Closed Bug 1658972 Opened 4 years ago Closed 4 years ago

Intermittent testing/firefox-ui/tests/functional/sessionstore/test_restore_windows_after_restart_and_quit.py TestSessionStoreDisabled.test_restore_with_restart | application crashed [@ mozilla::safebrowsing::TableUpdateV2::NewAddComplete

Categories

(Toolkit :: Safe Browsing, defect, P5)

Product:
Toolkit
Component:
Safe Browsing
Type:
defect

Tracking

()

Status:
RESOLVED INCOMPLETE

People

(Reporter: intermittent-bug-filer, Unassigned)

Details

(Keywords: crash, intermittent-failure)

Crash Data

Filed by: ncsoregi [at] mozilla.com
Parsed log: https://treeherder.mozilla.org/logviewer.html#?job_id=312950636&repo=autoland
Full log: https://firefox-ci-tc.services.mozilla.com/api/queue/v1/task/AGrw818rTSGf24eqd243ow/runs/0/artifacts/public/logs/live_backing.log

[task 2020-08-13T19:21:16.739Z] 19:21:16 INFO - PROCESS-CRASH | testing/firefox-ui/tests/functional/sessionstore/test_restore_windows_after_restart_and_quit.py TestSessionStoreDisabled.test_restore_with_restart | application crashed [@ mozilla::safebrowsing::TableUpdateV2::NewAddComplete(unsigned int, mozilla::safebrowsing::SafebrowsingHash<(unsigned int)32, mozilla::safebrowsing::CompletionComparator> const&)]
[task 2020-08-13T19:21:16.739Z] 19:21:16 INFO - Crash dump filename: /Users/cltbld/tasks/task_1597346105/build/tmpN1ZfYp.mozrunner/minidumps/7ADE3508-5C05-4DC4-AB64-F3B4BF32CDA5.dmp
[task 2020-08-13T19:21:16.739Z] 19:21:16 INFO - Operating system: Mac OS X
[task 2020-08-13T19:21:16.739Z] 19:21:16 INFO - 10.14.5 18F132
[task 2020-08-13T19:21:16.739Z] 19:21:16 INFO - CPU: amd64
[task 2020-08-13T19:21:16.739Z] 19:21:16 INFO - family 6 model 69 stepping 1
[task 2020-08-13T19:21:16.739Z] 19:21:16 INFO - 4 CPUs
[task 2020-08-13T19:21:16.739Z] 19:21:16 INFO -
[task 2020-08-13T19:21:16.739Z] 19:21:16 INFO - GPU: UNKNOWN
[task 2020-08-13T19:21:16.739Z] 19:21:16 INFO -
[task 2020-08-13T19:21:16.740Z] 19:21:16 INFO - Crash reason: EXC_BAD_ACCESS / KERN_INVALID_ADDRESS
[task 2020-08-13T19:21:16.740Z] 19:21:16 INFO - Crash address: 0xffffffff8744745c
[task 2020-08-13T19:21:16.740Z] 19:21:16 INFO - Process uptime: 4 seconds
[task 2020-08-13T19:21:16.740Z] 19:21:16 INFO -
[task 2020-08-13T19:21:16.740Z] 19:21:16 INFO - Thread 61 (crashed)
[task 2020-08-13T19:21:16.740Z] 19:21:16 INFO - 0 XUL!mozilla::safebrowsing::TableUpdateV2::NewAddComplete(unsigned int, mozilla::safebrowsing::SafebrowsingHash<(unsigned int)32, mozilla::safebrowsing::CompletionComparator> const&) [HashStore.cpp:f46205a42faecda0e5a73bdcde0a8e1caa0126d9 : 129 + 0x27]
[task 2020-08-13T19:21:16.740Z] 19:21:16 INFO - rax = 0x0000000132f02000 rdx = 0x0000000000000014
[task 2020-08-13T19:21:16.740Z] 19:21:16 INFO - rcx = 0x000000081515150d rbx = 0x000000012f574bf8
[task 2020-08-13T19:21:16.740Z] 19:21:16 INFO - rsi = 0x0000000132d01098 rdi = 0x000000010f800020
[task 2020-08-13T19:21:16.740Z] 19:21:16 INFO - rbp = 0x00007000033475c0 rsp = 0x00007000033475a0
[task 2020-08-13T19:21:16.740Z] 19:21:16 INFO - r8 = 0xfffffffffffff000 r9 = 0x00000000ffffffff
[task 2020-08-13T19:21:16.740Z] 19:21:16 INFO - r10 = 0x0000000132b01740 r11 = 0x0000000000000001
[task 2020-08-13T19:21:16.740Z] 19:21:16 INFO - r12 = 0x00007000033475d0 r13 = 0x000000011c4a9d10
[task 2020-08-13T19:21:16.740Z] 19:21:16 INFO - r14 = 0x000000005ed7d27e r15 = 0x00007000033475e0
