Closed
Bug 1477713
Opened 6 years ago
Closed 5 years ago
Crash in long sandbox::TargetNtCreateFile
Categories
(Core :: Security, defect)
Tracking
()
RESOLVED
WORKSFORME
People
(Reporter: marcia, Unassigned)
Details
(Keywords: crash)
Crash Data
This bug was filed from the Socorro interface and is report bp-42632dc7-3bf4-4e81-8094-9e1d10180712. ============================================================= Seen while looking at nightly crash stats - crashes started using 20180711100118: https://bit.ly/2LI6BMf. Appears to affect 63 only - Win 10 and Win 7. Not sure if this is really in the right component, but filing since it seems to be new in 63. https://hg.mozilla.org/mozilla-central/pushloghtml?fromchange=a675c5d7eb76887a3e4b24548d621c9cc05a1545&tochange=3aca103e49150145dbff910be15e7886b7c4495a is the changelog based on the Build ID. Top 10 frames of crashing thread: 0 @0x20d1bf0b834 1 plugin-container.exe long sandbox::TargetNtCreateFile security/sandbox/chromium/sandbox/win/src/filesystem_interception.cc:34 2 plugin-container.exe TargetNtCreateFile64 security/sandbox/chromium/sandbox/win/src/interceptors_64.cc:81 3 kernelbase.dll CreateFileInternal 4 kernelbase.dll CreateFileW 5 npswf64_30_0_0_134.dll npswf64_30_0_0_134.dll@0x56fa72 6 npswf64_30_0_0_134.dll npswf64_30_0_0_134.dll@0x32bee5 7 npswf64_30_0_0_134.dll npswf64_30_0_0_134.dll@0x18a9bdf 8 npswf64_30_0_0_134.dll npswf64_30_0_0_134.dll@0x570e0b 9 npswf64_30_0_0_134.dll npswf64_30_0_0_134.dll@0x18a9bdf =============================================================
Comment 1•6 years ago
|
||
NI jimm in case this looks familiar, given the large pushlog and reported recent sandboxing change.
Flags: needinfo?(jmathies)
Comment 2•6 years ago
|
||
Doesn't look serious, may be 3rd party related. Bob any ideas?
Flags: needinfo?(jmathies) → needinfo?(bobowencode)
Comment 3•6 years ago
|
||
(In reply to Jim Mathies [:jimm] from comment #2) > Doesn't look serious, may be 3rd party related. Bob any ideas? The dumps I looked at are fairly strange, possibly a double hooking of NtCreateFile, but not really sure. Some of the stacks seem to have system modules for which we don't have symbols and also all the ones I checked had Flash in them. David - could the mid-July appearance of this on Nightly correlate with any recent Flash changes?
Flags: needinfo?(bobowencode) → needinfo?(davidp99)
Comment 4•6 years ago
|
||
I don't know of anything that could have caused this to spike in July but I think the history of crashes is longer than that. This search is, I think, a more honest accounting: https://crash-stats.mozilla.com/search/?signature=~TargetNtCreateFile&process_type=plugin&date=%3E%3D2018-02-22T08%3A08%3A47.000Z&date=%3C2018-08-22T09%3A08%3A47.000Z&_sort=-date&_facets=signature&_columns=date&_columns=signature&_columns=product&_columns=version&_columns=build_id&_columns=platform#facet-signature Thats a search on TargetNtCreateFile in plugin process for the last 6 months. It looks like this crash (hang, probably) has been intermittent for quite a while -- I'm seeing 700+ crashes in that 6 months. The top of the crash stacks look similar. I'm going to look at a couple more things but I'm already pretty much out of ideas on this one. Double hooking the method is still a potential cause but I think this could be anything going on with the OS and the file system.
Flags: needinfo?(davidp99)
Reporter | ||
Updated•6 years ago
|
Crash Signature: [@ long sandbox::TargetNtCreateFile] → [@ long sandbox::TargetNtCreateFile]
[@ hang | long sandbox::TargetNtCreateFile]
Updated•6 years ago
|
Crash Signature: [@ long sandbox::TargetNtCreateFile]
[@ hang | long sandbox::TargetNtCreateFile] → [@ long sandbox::TargetNtCreateFile]
[@ hang | long sandbox::TargetNtCreateFile]
[@ TargetNtCreateFile]
Updated•6 years ago
|
Comment 5•6 years ago
|
||
No crash since we shipped 63, only ESR had a couple crashes over the last month.
Reporter | ||
Comment 6•5 years ago
|
||
No recent crashes, closing this one out as WFM.
Status: NEW → RESOLVED
Closed: 5 years ago
Resolution: --- → WORKSFORME
Updated•5 years ago
|
You need to log in
before you can comment on or make changes to this bug.
Description
•