1, vp=0x7fffffffa270)
at /build/buildd/firefox-8.0~b3+build1/build-tree/mozilla/js/src/jsobj.cpp:5170
#24 js_GetPropertyHelperInline (cx=0x7fffe45cf000, obj=0x7fffc3ad2710, id=<value optimized out>, getHow=1, vp=0x7fffffffa270)
at /build/buildd/firefox-8.0~b3+build1/build-tree/mozilla/js/src/jsobj.cpp:5346
#25 js_GetPropertyHelper (cx=0x7fffe45cf000, obj=0x7fffc3ad2710, id=<value optimized out>, getHow=1, vp=0x7fffffffa270)
at /build/buildd/firefox-8.0~b3+build1/build-tree/mozilla/js/src/jsobj.cpp:5355
#26 0x00007ffff4a0df75 in js::Interpret (cx=0x7fffe45cf000, entryFrame=0x7fffe0b00038, interpMode=js::JSINTERP_NORMAL)
at /build/buildd/firefox-8.0~b3+build1/build-tree/mozilla/js/src/jsinterp.cpp:3529
#27 0x00007ffff47fa159 in js::Invoke (cx=0x7fffe45cf000, argsRef=<value optimized out>, construct=<value optimized out>)
at /build/buildd/firefox-8.0~b3+build1/build-tree/mozilla/js/src/jsinterp.cpp:687
#28 0x00007ffff47fa859 in Invoke (cx=0x7fffe45cf000, thisv=..., fval=..., argc=1, argv=0x7fffffffa8c8, rval=0x7fffffffa6e8)
at /build/buildd/firefox-8.0~b3+build1/build-tree/mozilla/js/src/jsinterp.h:169
---Type <return> to continue, or q <return> to quit---
#29 js::ExternalInvoke (cx=0x7fffe45cf000, thisv=..., fval=..., argc=1, argv=0x7fffffffa8c8, rval=0x7fffffffa6e8) at /build/buildd/firefox-8.0~b3+build1/build-tree/mozilla/js/src/jsinterp.cpp:809
#30 0x00007ffff4784f21 in JS_CallFunctionValue (cx=0x7fffe45cf000, obj=<value optimized out>, fval=18445618173217467184, argc=<value optimized out>, argv=<value optimized out>,
rval=<value optimized out>) at /build/buildd/firefox-8.0~b3+build1/build-tree/mozilla/js/src/jsapi.cpp:5043
#31 0x00007ffff4276d70 in nsXPCWrappedJSClass::CallMethod (this=0x7fffdd2ed480, wrapper=<value optimized out>, methodIndex=<value optimized out>, info=0x7fffe4583d30, nativeParams=0x7fffffffa9d0)
at /build/buildd/firefox-8.0~b3+build1/build-tree/mozilla/js/src/xpconnect/src/xpcwrappedjsclass.cpp:1657
#32 0x00007ffff4272bed in nsXPCWrappedJS::CallMethod (this=0x7fffc82a2200, methodIndex=3, info=0x7fffe4583d30, params=<value optimized out>)
at /build/buildd/firefox-8.0~b3+build1/build-tree/mozilla/js/src/xpconnect/src/xpcwrappedjs.cpp:585
#33 0x00007ffff460ea69 in PrepareAndDispatch (self=0x7fffc6752fc0, methodIndex=<value optimized out>, args=<value optimized out>, gpregs=0x7fffffffaab0, fpregs=0x7fffffffaae0)
at /build/buildd/firefox-8.0~b3+build1/build-tree/mozilla/xpcom/reflect/xptcall/src/md/unix/xptcstubs_x86_64_linux.cpp:153
#34 0x00007ffff460df4f in SharedStub () from /usr/lib/firefox-8.0/libxul.so
#35 0x00007ffff3f42aff in nsEventListenerManager::HandleEventSubType (this=0x7fffc82a2400, aListenerStruct=0x7fffc82a2428, aListener=0x7fffc6759060, aDOMEvent=0x7fffc82a1f80,
aCurrentTarget=0x7fffc81364f0, aPhaseFlags=<value optimized out>, aPusher=0x7fffffffae70)
at /build/buildd/firefox-8.0~b3+build1/build-tree/mozilla/content/events/src/nsEventListenerManager.cpp:865
#36 0x00007ffff3f42cc6 in nsEventListenerManager::HandleEventInternal (this=0x7fffc82a2400, aPresContext=0x0, aEvent=0x7fffc44d1d80, aDOMEvent=0x7fffffffae50, aCurrentTarget=0x7fffc81364f0,
aFlags=6, aEventStatus=0x7fffffffae58, aPusher=0x7fffffffae70) at /build/buildd/firefox-8.0~b3+build1/build-tree/mozilla/content/events/src/nsEventListenerManager.cpp:919
#37 0x00007ffff3f5635b in nsEventTargetChainItem::HandleEvent (this=0x7fffdf304118, aVisitor=..., aFlags=6, aMayHaveNewListenerManagers=0, aPusher=0x7fffffffae70)
at /build/buildd/firefox-8.0~b3+build1/build-tree/mozilla/content/events/src/nsEventDispatcher.cpp:215
#38 0x00007ffff3f5649c in nsEventTargetChainItem::HandleEventTargetChain (this=0x7fffdf304118, aVisitor=..., aFlags=6, aCallback=0x0, aMayHaveNewListenerManagers=0, aPusher=0x7fffffffae70)
at /build/buildd/firefox-8.0~b3+build1/build-tree/mozilla/content/events/src/nsEventDispatcher.cpp:344