[task 2020-08-13T19:21:16.740Z] 19:21:16 INFO - rip = 0x000000011a7196aa
[task 2020-08-13T19:21:16.740Z] 19:21:16 INFO - Found by: given as instruction pointer in context
[task 2020-08-13T19:21:16.740Z] 19:21:16 INFO - 1 XUL!mozilla::safebrowsing::ProtocolParserV2::ProcessDigestChunk(nsTSubstring<char> const&) [ProtocolParser.cpp:f46205a42faecda0e5a73bdcde0a8e1caa0126d9 : 468 + 0x8a]
[task 2020-08-13T19:21:16.740Z] 19:21:16 INFO - rbp = 0x0000700003347630 rsp = 0x00007000033475d0
[task 2020-08-13T19:21:16.740Z] 19:21:16 INFO - rip = 0x000000011a73675a
[task 2020-08-13T19:21:16.740Z] 19:21:16 INFO - Found by: previous frame's frame pointer
[task 2020-08-13T19:21:16.740Z] 19:21:16 INFO - 2 XUL!mozilla::safebrowsing::ProtocolParserV2::ProcessChunk(bool*) [ProtocolParser.cpp:f46205a42faecda0e5a73bdcde0a8e1caa0126d9 : 343 + 0x5]
[task 2020-08-13T19:21:16.740Z] 19:21:16 INFO - rbp = 0x00007000033476e0 rsp = 0x0000700003347640
[task 2020-08-13T19:21:16.740Z] 19:21:16 INFO - rip = 0x000000011a735d14
[task 2020-08-13T19:21:16.740Z] 19:21:16 INFO - Found by: previous frame's frame pointer
[task 2020-08-13T19:21:16.740Z] 19:21:16 INFO - 3 XUL!mozilla::safebrowsing::ProtocolParserV2::AppendStream(nsTSubstring<char> const&) [ProtocolParser.cpp:f46205a42faecda0e5a73bdcde0a8e1caa0126d9 : 143 + 0xb]
[task 2020-08-13T19:21:16.740Z] 19:21:16 INFO - rbp = 0x0000700003347710 rsp = 0x00007000033476f0
[task 2020-08-13T19:21:16.740Z] 19:21:16 INFO - rip = 0x000000011a73520b
[task 2020-08-13T19:21:16.741Z] 19:21:16 INFO - Found by: previous frame's frame pointer
[task 2020-08-13T19:21:16.741Z] 19:21:16 INFO - 4 XUL!UrlClassifierDBServiceWorkerProxy::UpdateStreamRunnable::Run() [nsUrlClassifierProxies.cpp:f46205a42faecda0e5a73bdcde0a8e1caa0126d9 : 93 + 0x34]
[task 2020-08-13T19:21:16.741Z] 19:21:16 INFO - rbp = 0x0000700003347730 rsp = 0x0000700003347720
[task 2020-08-13T19:21:16.741Z] 19:21:16 INFO - rip = 0x000000011a75a8f8
[task 2020-08-13T19:21:16.741Z] 19:21:16 INFO - Found by: previous frame's frame pointer
[task 2020-08-13T19:21:16.741Z] 19:21:16 INFO - 5 XUL!nsThread::ProcessNextEvent(bool, bool*) [nsThread.cpp:f46205a42faecda0e5a73bdcde0a8e1caa0126d9 : 1234 + 0x6]
[task 2020-08-13T19:21:16.741Z] 19:21:16 INFO - rbp = 0x0000700003347c50 rsp = 0x0000700003347740
[task 2020-08-13T19:21:16.741Z] 19:21:16 INFO - rip = 0x0000000116855353
[task 2020-08-13T19:21:16.741Z] 19:21:16 INFO - Found by: previous frame's frame pointer
[task 2020-08-13T19:21:16.741Z] 19:21:16 INFO - 6 XUL!NS_ProcessNextEvent(nsIThread*, bool) [nsThreadUtils.cpp:f46205a42faecda0e5a73bdcde0a8e1caa0126d9 : 513 + 0xd]
[task 2020-08-13T19:21:16.741Z] 19:21:16 INFO - rbp = 0x0000700003347c80 rsp = 0x0000700003347c60
[task 2020-08-13T19:21:16.741Z] 19:21:16 INFO - rip = 0x0000000116858929
[task 2020-08-13T19:21:16.741Z] 19:21:16 INFO - Found by: previous frame's frame pointer
[task 2020-08-13T19:21:16.741Z] 19:21:16 INFO - 7 XUL!mozilla::ipc::MessagePumpForNonMainThreads::Run(base::MessagePump::Delegate*) [MessagePump.cpp:f46205a42faecda0e5a73bdcde0a8e1caa0126d9 : 332 + 0xd]
[task 2020-08-13T19:21:16.741Z] 19:21:16 INFO - rbp = 0x0000700003347cd0 rsp = 0x0000700003347c90
[task 2020-08-13T19:21:16.741Z] 19:21:16 INFO - rip = 0x0000000116e72e74
[task 2020-08-13T19:21:16.741Z] 19:21:16 INFO - Found by: previous frame's frame pointer
