Closed Bug 1361598 Opened 2 years ago Closed 2 years ago

Crash in mozilla::safebrowsing::HashStore::ApplyUpdate

Categories

(Toolkit :: Safe Browsing, defect, P3, critical)

Unspecified
macOS
defect

Tracking

()

RESOLVED WORKSFORME
Tracking Status
firefox-esr52 --- affected
firefox54 --- affected
firefox55 --- fixed

People

(Reporter: ting, Unassigned)

References

Details

(Keywords: crash, Whiteboard: #sbv4-m8)

Crash Data

This bug was filed from the Socorro interface and is 
report bp-211b8a5e-6924-4cae-b30c-4adda0170501.
=============================================================
Top #4 of Nightly 20170430030208 on Mac, 2 reports from 1 installation. But there are 189 reports in the past week.
Just took a glance and it seems the crashes have occurred for a long time  (> 150 crashes per week) in various versions of Firefox (including esr)
The point is the crashes are 100% on Mac OS, I have no idea which differences on Mac OS could have effect to mozilla::safebrowsing::HashStore::ApplyUpdate (mostly work with nsTArray to merge things)
Priority: -- → P2
Whiteboard: #sbv4-m8
Maybe it be helpful if someone takes a look at raw dump because I could not access to. Some better glues may come, any chance that I could take a look at raw dump of this?
Flags: needinfo?(janus926)
(In reply to Thomas Nguyen[:tnguyen] ni plz from comment #4)
> Maybe it be helpful if someone takes a look at raw dump because I could not
> access to. Some better glues may come, any chance that I could take a look
> at raw dump of this?

Isn't this a raw dump?

https://crash-stats.mozilla.com/report/index/6c5e25a7-799f-4ec8-b8bd-c91040170503#tab-rawdump
You can ask for the permission for downloading minidumps, e.g., bug 1255309.
Flags: needinfo?(janus926)
I am guessing there is a misuse of TableUpdates cuz I have seen a lot
of crashes which look like UAF or double delete :(
Priority: P2 → P5
(In reply to Thomas Nguyen[:tnguyen] ni plz from comment #8)
> I don't see it happens in FF55 for at least 1 month
> https://crash-stats.mozilla.com/signature/
> ?product=Firefox&signature=mozilla%3A%3Asafebrowsing%3A%3AHashStore%3A%3AAppl
> yUpdate&date=%3E%3D2017-05-16T09%3A38%3A27.000Z&date=%3C2017-06-
> 16T09%3A38%3A27.
> 000Z&_columns=date&_columns=product&_columns=version&_columns=build_id&_colum
> ns=platform&_columns=reason&_columns=address&_columns=install_time&_sort=-
> version&_sort=-date&page=1

It happened 18 times yesterday (all on Mac) including on 54. Maybe we should keep an eye on this one in case it wasn't in 55.
Priority: P5 → P3
Out of 137 crashes, it has only ever crashed once on 55 (in 55.0b4) so let's assumed it's fixed in 55.
Status: NEW → RESOLVED
Closed: 2 years ago
Resolution: --- → FIXED
Unless we know what fixed the problem, WFM is the correct bug resolution. That said, there is one instance of this crash signature on Fx55 showing up in the last week. For whatever that's worth.
Resolution: FIXED → WORKSFORME
Blocks: 1434206
This is not fixed. We hit this crash last night in automation. See bug 1434206.
Status: RESOLVED → REOPENED
Resolution: WORKSFORME → ---
You need to log in before you can comment on or make changes to this bug.