#39 0x00007ffff3f56b24 in nsEventDispatcher::Dispatch (aTarget=<value optimized out>, aPresContext=0x7fffffffae00, aEvent=0x7fffc44d1d80, aDOMEvent=0x7fffc82a1f80, aEventStatus=0x0,
aCallback=0x0, aTargets=0x0) at /build/buildd/firefox-8.0~b3+build1/build-tree/mozilla/content/events/src/nsEventDispatcher.cpp:672
#40 0x00007ffff3f56d8e in nsEventDispatcher::DispatchDOMEvent (aTarget=0x7fffc81364f0, aEvent=<value optimized out>, aDOMEvent=0x7fffc82a1f80, aPresContext=0x0, aEventStatus=0x0)
at /build/buildd/firefox-8.0~b3+build1/build-tree/mozilla/content/events/src/nsEventDispatcher.cpp:735
#41 0x00007ffff3f0dc70 in nsXMLHttpRequest::DispatchProgressEvent (this=0x7fffc81364f0, aTarget=0x7fffc81364f0, aType=<value optimized out>, aUseLSEventWrapper=0, aLengthComputable=1,
aLoaded=2267, aTotal=2267, aPosition=2267, aTotalSize=2267) at /build/buildd/firefox-8.0~b3+build1/build-tree/mozilla/content/base/src/nsXMLHttpRequest.cpp:1326
#42 0x00007ffff3f0dd57 in nsXMLHttpRequest::DispatchProgressEvent (this=<value optimized out>, aTarget=<value optimized out>, aType=<value optimized out>, aLengthComputable=<value optimized out>,
aLoaded=<value optimized out>, aTotal=<value optimized out>) at /build/buildd/firefox-8.0~b3+build1/build-tree/mozilla/content/base/src/nsXMLHttpRequest.h:188
#43 0x00007ffff3f0e16f in nsXMLHttpRequest::OnStopRequest (this=0x7fffc81364f0, request=<value optimized out>, ctxt=<value optimized out>, status=<value optimized out>)
at /build/buildd/firefox-8.0~b3+build1/build-tree/mozilla/content/base/src/nsXMLHttpRequest.cpp:1954
#44 0x00007ffff3c3ced8 in nsStreamListenerTee::OnStopRequest (this=0x7fffc58ded40, request=0x7fffd3dbc050, context=0x0, status=0)
at /build/buildd/firefox-8.0~b3+build1/build-tree/mozilla/netwerk/base/src/nsStreamListenerTee.cpp:71
#45 0x00007ffff3c92a1c in nsHttpChannel::OnStopRequest (this=0x7fffd3dbc000, request=<value optimized out>, ctxt=<value optimized out>, status=0)
at /build/buildd/firefox-8.0~b3+build1/build-tree/mozilla/netwerk/protocol/http/nsHttpChannel.cpp:4212
#46 0x00007ffff3c26615 in nsInputStreamPump::OnStateStop (this=0x7fffc82a5ba0) at /build/buildd/firefox-8.0~b3+build1/build-tree/mozilla/netwerk/base/src/nsInputStreamPump.cpp:578
#47 0x00007ffff3c2697d in nsInputStreamPump::OnInputStreamReady (this=0x7fffc82a5ba0, stream=<value optimized out>)
at /build/buildd/firefox-8.0~b3+build1/build-tree/mozilla/netwerk/base/src/nsInputStreamPump.cpp:403
#48 0x00007ffff45f0ed4 in nsInputStreamReadyEvent::Run (this=0x7fffd3c15250) at /build/buildd/firefox-8.0~b3+build1/build-tree/mozilla/xpcom/io/nsStreamUtils.cpp:114
#49 0x00007ffff46010c8 in nsThread::ProcessNextEvent (this=0x7fffea729f80, mayWait=0, result=0x7fffffffb41c)
at /build/buildd/firefox-8.0~b3+build1/build-tree/mozilla/xpcom/threads/nsThread.cpp:631
#50 0x00007ffff45d3ef5 in NS_ProcessNextEvent_P (thread=<value optimized out>, mayWait=<value optimized out>)
at /build/buildd/firefox-8.0~b3+build1/build-tree/mozilla/obj-x86_64-linux-gnu/xpcom/build/nsThreadUtils.cpp:245
#51 0x00007ffff452ccce in mozilla::ipc::MessagePump::Run (this=0x7fffea781480, aDelegate=0x7ffff6dfa180) at /build/buildd/firefox-8.0~b3+build1/build-tree/mozilla/ipc/glue/MessagePump.cpp:110
#52 0x00007ffff461e92f in RunHandler (this=0x7ffff6dfa180) at /build/buildd/firefox-8.0~b3+build1/build-tree/mozilla/ipc/chromium/src/base/message_loop.cc:205
#53 MessageLoop::Run (this=0x7ffff6dfa180) at /build/buildd/firefox-8.0~b3+build1/build-tree/mozilla/ipc/chromium/src/base/message_loop.cc:179
#54 0x00007ffff448ddd9 in nsBaseAppShell::Run (this=0x7fffea78bba0) at /build/buildd/firefox-8.0~b3+build1/build-tree/mozilla/widget/src/xpwidgets/nsBaseAppShell.cpp:189
---Type <return> to continue, or q <return> to quit---
#55 0x00007ffff435f9fa in nsAppStartup::Run (this=0x7fffe2335600) at /build/buildd/firefox-8.0~b3+build1/build-tree/mozilla/toolkit/components/startup/nsAppStartup.cpp:224