[task 2020-08-13T19:21:16.741Z] 19:21:16 INFO - 8 XUL!MessageLoop::Run() [message_loop.cc:f46205a42faecda0e5a73bdcde0a8e1caa0126d9 : 309 + 0xc]
[task 2020-08-13T19:21:16.741Z] 19:21:16 INFO - rbp = 0x0000700003347d00 rsp = 0x0000700003347ce0
[task 2020-08-13T19:21:16.741Z] 19:21:16 INFO - rip = 0x0000000116e2adf6
[task 2020-08-13T19:21:16.741Z] 19:21:16 INFO - Found by: previous frame's frame pointer
[task 2020-08-13T19:21:16.741Z] 19:21:16 INFO - 9 XUL!nsThread::ThreadFunc(void*) [nsThread.cpp:f46205a42faecda0e5a73bdcde0a8e1caa0126d9 : 447 + 0x8]
[task 2020-08-13T19:21:16.741Z] 19:21:16 INFO - rbp = 0x0000700003347ec0 rsp = 0x0000700003347d10
[task 2020-08-13T19:21:16.741Z] 19:21:16 INFO - rip = 0x0000000116852795
[task 2020-08-13T19:21:16.742Z] 19:21:16 INFO - Found by: previous frame's frame pointer
[task 2020-08-13T19:21:16.742Z] 19:21:16 INFO - 10 libnss3.dylib!_pt_root [ptthread.c:f46205a42faecda0e5a73bdcde0a8e1caa0126d9 : 201 + 0x8]
[task 2020-08-13T19:21:16.742Z] 19:21:16 INFO - rbp = 0x0000700003347f10 rsp = 0x0000700003347ed0
[task 2020-08-13T19:21:16.742Z] 19:21:16 INFO - rip = 0x000000010fb6b895
[task 2020-08-13T19:21:16.742Z] 19:21:16 INFO - Found by: previous frame's frame pointer
[task 2020-08-13T19:21:16.742Z] 19:21:16 INFO - 11 libsystem_pthread.dylib!_pthread_body + 0x7e
[task 2020-08-13T19:21:16.742Z] 19:21:16 INFO - rbp = 0x0000700003347f30 rsp = 0x0000700003347f20
[task 2020-08-13T19:21:16.742Z] 19:21:16 INFO - rip = 0x00007fff7fe012eb
[task 2020-08-13T19:21:16.742Z] 19:21:16 INFO - Found by: previous frame's frame pointer
[task 2020-08-13T19:21:16.742Z] 19:21:16 INFO - 12 libsystem_pthread.dylib!_pthread_start + 0x42
[task 2020-08-13T19:21:16.742Z] 19:21:16 INFO - rbp = 0x0000700003347f50 rsp = 0x0000700003347f40
[task 2020-08-13T19:21:16.742Z] 19:21:16 INFO - rip = 0x00007fff7fe04249
[task 2020-08-13T19:21:16.742Z] 19:21:16 INFO - Found by: previous frame's frame pointer
[task 2020-08-13T19:21:16.742Z] 19:21:16 INFO - 13 libsystem_pthread.dylib!thread_start + 0xd
[task 2020-08-13T19:21:16.742Z] 19:21:16 INFO - rbp = 0x0000700003347f78 rsp = 0x0000700003347f60
[task 2020-08-13T19:21:16.742Z] 19:21:16 INFO - rip = 0x00007fff7fe0040d
[task 2020-08-13T19:21:16.742Z] 19:21:16 INFO - Found by: previous frame's frame pointer
[task 2020-08-13T19:21:16.742Z] 19:21:16 INFO - 14 libnss3.dylib + 0x16b730
[task 2020-08-13T19:21:16.742Z] 19:21:16 INFO - rsp = 0x0000700003348090 rip = 0x000000010fb6b730
[task 2020-08-13T19:21:16.742Z] 19:21:16 INFO - Found by: stack scanning
[task 2020-08-13T19:21:16.742Z] 19:21:16 INFO -

Maybe I'm wrong but given the crash address this looks to be security related. Dimi, can you please check?

Group: firefox-core-security
Component: Firefox UI Tests → Safe Browsing
Flags: needinfo?(dlee)
Product: Testing → Toolkit
QA Contact: hskupin

only 1 crash so far.
From the crash dump, it looks like we got invalid address after calling nsTArray::AppendElement, probably not a security bug.

Flags: needinfo?(dlee)
Priority: -- → P5
Group: firefox-core-security

https://wiki.mozilla.org/Bug_Triage#Intermittent_Test_Failure_Cleanup
For more information, please visit auto_nag documentation.

Status: NEW → RESOLVED
Closed: 4 years ago
Resolution: --- → INCOMPLETE
You need to log in before you can comment on or make changes to this bug.