Crash on Sync, on Android Q
Categories
(Firefox for Android Graveyard :: Android Sync, defect)
Tracking
(firefox-esr60 wontfix, firefox-esr6869+ fixed, firefox68 wontfix, firefox69 fixed, firefox70 fixed)
People
(Reporter: st3fan, Assigned: petru)
References
Details
(Whiteboard: [fennec68.1])
Attachments
(1 file)
|
47 bytes,
text/x-phabricator-request
|
RyanVM
:
approval-mozilla-beta+
RyanVM
:
approval-mozilla-esr68+
|
Details | Review |
We received the following report from Google:
Steps to reproduce the issue:
- Download and install the app.
- Open Firefox
- Sign in to existing Firefox account & verify log-in from email
- Open Menu > Settings > Firefox Profile
- Tap "Sync Now"
- Observe
Observed Results:
- Application crashes on launch.
Expected Results:
- Button flashes to say syncing for a split second, then back to saying "Sync Now / Last sync: never".
Possible root cause :
- Firefox isn't intersecting their desired set of cipher suites with the result of SSLSocket.getSupportedCipherSuites(), you're trying to enable a cipher suite that is not supported in Q. We had earlier reached out to you regarding this issue and you might have fixed that bug in the launch page. However it seems you haven't applied the fix in the account syncing code.
|
||
Comment 1•5 years ago
|
||
(In reply to Stefan Arentz [:st3fan] from comment #0)
We received the following report from Google:
Steps to reproduce the issue:
- Download and install the app.
- Open Firefox
- Sign in to existing Firefox account & verify log-in from email
- Open Menu > Settings > Firefox Profile
- Tap "Sync Now"
- Observe
Observed Results:
- Application crashes on launch.
Expected Results:
- Button flashes to say syncing for a split second, then back to saying "Sync Now / Last sync: never".
Possible root cause :
- Firefox isn't intersecting their desired set of cipher suites with the result of SSLSocket.getSupportedCipherSuites(), you're trying to enable a cipher suite that is not supported in Q. We had earlier reached out to you regarding this issue and you might have fixed that bug in the launch page. However it seems you haven't applied the fix in the account syncing code.
Way way way back in the day, enumerating the supported cipher suites was so slow that we felt we could not do it, and instead we hard-coded a list. That choice is not working well as the set of cipher suites evolves. We should do as Google suggest and intersect the set we accept with the set the OS provides. We'll want to bump up the logging around this, and perhaps throw a very rich exception, so that we have some hope of debugging this in even less standard configurations.
Petru, I see you handled Bug 1537701, which is in this area. Can you work up a patch to intersect these sets, or delegate to somebody else who can? Thanks!
|
Assignee | |
Comment 2•5 years ago
|
||
Sure, I'll look into it.
|
|
Assignee | |
Comment 3•5 years ago
|
||
SSLContext.getDefault().getSocketFactory().getSupportedCipherSuites() on a real Pixel 3 with Android Q returns a list which contains all the ones we've enabled and indeed also many others.
I also tried on other emulators with different system images and I couldn't reproduce.
I don't think the issue is with the ciphers we use.
@Stefan, can we get more info about
- the device & Firefox version on which this issue was observed
- and also a logcat for the error?
|
|
Assignee | |
Comment 4•5 years ago
|
||
This would ensure we will not use ciphers not supported by the platform.
|
|
Assignee | |
Comment 5•5 years ago
|
||
Intersecting our desired TLS ciphers with the ones the platform supports is a nice optimization but I'm still not sure that this was the issue which has caused the crash described in the report.
There is already some logging in the application and I don't think we really need more given that if there is a crash we will probably have a very nice stack trace to follow through to the root cause.
|
|
Assignee | |
Updated•5 years ago
|
Pushed by opoprus@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/4b92429efe56
Intersect platform TLS ciphers with our desired ones; r=nalexander
|
||
Comment 7•5 years ago
|
||
| bugherder | ||
|
||
Comment 8•5 years ago
|
||
Petru, do we need to uplift your cipher crash fix to Fennec ESR 68?
|
|
Assignee | |
Comment 9•5 years ago
|
||
Comment on attachment 9081198 [details]
Bug 1568810 - Intersect platform TLS ciphers with our desired ones; r?nalexander
ESR Uplift Approval Request
- If this is not a sec:{high,crit} bug, please state case for ESR consideration: Speculative crash fix.
- User impact if declined: The app may crash upon reopening after enabling Sync
- Fix Landed on Version: 70
- Risk to taking this patch: Low
- Why is the change risky/not risky? (and alternatives if risky): Small, targeted code change
- String or UUID changes made by this patch:
|
||
Updated•5 years ago
|
|
|
||
Comment 10•5 years ago
|
||
Comment on attachment 9081198 [details]
Bug 1568810 - Intersect platform TLS ciphers with our desired ones; r?nalexander
Potential crash fix for Fennec running on Android Q. Approved for Fennec 68.1b5 and landing now for the 2-Aug nightly builds.
|
|
||
Comment 11•5 years ago
|
||
| bugherder uplift | ||
|
|
||
Comment 12•5 years ago
|
||
| bugherder uplift | ||
|
|
||
Updated•5 years ago
|
|
||
Updated•5 years ago
|
|
||
Updated•5 years ago
|
|
||
Comment 13•5 years ago
|
||
Tried to reproduce the issue before the fix but I couldn't. As such I am not able to confirm the patch indeed resolved it or not. Will leave the ticket status as FIXED but will not mark it as VERIFIED"
|
||
Comment 14•5 years ago
•
|
||
Hi, I wasn't able to reproduce this issue on Firefox 68.1b7 using a Google Pixel XL.
|
||
Updated•3 years ago
|
Description
•