#56 0x00007ffff3c08dcd in XRE_main (argc=<value optimized out>, argv=<value optimized out>, aAppData=<value optimized out>)
at /build/buildd/firefox-8.0~b3+build1/build-tree/mozilla/toolkit/xre/nsAppRunner.cpp:3544
#57 0x00007ffff7ff61a8 in do_main (argc=<value optimized out>, argv=<value optimized out>) at /build/buildd/firefox-8.0~b3+build1/build-tree/mozilla/browser/app/nsBrowserApp.cpp:198
#58 main (argc=<value optimized out>, argv=<value optimized out>) at /build/buildd/firefox-8.0~b3+build1/build-tree/mozilla/browser/app/nsBrowserApp.cpp:281|
|
Reporter | |
Comment 2•13 years ago
|
||
I also have a workaround for this bug. I removed some certificates (that were not builtin) and the bug disappeared. I don't know exactly which certificates caused this bug, but I still have it on one of my machines. If you explain to me how I can backup my certificates, I can provide them to you.
|
||
Updated•13 years ago
|
Assignee: nobody → nobody
Component: General → Libraries
Product: Firefox → NSS
QA Contact: general → libraries
Version: 8 Branch → unspecified
|
||
Comment 3•13 years ago
|
||
Some JS code is calling PSM's nsNSSCertificate::GetIssuer, which calls NSS's CERT_FindCertIssuer. I'll bet that there's a certificate chain loop, and the JS code isn't detecting that case by maintaining a maximum chain length count. NSS's code that builds chains always counts, but this chain building is being done by JS code somewhere. The fact that it reportedly occurs in safe mode suggests that this is PSM code, not browser add-on code.
Assignee: nobody → nobody
Component: Libraries → Security: PSM
Product: NSS → Core
QA Contact: libraries → psm
|
|
Reporter | |
Comment 4•13 years ago
|
||
I removed 5 certificates to solve the issue: - COMODO Cert Authority - COMODO High-Assurance Secure Server CA - TBS X509 CA SGC - UTN Data Corp SGC - UTN-UserFirst-Hardware I don't know if you can find them to see which one is the problem....
|
|
Reporter | |
Comment 5•13 years ago
|
||
Reproduced with Firefox 8b3. Noted that the 5 certificates I removed have reappeared :( I don't know if it's related, but it was when I reactivated HTTPS Everywhere addon. My guess: HTTPS Everywhere has tried to access an https website that has the bad certificate in its https version.
|
|
Reporter | |
Comment 6•13 years ago
|
||
After some tests, the more likely is the "COMODO Cert Authority" certificate. I'm not sure, but it seems that this is one used by twimg.com.
|
|
Reporter | |
Comment 7•13 years ago
|
||
Still valid in Firefox 9
|
||
Updated•12 years ago
|
Depends on: pkix-default
|
|
||
Comment 8•12 years ago
|
||
A potential fix for this issue was pushed to mozilla-inbound today. It will be a day or so before Firefox Nightly has that fix.
Depends on: 764393
|
|
||
Updated•11 years ago
|
No longer depends on: pkix-default
|
||
Comment 9•9 years ago
|
||
(In reply to Brian Smith (:briansmith, :bsmith, use NEEDINFO?) from comment #8) > A potential fix for this issue was pushed to mozilla-inbound today. It will > be a day or so before Firefox Nightly has that fix. Olivier, do you still see this problem when using a current version?
|
|
Reporter | |
Comment 10•9 years ago
|
||
I don't have the certificates to test anymore, closing as WONTFIX, but I would have prefered OLD.
Status: UNCONFIRMED → RESOLVED
Closed: 9 years ago
Flags: needinfo?(olivier+mozilla)
Resolution: --- → WONTFIX
|
|
||
Comment 11•9 years ago
|
||
(In reply to Olivier FAURAX from comment #10) > I don't have the certificates to test anymore, closing as WONTFIX, but I > would have prefered OLD. Incomplete is sufficient in situations where the problem cannot be reproduced. For example due to no data or testcase.
Resolution: WONTFIX → INCOMPLETE
Whiteboard: [closeme 2015-02-15]
You need to log in
before you can comment on or make changes to this bug.
Description
•